Most hubs also contain one port, called an uplink port, that allows the hub to connect to another hub or other connectivity device.. A small, standalone hub that contains onlyfour ports
Trang 1NICs typically use a memory range in the high memory area, which in hexadecimal notationequates to the A0000–FFFFF range As you work with NICs, you will notice that some man-ufacturers prefer certain ranges For example, a 3Com PC Card adapter might, by default,choose a range of C8000-C9FFF An IBM Token Ring adapter might choose a range ofD8000-D9FFF.
Memory range settings are less likely to cause resource conflicts than IRQ settings, mainlybecause there are more available memory ranges than IRQs Nevertheless, you may run intosituations in which you need to change a NIC’s memory address In such an instance, you may
or may not be able to change the memory range from the operating system Refer to the ufacturer’s guidelines for instructions
man-Base I/O Port
The base I/O port setting specifies, in hexadecimal notation, which area of memory will act as
a channel for moving data between the NIC and the CPU Like its IRQ, a device’s base I/Oport cannot be used by any other device Most NICs use two memory ranges for this channel,and the base I/O port settings identify the beginning of each range Although a NIC’s baseI/O port varies depending on the manufacturer, some popular addresses (in hexadecimal nota-tion) are 300 (which means that the range is 300–30F), 310, 280, or 2F8
You will probably not need to change a NIC’s base I/O port If you do, bear in mind that, aswith IRQ settings, base I/O port settings for PCI cards can be changed in the computer’sCMOS setup utility or sometimes through the operating system
Firmware Settings
After you have adjusted the NIC’s system resources, you may need to modify its transmissioncharacteristics—for example, whether it uses full duplexing, whether it can detect a network’sspeed, or even its MAC address These settings are held in the adapter’s firmware As men-tioned earlier, firmware constitutes the combination of an EEPROM chip on the NIC and thedata it holds When you change the firmware, you are actually writing to the EEPROM chip
on the NIC You are not writing to the computer’s hard disk Although most configurable tings can be changed in the operating system or NIC setup software, you may encounter com-plex networking problems that require a change to firmware settings
set-To change a NIC’s firmware, you need a bootable CD-ROM or floppy disk (DOS version 6.0
or higher) containing the configuration or install utility that shipped with the NIC If you don’thave the utility, you can usually download it from the manufacturer’s Web site To run the util-ity, you must start the computer with this CD-ROM or floppy disk inserted The NIC con-figuration utility may not run if an operating system or memory management program isalready running
Configuration utilities differ slightly, but all should allow you to view the IRQ, I/O port, basememory, and node address Some may allow you to change settings such as the NIC’s CPU
NET+
1.6
3.2
Trang 2utilization, its ability to handle full duplexing, or its capability to be used with only
10BASE-T or 100BASE-10BASE-TX media, for example (although many of these can also be changed throughthe NIC’s properties from the operating system interface) The changeable settings varydepending on the manufacturer Again, read the manufacturer’s documentation to find out thedetails for your hardware
NIC configuration utilities also allow you to perform diagnostics—tests of the NIC’s cal components and connectivity Most of the tests can be performed without additionalhardware However, to perform the entire group of the diagnostic tests on the NIC’s utility
physi-disk, you must have a loopback plug A loopback plug (also called a loopback adapter) is a
connector that plugs into a port, such as a serial or parallel or an RJ-45 port, and crosses overthe transmit line to the receive line so that outgoing signals can be redirected into the com-puter for testing One connectivity test, called a loopback test, requires you to install a loop-back plug into the NIC’s media connector Note that none of the connectivity tests should beperformed on a computer connected to a live network If a NIC fails its connectivity tests, it
is probably configured incorrectly If a NIC fails a physical component test, it may need to bereplaced
Chapter 5 213
NICS (NETWORK INTERFACE CARDS)
The word “loopback” implies that signals are routed back toward their source, ratherthan toward an external destination When used in the context of NICs, the loopbacktest refers to a check of the adapter’s ability to transmit and receive signals Recallthat the term “loopback” is also used in the context of TCP/IP protocol testing In that context, pinging the loopback address provides you with information on TCP/IPfunctionality
NOTE
Choosing the Right NIC
You should consider several factors when choosing a NIC for your workstation or server Ofcourse, the most critical factor is compatibility with your existing system The adapter mustmatch the network’s bus type, access method, connector types, and transmission speed You alsoneed to ensure that drivers available for that NIC will work with your operating system andhardware
