Home >Common Problem >Switch vlan division
In the general video surveillance projects that I have been exposed to, the surveillance network is basically independent, with separate wiring and separate switching equipment, so VLAN is rarely involved. Recently I came across a hotel monitoring project. Office, wireless, and monitoring were all in the same physical network. The switches used VLAN to divide different network segments, so I studied VLAN and made some conclusions.
Usually I misunderstand that the main purpose of vlan is not network isolation, but to improve network performance and enhance network security.
What is vlan? (Recommended learning: PHP video tutorial)
vlan (Virtual Local Area Network) is a virtual local area network, which means that the sites in the network are not limited to their physical locations. A network technology that can be flexibly added to different logical subnets as needed.
Virtual LAN based on switched Ethernet In switched Ethernet, VLAN technology can be used to divide the physical network connected by switches into multiple logical subnets. In other words, broadcast packets sent by a station in a VLAN will only be forwarded to stations belonging to the same VLAN. (Improve network performance)
In switched Ethernet, each site can belong to different virtual LANs. The sites that constitute a virtual LAN are not restricted to their physical locations. They can be connected to the same switch or to different switches. Virtual LAN technology makes the network topology very flexible. For example, users on different floors or in different departments can join different virtual LANs as needed. (Enhance network security)
Purpose of vlan
Improve network performance: When the network is large, there will be a lot of broadcast information on the network, which will make the network Performance deteriorates, and broadcast storms may even form, causing network congestion. The transmission of broadcast packets within the entire network can be reduced by dividing many virtual LANs, because broadcast information will not cross VLANs. Broadcasts can be limited to the scope of each virtual network, reducing the broadcast domain and improving network transmission. efficiency, thereby improving network performance.
Enhanced security: Virtual networks cannot communicate directly but must be forwarded through routers, which provides the possibility for advanced security control and enhances network security.
How vlan is divided
Based on the port.
Based on mac address.
Based on ip address.
Based on multicast (used in WAN, not used in LAN).
Based on certain rules.
The most commonly used method of division is to combine ports and IP addresses to divide vlans. Certain ports are a vlan, and an IP address is configured for the vlan. Then the computers in the vlan use this address as Gateway, other vlans cannot be in the same subnet as this vlan.
For more PHP-related technical articles, please visit the PHP Graphic Tutorial column to learn!
The above is the detailed content of Switch vlan division. For more information, please follow other related articles on the PHP Chinese website!