5.1 VLANS
Basics
VLANs, or Virtual Local Area Networks, allow you to divide the ports on a single physical switch into different groups that are isolated from the other ports on the switch. The result is that you can divide your switch into multiple virtual switches, and each VLAN performs the same actions that the full switch does. Devices on one VLAN can be prevented from communicating with devices on another VLAN.
Terms to Know
You should know the following terms:
- Virtual Local Area Network (VLAN)
- untagged (or access) VLAN
- tagged (or trunk) VLAN
Information
Each virtual switch will maintain its own MAC address table for the ports it has been assigned, and performs the switching operations of learning MAC addresses and updating the table, flooding the ports it controls when it does not know a MAC address, and ultimately forwarding data packets to the intended host recipient when it does know the MAC address.
Advantages of using VLANS include:
- Minimizing the traffic across the network, such as limiting broadcast messages to a single VLAN rather than the entire network
- Segmenting by the type of traffic or by limiting access on certain VLANs. For example, setting up your guest network as a separate VLAN so users can’t get to sensitive data.
- Establishing a phone VLAN versus a data VLAN
Tagged versus Untagged VLANs
An untagged VLAN on a switch, also called an access VLAN, connects to a host, usually a server, but the host devices are unaware of any of the VLAN configurations as to which other devices are on the VLAN. Traffic transmitted on an untagged VLAN is usually fairly linear.
Tagged VLANs, also called trunks, can operate across more than one VLAN. The data that is transmitted through tagged ports includes a VLAN tag that distinguishes it. Data can be transferred on a one-to-many relationship based on the configurations of the switch. Connections between switches or between different wiring closets on your campus should be tagged.
Additional Resources
Here are additional resources you may find useful:
- VLAN Explained (4:37) from PowerCert Animated
- What are VLANs? -- the simplest explanation (11:28) by Practical Networking
- VLANs Explained | Cisco CCNA 200-301 (11:15) from CertBros
- Untagged vs. Tagged VLAN: What’s the Difference? Article for jumpcloud by Kelsey Kinzer
Task/Self-Assessment
Complete the following task or self-assessment:
- Determine whether your network uses VLANs.
- If so, create a chart showing the VLAN numbers, names and a description of what each VLAN is used for.
- If not, would it be beneficial if your network did? Why or why not?
- Might you create VLANs for different departments in your school or campus?
Your decision may be determined based on the type of data different departments use, like those that need secure access to employment, financial, health, or student records compared to those that do not.