Different ways to assign the VLAN

108 0 0 0

As known to us, the VLAN is a simple way to restrict the broadcast domain. We can assign the interfaces to the specific VLAN to join the corresponding broadcast domain. But there are more ways to assign the VLAN and they are more flexible than the most common one.


1. Assigning VLAN based on the interface


Assigning the VLAN based on the interface is the most common way. It assigns an interface to a specific VLAN and if the interface is a trunk port or a hybird port, it can assign more than one VLAN.


Though assigning VLAN based on the interface is easy to configure, it is unflexible though. When the connected device is transported to another VLAN, the interface configuration should be modified. What's more, if the device is transported to another place, more configuration steps should be undertaken. This kind of assignment is recommended to be implemented in a stable enviroment, an environment in which the device would not migrate to another place too frequently.


2. Assigning the VLAN based on MAC address


Assigning the VLAN based on the MAC address gives us a more flexible way. This way we could assign the VLAN based on the MAC address which belongs to the connected device.


In this scenario, when the connected device migrates to another interface, the configuration still works without any modification. Though this way gives us a more flexible sloution, we should do some pre-configuration before implementation.


3. Assigning the VLAN based on IP subnets


Like the second way, assigning the VLAN based on IP subnets has the similar advantages and disadvantages. It just replaces the MAC address with IP subnets during the pre-configuration.


4. Assigning the VLAN based on protocols


This way, VLANs are assigned based on protocol (suite) types and encapsulation formats of frames.


The network administrator pre-configures the mappings between protocol types and VLAN IDs. When receiving an untagged frame, the switch adds to the VLAN tag mapping the protocol type of the frame to the frame. The frame is then transmitted in the specified VLAN.


Though this kind of method provides a better way to manage the services, it requires more complicated configurations and because of analyzing protocol address formats and converting those formats, it consumes excessive resources. Therefore, this mode slows down the switch response time. So it's not widely used in the real network environment.


5. Assigning the VLAN based on policy


Policy-based VLAN assignment allows plug-and-play of user terminals and provides secure data isolation for terminal users.

The switch provides policy-based VLAN assignment based on just MAC and IP addresses or based on both MAC and IP addresses and interfaces.


To configure policy-based VLAN assignment, configure MAC and IP addresses or interfaces of terminals on the switch and associate MAC and IP addresses or interfaces with VLANs. Only terminals matching a policy can be added to a specific VLAN. If the IP or MAC addresses of terminals added to a VLAN are changed, they will exit from the VLAN.



At last, when configured with different ways, the MAC address-based VLAN assignment has the highest priority, then the IP subnet-based VLAN assignment, protocol-based VLAN assignment and finally the interface-based VLAN assignment mode. 


The interface-based VLAN assignment has the lowest priority but is the most common VLAN assignment mode.


  • x
  • convention:

Reply

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!
Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login