Virtual Local Network (VLAN) es
Uo ata is a subnetwork that takes groups of devices on a
larger network and creates a virtual LAN for those devices,
effectively separating them from the other devices on the
network.
This achieves the same ends as WLANs can achieve
naturally using separate channels and lends a LAN much
more flexibility.+ Each VLAN is distributed geographically throughout the network.
+ Users are grouped into each VLAN regardless of the physical location,
‘theoretically easing network management.
+ Asa user moves throughout a campus, the VLAN membership for that user
Temains the same.
+ Switches are configured for VTP server or client mode.+ Create local VLANs with physical boundaries in mind rather than job functions of the users.
+ Local VLANS exist between the access and distribution layers,
+ Traffic from a local VLAN is routed at the distribution and core levels.
+ Switches are configured in VTP transparent mode.
+ Spanning tree is used only to prevent inadvertent loops in the wiring closet.
+ One to three VLANs per access layer switch recommended.wy Best Practices for VLAN Design
‘ One to three VLANs per access module and limit those VLANs to a couple of access switches and the
distribution switches.
+ Avoid using VLAN 1 as the "blackhole" for all unused ports. Use a dedicated VLAN separate from VLAN 1 to
assign all the unused ports.
+ Separate the voice VLANs, data VLANs, the management VLAN, the native VLAN, blackhole VLANs, and the
default VLAN (VLAN 1).
+ Avoid VTP when using local VLANs; use manually allowed VLANs on trunks.
+ For trunk ports, turn off Dynamic Trunking Protocol (DTP) and configure trunking, Use IEEE 802.1@ rather
than ISL because it has better support for QoS and is a standard protocol.
+ Manually configure access ports that are not specifically intended for a trunk link.
+ Prevent all data traffic from VLAN 1; only permit control protocols to run on VLAN 1 (DTP, VTP, STP BPDUs,
agp, LACP, CDP, etc.).
+ Avoid using Telnet because of security risks; enable SSH support on management VLANs.1S SONET versus Ethernet MANs =
Most MANs are SONET networks built of multiple rings (for failover purposes)
*SONET is well-proven but complex, fairly expensive, and cannot be provisioned
dynamically.
“SONET is based upon T-1 rates and does not fit nicely into 1 Mbps, 10 Mbps, 100
Mbps, 1000 Mbps chunks, like Ethernet systems do.
Ethernet MANs
*Well understood, scale well and best technology to carry IP traffic (internet)
‘Have high failover times (slow recovery to failure)
*Growing in popularityoy The Ethernet MAN Topology
Ve
TREE
\_7
inerice Ponce
‘SwitchWe Wide Area Protocols Biases
:
+ WAN Data link layer protocols define how data is encapsulated for transmission to
remote sites.
“Technologies, such as Frame relay or ATM.
_’ + Many of these protocols use the framing mechanism, HDLC, an ISO standard,
or one of its subsets or variants.
*ATM is different from the others, because it uses small fixed-size cells of 53
bytes, unlike the other packet-switched technologies, which use variable-sized
packets.
+ The most common WAN data-link protocols are:
“PPP
*ATMATM Architecture Sp ta ie.
a AN
xm a xm von
Pay Uy Pay Py is PHY
Cl ~~ a =
[7 adaptation layer: only at edge of ATM network
m data segmentation/reassembly
m roughly analagous to Internet transport layer
r ATM layer: “network” layer
m cell switching, routing
r physical layerHal ATM Layer : ATM Cell SD asevine
}
r 5-byte ATM cell header
r 48-byte payload
m Why?: small payload -> short cell-creation delay
for digitized voice
m halfway between 32 and 64 (compromise!)
a |
t Z z x 4 j
Cell header = steht
Cell format (Cell Header ‘ATM Call Payload - 48 bytes
3rd bit inPT field; 1 SAR PDU
indicates Last cell
(AALAndicate bid)