Introduction

Now we’re going to talk about the difference between subnets and VLANs. Now both of these do the same thing, they are both used to separate or break down a network into smaller networks. And the main reasons for doing this is to make a network perform better, to add security to a network, and to make a network more manageable.

Subnets

What is a Subnet?

However both subnets and VLANs do these things using different methods. Subnets separate networks physically, while VLANs separate networks virtually. So let’s talk about subnets first. Subnet stands for sub network. A subnetwork is a smaller network within a larger network. And subnets are created by using routers.

Example of Subnets in a Small Network

So for example let’s look at a small local area network that’s typically used in a small business. So here we have some computers connected to a switch. Now when these computers want to communicate with other computers on this network, they will first send out a broadcast over the entire network and every computer that’s connected to this switch will receive the broadcast.

This is known as a broadcast domain. Now this wouldn’t be a problem on a small network like this with only a few computers. But if this business got larger and more computers were added, the amount of broadcast traffic would increase and flood the network with data, potentially causing a slowdown.

How Subnets Help

Now one way to prevent this is by creating sub networks or subnets, which is known as subnetting. Creating subnets will separate and physically break down this network into smaller networks and they are broken down and separated by using routers. And by doing this, this would alleviate the problem of excess of traffic because broadcasts do not go past routers, broadcasts only stay within a network.

So as you can see, the subnets are separated by routers and each of these subnets has their own broadcast domain which will not interfere with the other networks. Another reason for separating a network is for security. So for example let’s say that a business has three departments, such as sales, I.T., and service.

Securing Subnets

And in each of those departments are servers that contain sensitive data that no one in the other departments are allowed to access. Now if this network was kept like this, meaning one big network, where all the devices are connected using a switch, well that means that everyone in all the departments are able to see all the computers and servers in the other departments.

So the network administrator needs to isolate the network traffic between the departments. So that sales doesn’t see traffic from I.T, I.T. doesn’t see traffic from service, and so on. And once again since there are three departments the administrator can break down this network into three subnets using routers. So that each department has their own network.

So now the network traffic from the different departments stay within their network and each department can only see their own computers and servers. They are not able to see the other devices in the other departments.

VLANs

What is a VLAN?

Now a VLAN will do the same thing. A VLAN or virtual local area network will also break down and separate a network, but it will do it virtually. VLANs are created on a VLAN enabled switch.

Example of VLANs in a Business

The ports on the VLAN switch can be configured to separate network traffic without using routers. So back to our business example with three departments, so if you as an administrator wanted to break down and separate this network into three smaller networks according to their department, there’s no need to move the computers and cables or add additional routers. All we have to do is configure three VLANs on the switch.

So we’ll configure four ports on the VLAN switch for the sales department. And then we’ll call this VLAN 1 and then we’ll plug all the devices from the sales department into these ports. And then we’ll configure another four ports on the switch for the service department and then we’ll call this VLAN 2 and then we’ll plug all the devices from the service department into these ports.

And then we’ll configure four ports for the I.T. department and then we’ll call this VLAN 3 and then we’ll plug all the devices from the I.T. department into those ports. And once that is complete, these are now three separate networks with three separate broadcast domains.

Benefits of VLANs

Each department can only see their own network traffic and their own devices because the network traffic is separated between the departments using VLANs. So this is why VLANs are so popular with medium to large businesses because they can separate networks without adding routers, firewalls, cables, moving equipment around, or configuring IP addresses.

They can just separate networks virtually by using VLANs.

Conclusion

So guys if you never worked with VLANs before there’s only so much you can learn from a blog. I recently purchased a small VLAN switch from my home and configured several VLANs as a refresher for this blog. It’s a great way to learn and see how VLANs work.

Categorized in:

Uncategorized,

Last Update: September 1, 2024