VLAN question

2»

Comments

  • rwwest7rwwest7 Member Posts: 300
    Forsaken_GA wrote: »
    Let me see if I can explain this a little better without the novel:

    The behavior of a switch when dealing with broadcasts is to forward them.

    When you create a vlan on an intelligent switch, what you are essentially doing is adding a dumb switch to the network, and each of those dumb switches you create are going to forward broadcasts.
    Have you ever heard the term non-routed VLAN? Sometimes you don't want certain VLANs to be routed.

    Also, when you create a VLAN on an intelligent switch, you now have two intelligent switches. Remember, switches are intelligent because they forward frames based on MAC address unlike hubs. Calling a switch dumb just because it can't do interVLAN routing is wrong, that's not their job in life.

    So, by definition if you have two VLANs on one switch you have two broadcast domains. By the book that's what you have. Anyone who knows that should also know that to route between those VLANs you need some kind of L3 device, but that's not the point. The point is by definition if you have two VLANs on one switch you have two broadcast domains.

    Edit: Just noticed you're an NP. I'm sure you know more about this than me, but maybe we just have two differant points of view.
    · Share on FacebookShare on Twitter
  • danb83danb83 Member Posts: 22 ■□□□□□□□□□
    kalebksp wrote: »
    To really understand what's happening you may want to consider why there are no collisions with full duplex. When two devices are directly connected via Ethernet (ie no hubs in between) the transmit wires of device 1 are directly connect to the receive wires of device 2 and vice versa. Therefor it is not physically possible for a collision to occur because the two devices will never attempt to transmit on the same wire.

    Full duplex doesn't eliminate collisions but rather the physical impossibility of collisions allows for full duplex. In the example above it wouldn't matter if the devices were set to full or half duplex, there still can't be a collision.

    In terms of collision domains, each switch port is a collision domain whether or not collisions are possible. It's just trivia, not applicable to the real world in most cases.

    Well explained!
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    rwwest7 wrote: »
    Have you ever heard the term non-routed VLAN? Sometimes you don't want certain VLANs to be routed.

    Sure, those vlans just won't have an egress point, ie, no default gateway for talking to machines outside of their network. The traffic is totally segmented off, and functions the same way as if you had an isolated device.
    Also, when you create a VLAN on an intelligent switch, you now have two intelligent switches. Remember, switches are intelligent because they forward frames based on MAC address unlike hubs. Calling a switch dumb just because it can't do interVLAN routing is wrong, that's not their job in life.

    Switching is not equal to intervlan routing. Even dumb switches with no management capability at all learn mac's and keep them in memory and only forward a frame out the port that's associated with the destination mac address. Your average piece of crap DLink or Linksys switch is capable of doing this. That's what makes it a switch. The ability to create or use vlans does not define whether or not a switch is a switch or a hub. I agree that calling a switch dumb just because it can't do intervlan routing is wrong, that's not what I said. If a switch can't create vlans, then it's a dumb switch, because all it does is learn mac's and forward frames based on that, you have absolutely no ability to influence it's operation.

    The vlan itself, however, behaves like a dumb switch. It has absolutely no knowledge of the other vlans on the switch and just forwards frames between the ports that are in the same vlan. Logically, the vlan is it's own device.
    So, by definition if you have two VLANs on one switch you have two broadcast domains. By the book that's what you have. Anyone who knows that should also know that to route between those VLANs you need some kind of L3 device, but that's not the point. The point is by definition if you have two VLANs on one switch you have two broadcast domains.

    I'm not arguing that different vlans aren't different broadcast domains. What I'm arguing is that switches do not break up broadcast domains. These are two entirely seperate concepts. Vlan capability is not a requirement for a device to be considered a switch. This is a hard concept for folks learning the CCNA to grasp, because all you work with are switches that are capable of doing vlans, so everyone thinks that vlan capability is an inherent part of being a switch. I work with dumb switches every day. For example, we have customers who need to transfer a very large amount of traffic between their servers (usually database transactions), and that data does not need to go out over the public interfaces. So we add second NIC cards to the servers and connect all of those NIC's to a dumb switch, so that the private traffic is isolated. There's no routing involved, there's no vlans involved, we use dumb Linksys switches. it's just one big backend network, but it's still switched.

