Learning about VLAN network is hard, and it’s even more challenging to teach it. Understanding VLANs requires that you understand the OSI model and some specific networking concepts. The OSI model will be explained in this article, and VLAN defined along with the various network layers. Additionally, this guide will help you have a better understanding of the various networking layers, layer to VLAN and how to apply them. The layman’s explanation used in this networking 101 guide will also provide a better idea of the various networking concepts.
Binary Beginnings
Networking’s fundamental purpose is to get information from one point to another or point X to Y. Computers, on the other hand, do not comprehend the information; they understand off and on, i.e., binary 1’s and 0’s. The binary numbers are used to represent information on the website.
This website is a meticulously designed combination of 1s and 0s transmitted through millions of electrical pulses over the air or a cable. It’s incredible to begin to peel back the layers and know what permits this to occur.
Layer 1
The Physical: The OSI Layer 1
At layer 1, brief electrical pulses that stand for raw binary bits are received and sent, off and on, in the form of 1’s and 0’s. Layer 1 is the bedrock of all networking, and all of the levels above it rely on it. You won’t get very far if your physical connection is terrible. After that, you may build up your network to layer 2 using strong cables or an excellent wireless connection.
Data Link: The OSI Layer 2
At layer 2, you send and receive groups of bits. You create links between directly connected devices and ensure the accuracy and reliability of the data you send and receive. To access the cable through air medium, then to the antenna, layer 2 is very needful to get it done.
Enter Virtual, Leave Physical
Everything connected to an Ethernet switch becomes a component of the same LAN by default. On the other hand, managed switches aren’t restricted to an individual LAN, and that is where virtual local area networks come in. VLANs (virtual local area networks) are online local area networks.
You can partition an individual switch into many virtual switches by utilizing VLANs. This enables you to isolate devices at layer two while you do not purchase a new switch. Even though the isolation is virtual, VLANs can be thought of as physically independent switches.
Networking Layers Explained
VLAN Tags, Frames and Trunks
Most switches assign all ports to VLAN 1 by configuration. We’ve added two more VLANs, 10 and 20, to the network illustrated above. VLAN 1 is still active, giving us three virtual LANs on this single switch. We use a trunk port to avoid running three cables to join these three networks.
Trunks allow you to separate a single direct connection into several, similar ones to how VLANs split a single physical switch into many virtual switches. VLAN 20, 10, and 1 traffic can all be sent over the same cable from the router to the switch.
What’s a VLAN in Networking?
A VLAN, often known as a virtual LAN, is a virtual local area network. A LAN can be thought of as an individual physical switch, whereas a VLAN can be an individual virtual switch. So, what is VLAN in networking and how does VLANs work?
VLANs enable you to segment your network at the layer 2 level, combining wireless connections and ports or disconnecting them. You can create an individual switch to create numerous VLANs or radio multiple switches to access an individual LAN.
Layer 3 Networking
This is when things start to get interesting. The network layer is above layer 3. Packets, IP addresses and Routers are all part of this layer. We route categories of bits between networks at layer 3. Layer 3 networking devices serve as the networking world’s GPS, plotting out routes and directing all layer one and two connections. Layer 3 is required to transfer data from a, LAN to another LAN or from a single LAN to the internet and back to the LAN.
Layer three depends on the previous two tiers, and it is here that logical addresses known as IP addresses are defined. There are routers at layer 3, and they act as the network’s post office. There are also packets, and they represent the letters that we exchange. Communication is routed between subnets, which are categories of devices. A packet is packaged in a frame header and delivered to the following physical or electronic link in the chain at each journey stage.
What’s a Subnet?
A layer three network is referred to as a subnet. It’s a logical collection of devices that can all interact directly at layer three. We can directly address any device in our subnet rather than talking with the opposite end of the radio wave or wire. This is accomplished by designating packets to the IP address of the device, even if it means that it will make numerous layer 2 hops to get there, the router can directly address the wireless access point.
Additionally, layer three networks also can go beyond the layer two LAN limits, moving to any linked networks such as the internet. With layer three, you can move around the globe or into space. But this isn’t even as simple as it appears; you need to take one step at a time, right?
Networking Layers – Layer 1,2,3 Networking
VLAN Networking and How it Differs from a Subnet
We synchronize our network separations at layer 2 vs layer 3 in most networks. This means you have an individual layer three subnets for each VLAN. To make things easier, many people tend to utilize the VLAN ID as a section of a subnet address. Nothing prevents you from designating any range of IP addresses you choose, but keeping the numbers consistent makes management more accessible and makes it clear how they’re connected.
Layers 4 to 7 are above layer 3. Layers 4 to 7 are responsible for various key aspects of networking and they all rely on one another. You can start with the basics of layer 1 2 3 in networking. You can also return to the actual example network and move away from the theoretical.
Actual Application
Let’s have a look at the diagrammatic setup depicted in the diagram. We have a router, switch, an access point, and an Internet connection. Let’s look at the situation from the router’s point of view. The UDM, also known as the UniFi Dream Machine combines the three devices, but let’s assume it’s just an L3 router for the meantime.
Layer One
In the first layer, there are radio waves and cables. The Ethernet cable connects us to the Internet and cords to a switch and wireless access point. The switch lets you add extra cables and connectivity, while the AP lets you link to devices wirelessly. We have a variety of ways to exchange bits and, as a result, information too.
Layer Two
At this layer, we’re looking at the LAN and the router-to-switch connection. Because it’s a trunk, we use the same cable to link to several VLANs. We’re utilizing the untagged VLAN one by default, but we’ve also introduced VLANs 20 and 10. What this implies is that you’ll need to deploy devices into three different LANs.
Your switches manage VLANs and layer two separations while your router handles layer three and subnet separation. Firewalls and Routers help you choose which networks you are allowed to interact with and which are not. You need to move up to layer three and utilize a router to reach devices in other VLANs and networks.
Layer 3
All the networks use the router as their default gateway at layer three, which means it’s in charge of delivering and receiving data from every other network. For instance, you can designate 192.168.10.0/24 as your primary network, which will house most of your devices. You can designate 192.168.20.0/24 as your IoT or guest network and stop it from talking with the rest of your local networks. With this, you can create routing and firewall rules to enable or prevent any form of traffic in-between by splitting them at layers 2 and 3.
In VLAN 10, a laptop and a printer would each have their own IP address in the 192.168.10.0/24 range. We can use 192.168.10.25 for the computer and 192.168.10.100 for the printer. They can communicate directly because they are on the same L2 and L3 networks. We’d be able to print directly from the laptop, with no need for routing.
You’ll need a router to connect between them if you relocate the printer to VLAN 20 and alter its IP address to 192.168.20.100. This is where layer 3 separation adds a lot of benefits. If you don’t want two devices to communicate, place them on separate subnets and block them via a router or firewall. Without a layer 3 separation, your security options are severely constrained. To be successful in networking, you must know how to divide and conquer.