In this quick nugget, Jacob Hess, Founder & CEO of NexGenT discusses what a VLAN (Virtual Local Area Network) is and their purpose in modern networks.
What is a VLAN?
A Virtual Local Area Network or VLAN for short provides us with logical separation or segmentation of our networks. We can take a single switch and chop it up into multiple logical networks where there’s different traffic. The traffic is actually separate in each one of those networks. Let’s define that a bit further. We can have multiple networks or VLANs, all on the same networking hardware or networking switch.
History of Local Area Networks (LANs)
VLANS have been around for a long time since the 90s. So, they’ve been used for a long time, we use them all the time, they’re huge, and an important topic in networking.
But before we can understand VLANs, we need to understand pre VLANs. Before we had VLANs, we would create separate networks like LAN 1 and LAN 2. The point here is we have to physically separate switches. So, the host connected to LAN 1 cannot communicate to the hosts over LAN 2. Now, I think we can all agree on that, right? Because there’s no connection between these two switches. They’re physically separated on their own different networks. We’ll take for example, if we have a finance department, and we’ll say LAN 1 is our finance department, we’ll say LAN 2 is our guest network for any guests coming in. So, it’s obvious that we would never want our guest network traffic or host on the guest network to be able to reach the host and our finance department, right. That wouldn’t be good for any company. In that case we would need to separate those networks. Before VLANs we had to do that physically. The host needed to be physically connected to separate networking hardware, in this case with switches. In order to separate the traffic from LAN 1 to LAN 2, we would have to have them connected to separate switches.
Importance of VLANs
Using our previous example where we have two completely separate networks, we could actually have VLANs on the same hardware, but still be separated. We could have our single switch here and implement VLANs. Then we could have our two separate LANs or two separate networks, attached to the same physical device, the same networking hardware, but we can still keep their traffic completely separate, and implement our own security controls on those networks individually and separately. Now you can see the importance of VLANs. Traffic is completely separate from VLAN 1 and VLAN 2, but it is done logically inside the switch, rather than physically.
Providing logical segmentation of networks with VLANs
Now, the last point I want to make is that our VLANs provide logical segmentation of networks. Okay, so how can this apply to more of a real-world scenario? We can understand more of this concept and understand how VLANs give us freedom and allow us to be unlimited in our physical locations of hosts. Well, let’s look at a situation where we have a building and let’s say that you’re a network engineer and you manage the networks of this building and you installed switches on every floor. Pre VLAN era, if we wanted to have four different networks, we would have to have the hosts for each individual network all connected to the same switch. For example, it would look something like this:
We have four different networks: black, blue, green, and yellow. We will have our black network connected to the top switch, our blue network hosts to the second switch, and so forth. The point is for the host to be in the same network. Now jumping to VLAN, it doesn’t matter where the hosts are, we can put them in any VLAN we want to no matter their location. In a normal network, all of the switches in the building would all be interconnected, they would all share the same VLAN database, they would all know about all the VLANs in the network, and you’ll be able to just go into any switch and assign any host to any VLAN. So that gives you a vast amount of flexibility and this is the purpose of virtualization. We logically separate our networks using VLANs.
A Virtual Local Area Network allows us to logically separate or segment our network. With VLANs we are able to have multiple networks or VLANs all on the same networking hardware or networking switch. On VLANs the traffic is completely separate from VLAN 1 and VLAN 2, and it is all done logically inside the switch, rather than physically.
Learn more about Information Technology, get hands-on experience, and gain real world skills training all through the Zero To Engineer program. Visit our website more information about our affordable online programs for Network Engineering or Cybersecurity.