1. Overview
A Virtual Local Area Network (VLAN) is a concept in which we divide a Local Area Network logically into multiple smaller networks. In this tutorial, we’ll explore and discuss various aspects of VLAN.
2. What Is a VLAN?
In a typical LAN, workstations are connected through a hub or a repeater. These devices propagate incoming data throughout a network. However, if two people send data at the same time, then a collision occurs and all the transmitted data is lost. Moreover, to prevent the collision from further travel to all workstations, a bridge or switch is used.
The workstations, hubs, and repeaters together form a LAN segment. A LAN segment is also known as a collision domain since collisions remain within the segment. The area within which broadcasts and multicasts are confined is called a broadcast domain or LAN. Thus, a LAN can consist of one or more LAN segments.
Defining broadcast and collision domains in a LAN depends on how the workstations, hubs, switches, and routers are physically connected together. This means that everyone on a LAN must be located in the same area.
VLAN’s allow a network manager to logically segment a LAN into different broadcast domains (as shown in the figure below). Since this is a logical segmentation and not a physical one, workstations do not have to be physically located together. Users on different floors of the same building, or even in different buildings, can now belong to the same LAN.
3. Why Do We Need VLAN?
In the earlier days of networking, a Local Area Network (LAN) consisted of a network of devices connected within an area. However, today a LAN is defined as a single broadcast domain. In other words, if a user broadcasts a message in his/her LAN, it’ll be received by every other user on the LAN.
These broadcasts stay within a LAN with the use of a router so that they do not travel beyond the LAN. However, the downside of using such a router is that it takes more time to process the incoming data than a simple bridge or switch. Virtual Local Area Network provides an alternate solution to segregate the broadcasts and to contain them within a LAN.
4. How Does VLAN Work?
A VLAN works based on a feature known as tagging. There are two types of tagging – explicit and implicit. In explicit tagging, once a LAN bridge receives data from a VLAN, it tags it with an associated VLAN identifier. In the case of an implicit tagging, there is no explicit tagging of the VLAN identifier. Instead, some additional reference data determines the VLAN information.
A bridge generally maintains an internal reference database with certain fields and looks to it to retrieve the VLAN information. For example, a bridge can store information of the source network address and implicitly determine the VLAN information for a received broadcast.
5. Why Use VLAN?
A VLAN offers several benefits over a typical LAN.
5.1. Performance
VLAN provides better performance than a LAN set up. In a LAN set up, any broadcast reaches all of the workstations. Thus, there is additional traffic for these extra destinations.
Moreover, compared to switches, a router takes more time in processing. Therefore, it adds latency in the broadcast delivery. A VLAN addresses both the issues as it only broadcasts the data to the workstations within the VLAN. Furthermore, it uses switches and bridges, which require less processing time than a router.
5.2. Virtual Workgroup
A VLAN lets a network admin segregate the network traffic so that broadcasts intended for a specific set of workstations remain within that set. For example, data belonging to the research department remains within that department.
5.3. Reduced Cost and Administration Effort
In the VLAN setup, the network administrators do not require costly routers. Thus, it reduces the overall network configuration cost. Furthermore, VLANs also reduce the manual effort to configure a new user in the network. For example, if we add or move a user in a VLAN, costs such as cabling, station addressing, and router configuration can be simplified.
5.4. Security
VLAN provides extra security in comparison to a LAN. This is because the broadcast stays within the virtual network. Thus, it provides better privacy of the data belonging to a department that is part of a VLAN. For example, the analytics department data is not visible to the research department and vice-versa.
6. Conclusion
In this article, we learned about the Virtual Local Area Network (VLAN). We explained what is a VLAN, how it works, and the benefits it provides over a traditional local area network (LAN).