A virtual LAN
, commonly known as a VLAN
, is a logically segmented network
mapped over physical hardware. The IEEE
is the predominant protocol. Previous to this Cisco
was one of many companies which had a proprietary standard, in Cisco's case, inter link switching (ISL).
Early VLANs were often configured to reduce the size of the collision domain in a large single Ethernet segment to improve performance. When ethernet switches made this a non-issue (because they have no collision domain), attention turned to reducing the size of the broadcast domain at the MAC layer. Another purpose of a virtual network is to restrict access to network resources without regard to physical topology of the network, although the strength of this method is debatable.
Virtual LANs operate at layer 2 of the OSI model. However, a VLAN is often configured to map directly to an IP network, or subnet, which gives the appearance it is involved in layer 3.
Switch to switch links and switch to router links are called trunks. A router serves as the backbone for traffic going across different VLANs.
VLANs can be configured in various ways;
- Protocol level, IP, IPX, LAT, etc
- MAC address based.
- IP subnet based.
- Port based, and therefore real world based, say by accounting versus marketing departments.
VLANs can be static, dynamic, or port-centric and there are two methods of establishing a VLAN: frame-tagging and frame-filtering.