What is VLAN?

VLAN (Virtual Local Area Network) is an essential factor in the efficiency of an organization. It is one of the technologies that contribute to improving network performance and allows the dividing of large broadcast domains into smaller domains.

In network topology, routers block broadcast traffic on an interface. However, routers usually have a limited number of LAN interfaces. The primary function of a router is not to provide access to terminals to the network but to transfer information between networks.

The function to provide access to a LAN is usually reserved for access layer switches. Similar to Layer 3 devices, a virtual local area network can be created in the Layer 2 switch to reduce the size of broadcast areas.

In general, VLANs are included in network design to facilitate a network to support the objectives of an organization. Although VLANs are primarily used in switched local area networks, modern virtual LAN applications allow them to propagate MAN and WAN networks.

What Does It Do?

It provides segmentation and enterprise flexibility in a switched network environment. It provides a way to group devices within a LAN. Devices in a group communicate as if they were connected to the same cable. VLANs are based on logical connections rather than physical connections.

VLANs allow an administrator to segment networks into segments based on factors such as function, project team, or application, regardless of the user’s or device’s physical location. Devices within a virtual LAN operate as if they were on their independent network, even if they share the same infrastructure with others.

Any switch port can belong to a VLAN and unicast, and multicast packets are transmitted, and only packets are sent to the corresponding group. Each Virtual LAN is considered a separate logical network, and packages for non-VLAN stations must be shipped over a device that supports routing.

A Virtual LAN creates a logical broadcast area spanning several physical LAN segments. It improves network performance by dividing large broadcast areas into smaller ones. Not all devices receive the frame if a device sends a broadcast Ethernet frame, but devices from other VLANs do not.

Enables access and security policies to be applied to specific user groups. Each switch port can be assigned to a single VLAN (except for a port connected to an IP phone or another switch).

VLAN Advantages

Users’ productivity and network adaptability are essential to the growth and success of companies. VLAN networks make designing a network to support an organization’s goals easy. The main benefits are:

Security: Groups with sensitive data are separated from the rest of the network, reducing the likelihood of infringing confidential information. As shown in the figure, faculty computers are located in VLAN 10 and are completely separated from the data traffic of students and guests.

Cost reduction: Cost savings are due to the low need for expensive network updates and more efficient use of existing connections and bandwidth.

Better performance: Dividing Layer 2 flat networks into several logical workgroups (broadcast areas) reduces unnecessary traffic on the web and improves performance.

Reduced broadcast areas: Dividing a network into VLAN networks minimizes the number of devices in the broadcast area.

Higher efficiency of IT staff: VLANs simplify network management because users with similar network requirements share the same VLAN. When a new key is available, all policies and procedures preconfigured for a particular VLAN are applied when the ports are assigned. It is also easy for IT staff to define the function of a VLAN by giving it a name.

Simpler management of applications and projects: VLAN adds network devices and users to support geographic or business requirements. Having different features makes it easier to manage a project or work with a specific application; An example of this type of application is the electronic learning development platform for lecturers.

Each VLAN in a switched network corresponds to an IP network; therefore, implementing a hierarchical network addressing program should be considered when designing a VLAN.

Hierarchical network addressing ensures that IP network numbers are applied sequentially to network segments or VLANs and that the web is considered whole.

Types of VLAN

1. Data

A VLAN that is configured to move user-generated traffic. It is common practice to separate voice traffic and data traffic management. Data VLANs are used to divide the network into user or device groups.

2. Default

All switch ports become part of the default VLAN after initializing a switch that loads the default configuration. The ports participating in the default VLAN are in the same broadcast area. This supports any device connected to any switch port to communicate with other devices on other switch ports. The default virtual LAN for Cisco switches is Virtual LAN 1. Note that all ports are assigned to VLAN 1 by default.

VLAN 1 has all the features of any VLAN but cannot be renamed or deleted. All Layer 2 control traffic is associated with this by default.

3. Native

An 802.1Q host port is assigned a local VLAN. Master link ports are connections between switches that support traffic transmission associated with multiple VLANs.

The 802.1Q main port supports inbound traffic (tagged traffic) and inbound traffic (unlabeled traffic). Labeled traffic refers to traffic with a 4-byte label placed in the original Ethernet frame header, indicating the VLAN to which the frame belongs. The 802.1Q main port places unlabeled traffic on the local VLAN, which is VLAN 1 by default.

Legacy VLANs are defined in the IEEE 802.1Q specification to maintain compatibility with unlabeled traffic from previous models common to legacy LAN situations. A local VLAN acts as a familiar identifier at opposite ends of a body link.

You should configure this virtual network type as one not used independently of VLAN 1 and others.

3. Management

Any VLAN configured to access the management features of a key. VLAN 1 is the management VLAN by default. To create this structure, an IP address and a subnet mask are assigned to the VLAN’s virtual switch interface (SVI), which allows the switch to be managed using HTTP, Telnet, SSH, or SNMP. Because VLAN 1 is set by default in the factory configuration of a Cisco switch, it is not an appropriate choice for management.

In the past, the management of Cisco Switch 2960 was the only active SVI. For Cisco IOS 15.x versions for Catalyst 2960 series switches, it is possible to have multiple active SVIs. With Cisco IOS 15.x, the specific active SVI assigned for remote management must be registered. Theoretically, a switch can have numerous management VLANs while increasing exposure to network attacks.

   Related Articles

1. What is Packet Tracer
2. Packet Tracer Setup
3. What is GNS3
4. GNS3 Setup
5. GNS3 VM

In other languages: TR
Avatar for tolgabagci


In my personal blog, I will explain the solutions to the problems I encounter in the system, network, and information technologies for you. If you want to contact me or consult about a problem, you can send an e-mail to contact@tolgabagci.com.