What are VLANs?
VLAN (Virtual LAN) is a group of devices on a LAN (Local Area Network) that are configured using management software so that they can communicate as if they were attachted to the same wire, when in fact they are located on a number of different LAN segments.
End nodes in a VLAN are grouped logically, though they may be physically separated on different segments.
And because VLANs are based on logical instead of physical connections, they are extremely flexible.
Why Switched VLANs?
The primary reason to build VLANs is to isolate and contain broadcast traffic by grouping segments to form logical traffic patterns.
VLANs are created to reduce broadcast traffic in a LAN, and to allow for configuration flexiblity. Switches are used to implement VLANs.
A VLAN consist of many nodes connected by a single bridging domain.
A bridging domain is a portion of a network that consists of end nodes and Layer 2 devices such as bridges and switches.
Individual VLANs do not connect to other VLANs. A router is necessary to provide VLAN-to-VLAN communications.
VLAN Specifications
Switch vendors typically use IEEE 802.1A to implement VLAN standards.
Frame tagging is used to indicate VLAN information.
This allows mixing of vendor switch products, since it is no longer proprietary. This standard validates the open systems model.
What are the benefits of VLANs?
1. Flexible network segmentation
Users and resources that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location.
Each group’s traffic is largely contained within the VLAN, reducing extraneous traffic and improving the efficiency of the whole network.
2. Simple management
The addition of nodes, as well as moves and other changes, can be dealt with quickly and conveniently from the management console, rather the wiring closet.
3. Increased performance
VLANs free up bandwith by limited node-to-node and broadcast traffic throughout the network.
4. Better use of server resources
With a VLAN-enabled adapter, a server can be a member of multiple VLANs. This reduces the need to route traffic to and from the server.
5. Enhanced network security
VLANs create virtual boundaries that can only be crossed through a router. So standard router-based security measures can be used to restrict access to each VLAN as required.
How to configure VLANs in your cloud hosting provider
A good cloud hosting provider should provide options for configuring VLANs on your instances.
For example, Linode has good documentation on VLAN: https://www.linode.com/docs/guides/getting-started-with-vlans/
In the case of my Linode instance, I am able to configure up to 2 VLANs:
You can specify the IP address manually for each Linode VLAN.
Which also means that it is also possible to have 2 duplicate IP addresses within a VLAN, since Linode’s management console does not auto detect conflicting IP addresses.
It is entirely up to your judgement, as the network administrator, to manage and assign IP addresses for your VLAN to function properly.
Note that Linode allows VLANs to be attached to other Linodes in the same data center. So, be sure to select the correct datacenter right before deploying your Linodes to avoid the migration headache in the future event of merging to the same VLAN.
