VLAN Overview
Definition
Virtual Local Area Network (VLAN) technology divides a physical LAN into multiple broadcast domains, each of which is called a VLAN. Hosts within a VLAN can communicate with each other but cannot communicate directly with hosts in other VLANs. Therefore, broadcast packets are confined to within a single VLAN.
Purpose
Ethernet technology allows data communication over shared media through Carrier Sense Multiple Access/Collision Detection (CSMA/CD). When an Ethernet network has a large number of hosts, collision becomes a serious problem and can lead to broadcast storms. This can degrade network performance or even result a complete breakdown. Using switches to connect LANs can mitigate collisions, but cannot isolate broadcast packets or improve network quality.
VLAN technology divides a physical LAN into multiple VLANs to isolate broadcast domains. Hosts within a VLAN can only directly communicate with hosts in the same VLAN. They must use a router to communicate with hosts in other VLANs.
Figure 4-1 shows a typical VLAN networking environment. Two switches are deployed in different locations (for example, on different floors of a building). Each switch is connected to two PCs belonging to different VLANs, which likely belong to different entities or companies.
Benefits
- Limits broadcast domains. This conserves bandwidth and improves network efficiency.
- Enhances LAN security. Packets from different VLANs are transmitted separately. Hosts in a VLAN cannot communicate directly with hosts in another VLAN.
- Improves network robustness. A fault in a VLAN does not affect hosts in other VLANs.
- Allows for flexible groups. With VLAN technology, hosts in different geographical locations can be grouped together, simplifying network construction and maintenance.