Vlan overview – Allied Telesis AT-S63 User Manual

Page 600

background image

Chapter 25: Port-based and Tagged VLANs

600

Section VI: VLANs

VLAN Overview

A VLAN is a group of ports on an Ethernet switch that form a logical
Ethernet segment. The ports of a VLAN form an independent traffic
domain where the traffic generated by the nodes of a VLAN remains within
the VLAN.

With VLANs, you can segment your network through the switch’s AT-S63
management software and so be able to group nodes with related
functions into their own separate, logical LAN segments. These VLAN
groupings can be based on similar data needs or security requirements.
For example, you could create separate VLANs for the different
departments in your company, such as one for Sales and another for
Accounting.

VLANs offer several important benefits:

ˆ

Improved network performance

Network performance often suffers as networks grow in size and as
traffic increases. The more nodes on each LAN segment vying for
bandwidth, the greater the likelihood overall network performance
decreases.

VLANs improve network perform because VLAN traffic stays within the
VLAN. The nodes of a VLAN receive traffic only from nodes of the
same VLAN. This reduces the need for nodes to handle traffic not
destined for them. It also frees up bandwidth within all the logical
workgroups.

In addition, because each VLAN constitutes a separate broadcast
domain, broadcast traffic remains within the VLAN. This too can
improve overall network performance.

ˆ

Increased security

Because network traffic generated by a node in a VLAN is restricted
only to the other nodes of the same VLAN, you can use VLANs to
control the flow of packets in your network and prevent packets from
flowing to unauthorized end nodes.

ˆ

Simplified network management

VLANs can also simplify network management. Before the advent of
VLANs, physical changes to the network often had to been made at
the switches in the wiring closets. For example, if an employee
changed departments, changing the employee’s LAN segment
assignment often required a change to the wiring at the switch.

But with VLANS, you can change the LAN segment assignment of an
end node connected to the switch using the switch’s AT-S63