Roles for the Desktop Switch and Switch 1000
Benefits of switching over bridging
A Core Competence Product Evaluation
Virtual LAN support
Deployment of dedicated switching to the desktop (or boundary as 3Com defines switching at the network edge) is not merely an investment in bandwidth. An equally important consideration - and in our opinion, where the real economy and incentives for LAN switching are demonstrated - is the ability to perform the dreaded moves, adds, drops and changes in what 3Com calls a "location- and topology-independent manner", through the definition and soft configuration of Virtual LANs (VLANs).
Virtual LANs are managed and addressed exactly
as if one were configuring a group of end stations connected via
a run of coax or connected via a hub (repeater): in an IP environment,
for example, all end stations in a given VLAN would be assigned
IP addresses from a common network number and would share a common
IP subnet mask.
 | The figure at the right illustrates a configuration of the Switch 1000 with two VLANs. We configured both the blue and red VLANs (VLAN1 and VLAN2, respectively) with splinters of our class C address using a 28-bit subnet mask, thereby allowing 14 hosts per VLAN. |
| Figure 5. VLANs on a single switch | |
| A single VLAN can span multiple VLAN-capable switches when connected via a 10/100 Mbps port configured to be a Virtual LAN Trunks (the trunk actually carries traffic for multiple VLANs, and traffic remains segregated within individual VLANs).
We connected the Desktop Switch (top) to the Switch 1000 (bottom) using the 100 Mbps Fast Ethernet ports as our Virtual LAN Trunk. All end stations belonged to the default VLAN (VLAN1). |  |
| Figure 6. Virtual LAN Trunk between a Desktop Switch and Switch 1000 | |
| Multiple VLANs can be interconnected by configuring a port from each VLAN as a backbone port, and connecting the backbone ports of each VLAN to a router(s).
In a subsequent test configuration, we divided the end stations on both switches into three VLANs. VLAN1 (blue) and VLAN2 (red) have a primary route via a dual-port Ethernet router, whereas VLAN2 and VLAN3 have a primary route via a pair of routers connected using ISDN. |  |
| Figure 7. Multiple VLANs, Virtual LAN Trunking, Router backbone ports between VLANs |
 | Our "production" deployment of VLANs connected the blue inside LAN to the red outside LAN. We recreated a screened subnet topology using VLANs that was previously supported by unmanaged shared media hubs.
We note that backbone ports can also be configured in pairs, where a standby port is associated with a primary port for resiliency against failure. |
| Figure 8. VLANs connected via a router | |
Using these techniques, coupled with WAN connections, VLANs can be connected and extended across wide area topologies. This means that an desktop end station in New York City can be connected to the same virtual LAN as a server in San Diego. The more common application of VLANs may be to facilitate the move of an employee from an office on the fifth floor whose PC is attached to the "Accounting LAN" to the third floor "Engineering LAN" without requiring a change in addressing (or cabling). And since end stations forming a VLAN cannot communicate with stations forming other VLANs through an intervening router, a network administrator can choose to segregate engineering from accounting entirely, or (s)he may use frame and packet filtering to constrain certain traffic within a single VLANs (e.g., SNA traffic is only allowed from accounting desktops to a mainframe) while permitting other traffic, e.g., IP traffic from any station in both VLANs to an Intranet server. VLANs can also be an effective method of confining protocol specific multicast and broadcast traffic
Want to know more about VLANs