VLAN Settings
Last updated
Last updated
A virtual LAN (VLAN) is a group of ports that form a logical Ethernet segment on a Layer 2 switch which provides better administration, security, and management of multicast traffic. A VLAN is a network topology configured according to a logical scheme rather than a physical layout. When you use a VLAN, users can be grouped by logical function instead of physical location. All ports that frequently communicate with each other are assigned to the same VLAN, regardless of where they are physically on the network. VLANs let you logically segment your network into different broadcast domains so that you can group ports with related functions into their own separate, logical LAN segments on the same switch. This allows broadcast packets to be forwarded only between ports within the VLAN which can avoid broadcast packets being sent to all the ports on a single switch. A VLAN also increases network performance by limiting broadcasts to a smaller and more manageable logical broadcast domain. VLANs also improve security by limiting traffic to specific broadcast domains.
Each VLAN in a network has an associated VLAN ID, which appears in the IEEE 802.1Q tag in the Layer 2 header of packets transmitted on a VLAN. The IEEE 802.1Q specification establishes a standard method for tagging Ethernet frames with VLAN membership information. The key for IEEE 802.1Q to perform its functions is in its tags. 802.1Q-compliant switch ports can be configured to transmit tagged or untagged frames. A tag field containing VLAN information can be inserted into an Ethernet frame. When using 802.1Q VLAN configuration, you configure ports to be a part of a VLAN group. When a port receives data tagged for a VLAN group, the data is discarded unless the port is a member of the VLAN group.
NOTE: The switch's default setting is to assign all ports to a single 802.1Q VLAN(VID 1). Please keep this in mind when configuring the VLAN settings for the switch.
This table shows VLAN ID with its port members.
When an untagged packet enters a switch port, the PVID (Port VLAN ID) will be attached to the untagged packet and forward frames to a VLAN specified VID part of the PVID. A packet received on a given port would be assigned that port's PVID and then be forwarded to the port that corresponded to the packet's destination address. If the PVID of the port that received the packet is different from the PVID of the port that is to transmit the packet, the switch will drop the packet. Within the switch, different PVIDs mean different VLANs, so VLAN identification based upon the PVIDs cannot create VLANs that extend outside a given switch. If no VLANs are defined on the switch, all ports are then assigned to a default VLAN with a PVID equal to 1.
NOTE
To enable PVID functionality, the following requirements must be met:
All ports must have a defined PVID.
If no other value is specified, the default VLAN PVID is used.
If you wish to change the port's default PVID, you must first create a VLAN that includes the port as a member.
Click Edit button to update the system settings.
GVRP (GARP VLAN Registration Protocol or Generic VLAN Registration Protocol) is based on the Generic Attribute Registration Protocol (GARP) and 802.1 Q, facilitating control of VLANs within a larger network. When GVRP is activated, it transmits and receives GARP Packet Data Units (GPDUs), allowing users to configure a VLAN on one switch and then propagating its information across the network, instead of the previously required creation of the VLAN on each switch in the network.
Select "Enabled" to let adjacent VLAN-aware devices exchange VLAN information with each other with the use of the Generic VLAN Registration Protocol (GVRP).
Click Apply button to update the system settings.
Once GVRP setting is enabled, each switch port can be edited further for related settings.
Provides options to manage VLAN trunking settings for the switch. VLAN trunking allows multiple VLANs to be transmitted over a single network link, facilitating efficient traffic management across different VLANs.
Click the Apply button to save the modified setting globally.
Enhance your Voice over IP (VoIP) service by configuring ports to carry IP voice traffic from IP phones on a specific VLAN. Voice VLAN provides QoS to VoIP, ensuring that the quality of the call does not deteriorate if the IP traffic is received erratically or unevenly.
Click Apply to update the system settings.
The switches determine whether a received packet is a voice packet by checking its source MAC address. VoIP traffic has a pre-configured Organizationally Unique Identifiers (OUI) prefix in the source MAC address. You can manually add specific manufacturer's MAC addresses and description to the OUI table. All traffic received on the Voice VLAN ports from the specific IP phone with a listed OUI is forwarded on the voice VLAN.
Enhance your VoIP service further by configuring ports to carry IP voice traffic from IP phones on a specific VLAN. Voice VLAN provides QoS to VoIP, ensuring that the quality of voice does not deteriorate if the IP traffic is received unevenly. When VoIP device is connected to a specific port, this is used to configure switch port's Voice VLAN and assign CoS mode.
