Difference between revisions of "Template:Networking rutos manual vlan"
| (41 intermediate revisions by 5 users not shown) | |||
| Line 1: | Line 1: | ||
| − | {{Template: | + | {{Template:Networking_rutos_manual_fw_disclosure |
| − | | | + | | fw_version = {{{series}}}_R_00.02.04.1 |
| − | + | | series = {{{series}}} | |
| − | |||
| − | |||
| − | |||
| − | |||
}} | }} | ||
| − | + | ||
| − | |||
==Summary== | ==Summary== | ||
| − | A | + | A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). LAN is the abbreviation for local area network and in this context virtual refers to a physical object recreated and altered by additional logic. VLANs work by applying tags to network packets and handling these tags in networking systems - creating the appearance and functionality of network traffic that is physically on a single network but acts as if it is split between separate networks. In this way, VLANs can keep network applications separate despite being connected to the same physical network, and without requiring multiple sets of cabling and networking devices to be deployed. |
| − | VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links. It also has benefits in allowing networks and devices that must be kept separate to share the same physical cabling without interacting, for reasons of simplicity, security, traffic management, or economy. For example, a VLAN could be used to separate traffic within a business due to users, and due to network administrators, or between types of traffic, so that users or low priority traffic cannot directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to separate their customers' private zones from each other, allowing each customer's servers to be grouped together in a single network segment while being located anywhere in their datacenter. Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known as VLAN hopping. | + | VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links. It also has benefits in allowing networks and devices that must be kept separate to share the same physical cabling without interacting, for reasons of simplicity, security, traffic management, or economy. For example, a VLAN could be used to separate traffic within a business due to users, and due to network administrators, or between types of traffic, so that users or low priority traffic cannot directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to separate their customers' private zones from each other, allowing each customer's servers to be grouped together in a single network segment while being located anywhere in their datacenter. Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known as VLAN hopping.This chapter is an overview of the '''VLAN''' function of '''RUTX''' devices. |
| − | |||
| − | This chapter is an overview of the VLAN | ||
{{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer | {{Template:Networking_rutos_manual_basic_advanced_webui_disclaimer | ||
| Line 21: | Line 14: | ||
}} | }} | ||
| − | + | ==VLAN Networks== | |
| − | == | ||
| − | The | + | The '''VLAN Networks''' tab is used to manage Port based or Tag based VLAN. This feature is enabled by default. |
| + | [[File:Networking_RUTX_manual_vlan_tag_port_v1.png|alt=|border|class=tlt-border|1101x1101px]] | ||
| + | ===VLAN Settings=== | ||
| + | ---- | ||
| + | '''Port based''' VLAN allows to assign different LAN port to desired LAN networks. The method is pretty simple: first you have to create a VLAN, choose which LAN port(s) will provide addresses for that network and then configure LAN network. | ||
| − | + | '''Tag based''' VLAN allows a single router port to carry traffic from multiple VLAN's. Tags containing the respective VLAN identifiers indicating the VLAN to which the frame belongs are attached to the individual Ethernet frames. | |
| − | |||
| − | |||
| − | + | More information is provided below. | |
| − | + | [[File:Networking_RUTX_manual_vlan_tag_port_info_v1.png|border|class=tlt-border|1101x1101px]] | |
| − | + | <br /> | |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | | | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
<table class="nd-mantable"> | <table class="nd-mantable"> | ||
<tr> | <tr> | ||
| − | <th> | + | <th>field name</th> |
| − | <th> | + | <th>value</th> |
| − | <th> | + | <th>description</th> |
</tr> | </tr> | ||
<tr> | <tr> | ||
<td>VLAN ID</td> | <td>VLAN ID</td> | ||
| − | <td>[1..4094]; | + | <td>[1..4094]; Default: " "</td> |
| − | <td>VLAN Identification number | + | <td>VLAN Identification number</td> |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
</tr> | </tr> | ||
<tr> | <tr> | ||
