Vlan

A Project Report On
Virtual LAN
(Prepared in Information System, BEL)
BHARAT ELECTRONICS
GHAZIABAD
CERTIFICATION
a) ISO – 9001- 2000 b) ISO 14001 c) ISO - 18001 OHSAS
Submitted by:
LALIT KUMAR
Page | 1
Bachelor of
Engineering
Computer Science
IIIrd year
INDEX
S.NO TOPIC PAGE NO.
1 ACKNOWLEDGEMENT
3
2 CERTIFICATE
4
3 PREFACE
5
4 ABOUT BHARAT ELECTRONICS

6
5 BHARAT ELECTRONICS ,GHAZIABAD

14
6 ROTATION REPORT
20
7 ABOUT IS DEPARTMENT
8 VIRTUAL LOCAL AREA NETWORK(VLAN)
Page | 2
9 CONCLUSION
79
CERTIFICATE
TO WHOM SO EVER IT MAY CONCERN
Dated: 28th August
IT IS TO CERTIFY THAT LALIT KUMAR STUDENT OF

NETAJI SUBHAS INSTITUTE OF TECHNOLOGY HAS
SUCCESSFULLY COMPLETED HIS INDUSTRAIL
TRAINING IN BHARAT ELECTRONICS LIMITED,
GHAZIABAD FROM 20th JULY To 28th AUGUST
2010.
Page | 3
Anoop Kumar
Mr. Dinesh Goel
Sr.Engineer (IS)
Manager (IS)
ACKNOWLEDGEMENT
I take this opportunity to express my sincere gratitude

towards my college Training and placement officer for
forwarding my training letter to Bharat Electronics,
Ghaziabad and also to Mr. R.N. Tyagi, Manager
(HRD), Bharat Electronics, and Ghaziabad for
accepting my letter and allowing me to complete my
training in Bharat Electronics. I would like to express
my deep satisfaction and gratitude towards Mr.
DINESH GOEL for his timely guidance and help
extended during each stage of my project. Finally, I
would like to thank each and every member of BEL
family for making me feel comfortable and helping me
in every possible manner.
LALIT KUMAR
Page | 4
PREFACE
The Eight weeks training is a part of our 4-year B.E

course. Practical industrial training mainly aims at
making one aware of industrial environment; which
means that one gets to know the limitation, constraint
and freedom under which an engineer works. One also
gets an opportunity to watch from close quarter that
indicates manager relation. This training mainly
involves industrial and complete knowledge about
designing, assembling and manufacturing process of
various equipments manufactured by an industry.
Page | 5
BHARAT ELECTRONICS LIMITED
.
BHARAT ELECTRONICS LIMITED (BEL)
now BHARAT ELECTRONICS was established in 1954 as
a public Sector Enterprise under the administrative
control of Ministry of Defense as the fountainhead to
manufacture and supply electronics components and
equipment. BEL, with a noteworthy history of pioneering
achievements, has met the requirement of state-of-art
professional electronic equipment for Defense,
broadcasting, civil Defense and telecommunications as
well as the component requirement of entertainment and
Page | 6
medical X-ray industry. Over the years, BEL has grown to
a multi-product, multi-unit, and technology driven
company with track record of a profit earning PSU.
The company has a unique position in India
of having dealt with all the generations of electronic
component and equipment. Having started with a HF
receiver in collaboration with T-CSF of France, the
company’s equipment designs have had a long voyage
through the hybrid, solid-state discrete component to the
state of art integrated circuit technology change.
Today BEL’s infrastructure is spread over 9
locations with 29 divisions having ISO-9001/9002
accreditation. Its manufacturing units have special focus
towards products ranges like Defense Communication,
Rader’s, Optical & Opto-electronics, Telecommunication,
sound & Vision Broadcasting, Electronic Components,
etc.
BEL has nurtured and built a strong in-house R&D base
by absorbing technologies from more than 50 leading
companies worldwide and DRDO Labs for a wide range of
products. Each unit has its own R&D Division. About 70%
of BEL’s products are of in-house design.
BEL was among the first Indian companies
Page | 7
to manufacture computer parts and peripherals under
arrangement with International Computers India Limited
(ICIL) in 1970s. BEL assembled a limited number of 1901
systems under the arrangement with ICIL. However,
following Government’s decision to restrict the computer
manufacture to ECIL, BEL could not progress in its
computer manufacturing plans. As many of its equipment
were microprocessor based, the company, continued to
develop computers based application, both hardware and
software. Most of its software requirements are in real
time. EMCCA, software intensive navel ships control and
command system is probably one of the first projects of
its nature in India and Asia.
BEL has won a number of national and
international awards for Import Substitution, Productivity,
Quality, Safety, Standardization etc. BEL was ranked No.
1 in the field of Electronics and 46th overall among the
top 1000 private and public sector undertakings in India
by the Business Standard in its special supplement “The
BS 1000 (1997-98)”. BEL was listed 3rd among the Mini
Ratanas (Category II) by the Government of India, 49th
among Asia’s top 100 worldwide Defense Companies by
the Defense News, USA.
Page | 8
1.1 Corporate Motto, Mission and Objectives:
The passionate pursuit of excellence at BEL
is reflected in a reputation with its customers that can be
described in its motto, mission and objectives:
CORPORATE MOTTO:
“Quality, Technology and innovation.”
CORPORATE MISSION:
“To be the market leader in Defense Electronics
and in other chosen fields and products.”
CORPORATE OBJECTIVES:
1. To become a customer-driven company
supplying products at competitive prices at the
expected time and providing excellent customer
support.
2. To achieve growth in the operations
commensurate with the growth of professional
electronics industry in the country.
3. To generate internal resources for financing the

investments required for modernization, expansion
and growth for ensuring a fair return to the investor.
4. In order to meet the nations strategic needs, to
strive for self-reliance by indigenization of materials
and components.
5. To retain technological leadership of company in
Defense and other chosen fields of electronics
Page | 9
through research and development as well as
through Collaboration with National Research
Laboratories, International Companies, Universities
and Academic Institutions.
6. To progressively increase overseas sales of its
products and services.
7. To create an organizational culture this encourages
members of organization to realize their full potential
through continuous learning on the job and through
other HRD initiatives.
1.2 Manufacturing Units:
BANGALORE (KANARATAKA)
BEL started its production activities in
Bangalore on 1954 with 400W high frequency (HF)
transmitter and communication receiver for the Army.
Since then, the Bangalore Complex has grown to
specialize in communication and Radar/Sonar Systems
for the Army, Navy and Air-force. The Unit has now
diversified into manufacturing of electronic products for
the civilian customers such as DoT, VSNL, AIR and
Doordarshan, ISRO, Police, Civil Aviation and Railways. As
an aid to Electorate, the unit has developed Electronic
Voting Machines
Page | 10
GHAZIABAD (UTTER PRADESH)
The second largest Unit at Ghaziabad was
set up in 1974 to manufacture special types of radar for
the Air Defense Ground Environment Systems (Plan
ADGES). The Unit provides Communication Systems to
Defense Forces & Microwave Communication Links to
various departments of the State & Central Govt... The
Unit’s product range included Static & Mobile Radar,
professional grade Antennae etc.
PUNE (MAHARASHTRA)
This Unit was started in 1979 to manufacture Image
Converter Tubes. Subsequently, Magnesium Manganese-
dioxide Batteries, Lithium Sulphur Batteries and X-ray
Tubes/Cables were added to the product range.
MACHILIPATNAM (ANDHRA PRADESH)

The Andhra Scientific Co. at Machilipatnam,
manufacturing Optics/Opto-electronic equipment was
integrated with BEL in 1983. The product line includes
passive Night Vision Equipment, Binoculars and Goggles,
Periscopes, Gun Sights, Surgical Microscope and Optical
Sights and Mussel Reference Systems for tank fire
Page | 11
control systems. The Unit has successfully diversified to
making the Surgical Microscope with zoom facilities.
PANCHKULA (HARYANA)
To cater the growing needs of Defense Communications,
this Unit was established in 1985. Professional grade
Radio-communication Equipment in VHF and UHF ranges
entirely developed by BEL and required by the Defense
services are being met from this Unit.
CHENNAI (TAMIL NADU)

In 1985, BEL established another Unit at Chennai to
facilitate manufacture of Gun Control Equipment required
for the integration and installation and the Vijay anta tanks.
The Unit is now manufacturing Stabilizer Systems for T-72 tanks, Infantry
Combat Vehicles BMP-II; Commander’s Panoramic Sights & Tank Laser Sights
are among others.
KOTDWARA (UTTER PRADESH)

In 1986, BEL STARTED a unit at Kotdwara to manufacture
Telecommunication Equipment for both Defense and
civilian customers. Focus is being given on the
requirement of the Switching Equipment.
Page | 12
TALOJA (MAHARASHTRA)
For the manufacture of B/W TV Glass bulbs, this plant
was established in collaboration with coming, France in
1986. The Unit is now fully mobilized to manufacture 20’’
glass bulbs indigenously.
HYDERABAD (ANDHRA PRADESH)

To coordinate with the major Defense R&D Laboratories
located in Hyderabad, DLRL, DRDL and DMRL, BEL
established a Unit at Hyderabad in 1986. Force Multiplier
Systems are manufactured here for the Defense services.
1.3 Joint Ventures:
1.3.1 BE-Delft Electronics Limited

BE-Delft Electronics Limited, Pune, the first joint venture
with Delft Instruments, Holland and UTI for conducting
research, development and manufacture of Image
Intensifier Tubes etc.for use in military and commercial
systems. Its products include night vision goggles, night
vision weapon sights and low light level input
applications.
Page | 13
1.3.2 GE-BE Private Limited
GE-BE Private Limited, Bangalore, a JV with General
Electric Medical Systems, USA was established in 1997-
98 for manufacture of High End Routing Anode Medical
Diagnostic X-ray tube called CT MAX, which is used in CT
Scanners. It will also establish a reloading facility for X-
ray tubes and market the conventional X-ray tubes made
at Pune Unit of BEL.
1.3.3 BEL- Multitone Private Limited

A joint venture between Bharat Electronics and Multitone
Electronics Plc, UK was established in Bangalore in 1997-
98 to manufacture state-of-art Mobile Communication for
the workplace. With the strength of Bharat Electronics in
the Radio Communications fields and the technology of
Multitone, in the field of Radio Paging, the joint venture
company is in a position to offer tailor made solution to
the Mobile Communication needs at workplace in various
market segments.
Page | 14
1.4 BEL Components & Customers
CUSTOMERS COMPONENTS
Defense Transmitting Tubes, Microwave

Tubes, Lasers, Battery,
Semiconductors-Discrete, Hybrid
and Circuits.
All India Radio, Door- Transmitting Tubes, Microwave
darshan,Telecommuni Tubes, and Vacuum Tubes.
cations and Civil
Industries
Entertainment B/W TV Tubes, Silicon
Industry Transistors, Integrated Circuits,
Bipolar and CMOS, Piezo-Electric
Crystals, Ceramic
Capacitors and SAW Filters.
Telephone Industry Integrated Circuits, Crystals.
Switching Industry Vacuum Interrupters.
Instrumentation Liquid Crystal Displays.
Page | 15
Industry
Medical & Health Care X-ray Tubes.
1.5 Systems/Network
• Identity Card Systems Software.

