virtual LAN (VLAN)

Contributor(s): John Burke
This definition is part of our Essential Guide: The VoIP basics every enterprise should know

A local area network, or LAN, provides the nodes connected to it with direct (Layer 2) access to one another. It is usually comprised of one or more Ethernet switches. Computers on different LANs talk to each other using Layer 3 (IP), via a router

A virtual LAN (VLAN) abstracts the idea of the LAN; A VLAN might comprise a subset of the ports on a single switch or subsets of ports on multiple switches. By default, systems on one VLAN don't see the traffic associated with systems on other VLANs on the same network.

VLANs allow network administrators to partition their networks to match the functional and security requirements of their systems without having to run new cables or make major changes in their current network infrastructure. IEEE 802.1Q is the standard defining VLANs; the VLAN identifier or tag consists of 12 bits in the Ethernet frame, creating an inherent limit of 4,096 VLANs on a LAN.

Ports on switches can be assigned to one or more VLANs, allowing systems to be divided into logical groups -- e.g., based on which department they are associated with -- and rules to be established about how systems in the separate groups are allowed to communicate with each other. These can range from the simple and practical (computers in one VLAN can see the printer on that VLAN, but computers outside that VLAN cannot), to the complex and legal (e.g., computers in the trading departments cannot interact with computers in the retail banking departments).

Moreover, VLANs can be tunneled across Layer 3 boundaries (that is, across a router link) to allow geographically dispersed systems to communicate as if they were physically on the same LAN. 

This was last updated in August 2015

Continue Reading About virtual LAN (VLAN)

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

In your industry, what VLAN rules are important for security or for legal reasons?
Rules, do you mean VLAN creation crossing the Port, protocol and IP level configurations?
I want know about VLAN, & how it is work in router and how is it manage security and website.


Extensiones de Documento y Formatos de Documento

Accionado por: