What is VLAN?
A VLAN is also called Virtual local area network. It is a logical local area network that goes beyond a single conventional LAN to a group of LAN segments with some specific configurations. We use software to create and configure them.
For better understanding of VLANS, it is important to know that the LAN can be defined as a broadcast domain and hubs, bridges, and switches are located in the same network segment connecting all terminal devices. You also should know that all these devices can communicate with each other even if without the existence of a router. In a word, vLans are in the same broadcast domain and the responsibility of routers is to separate these domains.
As a network grows, more and more routers are needed to separate the users into multiple broadcast and collision domains, while still being able to provide connectivity between all the network segments. These routers add latency which is quite essential to the networking related matters. The latency is caused by the time taken to route the packages from one network to another.
Types of VLAN
There are two types of VLAN: cell-based VLANs and frame-based VLANs which are explained in the following:
Cell-based VLANs are used in ATM switched networks with LAN Emulation or LANE) which allows the computers in the LAN segment to communicate by using the ATM networks without requiring special hardware or software configurations.
Frame-based VLANs are used in the Ethernet networks and it uses the frame tagging technique. The two main types of the frame tagging are ISL (Inter Switch Link) and IEEE 802.10. With the 802.10 standards it is possible to deploy the VLAN not only in the Ethernet but also in the Token rink and FDDI.
VLAN modes
There are three different modes in which a VLAN can be configured. They are VLAN Switching Mode, VLAN Translation Mode, and VLAN Routing Mode. The explanation of them are as follows:
1. VLAN Switching Mode: The VLAN forms a switching bridge in which frames are forwarded unmodified.
2. VLAN Translation Mode: VLAN translation mode is used when the frame tagging method is changed in the network path, or if the frame traverses from a VLAN group to a legacy or native interface which is not configured in a VLAN. When the packet is to pass into a native interface, the VLAN tag is removed so that the packet can properly enter the native interface.
3. VLAN Routing Mode: When a packet is routed from one VLAN to a different VLAN, you use VLAN routing mode. The packet is modified, usually by a router, which places its own MAC address as the source, and then changes the VLAN ID of the packet.
Before setting up a VLAN, it is recommended to know the advantages and disadvantages of VLAN.
Advantages
There are five advantages of using VLAN as follows:
1. Increased network performance. By definition, switched networks have increased performance over shared media devices, because they reduce the size of the collision domains. By grouping the users into the same vlan, you can also increase network performance by limiting the broadcast traffic. Therefore, less traffic will require routing outside the network, and the latency/router load will decrease.
2. Higher manageability. By allowing centralized configuration for devices physically located in different areas, managing vlans can be made flexible, easier, and cheaper, that is, making the large networks more manageable.
3. Less configurations. This is easier for network administrators since software configurations can be made uniform across the devices located in the same vlan. This includes the network settings, IP addresses, subnet masks, and local network protocols.
4. Independent from the network topology. VLAN basically allows multiple different workgroups to be connected logically inside a single broadcast domain. With the physical structure, it is not difficult to add or configure ports in new locations for existing VLANS.
5. Higher security. VLANS can provide additional security that's not available in a shared media network. By default, a switched network delivers the packet only to their intended recipients and broadcasts frames only to other members of the same VLAN. This lets the network administrator to segment users requiring a dedicated communication channel and separate them from the rest of the network, regardless of the physical location.
Disadvantages
There are three disadvantages of using VLAN as follows:
1. An average local area network usually operates at 100 mbps and < 5ms latency. On the other hand, wide area networks typically operate at a lower speed and higher latency. Therefore, a VLAN will always perform as well as the worst network segment it contains. So a VLAN is less efficient than a LAN.
2. Virus risk. Because in a VLAN, all the computers are in the same network, if one computer gets infected with a network virus, there is a high risk that the rest of the computers will get infected as well.
3. Equipment limitations. A router is used to route between vlans. If the whole network is not very large, the router can take the workload. Otherwise, it is suggested to load everything on a single router.
How to set up VLAN?
Assignment to a VLAN is completed at the switch level. The switch is the backbone of all available VLANs in a network. The switch has two configurations: trunk mode and normal mode. These two modes are designed to deliver maximum functionality to the network.
Now you need to concern the environment. You have your VLAN to extend to a lot of switches. If you have just one switch, you can configure other VLANs without other considerations. On the other hand, if you have multiple switches, you will have to decide which VLANs will be assigned under which switch. You will also be requred to set up the trunking and the VLAN trunking protocol. The following are the steps:
Setup Basics
1. Go to the VLAN setup. You will need to use the Smart Wizard or access this or go the alternate route and go through the URL http://<>
2. Go to Switch, Click VLAN and then select properties.
3. Click Add.
4. Set up the VLAN ID and VLAN name.
5. Click Apply.
Assigning Ports to a VLAN
1. Go to VLAN and then click on Membership.
2. Within the VLAN ID list, select the VLAN you want to add the ports to. Please note that, by default, all ports to be seen are members of VLAN1, and VLAN1 cannot be modified. Each port as a current and static box associated with to.
3. Click on the static box that is associated wit the desired port until you see a U symbol, U standing for Untagged.
4. The previous step is to be repeated for all the ports that you need to be members of the VLAN.
5. With the above done, you need to click apply.
6. Find out the Interface PVID settings and set the PVID of each port you have chosen for the new VLAN to the VLAN ID.
7. Once completed, click apply to finalize these settings.
Verifying the VLAN
1. In order to make sure if the setup of VLAN is working well, two computers need to be configured and their unique IP address should be in the same range and with the same subnet mask.
2. Patch each computer to one of the ports that is a member of the specific VLAN that you just configured and want to test.
3. You can ping each computer by using the other computer.
4. Now you can continue by re-patching one of the machines to a next port but this time a different VLAN needs to be assigned.
In conclusion, the VLAN can be considered as a group of devices physically located on different LAN segments or in different geographic locations, but they can communicate with each other as if they were all part of the same LAN segment.
