In this writing we will introduce VLAN fundamentals in regard to basic Cisco switching and routing information technology. Keep in mind to focus on VLAN network concepts, configuration, and environment details. When VLAN fundamentals are basically understood, it is easy to fill in additional fine details later.

VLAN basic theory

VLAN’s are virtual local area networks. They are not confined to the physical network layout. These groupings of hosts and resources can exist almost anywhere on the network and they are a logical group. Organizations can divide or partition their LAN/ WAN networks with VLAN's. In this way they can control the resources connected to achieve a baseline functioning network that is acceptable to what the network design objectives are.

VLAN’s facilitate and simplify network management because the resources can form a local area network without being physically near or local. Another benefit to this idea of VLAN’s is they are a security barrier. Network hosts and service resources can communicate within their VLAN group but can not necessarily communicate to other VLAN groups.

VLAN technology is used on switches and ports. It is associated with the OSI model, data link layer 2. On this layer MAC addresses are used to identify resources in addition to using VLAN’s . The switch maintains tables that keep track of what port numbers are associated with what MAC addresses and VLAN’s. A MAC address is the hard coded identifier that belongs to the hardware or device plugged into a switch port. Cisco NOS, Cisco Network Operating system can configure ports on a switch to belong to VLAN’s. Network hosts and resources are plugged into the switch ports. The resources are managed through the VLAN groups configured on the network. VLAN Groups are usually numbered but can also be named.

This can be handy when identifying where the resources are located or to what department they belong. For example we may have a VLAN group for the accounting department, the shipping department, and the sales department. If there is an issue with a specific VLAN we can easily identify what department will be having a concern if we name the VLAN. VLAN’S can remain identified with numbers, but be sure to organize a method of associating the numbers with what they are suppose to represent.

Options and Design considerations

As with many technologies there can be a wide range of options and considerations. It’s best to keep in mind a few extra configuration variations that may be possible on some networks in regard to VLAN’s. Not all networks will have these elements but it’s good to be aware of the possibilities in cases where they arise. For example one may see many small switches in a switch room connected, along with a trunking link. The trunk link ties the switches together to let them work as a group. When dealing with trunks and VLAN’s keep in mind there may be limitations to the VLAN traffic that can pass trough the trunk links. VTP can also be used, as it is enabled by default.

In some networks the designers use switches with many ports or expandable stackable switches to extend their switch port capability. This can be a good idea because using many small switches linked all together to extend the networks capacity does not scale very well, and the VLAN configuration in the long run may not be worth the administrative hassle. Be sure to erase old VLAN configurations from switches being moved to another location on the network. If the VLAN configuration has changed or something important is different vital to VLAN operation, there will be errors. Generally it’s a good idea to never reuse old VLAN data. A last thing to consider if needed would be a gateway from the switch to another remote network. VLAN’s in more than one physical location may need to pass through a gateway or router to communicate with a remote network or associate VLAN’s. You can design the network switch specification to include an external router or an integrated router.

In reference to network design this is an individual choice of the network designer. One may claim integrating the switch and router increases reliability, or some may say using an external router gives better choice of model, specifications and speed for an implementation. When choosing or upgrading a VLAN network choose the best affordable equipment and balance of simplicity, reliability, and performance. Administrating a network everyday can be exhausting if the network design is prone to frequent breakdowns and concerns. It is best to implement best practice into any network design rather than just setting it up to do the job.

VLAN configuration

Configuration can be done from the command line or other methods and tools can be used. Cisco NOS keeps a database in memory on the switch to facilitate keeping track of VLAN information. When running commands from the switch console these will modify the VLAN database. Many various forms of command line syntax can be used to perform VLAN tasks. Below are some examples of typical commands and their syntax for working with VLAN.

  • Command line for displaying VLAN information

show vlan [vlan]

  • Create and name a new VLAN

vlan vlan-id [name vlan-name]

  • Command line to show trunk status

show interfaces [interface-id | vlan vlan-id] [switchport | trunk]

Several different ways may be used to configure Cisco switches and VLAN. You can run scripts or copy and paste command line configuration commands to setup VLAN. Various GUI tools are available like Cisco Works or Cisco Prime. As these network management software methods evolve and expand their capabilities, the usefulness they provide can be a real time saver on larger networks and enterprise networks. As future requirements come into play with local area network administration, we will see more methods and implemented strategies involving switch management. VLAN technology currently plays a vital role in administration of physical local area networks by expanding them logically beyond physical boundaries. It is a certainty, VLAN is and will remain a leading technology for many years to come.

