Ed.

00

GPLIM
VLAN Handbook
COPYRIGHT

This manual is proprietary to SAMSUNG Electronics Co., Ltd. and is protected by copyright.
No information contained herein may be copied, translated, transcribed or duplicated for any
commercial purposes or disclosed to third parties in any form without the prior written consent of
SAMSUNG Electronics Co., Ltd.

TRADEMARKS

Adobe is a trademark and Adobe Acrobat is a registered trademark of Adobe Systems Incorporated.
Install Shield is a registered trademark of Install Shield Software Corporation. Internet Explorer,
Microsoft, Windows, Windows 2000, and Windows NT are registered trademarks of Microsoft
Corporation. Netscape and Netscape Navigator are registered trademarks of Netscape
Communication Corporation in the United States and other countries.
All other company and product names may be trademarks of the respective companies with which
they are associated.

This manual should be read before the installation and operation, and the operator should
correctly install and operate the product by using this manual.

This manual may be changed for the system improvement, standardization and other technical reasons
without prior notice.

For further information on the updated manual or have a question for the content of manual, contact the
address or homepage below.

Address: Document Center 18th Floor IT Center. Dong-Suwon P.O. Box 105, 416, Maetan-3dong
Yeongtong-gu, Suwon-si, Gyeonggi-do, Korea 442-600

Homepage: http://www.samsungdocs.com

© 2007 SAMSUNG Electronics Co., Ltd. All rights reserved.

 GPLIM VLAN Handbook

INTRODUCTION

Purpose
This manual introduces the VLAN provided by the GPLIM and describes its
functions and how to configure and use it.

Document Content and Organization

This manual comprises two chapters and a list of abbreviations as follows

CHAPTER 1. VLAN Overview

Introduces the VLAN and its functions.

CHAPTER 2. Using the VLAN

Describes how the VLAN menus are structured and how to use them.

ABBREVIATION
Provides explanations on the abbreviations used throughout this manual.

© SAMSUNG Electronics Co., Ltd. I

Ошибка! Стиль не определен.

Conventions
The following types of paragraphs contain special information that must be
carefully read and thoroughly understood. Such information may or may not
be enclosed in a rectangular box, separating it from the main text,
but is always preceded by an icon and/or a bold title.

WARNING
Provides information or instructions that the reader should follow in
order to avoid personal injury or fatality.

CAUTION
Provides information or instructions that the reader should follow in
order to avoid a service failure or damage to the system.

CHECKPOINT
Provides the operator with checkpoints for stable system operation.

NOTE
Indicates additional information as a reference.

Console Screen Output

y The lined box with ‘Courier New’ font will be used to distinguish
between the main content and console output screen text.
y ‘Bold Courier New’ font will indicate the value entered by the
operator on the console screen.

II © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Reference
OfficeServ 7400 GPLIM (GPLIMT) User Manual
This manual introduces the OfficeServ 7400 GPLIM (GPLIMT) which is an
OfficeServ 7400 application and describes how to set up and use it.

Revision History

EDITION DATE OF ISSUE REMARKS

00 08. 2007. Original

© SAMSUNG Electronics Co., Ltd. III

Ошибка! Стиль не определен.

This page is intentionally left blank.

IV © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

TABLE OF CONTENTS

INTRODUCTION I

Purpose .......................................................................................................................... I
Document Content and Organization ............................................................................. I
Conventions................................................................................................................... II
Console Screen Output ................................................................................................. II
Reference ..................................................................................................................... III
Revision History............................................................................................................ III

CHAPTER 1. VLAN Overview 1

What is the VLAN? ............................................................................................................. 1

Type of VLAN ................................................................................................................ 2
VLAN Classification ....................................................................................................... 4
IVL (Independent VLAN) & SVL (Shared VLAN) ........................................................... 4
VLAN Functions ................................................................................................................. 5

CHAPTER 2. Using the VLAN 7

Structure of the VLAN Menu.............................................................................................. 7

VLAN Configuration ....................................................................................................... 8
VLAN Port VID............................................................................................................. 13
Classification ............................................................................................................... 15
Examples of VLAN ........................................................................................................... 17
Example #1-Configuring a Basic Static VLAN ............................................................. 17
Example #2-Configuring Your Network with VLANs .................................................... 19

© SAMSUNG Electronics Co., Ltd. V

TABLE OF CONTENTS

ABBREVIATION 21

A ~ I ............................................................................................................................. 21
L ~ V ............................................................................................................................ 22

VI © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

CHAPTER 1. VLAN Overview

This chapter introduces the VLAN and its functions.

What is the VLAN?

If a node broadcasts data, all nodes on the same LAN can receive them.
But, in this broadcasting method, some nodes have to receive the data even
when they do not need it. In this case, you can divide the LAN into more than
one logical LAN so that only the nodes on the same logical LAN can receive
the broadcasted data sent from a node on it. Such a logical LAN which is one
of the divided segments of the physical LAN is called a VLAN (Virtual LAN).
A VLAN is a network which is one of the segments of the actual physical
network which the user has divided logically according to his necessity.
A VLAN can have several ports. In a network which is configured with
VLANs, only the nodes on the same VLAN can send and receive packets
between them. A port on a VLAN can send/receive packets to/from another
port on a different VLAN only through routing equipment which makes the
communications between them possible.

The VLAN reduces Ethernet traffic and thus enhances transmission speed of
the network. Because traffic is divided and transmitted by VLAN, the use of
VLAN also enhances security. There are four types of VLAN you can
configure in OfficeServ (GPLIM/GPLIMT) depending on the method you use:
Port-Based VLAN, Tag-Based VLAN, MAC-Based VLAN, and Protocol-
Based VLAN.

© SAMSUNG Electronics Co., Ltd. 1

Ошибка! Стиль не определен.

Type of VLAN
Configuring a VLAN Using Ports
To configure a VLAN using ports, you should assign a VLAN number to each
switch port. For example, you can assign VLAN 1 to ports 1, 2, and 4 and
VLAN 2 to port 3.

Port Number VLAN

Port 1 1
Port 2 1
Port 3 2
Port 4 1

The VLAN can be configured easily because there are not that many switch
ports. It is also easy to understand its configuration. But the network
administrator must pay attention to movement of users. If a user is moved to a
different port from his assigned port, the network administrator has to
reconfigure the VLAN.

Port-Based VLAN
The GPLIM (T) supports the Port-Based VLAN. If Port-Based VLAN is
enabled, VLAN-tagging is not applied to packets. All packets are sent to the
output port by using the default port VID only, without modification, insertion
or removal of tags for all packets. This VLAN supports SVL mode only.

Tag-Based VLAN
The GPLIM (T) supports the Tag-Based VLAN. This VLAN supports
802.1q/p Tagged. 802.1p is processed through 2-level (low, high) queuing.
This VLAN also supports IVL and SVL modes. The FID field of the MAC
address table is used to determine whether the mode of a packet is IVL mode
or SVL mode. In SVL mode, the same FID is used for all VLANs. In IVL,
on the other hand, a different FID is used to identify each VLAN.
The VLAN table which contains the FID information is used to manage the
information such as member port and tag rules.

2 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Protocol-Based VLAN
To use this configuration, you have to use more than one protocol and assign a
different VLAN number to each protocol.

Protocol VLAN

IP 1
IPX 2

Most applications use a protocol that suits their use.

Therefore, if you configure protocol-based VLANs, it has the effect that the
VLANs are configured by application type. Furthermore, the user can use the
same VLAN regardless of where he is on the network. However, every packet
has to be analyzed to identify its protocol type and this is very ineffective.
The GPLIM (T) supports the Protocol-Based VLAN. In Protocol-Based
VLAN mode, you can configure VLANs and modify the existing
configuration using the VLAN Classification.

MAC-Based VLAN
Each VLAN is configured based on the MAC addresses of the workstations
that participate in it. The switch maintains the information for the MAC
addresses that belong to each VLAN. An MAC address is the unique number
of a network interface card of a workstation. Therefore, even when the
workstation is connected to a different port, it still remains a member of the
same VLAN.

MAC Address VLAN

00-60-76-45-34-F3 1
02-60-68-24-53-64 2
20-26-45-65-65-F5 2
05-60-23-75-13-F6 1

Every NIC (Network Interface Card) has a unique MAC address.

Therefore, even when a PC or Notebook PC is moved, the switch can maintain
the original VLAN configuration intact. However, there is the disadvantage
that the user must know the MAC address of his workstation. Also, if the NIC
of the workstation is replaced due to a failure, the VLAN configuration of the
switch must be renewed.

© SAMSUNG Electronics Co., Ltd. 3

Ошибка! Стиль не определен.

GPLIM (T) does not support MAC-Based VLAN in a hardware way.

A limited MAC-Based VLAN is implemented in a software way.
In MAC-Based VLAN mode, you can configure VLANs and modify the
existing configuration using the VLAN Classification.

VLAN Classification
In the GPLIM (T), the VLAN Classification denotes both Protocol-Based
VLAN and MAC-Based VLAN totally. You can select which type of the two
will be used by changing the VLAN mode.
The Protocol-Based VLAN can be used when the VLAN mode is set to
Tagged (IVL or SVL mode). The MAC-Based VLAN can be used when the
VLAN mode is set to MAC.

IVL (Independent VLAN) & SVL (Shared VLAN)

The OfficeServ 7400 GPLIM (T) supports both the IVL and SVL.

IVL
In the IVL, each VLAN maintains a forwarding MAC table. Hence, security is
strong and data cannot be forwarded directly between VLANs.
Though it has the advantage of strong security, memory usage increases
because MAC addresses are managed in each VLAN.

SVL
In the SVL, all VLANs use a forwarding MAC table. It is less sensitive to
security and because all ports use the same MAC table, data can be forwarded
between VLANs. Because only one MAC address table is managed,
it has a small memory usage but is not recommended for a large network.

4 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

VLAN Functions
Broadcast Control
As the switch separates the collision domain for the host connected to itself
and forwards traffic to specific ports, the VLAN provides a logical collision
domain that confines broadcast and multicast traffic in the bridging domain.

Security
Without a router in the VLAN, a user on it cannot communicate with other
users on another VLAN. This provides extreme security.

Performance
The VLAN is a set of nodes that shares the same resources.
For example, the engineers who test the multicast applications and their
servers can be assigned to a VLAN. By placing these engineers in a dedicated
LAN, a highly enhanced network performance can be gained. Because the
traffic by network-intensive applications is separated to a different VLAN,
other users except the engineers can also gain an enhanced network
performance on their VLAN.

Network Management
The software on the switch assigns users to a VLAN and, later, it can reassign
them to a different VLAN. Because the network management tool allows you
to reconfigure the LAN logically, you do not have to reconnect the cables to
change connections in the switching LAN environment.

© SAMSUNG Electronics Co., Ltd. 5

Ошибка! Стиль не определен.

This page is intentionally left blank.

6 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

CHAPTER 2. Using the VLAN

This chapter describes how the VLAN menu is structured and how to use it.

Structure of the VLAN Menu

The VLAN menu consists of three commands, as shown in the figure below:
Configuration, Port VID, and Classification. Each command is described
below in detail.

The Configuration command allows you to create and delete a VLAN and
register and unregister VLAN member ports. The Port VID command allows
you to set port VIDs for untagged packets. It is activated, that is, you need to
set them, only if the VLAN mode is Tagged VLAN. The Classification
command is also activated in a specific VLAN mode.

© SAMSUNG Electronics Co., Ltd. 7

Ошибка! Стиль не определен.

VLAN Configuration
The command allows you to set the VLAN mode, create and delete a VLAN,
and register and unregister VLAN member ports.

Selecting the VLAN Mode

GPLIM (T) supports four modes, as shown in the figure above.
The 802.1Q (IVL) mode is selected by default. You can select one of those
four modes depending on your network environment.