Beyond these considerations, however, you should examine more subtle differences, such asthose that affect network performance Table 5-2 lists some features available on NICs thatspecifically influence performance and ease of use As you review this table, keep in mind thatperformance is especially important if the NIC will be installed in a server
Trang 3Table 5-2 NIC characteristics
Automatic speed Enables NICs to sense and adapt to Aids configuration and selection a network’s speed and mode (half- performance
or full-duplex) automatically One or more Allows the card to perform some Improves performance on-board CPUs data processing independently of
the PC’s CPU Direct memory Enables the card to transfer data to Improves performance access (DMA) the computer’s memory directly
Diagnostic LEDs Indicates traffic, connectivity, and, Aids in troubleshooting (lights on the NIC) sometimes, speed
Dual channels Effectively creates two NICs in one slot Improves performance;
suited to servers Load balancing Allows the NIC’s processor to determine Improves performance for
when to switch traffic between internal cards heavily-trafficked networks;
suited to servers
“Look Ahead” Allows the NIC’s processor to begin Improves performance transmit and receive processing data before it has received the
entire packet Management Allows the NIC to perform its own Aids in troubleshooting; can capabilities (SNMP) monitoring and troubleshooting, usually find a problem before it
through installed application software becomes dire Power management Allows a NIC to participate in the Increases the life of the capabilities computer’s power-saving measures; found battery for laptop computers
on PCMCIA-based adapters RAM buffering Provides additional memory on the NIC, Improves performance
which in turn provides more space for data buffering
Upgradeable (flash) Allows on-board chip memory to be Improves ease of use and
NET+
1.6
Trang 4Repeaters and Hubs
Now that you have learned about the many types of NICs and how to install and configurethem, you are ready to learn about connectivity devices As you’ll recall, the telecommunica-tions closet is the area containing the connectivity equipment (usually for a whole floor of abuilding) Within the telecommunications closet, horizontal cabling from the workstationsattaches to punch-down blocks, patch panels, hubs, switches, routers, and bridges In addition,telecommunications closets may house repeaters Repeaters are the simplest type of connectiv-ity devices that regenerate a digital signal
Repeaters operate in the Physical layer of the OSI Model and, therefore, have no means tointerpret the data they retransmit For example, they cannot improve or correct a bad or erro-neous signal; they merely repeat it In this sense, they are not “intelligent” devices Since theycannot read higher-layer information in the data frames, repeaters cannot direct data to theirdestination Instead, repeaters simply regenerate a signal over an entire segment It is up to thereceiver to recognize and accept its data
A repeater is limited not only in function, but also in scope A repeater contains one input portand one output port, so it is capable only of receiving and repeating a data stream Further-more, repeaters are suited only to bus topology networks The advantage to using a repeater isthat it allows you to extend a network inexpensively However, because of repeaters’ limitationsand the decreasing costs of other connectivity devices, repeaters are rarely used on modern net-works Instead, clients in a workgroup area are more likely to be connected by hubs
At its most primitive, a hub is a repeater with more than one output port A hub typically tains multiple data ports into which the patch cables for network nodes are connected Like
con-repeaters, hubs operate at the Physical layer of the OSI Model A hub accepts signals from atransmitting node and repeats those signals to all other connected nodes in a broadcast fash-
ion Most hubs also contain one port, called an uplink port, that allows the hub to connect to
another hub or other connectivity device On Ethernet networks, hubs can serve as the centralconnection point for branches of a star or star-based hybrid topology On Token Ring networks,
hubs are called Multistation Access Units (MAUs).
In addition to connecting Macintosh and PC workstations, hubs can connect print servers,switches, file servers, or other devices to a network All devices connected to a hub share the
same amount of bandwidth and the same collision domain A collision domain is a logically
Chapter 5 215
REPEATERS AND HUBS
The quality of the printed documentation that you receive from a manufacturer aboutits NICs may vary What’s more, this documentation may not apply to the kinds ofcomputers or networking environments you are using To find out more about the type
of NIC you are installing or troubleshooting, visit the manufacturer’s Web site
Trang 5or physically distinct Ethernet network segment on which all participating devices must detectand accommodate data collisions You will learn more about data collisions and Ethernet net-works in Chapter 6 Suffice it to say that the more nodes participating in the same collisiondomain, the higher the likelihood of transmission errors and slower performance.
