Comments inline. >>> "Sim, CT (Chee Tong)" 7/9/01 1:44:41 AM >>> >Hi.. May I know what is the difference between this two situation? I have >2900 switches and I have 4 WINNT workstation, A,B,C,D > >Case 1)I have the switch port are all the VLAN 1, I configured A,B are >10.1.1.0/24 network and C,D in 10.2.2.0/24. Can A,B talked to C,D. What >kind of access is allowed between AB and CD? can A talked to B? A VLAN defines a broadcast domain, and generally you configure each VLAN as a separate subnet for reasons you're about to see. In the first scenario, all devices are in the same VLAN but they are in different subnets. This creates an interesting situation: all devices can see the broadcast traffic from all other devices but the devices in the 10.1.1.0/24 subnet will not be able to speak to the devices in the other subnet without the help of a router. Think this through step by step. Let's say that A wants to talk to B but hasn't talked to it before. A knows the IP address of B but it needs to know the MAC address so it sends an ARP packet, which is a broadcast. B answers the ARP with its MAC address and A can now speak to B directly. Now, if A were to want to speak to C what would happen? A will check to see if C is on the same subnet. If it is, it will send an ARP. If it isn't, it directs any traffic to its default gateway. So, even though C would be able to see broadcasts from A, A will not send a broadcast ARP to reach C. It is dependent on a router (default gateway) for communication across subnet boundaries. >Case 2)I have the switch port 3,4 configured in VLAN 2. the rest in VLAN 1. >A,B are connected in VLAN1 ports and C,D are in port 3,4 which are VLAN 2 >port. What kind of access is allowed between AB and CD? Here you have a similar situation except that AB are in a separate broadcast domain than CD. The steps taken for communication are the same as before. If A wants to talk to B, by comparing IP addresses and subnet masks it sees that B is in the same subnet so it sends a broadcast ARP. If A wants to talk to C, it will send unicast packets to the default gateway. In your scenarios you did not mention the use of a router so inter-subnet communications will fail. In either of the cases you mentioned, a router is necessary to move traffic from one subnet to another, even if the devices are on the same LAN and the same broadcast domain. Your first example is a bad design because all devices will see all broadcast traffic, but AB will never need to see the broadcast traffic from CD and vice versa. Correctly designed VLANs help to limit the amount of unnecessary traffic seen by other devices. Regards, John Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=11461&t=11461 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
