subject: On Vlan Technology In The Wired Broadband Network Application - Cable Television Network, Vlan, [print this page] Today, cable broadband technologies become more sophisticated, it uses the existing cable TV networks based CableModem high-speed access to Internet, because cable networks are available only occupying part of the spectrum, when the user access television and telephone does not produce any effect, for the common dial-up network and the need for secondary wiring for fiber access networks have unique advantages
Has become a major Internet Service Provider (ISP) is one. Therefore, how to manage the cable broadband network has become a priority, came into being in the virtual local area network technology, with its flexible configuration, the network broadcast storm control, efficient management of network security advantages of the solution to the problem of effective management measures.
1 VLAN Technology Overview So-called virtual local area network technology is in a different physical location of nodes can form a logical subnet as needed, that is, a VLAN is a logical broadcast domain, it can be extended to multiple network devices. VLAN can exist in different physical network segment, different nodes in the network topology to form a virtual local area networks, it can be artificially nodes in the same physical network segment logically isolated from each other, it can be in different physical network segment node logically interrelated.
Network broadcast storm control for main physical network segmentation and logical VLAN segmentation in two ways, which is more flexible and efficient.
The same VLAN in the same broadcast domain, that is, through the VLAN classification helps to reduce the network broadcast, so as to control the broadcast storm. At the same time the communication between different VLAN routing control to go through, so good planning and design of various members of VLAN, frequent communication within the network of users concentrated in the same VLAN as much as possible, the gateway can reduce the flow, so both effective and saves network bandwidth, but also improves network efficiency.
2.2 control network IP address of the internal theft
Today, the campus network has the number of nodes and more end-user features, the increase in the number of users makes the network IP address of a corresponding increase in theft, seriously affected the normal use of the network. After the establishment of VLAN, the VLAN in any of the IP address of a computer must be assigned to the VLAN in the IP range, or the router will not pass the audit and, therefore, can not communicate, so we can effectively be IP- theft control within the VLAN.
2.3 to improve the overall security of the network
Establishing VLAN, the same VLAN within the direct communication between computers, the communication between different VLAN to be routed through a router gateway routing, transmission, can be isolated based on the broadcast information (such as machine name, DHCP information, etc.) so that it can effectively prevent unauthorized access, greatly improve the overall network security. In addition, by routing access control lists, MAC address assignment, shielding VLAN routing information technology, can effectively control user access and network resource security.
2.4 to increase the flexibility of network management, easy network maintenance
For Ethernet, if some users of the segment re-classification would require the network administrator of the network once the physical structure adjustment, and even need additional network equipment to the network management has brought a lot of management capacity; while the use of VLAN technology, networks, only network management center in the network segment to the user VLAN can be re-divided, while simplifying the management of the network to facilitate maintain, improve work efficiency.
3 VLAN classification mode According to the exchange capacity of the switch, VLAN can be divided into two categories: Layer 2 switching and Layer 3 switching. Layer 2 switching is based on the second tier layer model OSI7 bridge architecture, port-based VLAN and VLAN based on MAC address belongs to such; layer 3 switching is based on the OSI7 layer model layer 3 protocol (IP , IPX, etc.) to division.
3.1 Port-based VLAN
The most effective method of VLAN classification, only the exchange port for network devices to re-assign the logical combination of the different segments in the can, regardless of the port connected equipment is. Assigned to the same VLAN on each network segment to all nodes in the same broadcast domain, can directly communicate, the communication between nodes in different VLAN will need a router or Layer 3 switch
