Open main menu
Home
Random
Recent changes
Special pages
Community portal
Preferences
About Wikipedia
Disclaimers
Incubator escapee wiki
Search
User menu
Talk
Dark mode
Contributions
Create account
Log in
Editing
VLAN
(section)
Warning:
You are not logged in. Your IP address will be publicly visible if you make any edits. If you
log in
or
create an account
, your edits will be attributed to your username, along with other benefits.
Anti-spam check. Do
not
fill this in!
==Uses== VLANs address issues such as [[scalability]], security, and network management. Network architects set up VLANs to provide [[network segmentation]]. Routers between VLANs filter [[broadcast traffic]], enhance [[network security]], perform [[Supernetwork|address summarization]], and mitigate [[network congestion]]. In a network utilizing broadcasts for [[service discovery]], address [[Dynamic Host Configuration Protocol|assignment]] and [[Address Resolution Protocol|resolution]] and other services, as the number of peers on a network grows, the frequency of broadcasts also increases. VLANs can help manage broadcast traffic by forming multiple [[broadcast domain]]s. Breaking up a large network into smaller independent segments reduces the amount of broadcast traffic each network device and network segment has to bear. Switches may not bridge network traffic between VLANs, as doing so would violate the integrity of the VLAN broadcast domain. VLANs can also help create multiple [[layer 3]] networks on a single physical infrastructure. VLANs are [[data link layer]] (OSI layer 2) constructs, analogous to [[Internet Protocol]] (IP) [[subnet]]s, which are [[network layer]] (OSI layer 3) constructs. In an environment employing VLANs, a one-to-one relationship often exists between VLANs and IP subnets, although it is possible to have multiple subnets on one VLAN. Without VLAN capability, users are assigned to networks based on geography and are limited by physical topologies and distances. VLANs can logically group networks to decouple the users' network location from their physical location. By using VLANs, one can control traffic patterns and react quickly to employee or equipment relocations. VLANs provide the flexibility to adapt to changes in network requirements and allow for simplified administration.<ref name="802.1Q 1.4" /> VLANs can be used to partition a local network into several distinctive segments, for instance:<ref>{{cite journal |last1=Sharma |first1=Komal |last2=Yadav |first2=Meenu |last3=Pundir |first3=Megha |last4=Malhotra |first4=Isha |last5=Singh |first5=Jaskaran |title=VLAN & its implementation over ATM by using IP: a communication |journal=Discovery Engineering |date=Nov 2013 |volume=2 |issue=8 |pages=106β7 |url=http://www.discovery.org.in/discoveryengineering/current_issue/v2/n8/A11.pdf |archive-url=https://web.archive.org/web/20150618172303/http://www.discovery.org.in/discoveryengineering/current_issue/v2/n8/A11.pdf |access-date=6 January 2024 |archive-date=2015-06-18 |publisher=Discovery Publication |location=Tamilnadu, India}}</ref> * Production * [[Voice over IP]] * [[Network management]] * [[Storage area network]] (SAN) * Guest Internet access * [[DMZ (computing)|Demilitarized zone]] (DMZ) A common infrastructure shared across VLAN trunks can provide a measure of security with great flexibility for a comparatively low cost. Quality of service schemes can optimize traffic on trunk links for real-time (e.g. [[VoIP]]) or low-latency requirements (e.g. [[storage area network|SAN]]). However, VLANs as a security solution should be implemented with great care as they can be defeated unless implemented carefully.<ref>{{citation |work=SANS Institute InfoSec Reading Room |url=https://www.sans.org/reading-room/whitepapers/networkdevs/virtual-lan-security-weaknesses-countermeasures-1090 |title=Virtual LAN Security: weaknesses and countermeasures |publisher=SANS Institute |access-date=2018-05-18 |archive-date=2017-11-18 |archive-url=https://web.archive.org/web/20171118222202/https://www.sans.org/reading-room/whitepapers/networkdevs/virtual-lan-security-weaknesses-countermeasures-1090 |url-status=live }}</ref> In [[cloud computing]] VLANs, IP addresses, and [[MAC address]]es in the cloud are resources that end users can manage. To help mitigate security issues, placing cloud-based virtual machines on VLANs may be preferable to placing them directly on the Internet.<ref>{{citation |last1=Amies |first1=A. |last2=Wu |first2=C.F. |last3=Wang |first3=G.C. |last4=Criveti |first4=M. |date=21 June 2012 |title=Networking on the cloud |url=http://www.ibm.com/developerworks/cloud/library/cl-networkingtools/cl-networkingtools-pdf.pdf |archive-url=https://web.archive.org/web/20131101082835/http://www.ibm.com/developerworks/cloud/library/cl-networkingtools/cl-networkingtools-pdf.pdf |archive-date=2013-11-01 |work=IBM developerWorks}}</ref> Network technologies with VLAN capabilities include:{{citation needed|date=June 2015}} * [[Asynchronous Transfer Mode|Asynchronous Transfer Mode (ATM)]] * [[Fiber Distributed Data Interface|Fiber Distributed Data Interface (FDDI)]] * [[Ethernet]] * [[HiperSocket]] * [[InfiniBand]]
Edit summary
(Briefly describe your changes)
By publishing changes, you agree to the
Terms of Use
, and you irrevocably agree to release your contribution under the
CC BY-SA 4.0 License
and the
GFDL
. You agree that a hyperlink or URL is sufficient attribution under the Creative Commons license.
Cancel
Editing help
(opens in new window)