Quick Reference Guide

ManualsBrandsDell ManualsComputer equipmentForce10 S2410-01-10GE-24P

201

202

203

204

205

206

207

208

209

210

208 | VLANs

www.dell.com | support.dell.com

A VLAN is a set of end stations and the switch ports that connect them. You may have many reasons for

the logical division, such as department or project membership. The only physical requirement is that the

end station and the port to which it is connected both belong to the same VLAN.

Each VLAN in a network has a VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of

packets transmitted on a VLAN. An end station may omit the tag, or the VLAN portion of the tag, in which

case the first switch port to receive the packet may either reject it or insert a tag using its default VLAN ID.

A given port may handle traffic for more than one VLAN, but it can only support one default VLAN ID.

Two features introduced in SFTOS 2.5.1 let you define packet filters that the switch uses as the matching

criteria to determine if a particular packet belongs to a particular VLAN:

• The IP subnet-based VLAN feature maps IP addresses to VLANs by specifying a source IP address,

network mask, and the desired VLAN ID. See Creating an IP Subnet-based VLAN on page 223.

• The MAC-based VLAN feature let packets originating from end stations become part of a VLAN

based on the source MAC address. To configure the feature, specify a source MAC address and a

VLAN ID. See the

show vlan association mac command in the System Configuration chapter of the

SFTOS Command Reference.

SFTOS 2.5.1 introduced two other VLAN features:

• The Private Edge VLAN sets protection between ports located on the switch. A protected port cannot

forward traffic to another protected port on the same switch. The feature does not provide protection

between ports located on different switches. See Configuring a Private Edge VLAN (PVLAN) on

page 223.

• The native VLAN provides the ability for a port to handle both tagged and untagged frames, in order to

handle control plane traffic in the native VLAN while it also participates in another VLAN.

See

Configuring a Native VLAN on page 224.

Important Points to Remember

• The default VLAN is VLAN 1. It cannot be changed. You cannot tag interfaces for VLAN 1.

• A VLAN can include LAGs (port channels) and ports on multiple switches in the stack.

• If a port is a member of multiple VLANs, it can be tagged in one VLAN and untagged in another.

• With the SFTOS VLAN implementation, ports may belong to multiple tagged

VLANs, and VLAN

membership may be based on port or protocol.

• The internal bridging and routing functions can act as logical ports of each other when VLAN routing

is used.

• 1024 VLANs can be in operation at one time, any of which can have a VLAN ID up to 3965. The top

129 VLANs are reserved.

• Each interface must have a single native VLAN (tagged or untagged) at all times (see Configuring a

Native VLAN on page 224).

• You can configure VLANs from either the Interface Range mode (see Bulk Configuration on

page 126) or Interface VLAN mode (see VLAN Mode Commands on page 210).

Note: The VLAN association features described above are only available for the S50V and

S25P, not the S50.