CS Notes

Recent writing

See 642 more →

VLAN

231 words, 2 min read
Last updated on
🌟 Edit This Page!   🗓️ History

Xinyang YU

Abstract

  • On a switch, we can group ports into VLANs (e.g., Group 10 = VLAN 10, Group 20 = VLAN 20). Each VLAN acts like a separate network. Devices in one VLAN can’t only talk to each other unless a router or L3 switch connects them. VLANs reduce broadcast traffic, improve security, and make networks more flexible to design

Optimising network performance

By logically grouping a set of physical network ports, we reduce broadcast traffic. Thus, optimising network performance.

Flexible to make changes

We can pick any of the physical ports and group them into one network. This allows us to design network without worrying about the physical layout of switches and network ports.

Access Port

  • Belongs to one VLAN (known as native VLAN) that handles untagged traffic

Trunk Port

  • Carries tagged traffic for multiple VLANs, enabling VLAN communication

Inter-VLAN Routing

  • VLANs are isolated at layer 2, things like ARP doesn’t leave the VLAN
  • To communicate across VLANs, traffic must go through a router or Layer 3 switch
  • Router/L3 switch has one subinterface (gateway) per VLAN

Great security!

By default, network devices in one VLAN can’t access network devices in a different VLAN.

DHCP and VLANs

One DHCP server can serve multiple VLANs. Router/L3 switch acts as a DHCP relay, forwarding requests with VLAN info.

DHCP server has separate pools/scopes for each VLAN (e.g., 192.168.10.x for VLAN 10, 192.168.20.x for VLAN 20).

Mentioned by

Graph View