Features
Features:

Product Tour >

Edraw AI >

Paid Plans:

Individuals >

Business >

Eduaction >
Resources
Blog

History

How-tos & Tips

Discovery

Biography

Business Analysis

Examples

AI concept Map

Free AI Mind Map Generator

Onenote Mind Map

Bcg Matrix Examples

Nike Marketing Strategy

Unilever SWOT Analysis

Make Mind Maps in Google Docs

Guide

FAQs

What's New

Resource Center
Templates
All Templates

Brain Storming Templates

Strategy and Planning Templates

Project Management Templates

Product Management Templates

Human Resources Templates

Agile Workflow Templates

Marketing Templates

Education Templates

Fun and Games Templates

User Gallery
Download
Pricing
Enterprise

Virtual LAN mind map

A virtual LAN (VLAN) is a group of logical devices and users that are not restricted by physical location. They can be organized according to factors such as functions, departments, and applications, and communicate with each other as if they were in a network. They are the same in the same network segment, hence the name virtual LAN.

Edited at 2021-08-01 22:23:26

PlotWizard

Recent works View more works>>

Virtual LAN mind map

PlotWizard

Recent works View more works>>

Recommended to you
Outline

vlan

The role of vlan

To split a LAN, the cost of routers is high and there are few ports. Creating a more flexible virtual LAN is used to split broadcast domains, which is flexible and convenient.

vlan port role

access

It is mainly connected to terminal equipment such as PCs. The port generally only allows one vlan to enter and exit.

At the entrance

Standard Ethernet frames will be marked with the PVID of the port.

When exporting

If the identifier of the frame is the same as the PVID of the port, remove the identifier and forward it; otherwise, discard the packet directly.

trunk

Mainly connected to switches and routers, allowing multiple vlans to enter and exit

At the entrance

If the incoming frame has no identification, add identification according to the PVID of the trunk; if the incoming frame has identification, the identification remains unchanged and enters the switch.

When exporting

First check whether the port allows the VLAN with the identification to pass through. If it allows it, look at the PVID of the port. If the identification is the same as the PVID, then the identification will be transferred out, that is, the standard Ethernet frame will be transferred out; otherwise, the identification will be transferred out, and it will be 802.1 Q frame

hybrid

Mainly connected to terminals, switches and routers, allowing multiple vlans to enter and exit

At the entrance

If the incoming frame has no identification, add identification according to the PVID of the hybrid; if the incoming frame has identification, the identification remains unchanged and enters the switch.

When exporting

First, compare the PVIDs of the hybrid ports to see if they are the same. If they are the same, remove the identification and transfer it out. What is transferred out is a standard Ethernet frame. If they are different, compare it with the untagged. If the vlan identification contained in the untagged is the same as the identification of the outgoing frame, then remove the identification. Transfer out. What is transferred out is a standard Ethernet frame; if the vlan ID contained in untagged is different from the ID of the outgoing frame, the data packet will be discarded directly.

vlan experiment

Access port configuration of a single switch VLAN and changes in incoming and outgoing port data packets

sw1:

[H3C]sysname sw1

[sw1]vlan 10

[sw1-vlan10]port g1/0/1

[sw1-vlan10]port g1/0/3

[sw1-vlan10]vlan 20

[sw1-vlan20]port g1/0/2

[sw1-vlan20]port g1/0/4

[sw1-vlan20]quit

Check the vlan of sw1:

PC2 pings PC3. PC2 is in vlan10 and PC3 is in vlan20. The ping should not work.

PC2 pings PC4. PC2 is in vlan10 and PC4 is also in vlan20. It should ping successfully.

PC3 ping PC5, PC3 is in vlan20, PC5 is also in vlan20, it should ping successfully

Experiment on different VLAN communication under layer 2 switch (special case)

sw1:

[H3C]sysname sw1

[sw1]vlan 10

[sw1-vlan10]port g1/0/1

[sw1-vlan10]port g1/0/2

[sw1-vlan10]quit

sw2:

[H3C]sysname sw2

[sw2]vlan 20

[sw2-vlan20]port g1/0/1

[sw2-vlan20]port g1/0/2

[sw2-vlan20]quit

PC3 ping PC4 can ping successfully

When PC3's frame enters sw1, the PVID of sw1's G1/0/1 port is marked with vlan10, and the frame goes out at G1/0/2. Because the PVID of G1/0/2 is 10, the outgoing port is removed and marked on sw2. G1/0/1 is marked with vlan20, and sw2 is used to remove the mark from G1/0/2, so it can be pinged across vlans.

VLAN trunk port configuration and label changes

Sw1:

[H3C]sysname sw1

[sw1]vlan 10

[sw1-vlan10]port g1/0/1

[sw1-vlan10]vlan 20

[sw1-vlan20]port g1/0/2

[sw1-vlan20]quit

[sw1]int g1/0/3

[sw1-GigabitEthernet1/0/3]port link-type trunk

[sw1-GigabitEthernet1/0/3]port trunk permit vlan 10 20

[sw1-GigabitEthernet1/0/3]port trunk pvid vlan 10

[sw1-GigabitEthernet1/0/3]quit

Sw2:

[H3C]sysname sw2

[sw2]vlan 10

[sw2-vlan10]port g1/0/1

[sw2-vlan10]vlan 20

[sw2-vlan20]port g1/0/2

[sw2-vlan20]quit

[sw2]int g1/0/3

[sw2-GigabitEthernet1/0/3]port link-type trunk

[sw2-GigabitEthernet1/0/3]port trunk permit vlan 10 20

[sw2-GigabitEthernet1/0/3]port trunk pvid vlan 10

[sw2-GigabitEthernet1/0/3]quit

Check the vlan of sw1

PC3 ping PC4 different vlan, ping failed

PC3 ping PC5 same vlan

Use wireshark to capture packets and capture PC4 ping PC6 packets. Analyze the package of sw1G1/0/2

Analyze the packets of sw1G1/0/3, that is, the packets on the trunk link

Hybrid port configuration of vlan

<H3C>sys

[H3C]sysname sw1

[sw1]vlan 10

[sw1-vlan10]vlan 20

[sw1-vlan20]vlan 30

[sw1-vlan30]quit

[sw1]int g1/0/1

[sw1-GigabitEthernet1/0/1]port link-type hybrid

[sw1-GigabitEthernet1/0/1]port hybrid vlan 10 30 untagged

[sw1-GigabitEthernet1/0/1]port hybrid pvid vlan 10

[sw1-GigabitEthernet1/0/1]quit

[sw1]int g1/0/2

[sw1-GigabitEthernet1/0/2]port link-type hybrid

[sw1-GigabitEthernet1/0/2]port hybrid vlan 20 30 untagged

[sw1-GigabitEthernet1/0/2]port hybrid pvid vlan 20

[sw1-GigabitEthernet1/0/2]quit

[sw1]int g1/0/3

[sw1-GigabitEthernet1/0/3]port link-type hybrid

[sw1-GigabitEthernet1/0/3]port hybrid vlan 10 20 30 untagged

[sw1-GigabitEthernet1/0/3]port hybrid pvid vlan 30

[sw1-GigabitEthernet1/0/3]quit

PC2 can ping PC4

PC2 can not ping PC3