Benefits of VLAN

Three benefits of implementing VLANs:

  1. A higher level of network security can be reached by separating sensitive data traffic from other
    network traffic.
  2. A more efficient use of bandwidth can be achieved allowing many logical networks to use the same network infrastructure.
  3. Broadcast storms can be mitigated by increasing the number of broadcast domains, thus reducing their size.


Types of Vlan:

VlAN 1 i s the default VLAN can not be deleted , renamed.

VLAN 2-1001 can be added, modified or removed for Ethernet. ( 1000 VLANs, so easy to remember)
VLAN 1002 – 1005 are for FDDI and Token Ring, can not be deleted or used for Ethernet.

Data VLAN(User VLAN)

Used for user-generated traffic. A VLAN carrying voice or management traffic would not be part of a data VLAN. It is common practice to separate voice and management traffic from data traffic. Data VLANs are used to separate the network into groups of users or devices.

Voice VLAN:

  • Assured bandwidth to ensure voice quality
  • Transmission priority over other types of network traffic
  • Ability to be routed around congested areas on the network
  • Delay of less than 150 ms across the network

Default VLAN

All switch ports become a part of the default VLAN after the initial boot up of a switch loading the default configuration.The default VLAN for Cisco switches is VLAN 1.

VLAN 1 has all the features of any VLAN, except it cannot be renamed or deleted. By default, all Layer 2 control traffic is associated with VLAN 1.

Native VLAN

A native VLAN is assigned to an 802.1Q trunk port. Trunk ports are the links between switches that support the transmission of traffic associated with more than one VLAN. An 802.1Q trunk port supports traffic coming from many VLANs (tagged traffic), as well as traffic that does not come from a VLAN (untagged traffic).

The 802.1Q trunk port places untagged traffic on the native VLAN, which by default is VLAN 1. Note that, it is not unknown traffic.

Native VLANs are defined in the IEEE 802.1Q specification to maintain backward compatibility with untagged traffic common to legacy LAN scenarios. A native VLAN serves as a common identifier on opposite ends of a trunk link.

It is a best practice to configure the native VLAN as an unused VLAN, distinct from VLAN 1 and other VLANs. In fact, it is not unusual to dedicate a fixed VLAN to serve the role of the native VLAN for all trunk ports in the switched domain.

Management VLAN

A management VLAN is any VLAN configured to access the management capabilities of a switch. VLAN 1 is the management VLAN by default. To create the management VLAN, the switch virtual interface (SVI) of that VLAN is assigned an IP address and subnet mask, allowing the switch to be managed via HTTP, Telnet, SSH, or SNMP. Because the out-of-the-box configuration of a Cisco switch has VLAN 1 as the default VLAN, VLAN 1 would be a bad choice for the management VLAN.

Create a VLAN

s1#conf t

s1(config)#vlan vlan_id

s1(config-vlan)#name vlan_name


Assign a interface or multiple interfaces to a vlan:

s1(config)#interface interface_id   or interface range start_interface_name end_interface_name

s1(config-if)#switchport mode access

s1(config-if)#switchport access vlan vlan_id