Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
121122123124125126127128129130
OmniAccess SafeGuard OS Administration Guide
130
Chapter 5: Setting Up SafeGuard Switches
Overview of VLANs
This chapter describes setting up Virtual Local Area Networks (VLANs) on SafeGuard
devices. The SafeGuard Switch and the Controller both support VLANs but use different
techniques and commands.
A VLAN is a logical grouping of endpoint devices on different physical LAN segments
that communicate as if they are on the same physical LAN segment. These endpoint
devices are referred to as members of the VLAN. Unlike a LAN connected using hardware,
a VLAN is configured using the SafeGuard OS CLI, making it a virtual connection.
VLANs are part of the IEEE 802.1Q standard, which is designed to address how to break
large networks into smaller parts so broadcast and multicast traffic would not grab more
bandwidth than necessary. The standard also helps provide a higher level of security
between segments of internal networks.
See the following sections for more details:
Tagged and Untagged Frames
Ingress VLAN Classification and Egress Forwarding for the SafeGuard Switch
Why Use VLANs?
Configuring VLANs on the SafeGuard Switch
For more details on SafeGuard Switches and their features, see Alcatel-Lucent Solution and
Product Overview on page 20.
Tagged and Untagged Frames
The IEEE 802.1Q specification establishes a standard method for tagging Ethernet frames
with VLAN membership information. To tag a VLAN, insert an identification number
(VLAN ID) into a predefined field through configuration.
Tagged VLANs provide switch-to-switch connectivity over a single physical connection
called a trunk. Tagged VLANs over trunk lines allow multiple VLANs to span from
switch to switch.
An untagged frame received at a port will be classified into an appropriate VLAN based
on one of the criteria specified in the following section.
Ingress VLAN Classification and Egress Forwarding for the
SafeGuard Switch
The switch uses a set of rules to determine VLAN membership when a frame enters a
port (ingress). After the frame is examined and the VLAN membership is determined, the
packet is assigned to the VLAN and transmitted out of the ports (egress) associated with
the VLAN.