You are here: Home » Switching

Introduction to VLANs

In this lesson we will take a look at VLANs (Virtual LANs) and I will explain what they are and why we need them.

First of all let me show you a picture of a network:

Look at this picture for a minute, we have many departments and every department has its own switch. Users are grouped physically together and are connected to their switch. what do you think of it? Does this look like a good network design? If you are unsure let me ask you some questions to think about:

What happens when a computer connected to the Research switch sends a broadcast like an ARP request?
What happens when the Helpdesk switch fails?
Will our users at the Human Resource switch have fast network connectivity?
How can we implement security in this network?

Now tell me explain you why this is a bad network design. If any of our computers sends a broadcast what will our switches do? They flood it! This means that a single broadcast frame will be flooded on this entire network. This also happens when a switch hasn’t learned about a certain MAC address, the frame will be flooded.

If our helpdesk switch would fail this means that users from Human Resource are “isolated” from the rest and unable to access other departments or the internet, this applies to other switches as well. Everyone has to go through the Helpdesk switch in order to reach the Internet which means we are sharing bandwidth, probably not a very good idea performance-wise.

Last but not least, what about security? We could implement port-security and filter on MAC addresses but that’s not a very secure method since MAC addresses are very easy to spoof. VLANs are one way to solve our problems.

One more question I’d like to ask you to refresh your knowledge:

How many broadcast domains do we have here?

What about broadcast domains? We didn’t talk about this before but I think you can answer it. If a computer from the sales switch would send a broadcast frame we know that all other switches will forward it. Did you spot the router on top of the picture? What about it…do you think a router will forward a broadcast frame?

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
Full Access to our 642 Lessons. More Lessons Added Every Week!
Content created by Rene Molenaar (CCIE #41726)

Give Membership a try - it's just $1 ►

470 Sign Ups in the last 30 days

100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Previous Lesson
Troubleshooting Interfaces

Next Lesson
How to configure VLANs

Tags: VLAN

Forum Replies

hussien.samer says:

Hi Rene,

I learned from http://www.netcontractor.pl/blog/?p=184 that control traffic from Layer 2 protocols like ( DTP, VTP , CDP , PAgP , STP, etc ) use VLAN 1.

And I make sure of that by doing this experience :

- I made a simple topology of connection two switches and making connectivity as trunk.
- I made one switch VTP server and another as VTP client.
- I also setup RSPAN to monitor the packets.
- Results, I saw VTP, CDP traffic marked with VLAN ID 1.
- Then, I made another vlan and disallowed Vlan 1 in the trunk.
- Results still the same.
- I thought it
... Continue reading in our forum
ReneMolenaar says:

Hi Daniel,

There’s a “technical” and “practical” aspect to this question

Let’s start with the technical part…a lot of networking people will tell you that you shouldn’t have > 200 hosts in a subnet since there will be too much broadcast traffic and it will slow down your network. This might be true 10 years ago but nowadays, your computers won’t be bothered much with broadcast traffic and it shouldn’t be an issue for your switches. You could probably put ~1000 hosts in a single subnet and not notice any performance issues.

The more important issue (the practic
... Continue reading in our forum
wilder7bc says:

Hi I think I may have gotten a bad prep exam question as I cannot get it to work in labs and it does not make sense fully to me from how I learned VLANS. I will upload the practice test question from Boson and would like input please.

//cdn-forum.networklessons.com/uploads/default/original/1X/05b2d7038e648c45e08123c84caf728638301b4b.JPG

above is what they say is the answer and the topology its very brief. and below is their explanation.

//cdn-forum.networklessons.com/uploads/default/original/1X/6cb467368403ad27ae72143183da8d340c120a6b.JPG

Now I tried this i
... Continue reading in our forum
lagapides says:

Hello Justin

Let’s say a switch has 24 access ports where ports 1-12 are on VLAN 10 and ports 13-24 are on VLAN 20. Let’s say a broadcast frame is sent on port 1. The switch will receive that frame and send it out of ports 2 to 12. Why? Because it knows that it entered port 1, therefore it is on VLAN 10, therefore it will send it out of all ports that have been configured on VLAN 10. It doesn’t even look at the details of the frame itself, because there is no data in the frame that gives the switch VLAN information. The information comes only from the fac
... Continue reading in our forum
wellerk.scott says:

Laz,

All of your posts are extremely well written. Thank you for explaining things much simpler than I can Thanks,
Scott

46 more replies! Ask a question or join the discussion by visiting our Community Forum