System information
Cisco Cat3K ST 6 June 2012
51
TOE SFRs How the SFR is Met
FDP_IFC.1(1) VLAN –
A VLAN is a switched network that is logically segmented by function,
project team, or application, without regard to the physical locations of the
users. VLANs have the same attributes as physical LANs, but can group
end stations even if they are not physically located on the same LAN
segment. Any switch port can belong to a VLAN, and unicast, broadcast,
and multicast packets are forwarded and flooded only to end stations in the
VLAN. Each VLAN is considered a logical network, and packets destined for
stations that do not belong to the VLAN must be forwarded through a router
or a switch supporting fallback bridging. In a switch stack, VLANs can be
formed with ports across the stack. Because a VLAN is considered a
separate logical network, it contains its own bridge Management
Information Base (MIB) information
The following diagram illustrates VLANs as Logically Defined Networks
VLANs are often associated with IP subnetworks. For example, all the end
stations in a particular IP subnet belong to the same VLAN. Interface VLAN
membership on the switch is assigned manually on an interface-by-interface
basis. When an administrator assigns switch interfaces to VLANs by using
this method, it is known as interface-
based, or static, VLAN membership.
Traffic between VLANs must be routed or fallback bridged. The switch can
route traffic between VLANs by using switch virtual interfaces (SVIs).
PVALN-
As with regular VLANs, private VLANs can span multiple switches. A
trunk port carries the primary VLAN and secondary VLANs to a neighboring
switch. The trunk port treats the private VLAN as any other VLAN. A
feature of private VLANs across multiple switches is that traffic from an
isolated port in switch A does not reach an isolated port on Switch B. See
the diagram below
Private VLANs across Switches
FDP_IFF.1(1)