What Is a VLAN?
VLAN (Virtual Local Network) is a logically separate IP subnetwork that allows multiple IP networks and subnets to exist on the same-switched network.
VLAN is a logical broadcast domain that can span multiple physical LAN segments. It is a modern way administrators configure switches into virtual local-area networks (VLANs) to improve network performance by separating large Layer 2 broadcast domains into smaller ones. By using VLAN a network administrator will be able to group stations by logical function, or by applications, without regard to the physical location of the users.
Each VLAN functions as a separate LAN and spans one or more switches. This allows host devices to behave as if they were on the same network segment.
For traffic to move between VLANs, a layer 3 device (router) is required.
VLAN has three major functions:
i. Limits the size of broadcast domains
ii. Improves network performance
ii. Provides a level of security
How VLAN works.
Let us use this real-world scenario:
Think about a small organization with different offices or departments, all in one building. Some years later, the organization has expanded and now spans across three buildings.
The original network is still the same, but offices and department computers are spread out across three buildings. The HR offices remain on the same floor and other departments are on other floors and buildings.
However, the network administrator wants to ensure that all the office computers share the same security features and bandwidth controls. Creating a large LAN and connecting each department will constitute a huge task and definitely won’t be easy when it comes to managing the network.
This is where VLAN switching comes in, it will be easier to group offices and departments with the resources they use regardless of their location, and certainly easier to manage their specific security and bandwidth needs.
Opting for a switched VLAN allows the network administrator to create groups of logically networked devices that act as if they are on their independent network, even if they share a common infrastructure with other VLANs.
When you configure a VLAN, you can name it to describe the primary role of the users for that VLAN.
Study the figure below for more detail:
In summary:
i. VLAN is an independent LAN network.
ii. VLAN allows the student and Faculty Computers to be separated although they share the same infrastructure.
iii. For easy identification, VLANs can be named.
VLAN = all PCs are assigned with a subnet address defined for VLAN 10
Advantages of VLAN:
Security – The security of sensitive data is separated from the rest of the network, decreasing the chances of confidential information breaches.
Higher Performance – The division of Layer 2 networks into multiple logical workgroups (broadcast domains) reduces unnecessary traffic on the network and boosts performance.
Cost Reduction – Cost savings result from less need for expensive network upgrades and more on this network.
Types of VLAN.
VLAN are of different types, primarily categorized based on their purpose and method of implementation:
Default VLAN: The default VLAN (usually VLAN 1) where all switch ports are assigned initially.
Data VLAN: Used specifically for user-generated data.
Voice VLAN: Designed for VoIP (Voice over IP) traffic.
Management VLAN: Used for managing the network.
Native VLAN: The VLAN assigned to untagged traffic on a trunk port.
Private VLAN (PVLAN): Provides isolation between ports within the same VLAN.
Each type serves specific functions in network design, enhancing efficiency and security.
VLAN ID Ranges VLAN Switch Port Membership How To Configure Switch Security
VLAN Trunking VLAN Trunking Protocol (VTP) Spanning Tree Protocol (STP)