8 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Select a Tagged VLAN mode if tagged packets are sent and received on the
network. The Tagged VLAN mode includes SVL mode and IVL mode.
In SVL (Shared VLAN) mode, only one FID (Filtering Database ID) is used in
the MAC table for all VLANs. In IVL (Independent VLAN) mode, a different
FID (Filtering Database ID) is used in the MAC table for each VLAN.
IVL mode is effective in security and SVL mode reduces memory usage.
Usually, it is difficult to differentiate those two modes.
You can select SVL or IVL depending on your network environment.
The following figure shows an appropriate test example.

After the configuration is done, as shown in the figure above, if P1 port learns
A and an untagged packet is sent from S to A, the PVID 30 is used to find the
VLAN table. Then, the MAC table is searched for (FID = 5, MAC) found in
the VLAN Table 30. In SVL mode, because there is an entry whose FID is 5
and the MAC table is searched for the FID only, the matched entry exists in
the MAC table and packets can be transmitted from S to A. In IVL mode,
because the MAC table is searched for (FID = VID = 30, MAC), no matched
entry exists in the MAC table. Therefore, the packets become flooded.

Port-Based VLAN mode is used to divide VLANs by port regardless of tagged

packets.

© SAMSUNG Electronics Co., Ltd. 9

Ошибка! Стиль не определен.

MAC-Based VLAN mode is used to create VLANs using the MAC addresses
of the workstations and terminals. Every NIC (Network Interface Card) has a
unique MAC address. The same VLAN is maintained even if a terminal with
an NIC is moved to a different port. In the GPLIM, MAC-Based VLAN mode
is implemented in a software way. Because MAC-Based VLAN mode is not
supported in a hardware way, you should note that this mode is implemented
limitedly.

Creating a VLAN
After selecting the VLAN mode, you should create a VLAN.
The following figure shows an example of creating VLAN2 in Port-Based
VLAN mode.

You should create VLANs if you want to use the GPLIM switch as more than
one VLAN. Enter a name in the VLAN Name field. You can set a value of 2 to
4094 in the VLAN ID field. Enter 2 in the VLAN ID field and click Add.
Then, VLAN2 is created, as shown in the figure below.

10 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

The method to create VLANs is the same for all VLAN modes.

Registering a Port
After creating a VLAN, you should register a port as its member.
For example, if you want to assign two sets of ports, (1, 2, 3, 4, 5, 6, 13) and
(7, 8, 9, 10, 11, 12, 14) to two different VLANs, you should configure the
settings as shown in the figure above.

Now the switch is divided into two VLANs, VLAN2 and VLAN3. VLAN3
cannot receive the packets sent from VLAN2. Communication is possible
between the nodes in the same VLAN. For Port-Based VLAN, you only have
to configure the ports as shown in the figure above. For Port-Based VLAN,
it is designed so that each port must belong to a VLAN. To configure a Shared
VLAN, you should select Tagged Based VLAN mode.

© SAMSUNG Electronics Co., Ltd. 11

Ошибка! Стиль не определен.

In Tagged-Based VLAN mode (IVL, SVL), ports are configured differently

from the registration of ports in Port-Based VLAN mode. You can set each
port as tagged port or untagged port. If set to tagged port, when a packet is
sent to that port, a tag packet is added to that packet before sending. If set to
untagged, when a packet is sent to that port, the tag packet is removed from
that packet before sending. The following figure shows an example in which
ports (1, 2, 3, 4, 11, 12, 14) are set as tagged ports and ports (7, 8, 9, 5, 6, 13)
are set as untagged.

If a tagged packet is sent to port 6 through port 1, you can find that the tag
packet is removed from that packet when it comes out of port 6.
A Tagged-Based VLAN can be configured as a Shared VLAN.
That is, VLAN2 may include the corresponding ports or VLAN3 may include
the corresponding ports.

12 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

In MAC-Based VLAN mode, you cannot configure VLAN members directly.

The VLAN Members item is deactivated, as shown in the figure below.
To configure the members in this mode, you should use the Classification
command. It is described in detail in the ‘Classification’ section.

VLAN Port VID

The Port VID command window is divided into two parts: the part where you
can set port VID for untagged packets and the part where you can configure
the Forward Only this VID and Drop Untagged Frame settings. This command
is activated only if the VLAN mode is tagged based (SVL, IVL).
If the VLAN mode is Port-Based VLAN or MAC-Based VLAN, it is
deactivated as shown in the figure below.

Setting port VIDs determines how untagged packets will be processed.

The following figure shows an example of setting port VIDs for untagged
packets. Each port VID is set to 1 by default. After creating VLANs and
registering member ports, you can configure how to process untagged packets
using the Port VID command.
With the VLAN in the example of registering tagged VLAN member ports
presented before, you can set port VIDs as shown in the figure below.
In the following example VLAN2 and VLAN3 have the same port VID.

© SAMSUNG Electronics Co., Ltd. 13

Ошибка! Стиль не определен.

If an untagged packet is sent through port 1, 2 is applied to it as PVID and it is

sent to VLAN2.
If the Forward Only this VID check box is checked, when the tag of a tagged
packet received has a different port VID from the one assigned to the port, it is
discarded. If unchecked, it is re-sent in accordance with the information in the
tag.
If the Drop Untagged Frame check box is checked, untagged frames are
discarded. If unchecked, untagged frames are sent to the VLAN which has the
port VID assigned.

14 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Classification
The Classification command is activated only if the VLAN mode is a Tagged-
Based VLAN (IVL, SVL) or if it is a MAC-Based VLAN and at least a VLAN
except the default VLAN is already created.
If the VLAN mode is Port-Based VLAN or if it is MAC-Based VLAN and
only the default VLAN exists, the Classification command is deactivated as
shown in the figure below.

The Classification command window (the VLAN Classification Configuration

window) is different when the VLAN mode is Tagged-Based VLAN or MAC-
Based VLAN.

For Tagged-Based VLAN, you can configure Protocol-Based VLAN on the

VLAN Classification Configuration window. The following figure is an
example in which VLAN2's classification rule is set to the IP protocol and its
group ID is set to 1. You can select a value of 1 to 256 for the group ID.
The group ID does not have any special meaning. You can regard it as an
index.

© SAMSUNG Electronics Co., Ltd. 15

Ошибка! Стиль не определен.

Selecting the IP protocol as the classifier for VID 2 means that the packets
received via the IP protocol are sent to VLAN2. If a tagged packet is received,
the rules for the tagged packets are applied with high priority.

For MAC-Based VLAN, the VLAN Classification Configuration window

allows you to configure an MAC address as a member of each MAC-Based
VLAN. The following figure shows an example in which VID 2 is assigned to
a specific MAC address.

This means that the packets that are sent to the designation with the specified
MAC address 00:00:00:00:00:01 are sent to VLAN2 (VID 2). By assigning a
VID to an MAC address, as shown here, the terminal that has that MAC
address becomes a member of that particular VLAN. If a packet, whose
destination is a member MAC address of a VLAN, is received through a port,
that port is registered as a member port of that VLAN.

16 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Examples of VLAN

Example #1-Configuring a Basic Static VLAN

A large company needs a lot of switches to cover the entire network for all
employees. Because the number of terminals that can be connected to a switch
is limited, you need to divide the entire network by department.
Therefore, configuring a VLAN can be considered a way of managing the
switches efficiently. The configuration of the basic static VLAN is as follows.

Router

Switch
Part 1 Part 2

Switch Switch

There is a switch on the top. If there is no VLAN here, you cannot divide the
networks for the Development and Public Relations departments without a
router. Of course, you can divide the lines running down from the router using
two switches. But it causes a waste of switches. Therefore, the most efficient
method is to divide the top switch into two VLANs.
The method of configuration is as follows.

© SAMSUNG Electronics Co., Ltd. 17

Ошибка! Стиль не определен.

Select 802.1Q (IVL) for the VLAN mode, which is the default. You can select
Port-Based VLAN for the LAN mode. For 802.1Q mode, you must consider
configuring the port PVIDs for processing of untagged packets.
For the example above, you should configure the port PVIDs as shown in the
figure below.

Once this configuration is completed, the Development and Public Relations

departments can be separated completely by VLANs. The members of the
same department can communicate with each other but no communication can
be made between two members of different departments. For Tagged-Based
VLAN, you must always configure tagged and untagged ports to process
tagged and untagged packets, but you do not need to for Port-Based VLAN.

18 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

Example #2-Configuring Your Network with

VLANs
We assume the following environment for the actual example where VLANs
are used in the network. The departments connected to the company network
are on different floors. Every switch which exists on each floor is connected to
a router. In this case, each department should be able to maintain its own
security and communicate with other departments at the same time.

Router

Switch

Part 1 Part 2 Part 3

1F 2F 3F

If you adjust the routing table in the router to assign a subnet to each
department, you can configure the network that satisfies those requirements.
However, in this case, you need to modify the routing table in the router.
You can configure the network without modifying the routing table,
if you configure VLANs using the switches that exist on each floor.

The following is an example of configuring VLANs under those conditions.

First, this is the configuration for the switch on the first floor. Create three
VLANs as shown in the figure below. Assign ports 1 to 4 to VLAN2 as its
member ports. Assign ports 5 to 8 to VLAN3 as its member ports.
Assign ports 9 to 12 to VLAN4 as its member ports. Because this
configuration is for a general case, set those ports as untagged ports instead of
tagged ports. Then assign port 13 to the three VLANs as their member port
and set it as a tagged port.

© SAMSUNG Electronics Co., Ltd. 19

Ошибка! Стиль не определен.

Configure the same port VIDs as in the VLAN member ports you configured
above.

Repeat the same configuration for every floor.

The Development department belongs to VLAN2 and is connected to the
switch ports 1 to 4. The Sales department belongs to VLAN3 and is connected
to the switch ports 5 to 8. The Public Relations department belongs to VLAN4
and is connected to the switch ports 9 to 13. Port 13 of the switch on every
floor is used to send and receive tagged packets between the switches to
control communications between VLANs. Assign a subnet to each department
so that a department can communicate with other departments even when they
are on different floors.

You need to change the configuration of VLANs appropriately according to

your circumstances and network environment.

20 © SAMSUNG Electronics Co., Ltd.

 GPLIM VLAN Handbook

ABBREVIATION

A
AS Autonomous System
ARP Address Resolution Protocol

B
BPDU Bridge Protocol Data Unit

C
CTI Computer Telephony Integration

D
DNS Domain Name Server

G
GPLIM Gigabit PoE LAN Interface Module
GVRP GARP VLAN Registration Protocol

H
HTTP Hypertext Transfer Protocol

I
IGMP Internet Group Management Protocol

© SAMSUNG Electronics Co., Ltd. 21

Ошибка! Стиль не определен.

L
LAN Local Area Network

M
MAC Media Access Control

N
NAT Network Address Translation
NTP Network Time Protocol

P
PD Powered Device
PoE Power over Ethernet
PVC Permanent Virtual Circuit
PVID Port VLAN Identification

Q
QoS Quality of Service

R
RMON Realtime Monitoring
RSTP Rapid Spanning Tree Protocol

S
SPQ Strict Priority Queuing
STP Spanning Tree Protocol
SNMP Simple Network Management Protocol

T
TFTP Trivial File Transfer Protocol

V
VLAN Virtual Local Area Network
VoIP Voice Over IP

22 © SAMSUNG Electronics Co., Ltd.

GPLIM
VLAN Handbook
© 2007 Samsung Electronics Co., Ltd.
All rights reserved.

Information in this manual is proprietary to SAMSUNG

Electronics Co., Ltd.
No information contained here may be copied, translated,
transcribed or duplicated by any form without the prior written
consent of SAMSUNG.
Information in this manual is subject to change without notice.