Security Basics mailing list archives
RE: Different terms for the same or more secure?
From: "David Gillett" <gillettdavid () fhda edu>
Date: Tue, 12 Sep 2006 10:40:37 -0700
NO ONE has answered the simple initial question of what is a VLAN?
A SWITCH is a box with a bunch of interfaces and a MAC address
table. For each incoming packet, it records in the table that it
has seen that packet's source MAC address show up at interface X,
and consults the table to see what interface Y it has seen the
destination MAC address from -- if the destination MAC address
isn't in the table, it forwards the packet to all interfaces
except X. [There's a bit more to it -- spanning tree to detect
and break loops, tools for manually seeding the table, and so on.]
SOME switches offer a feature of allocating interfaces to groups,
each with its own MAC table. Effectively, the one big physical
switch is behaving as if it were several smaller switches. Each one
of those groups is a VLAN.
If you have several switches in your network, and you connect
group 3 on switch A to group 3 on switch B and group 3 on switch C,
these interconnected groups form a single "group 3" VLAN. [Oh yeah,
there are some tools for connecting multiple groups on switch A to
the corresponding groups on switch B over a single physical
link. So we say something like "Which VLANs are on the link from
A to B?"]
So VLANs allow us to have multiple logical ("virtual") networks
over a single set of physical switches and links.
David Gillett (CCNP, etc)
-----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Hylton Conacher(ZR1HPC) Sent: Monday, September 11, 2006 7:56 AM To: security-basics () securityfocus com Subject: Re: Different terms for the same or more secure? Isaac Van Name wrote:Okay, you caught me... got my early morning rant of useless information out of the way. :-) Can't really dispute much of what was said, but I'll try anyways. B-)...............<snip> Thank you Isaac et al for the input on this topic. As luck would have I needed to change physical internet connections and have been offline for close on two weeks, sorry. Isaac, you asked the question of what else is not clear and I had to chuckle. I can only compare the explanations given by you and many of the others as excellent definitions of what can be established and what a VLAN does. NO ONE has answered the simple initial question of what is a VLAN? I know now how to dice it, chop it, mix it and what it will taste like but I still do not know what it is and how it is recognised. I think the end result is that I need to complete a fairly difficult networking course(CCNA?) to fully understand the difference between subnets and VLANs and how they all fit together. My networking knowledge may not be at the level many of you think it is and therefore I think a course in in order ie CCNA. Comments on the course selection as I already have a N+ and I cannot find any reference to a VLAN in that study material of the MCSE(NT4) Networking Essentials book I have. -- ============================================================== ========== Currently using SuSE 9.2 Professional with KDE and Mozilla 1.7.2 Linux user # 229959 at http://counter.li.org ============================================================== ========== -------------------------------------------------------------- ------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus -------------------------------------------------------------- -------------
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life. http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Re: Different terms for the same or more secure? Brian Loe (Sep 05)
- RE: Different terms for the same or more secure? Robert D. Holtz - Lists (Sep 05)
- <Possible follow-ups>
- RE: Different terms for the same or more secure? Dino Dogan (Sep 05)
- RE: Different terms for the same or more secure? Isaac Van Name (Sep 05)
- Re: Different terms for the same or more secure? Brian Loe (Sep 05)
- RE: Different terms for the same or more secure? Dino Dogan (Sep 05)
- Re: Different terms for the same or more secure? Hylton Conacher(ZR1HPC) (Sep 12)
- RE: Different terms for the same or more secure? David Gillett (Sep 12)
- Re: Different terms for the same or more secure? Brian Loe (Sep 13)
- Re: Different terms for the same or more secure? Hylton Conacher(ZR1HPC) (Sep 13)
- RE: Different terms for the same or more secure? David Gillett (Sep 13)
- RE: Different terms for the same or more secure? David Gillett (Sep 12)