On this lesson of our switching topics, pag-uusapan naman natin ang foundation at basic ng VLAN. This is super-easy yet confusing sa karamihan. I’ll do my best para ma-explain ito ng ayos.
Ready?
Let’s do this.
What is a VLAN?
According to Cisco, “A VLAN is a group of devices on one or more LANs that are configured to communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLANs are based on logical instead of physical connections, they are extremely flexible“.
Sa simple at pinaka-madaling paliwanag, ang VLAN ay isa lang ding network or subnet. Or isang LAN – virtually. All devices in the same VLAN are in the same broadcast domain – logically. Ito ay binubuo ng mga devices na nakakapag-communicate sa isa’t isa.
Hindi katulad ng physical LAN(Local Area Network), ang VLAN ay pwedeng physically connected at madalas ay “logically connected“. Gaya ng nakikita mo sa ating image sa taas. Meron tayong Vlan 5 na may subnet na 192.168.1.0/24 for Marketing Department at meron naman tayong Vlan 10 na may subnet na 192.168.5.0/24 for Sales Department.
Kung matatandaan mo sa ating subnetting lessons, alam natin na magka-ibang network(or subnet) ang dalawang yan. Bakit? Because of their subnet mask.
Here’s what we have for those subnets:
As you can see, they are different vlans. And we also treat them as different vlan. Ibig sabihin, ang vlan ay nagre-represent lamang sa isang subnet or maliit na network. Pero take note, hindi kailangan or required na physically magkaka-sama ang mga pc or devices to be in the same vlan. Pwedeng sila ay virtually connected(kaya siya tinawag na virtual lan or vlan).
Take for example, our image below. As you can see, we have 3 pc on vlan 5(Marketing Department) pero first pc is on the 2nd floor while yung 2nd and 3rd pc naman natin ay nasa 7th floor. Pwede silang mag-communicate na parang magkatabi lang sila because they are on the same vlan(subnet). Ibig sabihin, nasa iisang broadcast domain lamang din sila.
Ibig sabihin, kahit ang dalawang devices ay nasa magkahiwalay ng location, pwede silang maging member ng isang VLAN. Ito ang kaibahan ng VLAN sa isang normal at pangkaraniwang LAN.
Kaya din tinawag itong “virtual LAN“. Ang VLAN ay ginagamit upang mai-group ang mga devices according to their functions instead of their physical location. Sa pamamagitan din ng VLAN, hindi na problema ang location at nai-sesecure natin ang ating network dahil nabibigyan natin ng kanya-kanyang “rules” ang bawat VLAN na nararapat para sa mga member ng naturang VLAN.
Take note, ang mga devices na nasa magka-ibang vlan ay hindi nakakapag-communicate sa isa’t isa. This is an added security na advantage ng paggamit ng vlans. Kakailanganin natin ng layer 3 devices(layer 3 switch or router) kung gusto natin makapag-communicate ang mga devices into different vlans. Bukod dito, we also limit the broadcast storm sa ating network dahil nga ang kada-vlan ay iba-ibang broadcast domain.
Meron tayong mga vlan numbers or identifier na ginagamit sa ating network. Here’s the vlan ranges provided by Cisco.
How VLAN works
Now, I know you’re getting a sense of it. Let’s dig deeper to help you understand vlan better. In a flat or traditional network, ang mga devices ay nag-cocommunicate by receiving and sending broadcast. Gaya nang na-discuss natin on how switch works. Ibig sabihin, ang flat or traditional network ay isang malaking broadcast domain.
Kapag merong devices na nag-cocommunicate or gustong maki-pag communicate nag-sesend ng broadcast message at LAHAT ng devices na part ng flat or traditional network ay nakaka-tanggap ng broadcast. Ito ay nagdudulot ng pagbagal or pwedeng maging sanhi ng disconnection sa network natin.
Let’s have an example. Sa image sample natin sa taas, ang mga devices na yan ay connected sa switch in a traditional or flat network(unmanaged switches).
Ibig sabihin nagkaka-roon ng “broadcast storm” at pagbagal ng network kapag sila ay “nag-uusap usap” dahil nga sa broadcast. Ang switch ay na-sesend ng broadcast sa lahat ng ports nito(maliban sa source) at ma-rereceived ng lahat ng devices na naka-connect sa kanya.
Kung meron pang ibang switch(or hub) in that flat network, then dun sa mga hubs or switch na yun gaya ng nasa taas at may naka-connect rin na mga devices, ma-rereceive pa rin nila ang broadcast at magiging part pa rin sila ng broadcast. And it can go on and on. Yan ang sitwasyon sa flat at traditional na network.
Over the time, nag-evolved na ang technology at naimbento ang mga new switches. Dito na rin pumasok ang technology about VLANs. Sa pamamagitan ng VLAN, nalilimitahan or naiiwasan ang ganitong sitwasyon.
Bakit?
Dahil tanging ang mga “member” lamang ng isang VLAN ang makaka-tanggap ng broadcast from other member na gustong mag-communicate. Each vlan is on a different broadcast domain.
Sa modern network, ang mga devices na naka-connect sa isang switch ay pwedeng maging member ng iba’t ibang VLANs. Kada-port ng naturang switch ay pwedeng maging member ng different VLANs.
At sympre kada-devices na naka-connect sa naturang port ay magiging member ng VLAN na naka-assign sa port na yun. At ang isa sa malaking benefit nito, tanging ang port lamang na member na naturang VLAN ang makaka-receive ng broadcast message.
For example, kung ang PC 1 to PC 3 ay naka-connect sa port 1 – port 3 ng isang switch at member ng VLAN 5, ang PC 4 na naka-connect sa port 4 at iba pang PC ay hindi makaka-tanggap ng broadcast kung ang mga port kung saan sila naka-connect ay hindi member ng VLAN 5. Tandaan, port ng switch ang ina-assign natin sa VLAN.
Gets ba mga idol? Let’s have more.
Another good thing about the VLAN is the location. Sa isang flat network, dati hindi pwedeng pagsamahin ang magkaibang “role” or “department” sa isang location or “switch” lamang.
Let say sa 2nd floor ng building located ang mga Sales team at sa 3rd floor naman located ang mga HR team. They are connected on a separate access switches which are connected to their main switch or distribution switch. Magkaiba sila ng mga rules at access sa network.
Once na occupied na ang 2nd floor para sa Sales team, you need to create another subnet or maybe add another switch doon sa 2nd floor para sa mga new hired na Sales team. Eh pano kung yung 2nd floor can only accomodate 40 people?
With the help of VLAN, pwede tayong mag-create ng SALES VLAN and HR vlan sa main switch or let say distribution switch (or core switch in some designs) and then all the access switches in the building will have those VLANs. All switches will have those VLAN through VTP(Virtual Trunking Protocol) na ididiscuss natin sa mga susunod na lessons.
So ibig sabihin, kahit may newly hired Sales team or newly hired HR team, they can sit anywhere in the building given that the port of the switch kung saan sila connected ay nasa kani-kanilang VLAN. At na-mamaintain pa rin ang type of access at rules na talagang para sa kanya-kanyang department. No need to add new subnet or switch kung hindi naman talaga kailangan.
Amazing, is in it?
That’s the basic of how VLAN works.
In the new CCNA Fundamentals, we get deeper into this topic. We discussed kung paano mag-configure ng VLANs(with different examples) at pinag-usapan din natin ang about sa layer 2 and layer 3 VLANs as well as the difference between default and native VLANs.
If you love the free lessons we have on this blog, I can guarantee you that you’re gonna love the new CCNA Fundamentals Ebook even more. Taglish din at himay-himay ang bawat topics, pina-simplet at pina-dali ang mga different technologies na may kinalaman sa CCNA.
You can check all the detail of the ebook here.
Here’s some of the feedback for the new CCNA Fundamentals Ebook.
Again, click here if you want to know more about the new CCNA Fundamentals Ebook.
Now, we’re gonna move on to a new lesson which is VLAN Trunking Protocol or VTP. Let’s go!
Leave a Reply