beautypg.com

Protected ports vlan overview – Allied Telesis AT-S62 User Manual

Page 582

background image

Chapter 28: Protected Ports VLANs

Section V: Virtual LANs

582

Protected Ports VLAN Overview

The purpose of a protected ports VLAN is to allow multiple ports on the
switch to share the same uplink port but not share traffic with each
other. In a protected ports VLAN, each port is considered a separate LAN
segment that can only communicate with an uplink port. The result is a
configuration appropriate in network environments that require a great
deal of segmentation.

This feature has some of the same characteristics as the multiple VLAN
modes described in the previous chapter, but it offers several
advantages. One of the advantages is that it offers more flexibility. With
the multiple VLAN modes, you can select only one uplink port which is
shared by all the other ports. Also, you are not allowed to modify the
configuration.

With protected ports VLANs, you can create LAN segments that consist
of more than one port and you can specify multiple uplink ports.

Another advantage is that the switch can support protected ports VLANs
as well as port-based and tagged VLANs simultaneously, something that
is not allowed with the multiple VLAN modes.

An important concept of this feature is groups. A group is a selection of
one or more ports that function as a LAN segment within the VLAN. The
ports in each group are independent of the ports in the other groups of
the VLAN. The ports of a group can share traffic only amongst
themselves and with the uplink port, but not with ports in other groups
of the VLAN.

A protected ports VLAN can consist of two or more groups and a group
can consist of one or more ports. The ports of a group can be either
tagged or untagged.

This type of VLAN also shares some common features with tagged
VLANs, where one or more ports are shared by different LAN segments.
But there are significant differences. First, all the ports in a tagged VLAN
are considered a LAN segment, while the ports in a protected ports
VLAN, though residing within a single VLAN, are subdivided into the
smaller unit of groups, which represent the LAN segments.

Second, a tagged VLAN, by its nature, contains one or more tagged
ports. These are the ports that are shared among one or more tagged
VLANs. The device connected to a tagged port must be 802.1Q
compliant and it must be able to handle tagged packets.

See also other documents in the category Allied Telesis Computer hardware: