VLAN -(Virtual Local Area network-L2 & L3)

 

A VLAN, or Virtual Local Area Network, is a method of segmenting a physical network into multiple logical networks. Each VLAN operates as if it were a distinct physical network, even though devices may be connected to the same physical network infrastructure.

Benefits of VLANs:

1. Enhanced Security: VLANs isolate traffic between different groups of devices, reducing the risk of unauthorized access and potential security breaches. For example, sensitive data traffic can be separated from general network traffic, limiting exposure to security threats.
2. Improved Performance: By reducing broadcast traffic and segmenting network traffic, VLANs can improve network performance. Broadcasts are contained within VLANs, reducing the impact on other parts of the network and preventing unnecessary congestion.
3. Simplified Network Management: VLANs allow network administrators to logically group devices based on factors such as department, function, or location, rather than physical proximity. This makes it easier to manage network resources, implement policies, and troubleshoot network issues.
4. Flexibility and Scalability: VLANs offer flexibility in network design and scalability. They enable organizations to easily add, move, or change network devices without the need for physical rewiring. This agility supports evolving business needs and growth.
5. Optimized Resource Utilization: VLANs help optimize resource utilization by allowing multiple logical networks to share the same physical network infrastructure. This reduces the need for dedicated network segments for each group of devices, leading to cost savings and efficient use of network resources.

Overall, VLANs provide a versatile and powerful means of organizing and securing network traffic, improving performance, and simplifying network management in modern IT environments.

Vlan Configuration

1. switch# configure terminal: This command enters the configuration mode on the switch. In this mode, you can make changes to the switch's configuration.
2. switch(config)# vlan [VLAN_ID]: This command creates a new VLAN with the specified VLAN ID. Replace [VLAN_ID] with the numerical identifier of the VLAN you want to create. For example, vlan 10 would create VLAN 10.
3. switch(config-vlan)# name [VLAN_NAME]: This command assigns a name to the VLAN you created in the previous step. Replace [VLAN_NAME] with a descriptive name for the VLAN. For example, name Sales would name the VLAN "Sales".
4. switch(config-vlan)# exit: This command exits the VLAN configuration sub-mode and returns you to the global configuration mode. It's used to end the specific VLAN configuration and move on to other configuration tasks.

Type of VLAN

1. Default VLAN: The default VLAN is the VLAN to which all switch ports belong when they are not explicitly assigned to a specific VLAN. On most switches, this default VLAN is VLAN 1.
2. VLAN 1: VLAN 1 is the default VLAN on many switches. It is often used for management purposes and is typically untagged. All switch ports are members of VLAN 1 by default unless explicitly configured otherwise.
3. Native VLAN: The native VLAN is the VLAN to which untagged traffic belongs on a trunk link. By default, VLAN 1 is often used as the native VLAN on trunk ports, but this can be changed based on network requirements.
4. Untagged VLAN: The untagged VLAN is the VLAN to which traffic belongs when it does not have a VLAN tag. On access ports, traffic is typically untagged, and it belongs to the VLAN configured on the port. VLAN 1 is often the default untagged VLAN on access ports.
5. Management VLAN: The management VLAN is a VLAN used for managing network devices such as switches and routers. While VLAN 1 is often used for management, some networks use a separate VLAN for enhanced security.
6. Default VLAN Configuration: The default VLAN configuration refers to the initial VLAN configuration on a switch before any changes are made. This usually includes VLAN 1 as the default VLAN for all switch ports.

    
    L3 VLAN Configuration and Details

1. Create VLANs: First, create the VLANs you need on the device. This is usually done in the device's configuration mode. For example, on a Cisco device, you might use commands like vlan <vlan_id> to create VLANs.
2. Assign Interfaces to VLANs: Next, assign the physical or logical interfaces (such as Ethernet ports or virtual interfaces) to the VLANs you created. This is usually done in interface configuration mode. For example, on a Cisco device, you might use commands like interface <interface_name> followed by switchport mode access and switchport access vlan <vlan_id> to assign an interface to a VLAN.
3. Configure IP Addresses: For Layer 3 VLANs, you need to assign IP addresses to the VLAN interfaces so that they can route traffic. This is done in interface configuration mode as well. For example, on a Cisco device, you might use commands like interface vlan <vlan_id> followed by ip address <ip_address> <subnet_mask> to assign an IP address to a VLAN interface.
4. Enable Routing: Finally, you need to enable routing on the device if it's not already enabled. This is typically done with a command like ip routing on Cisco devices

Here's a basic example configuration for a Cisco device:

Direclty configure L3 vlan

• Note:-In this case The vlan protocol will down, When you create L2 vlan then Vlan protocol will up.