Default vlans, Vlan segmentation, Vlan and trunk groups – D-Link DES-3018 User Manual
Page 101
DES-3010F/DES-3010FL/DES-3010G/DES-3016/DES-3018/DES-3026 Fast Ethernet Switch Manual
88
is not, the packet is dropped. If the destination port is a member of the 802.1Q VLAN, the packet is
forwarded and the destination port transmits it to its attached network segment.
If the packet is not tagged with VLAN information, the ingress port will tag the packet with its own PVID as
a VID (if the port is a tagging port). The switch then determines if the destination port is a member of the
same VLAN (has the same VID) as the ingress port. If it does not, the packet is dropped. If it has the same
VID, the packet is forwarded and the destination port transmits it on its attached network segment.
This process is referred to as ingress filtering and is used to conserve bandwidth within the Switch by
dropping packets that are not on the same VLAN as the ingress port at the point of reception. This eliminates
the subsequent processing of packets that will just be dropped by the destination port.
Default VLANs
The Switch initially configures one VLAN, VID = 1, called "default." The factory default setting assigns all
ports on the Switch to the "default." As new VLANs are configured in Port-based mode, their respective
member ports are removed from the "default."
Packets cannot cross VLANs. If a member of one VLAN wants to connect to another VLAN, the link must
be through an external router.
NOTE: If no VLANs are configured on the Switch, then all packets will be
forwarded to any destination port. Packets with unknown source
addresses will be flooded to all ports. Broadcast and multicast packets will
also be flooded to all ports.
An example is presented below:
VLAN Name
VID
Switch Ports
System (default)
1
5, 6, 7, 8, 21, 22, 23, 24
Engineering
2
9, 10, 11, 12
Marketing
3
13, 14, 15, 16
Finance
4
17, 18, 19, 20
Sales
5
1, 2, 3, 4
Table 7- 1. VLAN Example - Assigned Ports
VLAN Segmentation
Take for example a packet that is transmitted by a machine on Port 1 that is a member of VLAN 2. If the
destination lies on another port (found through a normal forwarding table lookup), the Switch then looks to
see if the other port (Port 10) is a member of VLAN 2 (and can therefore receive VLAN 2 packets). If Port
10 is not a member of VLAN 2, then the packet will be dropped by the Switch and will not reach its
destination. If Port 10 is a member of VLAN 2, the packet will go through. This selective forwarding feature
based on VLAN criteria is how VLANs segment networks. The key point being that Port 1 will only
transmit on VLAN 2.
VLAN and Trunk Groups
The members of a trunk group have the same VLAN setting. Any VLAN setting on the members of a trunk
group will apply to the other member ports.