About static VLAN operation

A group of networked ports assigned to a VLAN form a broadcast domain configured on the switch. On a given switch, packets are bridged between source and destination ports that belong to the same VLAN. Thus, all ports passing traffic for a particular subnet address should be configured to the same VLAN. Cross-domain broadcast traffic in the switch is eliminated and bandwidth is saved by not allowing packets to flood out all ports.

Comparative operation of port based and protocol based VLANs

Function

Port-Based VLANs

Protocol-Based VLANs

IP Addressing

Usually configured with at least one unique IP address.

A port-based VLAN can have no IP address. However, this limits the switch features available to ports on that VLAN.

Multiple IP addresses allow multiple subnets within the same VLAN.

You can configure IP addresses on all protocol VLANs. However, IP addressing is used only on IPv4 and IPv6 VLANs.

Restrictions:

Loopback interfaces share the same IP address space with VLAN configurations.

The maximum number of IP addresses supported on a switch is 2048, which includes all IP addresses configured for both VLANs and loopback interfaces (except for the default loopback IP address 127.0.0.1).

Each IP address configured on a VLAN interface must be unique in the switch, it cannot be used by a VLAN interface or another loopback interface.

Untagged VLAN Membership

A port can be a member of one untagged, port-based VLAN. All other port-based VLAN assignments for that port must be tagged.

A port can be an untagged member of one protocol VLAN of a specific protocol type, such as IPX or IPv6. If the same protocol type is configured in multiple protocol VLANs, then a port can be an untagged member of only one of those. For example, if you have two protocol VLANs, 100 and 200, and both include IPX, then a port can be an untagged member of either VLAN 100 or VLAN 200, but not both.

A port's untagged VLAN memberships can include up to four different protocol types. It can be an untagged member of one of the following:

  • Four single-protocol VLANs

  • Two protocol VLANs where one VLAN includes a single protocol and the other includes up to three protocols

  • One protocol VLAN where the VLAN includes four protocols

Tagged VLAN Membership

A port can be a tagged member of any port-based VLAN.

A port can be a taggedmember of any protocol-based VLAN.

Routing

The switch can internally route IP (IPv4) traffic between port-based VLANs and between port-based and IPv4 protocol-based VLANs if the switch configuration enables IP routing.If the switch is not configured to route traffic internally between port-based VLANs, then an external router must be used to move traffic between VLANs.

If the switch configuration enables IP routing, the switch can internally route IPv4 traffic as follows:

  • Between multiple IPv4 protocol-based VLANs

  • Between IPv4 protocol-based VLANs and port-based VLANs.

Other protocol-based VLANs require an external router for moving traffic between VLANs.
NOTE:

NETbeui and SNA are non-routable protocols. End stations intended to receive traffic in these protocols must be attached to the same physical network.

Commands for Configuring Static VLANs 

vlan <vid> [ tagged | untagged [ e | <port-list> ] ]
              
vlan <vid> protocol [ipx | ipv4 | | ipv6 | arp | appletalk | sna | netbeui ]
vlan <vid> [ tagged | untagged [ e| <port-list> ] ]