"What is VLAN?

In a traditional network, all devices connected to a switch are part of the same broadcast domain. That means when one device sends a broadcast, every other device receives it — even if they don't need it. This causes unnecessary traffic, poor security, and zero segmentation. That's where VLANs (Virtual Local Area Networks) come into play.

What is a VLAN?

A VLAN is a way to logically divide a single physical network into multiple isolated broadcast domains.

In simple words: VLAN allows you to group devices logically instead of physically, even if they are connected to the same switch.

Why Use VLANs?

1. Improved Security: Devices in different VLANs can’t talk to each other by default.

2. Reduced Broadcast Traffic: Each VLAN has its own broadcast domain.

3. Better Performance: Less unnecessary traffic improves network efficiency.

4. Easier Management: Group users by department (HR, Sales, IT) regardless of location.

5. Scalability: Easier to expand networks in large organizations.

Real-Life Example of VLAN Use

Suppose an office has three departments:

• HR (VLAN 10)

• Sales (VLAN 20)

• IT (VLAN 30)

Even if all computers are plugged into the same switch, VLAN configuration ensures:

• HR can’t see Sales’ traffic.

• IT can monitor and manage their own network separately.

• You save on buying extra switches.

Types of VLAN Ports

1. Access Port:

   • Assigned to a single VLAN.

   • Used to connect end devices like PCs, printers.

     Example:

     switchport mode access

     switchport access vlan 10

2. Trunk Port:

   • Carries traffic for multiple VLANs between switches.

   • Used between switch-to-switch or switch-to-router links.

     Example:

     switchport mode trunk

     switchport trunk allowed vlan 10,20,30