Before starting with VLAN it must be clear understanding of LAN. A LAN is called Local Area Network and is defined as all devices in the same broadcast domain. It is usually privately owned and links the devices in a single office building and office. Hubs, bridges or switches in the same physical segment or segments connect all end node devices. End nodes can communicate with each other without the need for a router. Communications with devices on other LAN segments requires the use of a router.
VLAN is Virtual Local Area Network Virtual LANs (VLANs) can be viewed as a group of devices on different physical LAN segments which can communicate with each other as if they were all on the same physical LAN segment. VLANs provide a number of benefits over the network described in Figure 1, which we will discuss in the next section. In order to take advantage of the benefits of VLANs, a different network topology is needed.
Need Of VLAN
We need VLAN for in the following situations which are described below:
- When we have more the 150 system for network connection in Local Area Network then we can use the VLAN.
- When there is lot of traffic problem in a LAN. To overcome Traffic problem we can use virtual LAN concept.
- For security purpose we can use LAN.
- If the user want to work on the same application running then we have to use the VLAN concept.
- It is also used to make the single switch to the virtual switches.
Benefits of VLAN
The benefit of VLAN is describe below:
Switched networks by nature will increase performance over shared media devices in use today, primarily by reducing the size of collision domains. Grouping users into logical networks will also increase performance by limiting broadcast traffic to users performing similar functions or within individual workgroups. Additionally, less traffic will need to be routed, and the latency added by routers will be reduced.
VLANs provide an easy, flexible, less costly way to modify logical groups in changing environments. VLANs make large networks more manageable by allowing centralized configuration of devices located in physically diverse locations.
Network tuning and simplification of software configurations
VLANs will allow LAN administrators to "fine tune" their networks by logically grouping users. Software configurations can be made uniform across machines with the consolidation of a department's resources into a single subnet. IP addresses, subnet masks, and local network protocols will be more consistent across the entire VLAN. Fewer implementations of local server resources such as BOOTP and DHCP will be needed in this environment. These services can be more effectively deployed when they can span buildings within a VLAN.
Physical topology independence
VLANs provide independence from the physical topology of the network by allowing physically diverse workgroups to be logically connected within a single broadcast domain. If the physical infrastructure is already in place, it now becomes a simple matter to add ports in new locations to existing VLANs if a department expands or relocates. These assignments can take place in advance of the move, and it is then a simple matter to move devices with their existing configurations from one location to another. The old ports can then be "decommissioned" for future use, or reused by the department for new users on the VLAN.
Increased security options
VLANs have the ability to provide additional security not available in a shared media network environment. By nature, a switched network delivers frames only to the intended recipients, and broadcast frames only to other members of the VLAN. This allows the network administrator to segment users requiring access to sensitive information into separate VLANs from the rest of the general user community regardless of physical location. In addition, monitoring of a port with a traffic analyzer will only view the traffic associated with that particular port, making discreet monitoring of network traffic more difficult.
It should be noted that the enhanced security that is mentioned above is not to be considered an absolute safeguard against security infringements. What this provides is additional safeguards against "casual" but unwelcome attempts to view network traffic.
Limitation of VLAN
The limitation of the VLAN are describe below:
In order to handle broadcast traffic in an ATM VLAN environment it is necessary to have a special server that is an integrated part of the ATM infrastructure. This server has limitations in the number of broadcasts that may be forwarded. Some network protocols that will be running within individual VLANs, such as IPX and AppleTalk, make extensive use of broadcast traffic. This has the potential of impacting thresholds on the switches or broadcast servers and may require special consideration when determining VLAN size and configuration.
The number of Ethernet addresses than can be supported by each edge device is 500. This represents a distribution of about 20 devices per Network 21 port. These numbers are actual technical limitations that could be further reduced due to performance requirements of attached devices.
These limitations are above the recommended levels for high performance networking. From a pure performance standpoint, the ideal end-user device to Network 21 port ratio would be one device per port. From a practical point of view, a single Network 21 port could be shared by a number of devices that do not require a great deal of bandwidth and belong to the same VLAN. An example of this would be a desktop computer, printer, and laptop computer for an individual user.
In a particular VLAN the node is connect with the hub so that every port on the hub belongs to the same VLAN because hub does not provide VLAN to any kind of port. The hub is connect basically Network 21 port. So it cannot able to provide any port no for the another VLAN network.