Manualshelf

HP VPN Firewall Appliances Network Management Configuration Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
51525354555657585960
33
VLAN types
You can implement VLANs based on the following criteria:
Port
MAC address
Protocol
IP subnet
Policy
Other criteria
Among these types of VLANs, the device only supports configuring port-based VLANs. This chapter
describes only port-based VLANs.
Introduction to port-based VLAN
Port-based VLANs group VLAN members by port. A port forwards traffic for a VLAN only after it is
assigned to the VLAN.
Port link type
You can configure the link type of a port as access, trunk, or hybrid. The link types use the following
VLAN tag handling methods:
Access port—Belongs to only one VLAN and sends traffic untagged. Access ports are usually used
to connect a terminal device unable to identify VLAN-tagged packets, or are used when separating
different VLAN members is unnecessary. As shown in Figure 16,
Device A is connected to common
PCs that cannot recogni
ze VLAN-tagged packets, and you must configure Device A's ports that
connect to the PCs as access ports.
Trunk port—Carries multiple VLANs to receive and send traffic for them. Except traffic from the port
VLAN ID (PVID), traffic sent through a trunk port will be VLAN-tagged. Usually, ports that connect
network devices are configured as trunk ports. As shown in Figure 16, D
evice A and Devi
ce B need
to transmit packets of VLAN 2 and VLAN 3, and you must configure the ports interconnecting
Device A and Device B as trunk ports and assign them to VLAN 2 and VLAN 3.
Hybrid port—A hybrid port allows traffic of some VLANs to pass through untagged and traffic of
some other VLANs to pass through tagged. Usually, hybrid ports are configured to connect devices
whose support for VLAN-tagged packets you are uncertain about. As shown in Figure 16, D
evice C
connec
ts to a small-sized LAN in which some PCs belong to VLAN 2 and other PCs belong to VLAN
3, and Device B is uncertain about whether Device C supports VLAN-tagged packets. On Device
B, configure the port connecting to Device C as a hybrid port to allow packets from VLAN 2 and
VLAN 3 to pass through untagged.