Wednesday, March 17, 2010

VLAN guide for networking professionals

For years, virtual LANs have played an important role in basic enterprise networking, enabling engineers to segment portions of their networks for security, management and scalability. The emergence of virtualization and cloud computing networks only makes understanding VLAN implementation more important. VLANs are key to providing management in a world of virtualization, even where virtual machines are constantly migrating, challenging the very basics of network management. In this guide, learn about old and new uses of VLANs in everything from wireless LANs to data center networks.

What is a VLAN?

Before implementing or managing a VLAN, one must understand what a VLAN is. A VLAN, or virtual (logical) LAN, is a local area network with definitions that map workstations based on anything except geographic location. For example, a VLAN might have a definition that maps workstations by department, type of user, and so on. The benefits of VLANs include easier management of workstations, load balancing, bandwidth allocation and tighter security.

VLANs become even more efficient when coupled with server virtualization. In a virtualized data center environment, the VLAN strings the physical servers together and creates a route. By allowing virtual machines to move across physical servers in the same VLAN, administrators can keep tabs on the virtual machines and manage them more efficiently.

What's the best way to configure a VLAN?

There are three ways of configuring a VLAN: static, dynamic and port-centric. The configuration will be based on the needs of the VLAN. For example, for more security, administrators opt for a static VLAN, which assigns the VLAN membership to a switch's port; whereas a dynamic VLAN assigns the VLAN membership to the MAC address of the host or device. Switches that support VLANs establish the VLAN by either frame-tagging or filtering, both of which look at the frame and decide where it should be sent. Frame tagging "tags" a frame to keep track of it as it travels through the switch's fabric. Frame filtering examines specific information from each frame through a filtering table that is developed for the switch, allowing for examination of many different frame attributes. But frame filtering is less scalable than frame tagging because each frame needs to be referenced to a filter table. Frame tagging is considered the most efficient way to go, according to IEEE 802.1q.

For futher reading, please refer to VLAN guide for networking professionals.

No comments: