Routers and switches have an essential role in the field of networking. This is because the improved network architecture is entirely different from the past network that entirely depended on collapsed backbones. Routers are usually essential in a network because of their ability to break broadcast domain. On the other hand, the importance of switches in networking is to break up all collision domains.
The break up of broadcast domain in a full switch interconnected network is therefore made possible by introducing a virtual local area network VLAN. This virtual network aids in the break up of domains by producing sub net broadcasts of its own. Traffic is passed in VLAN between switches by the process of trunking. This is normally made possible by use of trunk links as the communication media.
The role of VLAN is significant in modern networking because of its advantages such as the scalability and flexibility of the network. It also plays other roles like enhancement of proper precise and accurate network security system.
The meaning of VLAN
Virtual Local Area network (VLAN) is simply a coherent form of networking which groups together a number of users and network resources linked with switches to various administered ports. VLAN networks are essential in the current world since they find their main use in breaking up of broadcast domains from networks that are switched (using layer 2 switches). They are also characterised by complimenting network architecture when compared to earlier networks which entirely depended on poor back bones (Flannagan 712).
The introduction of VLANs presents an easier channel to generating a small sized broadcast domain found possible in the second layer switch in more than two networks by conveying to several ports on a switch to various smaller networks. On an independent broadcast domain, VLAN can work as a subnet because the network broadcasts only need to be switched from one port to another in the same VLAN. However, VLANs may require the use of routers when a creation of an inter-VLAN network is required since VLANs unlike routers cannot breakup a broadcast domain in a cross VLAN situation.
Creating a trunk between two switches to carry VLAN traffic
Trunking is essential because it enables communication between switches of a network. It also improves the transfer of traffic from one switch to another within the VLAN. Trunking between two switches involves a trunk link which acts as the carriage way for the traffic information. The configuration of VLAN on switches is mainly made by entering the name [v]an#] command. The switch ports are then placed in similar VLAN to enable efficient carrying of traffic between the two switches. A membership command is used to assign the two switch ports which have the same configuration of the native VLAN. This enables the use of a native VLAN since it is the main configuration on the trunk links (Szigeti 655).
Trunking can also be obtained on a switch by applying the interface trunk command which is achieved by placing the connection gadget in either automatic mode or a desirable mode. The desirable mode enables the device to negotiate between which trunk port is to be used. Other switches such as 3650 can be used to provide layer 3 options while running on IEE trunking procedures.
The activity between the server and the client in configuration of VLAN Virtual Trunking Protocol
The main aim of VLAN virtual trunking protocol is to manage all arranged VLANs across a network. This is achieved by the capability to add, change and remove information that is distributed to all switched ports of the network in VTP domain. It is also used to ensure VLANs are perfectly tracked and well observed. VTP is configured for the purpose of maintaining reliability of the entire network and make sure configuration of all VLANs through all switches is guaranteed. Prior to the management of all VLANs in the network, it is important to introduce a VTP server for the purpose of networking in the VLAN. It is necessary to use one domain name for all the servers in the same VLAN because a Switch is able to toggle in only one domain at a particular time (Flannagan 713).
Configuration of VLAN virtual protocol involves operational modes of VTP between the client and the server. Since the server is the standard means used by all switches, it is necessary to have one server in a VTP for network control. The server is used to initiate and broadcast Information from the VLAN to the entire domain. For a switch to perform administrative function in A VTP domain, it should be set in the server operation mode which displays the changes on the complete VTP domain. To complete configuration, the switches are set in client mode to collect and transmit information from the VTP server. They act as a means of communication between the server and the user by ensuring proper updates. However, the client switches cannot make any administrative changes without notification to the VTP server.
Benefits of creating VLAN
Virtual Local Area networks have benefits that have helped in the transition to modern networking. VLAN has played a major role in facing off the networking techniques that were used in the past. This new technology of managing the network has been made simpler because it is easy to modify and change VLAN by simple configuration of port that allows remote users to use the same network as if they are linked to a router. It is also easy to achieve changes by simple additions and movements to the network. VLAN enables network users to group themselves and block any intruders from entering the network from their work stations without access permission.
This has brought about a high level of network security, in essence VLAN is known because of its security capability. As a logical assembly which combines users by utility, VLANs do not depend on their environmental setting. This reduces the size of broadcast domains while at the same time increasing their number and thus increasing the number of possible users of the VLAN network (Noonan 450).
VLANs improve the security of a network because they can be assembled into a number of broadcasts. Each port on the broadcasts is easily controlled hence making the network inaccessible to any user from a workstation. The enhancement of network security completely differs from network control of the past which was mainly maintained by ineffective routers that could be easily accessed.
Networking has also benefited from VLAN because broadcast domains are controlled by simply swapping and switching hub networks. This is achieved without difficulty since VLAN environments are grouped together hence making these adjustments easy. It further reduces the problems normally experienced by users working from the same domain like the case of a hub network where it is not possible to break up a broadcast domain hence leading to network clogging.
Another benefit of VLAN is the flexible control and changes generated through the application of smaller broadcast domains. This is essentially what differentiates VLANs from the use of layer 2 switches or hubs which do not consider the protocol of network layers as VLAN does. This flexibility and scalability has assisted many selected network users. The reason for this is the considerable reduction of bandwidth when the number of users at a given time reduces (Szigeti 703).
