Page 372

326

Chapter 6

Virtual LANs (VLANs)

F I G U R E 6 . 4

Switches removing the physical boundary

Figure 6.4 shows how six VLANs (numbered two through seven) were

used to create a broadcast domain for each department. Each switch port is
then administratively assigned a VLAN membership, depending on the host
and which broadcast domain it must be in.

So now, if I needed to add another user to the Sales VLAN (VLAN 7),

I could just assign the port needed to VLAN 7, regardless of where the new
Sales team member is physically located--nice! This illustrates one of the
sweetest advantages to designing your network with VLANs over the old
collapsed backbone design. Now, cleanly and simply, each host that needs to
be in the Sales VLAN is merely assigned to VLAN 7.

Notice that I started assigning VLANs with VLAN number 2. The num-

ber is irrelevant, but you might be wondering: What happened to VLAN 1?
That VLAN is an administrative VLAN, and even though it can be used for
a workgroup, Cisco recommends that you use this for administrative pur-
poses only. You can't delete or change the name of VLAN 1, and by default,
all ports on a switch are members of VLAN 1 until you change them.

Each VLAN is considered a broadcast domain, so it must also have its

own subnet number, as shown in Figure 6.4. And if you're also using IPX,
then each VLAN must also be assigned its own IPX network number.

VLAN2 VLAN3 VLAN4 VLAN2 VLAN7 VLAN3 VLAN3 VLAN6 VLAN5 VLAN5 VLAN6 VLAN4

Provides inter-VLAN

communication and

WAN services

Marketing

VLAN2

172.16.20.0/24

Shipping

VLAN3

172.16.30.0/24

Engineering

VLAN4

172.16.40.0/24

Finance

VLAN5

172.16.50.0/24

Management

VLAN6

172.16.60.0/24

Sales

VLAN7

172.16.70.0/24

www.sybex.com