Content

INTRODUCTION

ABSTRACT ............................................................................................................. 5

STATEMENT OF THE PROBLEM ..................................................................... 7

JUSTIFICATION ..................................................................................................... 8

SCOPE AND LIMITATIONS ............................................................. 9

THEORETICAL FRAMEWORK............................................................ 10

1
INTRODUCTION

Introduction

The VLAN (Virtual LAN) appears as a solution for the logical separation of networks, it is

to say, when in a physical network, where all devices are connected

wants to separate these devices into groups, for example in a building where
the teachers' and students' devices are connected and it is desired that these
they function separately, for this the VLANs appear that separate the equipment
without the need to change any wiring.

A VLAN allows a network administrator to create groups of devices.

connected to the network in a logical way that acts as if they were on their own
independent network, even if they share common infrastructure with others
VLAN. When you configure a VLAN, you can give it a name to describe it.
main function of the users of that VLAN

A VLAN is a logically separated IP subnet. VLANs allow for

IP networks and multiple subnets exist in the same switched network.

Network without VLAN. - In normal operation, when a switch receives a frame from
broadcast on one of its ports, sends the frame to all other ports.

2
Network with VLAN.- When VLANs are implemented on a switch, the transmission
from the traffic of unicast, multicast, and broadcast from a host in a VLAN
In particular, they are limited to the devices present in the VLAN.

The fragmentation of a large broadcast domain into several smaller parts

small reduce broadcast traffic and improve network performance. The
domain fragmentation in VLAN also allows for better confidentiality
of information within an organization. The fragmentation of domains of
broadcast can be done with VLANs (on switches) or with routers. Each
once devices on different Layer 3 networks need to communicate, it is
A router is necessary regardless of whether the VLANs are in use.

Advantages of VLANs

User productivity and network adaptability are key drivers for

the growth and success of the business. The implementation of VLAN technology
allows a network to more flexibly accommodate business goals. The
The main benefits of using VLANs are as follows:

• Security: groups that have sensitive data are separated from the rest of the
reducing the chances of data breaches occurring
Confidential. The faculty computers are located in VLAN 10.
and are completely separated from the Guest's data traffic and from the
students.

• Cost reduction: the savings in cost result from the little need for
costly network updates and more efficient use of links and bandwidth
existing.

• Better performance: the division of Layer 2 flat networks into multiple

logical workgroups (broadcast domains) reduce unnecessary traffic in
the network and enhances performance.

• Mitigation of broadcast storm: the division of a network into VLANs

reduce the number of devices that can participate in a storm of
broadcast. LAN segmentation prevents a broadcast storm from occurring.
propagate throughout the network. In the figure, you can observe that, despite there being six

3
computers on this network, there are only three broadcast domains: Faculty,
Student and Guest.

• Greater efficiency of IT staff: VLANs facilitate network management

because users with similar network requirements share the same
VLAN. When a new switch is provided, all policies and procedures
that have already been configured for the specific VLAN are implemented when they are assigned

the ports. It is also easy for the IT staff to identify the function of a
VLAN by giving it a name. In the figure, for easier identification
VLAN 20 was named 'Student', VLAN 10 could be named 'Body'
"teacher" and the VLAN 30 "Guest".

• Management of simpler application or project: VLANs

They add network devices and users to accommodate the geographic requirements.
or commercial. Having separate functions makes managing a project or
working with a specialized application is easier, for example a
e-learning development platform for the teaching staff. It is also easy.
determine the scope of the effects of the network services update.