Meaning of Telnet and how it works
Telnet is defined as a set of typical procedures set to ensure terminal imitation in the TCP/IP protocol stack. This procedure applies the technique of remote connection which facilitates the users with trouble free access to the resources of the server. This is simply attained by use of remote computer machines to access the server as an existing a local workstation of the network, the remote client can therefore access all the resources of the work station as if he/she is attached to the network.
The emulation of these workstations enable the completion of protocol which include chances of decision making, demonstration of menus , availability and admission to server applications. The telnet procedure is accomplished by successful logging into the server with the help of FTP after running the program. Since the client can be located a different location, software imaging process which actually dupes the server is necessary in ensuring that the remote client is linked to the network (Szigeti 702).
Meaning of TFTP and how it is used to manage router configuration files
Trivial File Transfer Protocol (TFTP) is an enhanced and developed form of the file transfer protocol (FTP) which enables easy transfer of files between two or more computers in a network. This protocol has advantages over FTP because it is trouble-free and works with speed. Its main purpose is to receive and transmit files at a faster rate than FTP even though it does not perform directory duties. In addition, TFTP is not very coherent in terms of security due to lack of validation or authentication. This is the reason why most sites do not use this form of file transfer and go for FTP instead. TFTP is used in management of files in router configuration by faster coordination between the server and the client. Files can be sent from the server to particular workstations with more speed as compared to the FTP and vice versa (Sweeney 201).
Meaning of ACL (Access Control List)
This is basically a list of events used in classification of packets which is essential to the security control system of a network. Access lists are used to perform various duties including filtration of non useful packets during security check up. They are also used when making decisions on the desired control traffic pattern. This is done by restricting the accessibility of hosts to the internet and at the same time permitting others. The use of access lists enables network administrators to fully control the security system of a network.
Access lists can also be applied in routing protocols. This is simply completed by connecting it to a router as a substitute to interface. This enables the lists to sort between which networks are to be advertised on dynamic protocols. The Access lists are produced in a similar manner to programs because instructions are followed depending on given commands. Therefore, an access list can be useful to either clear or unclear traffic for any interface (Noonan 423). In an larger network with a number of devices in it, the usage of ACLs can be a challenging task, to manage this, many organizations implements the use of ACL manager to ease the task in a busy network. One of such managers is the CiscoWorks2000 normally routed to a WAN solution management.
Description of how to create a named ACL to permit or deny specific traffic
Named Access lists are a special type of access list since they are created differently from the two main types namely; extended and standard access lists. These lists permit the use of names in both application and creation of either standard or extended lists. Once an access list is created on the router, it needs to be activated for it to perform its function. Activation of access lists is done by application to the interface to enable it work as a packet filter (Flannagan 760).
Named access lists are of great use because they enable the user to use any name in applying both types of access lists. A named access list is simply created by slight modification of an extended list achieved by adding descriptive names and changing the router prompt. This then changes the configuration mode to named access list. To ensure the access list is within the router, the program is run and then applied to an interface for the purpose of packet filtering.
Explanation using real network how to implement the concept of Advanced Extended Access List
The concept of advanced extended list is implemented in real networking situation such as the management of middle to large class corporations. The control over security network is achieved using advanced extended lists. This is because administering the access list is really cumbersome and proves to be a load of task (Sweeney 201). To deal with such challenges, an advanced list has to be applied in changing all access lists. It is also used in deleting the old list, copying to the editor and editing the list. Further more, the advanced list is used to paste the new list back to the router. This is important because it enables a smooth transition from an older access list to a new one without affecting security of the network.
This paper has explicitly analyzed the meaning of VLAN and its relevance in networking, VLAN essentially acts as a router within the VLAN network because it break the broadcast domain just like a router hence increasing the number of users and bandwidth management. A router is however needed whenever an Inter-VLAN network is required. As analyzed, it is also possible to trunk two switches to carry VLAN traffic; a number of configurations are also possible when using the VLAN Virtual Trunking Protocol. These options available for VLAN are the main benefits of VLAN since it is more secure and hence used by several organizations.
On the other hand, Telnet allows virtualization of a remote client and server with the usage of a software imaging to allow remote user access network facilities as it directly linked to the network. TFTP is a faster mode of file transfer but an insecure method of file transfer; in essence FTP is usually preferred to TFTP because of security concerns of TFPT. As also discussed, ACL is a control mechanism that filters unwanted packets to access a network, in this sense; ACL can allow or deny traffic to the network. The use of Advanced Extended Access list is imperative in reducing the cumbersome work required is a larger organization that uses ACL. This is because it allows flexibility of copying and pasting new list back to the router.
Flannagan, Michael. Best damn Cisco internetworking book period. London: Syngress, 2003. PP. 710-770.
Noonan, Wesley. Hardening network infrastructure. Cambridge: McGraw-Hill Professional, 2004. PP.403-562.
Sweeney, Michael. Cisco security professional’s guide to secure intrusion detection systems. Melbourne: Syngress, 2003. PP.198-233.
Szigeti, Tim. End-to-end qos network design. New York: Cisco Press, 2005. PP. 658- 723.