Manualshelf

Technical data

ManualsBrandsMeru Networks ManualsComputer equipmentOAP180
221222223224225226227228229230
© 2012 Meru Networks, Inc. Configuring VLANs 201
Chapter 12
Configuring VLANs
A virtual local area network (VLAN) is a broadcast domain that can span across wired
or wireless LAN segments. Each VLAN is a separate logical network. Several VLANs
can coexist within any given network, logically segmenting traffic by organization or
function. In this way, all systems used by a given organization can be interconnected
independent of physical location. This has the benefit of limiting the broadcast
domain and increasing security. VLANs can be configured in software, which enhances
their flexibility. VLANs operate at the data link layer (OSI Layer 2), however, they are
often configured to map directly to an IP network, or subnet, at the network layer
(OSI Layer 3). You can create up to 512 VLANs.
IEEE 802.1Q is the predominant protocol used to tag traffic with VLAN identifiers.
VLAN1 is called the default or native VLAN. It cannot be deleted, and all traffic on
it is untagged. A trunk port is a network connection that aggregates multiple VLANs
or tags, and is typically used between two switches or between a switch and a router.
VLAN membership can be port-based, MAC-based, protocol-based, or authentica-
tion-based when used in conjunction with the 802.1x protocol. Used in conjunction
with multiple ESSIDs, VLANs support multiple wireless networks on a single Access
Point using either a one-to-one mapping of ESSID to VLAN, or mapping multiple ESSIDs
to one VLAN. By assigning a security profile to a VLAN, the security requirements can
be fine-tuned based on the use of the VLAN, providing wire-like security or better on
a wireless network.
VLAN assignment is done for Radius-based MAC filtering and authentication. VLAN
assignment is not done in Captive Portal Authentication by any of the returned attri-
butes. Because VLANs rely on a remote switch that must be configured to support
trunking, also refer to the Meru Wi-Fi Technology Note WF107, “VLAN Configuration
and Deployment.” This document contains the recommended configuration for
switches as well as a comprehensive description of VLAN configuration and deploy-
ment.
Configure and Deploy a VLAN
VLANs can be configured/owned either by E(z)RF Network Manager or by a controller.
You can tell where a profile was configured by checking the read-only field Owner;
the Owner is either nms-server or controller.