A Virtual Local Area Network (VLAN) allows you to logically segment a Local Area Network (LAN) into different
broadcast domains. In scenarios where sensitive data may be broadcast on a network, VLANs can be created to
enhance security by designating a broadcast to a specific VLAN. Only users that belong to a VLAN are able to
access and manipulate the data on that VLAN. VLANs can also be used to enhance performance by reducing the need
to send broadcasts and multicasts to unnecessary destinations.
Networking devices on which multiple
protocols are running cannot be grouped to a common VLAN. Non-standard devices are used to pass traffic between
different VLANs in order to include the devices participating in a specific protocol. For this reason, the user
cannot take advantage of the many features of VLAN.
VLAN groups are used to load balance the
traffic on a Layer 2 network. The packets are distributed with respect to different classifications and are
assigned to VLANs. Many different classifications exist, and if more than one classification scheme is defined,
the packets are assigned to the VLAN in this order:
The subnet-based group VLAN classification enable packets to be classified according to their subnet. You can
then define subnet-to-VLAN mapping per interface. You can also define several subnet-based VLAN groups, which
each group containing different subnets. These groups can be assigned to specific ports or LAGs. Subnet-based
VLAN groups cannot contain overlapping ranges of subnets on the same port.
This article provides
instructions on how to map subnet-based groups to VLAN on a switch.
If you are unfamiliar with terms in this document, check out Cisco Business: Glossary of New Terms.
To map a subnet group to a port, the port must not have Dynamic VLAN Assignment (DVA) configured on it. Several groups can be bound to a single port, with each port being associated to its own VLAN. It is possible to map several groups to a single VLAN as well.
Important: Before proceeding with the instructions below, make sure a subnet-based VLAN group has already been configured. For instructions, click here.
Follow the steps below to map a subnet-based VLAN group to VLAN:
Step 1. Log in to the web-based utility and chooseAdvanced from the Display Mode drop-down list.
Step 2. Choose VLAN Management >VLAN Groups > Subnet-Based Groups to VLAN.
Note: The available menu options may vary depending on the device model. In this example, SG350X-48MP is used.
Step 3. In the Mapping Group to VLAN Table, click Add.
Step 4. The type of the group is displayed in the Group Type area automatically. Click one of the following interface type radio buttons in the Interface area to which the VLAN subnet-based group is assigned and choose the desired interface from the drop-down list.
The options are:
Note: In this example, Port GE45 of Unit 2 is used.
Step 5. From the Group ID drop-down list, choose the subnet-based VLAN Group ID to filter the traffic through the chosen port or LAG.
Note: In this example, 2 is used.
Step 6. In the VLAN ID field, enter the VLAN ID to which the traffic from the VLAN group is forwarded.
Note: In this example, 20 is used. To know how to configure VLAN settings on your switch, click here for instructions.
Step 7. Click Apply then click Close. The subnet-based group port is mapped to the VLAN.
Step 8. (Optional) Click Save to save settings to the startup configuration file.
You should now have mapped a subnet-based VLAN group to VLAN on your switch.
Step 1. Choose VLAN Groups > Subnet-Based Groups to VLAN.
Step 2. In the Mapping Group to VLAN Table, check the box next to the subnet-based VLAN group you would like to edit.
Step 3. Click the Edit button to edit a mapped subnet-based VLAN group.
Step 4. (Optional) In the VLAN ID field, enter the VLAN ID to which the traffic from the VLAN group is forwarded.
Note: In this example, 30 is used.
Step 5. Click Apply then click Close.
Step 6. (Optional) Click Save to save settings to the startup configuration file.
The subnet-based VLAN group mapping should now have been edited from your switch.
Step 1. Choose VLAN Groups > Subnet-Based Groups to VLAN.
Step 2. In the Mapping Group to VLAN Table, check the box next to the subnet-based VLAN group you would like to delete.
Step 3. Click the Delete button to delete the subnet-based VLAN group.
Step 4. (Optional) Click Save to save settings to the startup configuration file.
The subnet-based VLAN group mapping should now have been deleted from your switch.
You should now have configured subnet-based VLAN groups to VLAN on your switch.