A VLAN (Virtual Local Area Network) is a logical network that connects nodes from different LANs into a network.
VLANs can:
- Keep applications separate: VLANs can keep network applications separate despite being connected to the same physical network.
- Reduce network congestion: VLANs limit the number of broadcasts and restrict user access to parts of the network they don’t need to access.
- Increase data security: VLANs can increase data security and logical partition.
- Group by logical organizational principle: VLANs can group devices by department, project team, or any other logical organizational principle.
VLANs operate at Layer 2 of the network, the Ethernet level. They work by applying tags to network frames and handling these tags in networking systems.
It is simply a tag in the 802.1q header. They will require a subnet as well.
Example: let’s say you have 2 switches with 2 hosts connect to each switch. Devices in different VLANs will need a layer 3 device to communicate. For example, Host A and Host B are connected to the same switch but different vlans. They will need a Layer 3 device to communicate.
