JOURNAL OF TELECOMMUNICATIONS, VOLUME 18, ISSUE 2, FEBRUARY 2013 11

Conceptualising VLAN Operation Through a VLAN Teaching Model (VTM): Deployed for sub-Saharan Institutions
Jameson Mbale
AbstractThe VLAN technology involved defining set of ports and criteria of VLAN membership on a switch for workstations connected to the ports that allowed the given edge devices to communicate exclusivelywith the targeted stations on the same VLAN. Teaching such advanced technology to institutions in the sub-Saharan region that lack a VLAN infrastructure posed a challenge to the learnersability to conceptualise and to clearly understand. Thus, teaching the technology while limiting it to theory only,failed to allow students to witness VLAN operational principles. It was in view of this, that the VLAN Teaching Model (VTM) was envisaged to simplify the methodology of introducing the essence of VLANs into a classroom environment. To ascertain the effectiveness of the model,a CASE Control study was conducted where a class of one hundred and twenty (120) students was divided into two groups. The Control group which used the model had fifty one (51) studentsand managed to attainan eighty five percent (85%) conceptualiasation level of the technology, a high to very high result. The CASE Group comprised of 60 students had only eight (8) students who managed to attain a high/very high conceptualization level. Thus only thirteen point three-three percent (13.33%) high/of the case group managed to attain a very high conceptualiasation level. From such statistical results, the VTM proved to be an effective teachingtool in the absence of the actual infrastructure. Index TermsVLANs Teaching Model (VTM), switch, sub-Saharan institutions and VLAN infrastructure.

1 INTRODUCTION

heVLANs Teaching Model (VTM)was designedfor use as a teaching tool ininstitutions that did not have aVirtual Local Area Netwok (VLAN) infrastructure,a condition especially prevalent in the sub-Saharan region. Teaching about VLANs and its implementation in theory only prohibitedlearners from fully understanding the VLAN mechanism technology. Hence the need arose for a practical, alternative method to be used in the absence of an actual VLAN infrastructure. In view of that, a simulation-based VTM teaching aid was designed as demonstrated in Figures 1, 3, 4, 5 and 6. In these simulations, the model had the following components: the Network Administrator (NA) personal computers, a switch, a medium, a status window, and series of work stations. The NA personal computers were used to configure the ports and to set VLAN membership for the workstations on the switch. When the VTM was run, the configured VLANs using the virtual switch sent the network traffic to targeted workstations only.The workstations that were not targeted did not see the traffic. In that way, the learners were able to observe the simulation of the configured VLAN, moving from the switch, which broadcasted the network traffic, to only the targeted workstations. The status window on the model indicated the action of that particular VLAN. In Figure 2, the VTM flow chart demonstrated the whole mechanism of the VLANs implementation.

1.2 The Problem Statement Many institutions in the sub-Saharan region do not have the relevant telecommunication equipment. This is detrimentalto those students studying Telecommunications who were faced with a challenge of learning technology whichthey had neither seen nor experienced. Much of teaching and thelearning wasbased upon theory, without the use of any actual teaching aids. For instance, the concept of configuring and implementing VLANs in a network set up became a nightmare to many of these students. The learners could not figure out how to divide larger LAN into smaller subnets containing manageable workstations installed from different physical locations. The mechanism of a switch sending packets/frames to those workstations that were VLAN ID configured received the information and the rest did not manage to see the packet distribution, was a puzzle to the learners. It was in view of this deficiency that the VTM was envisaged to practically demonstrate the VLAN mechanism,which illustrated step-by-step, the movement of information to the targeted workstations. The learners were able to physically see the VLAN infrastructure setup in action. In addition, they were able to see the communication in the form of packets/frames being directed by a switch to only those workstations that were configured under the specific VLAN configuration as demonstrated in Figures 1, 3, 4, 5 and 6.

Jameson Mbale is with the University of Namibia,Centre of Excellence in Telecommunications (CoE), Department of Computer Science, P/B 13301, Windhoek, Namibia.

