VLAN Basic Concepts Explained with Examples

A VLAN is a logical grouping of network resources connected to administratively defined ports on a switch. VLANs break a large broadcast domain into smaller broadcast domains. Each VLAN creates a separate broadcast domain.

Basic concepts and fundamental of VLANs

A LAN is a group of devices connected to a single Ethernet network. A broadcast message is a message that reaches all devices in the network. Devices use broadcast messages to perform many essential tasks. The more devices you add to a network, the more broadcast messages it will have. Broadcast messages reduce network performance.

To improve network performance, administrators break the LAN network into smaller LANs. When you break a large LAN into smaller LANs, you create VLANs. VLANs are smaller LANs. VLANs create a boundary for broadcast messages. A broadcast message generated in a VLAN reaches all devices inside the VLAN. It does not go outside the VLAN. If two devices belong to different VLANs, they do not exchange broadcast messages.

How VLANs work

A switch does not understand broadcast messages. When it receives a broadcast message on one of its ports, it forwards that message from all other ports. Let us take an example. Suppose an 8-port switch receives a broadcast message on port-1. It forwards the message from port-2 to 8.

The following image shows it.

A VLAN is a switch-only feature. It allows us to define ports that share broadcast messages. If two switch ports belong to different VLANs, they do not share broadcast messages. If two ports belong to the same VLAN, they share broadcast messages.

Let us take the preceding example. We create two VLANs: VLAN-10 and VLAN-20 on the switch. We assign port-1 to 4 to VLAN-10 and port-5 to 8 to VLAN-20. After this, ports 1, 2, 3, and 4 will share broadcast in VLAN-10, and ports 5, 6, 7, and 8 will share broadcast in VLAN-20.

The following image shows it.

VLANs are not limited to only one switch. You can create and use them across multiple switches. This feature allows you to organize your network logically.

Let us take one more example to understand this feature.

A network has three segments. All segments are connected through backlinks. Each segment has four PCs.

The following image shows this network.

Now suppose, you want to break this network into three sections: Development, Production, and Administration. In the Development section, you want to keep six computers, two computers from each segment. In the production section, you want to put three computers, one computer from each segment. You have the same requirement for the administration section, one computer from each segment.

In this situation, you can use VLANs. VLANs allow you to create logical groups of devices. You can create three VLANs, one for each section. You need to create these VLANs on all switches. After creating VLANs, you can add computers to their respective VLANs.

VLANs are similar to network segment. Devices in different VLANs cannot directly communicate. You need to connect them through a router.

The following image shows it.

Key points: -

• VLANs is a switch-only feature. It works only on manageable Ethernet switches.
• VLANs are used to create boundaries for broadcast messages.
• VLANs do not share broadcast messages.
• Devices in different VLANs cannot communicate directly. They can communicate through a router.
• You can create and use the same VLAN on multiple routers. This feature allows you to arrange devices logically.
• All switches have a default VLAN, called VLAN1.
• By default, all switch ports belong to VLAN1.