Manualshelf

HP-UX VLAN Administrator's Guide, February 2007

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
11121314151617181920
Switches that implement only port-based VLAN can support only one VLAN per port. However,
if they are tag aware (also called Q compliant), they can support multiple VLANs per port— one
untagged VLAN and multiple tagged VLANs. If a frame does not have an explicit VLAN tag, it
is automatically assigned the untagged VLAN ID or the default VLAN ID. An inbound frame
that is tagged has its VLAN ID in the frame header. Some switch vendors refer to the ability of
handling multiple tagged frames per port as VLAN trunking.
Common VLAN Usage Scenarios
Common types of usage scenarios for VLANs include: port-based VLANs, protocol-based VLANs,
and IP subnet-based VLANs. Before figuring out which usage scenario suits your needs, you
must understand what each type of usage scenario implies.
Port-based VLAN: All frames transmitted by a network interface card (NIC) are tagged
using only one VLAN ID. The NIC does not transmit or receive any untagged frames.
Protocol-based VLAN: The NIC assigns a unique VLAN ID for each Layer 3 protocol (such
as IPv4, IPv6, IPX, and so on). Therefore, the VLAN ID of outbound frames is different for
each protocol. An inbound frame is dropped if the protocol and VLAN ID do not match.
IP subnet-based VLAN: The NIC assigns a unique VLAN ID for each IP subnet it belongs
to. Therefore, the VLAN ID of outbound frames is different for different destination subnets.
An inbound frame is dropped if the IP subnet and VLAN ID do not match.
The way you decide to use VLANs in a network depends on the requirements of individual
stations in the network. You can configure all three types of VLANs in a network at the same
time. The following are guidelines for determining which type of VLAN to configure:
If an end-station NIC needs to belong to only one VLAN, you have two choices:
Configure a port-based VLAN on that NIC and enable the corresponding VLAN ID on
the switch port to which the NIC is connected. You must mark this switch port tagged
for that VLAN ID.
Keep that end station VLAN unaware. You just need to enable the corresponding VLAN
ID on the switch port and mark this switch port untagged.
Typically you need to do this on workstation NICs.
If an end-station NIC needs to process frames for more than one protocol (such as IPv4,
IPv6, or IPX), configure a protocol-based VLAN on that NIC, by assigning one VLAN ID to
each protocol. You must also configure the switch port the NIC is connected to with the
same VLAN IDs and mark them tagged on the switch.
If an end-station NIC must handle IP packets belonging to multiple subnets, use an IP
subnet-based VLAN. Assign a unique VLAN ID to each IP address configured on that NIC.
Enable the same VLAN IDs on the switch port to which the NIC is connected, and mark
them tagged on the switch.
You can also use combinations of the three types. For example, if your end station processes
frames for more than one protocol, and it also serves multiple IP subnets, consider using
both protocol-based and subnet-based VLANs.
Planning for VLANs on the Network
As part of using VLANs, you need to plan for and determine an overall networkwide VLAN
strategy and process. This includes taking into account the network requirements and
configuration requirements of the switches involved.
Process Overview
The following is a summary of the high-level steps involved in planning a VLAN strategy. This
procedure assumes that the switches can add VLAN tags.
18 Introduction