VLAN (Virtual Local Area Network)

Definition

A VLAN (Virtual Local Network) is a logically separate IP subnetwork. VLANs allow multiple IP networks and subnets to exist on the same-switched network.  For computers to communicate on the same VLAN, each must have an IP address and a subnet mask that is reliable for that VLAN. The switch has to be configured with the VLAN and each port in the VLAN must be assigned to the VLAN. A switch port with a single VLAN configured on it is called an access port. Remember, just because two computers are physically connected to the same switch does not mean that they can communicate. Devices on two separate subnets can only communicate with each other via a router (Layer 3), even if  VLANs are used.

 

A VLAN has three major functions:

 

i.  Limits the size of broadcast domains

ii. Improves network performance

ii.  Provides a level of security

 

 

Think about a small organisation with diferent offices or department  all in one building. some years later, the organisation has expanded and now spans accros three buildings. The original network is the same, but offices and departments computers are spread out across three buildings. The HR offices remain on the same floor and other departments' are on the other floors and buildings.

 

However,  the network administrator wants to ensure that all the office computers share the same security features and bandwidth controls. Creating a large LAN and wiring each department together will constitute a huge task and definitely won’t be easy when it comes to managing the network.

This where VLAN switching comes in, it will be easier to group offices and departments with the resources they use regardless of their location, and certainly easier to manage their specific security and bandwidth needs.

Opting for a switched VLAN allows the network administrator to create groups of logically networked devices that act as if they are on their own independent network, even if they share a common infrastructure with other VLANs. When you configure a VLAN, you can name it to describe the primary role of the users for that VLAN.

Study the figure below for more detail:

 

                                

                    

                                 In summary:

1. VLAN is an independent LAN network.
2. VLAN allows the student and Faculty Computers to be separated although the share the same infrastructure.
3. For easy identification, VLANs can be named.

 

 

1. VLAN = all PCs are assigned with a subnet address defined for VLAN 10
2. Configure the VLAN , assign ports to the VLAN
3. Assign an IP subnet address on the PCs.  

 

 

Advantages of Vlan:

Security – Security of sensitive data are separated from the rest of the network, decreasing the chances of confidential information breaches.

 Higher performance – Division of Layer 2 networks into multiple logical workgroups (broadcast domains) reduces unnecessary traffic on the network and boosts performance.

Cost reduction - Cost savings result from less need for expensive network upgrades and more on this network.

 

Recommended Books

 

                      

          

                                          Types of VLAN

                        

                               VLAN ID Ranges

 

                               VLAN Switch Port Membership

                                         How To Configure Switch Security

                               VLAN Trunking

 

                               VLAN Trunking Protocol (VTP)

 

                               Spanning Tree Protocol (STP)

 

                               Inter-VLAN Routing

 

                               VLAN Configuration on a Cisco Switch 

 

                               Voice VLAN Configuration on a Cisco Switch