User Guide
Table Of Contents
- Chapter 1 – Getting Started
- Chapter 2 – System Status
- Chapter 3 – Quick Start
- Chapter 4 – System Management
- Chapter 5 – Port Management
- Chapter 6 – VLAN Management
- Chapter 7 - Spanning Tree Management
- Chapter 8 - MAC Address Management
- Chapter 9 – Multicast
- Chapter 10 - IP Interface
- Chapter 11 - IP Network Operations
- Chapter 12 – Security
- Chapter 13 - Access Control List
- Chapter 14 - Quality of Service
- Chapter 15 - Maintenance
- Chapter - 16 Support
76
Chapter 6 – VLAN Management
VLANs
A VLAN is a logical group of ports that enables devices associated with it to communicate with
each other over the Ethernet MAC layer, regardless of the physical LAN segment of the bridged
network to which they are connected.
Each VLAN is configured with a unique VLAN ID (VID) with a value from 1 to 4094. A port on a
device in a bridged network is a member of a VLAN if it can send data to and receive data from the
VLAN. A port is an untagged member of a VLAN if all packets destined for that port into the VLAN
have no VLAN tag. A port is a tagged member of a VLAN if all packets destined for that port into
the VLAN have a VLAN tag. A port can be a member of only one untagged VLAN but can be a
member of multiple tagged VLANs.
A port in VLAN Access mode can be part of only one VLAN. If it is in General or Trunk mode, the
port can be part of one or more VLANs.
VLANs address security and scalability issues. Traffic from a VLAN stays within the VLAN, and
terminates at devices in the VLAN. It also eases network configuration by logically connecting
devices without physically relocating those devices.
If a frame is VLAN-tagged, a four-byte VLAN tag is added to each Ethernet frame. The tag
contains a VLAN ID between 1 and 4094, and a VLAN Priority Tag (VPT) between 0 and 7. See
QoS Operation
for details about VPT.
When a frame enters a VLAN-aware device, it is classified as belonging to a VLAN, based on the
four-byte VLAN tag in the frame.
If there is no VLAN tag in the frame or the frame is priority-tagged only, the frame is classified to
the VLAN based on the PVID (Port VLAN Identifier) configured at the ingress port where the
frame is received.