SlideShare una empresa de Scribd logo

ch08.pptx

Descargar como PPTX, PDF
D
dajek95195

Understanding of TECH upgrades in IT

Educación
1 de 22
Business Data Communications Fourteenth Edition Jerry FitzGerald, Alan Dennis, and Alexandra Durcikova Chapter 8 Backbone Networks
Learning Objectives • Understand the Internetworking devices used in BNs • Understand the switched backbone architecture • Understand the routed backbone architecture • Understand virtual LAN architecture • Understand the best practice recommendations for backbone design • Be aware of ways to improve BN performance Copyright ©2021 John Wiley & Sons, Inc. 8-2
Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-3
8.1 Introduction • Backbones used to be built with special technologies, but today most BNs use high-speed Ethernet • There are two basic components to a BN: the network cable and the hardware devices that connect other networks to the BN • Cable is usually fiber optic • Switches operate at the data link layer • Routers operate at the network layer • VLAN switches are a special combination of layer 2 switches and routers 8-4 Copyright ©2021 John Wiley & Sons, Inc.
8.2 Switched Backbones • Switched backbones are the most common type of BN used in the distribution layer • Switched BNs use a star topology with one switch at its center • There is a switch serving each LAN that is connected to the backbone switch 8-5 Copyright ©2021 John Wiley & Sons, Inc.
Switched Backbones Continued • Most organizations use switched backbones in which all network devices are physically located in the same room • Often in a rack of equipment • The room containing the rack of equipment is sometimes called the main distribution facility (MDF) or central distribution facility (CDF) • The devices are connected among themselves using very short cables called patch cables 8-6 Copyright ©2021 John Wiley & Sons, Inc.
Main Distribution Facility • With an MDF, all cables run into the MDF • If one switch becomes overloaded, it is straight-forward to unplug the cables and it into a less-busy switch • Sometimes a chassis switch is used instead of a rack • A chassis switch enables users to plug modules directly into the switch • The key advantage of chassis switches is their flexibility 8-7 Copyright ©2021 John Wiley & Sons, Inc.
8.3 Routed Backbones • Routed backbones move packets along the backbone on the basis of their network layer address • Sometimes called subnetted backbones or hierarchical backbones • Most commonly used to connect different buildings on the same enterprise campus backbone network • A routed backbone ensures that broadcast messages stay in the one network segment 8-8 Copyright ©2021 John Wiley & Sons, Inc.
8.4 Virtual LANs • Virtual LANs are networks in which computers are assigned to LAN segments by software rather than by hardware • Often, VLANs are faster and provide greater opportunities to manage the flow of traffic on the LAN and BN • The simplest example is a single-switch VLAN, which means that the VLAN operates only inside one switch • Virtual LANs can be designed so that they act as though computers are connected via hubs or switches 8-9 Copyright ©2021 John Wiley & Sons, Inc.
Benefits of VLANs • With VLANs, we can put computers in different geographic locations in the same subnet • At right, a computer in the lower left could be put on the same subnet as one in the upper right • A separate subnet from all the other computers 8-10 Copyright ©2021 John Wiley & Sons, Inc.
Benefits of VLANs Continued • A more common implementation is a multiswitch VLAN, in which several switches are used to build the VLANs • VLANs are most commonly found in building backbone networks • In this case, we can now create subnets that span buildings • This enables us to create subnets based on who you are, rather than on where you are 8-11 Copyright ©2021 John Wiley & Sons, Inc.
Benefits of VLANs Continued • Advantages 1. Their ability to manage the flow of traffic on the LAN and backbone very precisely 2. The ability to prioritize traffic • Drawbacks o Their cost and management complexity 8-12 Copyright ©2021 John Wiley & Sons, Inc.
How VLANs Work • Each computer is assigned into a specific VLAN that has a VLAN ID number • Each VLAN ID is matched to a traditional IP subnet • Each computer connected to a VLAN switch also receives a traditional IP address assigned by the VLAN switch • Computers are assigned into the VLAN based on the physical port on the switch into which they are connected • When a computer transmits an Ethernet frame, it uses traditional Ethernet and IP addresses 8-13 Copyright ©2021 John Wiley & Sons, Inc.
How VLANs Work Continued • Virtual LAN switches use Ethernet 802.1q tagging to move frames from one switch to another • When a VLAN switch receives an Ethernet frame that needs to go to a computer on another VLAN switch, it changes the Ethernet frame by inserting the VLAN ID number and a priority code into the VLAN tag field • The router is a layer 3 device, so when it receives the message, it strips off the Ethernet frame and reads the IP packet 8-14 Copyright ©2021 John Wiley & Sons, Inc.
How VLANs Work With Broadcast Messages • Each computer on a VLAN switch is assigned into a subnet with a matching VLAN ID • When a computer issues a broadcast message, the switch identifies the VLAN ID of the sending computer and then sends the frame to all other computers that have the same VLAN ID • These computers may be on the same switch or on different switches 8-15 Copyright ©2021 John Wiley & Sons, Inc.
Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-16
8.5 The Best Practice Backbone Design • Today, the most effective architecture for the distribution layer in terms of cost and performance is a switched backbone • It provides the best performance at the least cost • Many large organizations are now implementing VLANs, especially those that have departments spread over multiple buildings 8-17 Copyright ©2021 John Wiley & Sons, Inc.
The Best Practice Recommendations • The best practice architecture is a switched backbone or VLAN for the distribution layer and a routed backbone for the core layer • The best practice recommendation for backbone technology is gigabit Ethernet 8-18 Copyright ©2021 John Wiley & Sons, Inc.
Improving Device Performance 8-19 Copyright ©2021 John Wiley & Sons, Inc.
Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-20
8.7 Implications for Cyber Security • Most routers now have software that enables the network manager to create an access control list (ACL) that specifies what traffic the router should allow through • Many routers have more sophisticated ACL software that enables the ACL to have different rules for different interfaces • VLANs are the most secure type of backbone because they enable ACL and other security measures to be applied at the switch level 8-21 Copyright ©2021 John Wiley & Sons, Inc.
8.7 Implications for Cyber Security • Network Access Control options o Authenticate devices using 802.1x o Sandbox unknown devices and redirect web requests to authentication service • Limit network access until user registers their device • Physical security of network infrastructure o Locked and alarmed doors for all network closets o Attackers might tamper with cabling • Hard to detect in common drop-ceiling environments 8-22 Copyright ©2021 John Wiley & Sons, Inc.

Recomendados

Ch07
Ch07Ch07
Ch07
Ali Khawaja
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
Damian Parniewicz
 
Vlan
VlanVlan
Vlan
Ardhendu Nandi
 
summer training report on Computer network and Cisco packet tracer
summer training report on Computer network and Cisco packet tracer summer training report on Computer network and Cisco packet tracer
summer training report on Computer network and Cisco packet tracer
Dheeraj Giri
 
vlan
vlanvlan
vlan
Mohammadnoor Noori
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Darshan Dalwadi
 
The Future of Internet Exchange Points - NANOG 47
The Future of Internet Exchange Points - NANOG 47The Future of Internet Exchange Points - NANOG 47
The Future of Internet Exchange Points - NANOG 47
Richard Steenbergen
 
8 Common Network Topologies & Where to Use Them
8 Common Network Topologies & Where to Use Them8 Common Network Topologies & Where to Use Them
8 Common Network Topologies & Where to Use Them
Auvik Networks Inc.
 

Recomendados

Ch07
Ch07Ch07
Ch07
Ali Khawaja
 
Network virtualization
Network virtualizationNetwork virtualization
Network virtualization
Damian Parniewicz
 
Vlan
VlanVlan
Vlan
Ardhendu Nandi
 
summer training report on Computer network and Cisco packet tracer
summer training report on Computer network and Cisco packet tracer summer training report on Computer network and Cisco packet tracer
summer training report on Computer network and Cisco packet tracer
Dheeraj Giri
 
vlan
vlanvlan
vlan
Mohammadnoor Noori
 
Virtual LAN
Virtual LANVirtual LAN
Virtual LAN
Darshan Dalwadi
 
The Future of Internet Exchange Points - NANOG 47
The Future of Internet Exchange Points - NANOG 47The Future of Internet Exchange Points - NANOG 47
The Future of Internet Exchange Points - NANOG 47
Richard Steenbergen
 
8 Common Network Topologies & Where to Use Them
8 Common Network Topologies & Where to Use Them8 Common Network Topologies & Where to Use Them
8 Common Network Topologies & Where to Use Them
Auvik Networks Inc.
 
Campus WiFi: Case Study of IITB Wireless
Campus WiFi: Case Study of IITB WirelessCampus WiFi: Case Study of IITB Wireless
Campus WiFi: Case Study of IITB Wireless
Aniruddh Rao Kabbinale
 
PLNOG 6: Emil Kacperek - Virtual Cluster Switching
PLNOG 6: Emil Kacperek - Virtual Cluster Switching PLNOG 6: Emil Kacperek - Virtual Cluster Switching
PLNOG 6: Emil Kacperek - Virtual Cluster Switching
PROIDEA
 
Lan & vlan
Lan & vlanLan & vlan
Lan & vlan
Bharat Sanchar Nigam Limited
 
ch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computing
ssuser06ea42
 
Ch08
Ch08Ch08
Ch08
Ali Khawaja
 
01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi
Nader Elmansi
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
nvirters
 
Monitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveMonitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspective
Augusto Ciuffoletti
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
SAROORNAGARCMCORE
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networking
Ranjan K.M.
 
campus_design_eng1.ppt
campus_design_eng1.pptcampus_design_eng1.ppt
campus_design_eng1.ppt
chali100
 
Ccna ch01
Ccna ch01Ccna ch01
Ccna ch01
m_saeed90
 
Wireless lan electronics and communication engineering
Wireless lan electronics and communication engineeringWireless lan electronics and communication engineering
Wireless lan electronics and communication engineering
eceb9198
 
VLAN
VLANVLAN
VLAN
ISMT College
 
Vlan
VlanVlan
Vlan
Mayank Saxena
 
Inter vlan routing plus configuration
Inter vlan routing plus configurationInter vlan routing plus configuration
Inter vlan routing plus configuration
Mohammedseleim
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
Mohammedseleim
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integration
Akhilesh Dhawan
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
Waqas Ahmed Nawaz
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar report
SKS
 
How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
Celine George
 
“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .
Colégio Santa Teresinha
 

Más contenido relacionado

Similar a ch08.pptx

ch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computing
ssuser06ea42
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
nvirters
 
Wireless lan electronics and communication engineering
Wireless lan electronics and communication engineeringWireless lan electronics and communication engineering
Wireless lan electronics and communication engineering
eceb9198
 

Similar a ch08.pptx (20)

Campus WiFi: Case Study of IITB Wireless
Campus WiFi: Case Study of IITB WirelessCampus WiFi: Case Study of IITB Wireless
Campus WiFi: Case Study of IITB Wireless
 
PLNOG 6: Emil Kacperek - Virtual Cluster Switching
PLNOG 6: Emil Kacperek - Virtual Cluster Switching PLNOG 6: Emil Kacperek - Virtual Cluster Switching
PLNOG 6: Emil Kacperek - Virtual Cluster Switching
 
Lan & vlan
Lan & vlanLan & vlan
Lan & vlan
 
ch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computingch5-Fog Networks and Cloud Computing
ch5-Fog Networks and Cloud Computing
 
Ch08
Ch08Ch08
Ch08
 
01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi01 elements of modern networking by nader elmansi
01 elements of modern networking by nader elmansi
 
Virt july-2013-meetup
Virt july-2013-meetupVirt july-2013-meetup
Virt july-2013-meetup
 
Monitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspectiveMonitoring a virtual network infrastructure - An IaaS perspective
Monitoring a virtual network infrastructure - An IaaS perspective
 
mod8-VLANs.ppt
mod8-VLANs.pptmod8-VLANs.ppt
mod8-VLANs.ppt
 
Computer Networking
Computer NetworkingComputer Networking
Computer Networking
 
campus_design_eng1.ppt
campus_design_eng1.pptcampus_design_eng1.ppt
campus_design_eng1.ppt
 
Ccna ch01
Ccna ch01Ccna ch01
Ccna ch01
 
Wireless lan electronics and communication engineering
Wireless lan electronics and communication engineeringWireless lan electronics and communication engineering
Wireless lan electronics and communication engineering
 
VLAN
VLANVLAN
VLAN
 
Vlan
VlanVlan
Vlan
 
Inter vlan routing plus configuration
Inter vlan routing plus configurationInter vlan routing plus configuration
Inter vlan routing plus configuration
 
Vlans and inter vlan routing
Vlans and inter vlan routingVlans and inter vlan routing
Vlans and inter vlan routing
 
MidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integrationMidoNet Overview - OpenStack and SDN integration
MidoNet Overview - OpenStack and SDN integration
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
CCNA (R & S) Module 02 - Connecting Networks - Chapter 1
 
Network virtualization seminar report
Network virtualization seminar reportNetwork virtualization seminar report
Network virtualization seminar report
 

Último

The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptx
heathfieldcps1
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyes
ashishpaul799
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Denish Jangid
 

Último (20)

How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17How to Manage Notification Preferences in the Odoo 17
How to Manage Notification Preferences in the Odoo 17
 
“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .“O BEIJO” EM ARTE .
“O BEIJO” EM ARTE .
 
