Configuring VLANs

·

2 min read

Configuring VLANs

<What>

This not only improves security by minimizing the window of possible threats by isolating critical systems and public-facing servers into different networks but also performance and simplified manageability. Since the number of broadcast domains is much smaller in separate VLANs than not implementing VLANs, this also reduces the number of broadcast traffic, where performance plays a big role. Aside from performance, simplified manageability allows network admins to have a much more scalable network. Managing devices in different networks and reconfiguring other devices are now possible without physical interaction.

A VLAN is a small to medium-sized network, such as your home network. Your home network is a LAN, assuming that your local network address is 10.0.0.0/24. The “/24” is short for 255.255.255.0, where there are 256 IP addresses available but only 254 available addresses to be assigned to possible devices. Now imagine, you have a building with 5 floors, and each floor has a LAN with the subnet mask of “/24”. Were talking about a total of 1,270 possible devices. Instead of connecting each LAN to a separate physical switch (5 physical switches), imagine using one switch to manage all 5 LANs. This configuration creates 5 VLANs.

<How>

For VLANs to properly work in a network where multiple subnetworks are in place we would need to implement SVIs, VLAN Trunking Protocol (VTP), and trunk mode to allow other VLANs in different switches to communicate with each other.

A Switch Virtual Interface (SVI) is like a gateway for a VLAN, but rather a virtual gateway. For other devices to communicate with other devices outside its VLAN, a virtual gateway is needed. Think of SVIs as a virtual “door” to other networks.

A trunk is a network connection that allows for multiple VLANs from separate switches to communicate over a single link. Think of trunks being like a bridge between two cities. If a commuter were to visit the other city, then they would have to pass through the bridge. Similarly, trunks facilitate communication between VLANs across the network.

<Demonstration Video>

In this video, I’ll demonstrate how to segment multiple networks into different Virtual Local Area Networks (VLANs). This lab will demonstrate my knowledge and skills on how to isolate critical devices from other non-critical devices via VLANs.