4
ABSTRACT

Introduction

The VLAN (Virtual LAN) appears as a solution to the logical separation of networks.
that is to say, when in a physical network, in which all the devices are close to each other
wants to free these devices in groups, for example in a building where they are
connected the equipment of teachers and pupils there is hope that these will work
separately, for this there appear the VLAN that the equipments separate without
need to change no wired up one. A VLAN allows that an administrator of network
should create groups of devices connected to the network in a logical way that act
as if they were in his own independent network, even if they share a common
infrastructure with other VLAN. When it forms a VLAN, it can put a name to
Describe the principal function of the users of this VLAN. A VLAN is a
Subnetwork IP separated in a logical way. The VLAN allows for those IP networks.
and multiple subnetworks should exist in the same exchanged network Network
without VLAN .-In normal functioning, when a switch receives a plot of broadcast in
one of his ports, he sends the plot to all the rest ports. Network with VLAN. - When
the VLAN are implemented in a switch, the transmission of the traffic of unicast,
multicast and broadcast from a host in a VLAN especially, they limit themselves to
the present devices in the VLAN. The fragmentation of a great domain of broadcast
in several smaller parts reduces the traffic of broadcast and improves the
performance of the network. The fragmentation of domains in VLAN allows in
addition a better confidentiality of information inside an organization. The
fragmentation of a great domain of broadcast in several smaller parts reduces the
traffic of broadcast and improves the performance of the network.
fragmentation of domains in VLAN allows for better confidentiality of
information inside an organization. The fragmentation of domains of broadcast can
be realized by the VLAN (in the switches) or with routers. Whenever devices in
different networks of Cap 3 need to communicate, a router is necessary without
bearing in mind if the VLAN are in use. Advantages of the VLAN The productivity of

5
the user and the adaptability of the network are key drivers for growth and
the success of the business. The implementation of VLAN's technology allows that
A network should more flexibly accommodate commercial goals.

VLAN are the following ones: · Security: the groups that have sensitive information
separate from the rest of the network, diminishing the possibilities that it occurs
violations of confidential information. The computers of the educational body are in
the VLAN 10 and are completely separated from the traffic of information of the
Guest and from the students. · Reduction of cost: the saving in the cost results of
small need of expensive updates of network and more efficient uses of links and
existing bandwidth. · Better performance: the division of the flat networks of Cap 2
in multiple logical groups of work (domains of broadcast) reduces the unnecessary
traffic in the network and promotes performance. · Mitigation of the storm of
The division of a network in the VLAN reduces the quantity of devices
that can take part in a storm of broadcast. LAN's segmentation prevents that a
storm of broadcast propagates to the whole network. In the figure it can observe
that, in spite of the fact that there are six computers in this network, there are only
three domains of broadcast: educational Body, Student and Guest. · Major
efficiency of the personnel of YOU: the VLAN facilitates the management of the
network due to the fact that the users with similar requirements of network share
the same VLAN. When it provides a new switch, all the policies and procedures
that were already formed for the particular VLAN are implemented when the ports
are assigned. Also, it is easy for the personnel of YOU to identify the function of a
VLAN providing a name to him.

6
 STATEMENT OF THE PROBLEM

The Superior Technological Institute of Tepeaca requests a few students.

of Computer Systems Engineering a page or control system
online school or intranet prioritizing certain modules such as:
Tutoring, social service, English, and the extracurricular department. Due to the
network architecture and topology that the system will manage is necessary to carry out
the design and implementation of it, and that is why VLANs will be designed
in accordance with the needs of these requests.

A VLAN is intended to be created for each module in order to innovate in some.

aspects of the speed and efficiency of these modules that will shape the future
a more complete system.

7
JUSTIFICATION

The Tepeaca Higher Technological Institute does not have a control system.
school in which the departments or modules of the different careers and
specialties interact with each other and exchange information that can later
to be generated in a single report. But the fact of implementing a system like this
type involves restructuring connections, permissions, security, and other needs
within the school network. That is why we find it necessary to create
design and implement a VLAN that enables connection and discretion between
users and the ports to be used for each host.

8
REACHES AND LIMITATIONS

The expected scope is relevant until the implementation of the first network and
its version or topology which it is expected to manage and be able to cover the
specific needs for identification and access to information in real time
expected form.

The limitations that can be specified will depend on the host demand in
each VLAN is why these should be limited to 5 hosts per VLAN for
ensure the efficiency and stability of data transmission independent of
the 5 remaining ports in case the demand for the module increases.

We are talking about 4 modules and an initial total of 20 hosts in 4 VLANs although the

Number of hosts can grow up to 40 hosts divided among the 4 VLANs.

9
THEORETICAL FRAMEWORK

A VLAN (acronym for virtual LAN, 'virtual local area network') is a method
to createnetworksindependent logics within the same network fisica.1Several
VLAN can coexist in a singleswitchphysical or on a single physical network. They are
tools to reduce the size of thebroadcast domainand assist in the administration of
the network, separating logical segments of a local area network (the departments
of a company, for example) that should not exchange data using the network
local (although they could do it through arouteror a layer 3 switch
y 4).

A VLAN consists of two computer networks that behave as if

they were connected to the same PCI, even if they are physically
connected to differentsegmentsright awaylocal area network. The administrators of
red configure VLANs through hardware instead of software, which makes them
extremely strong. One of the greatest advantages of VLANs arises
when a computer is physically moved to another location and it can
stay in the same VLAN without the need to change the configuration of the
vertical subnet mask.

REGARDING THE HISTORY OF VLANS...

In the early 1980s, Ethernet was already a consolidated technology.

which offered a speed of 1Mbits/s, much higher than most of the
alternatives of the time. Ethernet networks had a bus topology, where the
the physical transmission medium (coaxial cable) was shared. Ethernet was, therefore
so much, a broadcasting network and as such when two stations transmit
collisions occur simultaneously and bandwidth is wasted in
failed transmissions.

10
The design of Ethernet did not offer scalability, that is, as the size increased
the network reduces its performance or the cost becomes unmanageable. CSMA/CD, the
protocol that controls access to the shared medium in Ethernet, imposes by
yes limitations regarding the maximum bandwidth and the maximum distance between
two stations. Connecting multiple Ethernet networks was at that time
complicated, and although a router could be used for interconnection, they were
expensive and required more processing time per large package, increasing
the delay.

To solve these problems, Dr. W. David Sincoskie invented

the Ethernet switch with auto-learning, frame switching device of
Level 2. Using switches to interconnect Ethernet networks allows the separation of domains
of collision, increasing the efficiency and scalability of the network. A fault-tolerant network
fault-tolerant and with a high level of availability requires the use of topologies
redundant: multiple links between switches and redundant equipment. From this
In this way, in the event of a failure at a single point, it is possible to recover automatically.

and fast service. This redundant design requires the protocol to be enabled.
spanning tree (STP) to ensure that there is only one active logical path
to go from one node to another and thus avoid the phenomenon known as storms
broadcast. The main disadvantage of this logical topology of the network is that the
central switches become bottlenecks, as most of the
traffic flows through them.

Sincoskie managed to alleviate the overload of switches by inventing virtual LANs.

by adding a tag to Ethernet frames to differentiate the traffic.
define several virtual LANs each of which will have its own spanning tree and
you will be able to assign the different ports of a switch to each of the VLANs. For
to connect VLANs that are defined on multiple switches, a link can be created
special trunk call, through which traffic from several VLANs flows. The switches
They will know which VLAN each frame belongs to by observing the VLAN tag (defined
in the IEEE 802.1Q standard). Although nowadays the use of virtual LANs is
generalized in modern Ethernet networks, to use them for their original purpose
it can be somewhat strange, since it is usual to use them to separate domains
of broadcast (hosts that can be reached by a broadcast frame).

11
CLASSIFICATION OF VLAN

Although the most common are port-based VLANs (level 1), the
virtual local area networks can be classified into four types according to the level of
the OSI hierarchy in which they operate:

Level 1 VLAN (by port). Also known as 'port switching'.

specify which switch ports belong to the VLAN, the members of it
VLANs are those that connect to those ports. It does not allow the mobility of the.
Users, VLANs would need to be reconfigured if the user moves physically.
It is the most common and the one that is explained in depth in this article.

Layer 2 VLAN by MAC addresses. Hosts are assigned to a VLAN based on

from your MAC address. It has the advantage that there is no need to reconfigure the

switching device if the user changes their location, that is,

connect to another port of that or another device. The main drawback is that if
There are hundreds of users, so members would need to be assigned one by one.

Layer 2 VLAN by protocol type. The VLAN is determined by the

content of the protocol type field of the MAC frame. For example, it would be associated
VLAN 1 to the IPv4 protocol, VLAN 2 to the IPv6 protocol, VLAN 3 to AppleTalk, VLAN 4
a IPX...

