General Networking/Lan/Wan/VLANs Port-Based Access
I am trying to understand VLANs, but have a hard time seeing them in action. I have no test equipment and we are planning a network overhaul. So I have to theorize on a physical and logical layout and understand its implementation without having any testing equipment.
I understand that I need a router to tell one VLAN where another is, and how to talk to it. I don't understand configuration that allows that to happen, nor have I found any examples. We use Juniper for routing and HP for switching. Though my understanding is that our new switch will have the capability to route for itself.
Now on to what really confuses me about networking. VLANs, how do they actually work? I have read article after article and they still confound me. Since I work with HP switches, I use the U and T descriptors(though I don't understand them).
If I have 5 VLANs, 10, 20, 30, 40, and 50, and I set port 1 to the following:
10 U, 20 T, 30 T
Does that mean that any device that does not specify it's own VLAN will be tagged as VLAN 10, any traffic tagged as VLANs 20 or 30 will be allowed through, and traffic tagged VLANs 40 or 50 will be denied access when plugged in to port 1?
Furthering this question, if I want a computer in VLAN 40 to access a computer in VLAN 20, does the port that each computer is plugged in to need to allow the other VLAN through? For instance:
40 U, 20 T - For the VLAN 40 PC
20 U, 40 T - For the VLAN 20 PC
I appreciate any clarification you can make.
It's been a few years since I've configured a VLAN on a router/switch. I'd get my hands on something like a 1902 router (or what replaced it) and play with it.
Is this accurate?
" ... no test equipment and we are planning a network overhaul. So I have to theorize on a physical
and logical layout and understand its implementation without having any testing equipment."
Planning a rollout demands hands-on experience. Simply "winging it" based on theory doesn't make sense to me.