Filter
Top Products
Configuring Switching
5
SonicOS 5.7: Advanced Switching Feature Guide and Screencast Tutorial
Configuring Switching
This section contains the following sections:
• “Configuring VLAN Trunking” section on page 5
• “Configuring Rapid Spanning Tree” section on page 13
• “Configuring Layer 2 Discovery” section on page 18
• “Configuring Link Aggregation” section on page 21
• “Configuring Port Mirroring” section on page 25
• “Configuring Layer 2 Quality of Service” section on page 27
• “Configuring Rate Control” section on page 32
• “Configuring Port Security” section on page 35
Configuring VLAN Trunking
VLAN trunking is supported by the IEEE 802.1Q networking standard, also called VLAN Tagging. This
standard defines how VLANs operate with regard to Layer 2 (MAC layer) bridging. The use of VLANs and
VLAN trunking allows multiple bridged networks to simultaneously share a single physical network while
preserving the privacy of information in each (virtual) network. IEEE 802.1Q also refers to the
encapsulation protocol used to implement this standard in Ethernet networks. The SonicWALL NSA
2400MX appliance supports 802.1Q encapsulation on its VLAN trunk ports. Encapsulation, in this case,
refers to the
For example, a company, university, or other organization can use VLANs to create separate logical (virtual)
networks for different departments. Each department is assigned to it’s own VLAN. The switch ports to
which the department computers are connected are configured as members of that VLAN. When network
traffic is sent out from a department computer, the switch adds a 32-bit VLAN tag to each data frame before
forwarding it via a VLAN trunk port. Each switch in the network examines the VLAN tag, and uses the
information to determine that it is a tagged frame, the priority level (defined by IEEE 802.1p), whether it
is an Ethernet or a Token Ring frame, and the VLAN to which the frame belongs. The frame makes its way
through the physical network until it reaches the last switch before the destination device, at which point
the switch removes the VLAN tag and delivers the frame to its destination. This switch only delivers the
frame via a port that is configured as a member of the same VLAN, thereby ensuring that the data is not
leaked to any other department.
In the above scenario, the switch ports connected to department computers are configured as members of
a VLAN. The switch ports that are connected to other switches in the physical network are configured as
VLAN trunk ports. This distinction means that only unassigned switch ports on the SonicWALL NSA
2400MX appliance can function as VLAN trunk ports.
You can enable or disable individual VLANs on the trunk ports, allowing the existing VLANs on the
SonicWALL NSA 2400MX appliance to be bridged to respective VLANs on another switch connected via
the trunk port. A maximum of 32 VLANs can be enabled on each trunk port.