A VLAN Plan Katherine Cunningham Axia College of University of Phoenix January 31, 2010 A VLAN Plan As corporate computer networks have grown more complex, so too has the need to maintain a logical layout of these networks. For example, a local company may have the need for more customer service associates for their call center than it can comfortably hold while the engineering department does not take up even half of their floor.
Using a virtual local area network (VLAN), the network administrator can add customer service associates to the engineering floor while maintaining the logical organization that simply allows proper access to services and data security. Instituting a VLAN provides a network administrator with several benefits. VLANs, defined by manageable switches, are a way to ensure users maintain connectivity to the devices they need to connect with, regardless of physical location.
Because broadcast (packets sent to everyone) and multicast (packets meant for multiple hosts) packets can present a security issue (if an engineering file transmits across the customer service network), a VLAN ensures only computers on the same VLAN will see the broadcast. Should a network administrator add a customer service associate to the engineering floor and use workgroups to determine services, unnecessary network traffic is created as the customer service associate traverses the engineering network to access those files and services necessary to customer service associates.
In the scenario presented for this assignment, four logical divisions exist for the company’s network: operations, engineering, marketing, and the call center. The company is expanding and needs to shuffle people off their home floors and onto other floors and even into other locations. By segregating the company network into four broadcast domains, the network administrator can prevent the network from becoming flooded with traffic so that bandwidth is not consumed. Keeping broadcast packets on the VLAN for which they were ntended increases security. The network administrator likely will use layer three switches instead of routers for segmenting the network. Layer three switches have evolved to process more packets per second than a traditional router; making the layer three switch an easy choice. Layer three switches provide an advantage over layer two switches, as the layer two switch results in additional latency from the way it handles determining destination addresses. Configuring a VLAN requires trunking to be configuration on the switches.
Trunking is the protocol used to make all network devices aware of one another. IEEE 802. 1Q is a trunking protocol that can be used on switches regardless of manufacturer, while ISL is Cisco’s proprietary version. If using only Cisco equipment, a network administrator should strongly consider using ISL over 802. 1Q. While VLAN trunking works well on small networks, larger networks present a challenge to maintaining the configuration across all the switches. Enter VTP.
Virtual LAN Trunking Protocol (VTP) was developed by Cisco to enable centralized management of VLAN switches. VTP handles the synchronization of network switches when VLANs are added, deleted, or have their names changed across multiple switches. VTP also lends itself to helping prevent misconfigurations and configuration inconsistencies, such as duplicate VLAN names or incorrect VLAN type-specification. Each switch on the VLAN will have VTP enabled in client mode except for one switch, which will be set in server mode to allow management of the VLAN database.
For the company in the presented scenario, the network administrator should install layer three Cisco switches on each floor of the building and enable VTP (in client mode except on the switch that will be used to configure the VLAN). The layer three switches will act as routers to allow the VLAN segments to communicate with one another when necessary. The VLAN is divided into four broadcast domains, one for each department. ISL will be used so that a router interface is not necessary on each VLAN.
Users in remote locations can connect to the network through the Telco’s WAN, and this includes users in completely different cities. Segmenting this company’s network in this manner will keep bandwidth use down while also minimizing network congestion. As with any network a backup plan is needed is case of outages of the network. To backup a VLAN and ensure continued operation during a fault or outage, the network should be physically laid out in a Token Ring or star topology while the VLAN or VTP are reconfigured or fixed. Reference Regan, Patrick. (2004). Wide Area Networks. Upper Saddle River, N. J. : Pearson/Prentice Hall.