Level 3 VLAN by subnet addresses (virtual subnet). The header of

Level 3 is used to map the VLAN to which it belongs. In this type of VLAN
it is the packets, and not the stations, that belong to the VLAN. Stations
with multiple network protocols (level 3) will be in multiple VLANs.

Higher-level VLAN. A VLAN is created for each application: FTP,

multimedia flows, email... Membership in a VLAN can be based on

12
in a combination of factors such as ports, MAC addresses, subnet, time of
day...

MANAGEMENT OF VLAN MEMBERSHIP

The two most common approaches for the assignment of members of a

VLAN are the following: static VLANs and dynamic VLANs.

Static VLANs are also referred to as port-based VLANs.

assignments in a static VLAN are created by assigning the
ports of a switch or a switch to that VLAN. When a device enters into
the network automatically assumes its membership to the VLAN to which it has been assigned

the port is assigned. If the user changes the input port and needs to access
the same VLAN, the network administrator must manually change the
assignment to the VLAN of the new connection port on the switch.

In it, non-static virtual units are created in which the ...

files and components of the global file system

In dynamic VLANs, the assignment is made through software packets.

such as CiscoWorks 2000. With VMPS (acronym in English for VLAN
Management Policy Server or VLAN Policy Management Server
network administrator can assign the ports that belong to a VLAN of
automatically based on information such as the MAC address of the
device that connects to the port or the username used to access
to the device. In this procedure, the device that accesses the network performs a
query the VLAN member database. It can be queried the
FreeNAC software to see an example of implementing a VMPS server.

13
PORT-BASED VLAN

With level 1 VLANs (port-based), the port assigned to the VLAN is

independent of the user or device connected to the port. This means that
All users connecting to the port will be members of the same VLAN.
It is usually the network administrator who makes the assignments to the
VLAN. After a port has been assigned to a VLAN, through that
port cannot send or receive data from devices included in another
VLAN without the intervention of any layer 3 device.

The ports of a switch can be of two types, regarding

VLAN characteristics: access ports and trunk ports. A port of
access (switchport mode access) belongs solely to an assigned VLAN of
static form (native VLAN). The default configuration is usually that all
ports should be access ports of VLAN 1. In contrast, a trunk port (switchport...
trunk mode) can be a member of multiple VLANs. By default, it is a member of
all, but the list of allowed VLANs is configurable.

The device that connects to a port may not be aware of

the existence of the VLAN to which that port belongs. The device
just know that it is a member of a subnet and that it may be able to
talk to other members of the subnet by simply sending information to
cable segment. The switch is responsible for identifying that the information
comes from a certain VLAN and ensuring that this information reaches
all the other members of the VLAN. The switch also ensures that the
The rest of the ports that are not in that VLAN do not receive that information.

This approach is simple, quick, and easy to manage, given that there are no
complex tables to look at to configure VLAN segmentation. If
the port to VLAN association is done with an ASIC (acronym in English for
Application-Specific Integrated Circuit
specific), the performance is very good. An ASIC allows for port mapping to
VLAN has been done at the hardware level.

14
VLAN DESIGN

The first network designers used to configure VLANs with the goal of
reduce the size of the collision domain in an Ethernet segment and improve its
performance. When the switches achieved this, because each port is a domain
of collision, their priority was to reduce the size of the broadcast domain. Since, if
the number of terminals increases, the broadcast traffic increases and the consumption of

CPU for processing unwanted broadcast traffic. One of the ways most
efficient in reducing the domain of diffusion is by dividing a network
large in several VLANs.

Currently, modern institutional and corporate networks tend to be

configured hierarchically divided into several working groups.
Security and confidentiality reasons also advise limiting the scope of
broadcast traffic so that an unauthorized user cannot access resources
or the information that does not correspond to it. For example, the institutional network of a

University campus usually separates users into three groups: students,

teachers and administration. Each of these groups constitutes a domain of
broadcast, a VLAN, and it usually corresponds with asubred
IPdifferent. In this way, communication among members of the same group is
can do at level 2, and the groups are isolated from each other, they can only be
communicate through a router.

