I get often asked by my friends, why do you use VLANs? If you are a network administrator you know what VLANs are, why are they are used and so on. But most people aren’t network administrators… so if you are one of those who have never heard of the term, this article is for you.

Networking means tying equipment together either via cables or wireless using radio signals, but let’s say you have a cable running into your home, and need to use that cable for two separate networks? This is where Virtual Local Area Networks, or VLANs, are used. VLANs allow you to run multiple networks over the same cable / link, and no matter what data gets over there, one network is isolated from the other.

Network A and B connected via a single link

In the illustration you can see 2 separate networks (A and B) which are both connected to a switch, and these switches to each other via a single cable. To separate the traffic between network A and B you can use VLANs.

I’m using VLANs because I have a single link between my meter cupboard (which is located in the hallway) and my server which also has a virtual machine containing an internet firewall. In addition I have a connection from the switch in the meter cupboard to a switch in the living room, which has a WiFi router, Sonos speakers, TV, and so on. Finally the internet connection’s entry point is … in the meter cupboard. So I need to route internet traffic from the meter cupboard, to my server, back to the meter cupboard, to the living room.

Physical layout

Without VLANs this would mean multiple cables and multiple switches, which is basically a mess. But with VLANs this becomes a different story. I have a VLAN which specifically routes internet traffic straight to my firewall. After passing my firewall, the firewall puts the packets on a different VLAN and routes it back onto the network. That different VLAN is connected to my living room, office and so on. That way I ensure that all internet traffic goes via my firewall to the internet and keeps my internal network secure.

The logical network

This is the problem that VLANs solve, without going into much detail. So if you have an issue that you have a WiFi router from your internet provider somewhere in the house that is too far away from your living room, or are using separate cabling for TV and Internet, there are ways to mitigate that and VLANs are the way to go.

If you want to use these, you need to have a network switch which supports it. Most new managed switches support VLANs, the official specification is IEEE802.1Q and if you’re going to shop for a new switch you might want to ensure it has this feature.

