Home   | Network+ 2009 Free Videos  |   Network+ 2009 Tutorials    |About Me
 

Get Free Daily Network+ And Cisco Practice Exam Questions With My Exclusive Site Newsletter, "The Mastermind!"

 

Name:
Email:
 
 
 
 



 

Network+ 2009 Certification Training:

What Are Virtual LANs?

Sometimes the hardest part of your networking studies is getting used to all the acronyms - and we use the acronyms so often that we tend to forget what these acronyms represent!

What does this have to do with today's Network+ 2009 tutorial! Glad you asked! Today's subject is the "VLAN" - short for Virtual LAN, which in turn is short for Virtual Local Area Network.

When I first became a networking student, that term really threw me. "Virtual" LAN? Why do we need a "virtual" LAN, and how in the world do we create one? What's wrong with the regular ol' physical LAN - our collection of PCs, printers, servers, and other networking devices?

Let's take a look at a typical "physical" LAN - and then we'll discuss what the potential issues are.

Physical LAN

Here we have a few different devices directly connected to a switch. (If this is the first time you've seen that particular symbol, any rectangular device with those four arrows in that pattern is a switch.)

Of course, in production networks we'll have many more devices connected to any given switch. A switch can have 12 ports, 24, 36, or more, which is where the first issue with physical LANs comes in.

When a switch receives a broadcast, the default action for that switch is to send a copy of that broadcast out every single port on that switch EXCEPT the port the broadcast came in on. Pardon the use of all caps there, but that's a very important networking concept.

Let's say we have 64 hosts connected to that switch. That means that when any of those hosts send a broadcast to the switch, the result is 63 broadcasts being sent out by the switch!

That behavior will have several effects on our network, none of them good:

The switch has to spend valuable resources to process those broadcasts.

It's unlikely every host that's receiving the broadcast needs it, but each host still has to spend some resources on to process the broadcast.

Received broadcasts may result in a broadcast response, which in turn results in even more broadcasts, which can then eventually result in a broadcast storm - a situation where broadcasts are taking up the available bandwidth on your network and/or overpowering the switch's capability to handle all the broadcasts, which makes it impossible for the network to operate correctly.

To limit the impact of broadcasts, we can logically divide the switch into Virtual LANs (VLANs). When the switch receives a broadcast that originated from a member of a certain VLAN, the switch will then only forward the broadcast to ports that are members of that same VLAN. Ports that are members of other VLANs will not receive that broadcast.

VLAN theory is one of those things that sounds a little odd, but when you see it in action, it'll become crystal clear. Let's revisit our earlier network, assuming that all hosts are in VLAN 1. (Cisco switches put all ports in VLAN 1 by default.)

Default VLAN

 

If any of those hosts send a broadcast, all of the other hosts will receive it. Let's say we only want hosts B, C, and D to receive a broadcast sent by Host A. To do this, we would put those four hosts in their own VLAN. We'll use VLAN 10 for those hosts.

Using Two VLANs

When any of the hosts in VLAN 10 send a broadcast, only hosts in that same VLAN will receive it.

Now -- in networking, you have to get used to tradeoffs. The tradeoff here is that not only will broadcasts not be forwarded from one VLAN to another, but no other traffic types will be forwarded, either!

To allow routable traffic to travel between hosts in different VLANs, you'll need to configure one of two things, both of which we'll cover elsewhere in this Network+ 2009 certification course:

"router on a stick"

Multilayer switching

For now, just keep in mind that VLANs can be used to limit the impact of broadcasts on your network, but that hosts in different VLANs cannot send packets to each other by default.

VLANs can also help with potential security issues. Let's say we add an additional host and a server that no other hosts on the network should even know about.

VLANs For Security

 

If we put that host and the server in their own, unshared VLAN, by default no other hosts on the network will be able to communicate with that server or that new host.

VLANs are an important part of today's networks, and you can expect to use them throughout your career - and to encounter them on your Network+ 2009 certification exam!

Once you're done with this tutorial, head back to my Network+ 2009 Video and Network+ 2009 Tutorial pages!

For a VERY limited time - use the discount code "net247" when you order and you'll save $50 on your order from Trainsignal!

Network+ 2009 Certification CBT

 

Chris Bryant
CCIE #12933
"The Computer Certification Bulldog"
chris@thebryantadvantage.com