• Office Automation Software.
• LCD On-line Public Information Display
Systems.
• Communication Networks / VSAT Networks.
BEL GHAZIABAD UNIT
Formation:
To strengthen the air Defense system, in particular the

ground electronics system support, for the air Defense
network led to formulation of a very major plan for an
integrated Air Defense Ground Environment System
known as the plan ADGES .The ministry of Defense
immediately realized the need to establish production
capacity for meeting the electronic equipment
requirements for its plan ADGES.In December 1970 the
Page | 16
Govt. sanctioned an additional unit for BEL. In 1971,
the industrial license for manufacture of radar and
microwave equipment was obtained, 1972 saw the
commencement of construction activities and
production was launched in 1974.Over the years, the
unit has successfully manufactured a wide variety of
equipment needed for Defense and civil use. It has also
installed and commissioned a large number of systems
on turnkey basis. The unit enjoys a unique status as
manufacture of IFF systems needed to match a variety
of primary raiders. More than 30 versions of IFF’s have
already been supplied traveling the path from vacuum
technology to solid-state to latest microwave
component system.
The Product Ranges today of the

company are:
Radar System
• 3-Dimensional High Power Static and Mobile
Radar for the Air Force.
• Low Flying Detection Radar for both the Army
and the Air force.
Page | 17
• Tactical Control Radar System for the Army.
• Battlefield Surveillance Rader for the Army.
• IFF Mk-X Radar systems for the Defense and
export etc.
Communications
• Digital Static Tropo scatters Communication
Systems for the Air Force.
• Digital Mobile Tropo scatters communication
System for AirForce and Army.
• VHF, UHF & Microwave Communication
Equipment.
• Bulk Encryption Equipment.
• Turnkey communication Systems Projects for
Defense & civil users.
Antennae
• Antennae for Radar, Terrestrial & Satellite
Communication Systems.
• Antennae for TV Satellite Receive and
Broadcast applications.
• Antennae for Line-of-sight Microwave
Communication Systems.
Microwave Component
Page | 18
• Active Microwave components like LNAs,
Synthesizer, and Receivers etc.
• Passive Microwave components like Double
Balanced Mixers, etc.
Organization
The operations at BEL Ghaziabad are headed by General Manager with
Additional / Deputy General Manager heading various divisions as follows:
• Design & Engineering Divisions
• Development and Engineering-R
• Development and Engineering-C
• Development and Engineering-Antenna.
1. Equipment Manufacturing Divisions

Radar, Communication, Antenna, Systems, Microwave Components.
2. Support Divisions
Material management, Marketing & Customer Co-
ordination, Quality Assurance & Torque, Central
Services,PCB & Magnetics,Information Systems,
Finance & Accounts, Personnel & Administration,
Management Services. Design & Engineering.
Equipment Manufacturing Divisions
Page | 19
BEL Ghaziabad has well defined standards and
processes for as well as manufacturing and testing
activities. Activities are divided into various
departments like Production Control, Works Assembly,
and QC WORKS. The manufacture and control of
production is through central systems, BELMAC, BEL’s
own homegrown ERP system.
Microwave Component Group

Frequencies greater than 1 GHz are termed as
Microwaves. Microwaves Integrated Circuits (MIC) used
extensively in the production of subsystems for Radar
and Communication equipment constitutes a very vital
part of the technology for these systems and is
generally imported. Owing to the crucial and building
block nature of the technology involved, BEL is
currently setting up a modern MIC manufacturing
facility at a planned expenditure of Rs. 2 cr. This facility
will be the main center for the MIC requirements of all
the units of the company.
Material Management
Material Management division is responsible for
Page | 20
procurement, storage handling, issue of purchased
parts as well as raw materials required to manufacture
various equipment and spares.
Marketing and Customer Co-ordination

This division is responsible for acquisition and
execution of customer orders and customer services.
Marketing department looks after order acquisition.
Commercial department looks after order execution.
Quality Assurance & Torque

BEL has established stringent processes, modern
facilities & systems to ensure product quality.IGQA,
Environmental Labs, Test Equipment Support and QA
departments are grouped under this division. All
material passes through stringent inward goods
screening in IGQA department before being accepted
for use. After inspection, the end product is again put
through a rigorous cycle of performance and
environmental checks in Environmental Labs. The
testing, calibration and repair facility of test
Instruments used in the factory is under the control of
Test Equipment Support.
Page | 21
Central Services
Central services Division looks after plant and
maintenance of the estate including electrical
distribution, captive power generation, telephones,
transport etc.
PCB Fabrication & Magnetics

PCB Fabrication, Coil and Magnetics, Technical
Literature, Printing Press and Finished Goods are the
areas under this division. Single sided PCB blanks-
having circuit pattern on one side of the board and
double sided- having circuit pattern on both sides of
the board are manufactured in house
Magnetic department makes all type of transformers
& coils that are used in different equipment. Coils and
transformers are manufactured as per various
specifications such as number of layers, number of
turns, types of windings, gap in core, dielectric
strength, insulation between layers, electrical
parameters, impedance etc. laid down in the
documents released by the D&E department.
Page | 22
Information Systems
IS Department is responsible for BEL’s own home
grown manufacturing and control systems called
BELMAC.it comprises of almost all modules a modern
ERP systems but is Host and dumb terminal based.
Finance & Accounts

The F&A division is divided into Budget & Compilation,
Cost and Material Accounts, Bills Payable, Bill
Receivable, Payrolls, Provident Fund, Cash Sections.
Personal & Administration

P&A Division is divided into various departments like
Recruitment, Establishment, HRD, Welfare, Industrial
Relations, Security and MI Room.
Management Services
This department deals with the flow of information to or
from the company. It is broadly classified into three
major sub-sections – Management Information System,
Industrial Engineering Department and Safety.
Page | 23
ROTATION PROGRAME
Under this the student are introduced to the company

by putting them under a rotation program to various
department. The servile department where I had gone
under is as follows:
• TEST EQUIPMENT & AUTOMATION

• P.C.B FABRICATION
• WORKASSEMBLY-RADAR&COMMUNICATION
• MAGNETICS
• MICROWAVE LAB
• QUALITY CONTROL WORK ASSEMBLY
During the rotation period of one week we had to go to

various departments, listed above to get some
introduction about the work that is being done at that
particular department. The co-operative staff at various
departments made the learning process very
interesting, which allowed has to know more about the
company in a very short time. The various departments
Page | 24
are now given in detail.
TEST EQUIPMENT & AUTOMATION
This department deals with the various instruments used
at BEL such as Oscilloscope (C.R.O), Multimeter, Signal
Analyzer, Logical Pulsar, Counters Function Generator
etc.There are total three hundred equipments and they
are of sixteen types. Mainly the calibration (testing of
equipment with a standard one) of instruments is carried
out here, they are compared with the standard of
National Physical Laboratory (NPL).As every instrument
has a calibration period after which the accuracy of the
instrument falls from the required standards. So if any of
the instruments is not working properly, it is being sent
here for its correct calibration. To calibrate instrument
software techniques are used which includes the

Page | 25
program written in any suitable programming language.
After testing different tags are labeled on the equipment
according to the observations.
• GREEN Perfect
• YELLOW Satisfactory but some trouble is
present
• RED cannot be used, should be disposed off.
1 WS 102
2 WS 104
3 PS 520
4 PS 809
5 PS 811
6 PS 369
Where, WS = Workmanship & PS = Process Standard
After the inspection of cables, PCB’s and other things the defect found are given
in following codes.
1 A --- Physical and Mechanical defects.
Page | 26
2 B --- Wrong Writing
3 C --- Wrong Component / Polarity
4 D --- Wrong Component / Mounting
5 E --- Bad Workmanship/ Finish
6 F --- Bad Soldering
7 G --- Alignment Problem
8 H --- Stenciling
9 I --- Others (Specify)
10 J --- Design & Development
After finding the defect, the equipment is sent to responsible department
which is rectified there.
P.C.B. FABRICATION
P.C.B. stands for Printed Circuits Board. It’s an integral part of the Electronics
equipment as well as all the components are mounted on it. It Consists of the
fiberglass sheet having a layer of copper on both sides.
Types Of PCBs
1. Single Sided Board : Circuits on one side.
2. Double Sided Board : Circuit on Both sides.
3. Multi-layer Board : Several layers are interconnected
Through hole metallization.
Raw material for PCB’s

Most common raw material used for manufacturing of PCBs is copper cladded
glass epoxy resin sheet. The thickness of the sheet may vary as 1.2, 2.4 and
Page | 27
3.2mm and the standard size of the board is 610mm to 675mm.
Operation in process
Following steps are for PCB manufacturing:-
1 CNC Drilling
2 Drill Location
3 Through Hole Plating
4 Clean Scrub and Laminate
5 Photo Print
6 Develop
7 Cu electroplate
8 Tin electroplate
9 Strip
10 Etching and cleaning
11 Tin Stripping
12 Gold plating
13 Liquid Photo Imageable Solder Masking (LPISM)
14 Photo print
15 Develop
16 Thermal Baking
17 Hot Air leaving
18 Non Plated Hole Drilling
Page | 28
19 Reverse Marking
20 Sharing & Routing
21 Debarring & Packing
P.C.B. is a non-conducting board on which a conductive board is made. The

base material, which is used for PCB plate are Glass Epoxy, Bakelite and
Teflon etc.
Procedure for through hole metalization

Loading-Cleaner-Water Rinse-Spray Water-Rinse-Mild Etch-Spray Water-
Rinse-Hydrochloric Acid-Actuator-Water Rinse-Spray Water-Rinse-
Accelerator Dip-Spray Water- Rinse- Electrolyses Copper-Plating-Plating-
Spray water-Rinse-Anti Tarnish Dip-Hot Air Drying- Unloading.
After through hole metalization, photo tool generation is done which is

followed by photo printing. In this the PCB is kept b/w two blue sheets and the
ckt. is printed on it. A negative and positive of a ckt. are developed. To identify
b/w the negative and positive, following observation is done. If the ckt. is black
and the rest of the sheet is white, it is positive otherwise negative.
Next, pattern is done. The procedure for pattern plating follows :
Loading- Cleaner- Water rings- Mild etch- Spray- Water Rinse-Electrolytic-

Copper plating- Water rinse- Sulfuric acid-Tin plating- Water rinse- Antitarnic
dip- Hot air dry- Unloading.
To give strength to the wires so that they can not break. This is done before
molding. Varnishing is done as anti fungus prevention for against
environmental hazard.
After completion of manufacturing proceeds it is sent for testing. This is

followed by resist striping and copper etching. The unwanted copper i.e. off the
tracks is etched by any of the following chemicals. After this tin is stripped out
from the tracks.
After this solder marking is done. Solder marking is done to mark the tracks to
get oxidized & finally etch. To prevent the from getting etched & making the
whole circuit infuctionable done.
Page | 29
There are three types of solder marking done in BEL.
1 Wet solder mask: Due to some demerits this method is totally
ruled out. The demerit was non alignment which was due to wrong method
applied or wrong machine.
2 Dry pin solder mask: Due to wastage of films about 30% this
method is also not used now.
3 Liquid photo imaginable solder mask (LPISM): In this first
presoaking is at 80 degree Celsius for 10 to 20 minutes. Next, screen
preparation is done . the board is covered by a silk cloth whose mesh is T-48.
The angle to tilt of the board is 15 degree to 22.5 degree. The ink is Ink
preparation : Ink + Hardener
71 % : 29 %
(150 gms) : (300gms)
+
Butayae solo solve 50gms/kg.
Ink preparation-
It uses :-
Ink-----100gm
Catalyst----10% of total weight
Reducer-----10% of total weight
The catalyst is used as binder and prevents the following, while reducer is used
as thinner. The three things are then fully mixed.
For wash out, following procedure takes place.
Water-Lactic acid-Water-Bleaching power-Water-caustic Soda-Water-Air dry-

TCE.
After wash out, final baking for one hour at the temt. of 20degree C is done.
After this shearing or routing is done which is followed by debarring and
packing.
Page | 30
WORKS ASSEMBLY
This department plays an important role in the production. Its main function is
to assemble various components, equipments and instruments in a particular
procedure.
It has been broadly classified as :
1. WORK ASSEMBLY RADAR e.g.:INDRA-2, REPORTER
2. WORK ASSEMBLY COMMUNICATION e.g.: EMCCA, MSSR,
MFC
• EMCCA: EQUIPMENT MODULAR FOR COMMAND

CONTROL
APPLICATION
• MSSR: MONOPLSE SECONDARY SURVEILLANCE
RADAR
• MFC: MULTIFUNCTIONAL CONSOLE
The stepwise process followed by work assembly department is:
1) Preparation of part list that is to be assembled.
2) Preparation of general assembly.
3) Schematic diagram to depict all connect to be made and brief idea
about all components.
4) Writing list of all components.
In work assembly following things are done.
Material receive
Page | 31
Preparation-- this is done before mounting and undertakes two procedures.
Tinning : The resistors, capacitors and other components are tinned

with the help of tinned lead solution. The wire coming out from the component
is of copper and it is tinned nicely by applying flux on it so that it does not
tarnished and seventh soldering becomes easy.
Bending : Preparation is done by getting the entire documents j, part list

drawing and bringing all the components before doing the work.
Mounting : It means soldering the components of the PCB plate with the help
of soldering tools. The soldering irons are generally of 25 W and are of variable
temperature, one of the wires of the components is soldered so that they don’t
move from their respective places on the PCB plate. On the other hand of the
component is also adjusted so that the PCB does not burn.
Wave soldering : This is done in a machine and solder sticks on the

entire path, Which are tinned.
Touch up: This is done by hand after the finishing is done.
Inspection: This comes under quality work.
Heat ageing: This is done in environment lab at temperature of 40 degree

