Internet/Intranet (Practical case studies)
| As a part of emerging LAN switching technology, Virtual LANs are one of the most promising and intriguing concepts yet very unknown in practice. For modern workgroup oriented managers that seek efficiency, it is very easy to accept business driven LAN configuration that will put users belonging to the same workgroup together in one broadcast domain, regardless of their physical location. Recently, the first practical deployment of VLAN technology has been done on project connecting dozen remote locations over a public frame relay network and configuring the network according to business processes needs, not physical layout. |
Virtual LAN technology is one of the most important (and sometimes confusing) topics in switched networking. Virtual LANs are a necessity for switching because they provide an important element in the migration from shared media hub/router network models to fully switched networks. With the evolution of switching, a wide variety of virtual LAN implementations have emerged. These implementations have their advantages and drawbacks. This paper looks at the reasons for virtual LANs, the requirements that they need to support and gives several practical examples of networks using VLAN tehcnology.
Networks are migrating from shared-media hubs to LAN switches for interconnecting workstations and resources. However switches operate on layer-two of the OSI reference model and are essentially frame forwarding devices which do not scale well to fit large networks and growing mid-sized networks. In conventional hub/router networks groups of users are segmented into broadcast domains which are interconnected by routers. This lets each group of segmented users share the bandwidth on their hub or ring while also reducing collisions and congestion. Switched LANs do not have broadcast domains, so the network is bogged down by broadcasts from chatty protocols like IPX. Virtual LANs create broadcast domains on switched networks that, in turn, allow them to scale.
VLANs also have other advantages; among others, they make efficient use of scarce IP addresses, dramatically simplify moving devices around a campus network, make organizing users a lot easier and improve overall security of a network if implemented properly.
What are virtual LANs? Why do we want to use them? What features should virtual LANs have in order to be useful in today's gowing networks? These questions are put before every IT manager and engineer , trying to implement a switched network solution.
LAN switches achieve high performance levels by using processes similar to those used by conventional bridges, and that makes switching faster than routing. Switches use layer-two "MAC" addresses to determine a frame's destination. This is much simpler and faster than routing which uses layer-three protocols. Unlike routing, layer-two frame forwarding (switching) does not change the contents of a frame whereas routers add address and hop count information. Routers also use a lot of other information (about routes through the network, etc.) which also slow down the underlying process of transfering data packets.
There's nothing new about using layer-two devices to build networks. The first LANs were created using simple bridges. What's new is that switches are more powerful and capable of handling enormous amounts of data. But still, all switched networks do have one limitation. Since they don't participate in layer-three protocols, basic switches don't know where to send broadcasts. Although point-to-point (unicast) traffic is isolated to specific ports, broadcasts are sent throughout an entire network. The same is true of frames that have a destination MAC address that hasn't been learned; they too are sent everywhere. Broadcasts and unicast frames with an unknown destination can cause congestion and collisions, especially on medium and large networks. When this happens its important to keep traffic in broadcast domains.
In router networks each router port is a broadcast domain. Switching needed a way to contain broadcast traffic without slowing traffic down. To do this, switching vendors have created VLANs, which have a function of separating the network into broadcast domains . VLANs provide the segmentation necessary to contain broadcast flooding by creating logical, dynamic broadcast domains. Furthermore VLANs allow switched networks to scale as an organization grows.
Although most vendors recognize the need for a VLAN-capable switching system, not all implementations are flexible and powerfull for future networking needs. Here are characteristics to look for in a VLAN implementation :
There are a variety of VLAN capabilities in the switching industry. The most simple VLANs are just a collection of switch ports while others are more complex, allowing administrators to group users by a variety of criteria.
Below are some of the types of VLANs used in todays switching architectures. Generation 1 (Basics) and Generation 2 (Internetworking) are now being implemented by most switching vendors. Generation 3 (Aplication ) is the most advanced implementation of VLANs. Network designers should be capable of combining these types into "policy based VLANs" which enable organizations to create networks which follow bussines rules and policies, not make them.
| Case Study #1 - Bank LAN | Simple VLAN implementation in a local network of a financial / banking institution |
| Case Study #2 - Internet | Internet connection through the use of VLAN security. |
| Case Study #3 - Upgrading WAN | Use of LAN switching in combination with WAN switching. |
| Case Study #4 - Enterprise Network | Complex example of VLAN deployment in a large enterprise network. |
Switching is growing more rapidly than any of the internetworking technologies that proceeded it. VLAN technology is essential in successfull deployment of switching networks. The right VLAN architecture is the key to enabling a flexible network, one that will withstand new aplications such as multimedia, intranet and video-broadcasting or video-conferencing.
However, each vendor's VLAN capabilities are different, and in deciding on the switching architecture or vendor, there can be no doubt that VLAN capabilities are one of the most important factors.
Although VLANs are a powerful tool for shaping LAN and WAN, as with any powerful technology, network designers and users should be aware that only properly designed and configured VLANs have a positive effect on performance of a network system.
VLAN technology makes large switched networks very reliable, simplifies administration and managment of the network and enables logical rather than physical organization of the network. These features are guiding network systems into a new era of switching.
In this work there are terms that might be new to the reader, so we included a link to Glossary for readers convenience as well as a list of used literature and links to further readings.
William Bello, born 1957, graduated 1982 at Zagreb, University as Applied Mathematics Engineer, MIS consultant and director for INA-OKI and PLIVA. Since 1993 owner and founder of BELLO Ltd., consultant and project company specialized in data communication with operations in Croatia, Slovenia, Bosnia, Hungary and Albania.