port is a collision domain), attention turned to reducing the size of the broadcast
domain at the MAC layer. Virtual networks can also serve to restrict access to
network resources without regard to physical topology of the network, although the
strength of this method remains debatable as VLAN Hopping is a common means of
bypassing such security measures.
Virtual LANs operate at Layer 2 (the data link layer) of the OSI model.
Administrators often configure a VLAN to map directly to an IP network, or subnet,
which gives the appearance of involving Layer 3 (the network layer). In the context
of VLANs, the term "trunk" denotes a network link carrying multiple VLANs, which
are identified by labels (or "tags") inserted into their packets. Such trunks must run
between "tagged ports" of VLAN-aware devices, so they are often switch-to-switch or
switch-to-router links rather than links to hosts. (Note that the term 'trunk' is also
used for what Cisco calls "channels" : Link Aggregation or Port Trunking). A router
(Layer 3 device) serves as the backbone for network traffic going across different
VLANs.
On Cisco devices, VTP (VLAN Trunking Protocol) maintain VLAN configuration
consistency across the entire network. VTP uses Layer 2 trunk frames to manage the
addition, deletion, and renaming of VLANs on a network-wide basis from a
centralized switch in the VTP server mode. VTP is responsible for synchronizing VLAN
information within a VTP domain and reduces the need to configure the same VLAN
information on each switch.
VTP minimizes the possible configuration inconsistencies that arise when changes are
made. These inconsistencies can result in security violations, because VLANs can
cross connect when duplicate names are used. They also could become internally
disconnected when they are mapped from one LAN type to another, for example,
Ethernet to ATM LANE ELANs or FDDI 802.10 VLANs. VTP provides a mapping
scheme that enables seamless trunking within a network employing mixed-media
technologies.
VTP provides the following benefits:
* VLAN configuration consistency across the network
* Mapping scheme that allows a VLAN to be trunked over mixed media
* Accurate tracking and monitoring of VLANs
* Dynamic reporting of added VLANs across the network
* Plug-and-play configuration when adding new VLANs
As beneficial as VTP can be, it does have disadvantages that are normally related to
the Spanning-Tree Protocol (STP) as a bridging loop propagating throughout the
network can occur. Cisco switches run an instance of STP for each VLAN, and since
VTP propagates VLANs across the campus LAN, VTP effectively creates more
opportunities for a bridging loop to occur.
Before creating VLANs on the switch that will be propagated via VTP, a VTP domain
must first be set up. A VTP domain for a network is a set of all contiguously trunked
switches with the same VTP domain name. All switches in the same management
domain share their VLAN information with each other, and a switch can participate in
(2 paginas)
(216 paginas)
(72 paginas)
(60 paginas)
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comentarios a estos manuales