Celsius for 4 hrs and three cycles.
Lacquering: Lacquering is only done on the components, which are not

variable.
Storing : After this variable components are sleeved with Teflon. Before
Lacquering mounted plate is cleaned with isopropyl alcohol. The product is
then sent to store.
Page | 32
MAGNETICS
This Department basically deals with the production of components of

electrical engineering. It basically consists of the following three sections:
1. Production control
2. Works
3. Quality control
The D&E provides all the information about manufacturing a coil
and the transformer.
The various types of transformer are as follows:
1. AIR CORED TRANSFORMER
2. OIL CORE TRANSFORMER
3. MODULATING TYPE TRANSFORMER
4. PCB MODULATING
a. Matching transformer
b. Insulation transformer
c. Hybrid transformer
d. R.F. transformer
e. I.F. transformers
The types of cores are

1. E type
2. C type
3. Lamination
4. Ferrite core
5. Toroidal core
Procedures involved in production of transformers and coil :
Page | 33
1. Preparation of former :
Former is made of plastic Bakelite comprising a male and female plates which are
joined alternately to form a rectangular box on which winding is done.
2. Winding :
It is done with different material and thickness of wire. The winding has specified
number of layers with each layer’s having a specified number of turns. The
distance between the two turns should be maintained constantly that is there
should be no overloading. The plastic layer is inserted between two consecutive
layers.
Type of Windings :
1) Layer Winding
2) Wave Winding
3) Bank Winding
3. Winding :
For inter-winding and inter layer, various types of insulation sheets viz. Craft
paper, paper, leather, oil paper, polyester film are being used.
4. Protection :
to protect the transformer from the external hazards, moisture, dust and to provide
high insulation resistance they are impregnated in the following forms.
INFORMATION SYSTEMS DEPARTMENT
Page | 34
Information System department act as an Internet
Service Provider for BEL Ghaziabad unit. It is
responsible for managing and troubleshooting of the
entire network setup.
BELMAC
IS Department is responsible for BEL’s own home
grown manufacturing and control systems called
BELMAC. It comprises of almost all modules a modern
ERP system but is Host and dumb terminal based. It
comprises of two servers: BEL1 and BEL2. BEL1 deals
with production control, D&E, Material Management
and Sales modules while BEL2 deals with Finance and
Payroll. The front end of BELMAC is implemented using
SQL Forms and oracle at back end. Report writer and
Proc*C are used as Report writing Tools.
Page | 35
NETWORK
Page | 36
Some Networking Devices
In the physical layer, we find the repeaters. These are

analog devices that are connected to two cable segments.
A signal appearing on one of them is amplified and put out
on the other. Repeaters do not understand frames, packets,
or headers, they understand volts. E.g. Classic Ethernet was
designed to allow 4 Repeaters, in order to extend maximum
cable length from 500 Mts to 2500 Mts.
A Hub has a number of input lines that it joins electrically.

Frame arriving on any of the lines are sent out on all the
others. If two frames at the same time they will collide, just
as on Coaxial cable. The entire hub forms a single collision
domain. All lines coming into hub must operate at same
speed. Hubs unlike repeaters do not amplify signals
(usually) and are designed to hold multiple line cards each
with multiple inputs, otherwise differences are slight.
A Bridge connects two or more LANs. When a frame arrives

software in the Bridge extracts the destination address,
from the frame header and looks it up in the table to see
where to send the frame. For Ethernet this address is the 48
bit destination address. Like a Hub, modern Bridge has line
cards, usually for 4 to 8 input lines of a certain type. A line
card for Ethernet can’t handle, say token ring frames
because it doesn’t know where to find destination address
in the frame header. With a Bridge, each line is its own
collision domain, in contrast to a Hub.
Switches are similar to bridges in that both route on frame

addresses. Main difference is that a Switch is most often
used to connect individual computers.
Page | 37
A Router is a device that forwards data packets along
network route is connected to at least two networks,
commonly two LANs or WANs or a LAN and its ISP?s
network. Routers are located at gateways, the
places where two or more networks connect. Routing is a
process preformed by a router which moves packets of data
around the Internet. A router makes sure that a message is
sent and received and is part of what makes TCP/IP such a
useful protocol suite. To be able to successfully start routing
a router uses headers and a forwarding table to find the
destinations for packets. A router uses the ICMP protocol
section of the TCP/IP protocol suite. Routers use headers
and forwarding tables to determine the best path for
forwarding the packets, and they use protocols such as
ICMP to communicate with each other and configure the
best route between any two hosts.
Very little filtering of data is done through routers
A network gateway is an internetworking system, a system
that joins two networks together. A network gateway can be
implemented completely in software, completely in
hardware, or as a combination of the two. Depending on
their implementation, network gateways can operate at any
level of the OSI model from application protocols to low-
level signaling.
A Cisco router is a computer device that receives or
forwards data packets to and from the Internet towards a
destination in the process called routing. A router is the
essential component of the computer networking that
enables any sent data to arrive at the right destination.
Page | 38
A router (broadband router) is also a device that enables
two or more computer to receive data packets from the
Internet under one IP address at the same time.
Remember that to be able to connect to the Internet; a
computer must have an IP address unique from the rest of
the computers. Therefore, every computer connected to the
Internet has it own IP address. It is like having a fingerprint
or ID as an access pass to be able to enter the web. With
the presence of the router, this? Fingerprint? Or? ID? Could
be shared by two or more computer at the same time. In
simplest form, a router makes two or more computer use
the Internet at the same with one access pass.
Application Layer Application Gateway
Transport Layer Transport Gateway
Network Layer Router
Data link Layer Bridge, Switch
Physical Layer Repeater, Hub
Remote Access Server (RAS)
Remote access is a ability to get access to a computer

/network from a remote distance. In corporations, people
at branch offices, telecommuters, and people who are
travelling may need access to the corporation's network.
Home users get access to Internet through remote access
to an Internet service provider (ISP).Remote access is also
possible using a dedicated line between a computer or a
remote local area network and the "central" or main
corporate local area network. A dedicated line is more
expensive and less flexible but offers faster data rates.
Integrated Services Digital Network (ISDN) is a common
method of remote access from branch offices since it
Page | 39
combines dial-up with faster data rates. Wireless, cable
modem, and Digital Subscriber Line (DSL) technologies
offer other possibilities for remote access.
A server that is dedicated to handling users that is not on

a LAN but need remote access to it.
A remote access server is the computer and associated

software that is set up to handle users seeking access to
network remotely. Sometimes called a communication
server, a remote access server usually includes or is
associated with a firewall server to ensure security and a
router that can forward remote access request to another
part of corporate network. A remote access server may
include or work with modem pool manager so that small
group of modems can be shared among a large number of
intermittently present remote access users. A remote
access server may also be used as part of a virtual private
network (VPN).
EPolicy Orchestrator (EPO)
EPolicy Orchestrator® is a security management solution

that gives you a coordinated defense against malicious
threats and attacks. As your central hub, you can keep
protection up to date; configure and enforce protection
policies; and monitor security status from one centralized
Page | 40
console.
Benefits:
• Enforces compliance and updates
• ePolicy Orchestrator lets you effectively manage policy
compliance and updates;
• You lower the risk of noncompliant systems
compromising your security Comprehensive security
management
• Handle all your enterprise-wide system protection with
this centralized management infrastructure.
• It covers anti-virus, anti-spyware, host IPS, content
filtering, and Microsoft® patch assessment Find non-
compliant systems
• It helps you identify noncompliant systems that
increase your risk of vulnerability and infection
Assesses Microsoft patch compliance
• You can assess Microsoft patch compliance and audit
your current patch rollout processes; it informs you
about your exposure to new exploits and vulnerabilities
Monitors security all day, every day
• You can monitor security status 24/7, evaluate your
policy status, and find your network's vulnerabilities
from one centralized
Features:
• Noncompliant system detection
• ePolicy Orchestrator lowers your risks due to
noncompliant systems by alerting you when such
systems are connected to your corporate network
Patch compliance and reporting
• ePolicy Orchestrator lets you search for a file, service,
registry key, or specific Microsoft patch; you can
monitor the compliance by viewing detailed graphical
Page | 41
reports Virus tracking and notification
• It tracks new anti-virus security updates every hour and
deploys them to appropriate systems without your
intervention through automatic and fast global
updating
Mail Server
A host server which holds e-mail messages for clients. The

client (the program you use to get your e-mail) connects to
the mail server and retrieves any messages that are
waiting for you. The computers at your ISP that handle
email coming into your account as well as all the email you
send out. A mail transfer agent or MTA (also called a mail
server, or a mail exchange server in the context of the
Domain Name System) is a computer program or software
agent which transfers electronic mail messages from one
computer to another.
Dynamic Host Configuration Protocol (DHCP)

It is a client server networking protocol. The Dynamic Host
Configuration Protocol (DHCP) is a protocol that automates
the assignment of IP addresses; subnet masks default
routers, and other IP parameters. The assignment usually
occurs when the DHCP configured machine boots up, or
regains connectivity to the network. The DHCP client sends
out a query requesting a response from a DHCP server on
the locally attached network. The DHCP server then replies
to the client PC with its assigned IP address, subnet mask,
DNS server and default gateway information. The
assignment of the IP address usually expires after a
predetermined period of time, at which point the DHCP
client and server renegotiate a new IP address from the
server's predefined pool of addresses. Configuring firewall
Page | 42
rules to accommodate access from machines who receive
their IP addresses via DHCP is therefore more difficult
because the remote IP address will vary from time to time.
You'll probably have to allow access for the entire remote
DHCP subnet for a particular TCP/UDP port. Most home
router/firewalls are configured in the factory to be DHCP
servers for your home network.
Phases of DHCP Operations: -
• IP lease request
• IP lease offer
• IP lease selection
• IP lease acknowledgement.
1. IP Lease Request:-
Whenever a computer comes on line, it checks to see if it
currently has an IP address leased. If it doesn't, it requests
a lease from a DHCP server. Because the client computer
doesn't know the address of a DHCP server, it uses 0.0.0.0
as its own IP address and 255.255.255.255 as the
destination address. Doing so allows the client to
broadcast a DHCPDISCOVER message across the network.
Such a message consists of the client computer's Media
Access Control (MAC) address (the hardware address built
into the network card) and its NetBIOS name.
2. IP Lease Offer:-
When a DHCP server receives an IP lease request from a
client, it extends an IP lease offer. This is done by
reserving an IP address for the client and broadcasting a
DHCPOFFER message across the network. This message
contains the client's MAC address, followed by the IP
address that the server is offering, the subnet mask, the
Page | 43
lease duration, and the IP address of the DHCP server
making the offer.
3. IP Lease Selection:-
When the client PC receives an IP lease offer, it must tell
all the other DHCP servers that it has accepted an offer. To
do this, the client broadcasts a DHCP REQUEST message
containing IP address of the server that made the offer.
When the other DHCP servers receive this message, they
withdraw any offers that they might have made to the
client. They then return the address that they had reserved
for the client back to the pool of valid addresses that they
can offer to another computer. Any number of DHCP
servers can respond to an IP lease request, but the client
can only accept one offer per network interface card.
4. IP Lease Acknowledgement:-
When the DHCP server receives the DHCP REQUEST
message from the client, it initiates final phase of
configuration process. This acknowledgement phase
involves sending a DHCPACK packet to client. This packet
includes lease duration and any other configuration
information that the client might have requested. At this
point, TCP/IP configuration process is complete.
Technical Product Specification In Bharat

