Wiki

User Tools

Site Tools

Trace: size_of_directory
ubiquiti:vlan

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
ubiquiti:vlan [2020/12/10 01:22] peterubiquiti:vlan [2020/12/10 01:30] (current) – [Ubiquiti - VLAN] peter
Line 3: Line 3:
 VLANs (Virtual Local Area Networks), segregate traffic within a network. VLANs (Virtual Local Area Networks), segregate traffic within a network.
  
-VLANs keep traffic from different networks separated from each other.+They allow a single physical Ethernet network to appear to be multiple logical networks.
  
-This process, also known as VLAN tagging, is invaluable to limiting broadcast network traffic, and securing network segments.+Benefits for using VLANs include:
  
-VLAN enabled ports are generally categorized in one of two ways, tagged or untagged.+  * VLANs keep traffic from different networks separated from each other. 
 +  * They enhance network security by preventing wireless devices from accessing LAN resources. 
 +  * Increased performance by limiting broadcast domains.
  
 While VLAN's are effective for separating network segments and limiting broadcast traffic, it is often a requirement for subnets separated by VLAN's to be able to communicate.  This can be accomplished only through a Layer 3 enabled device that can route between the VLAN's.  Even if both VLAN's exist on a device, their traffic will be segregated unless mediated by a layer 3 routing device. While VLAN's are effective for separating network segments and limiting broadcast traffic, it is often a requirement for subnets separated by VLAN's to be able to communicate.  This can be accomplished only through a Layer 3 enabled device that can route between the VLAN's.  Even if both VLAN's exist on a device, their traffic will be segregated unless mediated by a layer 3 routing device.
  
-Unifi usually by default have all switch ports able to consume both tagged and untagged traffic, but this can be modified.  This is known as trunking, i.e. to have a specific port enabled for VLAN tagging, and the other ports for general access.+VLAN enabled ports are generally categorized in one of two ways, tagged or untagged. 
 + 
 +  * VLANs can be port-based (assigning a physical port on a device to a VLAN) or tag-based (tagging particular kinds of traffic with a VLAN tag, as defined by 802.1q). 
 + 
 +Unifiusually by defaulthave all switch ports able to consume both tagged and untagged traffic, but this can be modified.  This is known as trunking, i.e. to have a specific port enabled for VLAN tagging, and the other ports for general access.
  
 ---- ----
 +
 +===== Other Considerations =====
 +
 +  * For greater security, no SSID should be untagged, i.e. be on the "native VLAN".
 +  * The amount of broadcast traffic on the trunk port to which an AP is attached should be limited.
 +    * Limiting broadcast traffic improves wireless performance.
 +
 +----
 +
  
 ===== Common Terms ===== ===== Common Terms =====
ubiquiti/vlan.1607563344.txt.gz · Last modified: 2020/12/10 01:22 by peter
Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki