What is pon?
A passive optical network (PON) is a system that brings optical fiber cabling and signals all or most of the way to the end user. Depending on where the PON terminates, the system can be described as fiber-to-the-curb (FTTC), fiber-to-the-building (FTTB), or fiber-to-the-home (FTTH).
Downstream signal coming from the central office is broadcast to each customer premises sharing a fiber. Encryption is used to prevent eavesdropping. Upstream signals are combined using a multiple-access protocol, usually time division multiple access (TDMA).
A PON consists of an optical line terminal (OLT) at the service provider’s central office (hub) and a number of optical network units (ONUs) orOptical Network Terminals (ONTs), near end users.
What is FTTH?
Since its promotion in 2003, FTTH has gone through 14 years. Since its launch in 2013, “Broadband China” has experienced another four years. FTTH has evolved from the dream of optical communications people to reality and has become a place where people work, study and live Indispensable infrastructure.
FTTH is an abbreviation for fiber optic directly to the home, abbreviated as FTTH in Chinese. Specifically, FTTH refers to installing an ONU at a home user or an enterprise user, and is an optical access network application type closest to a user except an FTTD (fiber to the desktop) in the optical access family. The significant technical feature of FTTH is that it not only provides more bandwidth, but also enhances the transparency of the network to data formats, rates, wavelengths and protocols, relaxes the requirements for environmental conditions and power supply, and simplifies maintenance and installation. When it comes to FTTH, you first have to talk about fiber access. Optical fiber access refers to the central office and users entirely between the optical fiber as a transmission medium. Optical access can be divided into active optical access and passive optical access. The main technology of optical subscriber network is optical transmission technology. At present, the multiplexing technology of optical fiber transmission develops quite fast, and most of them are in practical use. According to the depth of fiber users, can be divided into FTTC, FTTZ, FTTO, FTTF, FTTH and so on.
What is ODN?
ODN is an FTTH optical fiber network based on PON equipment, which provides optical transmission channel between OLT and ONU.From the perspective of function,ODN can be divided into four parts: feeder cable subsystem, distribution cable subsystem, inbound cable subsystem and fiber terminal subsystem.
What is ONU?
ONU consists of active Optical Network Unit and passive Optical Network Unit.It has two functions: selective reception of the broadcast sent by OLT, and receiving response to OLT if the data is needed;The Ethernet data that the user needs to send is collected and cached, and the cached data is sent to the OLT side according to the assigned send window.
What is the function of the switch?
Switch is a general term for the technology that sends the information to the corresponding route that meets the requirements by means of manual or automatic.A Switch means a network device used to transmit electrical and optical signals.
What’s the difference between hgu and sfu?
The most essential difference of SFU can be understood as Layer2 device, usually no routing function;HGU is a Layer3 device with routing function and compared with SFU, it has home gateway function.
How many kinds of ONU products do you have?
For both GPON and EPON,we have date type ONU,voice type ONU and catv type ONU.We have many products for each type.You can get more detailed information about our products from our official website.
Does your ONU can connect to the phone and TV?
Yes.Our products have these functions.In particular, most of our ONU products also have WiFi capabilities
What is FTTH?
Fiber To The Home (FTTH) is a method of transmission for Fiber communication.Specifically,FTTH refers to ONU installed at home or enterprise users, which is the optical access network application type closest to users except FTTD in the optical access series.Technical characteristics of the FTTH is not only provide greater bandwidth, and enhance the network for data format, rate, wavelength and protocol transparency, eased to meet the requirements of the environmental conditions, and the power supply, simplifies the maintenance and installation of PON technology has become a hot spot in the global broadband operators together, is considered to be one of the best technical solution to realize FTTH.
What is MAC address?
MAC Address is the media access control address, also known as the LAN Address, Ethernet Address, or Physical Address.It is an address used to confirm the location of a network device.In the OSI model, the third network layer is responsible for IP address, while the second data link layer is responsible for MAC address. MAC address is used to uniquely identify a network card in the network. If a device has one or more network cards, each network card needs and will have a unique MAC address.
What is FTTO?
FTTO means Fiber To The Office.FTTO mode of operation, the operators pull cable relative concentration areas, to the customer after the right branch connection to the user’s computer room or equipment, for a user large commercial office buildings, such as CBD EPON OLT equipment can directly be placed into the building room, after vertical cable wiring, again through the appropriate branch, connect the optical fiber to the end user.
What is vlan?
A virtual local area network (VLAN) is a group of logical devices and users that are not limited by their physical location， but can be organized according to functional， departments and applications, and communicate with each other as if they were in the same network segment.VLAN is a relatively new technology that works in layer 2 and layer 3 of the OSI reference model. A VLAN is a broadcast domain, and communication between VLAns is accomplished through layer 3 routers.Compared with the traditional LAN technology, VLAN technology is more flexible, it has the following advantages: network equipment to move, add and modify the management overhead reduced, can control broadcast activities, can improve network security.
What is PPPOE?
PPPOE is a point-to-point protocol (PPP) encapsulated in Ethernet in the framework of a tunnel network protocol due to integrate the PPP protocol, so the traditional Ethernet is unable to provide authentication encryption and compression, and other functions, can also be used for cable modem and digital subscriber line to Ethernet protocol to provide user access system.
What is multicast?
Multicast technology is designed in the IP network, in the form of a “best” to send information to a particular target group, the target group is called a multicast group. When active host send information demand to the target host, the source host just send a copy of the data, the data of the destination address is a multicast group address.In this way, all belong to the group members can receive a copy of the original host data, the multicast mode members who really need information will receive information,while others can’t receive it.Therefore, multicast method solves the duplication of data and bandwidth in unicast, and also solves the waste of bandwidth in multicast method.
What is SNNP?
SNMP means simple network management protocol, which is a standard protocol specially designed for IP network management network nodes, such as servers, workstations, routers, switches, etc. It is an application layer protocol.SNMP protocol enables network administrators to manage network performance, discover and solve network problems, and plan network growth. SNMP consists of three key components: network management system, managed device, and agent.
What is pon?
PON is a kind of typical passive optical network, refers to the network does not contain any electronic devices and electronic power, ODN all by optical divider passive components such as composition, does not require expensive active electronic devices. A passive optical network including a installed on the center control station of the optical line terminal (OLT), as well as a number of supporting installation on site of optical network units.
DHCP(Dynamic host configuration protocol), is a LAN network protocol that works using the UDP protocol.DHCP can help us assign IP addresses and related IP information to computers in the network.DHCP can also configure the correct subnet mask, default gateway, and DNS server information on the device.
What’s the difference between GPON and EPON?
The main difference between GPON and EPON is the use of completely different standards.GPON was defined by ITU-TG.984 and EPON was defined by IEEE802.3ah.In application,GPON has a bigger bandwidth than EPON, its business carrying more efficient, spectral ability stronger, can transmit more bandwidth business, achieve more users access, pay more attention to business and QoS guarantee, but more complex, so cost is higher than its relative EPON , but with the large-scale deployment of GPON technology, EPON and GPON is diminishing cost differences.
What’s the normal range of optical receiving power of onu made by your company?
For epon it’s normal optical receiving power between -3dbm to -27dbm
For gpon it’s normal optical receiving power between -8dbm to -28dbm
The difference between HGU, SFU, MDU, MTU and SUB
SFU (Single Family Unit) single-family unit ONU
It is mainly used for single home users in FTTH scenarios and ordinary terminals that only support broadband access. Generally, it has 1 to 4 Ethernet interfaces and provides Ethernet / IP services. The built-in optical equipment or IAD equipment can support CATV services or VoIP business. Now often used in conjunction with home routers to provide greater business capabilities.
HGU (Home Gateway Unit) Home gateway unit type ONU
It is mainly used for single home users in FTTH occasions. Compared with SFU, which has the function of home gateway, it is equivalent to a home gateway with PON uplink interface. It generally has 2 ~ 4 Ethernet interfaces, 1 WLAN interface and 1 USB interface. Provide Ethernet / IP services, through the built-in optical or IAD devices can support CATV business or VoIP services, support TR-069 remote management.
MDU (Multi.Dwelling Unit) multi-family unit ONU
Mainly used in FTTB / FTTC / FTTCab mode for multiple residential users occasions, with broadband access terminal functions, usually with at least 4 user-side interfaces in the telecom operators equipment selection, often including Ethernet interfaces, ADSL2 + Interface or VDSL2 interface to provide Ethernet / IP services. In the radio and television operators of the network applications, due to differences in business content, generally only contains the Ethernet interface for PON + LAN access.
MTU (Multi-tenant Unit) Multi-tenant unit type ONU
It is mainly used for multiple enterprise users in the FTTB scenario or multiple individual users in the same enterprise. It has the function of broadband access terminal and has multiple Ethernet interfaces (usually at least eight), E1 interfaces and POTS interfaces, and provides Ethernet Network / IP services, TDM services and VoIP services (built-in IAD).
SBU (Single Business Unit) single-business unit ONU
Mainly used in the case of FTTO, separate business users and businesses in a single office access. Support broadband access terminal functions, in the telecom operation network, generally with Ethernet interface, E1 interface, VOIP interface, etc., to provide Ethernet / IP services and TDM services.
What’s the difference between ont and onu?
ONU and ONT are both users’ devices, and there is no difference in essence.But ONT means optical network terminal used by end users.ONU means optical network unit, and there may be other networks between it and the end users.You could also say that ont is part of the onu.
What is the purpose of the LLID in EPON?
If the OLT (the central node of the EPON) were to be implemented as a PHY with a single MAC attached to it, this would cause serious trouble for any bridge (=switch) to which the MAC were connected. Consider a MAC frame coming into the bridge from an ONU (a subscriber node) via an EPON port. The bridge associates the source address of the frame with the port on which it came in, i.e. the EPON port. When at a later time another MAC frame comes in from an ONU, this time destined for the MAC address previously learned, it will not be transmitted back to the EPON port, because the bridge assumes that the frame was already received by all the stations on the attached “broadcast” LAN. However, this is not the case; upstream transmissions are not received by other ONUs. Standard bridging has no way of accomodating an attached LAN that behaves as a broadcast LAN in downstream and as a point-to-point LAN in upstream.
The solution to this problem was designed in close cooperation with Working Group 802.1. Instead of one single MAC, the OLT would have a different dedicated MAC for every ONU attached to the EPON. As a result, higher layers can consider the EPON as a collection of logical point-to-point links. From the individual MACs down to the OLT PHY, the logical point-to-point links share a common GMII; hence, a way to identify data frames for/from the different ONUs is required. The Logical Link identifier (LLID) was created for this purpose. The LLID is carried along by the frame in the bytes of its preamble.
How the data transfer in an EPON system?
An EPON system uses the single-fiber wavelength division multiplexing (WDM) technology (with downlink central wavelength of 1490 nm and uplink central wavelength of 1310 nm) to implement single-fiber bidirectional transmission, supporting a transmission distance of up to 20 km (12.43 miles).
What’s the ONU optical TX power and RX sensitivity?
Wavelength: Tx 1310nm, Rx1490nm
Tx Optical Power: 0～5dBm
Rx Sensitivity: -27dBm
Saturation Optical Power: -8dBm
What is your ONT Tx power level and RX sensitivity?
The OLT support Class B+.
PON port speed: symmetrical 1.25Gbps
Waves: 1310nm TX,1490nm RX
TX Optical power : 0～5dBm
RX Sensitivity: -27dBm
How many ONU can your OLT connect?
The ONU quantity connected to the OLT depend on the OLT PON ports quantity and optical splitter ratio.
For example, 2PON port OLT can connect 64pcs EPON ONU in 1:32 splitter ratio; If in 1:64 ratio, it can manage 128pcs ONU.
What is epon ?
Ethernet Passive Optical Network (EPON), defined by IEEE 802.3ah, is a point to multipoint (Pt-MPt) network topology implemented with passive optical splitters, along with optical fiber PMDs that support this topology. EPON is based upon a mechanism named MPCP (Multi-Point Control Protocol), which uses messages, state machines, and timers, to control access to a P2MP topology. Each ONU in the P2MP topology contains an instance of the MPCP protocol, which communicates with an instance of MPCP in the OLT. On the basis of the EPON/MPCP protocol lies the P2P Emulation Sublayer, which makes an underlying P2MP network appear as a collection of point-to-point links to the higher protocol layers (at and above the MAC Client). It achieves this by prepending a Logical Link Identification (LLID) to the beginning of each packet, replacing two octets of the preamble. In addition, a mechanism for network Operations, Administration and Maintenance (OAM) is included to facilitate network operation and troubleshooting.
What is EOC?
Ethernet Over Coax also called EOC for short. It is an equipment which used for triple play service in a new generation broadcasting network. Widely used by consumers and telecommunications operators in existing 75 ohm coaxial cable installations (from cable television or CATV), to carry broadband data into and through the home, and into multiple dwelling unit (MDU) installations.
C-Data EOC network is built with EOC Master and EOC Slave.
What is HFC?
Hybrid fiber-coaxial (HFC) is a telecommunications industry term for a broadband network that combines optical fiber and coaxial cable.
In a hybrid fiber-coaxial cable system, the television channels are sent from the cable system’s distribution facility, the headend, to local communities through optical fiber trunk lines. At the local community, a box called an optical node translates the signal from a light beam to electrical signal, and sends it over coaxial cable lines for distribution to subscriber residences. The fiberoptic trunk lines provide adequate bandwidth to allow future expansion and new bandwidth-intensive services.
What is MC?
A fiber media converter ( MC for short) is a simple networking device that makes it possible to connect two dissimilar media types such as twisted pair with fiber optic cabling. They were introduced to the industry in the 1990s, and are important in interconnecting fiber optic cabling-based systems with existing copper-based, structured cabling systems. They are also used in metropolitan area network (MAN) access and data transport services to enterprise customers.
What is GPON？
GPON (Gigabit-Capable PON) technology is based on the latest generation of broadband passive optical integrated access standard based on the ITU-TG.984.x standard. It has many advantages such as high bandwidth, high efficiency, large coverage and rich user interface. Most operators regard the access network as a broadband technology, integrated transformation of the ideal technology. GPON was originally proposed by the FSAN in September 2002. On this basis, ITU-T completed the formulation of ITU-T G.984.1 and G.984.2 in March 2003 and completed G in February and June 2004. 984.3 standardization. Which eventually formed a GPON standard family.
EPON and GPON which is better？
EPON compatible with the current Ethernet technology for the purpose of the 802.3 protocol in the optical access network continuation of the full inheritance of the Ethernet low prices, flexible protocol, mature technology and other advantages, with a wide range of markets and good compatibility.
The GPON is positioned in the telecommunications industry for multi-service, full-service access with QoS guarantees, and strive to find the best and most business-friendly solution with the highest efficiency. It proposes that “all agreements be openly and completely thoroughly Reconsider “.
Overall, EPON and GPON have their own strengths and weaknesses, from the performance indicators GPON is better than EPON, but EPON has the advantage of time and cost, GPON is catching up, looking forward to the future of broadband access market who may not be replaced, it should be Co-existence and complementarity. GPON will be more suitable for customers with high bandwidth, multi-service, QoS and security requirements and ATM technology as the backbone. For cost-sensitive, QoS, security, less demanding customer base, EPON has become the dominant.
What is 10G PON?
Broadband access Gigabit access era, 10G PON PON has become the mainstream technology, the traditional PON is to 10G PON upgrade, broadband will increase 10 times. 10G PON scale commercial launch, will directly help FTTH to Gigabit access rate evolution. The company is located in:
10G PON has many advantages, based on the existing hardware architecture to upgrade the network, greatly reducing costs, and shorten the transformation cycle, more crucially, PON upgrade to 10G PON, the bandwidth can be increased 10 times. Only through the upgrading of key components, you can enter the “Gigabit era” from the “Fast trillion times.”
Gigabit bandwidth is not the limit, with the rapid development of 8K ultra-high definition video and Internet of Things technology, especially the advent of the 5G era, will bring greater bandwidth demand for the network growth, in this context, 10G PON will continue Development, will be 100G PON evolution.
From the standard progress, 100G PON has been in IEEE / FSAN / ITU-T and other standardization organizations. IEEE set up the NG EPON research group, the standard named P802.3ca, mainly for 25G PON, 50G PON, 100G PON standardization is scheduled to be released in May 2019 standards; ITU-T also set up a 25G PON research group, Research on single wavelength rate improvement.
What is FTTB?
FTTB (Fiber To The Building): FTTX + LAN is a network connection mode, the optical signal is mainly connected to the office building or apartment building within the main distribution box to achieve optical fiber signal access, and in the office building or The interior of the apartment building is still the use of coaxial cable, twisted pair or fiber optic distribution signal to achieve the realization of high-speed data applications. We call FTTX + LAN broadband access network (referred to as FTTB), this is one of the most reasonable, most practical, most cost-effective broadband access methods.
Fast: Fiber to the floor, cable home, the user uplink and downlink rates generally up to 10Mbps-50Mbps, up to 100Mbps.