Private VLAN (PVLAN), also known as port isolation, is a Layer 2 network segmentation technology. It enables port isolation and traffic segmentation within the same IP segment. By implementing PVLAN in a shared network environment, significant IP address savings can be achieved, and switch port security is enhanced at the Layer 2 level.
Click the Add button to add Private VLANs.
Click the Delete button to remove the selected PVLAN.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Edit button to edit the VLAN Trunking Port State on each respected port. Click the Apply button to accept the changes or the Cancel button to discard them.
To configure the OUI settings, click the Edit button to re-configure the specific entry. Click the Delete button to remove the specific entry and click the Add button to create a new OUI entry. Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Click the Apply button to accept the changes or the Cancel button to discard them.
Item
Description
Enabled
Enables 802.1Q VLANs. This feature is enabled by default.
VID
Displays the VLAN ID for which the network policy is defined. The range of the VLAN ID is from 1 to 4094.
Name
Enter the VLAN name. You can use up to 32 alphanumeric characters.
Tagged Port
Frames transmitted from this port are tagged with the VLAN ID.
Untagged Port
Frames transmitted from this port are untagged
Item
Description
VID
Displays the VLAN ID on the switch (range from 1 to 4094).
Name
Displays the VLAN name.
Status
Displays the VLAN status.
Protocol
Displays the protocol associated with this VID.
Port Status
Displays the member ports' status (either Tagged or Untagged).
Item
Description
Port
Displays the VLAN ID to which the PVID tag is assigned. Configure the PVID to assign untagged or tagged frames received on the selected port.
PVID
Enter the PVID value. The range is from 1 to 4094.
Accept Type
Select Tagged Only and Untagged Only from the list.
Tagged Only: The port discards any untagged frames it receives. The port only accepts tagged frames.
Untagged Only: Only untagged frames received on the port are accepted.
All: The port accepts both tagged and untagged frames.
Ingress Filtering
Specify how you wish the port to handle tagged frames. Select Enabled or Disabled from the list.
Enabled: Tagged frames are discarded if VID does not match the PVID of the port.
Disabled: All frames are forwarded in accordance with the IEEE 802.1Q VLAN.
Item
Description
VLAN Trunking Port State
Select Enabled or Disabled to activate VLAN Trunking Port State for the switch.
Item
Description
Port
Displays the switch ports.
Status
Displays the status of the VLAN Trunking on the respected port.
Item
Description
Voice VLAN State
Select Disabled, Auto, or OUI for Voice VLAN on the switch.
Voice VLAN ID
Sets the Voice VLAN ID for the network. Only one Voice VLAN is supported on the switch.
802.1p Remark
Enable this function to have outgoing voice traffic to be marked with the selected CoS value.
Remark CoS/802.1p
Defines a service priority for traffic on the Voice VLAN. The priority of any received VoIP packet is overwritten with the new priority when the Voice VLAN feature is active on a port. (Range: 0 to 7; Default: 6)
Aging Time
The aging time is used to remove a port from voice VLAN if the port is an automatic VLAN member. When the last voice device stops sending traffic and the MAC address of this voice device is aged out, the voice VLAN aging timer will be started. The port will be removed from the voice VLAN after expiration of the voice VLAN aging timer. If the voice traffic resumes during the aging time, the aging timer will be reset and stop. The range for aging time is from 1 to 65535 minutes. The default is 1440 minutes.
Item
Description
Index
Displays the VoIP sequence ID.
OUI Address
Globally unique ID assigned to a vendor by the IEEE to identify VoIP equipment.
Description
Displays the ID of the VoIP equipment vendor.
Item
Description
Primary VLAN
This field is for entering the ID of the primary VLAN used to forward frames downstream to all Secondary VLANs.
Secondary VLAN (Community Type)
Switch ports in a common community VLAN can access the primary VLAN and communicate with each other but cannot access other secondary VLANs.
Secondary VLAN (Isolated Type)
Switch ports in an Isolated VLAN can access the primary VLAN but cannot communicate with each other or reach other Secondary VLANs.
Name
This field is for assigning a name to the primary VLAN.
Promiscuous Port
This field is for specifying the promiscuous port, which can communicate with all ports within the primary VLAN.
Type
A dropdown menu to select the type of PVLAN, such as Community or Isolated.
Host Port (Community Type)
This port connects to regular hosts in the community VLAN, allowing communication with Promiscuous Ports and other ports within the same community VLAN.
Host Port (Isolated Type)
This port connects to a regular host on an isolated VLAN and only communicates with Promiscuous Ports.
