VLAN（Virtual Local Area Network）

VLAN（Virtual Local Area Network）is A LAN equipment logically divided into one network segment, so as to achieve the virtual workgroup emerging data exchange technology. This new technology are mainly applied in switches and routers, but the mainstream applications or among the switches. But not all switches have this function, only VLAN agreement layer 3 switches can have the above this function, it can check the corresponding switches can be the specification of the informed.

What is a VLAN

IEEE in 1999 promulgated the implementation scheme of the VLAN to standardization 802.1 Q agreement draft standards. The emergence of the VLAN technology, make according to actual application requirements, administrator of the same physical LAN different user logically divided into different broadcast domain, each a VLAN is consists of a set of the same requirements of computer workstation, and physical form on LAN have the same properties. Because it is from logically divided, not from physical divided, so the same VLAN within each workstation no restrictions on the same physical limits, namely, the workstation can in different physical LAN segment. From the characteristics of the VLAN knowable, a VLAN internal radio and unicast flow will not forwarding to other VLAN database, and helps to control flow, reducing equipment investment, simplified network management, improve the network security.

Exchange technology development, also accelerate new exchange technology (vlans) application speed. Through the enterprise network division for virtual network VLAN segment, can strengthen network management and network security, control unnecessary data broadcast. In a Shared network, a physical network segment is a broadcast domain. While in exchange network, broadcast domains may be an arbitrary selected second network address (MAC address) composition of this paragraph. So, the network can be divided in the breakthrough of sharing network location restriction, and completely according to management function to differentiate. This packet based on workflow model, which greatly improved the network planning and reconstruction of management functions. In the same VLAN the workstation, regardless of their actual and which switches connection, they of the communication between the elephant be independent switches on the same. The same VLAN radio only members of the VLAN to hear, and won't transfer to other VLAN to, so can very good control unnecessary broadcast storm production. In the meantime, if no routing words, different inter-vlan cannot mutual communication, such increased enterprise network between different sectors of safety. Network administrators can configure their inter-vlan road origin overall management enterprise internal different management unit information between visits. Switches is according to user workstation's MAC address to differentiate vlans. Therefore, users can free in the enterprise network mobile office, no matter where he is access exchange network, he can freely with other users within the VLAN communications.

VLAN network can be a mixture of network type equipment composition, for instance: 10M Ethernet, 100M Ethernet, token nets, FDDI, CDDI etc, can be workstation, server, hubs, network uplink backbone, etc.

VLAN besides can network into multiple broadcast domain, thus it can effectively control the broadcast storm occurrence, and make the topology of the network becomes very flexible outside the advantage, still can be used to control network in different departments, the each other between different site visit.

A VLAN is to solve the problem and safety radio Ethernet and proposed an agreement, it in Ethernet frame based on increased with the VLAN ID VLAN head, the user divided into smaller group, between the different working group limit user visits, each group was a virtual lans. Virtual lans benefit is can restrict radio scope, and can form virtual working group, the dynamic management network.

The purpose of the VLAN

A VLAN insgroupsto Local Area) technical appear, mainly in order to solve the LAN switches interconnection can restrict broadcast problem. This technology can bring a LAN was partitioned into several logic LAN - VLAN, each VLAN is a broadcast domain, VLAN within the communication between host and in a LAN within the same, and are not direct communication between the VLAN, such, radio message is limited in a VLAN inside.

VLAN advantages

1. The broadcast storm guard:

Restrictions on the network broadcasting network is divided into several vlans can reduce participate in the broadcast storm number of devices. LAN segmentation can prevent the broadcast storm spread the entire network. VLAN can provide establish firewalls mechanism, prevent the excessive broadcasts switching networks. Use a VLAN, can will exchange port or user endow with at a particular VLAN group, this can be done in a VLAN group switching or jumper multiple switch the radio, not in a VLAN to VLAN outside. Similarly, adjacent port do not receive other VLAN produce wide planting. It reduces broadcast traffic, release bandwidth to the user application, reduce broadcast production.

2. Security:

Enhance LAN security, containing sensitive data groups of users with the rest of the isolated network, thus reduces the possibility of information disclosure of the confidential information. Different VLAN within the message in transmission is mutual isolation, namely a VLAN within the user cannot and other VLAN within the user direct communication, if different VLAN to communicate, requires through the router or layer 3 switches etc three-layer equipment.

3. Lower cost:

Costly network upgrades demand decreases, existing bandwidth and on the uplink higher utilization ratio, so can save cost.

4. Increased performance:

This will be the first floor flat network into multiple logical working group (broadcast domain) can reduce unnecessary flow on the network and high performance.

5. Improve the IT staff efficiency:

VLAN for network management brought convenient, because it has similar demand in the network users will share the same vlans.

6. Simplified project management or application management:

VLAN will users and network equipment polymerization to together, to support the business needs or regional demand. After function division, the project management or special application processing becomes very convenient, for example can easily management of the teaching of electronic teaching development platform. In addition, also very easy to determine the influence of upgrading the network service scope.

7. Increased network connection flexibility.

Using VLAN technology, can will different place, the different network, different user combined together, forming a virtual network environment, like using local LAN as handy, flexible and effective. VLAN can reduce mobile or change the workstation geographical position of tube, especially some Daniel fee business condition is regular changes companies use the VLAN, this part of the management cost is reduced greatly.