Virtual LAN local area network - Learn Tech From Zero

2.4 Explain common network configuration concept

📘CompTIA A+ Core 1 (220-1201)

1. What Is a VLAN?

A VLAN (Virtual Local Area Network) is a logical network created inside a physical network.

A physical LAN is based on cables, switches, and devices
A VLAN groups devices by configuration, not by physical location

Devices in the same VLAN:

Can communicate directly with each other
Are logically separated from devices in other VLANs

Even if devices are connected to the same switch, they cannot communicate unless they are in the same VLAN.

2. Why VLANs Are Used (Exam Focus)

VLANs are used to:

1. Improve Security

Devices in different VLANs cannot see each other
Sensitive systems (e.g., servers) can be isolated

2. Reduce Network Traffic

Broadcast traffic stays inside the VLAN
Improves performance and reduces congestion

3. Better Network Organization

Devices are grouped by function, not location
Easier to manage large networks

4. Simplify Network Management

Moves and changes are done by configuration
No need to re-cable devices

3. VLANs vs Physical LANs (Important for Exam)

Feature	Physical LAN	VLAN
Based on	Physical cabling	Logical configuration
Flexibility	Low	High
Security	Limited	Stronger
Broadcast control	Poor	Controlled
Exam relevance	Basic	Very important

4. How VLANs Work

VLANs work at Layer 2 (Data Link layer) of the OSI model.

Switch ports are assigned to VLANs
Each VLAN acts as a separate network
Devices in different VLANs:
- Cannot communicate without routing

5. VLAN ID (Very Important for Exam)

Each VLAN has a VLAN ID (VID).

VLAN IDs range from 1 to 4094
Used to identify VLAN traffic

Common VLAN IDs:

VLAN 1 → Default VLAN (all ports initially)
VLAN 10, 20, 30 → Commonly used for segmentation

6. Access Ports vs Trunk Ports (High Exam Value)

Access Port

Carries traffic for one VLAN only
Used for end devices:
- PCs
- Printers
- IP phones

Exam keyword: Single VLAN

Trunk Port

Carries traffic for multiple VLANs
Used between:
- Switch to switch
- Switch to router
- Switch to firewall

Exam keyword: Multiple VLANs

7. VLAN Tagging (802.1Q)

When traffic passes through a trunk port, it must be tagged.

IEEE 802.1Q

Industry standard for VLAN tagging
Adds a VLAN tag to Ethernet frames
Identifies which VLAN the traffic belongs to

Access ports → Untagged traffic
Trunk ports → Tagged traffic

8. Native VLAN (Exam Concept)

The native VLAN carries untagged traffic on a trunk port
By default, the native VLAN is VLAN 1
Best practice:
- Change native VLAN for security

9. VLAN and Broadcast Domains

Each VLAN is a separate broadcast domain.

Broadcasts stay inside the VLAN
Broadcasts do NOT cross VLAN boundaries

This:

Improves performance
Limits unnecessary traffic

10. VLAN Communication (Inter-VLAN Routing)

Devices in different VLANs cannot communicate directly.

To allow communication, you need:

A router
Or a Layer 3 switch

This process is called Inter-VLAN Routing.

11. VLANs in an IT Environment (No Analogies)

In a typical IT setup:

Workstations are placed in one VLAN
Servers are placed in another VLAN
Guest systems are placed in a separate VLAN
Network devices are placed in a management VLAN

This improves:

Security
Performance
Network control

12. VLANs and IP Addressing

Each VLAN usually has:

Its own IP subnet
Its own default gateway

Example:

VLAN 10 → 192.168.10.0/24
VLAN 20 → 192.168.20.0/24

13. Common VLAN Terms You MUST Know for the Exam

VLAN
VLAN ID
Access port
Trunk port
802.1Q
Native VLAN
Broadcast domain
Inter-VLAN routing

14. Common Exam Scenarios

You may see questions like:

Why devices cannot communicate on the same switch
How to separate departments securely
How to reduce broadcast traffic
Which port type supports multiple VLANs
What protocol is used for VLAN tagging

15. Key Exam Takeaways (Memorize)

✔ VLANs logically separate networks
✔ VLANs improve security and performance
✔ VLANs operate at Layer 2
✔ Trunk ports carry multiple VLANs
✔ 802.1Q is the VLAN tagging standard
✔ Inter-VLAN routing requires a router or Layer 3 switch