Networking / Beginners

Troubleshooting Incorrect VLANs

VLANs provide a method of segmenting and organizing the network. Computer systems can be located anywhere on the network but communicate as if they are on the same segment. For example, VLANs can be segmented according to an organization's departments, such as sales, finance, and secretaries. It can be segmented according to usage, security permissions, and more.

The ability to segment the network provides clear advantages, such as increased security because devices can communicate only with other systems in the VLAN. Users can see only the systems in their VLAN segment. It can help control broadcast traffic and makes moving end systems around the network easier.

Problems can arise when users are moved or otherwise connected to the wrong VLAN. Administrators need to ensure that the user system is plugged into the correct VLAN port. For example, suppose a network uses port-based VLANs, assigning ports 1 through 8 to marketing, ports 9 through 18 to sales, and so on.

Plugging a sales client into port 6 would make that sales client part of the marketing network. It sounds simple, but if documentation is not up to date and you walk into a new network, this can be tricky to identify.

One of the keys to preventing VLAN assignment errors is to clearly document the VLAN arrangement. Should systems be moved, it is important to know how to reconnect them and forward them to the correct VLAN port.

Another consideration to keep in mind is that membership to a VLAN can be assigned both statically and dynamically. In static VLAN assignment, the switch ports are assigned to a specific VLAN, and new systems added will be assigned to the VLAN associated with that particular port. For example, plug a new system into port 8 and the user becomes part of the administrator's network. Make sure you have the right port assigned to users.

Dynamic VLAN assignment requires specific software to control VLAN distribution. Using a VLAN server, administrators can dynamically assign VLAN membership based on such criteria as MAC address or a username password combination. As a system tries to access the network, it queries the VLAN server database to ask for VLAN membership information. The server responds and logs the system onto the appropriate VLAN network. When configured correctly, dynamic assignment reduces human error associated with static VLAN assignment.

[Previous] [Contents] [Next]

In this tutorial:

  1. Troubleshooting Procedures
  2. The Art of Troubleshooting
  3. Troubleshooting Servers and Workstations
  4. General Troubleshooting Considerations
  5. Troubleshooting Methods and Procedures
  6. Step 1: Information Gathering-Identify Symptoms and Problems
  7. Information from the Computer
  8. Information from the User
  9. Step 2: Identify the Affected Areas of the Network
  10. Step 3: Determine if Anything Has Changed
  11. Changes to the Network
  12. Changes to the Server
  13. Changes to the Workstation
  14. Step 4: Establish the Most Probable Cause
  15. Step 5: Determine if Escalation Is Necessary
  16. Step 6: Create an Action Plan and Solution Identifying Potential Effects
  17. Step 7: Implement and Test the Solution
  18. Step 8: Identify the Results and Effects of the Solution
  19. Step 9: Document the Solution and the Entire Process
  20. Troubleshooting the Network
  21. Where the Cable Is Used
  22. Crosstalk
  23. Open Impedance Mismatch (Echo)
  24. Managing Collisions
  25. Troubleshooting Infrastructure Hardware
  26. Configuring and Troubleshooting Client Connectivity
  27. Troubleshooting Incorrect VLANs
  28. Identifying Issues That Might Need Escalation
  29. Troubleshooting Wireless Issues
  30. Troubleshooting Wireless Signals
  31. Troubleshooting Wireless Configurations