How And When To Use Virtual LANs (VLANs)
From your Network+ exam studies, you know that switches forward broadcasts, and
that sounds great, but that's not always a good thing. A switch can have
anywhere from 12 ports to 80 or more, and by default all hosts connected to that
switch are going to be in the same broadcast domain. Let's say we have an 80-
port switch. If one host connected to that switch sends a broadcast, by default,
all of the other 79 hosts are going to receive the broadcast. That will
unnecessarily take up our network's available bandwidth.
It gets worse. For some network services and protocols, a broadcast received by
a host results in that receiving host transmitting a broadcast of its own. Then
when all the hosts receive that broadcast, they all end up transmitting even
more broadcasts. Pretty soon, all these broadcasts have snowballed into a
broadcast storm, which can take up most of a network's bandwidth and make normal
network operations almost impossible.
Most likely, only a few hosts on each switch really need to communicate with
each other. Let's take a eight-port switch for example, where three of the hosts
are in the Security department, another three in the Accounting department, and
the other two in the Publishing department.
If any of these PCs sends a broadcast, every other host attached to that switch
is going to receive it, and may well generate a broadcast of its own in
response. That's what we want to guard against, and we can do so through the
creation of Virtual LANs, or VLANs.
Physically, these hosts all reside on the same Local Area Network, but we can
configure the switch to place them in different logical (virtual) LANs. When a
switch is configured with VLANs, the switch will forward a broadcast only to those
hosts in the same VLAN as the host that originated it. By creating three VLANs on
this switch, we now have three smaller broadcast domains, which helps to limit the
scope of a broadcast.
After placing the Security hosts in their own VLAN, and then doing the same for
the Accounting and Publishing hosts, broadcasts are now limited to being
forwarded throughout their own VLAN. If a host in the Security department sends
a broadcast, only other hosts in that same VLAN will receive it.
Now, here's another one of those good news / bad news scenarios we've discussed.
(Better get used to those - in networking, almost everything we do has a good
side and a bad side!)
Good news: Broadcasts will not be forwarded (propagated), between VLANs. A
broadcast sent by one host in a VLAN will be forwarded only to other hosts in
that same VLAN.
Bad news: No other traffic is going to be able to go from one VLAN to another,
either. By default, there will be no inter-VLAN traffic on the switch. For
traffic to go between VLANs, a Layer Three device must be involved, and that L3
device will most likely be a router.
Notice I said "most likely".
Most books for exams such as Network+ and CCNA say that a switch is a Layer Two
device, and a router is a Layer Three device, and that's it. In today's
networking, though, that's not the case, and I don't want you to be confused
when you hear the term "layer three switch" in the real world. (Or worse, I
don't want you to be confused in a job interview if someone mentions this term.)
There are switches available today that are also capable of routing, and these
L3 switches are becoming more and more popular as the price goes down. Having an
L3 switch eliminates the need for routers in some small networks, so you need to
know about them. For your Network+ and CCNA exams, if the term mentioned is
simply "switch", they're talking about a classic "layer 2 switch" that doesn't
Chris Bryant, CCIE #12933, is the owner of The Bryant Advantage, home of over
100 free CCNA and
CCNP tutorials, The
Ultimate CCNA Study Package, Ultimate Network+ Study Package, and Ultimate CCNP Study Packages.
More Networking Basics:
• Bluetooth Basics - Bluetooth Technology Tutorial
• Web Server
• What is DSL and how can it benefit my home or small business?
• Fiber Optic Cabling For Beginners
• Cable Broadband Internet Service
• Network+ Certification Exam Tutorial - DHCP And RARP
• The Network Technician Career Field
• What is a Proxy Server?
• What Routers Do
• Create a Peer-to-peer Network