Basic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumersBasic phrases for greeting and assisting costumers
Basic phrases for greeting and assisting costumers
 
The basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptxThe basics of sentences session 4pptx.pptx
The basics of sentences session 4pptx.pptx
 
B.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdfB.ed spl. HI pdusu exam paper-2023-24.pdf
B.ed spl. HI pdusu exam paper-2023-24.pdf
 
Application of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matricesApplication of Matrices in real life. Presentation on application of matrices
Application of Matrices in real life. Presentation on application of matrices
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).
 
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptxStudents, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
Students, digital devices and success - Andreas Schleicher - 27 May 2024..pptx
 
[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation[GDSC YCCE] Build with AI Online Presentation
[GDSC YCCE] Build with AI Online Presentation
 
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdfTelling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
Telling Your Story_ Simple Steps to Build Your Nonprofit's Brand Webinar.pdf
 
ppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyesppt your views.ppt your views of your college in your eyes
ppt your views.ppt your views of your college in your eyes
 
NCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdfNCERT Solutions Power Sharing Class 10 Notes pdf
NCERT Solutions Power Sharing Class 10 Notes pdf
 
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
Incoming and Outgoing Shipments in 2 STEPS Using Odoo 17
 
The Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve ThomasonThe Art Pastor's Guide to Sabbath | Steve Thomason
The Art Pastor's Guide to Sabbath | Steve Thomason
 
Gyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptxGyanartha SciBizTech Quiz slideshare.pptx
Gyanartha SciBizTech Quiz slideshare.pptx
 
The Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational ResourcesThe Benefits and Challenges of Open Educational Resources
The Benefits and Challenges of Open Educational Resources
 
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdfINU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
INU_CAPSTONEDESIGN_비밀번호486_업로드용 발표자료.pdf
 
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdfPost Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
Post Exam Fun(da) Intra UEM General Quiz 2024 - Prelims q&a.pdf
 
How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17How to the fix Attribute Error in odoo 17
How to the fix Attribute Error in odoo 17
 
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & EngineeringBasic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
Basic Civil Engg Notes_Chapter-6_Environment Pollution & Engineering
 