Electronics limited Information Services
Layer3 switch (Central Switch) Router
1 Chassis based switch architecture with scalable back

pane bandwidth over 32 Gbps.
2 Multi-layer switching performance over 15 Million
pps (64 Byte).
Page | 44
3 Should support voice and data integration on the same
switch to provide a single platform for running a
multi-service network.
4 Should provide for capability to integrate VoIP using
IP Telephone in the campus.
5 Should have provision to upgrade current
10BAseT/100BaseTX modules for in-line power to IP
phones or should allow for the same externally.
6 Efficient intranet multimedia and multicast support
through protocol independent multicast (PIM),
Internet Group Management Protocol (IGMP), and
GARP Multicast Registration Protocol (GMRP)
delivering end to end, scalable bandwidth for
multimedia and multicast applications.
7 Should support QoS policies enforced by using Layer
2,3, and 4 information such as, precedence bits from
IP, and 802.1p frames or layer 4 port numbers.
8 Support for in-built protocol based Server load
balancing for optimal server utilization.
9 Support for fast Web Caching for optimal network
utilization. Support for Web Caching Control protocol
(WCCP2).
10 Support for multiple queues with configurable
thresholds employing queue management techniques
like WRED, WRR, and type of service / class of
service (ToS/CoS) mapping mechanism to ensure that
QoS is maintained as packets traverse Layer 2 and
Layer 3 boundaries.
11 Support for wide range of IP, IPX, and IP multicast
routing protocols.
12 Support for over 32000 MAC addresses.
13 IEEE 802.1Q, 802.1p, 802.3x
14 Ethernet: IEEE 802.3u, 100Base TX, 100Base FX.
15 Gigabit Ethernet: IEEE 802.3z.
16 Support for hot standby redundancy on Layer 3.
17 Support for SNMP MIB-II, 4 groups of RMON-1
(RFC 2819) on each ports and RMON-2 (RFC 2021)
through external Network Analysis Module.
18 Support for SMON – Switch monitoring.
19 Support for IEEE 802.1D Spanning-Tree Protocol
Page | 45
instance per VLAN preferred.
20 Modular architecture for quick replacement of faulty
modules.
21 Redundancy and fault tolerance :
o Requirement for redundant switching matrix /
Supervisory / Controller in central switch.
o Requirements for supporting redundant, load
sharing and hot pluggable power supply.
o Requirement for Redundant Supervisory and
Management module.
o Requirement for Redundant System clocks.
o Requirement for Redundant Fan modules.
22 Requirement for hot swappable I/O modules.
23 Support for over 4000 VLANs.
24 Security: Switch to support Secure Port filtering,
TACACs+ and IP permit lists, dynamic ACLs and
MD5 Route authentication shall be preferred. If the
same is offered by connecting a external device , then
it is to be indicated.
25 Port requirement :
o Gigabit Ethernet – provision for over 40 ports.
o Fast Ethernet – 48 ports 10 BaseT / 100
BaseTX. Option to enhance port count to over
200. should be able to support inline power if
required.
o WAN ports support option for T1/E1, T3/E3,
HSSI, ATM, and POS in the same chassis for
future upgradability.
o Voice support using FXS (atleast 48 ports in the
same chassis), E1.
26 Single TFTP download for entire chassis for the
purpose of upgrade of Switch S/W.
27 Advanced diagnostic support for troubleshooting
requirements.
Following Minimum Configuration required with above

parameters.
1. Minimum 9 Slot Chassis 1 Nos.

2. Supervisory / Controller Module 1 Nos.
Page | 46
3. Min. 10 Gigabit Ports 8 Nos. 1000 BaseSX
& 2 Nos 1000 BaseLX.
4. Redundant Supervisory / Controller
Module 1 Nos.
5. Redundant Power Supply 1 Nos.
6. 1 Port QC-12 Uplink Module 1 Nos.
7. 36 / 48 Port 10/100 BaseTX Module 1 Nos.
Layer 2 Switches (Distribution Switches)
1 24/48 port 10Base T/100Base TX ports with full-duplex

operation and auto sensing on each switched 10/100 port.
2 Modular field – replaceable Gigabit modules support SX,
LX, LH and ZX (extended reach over 70km) capability.
3 Over 10 Gbps aggregate switching fabric.
4 Over 8 Million pps forwarding rate.
5 Support for at least 16 MB DRAM and 4 MB of Flash
Memory.
6 Dual priority forwarding queues on each 10/100 and Gigabit
Ethernet port with support for 802.1p.
7 Bandwidth aggregation over 10/100 and Gigabit Ethernet up
to 4 Gbps.
8 Per port broadcast storm protection.
9 Support for 4 groups of RMON – History, statistics, alarms,
and events on board. Support for 9 groups by using external
analyzer through use of SPAN (Switch Port Analyzer).
10 Support for NTP (Network Time Protocol).
11 8192 MAC Addresses.
12 802.1Q VLAN configuration on all ports.
13 Support for IEEE 802.1D Spanning – Tree Protocol instance
per VLAN preferred. Please indicate.
14 IEEE 802.1p ready. Must provide two priority queues on
10/100 ports and 8 priority queues on Gigabit Ethernet ports
allowing users to prioritize data packets.
15 Support for 802.3x full duplex on all ports.
16 Support for switches to be stacked or clustered and
manageable using a single IP address.
17 Support for upto 250 port based VLANs.
18 Bandwidth aggregation support for Inter-switch links.
Page | 47
19 Imbedded web based Network Management Software to
configure and manage all stacked/clustered switches. Quote
for external HTTP server in case it is required.
20 Support for SNMP MIB – II, SNMP MIB extensions,
Bridging MIB (RFC 1493).
21 Support for Telnet and Command Line Management.
22 Support for IP multicast.
23 Multifunction LEDs per port for port status, half-
duplex/full-duplex, and 10BaseT/100BaseT indication as
well as switch-level status LEDs for system, RPS, and
bandwidth utilization.
Access Switches:
1 Support for at least 8 ports of 10BaseT/100BaseTX working
simultaneously is required.
2 Support for Auto-sensing and Auto-negotiation on each port.
3 Support for Web-based network management in addition to
regular management using SNMP.
4 Support for at least 4 port-based VLANs.
5 Internal power supply is required.
HUB Specifications:
1 16 port of 10 Mbps each.
2 Unmanaged and standalone.
3 One AUI port.
4 Inbuilt power supply.
5 19” Rack Mounted.
6 Front LED for Status and Link.
Fiber Optic Infrastructure Specifications in Information Services
2) Fiber Optic Connectors
The STII, STII+ or SC connectors shall meet or exceed the

following specifications:
Operating temperature: -40 to +75 degree C.
Average loss: 0.3 dB.
Page | 48
The choice between STII, STII+ or SC should be approved by
B.E.L prior to installation and should take into account the
standards recommendation that the SC connector should be used
for all new installations.
3) Fiber Optic Patch Cords
The fiber patch cord shall consist of one or two single, buffered,
graded-index 62.5/125 µm fibers. The fiber patch cord shall be
terminated with STII, STII+ or SC connector on each end. The
connector should specify whether simplex or duplex cords are
provide in the tender response.
The fiber patch cords shall meet the following specifications:

Minimum bend radius: 1.00”.
Operating temperature: -20 to +70 Degree C.
Loss: 0.4 dB/mated connector
Minimum bandwidth:
200 MHz-km at 850 nm.
500 MHz-km at 1300 nm.
4) Fiber Optic Patch Panels
The fiber patch panels shall be wall or 19” rack mounted. The
preferred method including the connector type should be detailed
in the tender response. This will depend on the space requirements
of the building.
UTP Cabling Specifications
1 Enhanced comply with ISO/IEC ISO 11801 ANSI/TIA/EIA/568

CAT-5 cable (4 A/B
pair) should preferably be tested and verified to exceed the
draft TIA specifications for 1000Base T (Gigabit
Ethernet)
CMR rated
UL verified
Page | 49
UL listed
Minimal delay skew < 8 ns
Electrical characteristics:
Impedance 100Ω ± 15 Ω from 1MHz to 350 MHz
DC Resistance 28.6 Ω / 305m Max
Resistance unbalance 5% max
Physical characteristics
Conductor: solid copper
Conductor diameter: 0.511 ± 0.005 mm
Insulation: polyolefin
Insulation thickness: 0.125 ± 0.03 mm
Jacket: PVC
Outer diameter: 5.1 ± 0.4 mm
Max Temperature: 75 0C
2 Enhanced Comply with TIA/EIA/568 A/B
CAT-5 UTP Angled Socket
Information High Durability RJ45 Interface
Outlets Mechanical
Termination Tools:
Krone (BT Inserter Wire 2A)/11
IDC terminals:
Suitable for 0.4 mm – 0.6 mm solid or stranded cable,
max D.1.5 mm
Two wires may be terminated for Daisy chain
applications
25 re terminals possible.
RJ45 Connector:
Body material UL 94VO
Thermoplastic, suitable for minimum 1000 mating
cycles
Connector composition:
1.25 mm gold over 2.5 mm nickel over phosphor
bronze
Electrical
DC Resistance: 20 mΩ or less
DC Resistance Imbalance: 2.0 m Ω or less
Insulation Resistance: >100 M Ω
Attenuation (dB)
@1 MHz 0.0121 or better
Page | 50
Near End Crosstalk
Return Loss (dB)
3 Patch Cord Comply with TIA/EIA/568 A/B
(Enhanced UTP / RJ45 Patch cords
CAT-5) 4 Pair cable assembly that is fully compatible with
7 ft voice, data and video applications
3 ft Constructed of stranded UTP cable for maximum
flexibility and integrity
Built in strain relief on connectors(Boots)
Mechanical Specifications
Cable
Gauge: 24 AWG stranded copper wire pair count: 4
pairs individually colour coded
Sequence
Wiring sequence in 568 A and 568 B available
Lengths: 0.3m; 0.6mm; 1.0mm; 1.5mm; 2.0mm;
3.0mm; 4.5mm; 5.0mm; 6.0mm; 7.0mm; 8.0mm;
9.0mm; 10.0mm;
Temperature range: -40 0C to 60 0C
Crimping Plug
Housing: natural polycarbonate UL 94V-2
Contract Material: Phosphor Bronze
Contact Plating: 1.25mm gold over 2.5mm Nickel
Cable to Plug
Tensile strengths: 7.71 kg min
Electrical characteristics
Cable
TIA/EIA category 5 LAN Performance
ETL verified
DC resistance per lead 0.085 Ω/m nominal
DC resistance unbalanced 3% nominal
Nominal mutual capacitance 49.6 pF/m
Characteristic Impedance 100Ω (15
Page | 51
% from 1 to 100MHz)
ACA Approval
4 Jack panels / Comply with TIA/EIA/568 A/B
patch panels Capable accommodating 22-26 AWG solid/standard
(Enhanced wires along with cable management clamps on rear
CAT-5) and front side
Capable of mounting on 19” rack
5 Wall mount Single/Double section rack 600 mm wide X 500 mm
racks 12 U deep
Rigid frame which can be fixed to the wall
Adjustable 19” rails in the front
Fixed mounting rails in the rear
Top & Bottom cable entry facility
Front section with glass door
Load rating 40 KG
Material made of steel & power coated
Steel door & glass door trims to be powder coated
6 Floor mount With 800 mm deep
rack 42 U Front Glass Door and back Steel Door
PVC channel ISI make
casing & Standard class – A PVC channel
capping PVC channel used should have 25% free space to
accommodate the further requirements
The PVC channel with casing & capping should be
fired & cold/alkali retardant and rodent proof
8 GI pipe Class B type
ISI Make
9 Information EN 60603 – 7 (IEC 603 – 7) and EN 28877 (ISO
outlet 8877)
8 positions modular MGS 200 connector and of the
insulation displacement type
Capable of receiving of 24 AWG solid and stranded
wires
Should be either surface or flush mounted, single or
dual sockets
Page | 52
VIRUAL LOCAL AREA NETWORKS
(VLANs)
Introduction
Virtual LANs (Vlans) have recently developed into an

integral feature of switched LAN solutions from every
Page | 53
major LAN equipment vendor. Although end user
enthusiasm for Vlan implementation has yet to take off,
most organizations have begun to look for vendors that
have a well articulated Vlan strategy, as well as Vlan
functionality built into products today. One of the reasons
for the attention placed on Vlan functionality now is the
rapid deployment of LAN switching that began in
1994/1995. The shift toward LAN switching as a
replacement for local or departmental routers- and now
even shared media devices (hubs)- will only accelerate in
the future. With the rapid decrease in Ethernet and token
ring switch prices a per port basis, many more ambitious
organizations are moving quickly toward networks
featuring private port (single user/port) LAN switching
architectures. Such a desktop switching architecture is
ideally suited to Vlan implementation. to understand why
private port LAN switching is so well suited to Vlan
implementation, it is useful to review the evolution of
segmentation and broadcast containment in the network
over the past several years.
In the early 1990s, organizations began to replace two port

bridges with multiport, collapsed backbone routers in order
to segment their networks at layer 3 and thus also contain
broadcast traffic. In network using only routers for
segmentation, segments and broadcast domains
corresponds on one-to one basis. Each segment typically
contained between 30-100 users. With the introduction of
switching, organizations were able to divide the network
into smaller, layer -2 defined segments, enabling increase
bandwidth per segment. Routers could now focus on
providing broadcast containment, and broadcast domains
could now span multiple switched segments, easily
supporting 500 or more users per broadcast domains.
Page | 54
However the continued deployment of switches, dividing
the network into more and more segments (with fewer and
fewer users per segment) does not reduce he need for
broadcast containment. Using routers, broadcast domains
typically remain in 100-500 user range. Vlans represent an
alternative solution to routers for broadcast containment,
since Vlans also allow switches to contain broadcast traffic.
With the implementation of switches in conjunction with
Vlans, each network segment can contain as few as one
user (approaching private port LAN switching), while
broadcast domains can be as large as 1000 users or
perhaps even more. In addition, if implemented properly,
Vlans can track workstation movements to new locations
without requiring manual reconfiguration of IP address.
Why haven’t more organizations deployed Vlans? For the
vast majority of end user organizations, switches have yet
to be implemented on large scale to necessitate Vlans.
That situation will soon change. There are, however, other
reasons for the lukewarm reception that Vlans have
received from network users up to now.
• Vlans have been, and are still, propriety,

single-vendor solutions. As the network industry has
shown, propriety solutions are anathema to the
multivendor/open systems policies that have developed
in the migration to local area networks and the client
server model.
• Despite the frequently quoted numbers

illuminating the hidden costs of networking, such a
administration and moves/adds/changes, customers
realize that Vlans have their own administrative cost,
both straight forward and hidden
Page | 55
• Although many analysts have suggested that
Vlans enhance the ability to deploy centralized servers,
customers may look at enterprise wide Vlan
implementation and see difficulties in enabling full high
performance to centralized servers.
Defining VLANs
With the multitude of vendor specific Vlan solutions and

implementations strategies, defining precisely what Vlans
has become a contentious issue. Nevertheless, most
people would agree that a Vlan can be roughly equated to
a broadcast domain. More specifically, Vlans can be seen
as analogous to a group of end stations, perhaps on
multiple physical LAN segments, that are not constrained
by their physical location and can communicate as if they
were on common LAN. However, at this, issues such as the
extent to which end station are not constrained by physical
locations, the way Vlan membership is defined, and the
relationship between Vlans and routing, and he
relationship between Vlans and ATM have been left up to
each vendor. To a certain extent these are tactical issues,
but how they are resolved has important strategic
implications. Because there are several ways in which Vlan
membership can be defined, this paper divides Vlan
solutions into four general types: port grouping, MAC layer
Page | 56
grouping, network layer grouping and IP multicast
grouping.
Membership by Port Group:
Many initial vlan implementation defined vlan membership

by group of switch ports (for example ports 1,3,2,7 and
8make up vlan A, while ports 4, 5, 6 make up vlan B).
Further more in initial implementations vlan could only be
supported by single switch. Second generation
implementation support vlan that span multiple switches
( for example , ports 1 and 2 of switch # 1 and ports
4,5,6,7 of switch #2 make up vlan A ; while ports 3,4,5,6,7
and 8 of switch #1 combined with ports 1, 2,3,and 8 of
switch #2 make up Vlans B). this scenario is depicted in
figure.1 port grouping is still the most common method of
defining vlan membership, and configuration is fairly
straightforward defining Vlans purely by port group does
not allow multiple vlan to include the same physical
segment. However, the primary limitation of defining Vlans
by port is that network manager must reconfigure Vlans
membership when user moves from one port to another.
Membership by MAC Address:
Vlans membership based on MAC layer addresses has a

different set of advantages and disadvantages. Since MAC-
layer addresses are hard wired into workstation’s network
interface card (NIC), Vlans based on MAC addresses enable
network manager to move a workstation to different
physical location on the network and have that work
station automatically retain is Vlans membership. In this
Page | 57
way, a Vlans defined by MAC addresses can be thought of
as a user based Vlan.
One of the drawbacks of MAC address based vlan solution

is the requirement that al, user must initially be configured
to be in at least one Vlan. After that initial manual
configuration, automatic tracking of users is possible,
depending on the specific vendor solution. However, the
disadvantage of having to initially configure Vlans
becomes clear in very large networks. Where thousand of
users must each is explicitly assigned to a particular Vlans.
Some vendors have mitigated the onerous task of initially
configuring he MAC based Vlans by using tools that create
Vlans based on the current state of the networks- that is ,
a MAC address – based Vlan is created for each subnet.
MAC address based Vlans that are implemented in shared
media environments will run into serious performance
degradation as member of different Vlans coexist on singe
switch port. in addition, the primary method of
communicating Vlans membership information between
switches in Mac address – defined Vlan also runs into
performance degradation with large scale
implementations.
Another, but minor drawback to vlan based only on MAC

layer addresses emerges in environment that use
significant numbers of notebook pc’s with some docking
station and integrated network adapter usually remain on
the desktop, while the notebook travels with the users.
When the user moves to a new desk and docking station,
the MAC layer address changes, making Vlan membership
impossible to track. In such an environment, Vlan
membership must be updated constantly as the users
move around and use different docking stations. While
Page | 58
this problem may particularly not be common, I does
illustrate some f the limitations of the MAC address based
Vlans.
Layer 3 – Based VLANs:
Vlan based on layer 3 information take into account

protocol type (if multiple protocol is supported) or network
layer-layer address (for example, subnet address for Tcp/ip
address) in determining Vlan membership. Although these
Vlan are based on layer 3 information, this does not
constitute “routing” function and should not be confused
with network layer routing. Even though switch inspects a
packet ip-address o determine valn membership, no route
calculation is undertaken, RIP or OSPF protocols are not
employed and frame traversing the switch are usually
bridged according to implementation of the spanning
tree algorithm. Therefore from the point of view of switch
employing layer5 Vlans, connectivity within any vlan is still
seen as a bridged topology. Having made he distinction
between Vlan based on layer 3 information and routing, it
should be noted that some vendors are incorporating
varying amounts of layer 3 intelligence int switches,
enabling functions normally associated with routing.
Furthermore, “layer 3 aware “or “multilayer swiches” often
have the packet forwarding function of routing built into
ASIC chipsets, greatly improving performance over CPU
based routers. No matter where it is located in Vlan
solution routing is necessary to provide connectivity
between distinct Vlans. There are several advantages to
defined Vlan at layer 3.
Page | 59
First it enables partioning by protocols type. This may be
an attractive option for network managers who are
dedicated to a service or application strategy.
Second users can physically move there workstation

without having to reconfigure each workstation network
address- a benefit of typically TCP/IP users.
Third defining Vlan at layer 3 can eliminate the need for

frame tagging in order to communicate Vlan membership
between switches, reducing transport overhead.
One of the disadvantages of defining Vlan a network a

layer 3 (Vs MAC or port based Vlan) can be performance.
Inspecting layer three 3 addresses in packets is ore time
consuming than looking at MAC address at frames. For this reason
layer3 information for Vlan definition are generally slower
than that use layer2 information. It should be noted that
this performance difference is rue for most, but not all,
vendor implementations. Vlans defined at layer 3 is
particularly effective in dealing with TCP/IP but less
effective in protocols such as IPXtm, DECnet, or AppleTalk
which do not involve manual configuration at desktop.
Furthermore layer3 defined Vlans have particular difficulty
in being with “unroutable “protocols such as NetBIOS.
IP Multicast Groups as VLANs:
Ip multicast groups represent a somewhat different

approach to Vlans definition, although the fundamental
concept of Vlans as broadcast domains still applies. When
an ip address is sent via multicast, it is sent t an address
that is proxy for explicitly d4efined group of IP address that
is that is group of IP address that is established
Page | 60
dynamically. Each workstation is given the opportunity to
join the IP multicast group. by responding affirmatively to a
broadcast notification , which signals group existence .all
station ha join IP multicast group can be seen as
members of the same virtual LAN however the are only
members f a particular multicast group for certain period
of time . Therefore the dynamic nature of Vlans defined by
IP multicast group enable a very high degree of flexibility
and application sensitivity. I addition, Vlans defined by IP
multicast groups would inherently be able to span routers
and thus wan connections.
Combination VLAN definitions
Due to trade offs between various types of Vlans; many

vendors are planning to multiple method of Vlan definition.
Such a flexible definition of Vlans membership enables
networks managers to configure their Vlans to best suit
there particular network environment.
Automation of VLAN Configuration:
Another issue central to Vlans deployment is the degree to

which Vlans configuration is automated. to a certain
extent , this degree of automation is correlated to how
Vlans are defined but in the end the specific vendor solution
will determine the level of automation . There are three
primary configurations of Vlans configuring.
Page | 61
Manual with purely manual Vlans configuration both the
initial setup and all subsequent moves and changes are
controlled by network administrator. Purely manual
configuration enables high degree of control. The ever in
large enterprise networks manual configuration is not
practical. Furthermore it defeat the primary benefits of
Vlans : elimination of time it takes to administer moves and
changes – although moving users manually with Vlans may
actually be easier than moving users across routers subnets
depending on the\e specific vendor’s Vlans management
interface .
Semi automated It refers to the options to automate initial

configuration, subsequent reconfigurations or both. Initial
configuration automation is normally accomplished with a
set of tools that map Vlans to existing subnets or other
criteria. It also refers to the situation where Vlans are
initially configured manually, with all subsequent move
being tracked automatically combining both initial and
subsequent configuration because the network
administrator always has he option of manual configuration.
Fully automatic a system that fully automated Vlans

configuration implies that workstation automatically and
dynamically joins Vlans depending on application, user id or
other criteria and policies that are preset by the
administrator.
Communicating VLAN Membership Information:
Page | 62
Switch must have a way of understanding Vlans
membership when network traffic arrives from other
switches; otherwise Vlans would be limited to single switch.
In general; layer 2 based Vlans (defined by port or MAC
address) must communicate Vlans membership explicitly,
while Vlans membership in IP based Vans in implicitly
communicated by IP address. Depending on the particular
vendor’ solution, communication of vans membership must
also been in case of layer 3 based Vlans in multiprotocol
environment to date outside of implementing an ATM.
Backbone.
Three methods have been implemented for inters witch

communication of Vlans information across a backbone:
• Table maintenance via signaling

• Frame tagging
• Time division multiplexing
Table Maintenance Via Signaling: - when end station

broadcasts is first frame , the switch resolves the Mac
address or attached port with its Vlans membership in
cached address tables . This information is broadcast to all
other switches. as Vlans membership changes, these tables
are manually updated by system administrator a
management console . As the network expands and
switches are added , the constant signaling necessary to
update the cached address tables of each switch can cause
substantial congestion of the backbone for this reason , this
method does not scale particularly well .
Page | 63
Frame tagging: - a header is typically inserted into each
frame on inters switch trunks to uniquely identify which LAN
a particular which MAC-layer frame belongs to. Vendors
differ in the way they solve the problem of occasionally
exceeding the maximum length of Mac layer frames as
these headers are inserted. These headers also add to
network over traffic.
TDM: - works the same way as the network backbone to

support Vlans as it does in the van environment to support
multiple traffic types- here channels are reserved for each
Vlans. This approach cuts some of the overhead problems
inherent in signaling and frame tagging , but it also waste
bandwidth, because the time slot dedicated to one Vlan
cannot be used by other Vlans , even if the traffic is not
carrying the traffic . Deploying an ATM backbone also
enables he communication of Vlans information between
switches, but it introduces a new set of issues with regard
to LAN emulation (LANE). The LANE standard provides for a
nonproprietary method of communicating Vlan membership
across a backbone.
Standards and the Proprietary Nature of VLANs:
Given the variety of types of Vlans definitions and variety of

ways that switches can communicate Vlan information, it
should not be surprising that each vendor has developed its
own unique and propriety la solutions and products. The
fact that switches from one vendor will not interoperate
entirely with Vlans from other vendor’s ay force customers
to buy from single vendor for Vlan deployment across the
Page | 64
enterprise. An exception to this arises when we use ATM
backbone and LANE. It also implies that purchase decision
should be more highly centralized or coordinated than they
may traditionally have been. Thus from both procurement
and a technological perspective, Vlan should be considered
as element of strategic approach. Following two Vlan
standards have been proposed:
802.10 ”Vlan Standard”

In 1995 cisco systems, proposed the use of IEEE 802.10,
which was originally established to address LAN’s security
for Vlans. Cisco attempted to take the optional 802.10frame
header format and reuse it to convey Vlan frame tagging
instead of security information. Although this can be made
to work technically, most members of 802 committee have
been strongly opposed to using one standard for two
discrete purposes. In addition, this solution would be based
on variable length fields, which make implementations of
ASIC based frame possessing more difficult and thus
slower and more expensive.
• 802.1 Internetworking Subcommittee

In march 1996, the IEEE 802.1 internetworking
subcommittee completed the initial phase of investigating
the initial phase for developing a Vlan standard, and passed
resolution concerning three issues:
The architectural approach of Vlans; a standardized format
for frame tagging to communicate vlan membership
information across multiple and multi vendor devices. And
the future direction of Vlan standardization. The
standardized format for frame tagging , in particular is
known as 802.1Q represents major milestone in enabling
Vlans to be implemented using equipment from several
vendors , and will be key in developing major rapid
development of Vlans . Furthermore establishment of
frames formats specification will allow vendor to
immediately begin incorporating this standard into there
Page | 65
switches. All major switch vendors, including 3Com,
Alantec, Baynetworks, Cisco and IBM voted in favor of this
proposal. However due to the lag tie necessary for some
v\vendors to incorporate the frame forma specification and
he desire on the part of most organization to have a unified
Vlan management platform, Vlans will, in practice continue
to retain characteristics of single vendor solution for some
time. This has significant ramifications for deployment and
procurement of Vlans. Department level procurement for
LAN equipment, particularly in the backbone, is not
practical for organization deploying Vlans.
Purchasing decisions and standardization on a particular
vendor solution throughout the enterprise will become the
norm, and price based product competition will decrease the
structure of the industry itself may also sift in favor of the
larger networking vendors that can furnish a wide range of
components.
VLAN Implementation Benefits

Why are vendors paying so much attention to Vlan
implementation? Will Vlan solve ll the network manager’s
problems wit respect to moves, changes broadcasts, and
performance?
Reducing the Cost of Moves and Changes

The reason most often given for Vlan implementation is the
reductin in the cos of handling.
VLANs over the WAN.

Theoretically Vlans can be extended over WAN. However this is
generally not advised, since Vlans defined over the WAN will
permit Lan broadcast traffic to consume expensive WAN
bandwidth. Because routers filter broadcast traffic, they neatly
solve this problem. However if bandwidth is free for a particular
organizing ( for example an electric utility with dark fiber installed
in its right of way) , then extending Vlans can be considered ,
finally depending n how they are constructed., IP multicast group
Page | 66
can be extended across the WAN, as well as the routers providing
the WAN connections , without wasting the WAN bandwidth.
Security
The ability of Vlans to create firewalls can also satisfy more
stringent security requirements and thus replace much of the
functionality of routers in this area. This is primarily true when
Vlans are implemented in conjunction with private port switching.
The only broadcast traffic on single user segment would be from
that user’s Vlans (that is traffic intended for that user). Conversely
it would be impossible to broadcast or unicast traffic not intended
for that user because such traffic does not physically traverse that
segment.
VLANs and ATM

While the concept of Vlans originated with lan switches, their use
may need to be extended to environment network where ATM
network and ATM-attached devices are also present. Combing
Vlans with ATM networks creates a new set of issues for network
managers , such as relating Vlans to ATM emulated LANs
(ELANS), and determining where to place the routing function.
VLANs Transparent to ATM

In a LAN backbone with Vlan spanning more than one Lan
switch. In an environment where ATM exist only in the backbone
(that is there are no ATM-connected end stations), ATM
permanent virtual circuits (PVCs) may be set up in a logical mesh
to carry intra Van traffic between these multiple LAN switches. In
this environment, any proprietary technique the vendor has
employed is transparent to the ATM backbone. ATM switches do
not have to be Vlan aware. This means that ATM backbone
switches could be for different than the
Lan switches; ATM backbone switches could be selected without
regarding for Vlan functionality, allowing network managers to
focus ore on performance related issues. As convenient as this
situation sounds, it does not reflect reality for many network
environments.
Page | 67
Complexity Arising with ATM attached Devices
Usually, organizations that implement ATM backbone could also
like to connect workstations or more likely, servers, directly to
those backbones. As soon as any logical endstations is connected
via ATM, a new level of complexity arises. LAN emulations must
be introduced into the network to enable ATM connected
endstations and non ATM connected end stations to communicate.
LAN Emulation
With he introduction of ATM connected end stations, the network
becomes truly mixed environments , with two types of networks
operating under fundamentally different technologies :
connectionless Lans (Ethernet, Token Ring, FDDI, etc.) and
connection oriented ATM. This environment puts the
responsibility on the ATM side of the network to emulate the
characteristics of broadcast LANs and provide MAC to ATM
address resolution. The LAN emulation (LANE) specification,
standardized in 1995by the ATM forum, specifies how this
emulation is accomplished in a multivendor environment. LANE
specifies a LAN emulation server (LES), which can be
incorporated into one or more switches or separate workstations to
provide the MAC-to-ATM address resolution in conjunction with
LAN Emulation clients (LECs), which are incorporated into ATM
edge switches and ATM NICs. Figure 2: briefly illustrates how
LANE operates:
• The LAN switch receives a frame fro an Ethernet-connected

end stations, his frame is destined for another Ethernet end-
station across the stations across the ATM backbone. the
LEC(which in this situation resides in the LAN switch)send
a MAC-to-ATM address resolution request to the
LES(which in this case resides in the ATM switch).
• The LES sens a multicast ot all the other LECs in the

network.
Page | 68
• Only the LEC ha the Destination MAC address in its tables
responds tot the LES.
• The LES then broadcasts this response to all other LECs.
• The original LEC recognize this response , learns he ATM

address of the destinations switch , and then sets up a
switched virtual circuit(SVC)to transport the frame via
ATM cells a per AAL5, which governs segmentation and
reassembly
In looking the path of traffic between an Ethernet attached client

and an ATM attached server , the section that is governed by
LANE extends from the LEC in he ATM interface of the LAN
switch to the LEC residing in server’s ATM NIC. From the
standpoint of the MAC driver, frame pass directly between them
just as if they were connected by a non- ATM backbone, with each
LEC acting as a proxy MAC address. Vlans defined by port group
would treat the ATM interface on the LAN switch just as another
Ethernet port, and all ATM attached device would then be member
of the Vlan. In this way, Vlans could be deployed without regard to
whether the ATM switches In the backbone are fro the same
vendor (so long as they support LANE). However from an
administrative pint of view, many organizations may not want to
employ separate management software for the ATM backbone and
may prefer o source both edge devices (LAN switches) and
backbone devices (ATM switches) for the same vendor . LANE
can also allow for multiple ELANs by establishing more that one
LEC in the ATM interfaces of participating devices (as well as a
separate LES for each ELAN). Each LEC in the ATM interface of
the LAN switch is treated as the separate logical Ethernet port, and
each LEC In single ATM attached device is seen as a separate
Ethernet attached end stations. Therefore multiple LECs in a single
ATM attached device can be members of different Vlans, allowing
these Vlans to overlap at ATM attached devices, while Vlans are
defined for both ATM and NON-ATM network devices, Vlans can
be seen as supersets of ELANs figure 3 with this structure, an
Page | 69
ATM backbone can enable all end stations from multiple Vlans to
access a centralized servers or servers without passing through a
router by establishing a separate ELAN for each Vlan. Since most
traffic in a network in a network is between client and server,
establishing Vlans that overlap at ATM attached servers greatly
reduces the umber of packets that must be routed between Vlans.
Of course, there is still likely to be a small amount of inter Vlan
traffic remaining. Therefore, a router is still required for traffic to
pass from one Vlan to another (and, therefore, from one ELAN to
another).figure- 4 depicts this type of structure.
Routing Between Emulated LANs and VLANs

Since routing remain necessary in any mixed ATM/shared media
environment to forward inter Vlan traffic, network designer are
faced with the question of where to locate the router functionality.
The following are four architectural solutions to the problem of
where to locate the routing functionality:
Edge routing:
Basically, edge routing dictates that the routing function across the
ATM backbone be incorporated into each LAN switch at the edge
of the ATM backbone. Traffic within Vlans can be switched
across the ATM backbone with minimum delay, while inter –Vlan
packets are processed by the routing function built into the switch.
In this way, an inter-Vlan packet does not have to make a special
trip to external router, eliminating a extra hop. There are three
other major advantages to this architecture.
First, unlike solution have central routing, there is no single point
of failure with edge routing architecture.
Second several solutions featuring edge routing is available today.
Third, edge routing will function in multivendor environment if
each vendor equipment supports LAN emulation.
The primary disadvantage of edge routing is the difficulty of
managing the multiple devices relating to having centralized
management of a consolidated router function. Additionally, edge
routing solutions may be more expensive than centralized routing
solutions made up of centralized router and multiple, less
expensive edge switches.
Page | 70
The One-Armed router:
The concept of the so called “one-armed router” has become
particularly attractive because it removes the more processing
intensive, higher latency routing function fro the primary data
path. A One Armed router sits off the side of an ATM backbone
switch with a single ATM link, allowing packets that do not need
to transverse the router to pass through he ATM backbone
unimpeded. Another advantage of the One Armed router is that,
relative to other configurations, it is less complex to configure and
administer.
the key to the One armed router structure, is shown in figure-5, is
to keep as much traffic as possible out of the one armed router. By
structuring Vlans to support the 80/20 rule, the router I not
required to handle most traffic. For this to work well, optimal
configuration of Vlans to minimize the inter Vlan traffic is critical.
There are several vendors presently shipping one armed router
solutions.
One of the disadvantages of the one armed router is that it
represents a single point of failure the network. For this reason,
two or more redundant one router is generally preferred. However,
perhaps the most significant drawback of the one armed router is
that its one arm can develop into a backbone if Vlan traffic does
not support the 80/20 rule. This can occur particularly in networks
with large amounts of peer to peer traffic.
The Route server:

The route server model as shown in figure-6 is physically similar
to the one armed router model, but logically very different in that
it breaks the routing function into distributed parts. In a armed
router configuration, a packet from Vlan a heading to the user
moves and changes. Since these are quite substantial, this
argument for Vlan implementation can be compelling. Many
vendors are promising that Vlan implementation will result in a
vastly increased ability to manage dynamic networks and realize
substantial cost savings. This value proposition is most valid for
IP networks. Normally when a user moves to different subnet, IP
address must be manually updated in the workstation. This can
consume a substantial amount of time that could be used for more
productive endeavors such as developing a new network services.
Page | 71
Vlans eliminate that hassle, because a Vlan membership is not tied
to a workstation location in the network, allowing workstation to
retain their original IP addresses and subnet membership. It
certainly true that the phenomenon of increasingly dynamic
networks absorbs a substantial portion of the budgets of most IS
departments. However not just any Vlan implementations will
reduce these costs. Vlans themselves add another layer of virtual
connectivity that must be managed in conjunction with physical
connectivity. This is not to say that Vlans cannot reduce the cost
of moves, and changes if properly implemented, they will.
However organization must be careful to throw the Vlan at the
network, and they must make sure that the solution does not
generate more network administration than it saves.
Virtual Workgroups:
one of the more ambitious Vlan objectives is the establishment of
the virtual workgroup models. The concept is that, with full Vlan
implementation across the campus network environment,
members of the same department or section can all appear to share
the same LAN with most of the network traffic saying within the
same VLAN broadcast domain. Someone moving to a new
physical location but remaining in the same department could
move without having workstations reconfigured. Conversely, a
user would not have to change his or her physical location when
changing departments- the network manager would simply change
the user’s Vlan membership. This functionality promises to enable
a more dynamic organizational environment, enhancing the recent
trend toward cross functional teams. The logic of the virtual
workgroup model goes like this: team formed on temporary,
project basis could be virtually connected to same LAN without
requiring the people to physically move in order to minimize the
traffic network across the collapsed backbone. Additionally these
workgroups would be dynamic: Vlans corresponding to these
cross functional project teams could be set for the duration of
project and torn down when the project was completed, all the
while allowing users to remain in the same physical locations.
Although this scenario seems attractive, reality is that Vlans
cannot alone pave the way for full utilizations of virtual
workgroup model. There are several managerial and architectural
Page | 72
issues that at this point, pose problems for the virtual workgroup
model. There are several managerial and architectural issues that,
at this point, pose problems for the virtual workgroup model.
• Managing Virtual Workgroups: from a network

