My name is Naveed Babar, an Independent IT Expert and researcher. I received my Masters Degree an IT. I live in Peshawar, Khyber Pakhtunkhwa, Pakistan. Buzzwords in my world include: Info tech, Systems, Networks, public/private, identity, context, youth culture, social network sites, social media. I use this blog to express random thoughts about whatever I am thinking.

Saturday, April 9, 2011

Speedy VLANs


IT managers are always looking for ways to do their jobs more efficiently, while still providing the quality of service that their clients expect. Virtual LAN technology (VLAN) can help them on both fronts, by easing administrative chores and improving enterprise network performance. VLANs allow IT managers to group users and resources in any way they like, regardless of the physical LAN segment to which those resources are attached. An organization may want to group all users in the marketing department on the same
VLAN with the servers that host the applications and data they use most often, for example. The users who belong to that marketing group may be spread throughout a building, or even the country, but they can still belong to the same VLAN.
This type of flexibility in grouping users and resources stands in stark contrast to the days when IT managers were restricted to grouping resources solely by the port to which they were connected. Any changes to the network configuration required a visit to one or more wiring closets to physically move the user or resource from one port to another.With VLANs, such changes can be performed in software, from a central administrative console, thus greatly improving efficiency. At the same time, VLANs can be used to improve network
performance in a number of ways – by grouping users that communicate often with one another on the same VLAN, for example, or by creating a VLAN for use by “power users” that tend to consume a lot of network bandwidth.
VLANs are most suitable for mid- to large size companies, but even smaller companies with highly demanding users may benefit. Essentially, any organization with a network large enough that it needs to be segmented in some fashion can benefit.



When they first came on the scene in the mid 1990s, there were three basic ways to build a VLAN on any given switch or router. The port-based model called for assigning each router or switch port to a specific VLAN. Ports 1-5, for example, might be the engineering VLAN, while ports 6-10 belong to the marketing
VLAN. Some ports may be assigned to more than one VLAN, such as a port that connects a server used by multiple groups. Administrators could make changes to port and VLAN assignments from a central console, rather than physically pulling and rearranging wires. If a repeater was attached to any port, however, all the devices connected to that repeater must belong to the same VLAN. Another approach was to assign resources to VLANs based on their unique media access control (MAC) address. The switch or router supporting the VLAN maintained a list detailing which MAC addresses belong to which VLAN, and routed
traffic accordingly based on the source or destination MAC address. The drawbacks to this method included the time required to assign each MAC address to a given VLAN. Assigning the same MAC address to multiple VLANs could also wreak havoc with bridges and routers, making it difficult to share server resources among separate VLANs. Layer 3-based VLANs group resources according to the protocol and Layer 3 address they employ. In this fashion, all IP or IPX traffic can be assigned to its own VLAN, or perhaps all wireless LAN and Voice over IP (VoIP) traffic. The Layer 3 approach also enables all non-routable protocols to share a VLAN, thus limiting the effect of broadcasts on the rest of the network, improving performance for all users.

No comments:

Comments

Search This Blog

Followers