2.2 Given a scenario, configure servers to use network infrastructure services.
📘CompTIA Server+ (SK0-005)
Why VLANs Are Important
VLANs are used in IT environments for several key reasons:
- Segmentation:
They separate groups of devices to reduce unnecessary traffic. For example:- Servers for finance can be on one VLAN.
- IT management systems can be on another VLAN.
- Security:
VLANs create boundaries so that sensitive systems are isolated. For example:- HR computers and servers can be isolated from general staff.
- Guest Wi-Fi networks can be put on a separate VLAN from company systems.
- Flexibility and Scalability:
- You can move devices between VLANs without physically moving cables.
- VLANs help IT admins logically organize networks as the company grows.
- Performance:
Reduces broadcast traffic on the network. Broadcasts are messages sent to every device on the network; VLANs limit these to only devices in the same VLAN.
How VLANs Work
- VLANs operate at Layer 2 (Data Link layer) of the OSI model, which is where switches work.
- Each VLAN is assigned a VLAN ID, a number between 1 and 4094.
- Devices in the same VLAN behave as if they are on the same physical network, even if they are connected to different switches.
Example VLAN IDs:
- VLAN 10 → Finance
- VLAN 20 → IT
- VLAN 30 → HR
- VLAN 99 → Management
Types of VLANs
- Data VLAN:
- Used for normal user traffic (e.g., computers, printers).
- Voice VLAN:
- Dedicated to VoIP phones for better quality and priority.
- Management VLAN:
- Used to access and manage network devices like switches and routers.
- Example: VLAN 99 is commonly used for management.
- Default VLAN:
- Switches come with a default VLAN (usually VLAN 1).
- All ports belong to this VLAN unless reconfigured.
VLAN Configurations
There are two main ways switches handle VLAN traffic:
- Access Port:
- Connects end devices like computers or printers.
- Belongs to one VLAN only.
- Traffic from this port is untagged (VLAN ID is not sent across the network).
- Trunk Port:
- Connects switches to switches or switches to routers.
- Can carry traffic for multiple VLANs at once.
- Uses tagging protocols like IEEE 802.1Q to keep VLAN traffic separate.
VLAN Tagging
- 802.1Q tagging adds a VLAN ID to network frames so the receiving switch knows which VLAN the data belongs to.
- This is essential when multiple VLANs share a single physical link (trunk link).
Routing Between VLANs
- By default, VLANs cannot communicate with each other.
- To allow communication:
- Use a router (traditional routing).
- Use a Layer-3 switch (switch that can also route traffic).
- This process is called inter-VLAN routing.
Practical IT Examples of VLAN Use
- Data Center: Servers for web, database, and backup systems can each be in their own VLAN to reduce congestion.
- Office Networks: Staff PCs, VoIP phones, and guest Wi-Fi are placed in separate VLANs for security and efficiency.
- Remote Offices: VLANs can segment traffic across multiple switches without extra cabling, keeping departments isolated logically.
Exam Tips for VLANs
- Know that VLANs segment networks and improve security and performance.
- Remember VLANs work at Layer 2, but routing is required to connect VLANs.
- Be familiar with access ports vs trunk ports and the concept of 802.1Q tagging.
- Understand types of VLANs: Data, Voice, Management, Default.
- Know VLAN IDs range from 1 to 4094.
✅ Summary:
A VLAN is like a “virtual wall” in your network. Devices on the same VLAN can talk freely, but devices on different VLANs need routing. VLANs improve security, reduce broadcast traffic, and allow logical network organization without physical changes.