management perspective, the transitory nature of these
virtual workgroups may grow to the point where updating
Vlan membership becomes as onerous as updating routing
tables keep up with ads moves and changes today
(although it may save the time and effort involved in
physically moving the user’s workstation). Moreover there
are cultural hurdles to overcome in the virtual workgroup
model: people usually move to be close to the people with
whose they work, rather than to reduce the the traffic
across the collapsed backbone.
• Maintaining the 80/20 Rule: virtual LAN support for

virtual workgroups is often tied to support of the 80/20 rule
that is 80% of the traffic is “local” to the workgroup while
20% is remote or outside of the workgroup. In theory, by
properly configuring the Vlans to match workgroups, only
the 20% of the traffic that is non local will need to pass
through a router and out of the workgroup, improving
performance of the traffic that is within is within the
workgroup. However, many believe that the applicability
of the 80/20 rule is waning due to the development of
servers and network applications such as e-mail and Lotus
notes that users throughout the enterprise access on equal
basis.
• Access to Local Network Resources: the victuals

workgroups concept may run into the simple problem that
users must sometimes be physically close to certain
resources such as printers. For example, a user is in the
accounting Vlan, but is physically located in the area
populated by members of sales Vlan. The local network
printer is also in the sales Vlan. Every time this accounting
Vlan member prints to the local printer, his print file must
traverse the router connecting the two Vlans. This problem
Page | 73
can be avoided by making that printer a member of both
Vlans. This clearly favors LAN solution that enable
overlapping Vlans .if overlapping Vlans is not possible this
scenario would require that routing functionality be built
into the backbone switch. Then, the example print file
would be routed by he switch rather than having to go
through an external router.
• Centralized Servers frames: server frames refer to the

placement of the departmental servers in data center,
where they can be provided with consolidated backup,
uninterrupted power supply, and proper operating
environment. The trend toward server farm architecture
has accelerated recently and is expected to continue in
order to continue administrative costs .centralized server’s
farm raise problems for the virtual workgroups model
when vendor solutions do not provide the ability for a
server to belong to more than one Vlan simultaneously. If
overlapping vlan is not possible, traffic between a
centralize server and clients not belonging to that server’s
Vlan must traverse a router. However if the switch
incorporates built in routing and is able to route inter Vlan
packets at wire speed. There is no performance advantage
for over lapping Vlans over routing between Vlans to
allow universal access to centralized servers. Remember
only inter Vlans packets would need to be routed not all
packets. Several vendors support integrated routing as an
alternative to overlapping Vlans. While workgroup Vlans
may be extended to centralized servers farms. This is not
always possible. In some networks, the MIS people who
control the servers may want to place the routers between
the server’s farms and rest of the network in order to create
a separate administrative domain or to enhance network
security via router access control lists. Depending on
vendor implementations, most switching products will not
support Vlans that across routers (the exception would be
Vlans that equate to IP multicast groups). It should be kept
pt in mind that cordoning of servers with external routers
conflict with one of the reasons for utilizing switches and
Page | 74
Vlans in the first place to avoid the delay introduced by the
routers.
Reduction of Routing for Broadcast Containment

Even the most router –centric networking vendors have common
to embrace the philosophy of “switch when you can, route when
you must”. Although the switches provide substantial performance
enhancement over layer 3 packet forwarding (routing), as users
learned years ago with bridges, switches normally do not filter
LAN broadcast traffic; in general they replicate it on all ports.
This not only can cause large switched LAN environments to
become flooded with broadcasts, it is also wasteful of precious
wide area network bandwidth. As a result, users have traditionally
been forced to partition there networks with routers that act as
broadcasts” firewalls”. Hence simple switches alone do not allow
users t phase out routers completely. One of the primary benefits
of Vlans is that LAN switches supporting Vlans can be used to
control effectively control broadcast traffic, reducing the need for
routing. Broadcast traffic from servers and end stations from a
particular Vlan is reacted only on those switches ports connected
to end stations belonging to that Vlan. Broadcast traffic is blocked
from ports with no end station belonging to that Vlan, in effect
creating the same firewall that a router provides. Only packets that
are destined for addresses outside the Vlan need to proceed to a
router for forwarding. There are multiple reasons for utilizing
Vlans to reduce the need for routing in the network:
• Higher Performance and Reduced Latency

As the network expands, more and more routers are
required to divide the network into broadcast domains. As
the numbers of routers increases, latency begins to degrade
network performance. A high degree of latency in the
network is a problem now for many applications. But it is
particularly troublesome for newer applications that feature
delay sensitive multimedia and interactivity. Switches that
employ Vlans can accomplish the same division of the
network into broadcast domains, but can do so at latencies
Page | 75
much lower than those than those of routers. In addition
performance, measured in packets per seconds, is usually
higher for switches than for traditional routers. However it
should be noted that there are some switches supporting
network layer defined Vlans that may not perform
substantially faster than routers. Additionally, latency is
also highly correlated to the number of hops a packet must
traverse, no matter what internetworking device (switch or
router) is located at each hop.
• Ease of Administration: Routers require much more

complex configuration than switches; “they are
administratively rich”. Reducing the number of routers in
the network saves time spent on network management.
• Cost: Router ports are more expensive than switch ports,

also by utilizing cheaper switch ports, switching and Vlans
allow networks to be segmented at a lower cost that would
be the case if routers alone were used for segmentations. In
comparing Vlans with routing, Vlans have there
disadvantages as well. most significant weakness is that ,
Vlans have been to date, single vendor solutions and there
for may lead to switch vendor lock in the primary benefits
of Vlans over routing are the creation of broadcast domains
without the disadvantages of routing and the reduction in
the cost of moves and changes in the network, therefore if
neither of these are problem , then the user organization
may want to forgo Vlans and continue deploying a
multivendor network backbone and segmented by a mix of
a few routers and a relatively large number of simple
switches. Assuming a major implementation of Vlans what
is the role of routers in a network? Routers have two
remaining responsibilities: to provide connectivity between
Vlans, and to provide broadcast filtering capabilities for
WAN links where Vlans are not generally appropriate.
Routing Between Vlans.

Vlans can be used to establish broadcast domains within the
network as routers do, but they cannot forward traffic from one
Page | 76
Vlan to another. Routing is still required for inter Vlan traffic.
Optimal Vlan traffic is predicated on keeping as much traffic from
traversing the router as possible. Minimizing this traffic reduces
the chance of the router developing into a bottleneck. As a result ,
“a corollary to “ switch when you can, route when you must” in
Vlan environment becomes “ routing is used only to connect
Vlans “ having said this, however keep in mind that in some cases
routing may not prove to be much of bottleneck . as mentioned
earlier integrating routing functionality into the backbone switch
eliminates this bottleneck if this routing is accomplished at high
speed for inter Vlan packets.
Vlan B is sent to the one armed router, where it wais for address
resolution, path calculation, establishment of a connection across
the ATM backbone, and finally, transmission. In a route server
scheme, the same packets wait in the cache of the LAN switch at
the edge of the ATM backbone before transmission. In this
process, the packet itself never traverses a router. The only traffic
to and from the route server is the signaling required to set up a
connection between LAN switches across the ATM backbone.
The advantage is that less routed traffic must be diverted to the
route server, of reducing the number of hops required through the
backbone. Also overall traffic across the route server’s one arm is
reduced. There are of course disadvantages to the route server
approach as well. First initial Vendor implementations are strictly
proprietary and do not support standard routing protocols.
Secondly, at this point available route servers only support IP. Of
course servers share one of the one armed router’s this problem
can be mitigated by redundancy. Finally because route server
architecture requires LAN switches to have a certain level of
routing functionality, route server solutions tend to be more
expensive and more complex to configure than the relatively
simple LAN switches developed in the one armed router
architecture.
MPOA
There is at least one development that ma eventually standardize
the route server approach. The multi protocol over ATM (MPOA)
Page | 77
standards working group of the ATM forum is currently working
out the details of n implementation model for MPOA service.
While a variety of models have been proposed, MPOA is expected
to provide a direct virtual circuit connectivity between ATM
networks attached devices that may belong to different routing
subnets. In other words MPOA can let logical end stations that are
part of different ELANS that communicate directly across an
ATM network without requiring an intervening router. Since
ELANs are subnets of Vlans, MPOA holds the promise of
enabling an ATM backbone to connect Vlans without the need for
an external router. MPOA can be considered an enhancement
beyond LANE that integrates routing functionality into the LAN-
ATM edge switch. All inter VLAN traffic would be able to
leverage this capability, and network latency would be reduced.
An MPOA standard is not expected to be finalized until at least
1997, and the initial implementation will most likely support only
TCP/IP. It should be noted that some f the disadvantages of the
route server approach, such as cost and management complexity,
would remain in MPOA solutions.
VLANs and DHCP: Overlapping Solutions

With Microsoft recent introduction of the Dynamic Host
Configuration protocol (DHCP), users now have another
alternative for reducing the workload associated with
administration of workstation IP address. Unfortunately, DHCP
can actually conflict with Vlan implementation, especially with
layer-3, IP-based Vlans.
DHCP Functionality
When considering the ability of Vlans to deal with ever changing
networks, it should be remembered that most of the difficulty in
supporting adds, moves, and changes occur in IP networks. In
order to deal with reconfiguring IP addresses, Microsoft has
developed DHCP, a TCP/IP based solution incorporated into
windows NTtm server and most windows clients. Rather than
establishing location independent broadcast domains as Vlans do,
DHCP dynamically allocates IP address to logical end stations for
fixed period of time. When he DHCP server detects a workstation
Page | 78
whose physical location no longer corresponds to its allocated IP
address, it simply allocates that end station a new address. By
doing so , DHCP enables workstations to be moved from subnet to
subnet without network administrator having to manually
reconfigure the workstation’s IP address or update host table
information. The element of DHCP that equates most closely to
Vlan functionality in the network administrator ability to specify a
range of IP address available for a particular logical workgroup.
These logical groups are termed as “scopes” in a Microsoft
Lexicon. However scopes should not be equated with Vlans,
because members of single scope are still bound by their physical
subnet. Although there an be multiple scopes residing in each
subnet. Consequently, DHCP implementation may reduce the
labors intensive administration of TCP/IP network broadcasts in
the same way as Vlans do.
Best Use for Each

In what types of network environments should Vlans be
implemented, and in what types of network environments does
DHCP, takes the most sense? Since DHCP is solely an IP- based
solution, it has little appeal in environments where IP users are a
minority, since all TCP/IP clients would be excluded fro scope
membership. In particular, network environments where non
TCP/IP protocols are required for mission’s critical applications
may benefit more from Vlan implementation, since Vlan can be
used to contain multiprotocol broadcast traffic. However for
smaller purely TCP/IP network environments (under 500 nodes),
DHCP alone may suffice. By simply having fewer total network
nodes and fewer physical subnets, the needs to establish fully
location independent logical groups is greatly reduced.
Additionally, for medium sized organizations that, for what ever
reason, do not support location independent workgroups, Vlans
lose much of there appeal when compared to DHCP. There is one
area in which Vlans and DHCP do not compete: dynamically
maintain address tables, hey lack routing functionality and cannot
create broadcast domains. Therefore DHCP has no impact on an
organization need for routing in the network. In environments
where the containment of broadcast traffic without having t resort
to routers is major requirement, Vlans are a better solution.
Page | 79
Overlap Between DHCP and VLANs
In what ways can DHCP and Vlan work together, and in what
situation do they represent competitive solutions? DHCP and layer
3, IP based Vlans clearly represent competitive solutions because
of addressing problems that seem from implementing layer 3
based Vlans in conjunction with DHCP. If a client workstation
physically moves to new subnet, the DHCP server will allocate a
new IP address for that workstation. Yet his workstation’s Vlan
membership is based on the old IP address. Therefore the network
administrator would have to manually update the client’s IP
address. Therefore he network administrator would have to
manually update the client’s IP address in the switch’s Vlan
tables. This would eliminate the primary benefit of DHCP and one
of the primary benefits of IP based Vlans .in summary these two
solutions represent an either proposition for most network
environments. Implementing Vlans defined by MAC layer address
in conjunction with DHCP in a somewhat more plausible solution.
However DHCP together with MAC based Vlans would create a
two tiered, redundant matrix of logical groups (AC address based
Vlans and DHCP scopes). Having two tiers of logical groups
would make otherwise easy to manage, “drag and drop” moves,
adds and changes unnecessarily difficult and might entail more
labor intensive network administration and if neither solution was
implemented. Port –group based Vlans and DHCP can co-exist,
and there joint implementation can be complementary. As stated
earlier, when users in Vlans based purely on port groups move
from one port group to another, their Vlan membership changes.
In a non DHCP environment where IP subnets corresponds one-
to-one with Vlans, users who move from one port group to another
would still need to have there workstations reconfigured to reflect
there new IP subnet. Implementing this DHCP would make this
reconfiguration automatic. The port group based Vlans, of course,
provide he broadcast containment that DHCP implementation
alone does not. In this way, DHCP and port group base Vlans can
work together to accomplish both broadcast containment and
automation of moves and changes. Port group based Vlans and
DHCP, in conjunction with deployment of architectures that
reduce the need for external routing of inter Vlan traffic (such a
Page | 80
multiple Vlan membership or integrating routing into the switch),
represent a fairly complete short-to medium term solution, which
will alleviate the most pressing problems faced in many network
environments.
VLAN Architecture Going Forward

