VLAN (Virtual Local Area Network)
In switch devices, virtual local networks are used to reduce broadcast areas and divide them into different networks. This network model is a logical configuration created by the network administrator on the switch device. Switch interfaces are used within the network by being included in the created virtual networks.
Although switch devices physically operate as if they will serve a single network on all devices connected to them, they are logically divided into different networks to provide service to more than one network. These created logical networks are called VLANs. Switch devices are configured with a VLAN by default, and if no other VLANs are configured, all switch ports will operate with the default VLAN 1. With the newly created VLANs, the broadcast traffic of the separated networks will be limited to their own VLAN network only. Other VLANs on the switch device will not be affected by this traffic.
Figure 1: Single broadcast area with VLAN 1
VLAN Advantages
Advantages are given under headings below.
- Security: Since networks are logically divided, devices in VLANs are separated from networks in other VLANs. This allows devices to remain in independent areas and increases security.
- Performance: Since separate traffic occurs between VLANs, network traffic of one VLAN does not affect the other and network communication performance increases in each VLAN.
- Broadcast Area: Since each VLAN has a separate logical network, a separate broadcast area is formed. Broadcast packets formed in VLANs are not transferred to other VLANs.
- Cost: By creating separate VLANs in the switching device, new switch requirements are eliminated. Thus, costs are reduced and savings are made.
VLAN Types
VLANs can be defined according to the type of traffic they carry or their functions.
- Data VLAN: VLANs created for users. Used to carry user data traffic.
- Default VLAN: The default VLAN is like the starting setup of your switch. When you first power it on, all the ports are automatically part of this VLAN. It’s the baseline network where everything begins until you customize the configuration to fit your needs.
- Native VLAN: Different VLAN traffic is exited from the switch with the 802.1q protocol. The default VLAN 1 is initially accepted as native, but VLAN 1 exits untagged and uses the Ethernet II protocol instead of the 802.1q protocol. It is recommended to replace the native VLAN with another VLAN on the switches to prevent untagged data traffic.
- Management VLAN: IP addresses can be assigned to VLANs. The purpose of obtaining an IP address is to be managed remotely with applications such as telnet and ssh. VLANs that allow the device to be managed remotely are management VLANs. The virtual interface of the VLANs that will receive an IP address is defined as SVI.
- Voice VLANs: Think of these as dedicated lanes for voice traffic on a network. They ensure clear and prioritized communication by keeping voice data separate from other types of traffic.
- Reserved VLANs: These are special-purpose VLANs built into the switch right from the start. They’re reserved for specific network protocols and, like the default VLAN 1, you can’t delete or modify them. They’re there to keep essential network functions running smoothly.
