4 virtual local area networks (vlans), 1 all ports should be vlan ports, Virtual local area networks (vlans) – Contemporary Control Systems Compact Managed Switches Software Manual for Web Browser User Manual
Page 21: All ports should be vlan ports, On 4.4.4)
TD020851-0MG
21
4.4.4 Virtual Local Area Networks (VLANs)
A VLAN (Virtual Local Area Network) is comprised of devices grouped on some basis
other than geographic location (i.e., by work group, security level, user type, or
application). The devices logically behave as if tied to the same wire although they may
be physically located on very different LAN segments. VLANs are configured with
software, which offers much greater flexibility than hardware configuration.
A chief advantage of VLANs is that they block broadcasts and multicasts from non-
VLAN ports. Most switches tend to transmit unicast frames sent only to ports involved
in a conversation (directed messages) and cannot accommodate broadcast or multicast
frames. VLANs keep broadcasts and multicasts within a VLAN group.
Another advantage of VLANs is that despite being physically relocated, a device can
remain in the same VLAN — with no hardware reconfiguration needed. The VLAN
supervisor can change/add workstations and manage load-balancing (bandwidth) far
more easily than with a LAN modified only by hardware. Management software
maintains a virtual image of how the logical and physical networks compare.
Figure 17 — VLANs
4.4.4.1 All Ports Should Be VLAN Ports
When VLANs are enabled on the switch, all ports should be assigned to one or more
VLANs. Such ports are called VLAN ports. If a port is not assigned to a VLAN while
VLANs are enabled, that port
cannot receive messages from the switch. A frame
received from a VLAN port will only be forwarded to those ports with which it shares a
VLAN membership. If the destination belongs to another VLAN, the frame will be
discarded. This topology allows networks to share a common server or router, but use
different VLANs for security or performance reasons.