ch08.pptx

  • 1. Business Data Communications Fourteenth Edition Jerry FitzGerald, Alan Dennis, and Alexandra Durcikova Chapter 8 Backbone Networks
  • 2. Learning Objectives • Understand the Internetworking devices used in BNs • Understand the switched backbone architecture • Understand the routed backbone architecture • Understand virtual LAN architecture • Understand the best practice recommendations for backbone design • Be aware of ways to improve BN performance Copyright ©2021 John Wiley & Sons, Inc. 8-2
  • 3. Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-3
  • 4. 8.1 Introduction • Backbones used to be built with special technologies, but today most BNs use high-speed Ethernet • There are two basic components to a BN: the network cable and the hardware devices that connect other networks to the BN • Cable is usually fiber optic • Switches operate at the data link layer • Routers operate at the network layer • VLAN switches are a special combination of layer 2 switches and routers 8-4 Copyright ©2021 John Wiley & Sons, Inc.
  • 5. 8.2 Switched Backbones • Switched backbones are the most common type of BN used in the distribution layer • Switched BNs use a star topology with one switch at its center • There is a switch serving each LAN that is connected to the backbone switch 8-5 Copyright ©2021 John Wiley & Sons, Inc.
  • 6. Switched Backbones Continued • Most organizations use switched backbones in which all network devices are physically located in the same room • Often in a rack of equipment • The room containing the rack of equipment is sometimes called the main distribution facility (MDF) or central distribution facility (CDF) • The devices are connected among themselves using very short cables called patch cables 8-6 Copyright ©2021 John Wiley & Sons, Inc.
  • 7. Main Distribution Facility • With an MDF, all cables run into the MDF • If one switch becomes overloaded, it is straight-forward to unplug the cables and it into a less-busy switch • Sometimes a chassis switch is used instead of a rack • A chassis switch enables users to plug modules directly into the switch • The key advantage of chassis switches is their flexibility 8-7 Copyright ©2021 John Wiley & Sons, Inc.
  • 8. 8.3 Routed Backbones • Routed backbones move packets along the backbone on the basis of their network layer address • Sometimes called subnetted backbones or hierarchical backbones • Most commonly used to connect different buildings on the same enterprise campus backbone network • A routed backbone ensures that broadcast messages stay in the one network segment 8-8 Copyright ©2021 John Wiley & Sons, Inc.
  • 9. 8.4 Virtual LANs • Virtual LANs are networks in which computers are assigned to LAN segments by software rather than by hardware • Often, VLANs are faster and provide greater opportunities to manage the flow of traffic on the LAN and BN • The simplest example is a single-switch VLAN, which means that the VLAN operates only inside one switch • Virtual LANs can be designed so that they act as though computers are connected via hubs or switches 8-9 Copyright ©2021 John Wiley & Sons, Inc.
  • 10. Benefits of VLANs • With VLANs, we can put computers in different geographic locations in the same subnet • At right, a computer in the lower left could be put on the same subnet as one in the upper right • A separate subnet from all the other computers 8-10 Copyright ©2021 John Wiley & Sons, Inc.
  • 11. Benefits of VLANs Continued • A more common implementation is a multiswitch VLAN, in which several switches are used to build the VLANs • VLANs are most commonly found in building backbone networks • In this case, we can now create subnets that span buildings • This enables us to create subnets based on who you are, rather than on where you are 8-11 Copyright ©2021 John Wiley & Sons, Inc.
  • 12. Benefits of VLANs Continued • Advantages 1. Their ability to manage the flow of traffic on the LAN and backbone very precisely 2. The ability to prioritize traffic • Drawbacks o Their cost and management complexity 8-12 Copyright ©2021 John Wiley & Sons, Inc.
  • 13. How VLANs Work • Each computer is assigned into a specific VLAN that has a VLAN ID number • Each VLAN ID is matched to a traditional IP subnet • Each computer connected to a VLAN switch also receives a traditional IP address assigned by the VLAN switch • Computers are assigned into the VLAN based on the physical port on the switch into which they are connected • When a computer transmits an Ethernet frame, it uses traditional Ethernet and IP addresses 8-13 Copyright ©2021 John Wiley & Sons, Inc.
  • 14. How VLANs Work Continued • Virtual LAN switches use Ethernet 802.1q tagging to move frames from one switch to another • When a VLAN switch receives an Ethernet frame that needs to go to a computer on another VLAN switch, it changes the Ethernet frame by inserting the VLAN ID number and a priority code into the VLAN tag field • The router is a layer 3 device, so when it receives the message, it strips off the Ethernet frame and reads the IP packet 8-14 Copyright ©2021 John Wiley & Sons, Inc.
  • 15. How VLANs Work With Broadcast Messages • Each computer on a VLAN switch is assigned into a subnet with a matching VLAN ID • When a computer issues a broadcast message, the switch identifies the VLAN ID of the sending computer and then sends the frame to all other computers that have the same VLAN ID • These computers may be on the same switch or on different switches 8-15 Copyright ©2021 John Wiley & Sons, Inc.
  • 16. Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-16
  • 17. 8.5 The Best Practice Backbone Design • Today, the most effective architecture for the distribution layer in terms of cost and performance is a switched backbone • It provides the best performance at the least cost • Many large organizations are now implementing VLANs, especially those that have departments spread over multiple buildings 8-17 Copyright ©2021 John Wiley & Sons, Inc.
  • 18. The Best Practice Recommendations • The best practice architecture is a switched backbone or VLAN for the distribution layer and a routed backbone for the core layer • The best practice recommendation for backbone technology is gigabit Ethernet 8-18 Copyright ©2021 John Wiley & Sons, Inc.
  • 19. Improving Device Performance 8-19 Copyright ©2021 John Wiley & Sons, Inc.
  • 20. Outline • Architectures • Switched Backbone Networks • Routed Backbone Networks • Virtual LANs (VLANs) • Best Practices • Implications for Security and Management Copyright ©2021 John Wiley & Sons, Inc. 8-20
  • 21. 8.7 Implications for Cyber Security • Most routers now have software that enables the network manager to create an access control list (ACL) that specifies what traffic the router should allow through • Many routers have more sophisticated ACL software that enables the ACL to have different rules for different interfaces • VLANs are the most secure type of backbone because they enable ACL and other security measures to be applied at the switch level 8-21 Copyright ©2021 John Wiley & Sons, Inc.
  • 22. 8.7 Implications for Cyber Security • Network Access Control options o Authenticate devices using 802.1x o Sandbox unknown devices and redirect web requests to authentication service • Limit network access until user registers their device • Physical security of network infrastructure o Locked and alarmed doors for all network closets o Attackers might tamper with cabling • Hard to detect in common drop-ceiling environments 8-22 Copyright ©2021 John Wiley & Sons, Inc.