Vlan-virtual-lan-1.pdf

Full Transcript

VLAN (VIRTUAL LAN)
FRANKLIN MIRANDA JR.
IS A COMPUTER CONNECTED TO A PRINTER IS CALLED A NETWORK?
WHY?
THE PHYSICAL NETWORK DESIGN

 includes defining the network topology
for connecting physical switches and the
ESXi hosts, determining switch port
settings for VLANs, and designing
routing
WHAT IS PHYSICAL NETWORK IN NETWORKING?

 The physical network consists of the cables
(coaxial cable, twisted pair, fiber optic, and
telephone lines) that connect the different
hardware residing on the network, the adapter
used on computers connected to the network
(hosts), and any concentrators, repeaters,
routers, or bridges used in the network.
THE CORE LAYER

 also known as the network backbone, is the central part
of a network's architecture that's responsible for
transmitting data between different parts of the network
quickly and efficiently.
 It's usually made up of high-speed devices like routers
and switches. The core layer's main goal is to facilitate
fast communication between different parts of the
network without complex processing or decision-making.
THE DISTRIBUTION LAYER

 is a part of a hierarchical network model that acts as a
boundary between the access and core layers of a network.
It's responsible for routing and filtering data within the
network, and for providing policy-based connectivity. The
distribution layer also aggregates traffic from the access
layers and distributes it throughout the rest of the network.
THE ACCESS LAYER

 in a physical network design is responsible
for transmitting raw data bits across the
network and how hardware accesses the
transmission media. It's the lowest layer of
the TCP/IP model and combines Layer 1
(Physical) and Layer 2 (Data Link) of the OSI
model.
NETWORK FLOW DATA

 essentially records of device
communications, includes information like IP
addresses, ports, protocols, and timestamps.
 This data, typically collected by network
devices, is fundamental in understanding
digital interactions within an organization.
VLAN STANDS FOR VIRTUAL LOCAL AREA NETWORK

 which is a logical network created within a larger
physical network. VLANs allow users to segment a
network into smaller, virtual sub-networks, which
can be used to improve network performance and
isolate traffic.
VLANS

 are a fundamental component of network design
and can help optimize network segmentation and
security. They can also simplify the task of dividing
and grouping a network for IT network
administrators based on their security and
functional requirements. This can be done without
having to modify the existing IT network
infrastructure or plug and unplug physical LAN
cables.
VLANS

 can help control broadcast traffic, ease
administration, and tighten security. However,
communication between two different VLANs
is only possible through a router that has
been connected to both VLANs.
WHAT IS VLAN AND WHY IS IT USED?

 VLAN stands for Virtual LAN. A VLAN is a way of
logically separating a group of computers into a
separate network. This means they will only
communicate with each other and not with any
other devices connected to the same physical
network. It's like having a private wireless
network at home.
WHAT IS VLAN IN A ROUTER?

 A VLAN (Virtual Local Area Network) is a logical
network that is created within a larger physical
network. VLANs allow you to segment a network
into smaller, virtual sub-networks, which can be
used to isolate traffic and improve network
performance.
WHAT IS AN EXAMPLE OF VLAN?

VLANs break up broadcast domains, reducing the number of
other hosts from which any given device sees broadcasts. For
example, if all desktop voice over IP phones are on one VLAN
and all workstations are on another, phones won't see any
workstation-generated broadcast traffic and vice versa.
WHAT ARE THE THREE TYPES OF VLANS?

 Data VLAN - A data VLAN is used to separate
and prioritize data traffic within a network.
 Voice VLAN - A voice VLAN is designed to handle
voice over IP (VoIP) traffic, which includes voice
calls and other real-time communication
services.
 Static VLAN - Common type of VLAN, manually
assign switch ports
HOW TO CREATE A VLAN STEP BY STEP?

 Brainstorm VLAN Groupings.

 Prepare Unique VLAN IDs.

 Create a Logical Network Diagram or Map.

 Optional: Purchase Additional Equipment.

 Connect Network Devices to Appropriate Switch Ports.

 Configure Switch Ports.

 Set up VLAN Specifications via Network Switch Settings.

 Assign Switch Ports to VLANs.
CONFIGURATION

 VLAN configurations partition one network into
many virtual networks that can serve various
use cases and meet many requirements.
However, this also requires communication
among VLANs which in turn must travel
through a router.
802.1Q VLAN CONFIGURATION

 also known as Dot1q, is a networking
standard that supports virtual local area
networks (VLANs) on an IEEE 802.3 Ethernet
network. It defines a system of VLAN tagging
for Ethernet frames and the procedures for
bridges and switches to handle those
frames.
HERE ARE SOME STEPS FOR CONFIGURING 802.1Q VLAN ON A TP-LINK
SWITCH:

 Select L2 Features > VLAN > 802.1Q VLAN > VLAN
Config
 Create a VLAN by entering a VLAN ID and
description. The ID can be between 2 and 4094,
and the description can be up to 16 characters.
 Choose the untagged and tagged ports to add to
the VLAN based on the network topology. The
selected ports will forward untagged and tagged
packets in the target VLAN.
 Click Apply
STATIC VLANS

 A switch designates a group of ports as belonging
to the same broadcast domain, or VLAN...
 This means that any ports carrying traffic for a
specific subnet address are in the same VLAN.
When a device connects to a port, it automatically
assumes the VLAN of that port.
 Static VLANs are often used to reduce broadcast
traffic and increase security. They are also easy to
configure and monitor, and are more secure than
traditional switches.
DYNAMIC VLANS

 A switch temporarily creates VLAN membership on a port
to link to another port, either in the same VLAN on
another device or in a different VLAN.
 Dynamic VLANs can be used to segment users into
different VLANs based on the resources they can access.
 For example, network administrators can assign
different users to different VLANs based on the
password they provide when connecting to the SSID.
Dynamic VLANs can also be used to fragment a network
into tiered sections based on resource authorization.
STATIC VLAN VS.. DYNAMIC VLAN

 The main difference between static VLANs and
dynamic VLANs is that static VLANs are configured
manually by assigning ports to a VLAN, while dynamic
VLANs use a database that stores a VLAN / MAC
mapping to determine the VLAN to which a particular
host is connected.
SUBNETTING
A subnet is a logical subdivision of an IP network.

The process of dividing a network into two or more networks is
called subnetting
TABLE
TABLE 2