Placement of hubs in a network design can vary The simplest structure would employ a alone workgroup hub that is connected to another connectivity device, such as a switch orrouter Some networks assign a different hub to each small workgroup, thereby benefitingfrom not having a single point of failure No matter what the network design, when using hubs,adhering to a network’s maximum segment and network length limitations is essential Figure5-14 suggests how hubs can fit into the overall design of a network
stand-FIGURE 5-14 Hubs in a network design
Dozens of types of hubs exist They vary according to the type of media and data transmissionspeeds they support Some hubs allow for multiple media connector types or multiple data
transmission speeds The simplest type of hubs—known as passive hubs—do nothing but
repeat signals Like NICs, however, some hubs possess internal processing capabilities Forexample, they may permit remote management, filter data, or provide diagnostic information
about the network Hubs that can perform any of these functions are known as intelligent hubs Intelligent hubs are also called managed hubs, because they can be managed from any-
where on the network
Standalone hubs, as their name implies, are hubs that serve a group of computers that are
iso-lated from the rest of the network or that form their own small network They are best suited
to small, organizations or home offices They can be passive or intelligent, and they are simple
NET+
1.6
Trang 6Standalone hubs do not follow one design, nor do they contain a standard number of ports(though they usually contain 4, 8, 12, or 24 ports) A small, standalone hub that contains onlyfour ports (primarily used for a small or home office) may be called a “hubby,” “hublet,” or a
“minihub.” On the other hand, standalone hubs can provide as many as 200 connection ports.The disadvantage to using a single hub for so many connections is that you introduce a single
point of failure on the network A single point of failure is a device or connection on a
net-work that, were it to fail, could cause the entire netnet-work or portion of the netnet-work to stopfunctioning Any sizable network relies on multiple connectivity devices to avoid catastrophicfailure
Stackable hubs resemble standalone hubs, but they are physically designed to be linked with
other hubs in a single telecommunications closet Stackable hubs linked together logically resent one large hub to the network One benefit to using stackable hubs is that your network
rep-or wrep-orkgroup does not depend on a single hub, which could present a single point of failure.Models vary in the maximum number that can be stacked For instance, some hub manufac-turers restrict the number of their stacked hubs to five; others can be stacked eight units high.Some stackable hubs use a proprietary high-speed cabling system to link the hubs together forbetter interhub performance
Like standalone hubs, stackable hubs may support a number of different media connectors andtransmission speeds and may come with or without special processing features The number ofports they provide also varies, although you will most often see 6, 12, or 24 ports on a stack-able hub Figure 5-16 shows three stackable hubs In a telecommunications closet, these hubswould be rack-mounted one above the other, and interconnected
Hubs have been a mainstay of network connectivity since the first small networks of the1980s However, because of their limited features and the fact that they merely repeat signalswithin a single collision domain, many network administrators have replaced their hubs withswitches To understand how switches operate, it is helpful to learn about bridges first
Chapter 5 217
REPEATERS AND HUBS
FIGURE 5-15 A standalone hub
NET+
1.6
to install and connect for a small group of users Standalone hubs may also be called group hubs Figure 5-15 depicts a small standalone hub.
Trang 7Bridges are devices that connect two network segments by analyzing incoming frames and
making decisions about where to direct them based on each frame’s MAC address They ate at the Data Link layer of the OSI Model Bridges look like repeaters, in that they have asingle input and a single output port They differ from repeaters in that they can interpret phys-ical addressing information
oper-A significant advantage to using bridges over repeaters or hubs is that bridges are independent For instance, all bridges can connect an Ethernet segment carrying IP-based traf-fic with an Ethernet segment carrying IPX-based traffic Some bridges can also connect twosegments using different Data Link and Physical layer protocols—for example, an Ethernetsegment with a Token Ring segment, or a wire-bound Ethernet segment (802.3) with a wire-less Ethernet segment (802.11)
protocol-Because they are protocol-ignorant, bridges can move data more rapidly than traditionalrouters, for example, which do care about Network layer protocol information On the otherhand, bridges take longer to transmit data than either repeaters or hubs, because bridges actu-ally analyze each packet, whereas repeaters and hubs do not
Another advantage to using bridges is that they can extend an Ethernet network without ther extending a collision domain, or segment In other words, by inserting a bridge into a net-work, you can add length beyond the maximum limits that apply to segments Finally, bridges
fur-FIGURE 5-16 Stackable hubs
Trang 8can help improve network performance because they can be programmed to filter out certaintypes of frames (for example, unnecessary broadcast frames, whose transmissions squanderbandwidth).
