Virtual local area network (VLAN) is a logical fragmentation of a big network for several reasons. On this article we will discuss about VLAN. Few reasons and uses will be brought up regarding this issue.
VLAN is a commonly used technique now a day for segmenting network so that we can make the network easy to maintain and implement more security. This segmentation will work as a totally new network. If we want to connect two different VLANs then we need to use a layer 3 device and also we need to put different rules to communicate with proper networks and end users.
How this technology helps us to manage a big network! Simply it reduces the broadcast domains and work as an independent network so that we can apply rules on those. We usually face complication when the broadcast domain gets bigger. So using this technology we can reduce the size of the network and the broadcast domain and bring a permanent solution to this.
There are two methods to assign VLAN membership, static and dynamic. Static VLAN membership is usually done manually by selecting a port from the switch. In case of static membership that single port or the assigned ports are responsible for the data delivery, so that we can tell that this is one of the most secure medium for managing VLANs.
In case of dynamic VLAN membership we need a high end device to maintain and manage the VLANs. Here the device will work as a server which is usually called VLAN membership policy Server (VPMS). Here the low end devices will work as a client and take the information from the high end device. The advantage of this method is that we can maintain the network by just plug and play.
These two membership methods are used for several infrastructures for different requirements. Usually dynamic membership method is used in case of enterprise network. As this is being used we also need to know the connection type to understand the implement of the infrastructure.
There are two kinds of VLAN connection, access link and trunk link. These two connection types are usually implemented on ports. We need to configure these two types manually. Let’s talk about these two kinds of connections.
Access link is used when a single port is allowing a single VLAN using standardized NIC. As we understood that access link can allow only one VLAN so the end users under that device have to be on the same broadcast domain. So in that case we have to use single switch port for a single VLAN.
In case of trunk connection we can get more flexibility regarding this. This connection type is capable of connecting more than one VLAN also two switches and switch to router.
To create a trunk connection we have to assign the VLANs to that trunk port. After this assigning the trunk tagging system will create logical connection for every single VLAN and when a data will be transferred than that VLAN information will be tagged with the header of the frame. Otherwise a standard NIC will usually drop the frame as a standard NIC does not understand the information.
There are also three other methods that may be used to create a VLAN access, these are MAC address, IP address and port. We talked about port on above and the rest of two methods will be discussed on our future articles.