Supported Platforms
Understanding VLANs
A virtual local area network (virtual LAN, or VLAN) is a collection of network nodes that are grouped together to form separate broadcast domains.
Introduction to VLANs
On an Ethernet network that is a single LAN, all traffic is forwarded to all nodes on the LAN. A VLAN has the same attributes as a physical LAN, but allows end stations to be grouped together. An advantage to a VLAN is that you can perform network reconfiguration through the software rather than having to physically relocate a device.
On VLANs, frames whose origin and destination are in the same VLAN are forwarded only within the local VLAN. Frames that are not destined for the local VLAN are the only ones forwarded to other broadcast domains. VLANs limit the amount of traffic flowing across the entire LAN, reducing the number of possible collisions and packet retransmissions within a VLAN and on the LAN as a whole.
On an Ethernet LAN, all network nodes must be physically connected to the same network. On VLANs, the physical location of the nodes is not important, so you can group network nodes in any way that makes sense for your organization, such as by department or business function, types of network nodes, or even physical location. Each VLAN is identified by a single IP subnetwork and by standardized IEEE 802.1Q encapsulation.
In networks that use Fibre Channel over Ethernet (FCoE), a VLAN that uses FCoE frames must be dedicated to FCoE traffic only; you cannot mix standard Ethernet and FCoE traffic on the same VLAN.
QFX Series systems support a maximum of 4089 VLANs, which includes the default VLAN. You can assign a VLAN ID in the range of 1 to 4094.
 | Note: You cannot mix Fibre Channel and Ethernet ports on the same VLAN. For further information about VLANs and Fibre Channel, see Example: Setting Up Fibre Channel and FCoE VLAN Interfaces in an FCoE-FC Gateway Fabric. |
VLAN Tagging
When you divide an Ethernet LAN into multiple VLANs, each VLAN is assigned a unique IEEE 802.1Q tag. This tag is associated with each frame in the VLAN, and the network nodes receiving the traffic can use the tag to identify which VLAN a frame is associated with. For a simple network that has only a single VLAN, all traffic has the same 802.1Q tag.
Assigning Traffic to a VLAN
You can assign traffic to a VLAN in one of the following ways:
- Interface (port)–You can specify that all traffic received on a particular interface is assigned to a specific VLAN. By default, all traffic received on an access interface is untagged. This traffic is part of a default VLAN, but does not have an 802.1Q tag. During configuration, you specify which VLAN to assign the traffic to. You configure the VLAN either by using a VLAN ID number or by using a name, which is translated into a numeric VLAN ID.
- MAC address–You can specify that all traffic received from a specific MAC address be forwarded to a specific egress port (the next hop port). This method is cumbersome to configure manually, but it can be useful when you are using automated databases to manage the devices on your network.
Ethernet Switching Tables
Learned MAC addresses on local VLANs are stored in a bridge. With each MAC address, the Ethernet switching table stores and associates the name of the learned port address. The information in this table is used when packets are forwarded toward their destination.
Layer 2 and Layer 3 Forwarding of VLAN Traffic
To pass traffic within a VLAN, Layer 2 forwarding protocols are used, including IEEE 802.1Q and Spanning Tree Protocol (STP),
To pass traffic between two VLANs, standard Layer 3 routing protocols are used, such as static routing. On the QFX Series, the same interfaces that support Layer 2 bridging protocols also support Layer 3 routing protocols, providing multilayer switching.