| − | <td> | + | <td>LAN ports 1 {{!}} 2 {{!}} 3</td> |
| − | + | <td>off {{!}} untagged {{!}} tagged; Default: '''untagged'''</td> | |
| − | <td> | + | <td>Select which and how to use your LAN ports with VLAN. If you check a port as "'''untagged'''", it will be used as port based. If you check a port as "'''tagged'''", it will be used as tag based. If you set it as "'''Off'''", it will disable the port</td> |
| − | + | </tr></table> | |
| − | |||
| − | |||
| − | |||
| − | <td> | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | </tr> | ||
| − | </table> | ||
===Q-IN-Q Devices=== | ===Q-IN-Q Devices=== | ||
---- | ---- | ||
| − | + | Q-in-Q VLAN tunnel enables a possibility to segregate the traffic of different users in their infrastructure, while still giving a full range of VLANs for their internal use by adding a second tag to an already tagged frame. Below is an example of Q-IN-Q configuration section. | |
| − | while still giving a full range of VLANs for their internal use by adding a second tag to an already tagged frame. | ||
| − | |||
| − | |||
| − | |||
| − | [[File: | + | [[File:Networking_RUTX_manual_Q_in_Q.png|border|class=tlt-border|1101x1101px]] |
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
[[Category:{{{name}}} Network section]] | [[Category:{{{name}}} Network section]] | ||
Revision as of 07:38, 3 July 2020
Template:Networking rutos manual fw disclosure
Summary
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2). LAN is the abbreviation for local area network and in this context virtual refers to a physical object recreated and altered by additional logic. VLANs work by applying tags to network packets and handling these tags in networking systems - creating the appearance and functionality of network traffic that is physically on a single network but acts as if it is split between separate networks. In this way, VLANs can keep network applications separate despite being connected to the same physical network, and without requiring multiple sets of cabling and networking devices to be deployed.
VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links. It also has benefits in allowing networks and devices that must be kept separate to share the same physical cabling without interacting, for reasons of simplicity, security, traffic management, or economy. For example, a VLAN could be used to separate traffic within a business due to users, and due to network administrators, or between types of traffic, so that users or low priority traffic cannot directly affect the rest of the network's functioning. Many Internet hosting services use VLANs to separate their customers' private zones from each other, allowing each customer's servers to be grouped together in a single network segment while being located anywhere in their datacenter. Some precautions are needed to prevent traffic "escaping" from a given VLAN, an exploit known as VLAN hopping.This chapter is an overview of the VLAN function of RUTX devices.
If you're having trouble finding this page or some of the parameters described here on your device's WebUI, you should turn on "Advanced WebUI" mode. You can do that by clicking the "Advanced" button, located at the top of the WebUI.
VLAN Networks
The VLAN Networks tab is used to manage Port based or Tag based VLAN. This feature is enabled by default. 1101x1101px
VLAN Settings
Port based VLAN allows to assign different LAN port to desired LAN networks. The method is pretty simple: first you have to create a VLAN, choose which LAN port(s) will provide addresses for that network and then configure LAN network.
Tag based VLAN allows a single router port to carry traffic from multiple VLAN's. Tags containing the respective VLAN identifiers indicating the VLAN to which the frame belongs are attached to the individual Ethernet frames.
More information is provided below.
1101x1101px
| field name | value | description |
|---|---|---|
| VLAN ID | [1..4094]; Default: " " | VLAN Identification number |
| LAN ports 1 | 2 | 3 | off | untagged | tagged; Default: untagged | Select which and how to use your LAN ports with VLAN. If you check a port as "untagged", it will be used as port based. If you check a port as "tagged", it will be used as tag based. If you set it as "Off", it will disable the port |
Q-IN-Q Devices
Q-in-Q VLAN tunnel enables a possibility to segregate the traffic of different users in their infrastructure, while still giving a full range of VLANs for their internal use by adding a second tag to an already tagged frame. Below is an example of Q-IN-Q configuration section.
[[Category:{{{name}}} Network section]]
