VLAN

VLANs Explained

VLAN (Virtual Local Network) is a logically separate IP subnetwork which allows multiple IP networks and subnets to exist on the same-switched network.

VLAN is a logical broadcast domain that can span multiple physical LAN segments. It is a modern way administrators configure switches into virtual local-area networks (VLANs) to improve network performance by separating large Layer 2 broadcast domains into smaller ones.

By using VLAN,  a network administrator will be able to group together stations by logical function, or by applications, without regard to physical location of the users.
Each VLAN functions as a separate LAN and spans one or more switches. This allows host devices to behave as if they were on the same network segment.
For traffic to move between VLANs, a layer 3 device (router) is required.

VLAN has three major functions:

i. Limits the size of broadcast domains
ii. Improves network performance
ii. Provides a level of security



How VLAN works.

Let’s use this real-world scenario; Think about a small organization with different offices or departments, all in one building. Some years later, the organization has expanded and now spans across three buildings. The original network is still the same, but offices and departments computers are spread out across three buildings. The HR offices remain on the same floor and other departments’ are on the other floors and buildings.

However, the network administrator wants to ensure that all the office computers share the same security features and bandwidth controls. Creating a large LAN and wiring each department together will constitute a huge task and definitely won’t be easy when it comes to managing the network.

This where VLAN switching comes in, it will be easier to group offices and departments with the resources they use regardless of their location, and certainly easier to manage their specific security and bandwidth needs.
Opting for a switched VLAN allows the network administrator to create groups of logically networked devices that act as if they are on their own independent network, even if they share a common infrastructure with other VLANs. When you configure a VLAN, you can name it to describe the primary role of the users for that VLAN.
Study the figure below for more detail:

VLAN

In summary:

i. VLAN is an independent LAN network.
ii. VLAN allows the student and Faculty Computers to be separated although they share the same infrastructure.
iii. For easy identification, VLANs can be named

VLAN1

a. VLAN = all PCs are assigned with a subnet address defined for VLAN 10
b. Configure the VLAN, assign ports to the VLAN
c. Assign an IP subnet address on the PCs.

Advantages of VLAN:

Security – Security of sensitive data are separated from the rest of the network, decreasing the chances of confidential information breaches.
Higher performance – Division of Layer 2 networks into multiple logical workgroups (broadcast domains) reduces unnecessary traffic on the network and boosts performance.
Cost reduction – Cost savings result from less need for expensive network upgrades and more on this network.

Types of VLAN

VLAN ID Ranges

VLAN Switch Port Membership
How To Configure Switch Security
VLAN Trunking

VLAN Trunking Protocol (VTP)

Spanning Tree Protocol (STP)

Inter-VLAN Routing

VLAN Configuration on a Cisco Switch

Voice VLAN Configuration on a Cisco Switch

Hot Standby Router Protocol (HSRP)