Computer networks can be segmented into a Local Area Network (LAN) and Wide Area Network (WAN). LANs are networks that serve users in a small area, usually a small department or a workgroup with one server and a few clients at a specific location. Very often, different floors in an office have a LAN. Sometimes these LANs are connected by routers to obtain a set of interconnected LANs. The routers that enable communication between the LANs are often complicated, slow and expensive. A switched LAN is a broadcast domain and multicast or broadcast traffic are allowed to pass through the switches. This can become a bottleneck that restricts LAN throughput and slows down the speed and amount of data transmission.
Also, there have been changes in the present business environment and very often personnel involved in a particular project or those belonging to a particular department are not confined to a given area and are spread throughout a building or campus. In such cases, grouping the users into one physical segment is not feasible. Virtual LANs or VLANs offer a better way to overcome these problems.
What is a VLAN?
A Virtual Local Area Network (VLAN) logically groups workstations, servers and network devices into workgroups and they appear to be on the same LAN despite their geographical distribution. Since broadcasts and multicasts between the users of a workgroup are likely to be high, a VLAN that includes members of a given workgroup limits the broadcast traffic within that particular virtual network. Thus, a VLAN performs like a virtual broadcast domain. The virtual LAN controller can change or add workstations and manage load balancing and bandwidth allocation more easily than it can be done with a LAN.
Benefits of VLAN
A VLAN allows several networks to work virtually as an LAN. One of the most beneficial elements of a VLAN is that it removes latency in the network, which saves network resources and increases network efficiency. In addition, VLANs are created to provide segmentation and assist in issues like security, network management and scalability. Traffic patterns can also easily be controlled by using VLANs.
Here are some of the key benefits of implementing VLANs:
- Improve Network Performance
In networks having a high proportion of broadcast traffic, a VLAN can improve network performance by limiting the broadcast from going to destinations for which the broadcast is not intended. No doubt this function could be performed by a router, but the greater amount of processing required for a router to route the frames or packets increases latency and therefore reduces the performance of the network. VLAN is thus more efficient.
- Ability to set up virtual workgroups
VLAN makes it possible for the network administrator to define a set of users as belonging to a virtual broadcast domain irrespective of their physical location. In present day scenario when people are more mobile and job environment more dynamic, VLAN can solve the problem of physical relocation every time a change takes place in the workgroups.
- Reduced administration
On event of any relocation, a considerable part of the administration efforts go towards additions, movements, and changes, all of which involve reconfiguration of hubs, routers, station addressing and sometimes rewiring. A VLAN reduces the need for such changes and with good management tools, all one has to do is a simple drag and drop action to change a user from one VLAN to another.
- Reduced cost
The ease of administration, the avoidance of physical movement or cabling changes, and by doing away with expensive routers to contain broadcast activity, costs are reduced and lowered by a great extent. VLANs make expansion and relocation of a network or a network device easier.
By the ability to contain the broadcast activity within a workgroup, access to sensitive data broadcast on a network is limited only to those for whom such broadcast is intended. This improves data security of the network.
VLANs Are Not Without Problems
Though VLANS are beneficial, but they have their own sets of problems too. When resources such as a printer have to be shared within a logical group, it may cause problems for some who have the printers assigned to them on another floor of the office far from where they work.
Also, the present trend is to group different servers with increased physical security, environment control, fire prevention measures etc. These servers may have to be accessed by members of more than one VLAN. If it is not possible to assign the server to more than one VLAN, such access is not possible. This can slow down network throughput. Thus the ability for a node to be assigned to more than one VLAN is a critical deciding factor in a VLAN implementation.
Another disadvantage is that there are high risks of virus attacks because one infected system may spread a virus through the whole logical network
Also, VLAN implementations are by and large proprietary, which makes inter-operation between switches difficult. This means for a particular VLAN configuration one has to procure all products from the same vendor. Standards for VLAN such as IEEE 802.1Q are still under evolution and in the absence of such standardization, VLANs remain somewhat restrictive.
It’s easier to design and implement VLANs by physical location, than to do it by the logical approach in which VLANs are designed to reflect departments. VLANs will not be effective if the network has a large presence of computers with shared media access. Though modern corporate networksare using VLANS extensively, the actual implementation strategy will ultimately depend on the needs, environment, and practices of the user organization.