To translate between two segment types, a bridge reads a frame’s destination MAC addressand decides to either forward or filter it If the bridge determines that the destination node is
on another segment on the network, it forwards (retransmits) the packet to that segment Ifthe destination address belongs to the same segment as the source address, the bridge filters
(discards) the frame As nodes transmit data through the bridge, the bridge establishes a tering database (also known as a forwarding table) of known MAC addresses and their loca-
fil-tions on the network The bridge uses its filtering database to determine whether a packetshould be forwarded or filtered, as illustrated in Figure 5-17
Chapter 5 219
BRIDGES
FIGURE 5-17 A bridge’s use of a filtering database
Using Figure 5-17 as an example, imagine that you sit at workstation 1 on segment A of theLAN, and your colleague Abby sits at workstation 2 on segment A When you attempt to senddata to Abby’s computer, your transmission goes through your segment’s hub and then to thebridge The bridge reads the MAC address of Abby’s computer It then searches its filteringdatabase to determine whether that MAC address belongs to the same segment you’re on orwhether it belongs to a different segment The bridge can determine only that the MACaddress of Abby’s workstation is associated with its port A If the MAC address belongs to adifferent segment, the bridge forwards the data to that segment, whose corresponding portidentity is also in the filtering database In this case, however, your workstation and Abby’sworkstation reside on the same LAN segment, so the data would be filtered (that is, ignored)and your message would be delivered to Abby’s workstation through segment A’s hub
Conversely, if you wanted to send data to your supervisor’s computer, which is workstation 5
in Figure 5-17, your transmission would first pass through segment A’s hub and then on to thebridge The bridge would read the MAC address for your supervisor’s machine (the destina-tion address in your data stream) and search for the port associated with that machine In thiscase, the bridge would recognize workstation 5 as being connected to port B, and it would
NET+
1.6
Trang 9forward the data to that port Subsequently, the segment B hub would ensure delivery of thedata to your supervisor’s computer.
After you install a new bridge, it uses one of several methods to learn about the network anddiscover the destination address for each packet it handles After it discovers this information,
it records the destination node’s MAC address and its associated port in its filtering database.Over time, it discovers all nodes on the network and constructs database entries for each.Standalone bridges became popular in the 1980s and early 1990s; since then, bridging tech-nology has evolved to create more sophisticated bridge devices But devices other than bridgeshave also evolved Equipment manufacturers have improved the speed and functionality ofrouters and switches while lowering their cost, leaving bridges to become nearly extinct.Now, with the advent of wireless LANs, a new kind of bridge has become popular as an inex-pensive way to connect the wireless and wire-bound parts of a network, as shown in Figure 5-
18 In fact, you have already learned about these types of bridges, which are also called accesspoints (An access point without bridging functions could only connect an ad-hoc group ofwireless clients with each other Although such access points exist, they are rare and are gen-erally used to extend wireless segments that at some point connect to a wire-bound portion ofthe network via a bridge.)
FIGURE 5-18 A bridge connecting wire-bound and wireless LAN segments
NET+
1.6
Trang 10Although bridges are less common than switches on modern wire-bound LANs, ing the concept of bridging is essential to understanding how switches work For example, thebridging process pictured in Figure 5-17 applies to every port on a switch The next sectionintroduces switches and explains their functions.