Large capacity: each household can enjoy the two-way balanced 10M-50Mbps bandwidth.
Investment Province: FTTB is mainly used for transformation of old residential areas. Residential areas that already have network cables, telephone lines and coaxial cables do not need to deploy optical fibers and save a large amount of wiring expenses.
Low price: Unit bandwidth is cheaper than FTTH and CMTS
Wide range of applications: High-speed Internet access, VOD, SOHO, distance education, video conferencing, ROBO, telemedicine and Internet connectivity.
What is wireless AP？
A wireless AP (AP, Access Point, Wireless Access Point, Conversation Point, or Access Bridge) is a well-known name that includes not only simple wireless access points (wireless APs), but also wireless routers Gateway, wireless bridge) and other types of equipment collectively. It mainly provides wireless workstations for wired LAN and wired LAN access to wireless workstations, wireless access point within the coverage of wireless workstations can communicate with each other.
Simple wireless AP is a wireless switch that provides wireless signal transmission and reception functions. Simple wireless AP’s working principle is the network signal transmitted over twisted pair, after AP product compilation, the electrical signal is converted into a wireless signal sent out to form a wireless network coverage. According to different power, it can achieve different degrees and different ranges of network coverage, the maximum wireless AP coverage of up to 500 meters. Most simple wireless AP itself does not have the routing function, including DNS, DHCP, Firewall, server functions must have independent routing or computer to complete.
What is ARP?
The Address Resolution Protocol, or ARP(Address Resolution Protocol), is a TCP/IP Protocol that obtains physical addresses based on IP addresses.When sending information, the host will broadcast the ARP request containing the target IP address to all hosts on the local area network, and receive the return message to determine the physical address of the target;After receiving the return message, the IP address and physical address will be stored in the local ARP cache and reserved for a certain time. The next request will directly query the ARP cache to save resources.
What is OLT?
OLT device is an important terminal device, which can be connected with the front-end switch by network wire and converted into optical signals.And like ONU device, it is a photoelectric integrated device.It has three functions:
- Broadcast Ethernet data to ONU
- Initiate and control the ranging process and record the ranging information
- Allocate bandwidth for ONU;That is to control the start time of sending data by ONU andthe size of the sending window
What’s the Difference? Switch vs Router
Switches, routers are almost all network devices used in modern local area networks. Among them, switches are responsible for connecting network devices (such as switches, routers, firewalls, wireless APs, etc.) and terminal devices (such as computers, servers, cameras, network printers, etc.) ); The router realizes the interconnection between the local area network and the local area network, and the interconnection between the local area network and the Internet; In general, the switch is responsible for connecting devices, the router is responsible for connecting to the network.
The function of the switch is to connect terminal devices such as computers, servers, network printers, network cameras, IP phones, and realize the interconnection with other network devices such as switches, wireless access points, routers, network firewalls, etc., so as to build a local area network and realize all devices Communication between.
The switch is located in the second layer (data link layer) of the OSI reference model. The work of the switch relies on the identification of the MAC address (all network devices have a unique MAC address, which is usually directly burned into the network card by the manufacturer) ).
Routers are also called gateways, which connect local area networks to form a larger wide area network. When connecting heterogeneous networks (heterogeneous networks refer to different network types, such as ATM networks, FDDI networks, Ethernet networks, etc.). Heterogeneous networks use different data encapsulation methods and cannot communicate directly, and routers can “translate” these different encapsulated data to achieve communication in heterogeneous networks. In addition, for the local area network, the wide area network is undoubtedly a heterogeneous network.
In general, the main differences between routers and switches are reflected in the following aspects:
(1) Different levels of work
The original switch worked at the data link layer of the OSI/RM open architecture, which is the second layer, and the router was designed to work at the network layer of the OSI model from the beginning. Since the switch works on the second layer of OSI (data link layer), its working principle is relatively simple, while the router works on the third layer of OSI (network layer), it can get more protocol information, and the router can make Smarter forwarding decisions.
(2) The data forwarding is based on different objects
The switch uses the physical address or MAC address to determine the destination address of the forwarded data. The router uses the ID numbers (ie IP addresses) of different networks to determine the address for data forwarding.
(3) Traditional switches can only divide conflict domains, not broadcast domains; routers can divide broadcast domains
The network segment connected by the switch still belongs to the same broadcast domain. Broadcast data packets will spread to all network segments connected to the switch, and in some cases will cause communication congestion and security vulnerabilities. Although the switches above the third layer have the VLAN function, they can also be divided into broadcast domains, but the sub-broadcast domains cannot communicate, and the communication between them still requires a router.
(4) The router provides firewall services
The router only forwards data packets with specific addresses, and does not transmit data packets that do not support routing protocols and network data packets whose purpose is unknown, which can prevent broadcast storms. Switches are usually used for LAN-WAN connections. Switches are classified as bridges, which are devices at the data link layer. Some switches can also achieve Layer 3 switching. In contrast, routers are more powerful than switches, but they are relatively slow and expensive. The three-layer switch combines the wire-speed packet forwarding capability of the switch and the good control function of the router, so it is widely used.
Whether it is a switch, a router , the realization of the functions of these network devices requires the network engineer to configure the device in advance (such as VLAN virtual network port division, firewall security policy configuration, router default gateway setting, etc.). At a different level, these network devices are computers with cpu and memory, and all implement hardware functions through the “translation” of the cpu to the machine language.
How to choose the right switch?
Switches are the common equipment for data forwarding in local area networks(LAN), and their performance and functions determine the manageability and data forwarding performance of the LAN. The following aspects should be considered when choosing a switch:
- Number of ports
The number of physical ports supported by the switch determines the number of terminals or secondary devices connected to the switch, which need to be selected according to actual needs. Of course, subsequent network expansion needs to be considered. The access port of the switch is used to connect the internal network terminal, and the uplink port is used to connect to the upper-level equipment.
2.Port Speeds and Types
Switches come in Fast Ethernet and Gigabit Ethernet. Fast Ethernet allows up to 100 Mb/s of traffic per switch port while Gigabit Ethernet allows up to 1000 Mb/s of traffic per switch port. These ports may be a combination of SFP/SFP+ slots for fiber connectivity, but more commonly they are copper ports with RJ-45 connectors on the front, allowing for distances up to 100 meters. With Fiber SFP modules, you can go distances up to 40 kilometers. Currently, Gigabit Ethernet is the most popular interface speed though Fast Ethernet is still widely used, especially in price-sensitive environments.
- Switch access capacity
The amount of equipment attached to the switch is mainly reflected in the depth of the MAC address table of the switch. At the same time, it is also necessary to pay attention to the number of host routing entries for the three-layer switch. For example, when selecting a Layer 3 switch, the number of all access terminals of the Layer 3 switch is required to be less than the number of host routing entries of the Layer 3 switch.
- Network scale and switch network structure
Considering the scale and level of switch application networks, which are mainly divided into small and medium-sized networks and large and medium-sized networks, the recommendations are as below:
|Small and medium networks||Large and medium-sized networks|
|Core layer||Ordinary L3 managed switch||10G, stackable L3 managed switch|
|Convergence layer||L2 network managed switch||Ordinary L3 managed switch|
|Access layer||Managed switch or basic switch||Managed switch or basic switch|
- Functional support
Divide VLANs to realize that ports belonging to different VLANs can’t communicate with each other; Set static routes to realize that VLANs of different network segments can communicate with each other; DHCP snooping prevents the access of other DHCP servers from affecting the LAN. The above functions are commonly used in large and medium LANs.
- Safety function
Specifically, such as: Access Control List, 802.1X authentication(Radius,Tacacs+), loopback detection, IGMP Snooping, etc.
At any layer, a modern switch may implement power over Ethernet (PoE), which avoids the need for attached devices, such as a VoIP phone or wireless access point, to have a separate power supply. Since switches can have redundant power circuits connected to uninterruptible power supplies, the connected device can continue operating even when regular office power fails. Another characteristic you consider when choosing a switch is PoE. This is the ability of the switch to deliver power to a device over the existing Ethernet cabling. To find the switch that is right for you, all you need to do is choose a switch according to your power needs. When connecting to desktops which do not require PoE switches, the non-PoE switches are a more cost-effective option.
What is the difference between port isolation and VLAN division?
For large-scale networks, our usual practice of IP planning is to divide VLANs, because dividing VLANs has many benefits, which facilitates management and improves the security of the entire network. Of course, in addition to dividing VLAN there are other methods? The answer is yes, that is port isolation. These two methods are the most used in ip planning. In this issue, we will learn more about VLAN division and port isolation.
