Fortinet Document Library

Version:


Table of Contents

6.0.0
Download PDF
Copy Link

Introduction

Virtual local area networks (VLANs) use ID tags to logically separate devices on a network into smaller broadcast domains. These smaller domains forward packets only to devices that are part of that VLAN domain. Smaller broadcast domains reduce traffic and increase network security.

One example of an application of VLANs is a company’s accounting department. Accounting computers may be located at both main and branch offices. However, accounting computers need to communicate with each other frequently and require increased security. VLANs allow the accounting network traffic to be sent only to accounting computers and to connect accounting computers in different locations as if they were on the same physical subnet.

Another key use of VLANs is its ability to prioritize FortiFone voice traffic over PC data traffic. Prioritizing voice traffic is achieved by segregating connections through the use of VLAN IDs, and then assigning a higher priority for the voice VLAN over the data VLAN. Prioritizing the voice VLAN is critical for businesses that rely on phone calls not dropping due to other network traffic.

VLAN IDs can also be utilized over the Link Layer Discovery Protocol (LLDP), which is used by network devices for advertising their identity and capabilities over a local area network. LLDP data units are exchanged in the format of Type, Length, Value (TLV). This data contains information such as the system name and description, port number, VLAN name and ID, IP management address, and other system capabilities including router, bridge, telephone, and access point information.

Unlike the Cisco Discovery Protocol (CDP), LLDP is vendor-neutral, and can carry out its functions in a more standardized way.

The Media Endpoint Discovery (MED) is an enhancement of LLDP, known as LLDP-MED, that provides the following facilities:

  • Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority, and Differentiated services (DiffServ) settings), enabling plug and play networking.
  • Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), enhanced emergency services.
  • Extended and automated power management of Power over Ethernet (PoE) end points.
  • Inventory management, allowing network administrators to track their network devices, and determine their characteristics (such as manufacturer, software and hardware versions, and serial or asset number).

This document includes the following procedures:

Introduction

Virtual local area networks (VLANs) use ID tags to logically separate devices on a network into smaller broadcast domains. These smaller domains forward packets only to devices that are part of that VLAN domain. Smaller broadcast domains reduce traffic and increase network security.

One example of an application of VLANs is a company’s accounting department. Accounting computers may be located at both main and branch offices. However, accounting computers need to communicate with each other frequently and require increased security. VLANs allow the accounting network traffic to be sent only to accounting computers and to connect accounting computers in different locations as if they were on the same physical subnet.

Another key use of VLANs is its ability to prioritize FortiFone voice traffic over PC data traffic. Prioritizing voice traffic is achieved by segregating connections through the use of VLAN IDs, and then assigning a higher priority for the voice VLAN over the data VLAN. Prioritizing the voice VLAN is critical for businesses that rely on phone calls not dropping due to other network traffic.

VLAN IDs can also be utilized over the Link Layer Discovery Protocol (LLDP), which is used by network devices for advertising their identity and capabilities over a local area network. LLDP data units are exchanged in the format of Type, Length, Value (TLV). This data contains information such as the system name and description, port number, VLAN name and ID, IP management address, and other system capabilities including router, bridge, telephone, and access point information.

Unlike the Cisco Discovery Protocol (CDP), LLDP is vendor-neutral, and can carry out its functions in a more standardized way.

The Media Endpoint Discovery (MED) is an enhancement of LLDP, known as LLDP-MED, that provides the following facilities:

  • Auto-discovery of LAN policies (such as VLAN, Layer 2 Priority, and Differentiated services (DiffServ) settings), enabling plug and play networking.
  • Device location discovery to allow creation of location databases and, in the case of Voice over Internet Protocol (VoIP), enhanced emergency services.
  • Extended and automated power management of Power over Ethernet (PoE) end points.
  • Inventory management, allowing network administrators to track their network devices, and determine their characteristics (such as manufacturer, software and hardware versions, and serial or asset number).

This document includes the following procedures: