VLANs in Computer Networking

Now a days, almost every organizational network uses VLANs, and it’s un-imaginable to have a LAN without a VLAN.

Traditionally, a Local Area Network (LAN) is a network of computers located within the same geographical area. Today, Local Area Networks are defined as a single broadcast domain. This means that if a host broadcasts information on LAN, the broadcast will be received by every other host on the same LAN. Broadcasts are prevented from leaving a LAN by using Layer-3 addressing, provided by a router or a layer-3 switch. The disadvantage of using routers (in comparison with L3 switch) is that they normally take more time to process incoming packets.   Given below are some of the advantages of VLANs:

  • VLANs enable logical grouping of end-stations that are physically dispersed on a network: When users on a VLAN move to a new physical location but continue to perform the same job function, the end-stations of those users do not need to be reconfigured. Similarly, if users change their job functions, they need not physically move: changing the VLAN membership of the end-stations to that of the new team makes the users’ end-stations local to the resources of the new team.
  • VLANs reduce the need to have routers deployed on a network to contain broadcast traffic. Flooding of a packet is limited to the switch ports that belong to a VLAN.
  • Confinement of broadcast domains on a network significantly reduces traffic. By confining the broadcast domains, end-stations on a VLAN are prevented from listening to or receiving broadcasts not intended for them. Moreover, if a router or a layer-3 switch is not connected between the VLANs, the end-stations of a VLAN cannot communicate with the end-stations of the other VLANs.

The figure shows a LAN network using single broadcast domain. As a result, both the groups (staff and students) will be on the same LAN. A bridge works at layer-2 of OSI layer and simply forward traffice from either end. Both Students and Staff networks form a single LAN. The next figure shows how a VLAN makes difference to the broadcast domain. In this figure, the two LANs have been segregated using a router.

A router doesn’t forward broadcast traffic and therefore, users in VLAN1 will not be able to communicate with users in VLAN2, unless the router is configured to forward traffic from VLAN1 to VLAN2 and vice versa. As we can understand from the explanation above, configuring VLANs requires a layer-3 address mapping. Each VLAN in a VLAN network will have a unique IP address which would be used to identify the VLAN, and forward traffic from one VLAN to another VLAN. We can also use a Layer-3 Switch instead of a router for this purpose. The benefit of using Layer-3 switch is shorter response times.

Static and Dynamic VLANs: VLANs may broadly be categorized in to Static and Dynamic VLANs.

Static VLANs: In a static VLAN, the network administrator creates a VLAN and then assigns switch ports to the VLAN. Static VLANs are also called port-based VLANs. The association with the VLAN does not change until the administrator changes the port assignment. End-user devices become the members of VLAN based on the physical switch port to which they are connected.

The ports on a single switch can be assigned to multiple VLANs. Even though workstations are connected to different ports on a same switch, traffic will not pass between them if the connected ports are on different VLANs. We need a layer 3 device (typically a Router) to enable communication between two VLANs.

Dynamic VLANs: In a dynamic VLAN, the switch automatically assigns the port to a VLAN using information from the user device like MAC address, IP address etc. When a device is connected to a switch port the switch queries a database to establish VLAN membership. A network administrator must configure VLAN database of a VLAN Membership Policy Server (VMPS).

Dynamic VLANs support instant movability of end devices. When we move a device from a port on one switch to a port on another switch, the dynamic VLANs will automatically configure the membership of the VLAN.

So, how VLANs are identified by a switch or router? How they are different from a packet that doesn’t use VLAN? VLANs are identified in a network by what is called as a “tag”.  Frame tagging is used to identify the VLAN that the frame belongs to in a network with multiple VLANs. The VLAN id is placed on the frame when it reaches a switch from an access port, which is a member of a VLAN. That frame is then forwarded out the trunk link port or other ports with same VLAN id. Each switch in network can see  VLAN id and accepts the frame if it has any ports that are members of the same VLAN. If it doesn’t have any port with matching VLAN id, it simply ignores the frame. One more thing could happen. If the switch has a “trunk” link, the frame is forwarded across the “trunk port” to another switch.

A trunk port is a port that is assigned to carry traffic for all the VLANs, a process known as trunking. Trunk ports mark frames with unique identifying tags – either 802.1Q tags or Inter-Switch Link (ISL) tags (not both at the same time, network admin chooses the tag type at the time of configuring the network)– as they move between switches. Therefore, every single frame can be directed to its designated VLAN.

An Ethernet interface can either function as a trunk port or as an access port, but not both at the same time. A trunk port is capable of having more than one VLAN set up on the interface. As a result, it is able to carry traffic for several VLANs at the same time.

If a switch receives untagged Ethernet frames on its Trunk port, they are forwarded to the VLAN that is configured on the Switch as native VLAN. Both sides of the trunk link must be configured to be in same native VLAN. It is not usual for a Switch port configured as a trunk port to receive untagged Ethernet frames. But it will happen if you are using Cisco VOIP phones in your network.

Note: The IEEE committee that defined 802.1Q decided that for backward compatibility it was desirable to support native VLAN,  a VLAN that is not associated explicitly to any tag on an 802.1Q link. This VLAN is implicitly used for all the untagged traffic received on an 802.1Q capable port (Trunk port).

Frames from all VLANs are carried across the trunk link containing the 802.1Q or ISL tag, except for frames belonging to VLAN 1. By default, frames from VLAN 1 belong to native VLAN, and are carried across the trunk untagged. Frames from the native VLAN, VLAN 1, are carried across this trunk link untagged.

Now, we have several VLANs and routers or layer-3 switches have been setup to communicate between VLANs. However, it becomes very difficult to add VLANs, or modify VLANs on several switches. VTP, short for VLAN Trunking Protocol (a Cisco proprietary protocol) makes that task less cumbersome by communicating the changes to VLANs.

VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by propagating the addition, deletion, and renaming of VLANs within a VTP domain. A VTP domain (also called a VLAN management domain) is made up of one or more network devices that share the same VTP domain name and that are interconnected with trunks. VTP minimizes misconfigurations and configuration inconsistencies that can result in a number of problems, such as duplicate VLAN names, incorrect VLAN-type specifications, and security violations. With VTP, you can make configuration changes centrally on a single network device and have those changes automatically communicated to all the other network devices in the network.

VLAN Trunk Protocol (VTP) reduces network administration in a switched network by auto propagating the latest VLAN information. When you configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere.

Configuring VLANs:

VLANs provide logical segmentation of networks by creating separate broadcast domains. A VLAN can span multiple physical network segments. The end-stations belonging to a VLAN are related by function or application.

For example, end-stations in a VLAN might be grouped by departments, such as engineering and accounting, or by projects, such as release1 and release2. Because physical proximity of the end-stations is not essential in a VLAN, you can disperse the end-stations geographically and still contain the broadcast domain in a switched network.

You can manage VLANs by creating, deleting, or displaying information about them.

Note: VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series products. Similar protocol is available with all other make switches, such as Juniper switches.

 

Anand Software Updates CCNA app for iPhone

Anand Software and Training updated CCNA exam app for iphone and ipad. There are several changes to the update, including the following:

– New questions have been added
– Randomising questions in learn mode.
– Night mode and full screen option while taking exam.
– Bookmarking questions learn mode and exam mode.
– Option to retake bookmarked, unanswered or incorrect questions while
taking exam.
– Improved flash cards with support for images.
– Exam configuration (changing exam time and number of questions per exam)

Some of the screen shots have been provided below for brief review of the product features:

exam sim for iphone app

This screen shows the exam page of the app. As you can see it displays the multiple choice question with answers. Navigation bars for Show Answer, Notes, Reset, Previous, Next, Review and End Exam are provided (which are self explanatory).

 

 

 

 

 

Given here is the exam review screen. As may be seen, right answers are shown by green bars, where as the wrong answers are shown by red bar(s). The ones shown in red are the choices marked by the candidate. The review screen enables candidates to know right answers and learn the subject by using associated flash card (by clicking on the flash card).

 

 

The screen shown shown beside is an example flash card, and it is formatted in html with hyperlinks for thorough preparation. It is advised that candidates go through the flash card explanations for wrongly answered questions.

 

 

The screen shot provides an overview of the review screen. After you end the exam, the Review option is enabled. Here, you can review all the questions (if the time is still remaining) or close the Review and End the exam. After End Exam, you will not be able to make any changes to the exam answers. The questions may be broadly categorized in to 1) Answered questions 2) Un-answered quesitons, and 3) Bookmarked question. Note that 1) or 2) may still be book marked. Candidates can bookmark a question for later review.

 

This screen shot shows the grade sheet that’s displayed after completion of the exam. As you can see, the percentage of marks is displayed for each topic as well as the aggregate. By viewing the topics that a candidate had performed poorly, one can improve the chances performing well in the actual exam.

 

 

The iphone apps are available for CCNA, Comptia A+, Network+, Security+, PMP, and others. Please check out the website for up to date information, and download free trial versions of the software.

Also, check out the free CCNA app for iphone, which is limited to one test (60 questions) with all other features available.

Anand Software Updates CCNA Android App

Anand Software and Training recently updated it CCNA Android app practice tests to include additional questions, and fixed a couple of bugs. A randomization option has been provided in the Learn Mode also (it’s already available in Exam Mode).  The CCNA Android app, which provides a simulated exam environment that looks exam-like is useful for candidates appearing for CCNA certification exam. The CCNA app contains 400+ most relevant questions with answers and flash card explanation for each question.

Recent changes are given below:

  1. Question database update (addition of new questions)
  2. Randomization of questions
  3. Bug fix – a bug showing “night mode” has been fixed

Important features of the android app with screen shots are given below:

CCNA Android app login

Given here is the login screen shot. Login allows that two or more people take the exam, yet maintain separate statistics. The login is not linked to the website, and it’s local to the mobile. You can download the demo version for viewing various features of the exam.

 

 

 

CCNA ExamThis screenshot provides the exam mode screen of the CCNA app. The question types include Multiple Choice Single Answer and Multiple Choice Multi Answer. Given in the figure is a MCSA question.

 

 

 

CCNA Android app review screenShown beside is the review screen of the CCNA prep exam. This screen may be invoked after completion of the practice exam. As can be seen in the figure, your answer (in case it is wrong) is shown in red, and the right answer is shown in green color. The review of wrong answers after the exam is over, enables candidates to see where exactly he has made a mistake in answering the question.

 

Exam mode selectionHere, you select the mode of the practice test. Two available modes are Learn mode, and Exam mode. If you have just started you preparation, you can start with Learn mode. If you have finished with your preparation and like to feel how the actual exam, then take Exam mode.

 

 

 

The question bank is updated from time to time to reflect most recent exam topics, and additional features are added to the app to make it more responsive and up to date. Please email us for leaving any feedback.

App download link: https://play.google.com/store/apps/details?id=com.anandsoft.ccnaexamsim301full

Free (limited to 60 questions) app download: https://play.google.com/store/apps/details?id=com.anandsoft.ccnaexamsim301

Other Cisco apps available include:

  • CCENT app (Full)
  • CCENT app (Free)
  • CCNA ICND2 app (Full)
  • CCNA ICND2 (Free)

Disclaimer: CCNA™, CCENT™, ICND2™ are registered trade marks of Cisco® Systems. The practice tests material is a copyright of SimulationExams.com and the same is not approved or endorsed by respective certifying bodies.

CCNA Cram Notes & Cheatsheets

Checkout the cram notes below:

Download and post your reviews. The full version will have several sample questions with answers and explanations. You may download it here (password protected, and you need to buy the full version):

Software Defined Networking (SDN) – An Intro

Software Defined Networking (SDN) has been gaining momentum over the past few years. Important features of SDN include:

  • Separation of data and control plane,
  • a well defined vendor-neutral interface between the data and control plane (e.g. OpenFlow), and
  • a logically centralized control plane that provides a network view for the control and management applications. One important reason that industry is inclined towards SDN because it enables graceful scaling of network infrastructure and minimize obsolescence.  Basic differences between SDN and legacy network is shown in the diagram below:

As shown in the figure above, the user will see standardized hardware which is controlled by proprietary software (Controller), which in turn is accessed by Open APIs such as REST and HTTP. The advantage is that the network admin need not know the specific hardware command syntax and only need to know the overall design and Openflow.

We can imagine the entire SDN as having an SDN controller with North-bound and South-bound interfaces as shown in the diagram below:

As can be seen in the diagram, the SDN controller is usually proprietary to the vendor. The SDN application is a standardized application  that talks to the SDN controller, which in turn talks to the networking hardware.

The advantages of SDN include the following:

  1. Centralized network provisioning. Because it separates conceptually, the control and data planes, SDN can be used as a firewall and load-balancing traffic between networking nodes.
  2. Comprehensive infrastructure management. It is possible to provision the infrastructure such as servers, networking elements, etc. for more efficient and scalable operation.
  3. Vendor Neutrality: Enables use of old and new equipment with low obsolescence because the data plane is separated from the control pane.
  4. Enhanced security. By separating data plane from control pane, it is possible to enhance the overall security of the network. Further, SDN controller, being the brain of the Software Defined Networking, can be programmed to introduce additional layers of obscurity.
  5. Cloud infrastructure – By using SDN, the infrastructure can easily be migrated to cloud platform.

The SDN course is offered at several leading universities in USA, and typical course ware is given below:

  • API between Control Plane and Data Plane:OpenFlow
  • Controller Design:ONIX, POX and Floodlight
  • SDN Abstraction
    • Protocol Independent Forwarding
    • Composition and Trace Tree
    • Verification
    • Network Update
  • SDN Application
    • Traffic Engineering: Google B4, Microsoft SWAN, SDX
    • Wireless Networks: SoftCell, SoftRAN, OpenRadio, OpenRF
  • SDN Virtualization
    • FlowVisor
    • Open vSwitch
    • NFV
  • SDN Endhosts, Middleboxes, Debugging, fault tolerance and Security
    • SDN Control of Endhosts and Middleboxes
    • SDN Debugging, fault tolerance and Security

 

SimulationExams Releases Comptia A+ Practice Tests with Labsim

A+ Practice Tests with LabsimSimulationexams.com released practice tests with lab exercises for Comptia A+ certification exams preparation. This is a combined product that offers both the practice exams as well as the labs for hands-on practice. The software is useful for practicing A+ exams along with simultaneous labs preparation. The practice tests features are given below:

  • 300+  exam-like questions
  • Custom exam settings
  • Detailed explanations and online feedback
  • Learn mode and exam mode to suit your requirement
  • Identify weak areas
  • Key concepts flashcards for each question
  • Check for updates online
  • Online feedback (from within the exam) and support site
  • Licenses never expire

The Labsim provides several labs for hands-on experience. Practice safely without having the fear that the system might crash due to wrong settings! Since the labsim is a virtual networking environment, you can safely practice settings such as changing the control pane/networking/user controls without crashing the system or the Wifi router. A few screenshots of the labsim is given below:

a) Labsim Intro Form: Given below is an introductory text about the labsim

a+ labsim main window Currently about 75 labs are available with free demo version and detailed lab manual. Download the free version and install: A+ practice tests with labsim

 

The main window of the labsim is shown below:

The left pane shows the available labs. You can expand the labs in any given topic by clicking on the + sign. The right pane shows the selected lab. In this specific instance of lab, you are required to drag and drop relevant text to corresponding graphic element in the diagram. The topics covered in the labsim are given below:

  • PC Hardware
  • Networking
  • Laptops and mobiles
  • Operating systems
  • Printers and Scanners
  • Security
  • Troubleshooting

Each of the above topics contain several labs for practice. It may be noted that chapter-end questions are provided in the Essentials manual.

Checkout complete details about the labs by going to the product URL: Comptia A+ Practice Tests with Labsim

Goodluck!

Top 10 IT Certifications of 2018

According to Firebrand.com, 2018 the top IT certifications are different from last years and CEH has garnered the top slot. These are the top 10 IT certifications of 2018:

  • EC-Council Certified Ethical Hacker (CEH)
  • (ISC)2 CISSP
  • Cisco CCNA (Routing and Switching)
  • The Open Group TOGAF 9.1 Certification
  • (ISC)2 Certified Cloud Security Professional (CCSP)
  • GDPR Practitioner
  • Certified Data Protection Officer – CDPO
  • Microsoft MCSE: Cloud Platform and Infrastructure
  • AXELOS PRINCE2 Foundation and Practitioner
  • ISACA CISA

Cyber security, data protection, networking, cloud technology and project management have been placed under high demand certs.

Read full article here:

http://blog.firebrandtraining.co.uk/2017/12/top-10-it-certifications-2018.html

SimulationExams.com Website Update

The website simulationexams.com has been updated recently. The update provides a better navigation to our products such as labsims and Android/IOS apps. Please check out the new simulationexams.com menu. The labsims available are:

Some of the important android/ios product links are given below:

http://www.simulationexams.com/android-ios-apps.htm

Check out the product pages for more details.

Comptia Releases New Security+ exam…

Comptia® recently released revised Security+® exam, SY0-501. The new version of CompTIA Security+ (SY0-501) emphasises on hands-on ability to both identify and mitigate security threats, attacks and vulnerabilities.

CompTIA Security+ is vendor-neutral and widely used by private and public employers and government agencies to validate essential cyber security skills for employees and/or contractors. As per the Comptia website, “On average, a test taker can expect to spend up to one-third of the 90-minute exam completing performance-based items.” So, one can expect a lot of performance based questions in the exam, and it’s almost impossible to pass the exam without having to answer the performance based questions.  As per the official website: “These items include simulations of technology solutions and story-based items that require advanced cognitive thinking on the part of the test taker,”

CompTIA Security+ is ANSI accredited and complies with the ISO/IEC 17024 standard for personnel certification programs. The certification is also approved by the U.S. Department of Defense for Directive 8140/8570.01-M

Comptia has more than two million IT certifications issued and probably stands first in the world.

The practice tests offered by simulation exams .com include Comptia Security+ practice tests. We are in the process of 501 exam practice tests and the same would be available at the earliest.

Disclaimer: Simulationexams.com is not associated with Comptia® organization. Security+® is a trademark of Comptia®.