General rules for creating a port-based vlan, Drawbacks of port-based vlans – Allied Telesis AT-S63 User Manual

Chapter 19: Port-based and Tagged VLANs

432

Section III: VLANs

General Rules

for Creating a

Port-based

VLAN

Below is a summary of the general rules to observe when creating a port-
based VLAN.

❑ Each port-based VLAN must be assigned a unique VID. If a

particular VLAN spans multiples switches, each part of the VLAN
on the different switches should be assigned the same VID.

❑ A port can be an untagged member of only one port-based VLAN

at a time.

❑ Each port must be assigned a PVID. This value must be the same

for all ports in a port-based VLAN and it must match the VLAN’s
VID. This value is automatically assigned by the AT-S63
management software.

❑ A port-based VLAN that spans multiple switches requires a port

on each switch where the VLAN is located to function as an
interconnection between the switches where the various parts of
the VLAN reside.

❑ If there are end nodes in different VLANs that need to

communicate with each other, a router or Layer 3 switch is
required to interconnect the VLANs.

Drawbacks of

Port-based

VLANs

There are several drawbacks to port-based VLANs:

❑ It is not easy to share network resources, such as servers and

printers, across multiple VLANs. A router or Layer 3 switch must be
added to the network to provide a means for interconnecting the
port-based VLANs. The introduction of a router into your network
could create security issues from unauthorized access to your
network.

❑ A VLAN that spans several switches requires a port on each switch

for the interconnection of the various parts of the VLAN. For
example, a VLAN that spans three switches would require one
port on each switch to interconnect the various sections of the
VLAN. In network configurations where there are many individual
VLANs that span switches, many ports could end up being used
ineffectively just to interconnect the various VLANs.