Why use VLAN?

wuitsungwuitsung Member Posts: 5 ■□□□□□□□□□
in CCNA & CCENT
I know the basic of VLAN. It's a virtual lan in its broadcast domain created by switch. Normally it's the router creating the broadcast domain.

My question is why don't just use router?? so we don't have the hassle of configuring VLAN...
· Share on FacebookShare on Twitter

Comments

  • tierstentiersten Member Posts: 4,505
    So you don't need to buy a switch for each one? Trunking as well.
    · Share on FacebookShare on Twitter
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Like tiersten said, to save money on switches. :)
    twitter: @astorrs
    profile: linkedin.com/in/astorrs
    · Share on FacebookShare on Twitter
  • wuitsungwuitsung Member Posts: 5 ■□□□□□□□□□
    the only reason is to save money??
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    Saving money isn't a good enough reason?

    You can survive without VLANs but you'll end up with more hardware. More NICs in your servers if they need to be on multiple LANS. More switches since you'll have more LANs. More cabling since you'll need to connect all this extra hardware together.

    It will let you change what LAN a port is connected to via software means. You don't have to dig around trying to find the cable.
    · Share on FacebookShare on Twitter
  • CCIEWANNABECCIEWANNABE Banned Posts: 465
    vlans are tagged with their vlan # when moving across the switch and across trunks. the purpose is to create logical groupings of devices based on vlan. the need for a router is to route traffic between vlans, except for in the case of a layer 3 switch (where any port can be programmed as a layer 3 port). in general, switches are faster than routers and can forward traffic to their destinations faster. another point is smaller routers generally don't have many ports on them because switches are used to connect end devices to the network. it makes no sense to deploy routers to your access layer model of your network, where your end devices are.
    · Share on FacebookShare on Twitter
  • cisco_troopercisco_trooper Member Posts: 1,441 ■■■■□□□□□□
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    icon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gificon_eek.gif
    · Share on FacebookShare on Twitter
  • msteinhilbermsteinhilber Member Posts: 1,480 ■■■■■■■■□□
    We use them so we can break apart our network as needed without having to go and move cables around, if we used different switches for each group then we would have many more switches and much more cabling in place to support them.

    And that's a lot of constipated looking smilies cisco_trooper!
    · Share on FacebookShare on Twitter
  • YossarianYossarian Member Posts: 14 ■□□□□□□□□□
    wuitsung wrote:
    I know the basic of VLAN. It's a virtual lan in its broadcast domain created by switch. Normally it's the router creating the broadcast domain.

    My question is why don't just use router?? so we don't have the hassle of configuring VLAN...

    We use vlans to separate our data and voice.
    · Share on FacebookShare on Twitter
  • wuitsungwuitsung Member Posts: 5 ■□□□□□□□□□
    Thank you everyone.
    So can I totally replace the use of routers and use a layer-3 switch (or layer-2 switch + a router) and implement VLANS in my network? So can I also say VLAN is a alternative of router and it's better and faster?

    And in what situation a router cannot be replaced by vlan (if I have a layer-3 switch)?
    · Share on FacebookShare on Twitter
  • gojericho0gojericho0 Member Posts: 1,059 ■■■□□□□□□□
    you wouldn't be able to replace the router with a layer 3 switch for most WAN links since they mostly use technology other L1/L2 technology and not ethernet
    · Share on FacebookShare on Twitter
  • jbaellojbaello Member Posts: 1,191 ■■■□□□□□□□
    Not sure if someone has mentioned it yet, but one of the benefits is also to limit broadcast domains cause VLAN don't communicate with each other without using a layer 3 device.
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Increased security.
    · Share on FacebookShare on Twitter
  • Met44Met44 Member Posts: 194
    As dynamik said, the primary reason for implementing VLANs is to increase security on the network. By using multiple VLANs (each a separate subnet), traffic going between two VLANs must be routed; because of this, you can implement traffic/security policies and monitor traffic throughout your organization much more easily.