understand-Switches
Switches are connectivity devices that subdivide a network into smaller logical pieces, or
seg-ments Traditional switches operate at the Data Link layer of the OSI Model, while more ern switches can operate at Layer 3 or even Layer 4 Like bridges, switches interpret MACaddress information In fact, they can be described as multiport bridges Figure 5-19 depictstwo switches One is a 24-port switch, useful for connecting nodes in a workgroup, and theother is a high-capacity switch that contains multiple redundant features (such as two NICs)
Trang 11and even offers routing functions Switches vary greatly in size and function, so there really is
no such thing as a “typical” switch Most switches have an internal processor, an operating tem, memory, and several ports that enable other nodes to connect to it
sys-Because they have multiple ports, switches can make better use of limited bandwidth andprove more cost-efficient than bridges Each port on the switch acts like a bridge, and eachdevice connected to a switch effectively receives its own dedicated channel In other words, aswitch can turn a shared channel into several channels From the Ethernet perspective, eachdedicated channel represents a collision domain Because a switch limits the number of devices
in a collision domain, it limits the potential for collisions
Switches have historically been used to replace hubs and ease traffic congestion in LAN groups Some network administrators have replaced backbone routers with switches, becauseswitches provide at least two advantages: better security and better performance By their natureswitches provide better security than many other devices because they isolate one device’s traf-fic from other devices’ traffic And because switches provide separate channels for (potentially)every device, performance stands to gain Applications that transfer a large amount of trafficand are sensitive to time delays, such as videoconferencing applications, benefit from the fulluse of the channel’s capacity In addition, hardware and software in a switch are optimized forfast data forwarding
work-Switches have their disadvantages, too Although they contain buffers to hold incoming dataand accommodate bursts of traffic, they can become overwhelmed by continuous, heavy traf-fic In that event, the switch cannot prevent data loss Also, although higher-layer protocols,such as TCP, detect the loss and respond with a timeout, others, such as UDP, do not For pack-ets using such protocols, the number of collisions will mount, and eventually all network traf-fic grinds to a halt For this reason, you should plan placement of switches carefully to matchbackbone capacity and traffic patterns
Switches have also replaced workgroup hubs on many small and home office networks becausetheir cost has decreased dramatically, they have become easier to install and configure, andthey offer the benefit of separating traffic according to port You might need to install such aswitch on a home or office network The next section describes how to install a simple switch
Installing a Switch
As with any networking equipment, the best way to ensure that you install a switch properly
is to follow the manufacturer’s guidelines Small workgroup switches are normally simple toinstall Many operate properly upon being added to a network The following steps describe,
in general, how to connect multiple nodes to a small switch, and then how to connect thatswitch to another connectivity device
1. Make sure the switch is situated where you’re going to keep it after all the cables areconnected
2. Before connecting any cables to the switch’s ports, plug it in and turn it on Also,when connecting a node to a switch, the node should not be turned on Otherwise,data irregularities can occur, forcing you to reset the switch
Trang 123. The switch’s power light should illuminate Most switches perform self-tests when
turned on, and blinking lights indicate that these tests are in progress Wait until thetests are completed (as indicated by a steady, green power light)
4. If you are using a small, inexpensive switch, you might not have to configure it andyou can skip to Step 5 But if not, you must use a utility that came with the switch(on CD-ROM, for example) to configure the switch For example, you may need toassign an IP address to the switch, change the administrator password, or set up man-agement functions Configuring a switch usually requires connecting it to a PC andthen running a configuration utility from a CD-ROM Refer to the instructions thatcame with your switch to find out how to configure it
5. Using a straight-through patch cable, connect the node’s NIC to one of the switch’sports, as shown in Figure 5-20 If you intend to connect this switch to another con-nectivity device, do not connect patch cables from nodes to the uplink port or to theport adjacent to the uplink port On most hubs and switches, the uplink port isdirectly wired to its adjacent port inside the device
Chapter 5 223
SWITCHES
FIGURE 5-20 Connecting a workstation to a switch
6. After all the nodes have been connected to the switch, if you do not plan to connectthe switch to another connectivity device, you can turn on the nodes After the nodesconnect to the network through the newly installed switch, check to verify that theswitch’s link and traffic lights for each port act as they should, according to theswitch’s documentation Then make sure the nodes can access the network as planned
7. To connect the switch to a larger network, you can insert one end of a crossover patchcable into the switch’s uplink port, then insert the other end of the cable into a dataport on the other connectivity device Alternately, you can insert one end of astraight-through cable into one of the switch’s data ports, then insert the other end ofthe straight-through cable into another device’s data port If you are connecting oneswitch’s uplink port to another switch’s uplink port, you must use a crossover cable.After connecting the switch to another device, the switch senses the activity on itsuplink port, evidenced by its blinking traffic light
NET+
1.6
Trang 13Figure 5-21 illustrates a typical way of using a small switch on a small office or home network.
In this example, the switch connects a group of nodes, including workstations, server, andprinter, with each other and with an Internet connection
Switches differ in the method of switching they use—namely, cut-through mode or store andforward mode These methods of switching are discussed in the next two sections
FIGURE 5-21 A switch on a small network
Cut-Through Mode
A switch running in cut-through mode reads a frame’s header and decides where to forward
the data before it receives the entire packet Recall that the first 14 bytes of a frame constituteits header, which contains the destination MAC address This information is sufficient for theswitch to determine which port should get the frame and begin transmitting the frame (with-out bothering to read the rest of the frame and check its accuracy)
What if the frame becomes corrupt? Because the cut-through mode does not allow the switch
to read the frame check sequence before it begins transmitting, it can’t verify data integrity in
that way On the other hand, cut-through switches can detect runts, or erroneously shortened
packets Upon detecting a runt, the switch waits to transmit that packet until it determines itsintegrity It’s important to remember, however, that runts are only one type of data flaw Cut-
through switches cannot detect corrupt packets; indeed, they may increase the number of errors
found on the network by propagating flawed packets
The most significant advantage of the cut-through mode is its speed Because it does not stop
to read the entire data packet, a cut-through switch can forward information much more rapidlythan a store and forward switch can (as described in the next section) The time-saving advan-tages to cut-through switching become insignificant, however, if the switch is flooded with traf-fic In this case, the cut-through switch must buffer (or temporarily hold) data, just like a store
NET+
1.6
Trang 14and forward switch Cut-through switches are best suited to small workgroups in which speed
is important and the relatively low number of devices minimizes the potential for errors
Store and Forward Mode
In store and forward mode, a switch reads the entire data frame into its memory and checks
it for accuracy before transmitting the information Although this method is more suming than the cut-through method, it allows store and forward switches to transmit datamore accurately Store and forward mode switches are more appropriate for larger LAN envi-ronments, because they do not propagate data errors In contrast, cut-through mode switches
time-con-do forward errors, so they may contribute to network congestion if a particular segment is riencing a number of collisions In large environments, a failure to check for errors can result
expe-in problematic traffic congestion
Store and forward switches can also transfer data between segments running different mission speeds For example, a high-speed network printer that serves 50 students could beattached to a 100-Mbps port on the switch, thereby allowing all of the student workstations
trans-to connect trans-to 10-Mbps ports on the same switch With this scheme, the printer can quicklyservice multiple jobs This characteristic makes store and forward mode switches preferable inmixed-speed environments
Using Switches to Create VLANs
In addition to improving bandwidth usage, switches can create virtual local area networks (VLANs), logically separate networks within networks, by grouping a number of ports into a broadcast domain A broadcast domain is a combination of ports that make up a Layer 2 seg-
ment Ports in a broadcast domain rely on a Layer 2 device, such as a switch, to forward cast frames among them In contrast to a collision domain, ports in the same broadcast domain
broad-do not share a single channel (Recall that switches separate collision broad-domains.) In the context
of TCP/IP networking, a broadcast domain is also known as a subnet Figure 5-22 illustrates
a simple VLAN design
VLANs can be designed with flexibility They can include ports from more than one switch orsegment Any type of end node can belong to one or more VLANs VLANs can link geo-graphically distant users over a WAN, and they can create small workgroups within LANs.Reasons for using VLANs include separating groups of users who need special security or net-work functions, isolating connections with heavy or unpredictable traffic patterns, identifyinggroups of devices whose data should be given priority handling, or containing groups ofdevices that rely on legacy protocols incompatible with the majority of the network’s traffic.One case in which a company might want to implement a VLAN is to allow visitors access tominimal network functions—for example, an Internet connection—without allowing the pos-sibility of access to the company’s data stored on servers In another example, companies thatuse their packet-switched networks to carry telephone calls often group all of the voice traffic
on a separate VLAN to prevent this unique and potentially heavy traffic from adversely ing routine client/server tasks
Trang 15On a wireless network, VLANs allow mobile clients to move from one access point’s range toanother without losing network functionality or having to reauthenticate with the network.That’s because every wireless client’s MAC address can be associated with an access point, andeach access point can be associated with a port on a switch When these ports are groupedtogether in a VLAN, it doesn’t matter with which access point a client associates Because theclient stays in the same grouping, it can continue to communicate with the network as if it hadremained in one spot.
VLANs are created by properly configuring a switch’s software This can be done manuallythrough the switch’s configuration utility or automatically using a VLAN software tool Thecritical step is to indicate to which VLAN each port belongs In addition, network managerscan specify security parameters, filtering instructions (if the switch should not forward anyframes from a certain segment, for example), performance requirements for certain ports, andnetwork addressing and management options
One potential problem in creating VLANs is that by grouping together certain nodes, you arenot merely including those nodes—you are also excluding another group This means you canpotentially cut off a group from the rest of the network For example, suppose your company’s
IT director demands that you assign all executive workstations to their own VLAN, and thatyou configure the network’s switch to group these users’ computers into a VLAN After thischange, users would be able to exchange data with each other, but they would not be able todownload data from the file server or download mail from the mail server, because theseservers are not included in their VLAN
FIGURE 5-22 A simple VLAN design
NET+
3.8