A Local Area Network (LAN) can generally be defined as a broadcast domain. A broadcast domain includes a set of all devices operating in a portion of a network that will receive broadcast frames (frames directed to all devices in the set) originating from any device within the set. Certain types of network devices, including hubs, bridges, or switches, operating in the same physical LAN segment(s) of the network, can connect all end node devices within the segment(s). Consequently, end nodes can communicate with each other within the physical LAN segment(s) without the need for a router. Communication with devices on other LAN segments in the network requires the use of a router.
As networks expand, additional routers can be used to address bandwidth concerns, separate users into different broadcast (and collision) domains, and provide connectivity to other LANs in the network. Separating users into different broadcast domains can be useful, as broadcast requests can add a significant amount of traffic to the network that is “heard” by all nodes in the network. As this network grows, the broadcast traffic has the potential impact of flooding the network and making it essentially unusable.
Routers operate at the network level (Layer 3) of the Open System Interconnection (OSI) reference model. Routers use information included in a data packet, used to carry information, to determine destinations and route the information to the appropriate end node. The routing process can add latency that can delay the transmission of the information to the end node.
Bridges operate at the data link layer (Layer 2) of the OSI model, and typically add less latency than routers. Generally, a bridge can segment a LAN by filtering or forwarding an incoming frame based on a media access control (MAC) address of the frame. A bridged network operates as a single broadcast domain, resulting in any broadcast requests being sent to all ports within the bridged network. Consequently, bridges can be utilized to solve bandwidth problems but cannot be used to create separate broadcast domains.
Switches also operate at the data link layer (Layer 2) of the OSI model, and also typically add less latency than do routers. Generally, switches operate similar to bridges, but can be logically partitioned into separate broadcast domains called Virtual LANs, or VLANs. This logical partitioning can be used to limit the scope of broadcast requests to the individual VLANs themselves. VLANs can be viewed as a group of devices, perhaps on different physical LAN segments, that can communicate with each other as if they were all on the same physical LAN segment.
Using switches to logically partition a LAN segment into VLANs (having separate broadcast domains) not only adds less latency than adding a router to divide the LAN segment, but often provides a more cost-effective solution as well. In addition, VLANs can be used to group end users based on traffic patterns, irrespective of physical location, e.g., to optimize bandwidth utilization in the network or to address security concerns by limiting the scope of broadcast transmissions. Because each VLAN broadcast domain is considered a separate subnet, a single router is still required to exchange information between the VLANs. Typically, the router interface is a member of all of the VLANs between which it routes information.
When a switch is configured to logically partition a LAN segment into a VLAN, the VLAN is assigned an identifier, commonly referred to as a VLAN identifier. The assigned VLAN identifiers are not guaranteed to be unique across all broadcast domains. Accordingly, when VLAN information is collected for resolving network connectivity, the information cannot be readily used to distinguish among VLANs having the same VLAN identifier, but operating on separate broadcast domains. Consequently, all devices included in VLANs having the same VLAN identifier can be considered to be part of the same VLAN, even though all of the devices may not be logically partitioned into the same broadcast domain.