< Home

Overview of VLANs

The virtual local area network (VLAN) technology adds a VLAN tag to the traditional Ethernet frame header to identify the VLAN in a data packet.

Definition

A LAN is divided into several logical "LANs" (VLANs), with each VLAN functioning as a broadcast domain.

Objective

The following problems occur in a traditional LAN:

  • Conflicts occur if more than one node attempts to send messages at the same time.

  • The information from any node is sent to all other nodes. A method is required to send a message that is destined for a node or multiple nodes, instead of all nodes.

  • Information security is reduced because all hosts share the same transmission channel.

With the growth of computers on a network, the collisions increase, and network efficiency deteriorates. As a result, collision areas form in the network. The Ethernet network uses the Carrier Sense Multiple Access/Collision Detect (CSMA/CD) to detect collisions, which cannot completely remove the collision impact.

The Ethernet network is also a broadcast network. If a large number of computers send information at the same time, broadcast traffic consumes a great deal of bandwidth.

Therefore, two problems occur in the traditional network: collision area and broadcast area. In addition, the traditional network cannot ensure information security.

To expand a traditional LAN to accommodate more computers and to prevent collisions, the following methods are introduced:
  • Bridge
  • Layer-2 switch

Bridges and switches forward information from an inbound interface to an outbound interface in switching mode. Collisions occurs only on ports and do not affect the shared media.

The switch in this chapter refers to the Layer-2 LAN switch.

The introduction of switches into the networking solves the problem of the collision area using the Layer-2 rapid switching. This, however, does not ensure information security caused by the broadcast domain problem.

To reduce broadcast storms, the hosts that do not need to access each other must be isolated from each other. Routers select a route based on IP addresses. Therefore, using a router to connect two network segments can effectively control the broadcast problems. Routers, however, are costly. In this case, the VLAN is introduced.

The VLAN technology divides a LAN into logical "LANs" (VLANs), with each VLAN functioning as a broadcast area. Hosts in each VLAN communicate with each other in the same way as hosts in a LAN. VLANs cannot interact with each other directly. Therefore, broadcast packets are transmitted within a single VLAN.

VLANs can improve data security. For example, different enterprise clients rent a building and require developing their own LANs. The total cost of LANs is high. If all clients share a LAN, information security cannot be guaranteed.

VLANs allow different clients to share a LAN and improves information security.

Figure 1 VLAN networking

As shown in Figure 1, the network is a typical VLAN application. Three switches are placed at sites. This is more or less the same as different floors in a building. Each switch is connected to three PCs. These PCs belong to three VLANs, which are enclosed by dashed blocks. Each VLAN corresponds to an enterprise client.

Parent Topic: VLAN
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >