VLAN is the short form of Virtual Local Area Network, which is a group of hosts that have a common set of requirements that communicate as they are attached to the same broadcast domain regardless of their location physically. A VLAN has attributes that are the same as a physical LAN although it allows end stations to be grouped together even if they are not located on the same network switch. The network configuration can be completed through software instead of physically relocating devices. In order to physically replicate the functions of a VLAN it would be important to install a separate parallel collection of network cables as well as switches that are normally kept separate from the primary network.
However, unlike a physically separate network a Virtual Local Area Network must share bandwidth where there are two separate one gigabit VLANs using a single one-gigabit interconnection and this can result in both of them suffering reduced throughput and congestion. It virtualizes VLAN behaviors such as tagging frames when entering VLAN, configuring switch ports, untagging when exiting from VLAN and look up MAC table to switch frames to trunk links. VLAN's are used for several purposes and one of them is providing the segmentation services that were traditionally provided by routers in LAN configurations.
VLANs also address issues that will include scalability, network management as well as security. Routers that are in VLAN topologies provide broadcast filtering, address summarization, traffic flow management as well as security. VLAN's are also useful to those people who want to create multiple Layer 3 networks on the same Layer 2 switch. By using VLAN, you will be able to easily split the network up so some hosts will not be able to use a DHCP server and at the same time obtain link local addresses or obtain an address from a different DHCP server.
A VLAN is essentially Layer 2 constructs compared with IP subnets that are Layer 3 constructs. VLAN's and IP subnets provide independent Layer 2 and Layer 3 constructs that map to one another and this correspondence will be very useful during the process of network design. VLANs can be used to control traffic patterns and react quickly to relocations and they are also capable of providing the flexibility that is needed to adapt to changes in network requirements and also allow for simplified administration.
VLAN is a software concept and the identifiers and configurations for a VLAN must be properly prepared in order for it to function as it is expected. In order to make sure that VLAN members or groups are properly identified and they handled you will need to use a process known as Frame coloring. This is where by packets will be given the proper VLAN ID at their origin so that they may be properly processed as they pass through the network. The ID can then be used to enable switching and routing engines in order to make the appropriate decisions as defined in the VLAN configuration.
Author Resource:
This article touched the basics of the topic. I have 2 more resources related to the above. They are vlan and vlan hopping . They are worth a read.