    Creating a vlan is the same thing as creating a virtual machine on a host. The virtual machine thinks that it is it's own machine, it has no direct knowledge that it's just a thread running on some other machine. In the same way, the vlan thinks it's the only medium of communication for it's layer 2 transport area. It has no knowledge that it's really just a logical construct at the mercy of the taskmaster that is IOS. The vlan thinks and acts like it's the only switch on the network, and within that network, it is going to forward broadcast frames.

    So yes, physically, a switch can seperate a broadcast domain if it's capable of doing vlans. Logically, the vlan behaves as if it's another device entirely
    Edit: Just noticed you're an NP. I'm sure you know more about this than me, but maybe we just have two differant points of view.

    Eh, the NP doesn't really cover this distinction very well either. My point of view comes more form inheriting a network that was very poorly built. When I first started working here, we had vlans with over 2000 devices in them, spanning many subnets. The broadcast traffic was absolutely atrocious. We've managed to whittle it down considerably, but we've still got some very big vlans because the customers refuse to let us renumber their machines, so we have to wait for them to leave before we can do anything about it. We essentially have two networks, our 'legacy' network, and our proper network. Dealing with angry customers and angry bosses made getting broadcast traffic under control a major priority.
    · Share on FacebookShare on Twitter
  • DevilWAHDevilWAH Member Posts: 2,997 ■■■■■■■■□□
    Forsaken_GA wrote: »

    Eh, the NP doesn't really cover this distinction very well either. My point of view comes more form inheriting a network that was very poorly built. When I first started working here, we had vlans with over 2000 devices in them, spanning many subnets. The broadcast traffic was absolutely atrocious.

    Oh snap :);) deffently the best way to learn...
    • If you can't explain it simply, you don't understand it well enough. Albert Einstein
    • An arrow can only be shot by pulling it backward. So when life is dragging you back with difficulties. It means that its going to launch you into something great. So just focus and keep aiming.
    Linkin Profile - Blog: http://Devilwah.com
    · Share on FacebookShare on Twitter
  • Forsaken_GAForsaken_GA Member Posts: 4,024
    DevilWAH wrote: »
    Oh snap :);) deffently the best way to learn...

    Yeah, our first IP allocation was a /18. This was 10 years ago. The network admin very dilligently split that /18 into as many /24's as possible.... and then put them all in the same vlan. A few years later, the company bought another company with their own /18, so we took that over. And the network admin split that /18 into as many /24's as possible, and put them in another vlan. This is a thorn in our side to this day, and our ip allocation scheme is so screwed up, that ARIN won't give us anything larger than a /22 now.

    We're slowly reclaiming them where we can, and we've managed to grab several consecutive /24's and merge them into /23's in their own VLAN's, but we have stupid crap like servers with 20 different IP's on them, all from different /24's and the customers won't let us renumber them so that we're basically forced to decide between losing the customer or cleaning up the ip space, and the choice that involves money always wins.
    · Share on FacebookShare on Twitter
  • johnwest43johnwest43 Member Posts: 294
    A switch has the ability to reduce broadcast traffic, not broadcast domains.

    broadcast traffic = traffic forwarded out all up an up ports int the same vlan.
    broadcast domain = all up and up ports on same vlan.
    CCNP: ROUTE B][COLOR=#ff0000]x[/COLOR][/B , SWITCH B][COLOR=#ff0000]x[/COLOR][/B, TSHOOT [X ] Completed on 2/18/2014
    · Share on FacebookShare on Twitter
Sign In or Register to comment.