Protocol-based VLANs
With protocol-based VLAN membership, computers are assigned to VLANs by using the protocol that is in use and the Layer 3 address. For example, this method enables an Internetwork Packet Exchange (IPX) network or a particular Internet Protocol (IP) subnet to have its own VLAN.
It is important to note that although VLAN membership might be based on Layer 3 information, this has nothing to do with routing or routing functions. The IP numbers are used only to determine the membership in a particular VLANnot to determine routing.
Port-based VLANs
Port-based VLANs require that specific ports on a network switch be assigned to a VLAN. For example, ports 1 through 8 might be assigned to marketing, ports 9 through 18 might be assigned to sales, and so on. Using this method, a switch determines VLAN membership by taking note of the port used by a particular packet. Figure 1 shows an example of a port-based VLAN.
Figure 1 Port-based VLAN configuration.MAC Addressbased VLANs
As you might have guessed, the Media Access Control (MAC) address type of VLAN assigns membership according to the MAC address of the workstation. To do this, the switch must keep track of the MAC addresses that belong to each VLAN. The advantage of this method is that a workstation computer can be moved anywhere in an office without needing to be reconfigured; because the MAC address does not change, the workstation remains a member of a particular VLAN. Table 2 provides examples of MAC addressbased VLANs.
MAC Address |
VLAN |
Description |
---|---|---|
44-45-53-54-00-00 |
1 |
Sales |
44-45-53-54-13-12 |
2 |
Marketing |
44-45-53-54-D3-01 |
3 |
Administration |
44-45-53-54-F5-17 |
1 |
Sales |
Although the acceptance and implementation of VLANs has been slow, the ability to logically segment a LAN provides a new level of administrative flexibility, organization, and security.