Security Basics mailing list archives

Re: VLANs confusing

From: Aaron Howell <aaron_howell () ngenuity-is com>
Date: Tue, 14 Nov 2006 21:45:18 -0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Raj Shaz wrote:

Hi group


Howdy

All i understand of VLANs is encryption of packets at source and
decryption at destination. Now If at both ends i have cisco
devices,which protocols/ algorithms are used by them?. I have notices
configuration of DAX switches on cisco network the VLANS doesnot work.
Which protocol does these machines should used then?


Are you sure you mean to ask about VLANs? A VLAN in and of itself has
absolutely nothing to do with encryption/decryption of traffic flowing
across it. In a wireless environment, this is not necessarily the case,
but you did not specify wired or wireless, so I'm not clear...

When two cisco devices are configured for VLANs , we basically make
these devices to transfer key (for en/decryption) ,does these keys has
any relevance with other VLANs?. Is there exists a possibility of key
overlapping on gigantic network ( akin internet ).


See above...

Which layer VLANS works, layer 3 right?. Then what do u mean when u
say VLAN enabled layer 2 switches?


All switches are layer 2 devices. Some switches have additional
functionality that makes them capable of operating in layer 3, also.
VLANs actually work at layer 2. The easiest way I can think of to
explain it is this:

Using a VLAN is like splitting your switch into 2 (or more) switches.
Broadcast traffic for one VLAN will not (in most cases) be forwarded
into the other VLANs on that switch.

Sorry, seems rudimentary stuff. But hope my brain is highlighted with
some wisdom.Some ref to good notes online?


Here are a couple of links I found that have relevant info. Hope this helps.

http://computer.howstuffworks.com/lan-switch15.htm
http://computer.howstuffworks.com/lan-switch16.htm

Aaron


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (MingW32)

iD8DBQFFWqlu7MF9x9aUuGIRAkRHAKCny0jgQ9Mxw6UpijdBAj1ntyD0yQCeOW7k
5lVGDxzdywhOvV7A/BUd5Rg=
=YAdn
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence 
in Information Security. Our program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Using interactive e-Learning technology, you can earn this esteemed degree, 
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

VLANs confusing Raj Shaz (Nov 14)
- Re: VLANs confusing Aaron Howell (Nov 15)
- RE: VLANs confusing David Gillett (Nov 15)
- RE: VLANs confusing - Explained Michael Dieroff (Nov 15)
- Re: VLANs confusing Kern (Nov 15)
  - RE: VLANs confusing Shain Singh (Nov 16)
- Re: VLANs confusing Jens Hoffmann (Nov 15)
- Filer/Share Time Access Restrictions (Help). Huang, John, GCM (Nov 15)
  - Re: Filer/Share Time Access Restrictions (Help). Saqib Ali (Nov 16)
  - RE: Filer/Share Time Access Restrictions (Help). Cruse, Kevin (Nov 16)
- RE: VLANs confusing Vijay Kumar (Nov 15)
- Re: VLANs confusing Brian Loe (Nov 15)

(Thread continues...)