LAN interface

Virtual Local Area Network

English: Virtual local area network

Virtual local area network based on switched Ethernet In switched Ethernet, VLAN technology can be used by the switch The connected physical network is divided into multiple logical subnets. In other words, broadcast packets sent by stations in a virtual local area network will only be forwarded to stations belonging to the same VLAN. In switched Ethernet, each site can belong to a different virtual local area network. The sites that make up a virtual local area network are not limited to their physical locations. They can be connected to the same switch or different switches. The virtual local area network technology makes the topology of the network very flexible. For example, users located on different floors or users in different departments can join different virtual local area networks as needed.

Purpose of division

Network performance

For large networks, the commonly used Windows NetBEUI is the broadcast protocol. When the network is large, there will be a lot of broadcast information on the Internet. , It will deteriorate network performance, and even cause broadcast storms, causing network congestion. What to do then? You can reduce the transmission of broadcast packets within the entire network by dividing many virtual local area networks. Because broadcast information does not cross VLANs, broadcast can be restricted to the range of each virtual network, which means to reduce in terms. The broadcast domain is improved, the transmission efficiency of the network is improved, and the network performance is improved.

Security

Because the virtual networks cannot communicate directly, they must be forwarded through the router, which provides the possibility for advanced security control and enhances the security of the network. In a large-scale network, such as a large group company, there are financial departments, purchasing departments, and customer departments. The data between them is confidential, and only interface data can be provided between them, and other data are confidential. We can isolate different departments by dividing virtual local area networks.

Organizational structure

People in the same department are scattered in different physical locations. For example, the financial department of a group company has branches in each subsidiary, but they are all under the management of the financial department. These data must be kept confidential, but when unified settlement is required, they can be placed in the same virtual local area network across regions (that is, across switches) to achieve data security and sharing. The use of virtual local area network has the following advantages: restraining the broadcast storm on the network; increasing the security of the network; centralized management and control.

There are three main ways to realize virtual local area network based on switched Ethernet: virtual local area network based on port, virtual local area network based on MAC address (hardware address of network card) and virtual local area network based on IP address.

(1) Port-based virtual local area network

Port-based virtual local area network is the most practical virtual local area network. It maintains the most common and commonly used virtual local area network member definition methods, and the configuration is also equivalent It is intuitive and simple. As long as the sites in the local area network have the same network address, the communication between different virtual local area networks needs to pass through the router. The disadvantage of using this method of virtual local area network is that it is not flexible. For example, when a network site moves from one port to another new port, if the new port and the old port do not belong to the same virtual local area network, the user must reconfigure the network address of the site, otherwise, the site will not be able to perform Network communication. In a port-based virtual local area network, each switching port can belong to one or more virtual local area network groups, which is more suitable for connecting to servers.

(2) MAC address-based virtual local area network

In a MAC address-based virtual local area network, the switch tracks the MAC address and switch port of the site, and when a new site accesses the network according to It needs to be classified into a certain virtual local area network, and no matter how the site moves in the network, because its MAC address remains the same, the user does not need to reconfigure the network address. The disadvantage of this kind of virtual local area network technology is that when a site is connected to the network, a relatively complicated manual configuration of the switch is required to determine which virtual local area network the site belongs to.

(3) Virtual local area network based on IP address

In virtual local area network based on IP address, the new site does not need to be configured too much when entering the network, and the switch is based on the network address of each site Automatically divide it into different virtual local area networks. Among the three implementation technologies of virtual local area networks, the IP address-based virtual local area network has the highest degree of intelligence and is the most complicated to implement. VLAN

Advantages of VLAN

Control broadcast storm

A VLAN is a logical broadcast domain. Through the creation of VLANs, broadcasts are isolated and the broadcast range is reduced. Can control the generation of broadcast storms.

Improve security

Through VLAN division principles such as routing access lists and MAC address allocation, user access rights and the size of logical network segments can be controlled, and different user groups can be divided into different VLANs. Thereby improving the overall performance and security of the switched network.

Optimize network management

For switched Ethernet, if the network segment is re-allocated for some users, the network administrator needs to re-adjust the physical structure of the network system, or even Add network equipment to increase the workload of network management. For networks using VLAN technology, a VLAN can divide network users in different geographical locations into a logical network segment according to department functions, object groups, or applications. The workstation can be moved between workgroups or subnets at will without changing the physical connection of the network. The use of virtual network technology greatly reduces the burden of network management and maintenance, and reduces network maintenance costs. In a switched network, VLAN provides a flexible combination mechanism of network segments and institutions.

Three-layer switching technology

Traditional routers have functions such as routing and forwarding, firewalls, and isolating broadcasts in the network. However, in a network that is divided into VLANs, logically divided Communication between different network segments still has to be forwarded through routers. Since the amount of communication data between different VLANs is very large on a local area network, if the router wants to route each data packet once, as the amount of data on the network continues to increase, the router will be overwhelmed and the router will Become a bottleneck in the operation of the entire network.

In this case, the third layer of switching technology appears, which is a technology that combines routing technology and switching technology into one. After the Layer 3 switch routes the first data flow, it will generate a MAC address and IP address mapping table. When the same data flow passes again, it will pass through the second layer directly according to this table instead of routing again. It eliminates the network delay caused by the router's routing selection, improves the efficiency of data packet forwarding, and eliminates the network bottleneck problem that the router may generate. It can be seen that the Layer 3 switch integrates routing and switching, and realizes routing inside the switch, which improves the overall performance of the network.

In a gigabit network with a three-layer switch as the core, in order to ensure the convenience and security of management of different functional departments and the stability of the entire network, VLAN technology can be used to divide the virtual network. The VLAN subnet isolates the broadcast storm and implements security protection for some important departments; and when the physical location of a certain department changes, you only need to set the switch to reorganize the network, which is very convenient, fast, and saves Cost.

Types of interfaces

Routers are used in many LANs. At the same time, in order to match different routes, there are many types of LAN interfaces, such as AUI ports, SC ports, and so on. The LAN interface is mainly used to connect the router to the LAN. Because the types of LANs are also diverse, this also determines that the router's LAN interface types may also be diverse.

Different networks have different LAN interface types. Common Ethernet interfaces mainly include AUI, BNC and RJ-45 interfaces, as well as FDDI, ATM, and optical fiber interfaces. These networks have corresponding LAN interfaces. , The following are the main LAN interfaces.

(1) AUI port

(2) RJ-45 port

(3) SC port

AUI port is used The LAN interface connected with the thick coaxial cable is a "D" 15-pin LAN interface, which is one of the more common ports in a token ring network or a bus network. The router can be connected to the 10Base-5 network through a thick coaxial cable transceiver, but more often it is connected to the 10Base-T Ethernet network by means of an external transceiver repeater (AUI-to-RJ-45).

Of course, the connection with thin coaxial cable (10Base-2) or optical cable (10Base-F) can also be achieved by means of other types of transceiver transponders. The router AUI interface mentioned here is mainly used to connect the network with thick coaxial cable as the transmission medium

RJ-45 port is our most common port, it is our common twisted pair Ethernet port, because twisted pair is mainly used as the transmission medium in Fast Ethernet, so RJ-45 port can be divided into 10Base-T network RJ-45 port and 100Base-TX network RJ- according to the communication rate of the port. Two types of 45 ports.

Among them, the RJ-45 port of the 10Base-T network is usually marked as "ETH" in the router, and the RJ-45 port of the 100Base-TX network is usually marked as "10/100bTX". Most of the Fast Ethernet router technology still adopts 10/100Mbps bandwidth adaptive. In fact, these two RJ-45 ports are exactly the same only in terms of the port itself, but the corresponding network circuit structure in the port is different, so you can't connect it casually.

The SC port is also what we often call the optical fiber port. It is used to connect to the optical fiber. Generally speaking, this optical fiber port is unlikely to be directly connected to the workstation by optical fiber. Generally, it is connected through optical fiber. To switches with fiber ports such as Fast Ethernet or Gigabit Ethernet. This kind of port is generally only available in high-end routers, and is marked with "100b FX".

Related Articles
TOP