Specifications
Table Of Contents
- Table of Contents
- Preface Template Formats
- Web-based (GUI) Configuration
- Configuration
- Device Information
- System Information
- Serial Port Settings
- IP Address Settings
- IPv6 Address Settings
- IPv6 Route Settings
- IPv6 Neighbor Settings
- Port Configuration Folder
- Static ARP Settings
- User Accounts
- System Log Configuration Folder
- DHCP Relay Folder
- MAC Address Aging Time
- Web Settings
- Telnet Settings
- CLI Paging Settings
- Firmware Information
- SNTP Settings Folder
- SMTP Settings Folder
- SNMP Settings Folder
- Layer 2 Features
- Jumbo Frame
- VLANs
- 802.1Q Static VLAN
- Q-in-Q Folder
- 802.1v Protocol VLAN Folder
- GVRP Settings
- Asymmetric VLAN Settings
- MAC-based VLAN Settings
- PVID Auto Assign Settings
- Port Trunking
- LACP Port Settings
- Traffic Segmentation
- IGMP Snooping Folder
- MLD Snooping Settings
- Port Mirror
- Loopback Detection Settings Page
- Spanning Tree Folder
- Forwarding & Filtering Folder
- LLDP Folder
- Quality of Service (QoS)
- Security
- Access Control List (ACL)
- Monitoring
- Save and Tools
- System Log Entries
- Trap List
Chapter 3: Layer 2 Features
Extreme Networks EAS 100-24t Switch Software Manual
52
This process is referred to as ingress filtering and is used to conserve bandwidth within the Switch by
dropping packets that are not on the same VLAN as the ingress port at the point of reception. This
eliminates the subsequent processing of packets that will just be dropped by the destination port.
Default VLANs
The Switch initially configures one VLAN, VID = 1, called "default." The factory default setting assigns
all ports on the Switch to the "default." As new VLANs are configured in Port-based mode, their
respective member ports are removed from the "default."
Packets cannot cross VLANs. If a member of one VLAN wants to connect to another VLAN, the link
must be through an external router.
NOTE
If no VLANs are configured on the Switch, then all packets will be forwarded to any destination port.
Packets with unknown source addresses will be flooded to all ports. Broadcast and multicast packets will also be
flooded to all ports.
An example is presented below:
Port-based VLANs
Port-based VLANs limit traffic that flows into and out of switch ports. Thus, all devices connected to a
port are members of the VLAN(s) the port belongs to, whether there is a single computer directly
connected to a switch, or an entire department.
On port-based VLANs, NICs do not need to be able to identify 802.1Q tags in packet headers. NICs
send and receive normal Ethernet packets. If the packet's destination lies on the same segment,
communications take place using normal Ethernet protocols. Even though this is always the case, when
the destination for a packet lies on another switch port, VLAN considerations come into play to decide
if the packet gets dropped by the Switch or delivered.
VLAN Segmentation
Take for example a packet that is transmitted by a machine on Port 1 that is a member of VLAN 2. If the
destination lies on another port (found through a normal forwarding table lookup), the Switch then
looks to see if the other port (Port 10) is a member of VLAN 2 (and can therefore receive VLAN 2
packets). If Port 10 is not a member of VLAN 2, then the packet will be dropped by the Switch and will
not reach its destination. If Port 10 is a member of VLAN 2, the packet will go through. This selective
forwarding feature based on VLAN criteria is how VLANs segment networks. The key point being that
Port 1 will only transmit on VLAN 2.
Network resources can be shared across VLANs. This is achieved by setting up overlapping VLANs.
That is ports can belong to more than one VLAN group. For example, by setting VLAN 1 members to
VLAN Name VID Switch Ports
System (default) 1 5, 6, 7, 8, 21, 22, 23, 24
Engineering 2 9, 10, 11, 12
Marketing 3 13, 14, 15, 16
Finance 4 17, 18, 19, 20
Sales 5 1, 2, 3, 4