Manualshelf

User manual

ManualsBrandsRockwell Automation ManualsComputer equipmentSTRATIX 8000 1783-MX08T
31323334353637383940
34 Publication 1783-UM003D-EN-E - December 2009
Chapter 2
Group Users
The network shown in the figure on page 33, VLANs in a Stratix 8000 Switch
Network provides access to three types of network users: wired employees,
wireless (or mobile) employees, and wired and wireless company visitors. Each
user type requires different access levels to the company network.
VLANs and security policies on a router or Layer 3 switch can enforce
privileges and restrictions to different user types. In the figure on page 33,
VLANs in a Stratix 8000 Switch Network:
VLAN 5 offers employee-level access to the company resources. This
kind of network access requires a direct connection to the specific
switch ports.
VLAN 7 offers Internet-only access to company visitors. Visitors with
wired or wireless connections to switch ports are assigned to this
VLAN, which automatically restricts guest access to only the Internet.
VLAN 9, which has one or more switch ports connected to the wireless
access point, enforces security policies to identify the wireless user (for
example, as employee or a guest) and to determine what the user can do
on the network (for example, access only the Internet or access other
network resources).
IGMP Snooping With
Querier
Layer 2 switches can use IGMP snooping to constrain the flooding of
multicast traffic by dynamically configuring Layer 2 interfaces so that multicast
traffic is forwarded to only those interfaces associated with IP multicast
devices. As the name implies, IGMP snooping requires the LAN switch to
snoop on the IGMP transmissions between the host and the router and to
keep track of multicast groups and member ports. When the switch receives an
IGMP report from a host for a particular multicast group, the switch adds the
host port number to the forwarding table entry; when it receives an IGMP
Leave Group message from a host, it removes the host port from the table
entry. It also periodically deletes entries if it does not receive IGMP
membership reports from the multicast clients.
The multicast router sends out periodic general queries to all VLANs. All hosts
interested in this multicast traffic send join requests and are added to the
forwarding table entry. The switch creates one entry per VLAN in the IGMP
snooping IP multicast forwarding table for each group from which it receives
an IGMP join request.