Due trends towards server centralization, enterprise-wide e-mail,
and collaborative applications, various network resources will
need to make available to users regardless of heir Vlan
membership. Ideally, this access should be provided without most
user traffic having to traverse a router. Organizations hat
implement Vlans recognize the need for certain logical end-
stations (for example, centralized servers) to communicate with
multiple Vlans on a regular basis, either through overlapping
Vlans (in which network attached end stations simultaneously
belong to more than one Vlan) or via integrated routing that can
process inter Vlan packets at wire speed. From a strategic
standpoint, these organizations have two ways to deploy Vlans: an
“infrastructural” Vlan implementation or “service based” Vlan
implementation. The choices of approach have substantial impact
on the overall network architecture, and may even affect the
management structure and business model of the organization.
Infrastructural VLANs
An infrastructural approach to Vlans is based on the functional
groups (that is the departments, workgroups, sections, etc.) that
make up the organization. Each functional group, such as
accounting, sales, and engineering, is assigned to its own uniquely
defined Vlan. Based on the 80/20 rule, the majority of network
traffic is assumed to be within these functional groups, a thus
within each Vlan. In this model, Vlan overlap occurs at network
resources that must be share by multiple workgroups. These
resources are normally servers, but could not include printers,
routers providing WAN access, workstations functioning as
gateways, a so forth. The amount of Vlan overlap in the
infrastructure model is minimal, involving only servers rather than
user workstations-making Vlan administration relatively straight
forward. In general, this approach fits well in those organizations
Page | 81
that maintain clean, discrete organizational boundaries. The
infrastructural model is also the approach most easily enabled by
presently available solutions and fits more easily with networks
deployed today. Moreover, this approach does not require network
administrator to alter hoe they view the network, and entails a
lower cost of deployment. For these reasons, most organizations
should begin with an infrastructural approach to Vlan
implantation. As can be seen in the example in figure 7, the e-mail
server is a member of all the departments Vlans, while the
accounting database server is only a member of the accounting
Vlan.
Service-Based VLANs
A service-based approach to Vlan implementation looks, not at
organizational or functional groups, but an individual server
access to servers and applications-that Is, network resources. In
this model, each Vlan corresponds to server or service on the
network. Servers do not belong to multiple Vlans-groups of users.
In a typical organization, all users would belong to the e-mail
server Vlan. While only a specified group such as the accounting
department plus top level executives would be member of
accounting database server’s Vlan.
By its nature, the service based approach creates a much more
complex set of Vlan membership relations to be managed. Given
the level of most Vlan visualization tools presently available, a
large number of overlapping Vlans using the service based
approach could generate incomprehensible multilevel network
diagrams at a management console. Therefore to be practical,
service based Vlan solutions must include a high level of
automatic configuration features. However in response to types of
applications organizations want to deploy in future, as well as he
shift away fro the traditional, more rigid organizational structures,
the trend in Vlan implementation will be toward the service based
approach, and figure 8 depicts the service based Vlan model. s
bandwidth to desktop increases and s vendor solutions becomes
available to better mange greater Vlan overlap, the size of group
that belongs to a particular set of Vlan may become smaller and
smaller. At the same time, the number of these groups becomes
larger and larger, to the point where each individual could have a
Page | 82
customized mix of services delivered to his or her workstation.
Taking that concept a step further, control over what services are
delivered at a given time could be left upto each individual user.
At that point, the network structure begins to take on the multiple-
channel characteristics of a cable TV network. In fact, at this
stage, this model finds the greatest degree of similarity in Vlans
defined by IP multicast group-each workstation has the choice of
which IP multicast or “channel” it wants to belong to. In such a
future environment, Vlans lose the characteristics of static or semi
static broadcast domains defined by the network manager, and
become channels to which users subscribe. Users simply sign up
for the applications they need delivered to them at a particular
time. Applications use could be accounted for, enabling precise
and automated chargeback for network services. Network mangers
could also retain control in order to block access to specific
channels b certain users for security purposes.
VLAN Migration Strategies

As this paper has demonstrated, there are many factors to be
considered in Vlan implementation: technological, architectural,
and organizational. Given the effects of Vlans on network
architecture, organizational structure, and even the business model
of some organizations, it is difficult to deploy Vlan technology
solely as a tactical solution, only where and when it is needed.
However this not imply an all-or-nothing strategy in which the
network architecture is transformed overnight from one based on
physical subnets and router based segmentation to one of service
based Vlans. What steps are necessary before applying Vlans to
enterprise network? Initially, Vlans should be seen as solution al
least one of the two problems.
• Containment of broadcast traffic to minimize dependence

on routers
• Reduction in the cost of network moves and changes
Page | 83
An organization where broadcast traffic is not yet a problem or
where the cost of network moves and changes is tolerable, may
want to forgo implementing Vlans for the time being. However
the majority of large enterprise networks are now experiencing
new or both of these problems. In organizations that are rapidly
replacing routers with switches and may soon face broadcast
traffic containment issues, element architecture should be
considered: the degree to which the network has evolved toward a
single user/port switched LAN architecture. If the majority of
users are still on shared LAN segments, the ability of Vlans to
contain broadcasts is greatly reduced.
If multiple users belong to different Vlans on the same shared
LAN segment would receive broadcast from each Vlan- defeating
the goal of broadcast containment. Having determined that Vlans
need to be a part of network planning in the immediate future,
server access, server location, and application utilization must all
be thoroughly analyzed to determine the nature of traffic flow in
the network. This analysis should answer the remaining questions
about where Vlan broadcast domains should be deployed, what
role ATM needs to play, and where the routing functions should
be placed. Because f the limitations of the present Vlan
technology, initials Vlans are likely to employ an infrastructural
approach.
However, as vendor solutions develop, many organizations will

want to consider migration toward a more service based model,
which will more easily let users subscribe to various network
services. This concept of user controlled subscriber ship, as
opposed to administrator-controlled membership, is augmented by
NICs with built in Vlan functionality operating in environments
wit single user per switch port. In this scheme, the NIc driver
dynamically tells the switch which multicast groups or Vlans it
wants to belong to. Certainly, his type of distributed Vlan control
leverages the increasing processing power of the desktop and
enables a higher degree of other, related functionality such as
automatic Vlan configuration and traffic monitoring. In addition,
agents residing in each NIC will enable the workstation to collect
and report information n specific application usage (rather than
just simple layer2 traffic statistics in the case of RMON10. This
capability facilitates the automatic charge back for network
Page | 84
services described earlier for service based Vlans. If individual
users control Vlan membership, what about security? Clearly,
users cannot be allowed to simply subscribe to any network
service they wish. The network administrator must be able to
establish policies that define which users have access to what
resources and what class of service each user is entitled to. One
solution to security may come in the form of an authentication
server. These servers may well develop into the primary method
by which the Vlans of the future are defined. Authentication
servers define Vlan membership by user Id rather than by MAC
address or IP address. Defining Vlans in this way greatly increases
flexibility and also implies a certain level of integration of Vlans
with the network operating systems, which typically ask the user
for a password anyway to allow or deny access to network
resources. One of the primary advantages of authentication servers
is that they allow the user to take his or her Vlan anywhere,
without regard to which workstation or protocol is being used. The
analysis of network traffic, application usage, server access, and
so on that is necessary in the Vlan migration process, and which
will greatly be furthered by implementation of RMON2, may
simply produce Vlans that corresponds to functional teams or
departments. On the other hand, if migration is undertaken by a
holistic view of the capabilities of Vlan technology, and the
network designers ask the question, “who should talk to
whome ?”. Rather than “who is talking to whom ?”.it may become
apparent that fundamental process and organizational changes:
trends such as flatter hierarchies , revamped workflows, and
innovative business models are fully helping leverage the
possibility of emerging applications.
Page | 85
CONCLUSION
The industrial training at Bharat Electronics, Ghaziabad

has given me an exposure of the activities of a large
public sector-undertaking unit. This being a large
organization deals with wide spectrum of technologies.
The concept of service-based VLAN technology holds
the potential for harmonizing many of today’s
organizational and managerial changes with the
structural and technological developments in the
network. Despite the promise of this vision, VLAN
implementation must solve real world problems in
order to be financially justified. Organizations that have
deployed or are planning to deploy large of switch
ports, dividing the network into smaller segments to
increase bandwidth per user, can make a very strong
case for VLAN implementation in order to contain
broadcasts. However, any organization that expends
substantial resources dealing with moves and changes
Page | 86
in the network may also be able to justify VLAN
implementation. This is simply because VLANs, if
implemented as a part of strategic solution, may be
able to substantially reduce the cost of dealing with
moves and changes. For these organizations, the
switching infrastructure upon which most VLAN
solutions are based can be seen as an added and quite
valuable benefit.
Page | 87

Vlan

Caricato da

Informazioni sul documento

Titolo originale

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Vlan

Caricato da

Copyright:

Formati disponibili

A Project Report On

4 ABOUT BHARAT ELECTRONICS

5 BHARAT ELECTRONICS ,GHAZIABAD

8 VIRTUAL LOCAL AREA NETWORK(VLAN)

Dated: 28th August

IT IS TO CERTIFY THAT LALIT KUMAR STUDENT OF

I take this opportunity to express my sincere gratitude

The Eight weeks training is a part of our 4-year B.E

3. To generate internal resources for financing the

MACHILIPATNAM (ANDHRA PRADESH)

CHENNAI (TAMIL NADU)

KOTDWARA (UTTER PRADESH)

HYDERABAD (ANDHRA PRADESH)

1.3 Joint Ventures:

1.3.1 BE-Delft Electronics Limited

1.3.3 BEL- Multitone Private Limited

Defense Transmitting Tubes, Microwave

• Identity Card Systems Software.

BEL GHAZIABAD UNIT

To strengthen the air Defense system, in particular the

The Product Ranges today of the

1. Equipment Manufacturing Divisions

Equipment Manufacturing Divisions

Microwave Component Group

Marketing and Customer Co-ordination

Quality Assurance & Torque

PCB Fabrication & Magnetics

Finance & Accounts

Personal & Administration

Under this the student are introduced to the company

• TEST EQUIPMENT & AUTOMATION

During the rotation period of one week we had to go to

TEST EQUIPMENT & AUTOMATION

This department deals with the various instruments used

at BEL such as Oscilloscope (C.R.O), Multimeter, Signal

Analyzer, Logical Pulsar, Counters Function Generator

etc.There are total three hundred equipments and they

are of sixteen types. Mainly the calibration (testing of

equipment with a standard one) of instruments is carried

out here, they are compared with the standard of

National Physical Laboratory (NPL).As every instrument

has a calibration period after which the accuracy of the

instrument falls from the required standards. So if any of

the instruments is not working properly, it is being sent

here for its correct calibration. To calibrate instrument

software techniques are used which includes the

After testing different tags are labeled on the equipment

according to the observations.

• YELLOW Satisfactory but some trouble is

• RED cannot be used, should be disposed off.

Where, WS = Workmanship & PS = Process Standard

1 A --- Physical and Mechanical defects.

3 C --- Wrong Component / Polarity

4 D --- Wrong Component / Mounting

5 E --- Bad Workmanship/ Finish

6 F --- Bad Soldering

7 G --- Alignment Problem

9 I --- Others (Specify)

10 J --- Design & Development

After finding the defect, the equipment is sent to responsible department

which is rectified there.

Raw material for PCB’s

10 Etching and cleaning