HP-UX VLAN Administrator's Guide, February 2007
Figure 1-1 VLANs: Physical Versus Logical View
End
Users
Servers
Switches
Router
LAN 2
Marketing VLAN
Engineering VLAN
Manufacturing VLAN
Router
Physical View
Logical View
Internetwork
Internetwork
VLANs isolate broadcast and multicast traffic by determining which destinations receive that
traffic, thereby making better use of switch and end-station resources. With VLANs, broadcasts
and multicasts go only to the intended nodes in the virtual LAN.
VLANs create broadcast domains using switches instead of routers. VLANs in some environments
might reduce the number of routers needed (and their latency).
This concept is different from a traditional (physical) LAN in that a LAN is limited by its physical
connectivity. All users in a LAN belong to a single broadcast domain and can communicate with
each other at the Data Link Layer, or “Layer 2.”
As shown in Figure 1-2 you can use VLANs to create multiple independent broadcast domains
across switches. The figure highlights the following:
• All switches are interconnected. However, three different broadcast domains (VLANs) are
on the network. Physical isolation is not required to define broadcast domains. If the figure
was of a traditional LAN with VLAN-unaware switches, all stations would belong to one
broadcast domain.
• All switch ports can communicate with each other at the Data Link Layer if they become
members of the same VLAN.
• The physical location of an end station does not define its LAN boundary.
— An end station can be physically moved from one switch port to another without losing
its “view of the network” (that is, the set of stations it can communicate with at the Data
Link Layer remains the same), if its VLAN membership is also migrated from port to
port.
— By reconfiguring the VLAN membership of the switch port an end station is attached
to, you can change the network view of the end station easily, without requiring a
physical move from port to port.
14 Introduction