Different types of VLANS and its use

Introduction to VLANs:

VLANs (Virtual Local Area Networks) provide a way to logically segment a network, improving security, manageability, and performance. Cisco devices offer various types of VLANs, including Private VLANs and Isolated VLANs. In this article, we will explore these VLAN types and the commands to configure them on Cisco devices.

1. Private VLANs (PVLANs): Private VLANs are used to further divide VLANs into subsegments, allowing for more granular control over communication between devices within the same VLAN. PVLANs consist of three primary components:

• Primary VLAN: This VLAN contains the main ports and communicates with other VLANs.
• Isolated VLAN: Isolated VLANs allow communication only with the Primary VLAN but not with other Isolated VLANs. This provides isolation between devices within the same VLAN.
• Community VLAN: Community VLANs allow communication between ports within the same Community VLAN, as well as with the Primary VLAN.

Commands to Configure Private VLANs:

Step 1: Create the Primary VLAN:

Switch(config)# vlan VLAN_ID
Switch(config-vlan)# private-vlan primary

Step 2: Create the Isolated VLAN:

Switch(config)# vlan VLAN_ID
Switch(config-vlan)# private-vlan isolated

Step 3: Create the Community VLAN:

Switch(config)# vlan VLAN_ID
Switch(config-vlan)# private-vlan community

Step 4: Associate Ports with the VLANs:

Switch(config)# interface INTERFACE_NAME
Switch(config-if)# switchport mode private-vlan {host | promiscuous}
Switch(config-if)# switchport private-vlan host-association PRIMARY_VLAN_ID [ISOLATED_VLAN_ID] [COMMUNITY_VLAN_RANGE]

2. Isolated VLANs: Isolated VLANs are used to restrict communication between devices within the same VLAN. Isolated VLANs are often employed in scenarios where you want to isolate sensitive devices or prevent direct communication between devices within a VLAN.

Commands to Configure Isolated VLANs:

Step 1: Create the VLAN:

Switch(config)# vlan VLAN_ID

Step 2: Assign Ports to the VLAN:

Switch(config)# interface INTERFACE_NAME
Switch(config-if)# switchport access vlan VLAN_ID

Conclusion: Private VLANs and Isolated VLANs offer enhanced control and isolation within VLANs. By configuring these VLAN types on Cisco devices, network administrators can strengthen security and improve network performance. The provided commands serve as a guide, but it’s important to refer to official Cisco documentation or seek professional guidance for specific device models and software versions. Understanding and implementing these VLAN types can greatly enhance network management and security in complex network environments.

 

VLANS are also differentiate based on traffic:

1. Default VLAN (VLAN 1):
   • All switch ports are assigned to the default VLAN by default.
   • It is recommended to create and use a separate VLAN instead of the default VLAN for security reasons.
2. Data VLANs:
   • Used for regular data traffic.
   • Segments user devices into different logical networks based on department, location, or function.
3. Management VLAN:
   • Dedicated VLAN for managing network devices (e.g., switches, routers).
   • Isolates management traffic from user data traffic, enhancing security and control.
4. Voice VLAN:
   • Designed to carry voice traffic for VoIP (Voice over IP) phones.
   • Provides Quality of Service (QoS) and prioritization for voice traffic.
5. Native VLAN:
   • Used for untagged frames on a trunk link.
   • It is essential to ensure consistency between the native VLAN configuration on both ends of a trunk link.