What is a VLAN? Is it some sort of highly expensive technology or virtual reality? Not at all. VLANs are relatively simple, yet they offer a wide variety of options and capabilities to improve your network.
VLAN, or Virtual LAN, is a technology that enables dividing a physical network into logical segments at Layer 2. Functionally, VLANs enable a network administrator to partition a network into separate, independent networks. There are many reasons to separate a network into VLANs, and numerous options to consider.
While a useful technology for small LANS, VLANs are often deployed in large networks, too. In larger networks, VLANs are sometimes used to join physically separate LANs or LAN segments into a single logical LAN.
The goal of this article is to explain and discuss VLANs, including why you should consider using VLANs in a smaller network. I'll also walk through a configuration example showing how to configure a VLAN-aware switch to create separate LAN segments.
VLANs and Switches
If you have more than one device on your network, you probably have a switch. A switch is a simple device that operates at Layer 2 of the OSI model, forwarding data frames from one device to another based on their hardware or MAC (Media Access Control) address. The basic Layer 2 switch does not care or know about IP addresses, which operate at Layer 3.
Your switch may be a few ports built into your router, it may be a small unmanaged (non-configurable) switch such as the D-Link DGS-2205 shown in Figure 1. Or you may have a more advanced switch with VLAN capability, possibly referred to as a managed, "smart" or multilayer switch. Larger networks usually have multiple switches at numerous locations.
Figure 1: D-Link switch without VLAN capability
As stated, switches pass data from one device to another based on their MAC addresses. The key question is, how does the switch know which MAC address is located on which port?
Even the simplest switch has a "learning ability" to read the MAC address of the devices connected, and store those MAC addresses in a table in memory. Switches "learn" by examining the source MAC address of every frame received. New MAC addresses learned on received frames are added to a table, creating in the switch's memory a mapping of MAC addresses to switch ports.