VLAN! VLAN!! VLAN !!!
What is this VLAN ?
Why we are using VLAN?
How to decide VLAN?
These are the question in my mind making storm… But when I took admission in RST forum. Vagish Sir cleared my all doubts about VLAN. So in this blog we will just focus on the “VLAN”
So 1st question comes to your mind that why VLAN???
As consider a company like Accenture or Cisco in which there are 10000 of PC`s and they are connected on a network and all are in same subnet. The windows operating system is working on each computer. So as the windows operating system is always broadcasting its every service and any new service. So if we consider that our all PC`s are in a same subnet so the every PC will sends its service broadcast and when it is coming towards a switch it will broadcast it we can`t use router as all PC`s are in a same subnet. Switch will divide only the collision domain and not the broadcast domain so switch will make a multiple copies of that and send to its every port and so if 1 switch has 24 ports then the 10000/24 equal to a approximately 400 switches are there in a network. Lets imagine that for every broadcast the switch will make multiple copies and send its to every port and so it creates very high no of frames flowing through the network and so if now any PC want to use network then the network is already having very large traffic.so such a high no. of frames present in a network causes :-
- Degradation of switch performnce
- Degradation of PC`s performance
- Degradation of useful Bandwidth of a link
so basically VLAN`s ARE USED TO CONTROL THE BROADCAST DOMAIN.
As so we divide the network in vlan, each vlan is having different subnet so for the communication between VLAN we use layer 3 switch or router.
We are doing VLAN configuration on a switch means what we are doing?
When we define a VLAN on a switch at that time we are actually dividing the switch in to the smaller swich virtually where these virtual switchs are working in the different network (subnet).
From the following diagram you will get the concept …..
As we made VLAN`s so now each VLAN have its separate subnet so according to our basic principle the traffic between two subnet will route and traffic within a subnet will switch. A router or a layer 3 switch is necessary for communication between two VLAN`s.
How to decide that our which PC`s will be in one VLAN and which will be in the separate VLAN ???
These is decided on the 80-20% rule .
This rule says that 80% traffic in a network should switch and 20% traffic should route.
As in a organization people which are in a same department talks more to each other and communicate more where as the people from different department will talk less to each other and communicate less to each other.
As we know switching is faster than routing. so the traffic within a department has to switch (as more traffic is there) and between the department should route (as less traffic is there).
So lets take a example that there is one company like cisco, in this company we have 4 different departments like engineering, Finance, Human resource and testing so as per our discussion we will keep the people from 1 department in a same VLAN so when they communicate then the traffic between them will switch but when communicate with other department (as they communicate with other department rarely ) so the traffic will route
Advantages of VLAN :-
- To controls the broadcast domain
- Use to provide security (it is actually a byproduct)
To provide security means not like the people from different can’t talk the can talk but their call or data will routed through a router so with the help of access list and some other way we can provide them the security. Some people think this is the main requirement of creating a VLAN but actually it is just a byproduct.(providing security to one department from other department doesn`t mean that they should not communicate to each other otherwise in above Cisco company example if a engineering dept. person can`t talk to testing dept. people then what is the use of the network)
The following Diagram is added for the comment from himanshu to explain how broadcasting work in Switches on which VLAN is configured.
nice wrk dude...carry on
ReplyDeleteHi,
ReplyDeleteAs per the blog example on VLAN,switch without configure VLAN faces more traffic due to 2 factor.
One is every pc send broadcast service to switch,for every broadcast service switch makes multiple copies of these for each of its 24 ports,for each of copies it creates frame.so it results heavy traffic.
Other,if one pc demands network,then network is having already heavy traffic.
So,it faces degration in performance.
Now,switch with configuring VLAN,I understood each switch is divided on smaller switch(VLAN),each VLAN is having different subnet.switch is used within same VLAN and router is used in two different VLAN.
But it not clear now how broadcast service is flowing through switch to indivisual VLAN or to individual PC and in which manner multiple copies are made by switch so that it reduces heavy traffic.
So,please make me understood these things.
Warm regards,
Himanshu Kumar
Hi Himanshu,
DeleteAs the Switch is now divided into VLAN so previously, when we were not using VLAN at that time when a broadcast is send by any computer it will propagate in all network. But now by introducing VLAN we are segregating the network into parts. so consider that pc1 is in VLAN 1 and so when it will do broadcast, then the broadcast is only propagated in the VLAN1. Any other computer which is outside VLAN1 will not get the broadcast.
See we will make this thing simple by following diagram (The diagram is added in the Blog),
In this diagram there are 2 switches and say some of there ports are configured in VLAN 1 and other ports are configured in some other VLAN (As shown in the diagram). Consider PC1 connected to Switch 1 and PC4 connected to Switch 2 are in same VLAN that is VLAN1. PC 2 and PC 4 are in other VLAN , say any other VLAN than VLAN1.
#. Now when PC1 sends boradcast it will go to switch 1.
#. Switch 1 does multiple copies of this Frame and send to each port which is a member of VLAN1.
#. As Trunk Port is by default member of every VLAN so frame will reach to trunk port too.
#. trunk port will carry it to switch 2.
#. now switch 2 will get a frame so it will also make multiple copies of that frame and send it to every port on switch 2 which is a member of VLAN1 so PC 4 will get this broadcast.
#. So Though PC2 is connected to Same switch that as of PC1 , It will not receive the broadcast by PC1, If we don`t use VLAN the unwanted broadcast to PC2 by PC1 will be there.
#. Similarly as PC3 is not in VLAN 2 will not receive the Broadcast by PC1.
#. Any other PC which is connected to port which is member of VLAN 1 will get the Broadcast.
In this way we can avoid the unwanted traffic and improve the performance of the Switch and PC ( whole Network).
Plzzz give me vagish sir's Audio Clip.
ReplyDeleteEmail :- 4dpanchal@gmail.com
hello sir excellent explanation about VLAN but u did't explain about how packet will reach from one network to other.if it's in same network then no problem .for suppose i'm using l-3 switch, i need to communicate with computer dept.(IP:30.30.20.100). mine is electrical dept.(IP:30.30.23.100). For that i created a two vlans in switch. now explain me how packets will route
ReplyDeletehello,
ReplyDeleteIt is necessary to place all our vlans in different network.
for example:
Vlan 10 in 192.168.X.0
vlan 20 in 192.168.Y.0
or is there any possibility to place all our vlans in same network.
vlan10, vlan 20.... in 192.168..Z.0
Please Explain it
Excellent!! Are you blogging other concepts,if so please share the urls
ReplyDelete