8 Implementing Ethernet Virtual LANs

# 8 Implementing Ethernet Virtual LANs ###### tags: `CCNA` ### Virtual LAN Concepts However, an alternative narrower definition of a LAN can help in understanding the concept of a virtual LAN: **A LAN includes all devices in the same broadcast domain.** A broadcast domain includes the set of all LAN-connected devices, so that when any of the devices sends a broadcast frame, all the other devices get a copy of the frame. **So, from one perspective, you can think of a LAN and a broadcast domain as being basically the same thing.** ![](https://i.imgur.com/MbQMsqJ.png) ![](https://i.imgur.com/xnJ6CMV.png) Limiting the number of hosts that receive a single broadcast frame reduces the number of hosts that waste effort processing unneeded broadcasts. The following list summarizes the most common reasons for choosing to create smaller broadcast domains (VLANs): - **To reduce CPU overhead on each device, improving host performance**, **by reducing the number of devices that receive each broadcast frame** - To reduce security risks by reducing the number of hosts that receive copies of frames that the switches flood (broadcasts, multicasts, and unknown unicasts) - To improve security for hosts through the application of different security policies per VLAN - **To create more flexible designs that group users by department**, or by groups that work together, **instead of by physical location** - To solve problems more quickly, because the failure domain for many problems is the same set of devices as those in the same broadcast domain - To reduce the workload for the Spanning Tree Protocol (STP) by limiting a VLAN to a single access switch ### Creating Multiswitch VLANs Using Trunking ![](https://i.imgur.com/dNtXKQv.png) The design shown in Figure 8-3 works, but it simply does not scale very well. It requires one physical link between switches to support every VLAN. **If a design needed 10 or 20 VLANs, you would need 10 or 20 links between switches, and you would use 10 or 20 switch ports (on each switch) for those links.** ![](https://i.imgur.com/MUS4Kup.png) 使用VLAN Trunk，以這個舉例就可以不需要兩個link ![](https://i.imgur.com/gj2qyuc.png) 拓樸大一些的應用使用VLAN Trunk時 ### The 802.1Q and ISL VLAN Trunking Protocols **This 12-bit field** supports a theoretical maximum of 212 (4096) VLANs, but in practice it **supports a maximum of 4094.** (Both 802.1Q and ISL use 12 bits to tag the **VLAN ID, with two reserved values [0 and 4095].)** ![](https://i.imgur.com/byXO553.png) ### Forwarding Data Between VLANs **The Need for Routing Between VLANs** ![](https://i.imgur.com/73CnOa8.png) **Routing Packets Between VLANs with a Router** ![](https://i.imgur.com/o3sCtSe.png) ### VLAN and VLAN Trunking Configuration and Verification Creating VLANs and Assigning Access VLANs to an Interface ![](https://i.imgur.com/qwB9R8U.png)