VLANS

What are VLANs and when to use them?

Most of the time, it is easier to cut up a network into smaller parts. This might be due to certain factors, such as security and management. For example, it might be a good idea to put computers and workstations on one LAN and then put all of the servers with potentially sensitive data on another LAN. Separating them allows administrators to install firewalls to control what is shared between the LANS.

In order to connect the machines to a LAN a switch might be used. Creating a switch for every LAN, especially if there are a lot of them, isn’t cost-effective. There is an alternative, and it is called a VLAN (Virtual Local Area Network).

VLANS

To create a VLAN, a switch is broken up into multiple pieces. Each of the different parts of the switch is responsible for a different VLAN.

There are many reasons to use VLANs; most of the reasons are listed below:

  • Less hardware is needed as VLANs are simulated on a switch.

  • It is easier to manage. A guest network can be created that is separate from the employee network.

  • It allows for easy manipulation of traffic types (video data section and voice section).

  • Limits on broadcasts and flooding

    • Up until this point, a broadcast will be sent to everyone on the LAN. In a VLAN, it prevents the flooding of these messages into groups of machines that don’t ever need to see them.

  • Smaleler impact for failure

    • It depends on the error, but an error may be limited to just that specific VLAN.

Other Information VLANs:

Each VLAN has an identifier, which is a 12-bit number (1-4094 inclusive). The ID numbers 0 and 4095 are reserved. Each port on a switch is assigned a different VLAN according to its ID. VLANs also operate on layers. A general good practice for VLANs is to have one VLAN per subnet.

CISCO VLANs are, however, slightly different from others:

  • VLANS have the IDs 1002-1005 reserved (for compatibility with older CISCO technologies).

  • Previous CISCO products only covered the range of IDS 1-1005, which is called the “Normal Range.”

  • Later, CISCO added the extended range, which is the 1006–4094 range.

Routing between VLANs:

VLANs are bound to Layer 2. So, it uses some technology from Layer 3 to connect them together. A router will connect two VLANs. When a request is made, the destination goes to the router. Once it arrives at the router, it will be forwarded to the VLAN that contains the destination.

In order to get the IP addresses or MAC addresses, the routers will use Address Resolution Protocol (ARP). In simple terms, the router will send out a broadcast to search for certain pieces of information. The machine with the corresponding requested value will return any information that the router requested.