    How you implement this type of security (simply using VLANs vs loads of router ports connecting to different subnets) will impact the efficiency of your design (saving or costing you money). While you could potentially connect a bunch of switches to a router and get the same security of an environment with VLANs by spending a lot more money, it would be a very poor choice given the option of simply configuring VLANs.
    · Share on FacebookShare on Twitter
  • wuitsungwuitsung Member Posts: 5 ■□□□□□□□□□
    Thank you. So the conclusion is "To save money" while comparing using VLAN vs Ruters right?

    Just to make sure I understand. Creating VLANs is the same as using routers. VLAN acts like a logical router (on the aspect of the ability to create subnets). Except for VLAN I need a trunk port to route traffic if I want different diffrent subnets (vlan) to talk to each other or same vlan id in different switch.

    Correct?
    · Share on FacebookShare on Twitter
  • skrpuneskrpune Member Posts: 1,409
    wuitsung wrote:
    Thank you. So the conclusion is "To save money" while comparing using VLAN vs Ruters right?

    Just to make sure I understand. Creating VLANs is the same as using routers. VLAN acts like a logical router (on the aspect of the ability to create subnets). Except for VLAN I need a trunk port to route traffic if I want different diffrent subnets (vlan) to talk to each other or same vlan id in different switch.

    Correct?
    Saving money is a really big added benefit, but VLAN's are primarily for increased security & flexibility without having to make any physical changes to your network. The fact that you can make these changes virtually & add security are the biggest draws for creating VLANs. You can rearrange networks virtually without having to move anything around, which is great for adapting your network to changing needs over time.

    You're right about needing routers or other layer three devices to get different VLANs to talk to each other - switches are at layer 2 and you need a higher layer device to get the different VLANs to talk.
    Currently Studying For: Nothing (cert-wise, anyway)
    Next Up: Security+, 291?

    Enrolled in Masters program: CS 2011 expected completion
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    wuitsung wrote:
    Creating VLANs is the same as using routers. VLAN acts like a logical router (on the aspect of the ability to create subnets).

    No. You'd need a layer-3 switch or router if you wanted to route traffic between VLANs. On my 2950 switches, I can create VLANs, but there is no inherent way to route traffic between them.

    This might help you with the basics: http://en.wikipedia.org/wiki/VLAN
    · Share on FacebookShare on Twitter
  • wuitsungwuitsung Member Posts: 5 ■□□□□□□□□□
    Ishouldn't use the term router... so except the ability to route VLAN has all as a router can do right?
    · Share on FacebookShare on Twitter
  • skrpuneskrpune Member Posts: 1,409
    wuitsung wrote:
    Ishouldn't use the term router... so except the ability to route VLAN has all as a router can do right?
    They're on separate layers and have different purposes, so you're not going to be able to draw parallels between them quite so neatly. Normally on a switch, you can have 'broadcast storms' - broadcasts are transmitted from one segment to another. VLANs can create virtual broadcast domains within a switch and reduce the scope of broadcast domains to a specific area that you specificy; routers create a separate broadcast domain per port. Routers can talk to other routers; VLAN's use trunking to connect switches & allow for communication between computers that are physically separated by switches but which are on the same logical VLAN. (You still however need a router for separate VLANs to communicate with each other.)
    Currently Studying For: Nothing (cert-wise, anyway)
    Next Up: Security+, 291?

    Enrolled in Masters program: CS 2011 expected completion
    · Share on FacebookShare on Twitter
  • tierstentiersten Member Posts: 4,505
    wuitsung wrote:
    Ishouldn't use the term router... so except the ability to route VLAN has all as a router can do right?
    No. Do you have any CCNA books? If so, you should reread the parts about VLANs.
    · Share on FacebookShare on Twitter
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    If you want to draw a rough parallel to another concept you may be familiar with, it would probably be a subnet.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.