Guide: How do VLANs Work?

What are VLANs?

In this article, we will talk about the working procedure of VLANs, and we will address the following important parts:

  • What is VLAN
  • How do VLANs work
  • Characteristics of VLANs
  • Advantages and disadvantages of VLANs

What is a VLAN?

VLAN or Virtual Local Area Network is a custom network that allows a category of devices present in different networks to be blended into a single logical network that results in a virtual local area network managed like a physical local area network. It is created from a single or multiple local area networks or LAN.

VLANs Explained

VLANs are subnetworks that can bind collections of devices in groups on different physical LANs. LANs are a category of devices and computers that share a wireless link or communications line to a server in the same field or geographical location.

VLANs help to ensure that network administrator are able to divide a single switched network to complement the security and functional requirements of their systems without any need of making major changes or running new cables in their present network infrastructure. Virtual local area networks are usually designed by big brands for easy re-partition of devices to ensure better traffic management.

VLANs also help to improve a network’s general performance by grouping devices that communicate more often together. They also offer security on bigger networks by ensuring a better level of control on how devices have access to one another. Due to their logical and non-physical connections, VLANs are often versatile.

Features of VLAN

Some of the key characteristics of VLAN include:

  • Changing users/hosts on a VLAN simply requires a new port-level configuration, and it’s easy.
  • VLANs can stretch across numerous switches.
  • Individual VLAN also works as a different LAN, leading to a reduction in congestion.
  • The trunk’s link can withstand traffic for numerous LANs.
  • It enables users to use a workstation with complete bandwidth at every port.
  • It helps to ensure easier terminal reallocations.
  • The networking model of VLANs is flexible, and it partitions users according to their departments rather than their network location.
  • Using VLANs helps you reduce security threats due to a reduction in the number of hosts attached to the broadcasting domain.
  • VLANs help to add to the number of possible broadcast domains in a LAN.

Types of VLANs

Some of the types of VLANs include the following.

Protocol-Based VLAN

This type of VLAN operates traffic based on a protocol. This protocol can be utilized in determining clarifying criteria for untagged packet tags. In the protocol-based VLAN, the frame is used to carry the layer-3 protocol to help determine virtual local area networks. It works great in multi-protocol areas, but it doesn’t work in an IP-based network.

Mac-Based VLAN

The MAC-based virtual local area network enables new untagged packets to be allocated virtual LAN and allocate traffic according to the packet source address. A Mac address is defined to virtual local area network mapping through the configuring mapping of the entry in Mac to the virtual local area network table.

The use of the right VLAN ID of the source Mac address helps to specify the entry, and the table configurations are distributed among every device port.

Port-Based VLANs

In the port-based VLANs, virtual local area networks are classified by port. The port-based VLANs also allow the manual configuration of a switch port to a VLAN member. Also, the devices connected to the port belong to a similar broadcast domain. This is due to the identical VLAN number used in the configuration of every other port.

The major problem with this network type is knowing the right ports for each VLAN. So, you can’t simply determine the VLAN membership by checking a switch’s physical port. Instead, it can be determined by having the right configuration information.

Benefits of VLAN

These are some of the benefits of the Virtual Local Area Network.

  • It minimizes the broadcast domains size.
  • It helps to ensure easier and simple device management
  • It resolves broadcast issues
  • VLANs make it easy for you to add an extra layer of security
  • It helps to support growing brands by geographically structuring networks
  • It allows you to create a logical classification of devices by function instead of the location.
  • VLANs help users create classes of logically connected devices that appear like they’re on a personal network.
  • Networks can be logically segmented logically and according to functions, departments, or project teams.
  • VLANs also help in a network’s geographical structure to assist new, developing companies.
  • It ensures minimal latency and better performance.
  • It helps to remove the physical barrier
  • You can easily share your network with VLAN
  • Hosts can be easily separated, and you can improve network security
  • You save more money with VLAN because you don’t have to pay for extra cabling or hardware
  • The number of devices to be used for specific network topology is drastically reduced.
  • Managing complex physical devices becomes much easier with VLAN.

 Disadvantages of VLAN

Some drawbacks or cons of using VLAN include.

  • In large networks, you need an extra router for workload control.
  • A packet injected may result in a cyber threat
  • A packet may discharge from one VLAN into another
  • A single system threat may distribute a virus via an entire logical network.
  • An extra router is required to control the workload in wide networks
  • There’s the possibility of problems in interoperability
  • One VLAN can not send network traffic to other available VLANs.

How do VLANs works: Connecting VLANs

Now that you understand the meaning of VLANs, types, features, benefits, and drawbacks, the next question in your mind will be how do VLANs work? Read on to find out.

Interfaces on switches can allow systems to be shared into logical categories according to the department they’re associated with, and this happens when they’re allocated to a single VLAN or more. Then, rules are also set up on how systems in each category are allowed to connect with each other.

These categories can be simple or practical or complex and legal. In the simple category, computers in a VLAN can work with the printer associated with the VLAN while computers outside it cannot. In the complex category, computers in a specific part or department in an organization cannot interact with computers in another part of the organization.

Every VLAN allows data link access to every host linked to the switch interface installed with a similar VLAN ID. VLAN tagging has been regulated by the Institute of Electrical and Electronics Engineers (IEEE) 802.1Q, and it’s often referred to as Dot1Q.

As a 12-bit field in the Ethernet header, the VLAN tag offers support for 4,096 VLANs for every switching domain. When an attached host sends an untagged frame, the VLAN ID tag built on that interface is included in the data link frame header with the use of the Dot1Q method. Then, the 802.1Q or Dot1Q frame is then sent toward the destination.

Every switch utilizes the tag in keeping every VLAN traffic different from other VLANs, sending it only to where the VLAN was built. The tag helps to separate them, and the trunk links in the middle of the switches handle numerous VLANs to make this possible.

As soon as the frame gets to the right switch port and before the frame is transferred to the right device, the VLAN tag will be removed. You can also use a trunk configuration to configure numerous VLANs on a single interface or port. This way, every frame sent through the port will be tagged with the VLAN ID.

The close device’s port, which can be on a host that accepts 802.1Q tagging or on another switch, will have to support trunk mode configuration to receive and transfer tagged frames. Then, all other untagged Ethernet frames are allocated to a standard VLAN, and this can be classified in the switch configuration.

A VLAN-enabled switch includes the VLAN tag set to the ingress interface when it gets an untagged Ethernet frame through an attached host. The frame will then be sent to the host’s port with the target MAC or Media Access Control address.

BUM traffic, also known as broadcast, unknown unicast, and multicast traffic, will be sent to every port in the VLAN. So, when a former unknown host responds to an unknown unicast frame, the switches will find out the host’s location without flooding the subsequent frames sent to that host.

Two mechanisms are used to keep the switch-forwarding tables updated. The first one is where the existing forwarding entries are seldomly removed from the forwarding tables. The second mechanism is when any form of topology change leads to a reduction in the refresh timer of the forwarding table, giving rise to a refresh. The STP or Spanning Tree Protocol is being used in creating a loop-free topology around the switches in every Layer 2 domain.

An instance that can be utilized is the per-VLAN STP which allows various multi-instance STP overhead or Layer2 topologies if the topology remains the same among numerous VLANs. Spanning Tree Protocol or STP creates a spanning tree from a particular root switch to prevent forwarding on the links that may lead to forwarding loops.

With this, some links can only be used for forwarding when another part of the network fails, making STP use the link as part of a working forwarding part.

close

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.