It infrastructure rap/rac1000 – ADS-TEC RAP/RAC1000 User Manual User Manual

Page 123

IT Infrastructure RAP/RAC1000

123

VLAN

802.1

VLAN ID (VLAN tags) can be used by means of the integrated firewall mechanisms to

setup virtual subnetworks and to separate data traffic. To this end, every subnetwork uses
a unique number (VLAN-ID) to this end to identify Ethernet packets. A device belonging to
VLAN with ID=1 is able to communicate with each other device in the same VLAN but not

with a device in another VLAN with ID=2, 3, ... In addition, prioritization with VLAN is also
possible. Each frame can be given a priority (see menu item Prioritization). This makes

possible, for example, to preferably transfer control data while HTTP data are thwarted.
The firewall uses an uplink port from where the packets are exactly transferred to another

target port. A packet arriving at the target port is output at the uplink port with the
respective VLAN ID. That means, there is always setup a VLAN network between uplink
and another port via the port-related VLAN ID.

The VLAN functionality according to 802.1q is activated with the option Activate 802.1q

VHOST.
The option Activate Input Filter refuses all packets with VLAN IDs which do not match the
port VLAN ID.

The VLAN tags are removed or deleted at a target port by means of the option Delete ID

of outgoing packets. Incoming packets at the port without ID are provided with the VLAN
ID of the port. Thus a device needs no special VLAN configuration at the target port.

The VLAN ID for the the HOST interface as well as for the four ports of the managed
switch HOST is input in the following boxes.