CompTIA® Network+ : Vlan
& Common Tcp And Udp Default Ports
VLAN - Virtual Local Area Networks:
VLAN derives it's name from the fact that there is
only one physical network, but two or more logical networks.
A VLAN may be created by any of these methods:
VLAN by port association - Membership in a VLAN
can be defined based on the ports that belong to
the VLAN. For example, in a bridge with four ports,
ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs
to VLAN 2. The main disadvantage of this method
is that it does not allow for user mobility. If
a user moves to a different location away from the
assigned bridge, the network manager must reconfigure
VLAN by MAC address association: Here, membership
in a VLAN is based on the MAC address of the workstation.
The switch tracks the MAC addresses which belong
to each VLAN (see Figure4). Since MAC addresses
form a part of the workstation's network interface
card, when a workstation is moved, no reconfiguration
is needed to allow the workstation to remain in
the same VLAN. This is unlike Layer 1 VLAN's where
membership tables must be reconfigured. The main
problem with this method is that VLAN membership
must be assigned initially. In networks with thousands
of users, this is no easy task. Also, in environments
where notebook PC's are used, the MAC address is
associated with the docking station and not with
the notebook PC. Consequently, when a notebook PC
is moved to a different docking station, its VLAN
membership must be reconfigured.
VLANs by Protocol Type - VLAN membership for
Layer 2 VLAN's can also be based on the protocol
type field found in the Layer 2 header. For example,
VLANs that carry only IP traffic and those that
carry only IPX traffic. However this type of VLANs
are not popular.
VLANs by IP subnet address - Membership is based
on the Layer 3 header. The network IP subnet address
can be used to classify VLAN membership. Although
VLAN membership is based on Layer 3 information,
this has nothing to do with network routing and
should not be confused with router functions. In
this method, IP addresses are used only as a mapping
to determine membership in VLAN's. No other processing
of IP addresses is done. In Layer 3 VLAN's, users
can move their workstations without reconfiguring
their network addresses. The only problem is that
it generally takes longer to forward packets using
Layer 3 information than using MAC addresses. This
is the most widely used VLAN type.
The 802.1Q draft standard defines Layer 1 and Layer
2 VLAN's only.
The following are the important terms associated
VLAN 1 is the management VLAN.
Static VLAN : VLAN is statically assigned to
the physical port and never changes.
Dynamic VLAN : VMPS automatically assigns VLAN
based on MAC
Access Link : An access link can carry only one
VLAN (used between host and switch port)
Trunk Link : A trunk link can carry multiple
VLANs. Used to connect to other switches, routers,
Two types of Trunk framing: ISL (Cisco only)