Esimeni esisheshayo sokuxhumana kwesimanje, ukuvela kwe-Local Area Networks (LANs) kuvule indlela yezixazululo ezintsha zokuhlangabezana nobunzima obukhulayo bezidingo zenhlangano.Esinye sezixazululo esinjalo esigqamayo yi-Virtual Local Area Network, noma i-VLAN.Lesi sihloko sidingida ubunkimbinkimbi bama-VLAN, inhloso yawo, izinzuzo, izibonelo zokusetshenziswa, izinqubo ezingcono kakhulu, kanye nendima ebalulekile ayidlalayo ekuzivumelaniseni nezimfuno ezihlala zivela zengqalasizinda yenethiwekhi.
I. Ukuqonda ama-VLAN kanye Nenhloso Yawo
I-Virtual Local Area Networks, noma ama-VLAN, achaza kabusha umqondo wendabuko wama-LAN ngokwethula isendlalelo esibonakalayo esivumela izinhlangano ukuthi zilinganise amanethiwekhi azo ngosayizi okhulayo, ukuguquguquka, nokuba yinkimbinkimbi.Ama-VLAN empeleni amaqoqo wamadivayisi noma amanodi enethiwekhi axhumana sengathi ayingxenye ye-LAN eyodwa, kuyilapho empeleni, akhona engxenyeni eyodwa noma ezimbalwa ze-LAN.Lawa masegimenti ahlukaniswa nayo yonke i-LAN ngamabhuloho, amarutha, noma amaswishi, okuvumela ukukhushulwa kwezinyathelo zokuphepha kanye nokubambezeleka kwenethiwekhi okunciphile.
Incazelo yobuchwepheshe yamasegimenti e-VLAN ibandakanya ukuhlukaniswa kwawo ne-LAN ebanzi.Lokhu kuhlukaniswa kulungisa izinkinga ezivamile ezitholakala kuma-LAN avamile, njengezinkinga zokusakaza nokushayisana.Ama-VLAN asebenza "njengezizinda zokushayisana," ehlisa izehlakalo zokushayisana nokuthuthukisa izinsiza zenethiwekhi.Lokhu kusebenza okuthuthukisiwe kwama-VLAN kudlulela ekuvikelekeni kwedatha nasekuhlukaniseni okunengqondo, lapho ama-VLAN angaqoqwa ngokusekelwe eminyangweni, amaqembu ephrojekthi, nanoma yimuphi omunye umgomo wenhlangano onengqondo.
II.Kungani Sebenzisa ama-VLAN
Izinhlangano zizuza kakhulu ezinhlelweni zokusetshenziswa kwe-VLAN.Ama-VLAN anikeza ukusebenza kahle kwezindleko, njengoba izindawo zokusebenza ezingaphakathi kwama-VLAN zixhumana ngokushintsha kwe-VLAN, kunciphisa ukuthembela kumarutha, ikakhulukazi ekuxhumaneni kwangaphakathi ngaphakathi kwe-VLAN.Lokhu kunikeza ama-VLAN amandla okuphatha kahle imithwalo yedatha eyengeziwe, kunciphisa ukubambezeleka kukonke kwenethiwekhi.
Ukunwebeka okuguquguqukayo ekucushweni kwenethiwekhi kungesinye isizathu esiphoqayo sokusebenzisa ama-VLAN.Angahlelwa futhi anikezwe ngokusekelwe ku-port, protocol, noma i-subnet criteria, okuvumela izinhlangano ukuthi ziguqule ama-VLAN futhi ziguqule imiklamo yenethiwekhi njengoba kudingeka.Ngaphezu kwalokho, ama-VLAN anciphisa imizamo yokuphatha ngokukhawulela ngokuzenzakalelayo ukufinyelela kumaqembu athile abasebenzisi, okwenza ukucushwa kwenethiwekhi nezindlela zokuphepha zisebenze kahle.
III.Izibonelo zokusetshenziswa kwe-VLAN
Ezimweni zomhlaba wangempela, amabhizinisi anezikhala ezibanzi zamahhovisi kanye namaqembu amakhulu athola izinzuzo ezinkulu ekuhlanganisweni kwama-VLAN.Ubulula obuhlotshaniswa nokulungiselela ama-VLAN bukhuthaza ukuqaliswa okungenazihibe kwamaphrojekthi ahlukahlukene futhi kukhuthaza ukubambisana phakathi kweminyango eyahlukene.Isibonelo, amaqembu asebenza ngobuchwepheshe kwezokumaketha, ukuthengisa, i-IT, nokuhlaziywa kwebhizinisi angasebenzisana kahle uma enikezwe i-VLAN efanayo, ngisho noma izindawo zawo ezibonakalayo zithatha iphansi elihlukile noma izakhiwo ezihlukile.Naphezu kwezixazululo ezinamandla ezinikezwa ama-VLAN, kubalulekile ukuqaphela izinselele ezingaba khona, njengokungafani kwe-VLAN, ukuze kuqinisekiswe ukuqaliswa okuphumelelayo kwalawa manethiwekhi ezimeni ezihlukahlukene zenhlangano.
IV.Imikhuba Engcono Kakhulu Nokunakekela
Ukucushwa okufanele kwe-VLAN kubaluleke kakhulu ekusebenziseni amandla abo aphelele.Ukusebenzisa izinzuzo zesegimenti ye-VLAN kuqinisekisa amanethiwekhi asheshayo navikelekile, abhekelela isidingo sokuzivumelanisa nezimfuneko zenethiwekhi eziguqukayo.Abahlinzeki Besevisi Abaphethwe (ama-MSP) badlala indima ebalulekile ekwenzeni ukunakekelwa kwe-VLAN, ukuqapha ukusatshalaliswa kwedivayisi, nokuqinisekisa ukusebenza okuqhubekayo kwenethiwekhi.
| 10 Izindlela Ezinhle Kakhulu | Incazelo |
| Sebenzisa ama-VLAN ukuze uhlukanise i-Traffic Segment | Ngokuzenzakalelayo, amadivayisi enethiwekhi axhumana ngokukhululekile, okubeka engcupheni yokuvikeleka.Ama-VLAN abhekana nalokhu ngokuhlukanisa ithrafikhi, avale ukuxhumana kumadivayisi angaphakathi kwe-VLAN efanayo. |
| Dala i-VLAN Ehlukene Yokuphatha | Ukusungula i-VLAN yokuphatha ezinikele iqondisa ukuphepha kwenethiwekhi.Ukuhlukaniswa kuqinisekisa ukuthi izindaba ezingaphakathi kwe-VLAN yokuphatha akuthinti inethiwekhi ebanzi. |
| Yabela Amakheli E-IP Aqinile Okuphatha I-VLAN | Amakheli e-IP aqinile adlala indima ebalulekile ekuhlonzweni kwedivayisi nasekuphathweni kwenethiwekhi.Ukugwema i-DHCP yabaphathi be-VLAN kuqinisekisa ukusingathwa okungaguquki, nokwenza lula ukuphathwa kwenethiwekhi.Ukusetshenziswa kwama-subnet ahlukile ku-VLAN ngayinye kuthuthukisa ukuhlukaniswa kwethrafikhi, kunciphisa ubungozi bokufinyelela okungagunyaziwe. |
| Sebenzisa I-Private IP Address Space for Management VLAN | Ithuthukisa ukuphepha, i-VLAN yokuphatha izuza endaweni yekheli le-IP yangasese, ivimbela abahlaseli.Ukusebenzisa ama-VLAN okuphatha ahlukene ezinhlobo ezahlukene zedivayisi kuqinisekisa indlela ehlelekile nehlelekile yokuphatha inethiwekhi. |
