VLAN(VLAN)

一、vlan的用途

①情形:

不同部门终端连接在同一广播域中

同一部门的终端连接在不同的广播域中

 可解决泛洪造成的通信效率下降问题

*可解决随着广播域扩大而造成的性能和安全性降低问题

*逻辑上把一个物理局域网分隔为多个广播域,每个广播域称为“虚拟”局域网

②vlan:虚拟局域网技术

通过逻辑手段重新分配物理资源的虚拟化技术

*所有华为交换机出厂所有的端口默认都属于vlan1,同一广播域。

设想:把交换机的端口分配到不同的vlan里面,不同vlan间属于不同广播域,相同的vlan 属于同一广播域。

这样就可以将一个大的广播域划分为多个小的广播域。

通过逻辑的方式,将某些特定的设备 组成一个广播域

无需考虑设备连接 的是否为同一台交换机

③vlan特点

每个网络终端设备只能属于一个vlan,一个vlan里面可以有多个终端;

属于同一vlan设备可以通过二层直接通信;

属于不同vlan设备间只能通过IP路由功能才能实现通信

二、vlan的 原理

————————

1、 Purpose of VLAN

① Situation:

Terminals of different departments are connected in the same broadcast domain

Terminals of the same department are connected in different broadcast domains

It can solve the problem of communication efficiency degradation caused by flooding

*It can solve the problem of performance and security degradation caused by the expansion of broadcast domain

*Logically, a physical LAN is divided into multiple broadcast domains, and each broadcast domain is called “virtual” LAN

② VLAN: virtual LAN technology

< strong > virtualization technology for reallocating physical resources by logical means < / strong >

*All ports of Huawei switches belong to vlan1 and the same broadcast domain by default.

Assumption: allocate the ports of the switch to different VLANs. Different VLANs belong to different broadcast domains, and the same VLAN belongs to the same broadcast domain.

In this way, a large broadcast domain can be divided into multiple small broadcast domains.

< strong > logically, some specific devices form a broadcast domain < / strong >

It is not necessary to consider whether the equipment is connected to the same switch

③ VLAN characteristics

Each network terminal device can only belong to one VLAN, and there can be multiple terminals in a VLAN;

Devices belonging to the same VLAN can communicate directly through layer 2;

Communication between devices belonging to different VLANs can only be realized through IP routing function

2、 Principle of VLAN