5.5 Configuring VLAN

5.5 Configuring VLAN VLANs are used to organize any group of network nodes into separate broadcast domains. VLANs confine broadcast traffic to the originating group and eliminate broadcast storms in large networks. VLANs provide a secure and efficient network environment. VLANs are based on untagged port groups, or traffic can be explicitly tagged to identify the VLAN group to which it belongs. Untagged VLANs can be used for small networks attached to a single switch. Tagged VLANs should be used for larger networks, and all the VLANs assigned to the inter-switch links. Using multiple spanning trees allow VLAN groups to maintain a stable path between all VLAN members. This reduces the overall amount of protocol traffic crossing the network and provides a shorter reconfiguration time if any link in the spanning tree fails Use the VLAN feature to partition a single IntraCore IC36240 into a VLAN each containing its own set of ports. Packets are forwarded only between ports belonging to the same VLAN. This allows you to restrict access from one segment to another to increase network security or to reduce traffic. To set up VLANs you should specify the ports belonging to the VLAN, the set the IP configuration, individual access map associated with a set of VLANs and enable tagging. Once you have configured the VLAN and copied the information into the startup-config file, the VLAN information applies to the default. The following shows the commands from the VLAN interface configuration mode. Switch(config)# vlan ? Identifier (ID) of the VLAN to be added and configured access-map VLAN-Map global configuration commands filter VLAN Filter global configuration command reset Reset VLAN cfg to factory default Switch(config)# vlan 1 Switch(config-vlan)# ? end End current mode and change to enable mode exit Exit current mode and down to previous mode help Description of the interactive help system name Specify VLAN Name port-member VLAN port member configuration quit Exit current mode and down to previous mode show Show running system information write Write running configuration to memory, network, or terminal Switch(config-vlan)# Refer to Chapter 7 for more information about VLAN configuration. 52 Asante IntraCore IC36240 User’s Manual

5.6 MAC Address Table The MAC Address Table is a table of node addresses that the switch automatically builds by “learning.” It performs this task by monitoring the packets that pass through the switch, checking the source and destination addresses, and then recording the source address information in the table. To see the table, type the following command in privileged mode: Switch# show mac-address-table Vlan Mac Address Type Ports ---- ----------------- ---- ----- 3 00:00:1C:01:00:09 Dynamic eth13 1 00:00:94:00:00:10 Dynamic eth9 1 00:00:94:A0:B6:7B Dynamic eth9 1 00:00:94:AA:64:37 Dynamic eth9 1 00:00:94:D2:53:79 Dynamic eth9 -- 00:00:94:D2:56:EA Self -- 1 00:0A:27:AE:50:66 Dynamic eth9 1 00:50:FC:94:00:0D Dynamic eth9 The switch uses the information in this table to decide whether a frame should be forwarded to a particular destination port or “flooded” to all ports other than to the received port. Each entry consists of three parts: the MAC address of the device, the port number on which it was received, and the VLAN number. The MAC address of the switch is identified as “self”. By default, entries in the switch's MAC address table expire after 300 seconds. To change this value, use the following command in global configuration mode: Switch(config)# mac-address-table aging-time The range is 10–1,000,000 seconds. A value of 0 disables aging. 53 Asante IntraCore IC36240 User’s Manual

