Virtual LANs ease administrative burdens

Localarea networks have grown larger more complicated and more dispersed since they were introduced in the 1980s. These changes fueled a desire among network administrators at government agencies for simpler administration. Virtual LANs (VLANs) offer such a possibility. VLAN a software feature ava

Local-area networks have grown larger more complicated and more dispersed since they were introduced in the 1980s. These changes fueled a desire among network administrators at government agencies for simpler administration. Virtual LANs (VLANs) offer such a possibility. VLAN a software feature available in LAN switches eliminates much of the hassle of administrating large and growing networks. That is because VLAN makes it possible to reconfigure a network through the VLAN software rather than going out and rewiring the hardware.

By buying VLAN-enabled equipment organizations can divide a large network into a number of different segments but still treat the network as a cohesive whole.

For example in a traditional network if a user moved his office from a LAN on one network segment to a second segment the administrator would have to treat the person as a new user and set up new routing and addressing information.

If the network equipment supports VLAN the administrator can take care of the change through the software. In large agencies such changes are common so a central administrator often spends a great deal of time entering mundane network address data.

Many major switch vendors have introduced VLAN-enabled products with new products in the works that address current limitations of the technology.

Slow Adoption Rate

However despite its benefits the number of agencies now working with VLANs is small vendors said."Because the technology is relatively new a small percent of our customers - I would estimate less than 10 percent - have adopted VLANs " said Dan Kent a systems engineer with Bay Networks Inc.' s Federal Division Alexandria Va.

The National Library of Medicine (NLM) part of the National Institutes of Health is one agency that has made the switch. Sharon Gagnon a senior network engineer at the library said the agency was having difficulty managing its LAN segments which support about 1 000 users. Also bottlenecks were arising on the network and the agency wanted to upgrade from 10 megabits/sec Ethernet to 100 megabits/sec Ethernet in a few locations.

The agency examined LAN switches from Cisco Systems Inc. San Jose Calif. and Xylan Corp. Calabasas Calif. Gagnon said the organization selected Cisco's 5500 switch because it could be connected easily to Cisco routers already on the network. Another plus was that the switch supported Apple Computer Inc.'s AppleTalk protocol the agency has many Macintosh users.

This last feature is important because many VLANs work with a limited number of interfaces. Most switches were designed for Transmission Control Protocol/Internet Protocol but support for other protocols - AppleTalk IBM Corp.'s NetBIOS Digital Equipment Corp.'s DECnet and Novell Inc.'s Integrated Packet Exchange - is less common.

Another issue is that large agencies often work with a variety of LANs: Asynchronous Transfer Mode (ATM) Ethernet token ring and Fiber Distributed Data Interface. Many virtual networking schemes operate on one specific type of network so an agency may be able to connect its Ethernet LANs into a virtual network but then would have to leave out any ATM and token-ring connections.

The NLM encountered no such limitations with the Cisco switch which was installed in July. Also the agency found the initial VLAN setup straightforward so now the library's network administrators spend less time making network additions and changes.

A network upgrade also led to VLAN deployment at the Marine Corps Logistics Base Albany Ga. In the fall of 1996 the agency wanted to upgrade its desktop connections from shared Ethernet where groups of users work with one 10 megabits/sec Ethernet pipe to switched Ethernet where each user has his own 10 megabits/sec Ethernet connection.

In making the change the agency which supports 4 000 users divided into 254 LAN segments also wanted to ease administration.

"Each month there are 50 to 100 network changes so we wanted a product that could help cut our administrative chores " said Sgt. Donald Slade a network administrator at the Marine base. The agency relied on Cabletron Systems Inc. Rochester N.H. for its network equipment and examined VLAN features available with the firm's Fast Ethernet switches. In March 1997 the agency upgraded one group of 200 users to Cabletron's MMAC Plus switch.

"Now when a user moves he plugs his computer into the network [and] the switch recognizes who he is and updates the addressing tables " Slade said. The Marines plan to move the rest of their users to VLANs by the end of the year.

No VLAN Utopia

While Cabletron's VLAN eased the Marines' administrative burden it still falls short of a Utopian solution. Vendors have different options for implementing VLANs. Cabletron relies on routers to move information from one LAN segment to a second Slade would prefer that the LAN switch perform that function.

Craig Johnson an industry analyst with Current Analysis Inc. a Sterling Va. consulting company said early LAN equipment such as wiring hubs was not designed to support VLANs.

To ensure compatibility with such equipment established network equipment vendors Bay Networks Inc. Billerica Mass. Cabletron and Cisco adopted VLAN techniques that may not be as elegant as users desire. Consequently users find that different vendors' VLAN products offer varying degrees of automation.

In some cases a series of LAN segments looks like one big LAN but still acts like a number of autonomous networks. In more sophisticated products a series of LANs function like one network and each change is automatically relayed throughout the network without any network administrator intervention. Sorting through the vendor hyperbole can be difficult.

"Because vendors have twisted the term VLAN to meet their product features rather than stick with a consistent definition for the technology a lot of users now are confused about what VLAN capabilities offer them " Johnson said.

In fact most VLANs fall short of vendors' claims and require some operator intervention users and analysts said. Much of the work involves the initial setup of a virtual network.

Network administrators first must determine how information flows over their networks so that they can group employees who exchange a lot of data on the same LAN. Making such a determination requires collecting comprehensive network performance data. Because most switch products offer only limited insights into network traffic patterns network administrators may have to build tools and gather such information themselves.

Once they have that data administrators often find the initial VLAN setup tedious they may spend as much as 30 seconds to set up a connection for one user. In a large agency with thousands of employees the setup process can be overwhelming.

Newer networking companies have started with a clean slate in building their VLAN switches and those companies tend to offer users more automation than established suppliers industry observers said. For instance Agile Networks Inc. Boxboro Mass. and Xylan have relied on VLAN features to grow their businesses.

One Xylan customer is the Navy which decided to upgrade the computer and networking capabilities on its 300-ship fleet at the end of 1996. As part of the project dubbed Information Technology for the 21st Century (IT-21) the Navy in the spring of 1997 examined LAN switches from Cabletron Cisco Fore Systems Inc. Pittsburgh and Xylan.

Chris Hansen a program manager with the IT-21 project in San Diego was impressed with the VLAN flexibility offered in Xylan's OmniSwitch. "With the product we can set up classified secure LANs as well as ones open to all users " Hansen said. The Navy began upgrading its networks in the summer finished the process for two ships and plans to complete two battle groups by June 1998.

While the Navy's Hansen is content with the basic features of VLANs he said vendors currently rely on proprietary VLAN protocols. Consequently a firm with different suppliers' switches has to operate separate networks rather than one integrated system.

In March 1996 the Institute of Electrical and Electronics Engineers started to work on two specifications that would connect different suppliers' virtual networking equipment. The 802.1P specification outlines how switches should prioritize packets flowing over a network the 802.1Q specifies what type of messaging information should be included in each packet.

However while the first take on the specifications did a good job of defining how to move information from one vendor's VLAN switch to another vendor's product the specification left areas where more work is needed. For instance vendors need to develop management agent software that automatically collects VLAN performance info and automates more net functions.

A 3Com Corp. spokesperson said the initial work offers a good base of functions. Currently suppliers identify LAN users and ports in unique ways the specification will provide a common nomenclature.

Marsha Malone director of government business development for Cabletron said the current standards initiatives will take care of the interoperability problems users may experience today. Standardization is important with VLANs because they tend to be part of the enterprise environment where interoperability is a must. "The requirement for standards is stronger today than it has ever been " Malone said.

Vendors are moving to address such limitations. Current Analysis' Johnson said "Not every switch vendor includes as much VLAN functionality as users desire but every one does at least have a strategy outlining how they will add new features."

As vendors enhance product features user interest in VLANs should rise. "VLAN features appeal to large government agencies that have a lot of network changes " Bay Networks' Kent said. "About one-third of our customers are interested in the technology. I expect that number to rise to as much as 50 percent but I don't expect it to be a feature with universal appeal."

-- Korzeniowski is a free-lance writer in Sudbury Mass. who specializes in networking issues.

* * * * *

At A Glance

Status: Many LAN equipment vendors now support VLANs although some technical shortcomings have limited the market.

Issues: A lack of standards creates interoperability problems for agencies that use equipment from multiple vendors. Also VLAN products typically support only a limited number of network protocols.

Outlook: Very good. Vendors are addressing VLAN shortcomings which should make it possible for more users to benefit from the technology.

NEXT STORY: Federal Network Contract Guide

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.