2 RELATEDWORK
The concept and technology of VLANs were discussed by other network experts. In[1]the authorstated

12

that the basic reason for splitting a network into VLANs was to reduce congestion on a large LAN. They pointed out that initially LANs were very flatall the workstations were connected to a single piece of coaxial cable, or sets of chained hubs. They said, in a flat LAN, every packet that any device puts onto the wire gets sent to every other device on the LAN. They further described a VLAN as a set of workstations within a subnet on a LAN that could communicate with each other as though they were on a single, isolated LAN. They also emphasized that a switch only sends traffic to a given port if the traffic hasto go to that port. So switches reduced congestion at workstations, by stopping the workstations from seeing all the traffic from the other ports of the switch. They stressed that a simple switched network, though, still needs routers to set the boundaries of where broadcasts are sent (referred to as broadcast containment). They also mentioned the advantages of using VLANs as: improving networkperformance, allowing the formation of virtual working groups, while providing greater flexibility and ease of partitioning resources. They described the creation of a VLAN on a switch as involvingthe definition of a set of ports, and establishing the criteria for VLAN membership for workstations connected to those ports. All devices connected to a given port automatically became members of the VLAN to which that port was assigned. The Extension [2]described VLANs as allowing single physical LAN to be partitioned into several smaller logical LANs. VLANs are an effective means of portioning a larger LAN into manageable subset. They said VLANs limit the broadcast domain, improve security and performance and are ideal for separating industrial automation systems from information technology systems. They explained some ways of creating VLANs by pointing out that the easiest to understand was the Port VLAN. They stressed that switches created an association of MAC addresses and port numbers. They also mentioned that what needed to be added was a VLAN association which would have to be accomplished through some configuration of a switch that could support VLANs. The Extension [2] also discussed a big advantage of Port VLAN was that it was simple to use and patch panel ports could be easily tagged with the association VLAN, and it was just a simple matter of moving patch cords around to connect particular stations to particular VLANs. In [3] the authors explained how a VLAN separated devices by employing media access control (MAC) addresses on an Open Systems Interconnection Reference Model (OSI) Level 2. Effectively, this is similar to physically separating traffic with completely independent infrastructure, except that network traffic separation occurs through the switches. They [3]further asserted that Virtual LANs (VLANs), defined by the 1998 IEEE standard 802.1Q, operate at level 2 of the OSI model. VLAN's [4]allowed a network manager to logically segment a LAN into different broadcast domains. VLAN's offer a number of advantages over traditional LAN's: performance, Formation of Virtual Workgroups, Simplified Administration, Reduced Cost and Security.

VLAN's which allow the formation of virtual workgroups, better security, improved performance, simplified administration, and reduced costs. In another report[5],a VLAN was roughly equated to a broadcast domain. More specifically, VLANs can be seen as analogous to a group of end-stations, perhaps on multiple physical LAN segments, that are not constrained by their physical location and can communicate as if they were on a common LAN. Port grouping is still the most common method of defining VLAN membership, and configuration was fairly straightforward. However, the primary limitation of defining VLANs by port is that the network manager must reconfigure VLAN membership when a user moves from one port to another. Blue Coat Systems, Inc.,[6] defined a VLAN asa method of creating independent logical networks within a physical network. VLAN Tagging is the practice of inserting a VLAN ID into a packet header in order to identify which VLAN (Virtual Local Area Network) the packet belongs to. More specifically, switches use the VLAN ID to determine which port(s), or interface(s), to send a broadcast packet to. The purpose of VLANs is to group multiple physical network segments into individual broadcast domains, allowing you to have multiple virtual switches. The benefit of this grouping is that clients can be organized logically rather than being limited to a subnet per physical switch. VLAN configuration occurs on the switch; the network administrator specifies which ports belong to which VLANs. Micrel, inc.,[7]maintained that a VLAN can be roughly equated to a broadcast domain. More specifically, VLANs can be seen as analogous to a group of endstations, perhaps on multiple physical LAN segments that are not constrained by their physical locations and can communicate as if they were on a common LAN. VLANs are set up between switches by inserting a tag into each Ethernet frame. The Micrel (2004) further explained that the simplest way to defineVLANwas to assign specific ports on a switch to VLANs. He gave a scenario such that, ports 1, 2, 7, and 8 on an 8-port switch make up VLAN A, while ports 3, 4, 5, and 6 make up VLAN B. He emphasized that port grouping was the most popular mannerof defining VLAN membership, and that this configuration was fairly straightforward.

3 THE VTMINFRASTRUCTURE
The VTM infrastructure in Figure 1 was built displaying all the system components ranging from network administrators personal computers, the medium, switch and a series of users workstations.

13

Start

Create / Configure VLANs 10, 20, 30

Yes

Switch Exist

No

End

IF Config VLAN10

goto

WorkStations:10

Figure 1. VTM Infrastructure Set Up The three stations on the left hand side were the PCs directly connected by a medium to the switch. The top station was configured for VLAN10 and was named V10. The middle one was set for VLAN20, classified as V20, whereas, the bottom one arranged for VLAN30, referred to as V30. These PCs were used by the Network Administrator (NA) to configure the switch. In between the NA PCs and series of workstations was the switch. The switch was configured to create and partition the VLANs by setting up the workstation port IDs. That configuration was the creation of VLANs by configuring the port IDs of the workstations involved. On the right hand-side was a series of workstations, whose port IDs were configured according to the VLAN of the choice. In between the NA stations and the switch was the medium, where the packets or frames were transported. On top of the medium was a status box, whose function was to indicate the process that was going on. At the bottom left hand side laid a series of buttons used to commence the process.

Else IF Config VLAN20 Else IF Config VLAN30 Else goto WorkStations:30 goto WorkStations:20

Figure 2. VTMData Flow Diagram

VTMIMPLEMENTATION

The implementation of the VTM in that work was demonstrated in five stages of simulation showing the whole VLAN mechanism. Stage 1: The In Figure 3, the NA pressed the button labeled Button V10, and it invoked station 1 which activated the switch to configure the VLAN10 by setting up the VLAN10 ID ports of all the Work Stations:10.

4 THEVTM DATA FLOW DIAGRAM ILLUSTRATING VLANS MECHANISM

The NA initiated the process and the system first checked if there was a switch. If there was no switch the whole process stopped. If there was a switch, the system created and configured the VLANs in that cases were VLAN10, VLAN20 and VLAN30. After creating the VLANs, the implementation started. If NA invoked the VLAN10, then the traffic was only transmitted to all Work Stations:10, the rest of the Work Stations did not see the network traffic. If the initiated VLAN was VLAN20, theall network packets were directed to Work Stations:20 and other Work Stations were excluded from such services. If the NA wanted to run VLAN30, the network 13 frames were sent to all Work Stations:30 only and the remaining ones could not access these network communications. Figure 3. VLAN10 Started

14

Stage 2: Figure 4 now showed how the V10 was approaching the switch.

Figure 6. Frames Reaching their Respective Workstations:10 The status window still indicated STATION 1 SENDING TO V10.

Figure 4. Frame Approaching the Switch As the frame was moving in the medium, the status window remained showing STATION 1 SENDING TO V10.

RESULTS AND DISCUSSION

The CASESample Group in Table 1 and Controlled Sample Group in Table 2, each with sixty (60) students were used to ascertain the effectiveness of the VTM model. In that work, the controlled group was the one taught using the VTM model, whereas the CASE Group did not use the teaching aid.

6.1 The CASE Group As discussed above, theCASE Group was denied use of the VTM model during the lesson, and their performance was demonstrated in Table 1 and Figure 8. At the end of teaching , the CASEgroup, only three (3) learners showed very high level of conceptualization, which comprised five percent (5%) of the groups population, followed by five (5) students had high level, comprising an (8.33%) frequency as indicated in Figure 7. The majority of the students[ thirty two (32)] of themattained an average understanding composing (53.33%) of the group, and the remaining twenty (20) performed at a low level acquired thus forming (33.33% of this group )as indicated in Figure7.
Figure 5. Switch Broadcasting V10 to Work Stations:10 As discussed above, the status window still indicated STATION 1 SENDING TO V10. Stage4: The frames were approaching Work Stations:10 as shown in Figure 6.

15

6.2 The Control Group Similarly, the outcome of using the VTM model also shown in Table 2 and Figure 8, produced the following results. Out of sixty (60) students, eleven (11) had a very high conceptualization score and comprised(18.33%) of its student members, followed by forty (40) learners who demonstrated high conceptualization, which was equated to(66.67%) of the group. About eight (8) students had attainedan average conceptualization score which tallied to (13.33%) of the groups population. In this Control Group, only one (1) student had a low conceptualization which was (1.67%) of the Control Groups membership.

Table 1. Did Not Use the Model

CONCLUSION

Table 2. Used the Model

Within academic circles, there is a slogan states You Learn best by doing. In other words that what you practically see and touch, remains permanently in your mind. It was inthis context that the VLANs Teaching Model (CTM) was designed and created for use especially in the sub-Saharan institutions where the telecommunications infrastructure was very limited. The components of the VTM operated as the true replica of the physical telecommunications components that formed the complete VLAN operation. The developed software simulation simultaneously demonstrated in stages 1 to 5, discussed in Section 4, represented replica of the actual VLAN operation. From the software simulation and starting at the beginning, the learners from the controlled group were able to see the VLAN creation and configuration. They (learners) also saw the switch releasing and sending the VLANs to only the targeted workstations. In that way, the learners were able to conceptualiseprocess of the VLAN communicationsbeing directed to specific workstations and demonstrated how the non-targeted ones were excluded from this network traffic. Such a hands-on software simulation piquedthe students interest in the topic as they dealt with this simulated praxis. As also demonstrated in Section 4, the CASEGroup which did not use the model, none usage of the hands-on software simulation piquedthe students interest on the lesson and ended up performingat average level, failing to satisfactorily conceptualise the VLANs technology. In conclusion, the VTM model served as practical teaching method in the absence of the actual telecommunications equipment.

Figure 7.CASE Group Never Used the Model

Figure 8.Control Group that Used the Model

16

REFERENCES
[1] A. Telesis,AlliedWarePlusOS Overview: VLANs,Overview of VLANs (Virtual LANs.USA Headquarters,http://www.alliedtelesis.com. 2008 The Extension,A Technical Supplement to Control Network,Contemporary Control Systems, Inc. Volume 5, Issue 1. 2004. G. Leischner and C. Tews, Security Through VLAN Segmentation: Isolating and Securing Critical Assets Without Loss of Usability, proceedings of the 9th Annual Western Power Delivery and Automation Conference, Spokane, WA, available at http://www.selinc.com/techpprs.htm April 2007. S. Varadarajan, Virtual Local Area Networks,availableat http://www.cis.ohio-state.edu/ 1997. D. Passmore and J. Freeman, The Virtual Lan Technology Report, Decisys, Inc., a Sterling, Virginiabased Consulting Firm, USA. 1996. Blue Coat Systems, Inc., Technology Primer: VLAN Tagging, available at http://www.bluecoat.com 2007. Micrel, inc., Virtual LAN: Application and Technology White Paper, available athttp://www.fourdtech.com/downloads/virtual_lan. pdf2004.

[2]

[3]

[4]

[5]

[6]

[7]

Jameson Mbale received his PhDDegree in Computer Science from Harbin Institute of Technology, China, in 2003. He obtained M.Sc. Degree in Computer Science from Shanghai University in 1996 and B.A. in Mathematics and Computer Science at University of Zambia in 1993 in Zambia. He is a Senior Lecturer in the Department of Computer Science at the University of Namibia. He is the founder and coordinator of Centre of Excellence in Telecommunications and Information Technology (CoE). His research interest in network security, wireless networking,telecommunications and e-Learning and he has published papers in these areas.