Confuse about VLAN?

Joined
Aug 14, 2012
Messages
33
Hi everyone,

Sorry I don't have much network knowledge, but I found it disturbing.

My friend told me that without VLAN the world of networks will collapse. Joking :p

He told me without VLAN, my LAN network will be very slow? I think he did say about sending packets. If use VLAN, they send in bulk something like that. Plus without VLAN, my office internet will be really unstable.

My current network is like this:-

cisco router wireless (gateway)
tp-link switch (vlan500 here)
cisco router wireless access point

Does every local area network need VLAN? And is it really true what he claimed?

Any help? Thanks.
 
Ericmachine,

Thanks for asking. You will want not to have vlan500. 500 is reserved by ASPCA. Also, one VLAN per LAN ID for your MAC on layer2 only. PC is different. Not layer2 will make it faster.
 
Wtf idea? I have no clue haha what you mean lol
maybe you can clarify that?

OP

VLANs prevent you from having GINORMOUS MASSIVE super boradcast domains.

Imagine working a warehouse that has 1000 employees all doing different jobs and required to communicate with people in all 4 corners across the hundreds of people in between ...

Now imagine vlan being several rooms in between with each department's workers in each room. Now that would be much quieter and easier to talk to one another wouldn't it?

If we didn't have VLANs the internet would have so much traffic your network card would melt. lol


EVERYTHING HERE IN THESE QUOTES have absolutely NOTHING to do with anything vlan ... so ..... omit that stuff
He told me without VLAN, my LAN network will be very slow? I think he did say about sending packets. If use VLAN, they send in bulk something like that. Plus without VLAN, my office internet will be really unstable.

My current network is like this:-

cisco router wireless (gateway)
tp-link switch (vlan500 here)
cisco router wireless access point

Does every local area network need VLAN? And is it really true what he claimed?

Any help? Thanks.
 
tangoseal puts it well and simple

VLAN's allow another layer to better organize network traffic to possibly make things faster and more secure

Now, your network, how many computers do you have on it?

it sounds like your friend really doesn't know what they are talking about
 
I think your friend is thinking about VTEC. You need to get some VTEC in your network to increase bit performance and packet efficiency.
 
Thanks for the clarifications :) great community :)

as for now,

Office:-
5 mac book pro laptops (lion)
1 iMac (lion)
1 iMac (mountain lion upgraded)
2 ubuntu 12.04 laptops
1 ubuntu 12.04 PC (just to project out to 2 LEDTVs)
3 centos 5.7 servers
1 centos 5.8 server
2 ubuntu 10.04 64 bits server

i assume vlan can be done on all switches or routers? hmm?
 
With that many machines, there's no point in VLANs. They'd be more of a pain than a help.

The switches and routers need to support VLANs; not all do.
 
Ya VLAN's wont do anything performance wise for your set up except give you some added security, if you feel you need it.
 
Yep, I would only use VLANs in that setup to segment servers away from desktops, etc...

It's like putting them on two different networks, even though they share the same physical hardware.
 
so i assume VLAN is only suitable for home use and smaller setup?

so mine consider bigger setup? hmm?

regarding segment servers away from desktop, what's the benefits? so that servers have more priority on the bandwidth thing?
 
so i assume VLAN is only suitable for home use and smaller setup?

so mine consider bigger setup? hmm?

regarding segment servers away from desktop, what's the benefits? so that servers have more priority on the bandwidth thing?

VLAN'ing is suitable for anything you want it for no matter home or office or enterprise.

I run 3 VLAN's in my home.

the first VLAN is my guest network for friends and their laptops and cell phones and I let my neighbor who is poor use my internet connection via wifi on this vlan.

the second vlan is my internal trusted vlan I use for all of my PC's, NAS, Servers, etc...

the third vlan is my trusted 2nd vlan that I use for all the televisions, ps3, and other media devices. I do this to segregate traffic and broadcast from all of the fun stuff away from my important business and personal non fun stuff.

There is no need for me to do any of this but because I have the gear and the know how I chose to implement it.

Other than that there is no justifiable need to run vlans for networks that have less than 200'ish or so PC's. Or special security, broadcast control, or access reasons. Past that I would vlan them up.

