Apart from dramatically reducing the impact of broadcast traffic, VLANs can be created for a number of other reasons. If you had PCs and Workstations within the local network and also VoIP phones, it might be sensible to want to associate the VoIP with each other. The phones are unlikely to need to send broadcast traffic to the PCs or Workstations or Vice Versa. Another scenario might be to allocate VLANs according to a corporate department such as HR, Engineering, Sales or Marketing. The important thing to remember is that each VLAN created must have member devices configured to be in the same IP Subnet, so a simple rule is one VLAN, one IP Subnet.
In order to allow VLANs to span multiple switches, we need to have a method of identifying traffic that moves from switch to switch by some unique method if the receiving switch is to maintain VLAN consistency. We do this by forming trunk connections between the switches that use a VLAN tagging method. The most common standard for tagging VLAN traffic is IEEE 802.1q which must be configured on all switch trunk links where VLANs are to be used.
When the switch is to forward traffic across a trunk to a neighbour switch it determines the port it originated on and writes an IEEE 802.1q tag into the Ethernet frame identifying its VLAN number before forwarding the frame. The switch that received the frame can read the VLAN tag and therefore ensure that traffic is only forwarded out of ports that are in the same VLAN. It is worth bearing in mind that the Ethernet switch that delivers the traffic out of the destination access port first removes the VLAN tag so the client device only receives the raw frame. A trunk link can carry Ethernet frames for all VLANs that have been configured in the network.
The actual VLAN tag is a 4-byte addition to the frame which replaces the 2-byte LLC header or type field. The first two bytes are an Ethernet Type field and the following two bytes constitute the VLAN tag number and 3 bits that provide for Class of Service (CoS) marking. The VLAN number is derived from 12 bits of these two bytes which allows for a maximum number of 4096 VLAN IDs.
Because the IP Addressing in each VLAN is restricted to a unique IP Subnet, in order to have inter-vlan communications, a layer 3 device such as a router or layer 3 switch is needed to provide the inter-vlan routing function.
VLANs are discussed on a number of our Training Courses.