What is VLAN ?

AVLAN is a group of end stations with a common set of requirements, independent of their physical location. A VLAN has the same attributes as a physical LAN, except that it lets you group end stations even when they are not physically located on the same LAN segment. A VLAN also lets you group port on switch so that you can limit unicast, multicast, and broadcast traffic flooding. Flooded traffic that originates from a particular VLAN floods only to the ports belonging to that VLAN. VLAN trunks with IEEE 802.1Q tagging facilitate interswitch communication with multiple VLANs. Cisco catalyst switches feature VLAN Trunking Protocol (VTP) to simplify management of VLANs across multiple switches.

Understanding VLANs

Issue in a poorly designed network

· Large broadcast domain

· Large amount of unknown MAC unicast traffic

· Unbounded multicast traffic

· Management and support challenges

· Possible security vulnerabilities

Note: The default behavior on a Cisco catalyst series switch is for multicast frames to be treated like broadcast frames, technique such as IGMP snooping may also be configured to optimize the use of multicasting in the switched LAN environment.

VLAN Overview

· VLAN is an independent LAN network

· VLAN = Broadcast Domain = Logical Network (Subnet)

· VLAN address:

1. Segmentation

2. Security

3. Network Flexibility
Designing VLAN for an organization

· VLAN design must take into consideration the implementation of a hierarchical network addressing scheme.

· The benefits of hierarchical addressing are

1. Ease of management and troubleshooting

2. Minimizing of errors

3. Reduced number of routing table entries
Guidelines for applying IP Address space in the Enterprise Network

· Allocateone IP subnet per VLAN

· Allocate IP address space in contiguous blocks (summarization)

Network Traffic Types

Traffic types to consider when designing VLANs:

· Network management

· IP telephony

· IP multicast

· Normal data

· Scavenger class


