Virtual LAN

What is a VLAN?
VLAN (Virtual Local Area Network) is used to logically divide a physical
network into several broadcast domains.
VLAN is a logical grouping of networking devices.
Such as a set of networked computers and printers for a Department, Home or
Building floor.
When we create VLAN, we actually break large broadcast domain is
smaller broadcast.
A logically separate sub network.
Devices on VLAN 1 and VLAN 2 con not communicate with out layer 3 device (
router ).
The only communicating with devices that are on their own VLAN.
Cont..
A VLAN is a software controlled network.
 Standards of VLAN
There are two major standards in use today:
1. Most commonly used protocol for VLAN on an Ethernet network is IEEE
802.1q.
This protocol uses the tagging method to identify the VLAN of the frame.
It insert 4 byte tag into a standard Ethernet frame.

Destinations Source 802.1q Type/lens data Frame

address address VLAN tag/4byte/ check

Working at data link layer [layer 2].

Establishes the Tagged Frame

2. The other standard is Cisco (one of the world's largest network equipment
providers) created ISL, or Inter-Switch Link.
ISL encapsulates frames with the information necessary for trunking.
VLAN Port Types

A VLAN switch supports two types of ports:

Access ports
An access port is a member of only a single VLAN
Any host connected to an access port immediately becomes a
member of the VLAN configured on that port.

Trunk ports
A trunk port is not a member of a single VLAN
The traffic from any or all VLANs can traverse trunk links to reach other
switches.
VLAN Membership

VLAN membership can be configured one of two ways:

Statically
Statically assigning a VLAN involves manually assigning
an individual or group of ports to a VLAN

Dynamically
VLANs can be assigned dynamically based
on the MAC address of the host
Static VLAN assignment is far more common than dynamic
TRUNKING

Allow for multiple VLANs to cross one link

To connect VLANs existing across multiple switches,

trunks are used.

Cont.
Example of VLAN
To understand VLAN more clearly let's take an example

Our company has three offices.

All offices are connected with back links.
Company has three departments Development, Production
and Administration.
Development department has six computers.
Production department has three computers.
Administration department also has three computers.
Each office has two PCs from development department and
one from both production and administration department.
Administration and production department have sensitive
information and need to be separate from development
department.
Cont..

With default configuration, all computers share same broadcast

domain.
Development department can access the administration or production
department resources.
With VLAN we could create logical boundaries over the physical
network. Assume that we created three VLANs for our network and
assigned them to the related computers.
VLAN Admin for Administration department
VLAN Dev. for Development department
VLAN Pro for Production department
Cont.

With the help of VLAN, we have separated our single

network in three small networks.
These networks do not share broadcast with each other
improving network performance.
Different VLAN can communicate only via Router
Major Benefits of Using VLANs

Performance Enhancements
VLAN is used to minimize the broadcast domain.
Less wasted band width.
Ease of Administration
Much of the cost associated with network additions and relocations can be
saved through the use of VLANs.
Devices can be shifted from one work group or department to another
without installing new network cabling and reconfiguring switch or routers.

Security
As VLANs are not seen out side traffic.