--- id: 16. VLAN (Part 1) aliases: [] tags: [] --- # VLAN (Part 1) ## What is a [[LAN]]? Previously i said that a LAN is a group of devices (PCs, servers, routers, switches) in a single location (home office, etc.) A more specific definition: A LAN is a single [[broadcast domain]], including all devices in that broadcast domain. ## Broadcast domains A broadcast domain is the group of devices which will receive a broadcast frame (destination [[MAC]] FFFF.FFFF.FFFF) sent by any one of the members. Perfomance: lots of unnecessary broadcast traffic can reduce network performance Security : Even within the same office you want to limit who has access to what. You can apply security policies on a [[router]]/[[firewall]] Because this is one LAN, PCs can reach each other directly, without traffic passing through the router So even if you configure security policies, they won't have any effect. Although we separated the three departments into three subnets ([[OSI|Layer 3]]), they are still in the same broadcast domain ([[OSI|Layer 2]]) ## What is a [[VLAN]] A [[switch]] will not forward traffic between VLANs, including broadcast/unknown unicast traffic - VLANs are configured on switches on a **per-interface** basis. - logically separate end hosts at Layer 2. The switch does not perform inter-Vlan routing. It must send the traffic through the router ### VLAN configuration to display all the VLAN's available you can do the command ```Cisco SW1#show vlan brief ``` By default all interfaces are set to VLAN 1 But VLANs1, 10002-1005 exist by default and *cannot be deleted* to assign interfaces to a VLAN ```Cisco SW1(config)#interface range g1/0 - 3 SW1(config)#switchport mode access SW1(config)#switchport access vlan 10 % Access VLAN does not exist. Creating vlan 10 ``` An access port is a switchport which belongs to asingle VLAN, and usually connects to end hosts like PCs Switchports which carry multiple VLANs are called 'trunk ports' (More information on trunks in the next lesson) You can change the name of the VLAN with the command : ```Cisco SW1(config)#vlan 10 SW1(config-vlan)#name ENGINEERING ``` This Commang creates a VLAN. (In this case it was already automatically created when we assigned the interfaces) ## Review - What is a (LAN)? - Broadcast domains - What is a Vlan - What is the purpose of VLANs? - How to configure VLANs on Cisco switches