MN700004 Rev 01
194
17. Virtual LANs (VLANs)
Introduction
A VLAN is a logical collection of endpoint devices, typically referred to as either clients or
servers that can be located anywhere in a network, but communicate as if they were on the
same physical segment. Segments are flexible user groups that you create with the command-
line interface.
Benefits of using VLANs
Using VLANs on your networks provides the following advantages over traditional networks:
flexibility
,
security
and
better control
of broadcast traffic.
•
Flexibility – In traditional networks, when users are moved physically to
different subnets, administrators need to spend much time in updating the IP
address of each end-station. This is not required in VLANs.
•
Security - devices within a VLAN can communicate directly only with
devices in the same VLAN. Communication between devices in different
VLANs must pass through a routing device or Layer 3 switch.
•
Better control of broadcast traffic - Traditional networks may become
congested by broadcast traffic that is directed to all network devices, whether
or not they require it. With VLANs, you can increase the efficiency of your
network by configuring each VLAN to contain only devices that must
communicate with each other.
VLAN Types
VLANs can be configured according to the following criteria:
•
Physical port
•
802.1Q tag
•
MAC address
•
A combination of the above criteria
Port-Based VLANs
A port-based VLAN is a group of switch ports designated by the switch as belonging to the
same broadcast domain. In a port-based VLAN, a VLAN name is given to a group of one or
more ports on the switch. While in older switches, a port can be a member of only one port-