vlan and interface

i've read an understood basics of vlan; I've a very basic doubt on this. can i view vlan as a logical interface, because i've seen some switches which provide vlan as an interface, meaning there is a command like "interface vlan

2"; on which i can apply ip address , change the mtu and so on. How does a vlan can be an interface. Please provide some insight on this.

thanks sinbad

Reply to
Pip
Loading thread data ...

The confusion can come from vendors calling routers switches. Or routers as "Layer 3 switches"

At the L2 level, there is no such thing as a VLAN. Sure, you can have trunks to carry multiple vlan tags, but L2 devices do not understand L3 concepts (for the most part)

Some vendors, allow you to type in commands because the operating system is shared with a router. For example, many IOS based Cisco switches allow you to type router-only configs, but they don't really mean anything when it's a pure L2 device.

Sometimes, you can put an IP address on "interface vlan 2" because it's used by the switch for management. So yes, it's a logical interface on a switch used for maintenance, snmp/syslog alerts etc. It's used to manage the switch itself.

Finally, some L2 only switches can be upgraded with a license to function as a router.

I can see where a novice could get confused!

Reply to
Hansang Bae

Well, I have to introduce the idea of half layers, then, because otherwise, I have a problem with this.

I'd say that at the MAC layer, i.e. at layer 1.5, devices have no idea of VLANs. But at layer 2, they do. For example, I can create two VLANs, perhaps one using the type format and the other using the length format, and I can operate one physical L2 network as if it were two separate L2 networks entirely. Without introducing an IP layer at all. So this demonstrates that the VLAN differentiation occurs somewhere below Layer 3.

In practice, VLANs are probably used more as you describe, to assign different IP subnets to the same physical plant. But in principle ...

Otherwise, I agree with your points.

Bert

Reply to
Albert Manfredi

Switches keep traffic on different vlans separate so even a broadcast on vlan 1 will only go to ports in vlan 1 and not get to other vlans. The vlan, then, can be called a broadcast domain - the extent to which a broadcast will reach.

formatting link
All ports in a particular vlan are on the same network and have the same range of network addresses. Normally one port on the vlan will link to a router (the "default gateway") so that hosts can communicate with other networks.

If you put a switch management address in vlan 2 the switch will still keep all vlan 2 traffic separate from any other vlans on the switch. You will need an IP address in the vlan 2 range and a connection to a router which has an interface in vlan 2 to be the default gateway for the switch.

See

formatting link
and bear in mind that Cisco kit (which it sounds like you are using) supports port-based vlans. There are other ways to segregate traffic but at the end of the day if you understand a broadcast domain you should be OK.

Post the relevant bits of the config if you have more questions. It makes it easier to explain.

-- HTH, James

Reply to
James Harris

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.