| Ungasebenzisi i-DHCP ku-Management VLAN | Ukweqa i-DHCP ku-VLAN yokuphatha kubalulekile ekuvikelekeni.Ukuthembela kuphela kumakheli e-IP amile kuvimbela ukufinyelela okungagunyaziwe, okwenza kube inselele kubahlaseli ukuthi bangene kunethiwekhi. |
| Vikela Izimbobo Ezingasetshenzisiwe futhi Khubaza Izinsizakalo Ezingadingekile | Izimbobo ezingasetshenzisiwe ziveza ubungozi bokuphepha obunamandla, obumema ukufinyelela okungagunyaziwe.Ukukhubaza izimbobo ezingasetshenzisiwe kanye nezinsizakalo ezingadingekile kunciphisa ama-vectors okuhlasela, kuqinisa ukuphepha kwenethiwekhi.Indlela esebenzayo ibandakanya ukuqapha nokuhlolwa kwezinsizakalo ezisebenzayo. |
| Sebenzisa ukuqinisekiswa kwe-802.1X ku-Management VLAN | Ukuqinisekiswa kwe-802.1X kungeza isendlalelo esengeziwe sokuvikela ngokuvumela amadivayisi agunyaziwe kuphela ukufinyelela ku-VLAN yokuphatha.Lesi silinganiso sivikela amadivayisi enethiwekhi abalulekile, sinqanda ukuphazamiseka okungaba khona okubangelwa ukufinyelela okungagunyaziwe. |
| Nika amandla Ukuphepha Kwembobo ku-VLAN Yokuphatha | Njengezindawo zokufinyelela ezisezingeni eliphezulu, amadivayisi aku-VLAN yokuphatha adinga ukuvikeleka okuqinile.Ukuphepha kwembobo, okulungiselelwe ukuvumela amakheli e-MAC agunyaziwe kuphela, kuyindlela esebenzayo.Lokhu, kuhlanganiswe nezinyathelo zokuphepha ezengeziwe ezifana ne-Access Control Lists (ACLs) nama-firewall, kuthuthukisa ukuvikeleka kwenethiwekhi kukonke. |
| Khubaza i-CDP ku-Management VLAN | Nakuba i-Cisco Discovery Protocol (CDP) isiza ukuphathwa kwenethiwekhi, yethula ubungozi bokuphepha.Ukukhubaza i-CDP kubaphathi be-VLAN kunciphisa lezi zingozi, kuvimbela ukufinyelela okungagunyaziwe kanye nokuvezwa okungenzeka kolwazi lwenethiwekhi olubucayi. |
| Lungiselela i-ACL ku-Management VLAN SVI | Uhlu Lokulawula Ukufinyelela (ACLs) ekuphathweni kwe-VLAN Switch Virtual Interface (SVI) lukhawulela ukufinyelela kubasebenzisi abagunyaziwe namasistimu.Ngokucacisa amakheli e-IP avunyelwe nama-subnets, lo mkhuba uqinisa ukuphepha kwenethiwekhi, uvimbela ukufinyelela okungagunyaziwe emisebenzini yokulawula ebalulekile. |
Sengiphetha, ama-VLAN avele njengesixazululo esinamandla, anqoba imikhawulo yama-LAN endabuko.Ikhono labo lokuzivumelanisa nesimo senethiwekhi esiguqukayo, kuhambisana nezinzuzo zokukhuphuka kokusebenza, ukuguquguquka, kanye nemizamo encishisiwe yokuphatha, kwenza ama-VLAN abaluleke kakhulu ekuxhumaneni kwesimanjemanje.Njengoba izinhlangano ziqhubeka nokukhula, ama-VLAN ahlinzeka ngezindlela ezinwebekayo nezisebenzayo zokuhlangabezana nezinselele eziguquguqukayo zengqalasizinda yenethiwekhi yesimanje.
Isikhathi sokuthumela: Dec-14-2023
