Static VLAN vs Dynamic VLAN
Virtual Local Area Network (VLAN) is a set of ports selected by the switch as belonging to the same broadcast domain. Typically, all ports carrying traffic to a particular subnet address would belong to the same VLAN. Static VLANs are VLANs that are manually configured by providing a name, VLAN ID (VID) and port assignments. Dynamic VLANs are created by storing the hardware addresses of host devices in a database so that the switch can assign the VLAN dynamically at any time when a host is plugged in to a switch. VLANs allow you to group users depending on the logical function rather than their physical location.
What is Static VLAN?
Static VLANs which are also known as Port-based VLANs are created by manually assigning ports to a VLAN. When a device is connected to a port it automatically assumes the VLAN that the port is assigned to. If the user changes the port and still needs to access the same VLAN, the network administrator has to manually assign the port to the VLAN. Static VLANs are generally used to reduce broadcast and to increase the security. Since static VLANs have a small administrative overhead and provide good security than traditional switches, they are widely used. Another strong point of static VLANs is the ability to control where the user moves within a large network. By assigning specific ports on the switches in the network, the network administrators can control access and limit the network resources that can be used by the users.
What is Dynamic VLAN?
As mentioned earlier, dynamic VLANs are created by assigning the host to a VLAN when a host is plugged in to a switch using hardware addresses stored in a database. Dynamic VLANs use a central server called VMPS (VLAN Membership Policy Server). VMPS is used to handle port configurations of every switch on the VLAN network. VMPS server holds a database that contains MAC addresses of all workstations with the VLAN it belongs to. This provides a VLAN-to-MAC address mapping. This mapping scheme allows the hosts to move inside the network and connect to any switch, which is part of the VMPS network and still maintain its VLAN configuration. Initial workload required for configuring the VMPS is large hence dynamic VLANs are quite rare. When a host is connected to a switch, it is checked against the VMPS database for its VLAN membership before the port is activated and assigned to a VLAN. This prevents a foreign host accessing a network by simply plugging in a workstation to a wall socket.
What is the difference between Static VLAN and Dynamic VLAN?
Main difference between static VLANs and dynamic VLANs is that the static VLANs are configured manually by assigning ports to a VLAN while dynamic VLANs use a database that stores a VLAN-to-MAC mapping to determine the VLAN that a particular host is connected to. This provides more flexibility in dynamic VLANs allowing the hosts to move within the network as opposed to static networks. But configuring the VMPS server that contains the VLAN-to-MAC mapping requires lot of initial work. Due to this overhead network administrators tend to prefer static VLANs.
No comments:
Post a Comment