When faced with many IP addresses, our common method is to divide VLANs. The role of VLANs is to isolate broadcasts. The same VLAN is in a broadcast domain. Port isolation is to isolate different ports of the same VLAN. Use a three-layer switch to divide vlans, so that vlans can communicate with each other.
The main advantages of VLAN :
- Restrict the broadcast domain. The broadcast domain is restricted to one VLAN, which improves network processing capabilities.
- Enhance the security of the local area network. The advantage of VLAN is that the broadcast and unicast traffic within the VLAN will not be forwarded to other VLANs, which helps to control network traffic, reduce equipment investment, simplify network management, and improve network security.
- Flexible construction of virtual working groups. VLANs can be used to divide different users into different working groups, and users in the same working group do not have to be limited to a certain fixed physical range, and network construction and maintenance are more convenient and flexible.
As we mentioned above, VLAN is a good solution for networks. In addition to VLAN, port isolation can also be used. Users can add different ports to different VLANs, but this will waste limited VLAN resources. The port isolation function can be used to achieve isolation between ports in the same VLAN. The user only needs to add the port to the isolation group to realize the isolation of the Layer 2 data between the ports in the isolation group. Port isolation is generally used in the intranet.Isolated ports can not communicate with each other,so it provides the user a safer solution of network.
In short：The role of VLAN is to isolate broadcasts. The same VLAN is in a broadcast domain. Port isolation is to isolate different ports in the same VLAN.
Access Port vs Trunk Port vs Hybrid Port
We know that different network segments need to be forwarded through routing to communicate.PCs between different VLANs on the same network segment cannot communicate with each other. In fact, this is not absolute. After understanding the various labels of VLAN, we can realize the data intercommunication of different network segments without routing.
The switch port has three working modes, named Access, Hybrid, and Trunk.
Access type ports can only belong to one VLAN, and are generally used to connect to a computer port.
Trunk type ports can allow multiple VLANs to pass, and can receive and send packets of multiple VLANs. They are generally used for ports connected between switches.
Hybrid type ports can allow multiple VLANs to pass through, can receive and send packets from multiple VLANs, and can be used to connect between switches or to connect to a user’s computer.
When the Hybrid port and Trunk port receive data, the processing method is the same. The only difference is when sending data: Hybrid port can allow multiple VLANs packets to be sent without tag, while Trunk port only allows default tagged VLAN message to be sent without tag.
Please refer to the table below:
|Vlan mode||Direction||Whether the message has a tag||Processing method|
|Access mode||In direction||vlan tag||throw away|
|No vlan tag||Mark the vlan configured in access mode (the main parameter is VID) and forward.|
|Out direction||vlan tag||It is forwarded to the corresponding port according to the VID, and the tag is stripped; if the VLAN ID of the outgoing tagged packet is not equal to the VID configured on the port, the packet is discarded.|
|No vlan tag||throw away|
|Trunk mode||In direction||vlan tag||If the VLAN carried by the message belongs to the “allowed VLAN” of the port, it is forwarded directly; if the VLAN carried by the message does not belong to the “allowed VLAN” of the port, it is discarded.|
|No vlan tag||Mark untagged packets with the default (native-vlan) VLAN and forward them.|
|Out direction||vlan tag||If the VLAN ID of the message belongs to the “allowed VLAN” of the port, it will be forwarded directly; if the VLAN ID of the message is the “default (native-vlan) VLAN”, the VLAN tag will be stripped; if the VLAN carried by the message does not belong to the “allowed VLAN” of the port, it will be discarded.|
|No vlan tag||throw away|
|In direction||vlan tag||If the VLAN carried by the message belongs to the “allowed VLAN” of the port, it will be forwarded inward; if the VLAN carried by the message does not belong to the “allowed VLAN” of the port, it will be discarded.|
|No vlan tag||Tag the untagged report to the default (native-vlan) VLAN and forward it.|
|Out direction||vlan tag||If the VLAN ID carried by the message belongs to the “allowed VLAN” of the port, it will be forwarded according to whether the tag and untag mode configured by the VLAN are stripped or not stripped; if the VLAN ID carried by the message is “default (native) -vlan) VLAN”, the VLAN tag is stripped and then forwarded; if the VLAN carried by the message does not belong to the “allowed VLAN” of the port, it will be discarded.|
|No vlan tag||throw away|