Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment1751V
151152153154155156157158159160
iii
Cisco 1751 Router Software Configuration Guide
OL-1070-01
Security
VLANs also improve security by isolating groups. High-security users can be grouped into a VLAN,
possible on the same physical segment, and no users outside that VLAN can communicate with them.
Broadcast Control
Just as switches isolate collision domains for attached hosts and only forward appropriate traffic out a
particular port, VLANs provide complete isolation between VLANs. A VLAN is a bridging domain and
all broadcast and multicast traffic is contained within it.
Performance
The logical grouping of users allows an accounting group to make intensive use of a networked
accounting system assigned to a VLAN that contains just that accounting group and its servers.
That groups work will not affect other users. The VLAN configuration improves general network
performance by not slowing down other users sharing the network.
Network Management
The logical grouping of users allows easier network management. It is not necessary to pull cables to
move a user from one network to another. Adds, moves, and changes are achieved by configuring a port
into the appropriate VLAN.
Communication Between VLANs
Communication between VLANs is accomplished through routing, and the traditional security and
filtering functions of the router can be used. Cisco IOS software provides network services such as
security filtering, quality of service (QoS), and accounting on a per VLAN basis. As switched networks
evolve to distributed VLANs, Cisco IOS provides key inter-VLAN communications and allows the
network to scale.
VLAN Colors
VLAN switching is accomplished through frame tagging where traffic originating and contained within
a particular virtual topology carries a unique VLAN identifier (VLAN ID) as it traverses a common
backbone or trunk link. The VLAN ID enables VLAN switching devices to make intelligent forwarding
decisions based on the embedded VLAN ID. Each VLAN is differentiated by a color, or VLAN
identifier. The unique VLAN ID determines the frame coloring for the VLAN. Packets originating and
contained within a particular VLAN carry the identifier that uniquely defines that VLAN (by the
VLAN ID).
The VLAN ID allows VLAN switches and routers to selectively forward packets to ports with the same
VLAN ID. The switch that receives the frame from the source station inserts the VLAN ID and the
packet is switched onto the shared backbone network. When the frame exits the switched LAN, a switch