CCNA RnS Article #23: Virtual LAN (VLAN) Concept

 

CCNA RnS Article #23: Introduction to Virtual LAN (VLAN)

In this article, we are going to cover what is Virtual LAN, why we need it, and its various concepts.

First, let’s understand what LAN is – in generic terms, a LAN includes hosts, switches, wires, and wireless Access Points. But a precise definition is a LAN includes all devices in the same broadcast domain.

The broadcast domain includes connected devices where if one device sends a broadcast all other devices will get a copy of that broadcast frame. You can say a broadcast domain is a LAN.

A switch in default configuration where all the ports are in VLAN 1 works is similar to a broadcast domain where all devices are able to communicate as they are in the same VLAN or broadcast domain. Now let’s say you need two LANs where both are separate and don’t need inter communication this is something would look like this –

Figure 1: Multiple Broadcast Domain using multiple switches

In Figure 1, two networks are implemented using two switches with default configuration. Where network 1 is implemented using switch 1 and network 2 is implemented on switch 2. It works fine technically where users in network 1 can communicate with other hosts in the same network. For each new network in this approach, you need a separate switch. ☹

By using VLANs we can achieve the same setup using a single switch. We can have two broadcast domains on one switch. Switch ports are assigned to VLANs that’s how multiple broadcast domains are created. These broadcast domains are called Virtual LANs (VLANs).

Figure 2: Multiple Broadcast Domain w/ Single Switch using VLANs

Creating multiple smaller broadcast domain helps to reduce the overhead in a large broadcast domain, where fewer hosts (hosts in the same VLAN) need to process the broadcast frame. Using VLANs we can implement a basic level of security where hosts in VLANs can talk to each other but not to hosts in different VLANs.

There may be a requirement to connect multiple buildings with multiple switches. To extend a VLAN to another switch we need to connect both the switches. Let’s says both switches are connected in this way –

Figure 3: Extending VLANs w/o Trunk

Figure 3, shows a possible way to extend VLANs to Switch 2. Connection 1 between both the switches carries the traffic for VLAN 10 and Connection 2 carries traffic for VLAN 20. This works fine no doubt about it. But for a minute, think of a large network with 20 – 30 different VLANs. You need multiple dedicated connections for each VLAN between the switches. This is not practical and scalable.

We can have a special connection between the switch called trunk and a single trunk port can carry traffic from multiple VLANs. That’s the reason there are uplink ports available on a switch with higher bandwidth support 10/40/100 Gig.

A trunk port can carry multiple VLAN traffic between the switches. This trunk port keeps the VLAN traffic separate too. I mean traffic from a host in VLAN 10 on Switch 1 should not be handed over to a host in VLAN 20. A switch achieves this using VLAN tagging. This tagging feature stamps the traffic with VLAN information so that the destination switch can hand over the traffic to the host in same the VLAN.

Figure 4: Trunk Port carries multiple VLAN traffic

Using a trunk port solves the problem of having multiple connections between switches to carry traffic for multiple VLANs. Now single physical link (Trunk Connection) carries traffic from multiple VLANs.

Let’s see how VLAN tagging works. Let’s say PC 1 in VLAN 10 broadcasts. Switch 1 receives this broadcast on interface eth 1/0. Switch knows this broadcast is from a host in VLAN 10 – it will flood this broadcast message to all other local ports in VLAN 10 (ports on Switch 1 except) and to the trunk port connected to Switch 2 [ports in VLAN 10 mapping].

Now switch 2 needs to process this broadcast by sending it to the ports on switch 2. However, while sending the traffic, switch 1 tag the Ethernet fame with VLAN 10, and on receiving the broadcast frame, Switch 2 reads the tag (VLAN ID) which is 10 from the header. Extract the original frame and only flood the ports that are in VLAN 10.

Figure 5: VLAN Tagging in Action

Step 1: PC 1 broadcasts, and Switch 1 receive it on port eth 0/1. Port eth 1/0 is part of the VLAN 10.

Step 2: Switch knows that broadcast is received on the port in VLAN 10 and while forwarding the frame over the trunk port, add additional information (VLAN tagging) to the frame header.

Step 3: Switch 2 receive the frame with additional information read the tag information and floods the frame to all VLAN ports [PC 2 is also part of the same VLAN 10].

VLAN tagging is indeed a good topic to discuss in detail in a separate article. Let’s keep this article limited to the conceptual view of VLAN. Hope you find this informative!

 Continue Reading...

• CCNA RnS Article #22: Interface Auto-negotiation in Action!
• CCNA RnS Article #21: Switch Interface Configuration
• CCNA RnS Article #20: Configure IP to Manage Switch
• CCNA RnS Article #19: Configuring Secure Shell (SSH)!
• CCNA RnS Article #18: Secure Switch Management Plane!
• CCNA RnS #17: Switching Process
• CCNA RnS #16: Campus vs Data Center Network
• CCNA RnS #15: Memory Types - The Network DNA
• CCNA RnS #14 - CLI Introduction! - The Network DNA
• CCNA RnS #13: CSMA/CD - The Network DNA
• CCNA RnS #12 : Ethernet Frame Type & FCS Field!
• CCNA RnS #11: Ethernet/MAC Addressing - The Network DNA
• CCNA RnS #10 - Fiber-optics Cable - The Network DNA
• CCNA RnS Article #9 -- Ethernet UTP cable & Ethernet Frame
• CCNA RnS Article #8 – Ethernet LAN Communication
• CCNA RnS Article #7 - Ethernet Standards
• CCNA R&S Article #6 – Understanding Ethernet Local Area Network
• CCNA R&S Article #5 - Understanding Internet Protocol
• CCNA R&S Article #4 - An Intro to Cisco DNA Center
• CCNA R&S Article #3 – TCP/IP Networking Model
• CCNA R&S Article #2 – Networking Model
• CCNA R&S Article #1 – Broadcast vs Collision Domain