Deploying VLANs over WirelessThe use of VLANs with WLANs is becoming more popular. Initially, VLANs were used only on the wired side, and all the APs were placed on a single VLAN. Many of the enterprise-class wireless devices today support VLANs over the RF. This enables you to place wireless devices into different VLANs, all while communicating to the same AP.According to the IEEE, VLANs define broadcast domains in a Layer 2 network. Traditional networks use routers to define broadcast domain boundaries. Layer 2 switches create broadcast domains based on the configuration of the switch. Switches are multiport bridges that allow the creation of multiple broadcast domains. Each broadcast domain is a distinct virtual bridge within a switch.VLANs have the same attributes as physical LANs with the additional capability to group end stations virtually to the same LAN segment regardless of the end stations' geographical locations. Figure 9-8 shows an example of two wired VLANs in logically defined networks that have been extended to the wireless. Figure 9-8. Extending VLANs Beyond the Wire802.1Q trunk can be terminated on an AP, allowing access for up to as many as 16 wired VLANs and possibly more.In addition, with WLANs, you can define a per-VLAN network security policy on the AP, providing different levels of security for users on different VLANs.Wireless VLAN deployment is different for indoor and outdoor environments. For indoor deployments, the AP is generally configured to map several wired VLANs to the WLAN. For outdoor environments, 802.1Q trunks are deployed between bridges, with each bridge terminating and extending as an 802.1Q trunk and thus participating in the 802.1d-based Spanning Tree Protocol (STP) process.Figure 9-9 shows an indoor wireless VLAN deployment scenario. Four wireless VLANs are provisioned across the campus to provide WLAN access to full-time employees (segmented into engineering, marketing, and human resources user groups) and guests. Figure 9-9. Wireless VLAN |
لطفا منتظر باشید ...