Keep in mind that when you VLAN unless you have a routed switch aka L3 or a router which is L3 already you will have no ability to pass traffic between VLANs when required.

Man this is probably too deep for this conversation but at least someone can learn something.
 
so i assume VLAN is only suitable for home use and smaller setup?

so mine consider bigger setup? hmm?

regarding segment servers away from desktop, what's the benefits? so that servers have more priority on the bandwidth thing?

You have that backwards. VLAN is suitable for LARGER than home use OR where you need enhanced security between servers and clients. From the network you are describing, you won't need the benefits of VLANs. They would probably just make things more frustrating and expensive than they need to be.

The reason to segment servers would be for using Acces Control Lists limiting who can connect to or from the servers.

You also use VLANs in large networks to split your broadcast domains. If you get over 500 hosts on a network, the network gets so busy with broadcast packets that it bogs everything down and makes it slow.
 
You have that backwards. VLAN is suitable for LARGER than home use OR where you need enhanced security between servers and clients. From the network you are describing, you won't need the benefits of VLANs. They would probably just make things more frustrating and expensive than they need to be.

The reason to segment servers would be for using Acces Control Lists limiting who can connect to or from the servers.

You also use VLANs in large networks to split your broadcast domains. If you get over 500 hosts on a network, the network gets so busy with broadcast packets that it bogs everything down and makes it slow.

beating a dead horse man.... but yeah you are right still haha
 
so i assume VLAN is only suitable for home use and smaller setup?

so mine consider bigger setup? hmm?

regarding segment servers away from desktop, what's the benefits? so that servers have more priority on the bandwidth thing?

Yes, your settup is one the biggest I seen. Wow It is really big, what do you do on that network. 5 macbook pros and 1 mountain lion upgraded WOW. You should use VLAN2 for its size. VLAN is only good for smaller than yours
 
Yes, your settup is one the biggest I seen. Wow It is really big, what do you do on that network. 5 macbook pros and 1 mountain lion upgraded WOW. You should use VLAN2 for its size. VLAN is only good for smaller than yours

Really? You're going to be a dick? Lay off. He asked a legitimate question and needed more clarification.
 
Last edited:
VLAN'ing is suitable for anything you want it for no matter home or office or enterprise.

I run 3 VLAN's in my home.

the first VLAN is my guest network for friends and their laptops and cell phones and I let my neighbor who is poor use my internet connection via wifi on this vlan.

the second vlan is my internal trusted vlan I use for all of my PC's, NAS, Servers, etc...

the third vlan is my trusted 2nd vlan that I use for all the televisions, ps3, and other media devices. I do this to segregate traffic and broadcast from all of the fun stuff away from my important business and personal non fun stuff.

There is no need for me to do any of this but because I have the gear and the know how I chose to implement it.

Other than that there is no justifiable need to run vlans for networks that have less than 200'ish or so PC's. Or special security, broadcast control, or access reasons. Past that I would vlan them up.

Keep in mind that when you VLAN unless you have a routed switch aka L3 or a router which is L3 already you will have no ability to pass traffic between VLANs when required.

Man this is probably too deep for this conversation but at least someone can learn something.

I have nothing to add except I thought this was really cool. Right when I'm about to completely lose faith in humanity, good timing.
 
With private vlan (a feature regarding vlans) you can even have vlans as small as 1 client (or well... two devices since the client must be able to reach a gateway otherwise its pointless for it to connect to the network ;-)

When it comes to VLANs they can also be tagged or untagged. That means if the packets which will leave a particular interface should be tagged with information on which VLAN it belongs to (802.1Q) or not. This is to inform the other side (usually another switch/router) which VLAN this particular packet belongs to.
 
With private vlan (a feature regarding vlans) you can even have vlans as small as 1 client (or well... two devices since the client must be able to reach a gateway otherwise its pointless for it to connect to the network ;-)

When it comes to VLANs they can also be tagged or untagged. That means if the packets which will leave a particular interface should be tagged with information on which VLAN it belongs to (802.1Q) or not. This is to inform the other side (usually another switch/router) which VLAN this particular packet belongs to.

Frames.... packets are just router fat added on to them (frames) before being sent off your network hahaha.... But yeah you are right.

