A VLAN is a Virtual local area networks where the computers, servers, and other network devices are logically connected regardless of their physical location.
So, even if the devices are in different places in an office or building, it is not a problem. VLAN will logically group them into separate virtual networks.
Purpose of VLAN
- Improved security
- Traffic management
- Make a network simpler
Let’s Begin with LAN (Local area network)
let’s say you have got a two story office building. In this building you have computers that are mixed in with computers that belong to other departments on the same floor.
Let’s colors represent different departments
Red computers : Accounting department
Blue computers: Support department
All these computers from these different departments are all connected to an OLT. So, they are all on one segment on a local area network or LAN.
Problem of simple LAN
So in simple LAN, all the network traffic are mixed in with other departments. So, it leads to heavy traffic in the network and all departments seeing each other’s network traffic.
To attain the solution we need to separate the network broadcasting traffic from these departments from each other, so that the accounting department doesn’t see any traffic from support, support doesn’t see any traffic from accounting and so on.
One way to solve this is to physically move the computers that belong to the same department and put them together such as putting them on the same floor and deploying extra network hardware and cabling . But, that could be a hassle and unnecessary work.
Second Method (Optimal solution – The VLAN)
There is an easier way to accomplish this and that is by creating VLANs.
By using VLANs on a VLAN capable OLT you can logically create several virtual networks to separate network traffic.
So, in this case, we’re going to create two VLANs for the two different departments
Let we assign some name VLAN 1 to accounts department, VLAN 2 to support department. ie called as VLAN tagging
Now traffic between the two departments are isolated and they won’t see any traffic created from the other departments. Even though all the computers from the different departments share the same cabling.
So in our example the VLANs were created on the OLT and this is done by designating specific ports on the OLT and assigning those ports to a specific VLAN.
So on the OLT, we will create a VLAN for the support department and tag it to the ports of ONU/ONT. And we’ll plug the computers to the ports of ONU/ONT that belong to the support department.
Then we’ll designate another set of ports on the OLT and create another vlan for the accounting department. Then we’ll plug the computers to the ports of ONU/ONT that belong to the accounting department.
And as you can see the network traffic is separated between the departments because of the VLANs.
So, as stated before there are several different reasons for creating VLANs. But one of the main reasons is for traffic management because as a local area network grows and more network devices are added, the frequency of the broadcast will also increase and the network will get heavily congests with data.
By creating VLANs, which divide up the network into smaller broadcast domains, it will help alleviate the traffic.
In place of the above 2 servers, we can add 2 or more ISPs and separate it with the help of VLAN tagging .ie with same hardware we can give connections of 2 or more ISPs.