RUT230 VLAN: Difference between revisions

From Teltonika Networks Wiki
No edit summary
No edit summary
 
(9 intermediate revisions by 3 users not shown)
Line 1: Line 1:
==Summary==
{{Template: Networking_rutos_manual_vlan_rut2_rut9
 
<!------------------------DEVICE----------------------->
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). [[LAN]] is the abbreviation for local area network and in this context virtual refers to a physical object recreated and altered by additional logic. VLANs work by applying tags to network packets and handling these tags in networking systems - creating the appearance and functionality of network traffic that is physically on a single network but acts as if it is split between separate networks. In this way, VLANs can keep network applications separate despite being connected to the same physical network, and without requiring multiple sets of cabling and networking devices to be deployed.
| name          = RUT230
 
| series        = RUT2
VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links. It also has benefits in allowing networks and devices that must be kept separate to share the same physical cabling without interacting, for reasons of simplicity, security, traffic management, or economy. For example, a VLAN could be used to separate traffic within a business due to users, and due to network administrators, or between types of traffic, so that users or low priority traffic cannot directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to separate their customers' private zones from each other, allowing each customer's servers to be grouped together in a single network segment while being located anywhere in their datacenter. Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known as VLAN hopping.
<!----------------------SEPARATORS--------------------->
 
| eth            = 2 <!-- How many Eth ports -->
This chapter is an overview of the '''VLAN''' function of '''RUT2xx''' devices.
| portbased      = 0  <!-- Is Port Based VLAN available -->
 
| wan            = 1  <!-- Is WAN port present -->
==VLAN Networks==
| interfacebased = 1 <!-- Is Interface Based VLAN available -->
 
}}
The VLAN Networks tab is used to enable Port based or Tag based VLAN.
 
[[Image:Networking rut2xx manual vlan mode.png|border]]
 
As you can see in the image above, VLAN is disabled by default. To enable VLAN functionality, select either Port based or Tag based VLAN mode. Once you have selected the desired functionality, you will be able to configure it.
 
===VLAN Functionality===
----
====Port Based====
----
Port based VLAN is a method to create separate LAN networks on different LAN ports. The method is pretty simple: first you have to configure an [[#LAN_Networks|alternate LAN network]], then you have you to choose which LAN port (s) will provide addresses for that network. More detailed information is provided in the table below.
 
[[Image:Networking rut2xx manual vlan port based.png|border]]
 
<table class="nd-mantable">
    <tr>
        <th>field name</th>
      <th>value</th>
      <th>description</th>
    </tr>
    <tr>
      <td>VLAN ID</td>
      <td>integer [1..4094]; Default: '''1'''</td>
      <td>VLAN Identification number used for management purposes</td>
    </tr>
    <tr>
      <td>LAN ports 1 | 2 </td>
      <td>On | Off | Tagged; Default: '''On'''</td>
      <td>Selects which LAN ports are to be used with your VLAN. If you check a port as "'''On'''", it will be a part of the network specified in the '''LAN''' section of this tab. If you leave it as "'''Off'''", it will continue to function as before</td>
    </tr>
    <tr>
    <td>Wireless access points</td>
        <td>yes | no; Default: '''no'''</td>
        <td>Assigns selected Wi-Fi access point(s) to the selected LAN network</td>
    </tr>
    <tr>
    <td>LAN</td>
        <td>none | lan | custom; Default: '''None'''</td>
        <td>Assigns selected LAN ports and wireless access point(s) to a LAN network</td>
    </tr>
</table>
 
====Tag Based====
----
Multiple VLANs can be used through a single Ethernet port. Tags containing the respective VLAN identifiers indicating the VLAN to which the frame belongs are attached to the individual Ethernet frames.
 
[[Image:Networking rut2xx manual vlan tag based.png|border]]
 
<table class="nd-mantable">
    <tr>
        <th>field name</th>
      <th>value</th>
      <th>description</th>
    </tr>
    <tr>
      <td>VLAN ID</td>
      <td>integer [1..4094]; Default: '''1'''</td>
      <td>VLAN Identification number used for management purposes</td>
    </tr>
    <tr>
      <td>Wireless access points</td>
      <td>yes | no; Default: '''no'''</td>
      <td>Assigns selected Wi-Fi access point(s) to the selected LAN network</td>
    </tr>
    <tr>
    <td>LAN</td>
        <td>none | lan | custom; Default: '''None'''</td>
        <td>Assigns selected LAN ports and wireless access point(s) to a LAN network</td>
    </tr>
</table>
 
For more a detailed configuration example, check out this '''[[VLAN tag based configuration examples|article]]'''.
 
==LAN Networks==
 
The LAN Networks page provides you with the possibility to create alternate LAN instances that will be used with VLAN. One default instance will be already in place and it will have the configurations from your router's main LAN. Regarding other instances, you can configure everything that you could in the main [[LAN]] section, except for the fact that will not be able to use them as the main configuration for your router's LAN.
 
[[Image:Networking rut2xx manual vlan lan networks.png|border]]
 
To create a new LAN instance, type in a name for it in the '''LAN name''' field and click the '''Add New''' button located next to it. After this you will see that your new instance has appeared in the '''LAN Networks list'''. To configure an instance, click the '''Edit''' button located next to it. The configuration is identical to regular [[LAN|LAN configuration]].
 
[[Category:RUT230 WebUI]]

Latest revision as of 14:42, 8 April 2024

Main Page > EOL Products > RUT230 > RUT230 Manual > RUT230 WebUI > RUT230 Network section > RUT230 VLAN

The information in this page is updated in accordance with firmware version RUT2_R_00.07.03.4.

Notice: This device has entered it's EOL (End of Life) cycle. For more information, visit our EOL policy here. Temporarily, some content in this page might not match features found in firmware listed above.


Note: click here for the old style WebUI (FW version RUT2XX_R_00.01.14.7 and earlier) user manual page.

Summary

A Virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). LAN is the abbreviation for local area network and in this context virtual refers to a physical object recreated and altered by additional logic. VLANs work by applying tags to network packets and handling these tags in networking systems - creating the appearance and functionality of network traffic that is physically on a single network but acts as if it is split between separate networks. In this way, VLANs can keep network applications separate despite being connected to the same physical network, and without requiring multiple sets of cabling and networking devices to be deployed.

VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links. It also has benefits in allowing networks and devices that must be kept separate to share the same physical cabling without interacting, for reasons of simplicity, security, traffic management, or economy. For example, a VLAN could be used to separate traffic within a business due to users, and due to network administrators, or between types of traffic, so that users or low priority traffic cannot directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to separate their customers' private zones from each other, allowing each customer's servers to be grouped together in a single network segment while being located anywhere in their datacenter. Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known as VLAN hopping.

This chapter is an overview of the VLAN section for RUT230 devices.

If you're having trouble finding this page or some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Advanced" button, located at the top of the WebUI.


Interface Based

This section is an overview of created VLAN Devices.

Device Settings


The Device Settings section is used to configure the main parameters of a Q-in-Q device. Refer to the tables below for information on the configuration fields in the Q-in-Q Device Settings section.

Field Value Description
Tag [1..4094]; default: none 802.1 VLAN tag.
Type 802.1AD | 802.1Q; default: 802.1AD The type of this Device.
Interface ethernet network interface; default: eth0 Ethernet network interface associated with this Device.

Q-IN-Q Devices


Q-in-Q VLAN tunnel enables a possibility to segregate the traffic of different users in their infrastructure, while still giving a full range of VLANs for their internal use by adding a second tag to an already tagged frame.

By default the Q-in-Q Devices list is empty. To create a new Q-in-Q Device, enter as custom name for it and click the 'Add' button. After this you will be able to configure it's 802.1Q Tag and Tagged interface.

Field Value Description
802.1Q Tag [1..4094]; default: none 802.1Q VLAN tag.