First, the early network problem
1, if a plurality of nodes at the same time tries to send data, apt collision domain, such that the network transmission efficiency is greatly reduced.
2, the data will be transmitted by a node is sent to the respective nodes, broadcast domain formed easily, so that it will produce too much broadcast traffic and consume large amounts of bandwidth.
3, all the hosts share the same link, we can not guarantee the security of information.
Two, VLAN generation
VLAN technology can be a physical LAN is logically divided into a plurality of broadcast domain (VLAN plurality). VLAN technology deployed in the data link layer, Layer 2 traffic isolation. Hosts share a VLAN within the same broadcast domain, can directly exchange data therebetween; different hosts belong to different VLAN broadcast domains, it can not directly exchange data. Thereby increasing the security of the network.
Three, VLAN tag format
Four, VLAN link type
VLAN There are two types of links: Access link Trunk link with
Access link (Access Link): the terminal device and the connected switch link.
Trunk link (Trunk Link): the switch is connected to the switch links is a relay link.
Fifth, the port type
1, Access port
① when it receives a frame of time, if the frame is not Tag tag it with their own branded him PVID tag.
② it is issued in a frame if VID = PVID to remove the tag to ensure the frame transmitted to the terminal device is not change too.
③Access port Ethernet frame is not sent with a VLAN tag. Access ports is characteristic only meet the PVID (or VID) of traffic.
2, Trunk port
① exceptional circumstances, when it receives a frame no VID mark when it PVID to him with their own branded mark. After the query allows VLAN ID through the list of allowed through the receiver, otherwise discarded.
② when it receives a frame tagged VID when the query by allowing VLAN ID list and allows the receiver, or discarded.
③ When it sends a list of allowed and VLAN ID in the frame through equal in their PVID time, the frame will be removed Tag, sending packets.
④ When it sends an equal and not with its own PVID VLAN ID in the allowed list by the time frame, the frame will remain unchanged Tag, sending packets.
3, Hybrid port
Access ports are generally not transmitted Tag data frames, and Trunk are generally transmitted data frame with a Tag . And port Hybrid model collection of the attributes of both Access Port and Trunk port. Access link may be connected, may be connected to the trunk link.
① frame when it receives a no VID mark when it PVID to him with their own branded mark. After the query allows VLAN ID through the list of allowed through the receiver, otherwise discarded.
② when it receives a frame tagged VID when the query by allowing VLAN ID list and allows the receiver, or discarded.
③ forwarding whether a data frame carries the Tag can be configured to send the command, the original carrying Tag Tag unchanged; peeling will not carry Tag Tag.
Six, PVID
PVID is the vlan divided when each port has one and only one, the initial default for each port PVID is 1, indicating that it is a member of vlan1. In Access, if you give him the other division VLAN, then the PVID corresponding changes will occur; in the Trunk and Hybrid, you can modify the PVID.
Seven, VLAN division
VLAN division can be divided according to the following
Port-based division ①: VLAN is divided according to the different devices on the network port number. Each different port configurations PVID, to the port into different VLAN. If the host is connected to the shift, the need to be reconfigured.
② division based MAC: The MAC VLAN function performed on the host. This method requires advance configure MAC and VLAN ID mapping between network devices without Tag receives a data frame will be marked in accordance with the corresponding MAC VLAN tag. If the host is connected to shift, without the need for reconfiguration.
③ IP-based divided segments: the VLAN is divided according to different IP addresses.
④ division protocol based on: dividing the VLAN according to different protocols. You need to define the mapping between the protocol and VLAN ID in advance.
⑤ based partitioning strategy: Use different combinations of conditions divided VLAN. Only when all the conditions are matched, network equipment will be marked with VLAN tag for the data frame. Each strategy needs to be manually configured.
Eight, Voice-Vlan
1, Voice-Vlan produced and characteristics
① produce
Since the speech data needs to have a higher priority than the other service data transmission in order to reduce delay during data transmission may be generated, so as to ensure call quality.
② Features
High priority, Voice-Vlan ID (2-4094)
2, operating mode
① Manual mode
Manually port voice device Voice-Vlan, the voice stream with the Voice VLAN tag voice device connected to the port will be emitted can be transmitted through the port, and enjoy a higher transmission priority.
② Automatic mode
Enable Voice-Vlan interface according to the access port source MAC address field in the data stream to determine whether the data stream is a voice data stream. Source MAC address complies with the OUI system settings.
3, extension
OUI address of the first 24-bit MAC address is a globally unique identifier for the vendor by IEEE assigned OUI address from the device can determine which one of the vendor's products.