Chapter 7
VLAN
The traditional Ethernet is a data network communication technology basing on CSMA/CD
(Carrier Sense Multiple Access/Collision Detect) via shared communication medium. Through
the traditional Ethernet, the overfull hosts in LAN will result in serious collision, flooding
broadcasts, poor performance or even breakdown of the Internet. Though connecting the
LANs through switches can avoid the serious collision, the flooding broadcasts cannot be
prevented, which will occupy plenty of bandwidth resources, causing potential serious security
problems.
A Virtual Local Area Network (VLAN) is a network topology configured according to a logical
scheme rather than the physical layout. The VLAN technology is developed for switches to
control broadcast in LANs. By creating VLANs in a physical LAN, you can divide the LAN into
multiple logical LANs, each of which has a broadcast domain of its own. Hosts in the same
VLAN communicate with one another as if they are in a LAN. However, hosts in different VLANs
cannot communicate with one another directly. Therefore, broadcast packets are limited in a
VLAN. Hosts in the same VLAN communicate with one another via Ethernet whereas hosts in
different VLANs communicate with one another through the Internet devices such as Router,
the Layer3 switch, etc. The following figure illustrates a VLAN implementation.
Figure 7-1
VLAN implementation
Compared with the traditional Ethernet, VLAN enjoys the following advantages.
1.
Broadcasts are confined to VLANs. This decreases bandwidth utilization and improves
network performance.
2.
Network security is improved. VLANs cannot communicate with one another directly.
That is, a host in a VLAN cannot access resources in another VLAN directly, unless
routers or Layer 3 switches are used.
3.
Network configuration workload for the host is reduced. VLAN can be used to group
specific hosts. When the physical position of a host changes within the range of the
VLAN, you need not to change its network configuration.
79