Networking - VLANs and Trunking
1. VLAN (Virtual Local Area Network)
Definition
A VLAN is a logical subdivision of a physical network.
It allows you to group devices on different physical switches into separate broadcast domains.
-
Works at Layer 2 of the OSI Model (Data Link Layer).
-
Provides network segmentation, security, and better performance.
-
Each VLAN has its own VLAN ID (1–4094).
2. Why VLANs Are Needed
Without VLANs:
-
All devices in a LAN are in the same broadcast domain.
-
Unnecessary broadcast traffic → Network congestion.
-
Poor security since all devices can communicate freely.
With VLANs:
-
You can separate traffic logically.
-
Devices in different VLANs cannot communicate without a router or Layer 3 switch.
-
Improves security and performance.
3. Example Scenario
Without VLANs:
[PC1] ----\
[PC2] ----- Switch ---- [PC3]
[PC4] ----/
-
All PCs are in one broadcast domain.
-
Broadcast from PC1 → received by PC2, PC3, PC4.
With VLANs:
VLAN 10 (HR) → PC1, PC2
VLAN 20 (Sales) → PC3, PC4
-
PC1 and PC2 can communicate.
-
PC3 and PC4 can communicate.
-
But PC1 cannot talk to PC3 without routing.
4. VLAN Configuration Example (Cisco)
Creating VLANs on a switch:
Switch> enable
Switch# configure terminal
Switch(config)# vlan 10
Switch(config-vlan)# name HR
Switch(config-vlan)# exit
Switch(config)# vlan 20
Switch(config-vlan)# name SALES
Switch(config-vlan)# exit
Assigning VLANs to ports:
Switch(config)# interface fastEthernet 0/1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config)# interface fastEthernet 0/2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 20
5. Advantages of VLANs
| Feature | Benefit |
|---|---|
| Segmentation | Divides one big network into smaller networks |
| Security | Isolates sensitive traffic |
| Performance | Reduces unnecessary broadcast traffic |
| Flexibility | Devices can be grouped logically, not physically |
6. Trunking
Definition
Trunking is used to carry multiple VLANs over a single physical link between two network devices (e.g., between two switches or between a switch and a router).
-
Without trunking → You’d need one cable per VLAN.
-
With trunking → One cable carries traffic from all VLANs.
-
Uses 802.1Q tagging to identify VLANs.
7. How Trunking Works
-
When a frame leaves a switch on a trunk port, the switch adds a VLAN tag (802.1Q).
-
The receiving switch reads the tag and forwards the frame to the correct VLAN.
-
Access ports don’t tag frames, but trunk ports do.
8. Trunking Configuration Example (Cisco)
Setting a port as a trunk port:
Switch(config)# interface fastEthernet 0/24
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan 10,20
Switch(config-if)# switchport trunk encapsulation dot1q
This configures FastEthernet 0/24 as a trunk port carrying VLANs 10 and 20.
9. Example Network with VLANs and Trunking
┌──────────────┐
│ Switch A │
│ VLAN 10, 20 │
└──────┬───────┘
│ Trunk Link (802.1Q)
│ Carries VLAN 10 + VLAN 20
┌─────┴─────┐
│ Switch B │
│ VLAN 10, 20 │
└─────┬─────┘
┌───────────┐ ┌───────────┐
[PC1 VLAN10] [PC2 VLAN20]
-
Trunk link carries both VLANs between Switch A and Switch B.
-
VLAN 10 devices communicate directly.
-
VLAN 20 devices communicate directly.
-
VLAN 10 and VLAN 20 devices cannot communicate without routing.
10. VLANs vs Trunking
| Feature | VLAN | Trunking |
|---|---|---|
| Purpose | Divides a network into smaller segments | Carries multiple VLANs over one link |
| Works On | Switch ports | Switch-to-switch / Switch-to-router links |
| Tagging | No tagging on access ports | Uses 802.1Q tagging |
| Traffic Type | One VLAN per port | Multiple VLANs per link |
| Example Use | Separate HR and Sales networks | Connect VLANs between switches |
11. Key Takeaways
-
VLANs = Logical segmentation of a network.
-
Trunking = Carries multiple VLANs over one cable.
-
802.1Q = Protocol used for VLAN tagging.
-
Devices in different VLANs cannot communicate without routing (Inter-VLAN Routing).
