VLAN

Updated: 12/31/2020 by Computer Hope
virtual local area network

Short for virtual local area network, VLAN allows a network administrator to set up separate networks by configuring a network device, such as a router, without adjusting cabling. A VLAN allows a network to be divided, set up, and changed by a network administrator to organize and filter data accordingly.

VLANs are also critical because they improve network efficiency by grouping devices that communicate most frequently. VLANs offer protection in bigger networks by enabling greater control over the equipment. VLANs for enhanced traffic control are mostly set up by bigger organizations for repartition devices.

VLAN history

VLANs were explained for the first time in 2003 in IEEE (Institute of Electrical and Electronics Engineers) 802.1Q's first edition as Ethernet VLANs.

Working with a VLAN

Allocation

VLANs can be allocated using single or multiple ports (interfaces) and are grouped into logical classes depending on the connection or control type and their interaction with themselves. The same VLAN ID is used to manage ports connected to switches for all hosts using the data link provided by VLAN. In the Ethernet header, the VLAN tags are a 12-bit field. IEEE standardizes VLAN as 802.1Q. It is also called Dot1Q.

Sending information to target

When a connected host obtains an unsecured frame utilizing the 802.1Q format attached to the data link frame header, the VLAN ID tag is installed on an interfacing port. The frame 802.1Q is then sent to the destination. A VLAN is configured such that it has to hold traffic separate from other VLANs; each switch uses the name and only transmits this. Trunk connections among switches operate numerous VLANs, which are divided utilizing the tag or name. When the frame hits the target switch, the VLAN tag is stripped off before the frame is sent to the target computer.

Configuring VLAN

The trunk configuration of each VLAN frame sent via the port (mentioned above) can configure VLANs on a single port. To send and accept tagged frames, you need a neighboring system interface on another host, system, or switch that accepts 802.1Q tagging. Any unscheduled Ethernet frame is allocated to a default VLAN in the switch's setup.

Reception of Unknown Messages

When an untagged Ethernet frame from a connection host arrives at the VLAN switch, the VLAN tag allocated to the input interface is applied. The frame is attached to the MAC address and sent to the host port. Broadcast unknown unicast and multicast is sent to all VLAN ports. The switches learn the host location if an unknown host addresses an anonymous unicast system. Then, they do not send frames to that host.

Updating Tables

The following two systems hold the transmitting tables up-to-date.

  • After a configurable timeout, old transmission entries are deleted from the transmission tables regularly.
  • Any change in topology decreases the refresh timer of the forwarding table, which causes the refreshment.

STP

It is used to establish loop-free topology in each domain of layer 2 among the switches. Per-VLAN STP (Spanning Tree Protocol) may be utilized to minimize the total STP if the topology is similar between various layer 2 topologies or MISTP (multi-instance STP). STP blocks connections that could trigger propagation loops and create a spanning tree from the selected switch to root. This block does not allow STP to be part of an active forwarding route until a breakdown in another part of the network occurs.

Types of VLAN

There are three basic types of VLAN:

Protocol-based VLAN

A VLAN based on protocol processes protocol traffic. The protocol-based VLAN can specify untagged packet filtering parameters. The untagged packets are assigned to VLAN 1 by smart switches if the port setup is not altered or configured as a protocol-based VLAN. By specifying port-based VLANs, protocol-based VLANs, or both, you can override this default behavior. In compliance with the 802.1q standard, the smart switch only processes tagged packets and does not forward them into protocol-based VLANs.

Static VLAN

A static VLAN is a collection of ports defined as part of the same broadcast domain by a switch. In other words, all ports with traffic for a given subnet address belong to the same VLAN. With a VLAN it's possible to group users by a logical method rather than by location, which helps handle bandwidth consumption and arranging users on their needs.

Dynamic VLAN

A switch assigns a VLAN to a port using data from a user system or devices such as IP (Internet Protocol) address and MAC address automatically in a dynamic VLAN. When a computer is connected to a switch socket, the switch requests for establishing VLAN membership to the database. Dynamic VLANs provide immediate activation of the end devices. The dynamic VLANs can configure VLAN membership dynamically if the system is transferred from one port to another port on another switch.

VLAN advantages

The following are some advantages of a VLAN.

  • Because workstations can only be transferred to another VLAN through a change in switch setup, it is effortless to position these workstations.
  • Users can exchange files and services quickly if they have a single VLAN for all people working together on a given project.
  • If a user switches their desks after connecting to the network, their computer is still in the same VLAN, provided the VLANs are mounted correctly.
  • If the network administrator wants to block connections to servers or other computers, they may be put off in their VLAN. Users can then be provided control selectively in other VLANs.

Computer acronyms, LAN, Network terms, Router, Subnet Mask, Virtual