Project/VLAN

From initLab
Revision as of 13:40, 23 January 2016 by Danny w (talk | contribs) (Created page with "== Introduction == This project is a description of a practical implementation of using VLANs in a network to avoid certain problems related to multicast packets. It is by no...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Introduction

This project is a description of a practical implementation of using VLANs in a network to avoid certain problems related to multicast packets. It is by no means a complete explanation of VLANs and how they should and could be implemented. If you have IPTV at your home, and experience problems with your current network setup, VLAN implementation could be the solution.

Old situation

IPTV is a solution for offering TV reception over a computer network. This seems like a good idea, because with the introduction of digital TV, such as DVB(-S, -C and -T), the TV signal is no longer analog, but merely a digital data stream that a suitable TV can decode into video and audio, and all other supporting data streams (subtitles, electronics program guide, text TV and so on). With service providers offering fiber-to-the-home, IPTV is looking to be an answer for these companies to offer a complete service (next to telephone and internet service).

So the IPTV box is connected by a normal Ethernet connection, such as a CAT5 cable. Due to the fact that many homes are not fitted with these cables all over, often a powerline adapter is used to carry the signal over the standard 230V power lines. While this works kind of OK, there are drawbacks to this solution.

  • Powerlines are unshielded. Your whole house becomes an antenna, making the connection inherently unsecure.
  • This system is very susceptible to interference. If you have a microwave oven, or turn on other high current loads, the connection may suffer.
  • The more people in the area use this system, the worse your connection will be. Just like Wi-Fi, the powerline interface can become crowded.

Another solution is to use separate cables. This is a good solution, but if you already have loads of CAT5E wiring throughout your home, this seems redundant. Therefore, you would be tempted to simply connect the IPTV boxes to your existing network. This is the start of heaps of misery and the cause for looking into VLANs. IPTV communicates with UDP-IP communication, over multicast packets. Every switch will recognize these packets and will broadcast them over the entire network, being the nature of multicast packets. Your whole network will get swamped with mostly useless packets, and inhibits the proper communication of other devices!

Even the use of gigabit switches will not help, because all these switches support a maximum amount of multicast data. Something must be done.

IGMP snooping

The Internet Group Management Protocol or IGMP is a way for switches to keep a list of multicast connections by looking at the packets themselves. Some more advanced switched support IGMP snooping, which in effect blocks multicast packets to devices that does not need them. This is an effective way to limit multicast packets in the network. Some switches implement this very well, others do not. When possible, keep away from IGMP snooping.

What is a VLAN?

VLAN or Virtual LAN is a way to keep certain network traffic separated from each other. For example, in a large company, you would want to keep all the network traffic from a development environment separated from a production department. This can be done by physically put the network on a separate switch, but what if network traffic needs to cross the entire building? To avoid a whole second network aside for regular data traffic, intelligent switches offer VLANs to communicate over a single connection, while having multiple logical network connections running.

How does VLANs work?

In the header of a IP packet, there is a field to assign a VLAN "tag" to the packet. By looking at the VLAN tag, switches can sort out what VLAN network a packet belongs to, and relay the packet to the correct ports. A standard network device does not have to support VLANs, and does not know how to deal with these. For instance, a DVD player will most likely have no support for VLAN tagging, while a NAS might! Managed Switches with VLAN support will have the feature to tag and untag VLAN traffic from and to a certain port, so that non-VLAN aware devices can communicate on a VLAN, without them even knowing.

Retrieved from "https://wiki.initlab.org/index.php?title=Project/VLAN&oldid=268"