1-2
of network layer devices, such as routers and Layer 3 switches. Figure 1-1 illustrates a VLAN
implementation.
Figure 1-1 A VLAN implementation
Switch
Router
Switch
VLAN A VLANB VLAN A VLANB
VLAN A VLAN B
Compared with the traditional Ethernet, VLAN enjoys the following advantages.
z Broadcasts are confined to VLANs. This decreases bandwidth consumption and improves network
performance.
z Network security is improved. Because each VLAN forms a broadcast domain, hosts in different
VLANs cannot communicate with each other directly unless routers or Layer 3 switches are used.
z A more flexible way to establish virtual workgroups. VLAN can be used to create a virtual
workgroup spanning physical network segments. When the physical position of a host changes
within the range of the virtual workgroup, the host can access the network without changing its
network configuration.
How VLAN Works VLAN tag
VLAN tags in the packets are necessary for a switch to identify packets of different VLANs. A switch
works at the data link layer of the OSI model (Layer 3 switches are not discussed in this chapter) and it
can identify the data link layer encapsulation of the packet only, so you need to add the VLAN tag field
into the data link layer encapsulation if necessary.
In 1999, IEEE issues the IEEE 802.1Q protocol to standardize VLAN implementation, defining the
structure of VLAN-tagged packets.
In traditional Ethernet data frames, the type field of the upper layer protocol is encapsulated after the
destination MAC address and source MAC address, as shown in Figure 1-2