Netis ST3326(ST-3302) [60/118] Advantages of vlans

the packet. A switch builds a table of MAC addresses mapped to associated ports with that

address and only sends a known MAC’s traffic to one port. When the switch receives a

broadcast packet or an unknown unicast packet whose MAC address is not included in the

MAC address table of the switch, it will forward the packet to all the ports except the

inbound port of the packet.

The above scenarios could result in the following network problems.

 Large quantity of broadcast packets or unknown unicast packets may exist in a network,

wasting network resources.

 A host in the network receives a lot of packets whose destination is not the host itself,

causing potential serious security problems.

 Related to the point above, someone on a network can monitor broadcast packets and

unicast packets and learn of other activities on the network. Then they can attempt to

access other resources on the network, whether or not they are authorized to do this.

Isolating broadcast domains is the solution for the above problems. The traditional way is to use

routers, which forward packets according to the destination IP address and does not forward

broadcast packets in the link layer. However, routers are expensive and provide few ports, so

they cannot split the network efficiently. Therefore, using routers to isolate broadcast domains

has many limitations.

The Virtual Local Area Network (VLAN) technology is developed for switches to control

broadcasts in LANs.

A VLAN can span multiple physical spaces. This enables hosts in a VLAN to be located in different

physical locations.

By creating VLANs in a physical LAN, you can divide the LAN into multiple logical LANs, each of

which has a broadcast domain of its own. Hosts in the same VLAN communicate in the traditional

Ethernet way. However, hosts in different VLANs cannot communicate with each other directly

but need the help of network layer devices, such as routers and Layer 3 switches.

Advantages of VLANs

Compared with traditional Ethernet technology, VLAN technology delivers the following benefits:

 Confining broadcast traffic within individual VLANs. This saves bandwidth and improves

network performance.

 mproving LAN security. By assigning user groups to different VLANs, you can isolate them at

Layer 2. To enable communication between VLANs, routers or Layer 3 switches are

required.

 Flexible virtual workgroup creation. As users from the same workgroup can be assigned to

the same VLAN regardless of their physical locations, network construction and

maintenance is much easier and more flexible.