What is Virtual LAN (VLAN)?

VLAN stands for Virtual Local Area Network.  It is a logically isolated local area network that shares the same network devices with other networks. This enables computers on the same physical network to function as a separate physical network. This article helps us understand better VLAN and its advantages, setting up VLAN and inter VLAN routing.

VLAN and OSI model:

As per the OSI model, VLAN works at the data link layer and the VLAN tagging is at the frame level.

What is Virtual LAN (VLAN):

With the coming up of VLAN, multiple networks can now connect over the same set of hardware such as a switch, hub, etc. which was not possible earlier. For instance, a six-port switch in an office can accommodate a maximum of 6 LAN computers. Now, what if the admin wants to set up two different LANs with three computers each?

Switch with no VLAN

The admin would have to purchase another switch to set up two different LANs. But with the coming up of VLAN, this process has been streamlined since now each port can be given a separate LAN ID known as a VLAN ID.

In the given case port 1 to 3 can be given a VLAN ID 1 and the rest of the ports i.e. port 4 to 6 can be given VLAN ID 2.

Switch With VLAN

Advantages of VLAN:

A question that arises now is: Is VLAN always good? Looking at what we have learned by far the answer would be yes, but there are times when it is better to buy hardware rather than go for VLAN enabled.  To understand why is this being said let us look at an example: If a LAN computer is connected with HUB and it does not support VLAN, to make it compatible purchasing a VLAN router is an expensive option in comparison to buying a hub. Using a VLAN is feasible only in case the LAN is already using a switch.

Despite some limitations, VLAN has many advantages. Some of the advantages are listed below:

  • Improved Network Performance by Reducing Broadcast- Since the ports in a switch of one VLAN cannot communicate with machines on other VLAN ports, it reduces the broadcast requests. This enhances the switch performance, which in turn increases the performance of the network.
  • Security- As we know that VLAN is the separation of networks over the same hardware, so different departments in an organization can work on separate VLANs. For example, the HR department of an organization has nothing to do with the Finance department; therefore their work should be separated. To do this both the departments could be given access to different VLANs so that employees of one department can’t access the other department’s machines.
  • Cost Reduction-VLAN reduces the cost of additional hardware such as a router. For example, if there are two teams of the same department situated at a distance, they can connect via VLAN through two switches using a trunk port on the switches. Otherwise, the switch will connect to the router, which incurs additional costs. The trunk port carries the traffic for all VLANs. Two trunk ports connect as a point-to-point network topology.
  • Easy Management- As we have read in this article earlier, VLAN permits easy change of machines from one department to another. Only changing the VLAN tag can do this, otherwise, it would be a lengthy process of changing the configuration.

Inter VLAN Routing

 We know that one VLAN machine cannot access another VLAN machine. What if people from two departments i.e. HR and Finance are working together on a project and an employee from HR needs to access data from the Finance department machine?

Configuring a router along with a switch or using a layer three-managed switch can do this.  In this process the request will first go to the router, then the router sends the request to the destination machine on another VLAN.