3.3
VLAN
3.3.1
VLAN
Network definition regardless of the spatial location of the nodes
VLAN (Virtual Local Area Network) divides a physical network into several logical networks that
are shielded from each other. Here, devices are grouped together to form logical groups. Only
nodes of the same VLAN can address each other. Since multicast and broadcast frames are
only forwarded within the particular VLAN, they are also known as broadcast domains.
The particular advantage of VLANs is the reduced network load for the nodes and network
segments of other VLANs.
To identify which packet belongs to which VLAN, the frame is expanded by 4 bytes, refer to
VLAN tagging (Page 36). This expansion includes not only the VLAN ID but also priority
information.
Options for the VLAN assignment
There are various options for the assignment to VLANs:
● Port-based VLAN
Each port of a device is assigned a VLAN ID. You configure port-based VLAN in "Layer 2 >
VLAN > Port-based VLAN (Page 220)".
● Protocol-based VLAN
Each port of a device is assigned a protocol group.
● Subnet-based VLAN
The IP address of the device is assigned a VLAN ID.
VLAN assignment on the device
In the factory settings, the following assignments are made on the SCALANCE S615:
P1 to P4
vlan1
For access from the local network (LAN) to the de‐
vice
P5
vlan2
For access from the external network (WAN) to the
device
You can change the assignment in "Layer 2 > VLAN > General (Page 216)".
The VLANs are in different IP subnets. To allow these to communicate with each other, the
route and firewall rule must be configured on the device.
Technical basics
3.3 VLAN
SCALANCE S615 Web Based Management
Configuration Manual, 11/2019, C79000-G8976-C388-08
35