Subnet vs. VLAN

Posted on 2006-03-21
Last Modified: 2008-03-06
I have a fairly large lan that is spread out geographicalls via wireless links as well as hardwired to offices.  Current there is a single /24 subnet and i am considering using VLANs to contain broadcast traffic on the network.  My questions is, If i were to further subnet that /24 network into serveral smaller networks, shouldnt that accomplish the same as a VLAN with respect to broadcasts?
Question by:andreacadia
    LVL 7

    Accepted Solution


    The only way subnets contain broadcast traffic is if routers connect them to each other. The routers drop the broadcasts. Setting it up as smaller networks will force traffic to the router between the subnets, but the single vlan will mean that the switches will pass every broadcast to all ports in the vlan. Splitting the network with VLANS will mean that your switches will not pass broadcasts from one VLAN to another, and bring down the background "noise" of your network.

    VLANs aren't that hard to implement. Dig in and you'll get more benefits for your network.

    Good luck!

    Author Comment

    Would be the outcome be the same if i used a single subnet with multiple VLANs or made each vlan a differnet network?
    LVL 7

    Expert Comment

    each VLAN needs to be a different network - a VLAN is just a subnet, just implemented on a group of switches...

    a traditional subnet would be all ports on a switch, then connected to other switches, then connected to a router. the router would mark the edge of the subnet, then be connected to another switch which would be another network.

    a VLAN allows you to do this using one or a few switches - managed switches - by setting up some ports in one network/subnet/VLAN, and other portsd in another network/subnet/VLAN. even though there are multiple subnets on one switch, the switch keeps all traffic on the subnet that originated it and lets the router take all traffic between subnets.

    there's an ok article on this here:


    Author Comment

    For clarification...If i need 3 VLANs to use the same internet gateway and require inter VLAN commmunication tthen each VLAN must have its own:

    - direct connect to interface on the router
    - each vlan on a different subnet

    Plus i would then have to configure my router to route the inter VLAN traffic?  I will be using cisco equipment to accomplish this so any reference to that would help.
    LVL 7

    Expert Comment


    imagine you have internet gateway, part of vlan 1 (, vlan 2 (, and vlan 3 (

    you could have one cisco router that has 3 ethernet interfaces, one interface, a second, and the third

    the router would have a physical connection to a port on your switch assigned to that specific vlan. you would configure your switch with commands on the individual interfaces as such:

    interface fastethernet 0/1
      switchport mode access
      switchport access vlan 1

    interface fastethernet 0/2
      switchport mode access
      switchport access vlan 2

    interface fastethernet 0/3
      switchport mode access
      switchport access vlan 3

    and so on... depending on which device you put in which subnet/vlan.

    you would also have to tell the switch you had more than one vlan - this command differs by switch model

    This is the simplest case. If you have more than one switch, you would need to either keep all vlan ports to one switch (switch one is vlan 1, switch 2 is vlan 2...) or configure a vlan trunk port on the connection between switches:

    interface fastethernet 0/24
      switchport trunk encapsulation dot1q
      switchport mode trunk

    you could also use one connection to your router from one switch and put all 3 vlans on that connection using a trunk on the switch and subinterfaces on the router

    interface fastethernet 0/0
      no ip address
    interface fastethernet 0/0.1
      encapsulation dot1q 1 native
      ip address
    interface fastethernet 0/0.2
      encapsulation dot1q 2
      ip address
    interface fastethernet 0/0.3
      encapsulation dot1q 3
      ip address

    Cisco article:


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    What Should I Do With This Threat Intelligence?

    Are you wondering if you actually need threat intelligence? The answer is yes. We explain the basics for creating useful threat intelligence.

    Problem Description:   Couple of months ago we upgraded the ADSL line at our branch office from Home to Business line. The purpose of transforming the service to have static public IP’s. We were in need for public IP’s to publish our web resour…
    Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    12 Experts available now in Live!

    Get 1:1 Help Now