The definition of multiple VLANs and the use of trunk links, compared to thenetworks
LANinterconnected with a router, it is a scalable solution. If it is decided to create
new groups can easily accommodate the new VLANs by making a
redistribution of the ports of the switches. In addition, the membership of a
university community member to a VLAN is independent of their
physical location. And it can even be achieved that a team belongs to several
VLANs (using a network card that supports trunking).

15
Imagine that the university has a network with an IP address range of the type
172.16.XXX.0/24, each VLAN, defined at the data link layer (level 2 of
OSI), will correspond to a different IP subnet: VLAN 10. Administration.
Subred IP 172.16.10.0/24 VLAN 20. Profesores. Subred IP 172.16.20.0/24 VLAN
30. Students. IP subnet 172.16.30.0/24

In each building of the university, there is a switch called access, because to

they connect directly to the end systems. The access switches are
connected with trunk links (link that carries traffic from the three VLANs) to
a trunk switch, with high performance, typically Gigabit Ethernet or 10-
Gigabit Ethernet. This switch is connected to a router also with a trunk link.
The router is responsible for carrying traffic from one VLAN to another.

PROJECT DEVELOPMENT

The VLAN was created in the following way:

Components:

1 ROUTER (1841)

2 SWHITCH (2950-24)

20 COMPUTERS (PC-PT)

4 VLANs (VLAN 2, VLAN 3, VLAN 4, VLAN 5)

2 TRUNCATED LINKS

DIRECT CONNECTION CABLE

The VLANs are configured for up to 10 hosts each, but due to the low
user demand is limited to 5 pcs per VLAN in which VLAN 2 and 4
they have trunk links for better network management.

16
First, we connect the router to the 2 switches and these to the PCs using
the fastethernet ports 0/0 and fastethernet 0/1 and the fastethernet subinterfaces
0/0.1, 0/0.2 Fastethernet 0/1.3 and Fastethernet 0/1.4 with the following IP addresses:

DEVICE GATEWAY IP VLAN

PC 1 192.168.0.1 192.168.0.5 2
PC 2 192.168.0.1 192.168.0.4 2
PC 3 192.168.0.1 192.168.0.3 2
PC 4 192.168.0.1 192.168.0.2 2
PC 5 192.168.0.1 192.168.0.8 2
PC 6 192.168.1.1 192.168.1.5 3
PC 7 192.168.1.1 192.168.1.4 3
PC 8 192.168.1.1 192.168.1.3 3
PC 9 192.168.1.1 192.168.1.2 3
PC 10 192.168.1.1 192.168.1.6 3
PC 11 192.168.2.1 192.168.2.5 4
PC 12 192.168.2.1 192.168.2.4 4
PC 13 192.168.2.1 192.168.2.3 4
PC 14 192.168.2.1 192.168.2.2 4
PC 15 192.168.2.1 192.168.2.7 4
PC 16 192.168.3.1 192.168.3.5 5
PC 17 192.168.3.1 192.168.3.4 5
PC 18 192.168.3.1 192.168.3.3 5
PC 19 192.168.3.1 192.168.3.2 5
PC 20 192.168.3.1 192.168.3.6 5

17
18
19
20
CONCLUSION

In conclusion, the use and implementation of VLAN technology in the technology institute

I would moderate the traffic of data and reduce the data transfer time.
in addition to improving the performance and management of the network.

A VLAN allows a network administrator to create groups of devices

connected to the network logically acting as if they were in their own
independent network, even if they share a common infrastructure with others
VLAN. When you configure a VLAN, you can give it a name to describe it.
main function of the users of that VLAN

A VLAN is a logically separated IP subnet. VLANs allow for

IP networks and multiple subnets exist in the same switched network

Network with VLAN.- When VLANs are implemented on a switch, the transmission
the traffic of unicast, multicast, and broadcast from a host in a VLAN
in particular, they are limited to the devices present in the VLAN.

21
REFERENCES

Cysco Networking Academy

Exploración3_intspanish.

The provided text is a URL and does not require translation.

www.youtube.com/How to create and configure VLANs in Packet Tracer.

22