A virtual LAN, commonly known as a VLAN, is a logically segmented network mapped over physical hardware. IEEE 802.1Q is the predominant protocol. Prior to this, Cisco was one of many companies which had a proprietary protocol: in Cisco's case, a variant of IEEE 802.10 called Inter-Switch Link (ISL).

Early VLANs were often configured to reduce the size of the collision domain in a large single Ethernet segment to improve performance. When Ethernet switches made this a non-issue (because they have no collision domain), attention turned to reducing the size of the broadcast domain at the MAC layer. Another purpose of a virtual network is to restrict access to network resources without regard to physical topology of the network, although the strength of this method is debatable.

Virtual LANs operate at layer 2 of the OSI model. However, a VLAN is often configured to map directly to an IP network, or subnet, which gives the appearance it is involved in layer 3.

Switch to switch links and switch to router links are called trunks. A router serves as the backbone for traffic going across different VLANs.

VLANs can be configured in various ways;

• Protocol level, IP, IPX, LAT, etc
• MAC address based.
• IP subnet based.
• Port based, and therefore real world based, say by accounting versus marketing departments.

VLANs can be static, dynamic, or port-centric and there are two methods of establishing a VLAN: frame-tagging and frame-filtering.

External links

• IEEE's 802.1Q standard (http://standards.ieee.org/getieee802/download/802.1Q-1998.pdf)
• Cisco's Virtual LAN Communications white paper (http://www.cisco.com/warp/public/cc/pd/wr2k/cpbn/tech/vlan_wp.htm)
• Cisco's Bridging Between IEEE 802.1Q VLANs white paper (http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t3/dtbridge.htm)