SNS COLLEGE OF TECHNOLOGY, COIMBATORE –35

(An Autonomous Institution)

DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
Virtual LANs

A virtual LAN (VLAN) is a logical overlay network that groups together a subset of devices that
share a physical LAN, isolating the traffic for each group. A LAN is a group of computers or other
devices in the same place -- e.g., the same building or campus -- that share the same physical network.
How VLAN works
Here is step by step details of how VLAN works:
 VLANs in networking are identified by a number.
 A Valid range is 1-4094. On a VLAN switch, you assign ports with the proper VLAN number.
 The switch then allows data which needs to be sent between various ports having the same
VLAN.
 Since almost all networks are larger than a single switch, there should be a way to send traffic
between two switches.
 One simple and easy way to do this is to assign a port on each network switch with a VLAN and
run a cable between them.
VLAN Ranges
Here are the important ranges of VLAN:
Range Description
VLAN 0-4095 Reserved VLAN, which cannot be seen or used.
This is a default VLAN of switches. You cannot delete or edit this VLAN, but it can
VLAN 1:
be used.
VLAN 2-1001: It is a normal VLAN range. You can create, edit, and delete it.
VLAN 1002- These ranges are CISCO defaults for token rings and FDDI. You cannot delete this
1005: VLAN.
VLAN 1006-
It is an extended range of VLANs.
4094:
Example of VLAN
In the below example, there are 6 hosts on 6 switches having different VLANs. You need 6 ports to
connect switches together. It means, if you have 24 various VLANs, you will have only 24 hosts on 45
port switches.

Example of VLAN
VLAN ranges –
 VLAN 0, 4095: These are reserved VLAN which cannot be seen or used.
 VLAN 1: It is the default VLAN of switches. By default, all switch ports are in VLAN. This
VLAN can’t be deleted or edit but can be used.
 VLAN 2-1001: This is a normal VLAN range. We can create, edit and delete these VLAN.
 VLAN 1002-1005: These are CISCO defaults for fddi and token rings. These VLAN can’t be
deleted.
 Vlan 1006-4094: This is the extended range of Vlan.
 SNS COLLEGE OF TECHNOLOGY, COIMBATORE –35
(An Autonomous Institution)
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
Types of connections in VLAN –
There are three ways to connect devices on a VLAN, the type of connections are based on the
connected devices i.e. whether they are VLAN-aware(A device that understands VLAN formats and
VLAN membership) or VLAN-unaware(A device that doesn’t understand VLAN format and VLAN
membership).
1. Trunk Link –
All connected devices to a trunk link must be VLAN-aware. All frames on this should have a
special header attached to it called tagged frames.
2. Access link –
It connects VLAN-unaware devices to a VLAN-aware bridge. All frames on the access link
must be untagged.
3. Hybrid link –
It is a combination of the Trunk link and Access link. Here both VLAN-unaware and VLAN-
aware devices are attached and it can have both tagged and untagged frames.
Advantages –
 Performance –
The network traffic is full of broadcast and multicast. VLAN reduces the need to send such
traffic to unnecessary destinations. e.g.-If the traffic is intended for 2 users but as 10 devices are
present in the same broadcast domain, therefore, all will receive the traffic i.e. wastage of
bandwidth but if we make VLANs, then the broadcast or multicast packet will go to the
intended users only.
 Formation of virtual groups –
As there are different departments in every organization namely sales, finance etc., VLANs can
be very useful in order to group the devices logically according to their departments.
 Security –
In the same network, sensitive data can be broadcast which can be accessed by the outsider but
by creating VLAN, we can control broadcast domains, set up firewalls, restrict access. Also,
VLANs can be used to inform the network manager of an intrusion. Hence, VLANs greatly
enhance network security.
 Flexibility –
VLAN provide flexibility to add, remove the number of host we want.
 Cost reduction –
VLANs can be used to create broadcast domains which eliminate the need for expensive
routers.
By using Vlan, the number of small size broadcast domain can be increased which are easy to
handle as compared to a bigger broadcast domain.
Point of difference VLAN
VLAN is a logical network which primarily restricts broadcasts to only those
hosts who belong to that VLAN.
Scope VLAN enables creation of separate logical physical networks.
Network-member
Configuration is at Server/router side.
control
OSI layer Is layer 2 and MAC addresses work here
Security Known to provide more security and better control for the network.
Flexibility Is extremely flexible and enhances performance and efficiency
Terminology used More software related terminology is used.
 SNS COLLEGE OF TECHNOLOGY, COIMBATORE –35
(An Autonomous Institution)
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING

Development of VLAN
As mentioned above, LAN is also referred to as a broadcast domain. This simply means in a situation
when a user uses his/her LAN to broadcast any information, it will be sent to every user on LAN. To
prevent broadcasts from leaving a LAN, routers are used.
This method has a limitation. The time taken by routers for processing incoming data is much higher
compared to that taken by a bridge or a switch. This led to the development of a Virtual Local Area
Network as a means of restricting a broadcast from leaving a LAN.

Difference between LAN and VLAN

Here is an important difference between LAN and VLAN:
LAN VLAN
LAN can be defined as a group of computer and A VLAN can be defined as a custom network
peripheral devices which are connected in a limited which is created from one or more local area
area. networks.
The full form of VLAN is Virtual Local Area
The full form of LAN is Local Area Network
Network.
The latency of LAN is high. The latency of VLAN is less.
The cost of LAN is high. The cost of a VLAN is less.
In LAN, the network packet is advertised to each In VLAN, the network packet is sent to only a
 SNS COLLEGE OF TECHNOLOGY, COIMBATORE –35
(An Autonomous Institution)
DEPARTMENT OF COMPUTER SCIENCE AND ENGINEERING
and every device. specific broadcast domain.
It uses a ring, and FDDI (Fiber Distributed Data
It uses ISP and VTP as a protocol.
Interface) is a protocol.
ypes of VLANs
Here are the important types of VLANs

Characteristics of VLAN
Here are the important characteristics of VLAN:
 Virtual LANs offer structure for making groups of devices, even if their networks are different.
 It increases the broadcast domains possible in a LAN.
 Implementing VLANs reduces the security risks as the number of hosts which are connected to
the broadcast domain decreases.
 This is performed by configuring a separate virtual LAN for only the hosts having sensitive
information.
 It has a flexible networking model that groups users depending on their departments instead of
network location.
 Changing hosts/users on a VLAN is relatively easy. It just needs a new port-level configuration.
 It can reduce congestion by sharing traffic as individual VLAN works as a separate LAN.
 A workstation can be used with full bandwidth at each port.
 Terminal reallocations become easy.