OP did any of this help? I mean the entire thread?
 
Uhh yes... frames for L2 and packets for L3 and since VLAN is L2 its frames and not packets :)

There are other segmentation techniques if VLAN isnt enough such as MPLS, EVPL etc.
 
Head 'asplode!

Don't forget VLANs also help with the segregation of voice traffic. Not that it needs to be explained or anything. :p
 
Last edited:
Lots of people tend to confuse the hell out of VLANs, the use and their benefits.

The easiest way to think of them is just as the name implies - Virtual LANs. Anything you can do with a VLAN (generally) can also be done by just inter-connecting a bunch of physical switches and routers. The idea of the VLAN is to allow this infrastructure on a virtual level - saving cost, overhead, space and power.

Personally (because my co-workers don't understand VLANs and they need to be able to troubleshoot the LAN) I don't do much VLAN work because it's just easier to identify LAN segregation across different Physical hardware, and we have the space and budget to accommodate that. The first rule of working for an SMB is "Don't make anything more confusing than absolutely necessary" because 2 years from now when I want the green Helpdesk guy to fix a network problem while I'm on a beach somewhere I don't want to have to teach him the entire CCNA.

On tagged/untagged - you may need to read a few explanations before you get an "a-ha" moment - I know I was lost by the way it was originally taught to me.

On tagged port : Forwards the frame WITH THE VLAN ID. Generally used to "extend" the VLAN to another network device (Router, switch, WAP, etc) which also need to be aware of and configured for the same VLAN IDs. Devices that are not aware of the VLAN configuration will often choke on tagged packets.

On untagged port : Forwards the frame WITHOUT THE VLAN ID. Generally used for client devices that don't care about VLANs. To simplify - untagged VLAN ports on the same VLAN ID work like their own switch.
 
Last edited:
Also, in Cisco terms:

Tagged Port = Trunk Port
Untagged Port = Access Port
 
Not to mention that in HP lingo trunk means channelgroup (or LACP - multiple interfaces working as one) and not tagged port :)
Actually Cisco are the weird ones there. The "Real" trunking is port trunking (or Link Aggregation).

Cisco using "trunking" for VLAN tagging is just another in a their long line of proprietary mislabeling for the sake of confusion.
 
Actually Cisco are the weird ones there. The "Real" trunking is port trunking (or Link Aggregation).

Cisco using "trunking" for VLAN tagging is just another in a their long line of proprietary mislabeling for the sake of confusion.

I couldnt agree with you more :)
 
Cisco has over 60% of the global networking market. I would bargain that their terminology is the correct terminology until someone else can take the market share.

source: http://beta.fool.com/dividendkings/2012/02/07/how-much-mighty-cisco-really-worth/1748/

and they are very rich.

Thats about how it works.

Im not fanboying. That just sucks how it is but it is what it is. I agree with you though.

Thats a really odd way to decide which terminologi is the correct one to use.

To compare Microsoft have a way larger market share than OpenBSD(foundation) - but I guess noone (or very few) would argue that Microsoft is better at security than OpenBSD(foundation) is.

You will find some references at http://en.wikipedia.org/wiki/Trunk_line regarding who is right and who is wrong when it comes to trunking :)

Computer networks

Link aggregation
Main article: Link aggregation

In computer networking, port trunking refers to the use of multiple network connections in parallel to increase the link speed beyond the limits of any one single cable or port. This is called link aggregation. These aggregated links may be used to interconnect switches or to connect high-capacity servers to a network.

VLANs
Main article: VLAN

In the context of Ethernet VLANs, Avaya[citation needed] and Cisco[7] use the term Ethernet trunking to mean carrying multiple VLANs through a single network link through the use of a trunking protocol. To allow for multiple VLANs on one link, frames from individual VLANs must be identified. The most common and preferred method, IEEE 802.1Q adds a tag to the Ethernet frame, labeling it as belonging to a certain VLAN. Since 802.1Q is an open standard, it is the only option in an environment with multiple-vendor equipment. Cisco also has a proprietary trunking protocol called Inter-Switch Link which encapsulates the Ethernet frame with its own container, which labels the frame as belonging to a specific VLAN.
 
Back
Top