What are the actual differences between subnets and VLANs

Other than one being L2 and the other L3.
It seems to me that the results of subnetting and the results of a VLAN are the same. Can someone please explain the difference between the two results.
Thank you
Steven Carnahan

Short answer:

Subnet is assigning IP address to separate computers:  10.2.2.x from 10.2.3.x subnet

VLAN is assigning connections to separate networks:  Gi1/1 = VLAN 1, Gi1/2 = VLAN 2

There are more involved explanations.
vlans separate devices into logical broadcast domains. So broadcast can not pass between vlans. So devices in vlan1 will not see broadcast messages coming out of vlan2 or any network traffic for that matter. VLAN membership is determined at the switch port level and IPs do not play any part in this decision.

With subnets broadcast are still seen by all devices within the network but devices just can not communicate with each other since they reside on different subnets via IP. Subnet are determined by the mask being used ( or the mask determines which IP addresses that device can communicate with.

Usually with proper design techniques you create a separate subnet per vlan. But this is not required.

For both vlans and subnets in order to communicate between different vlans/subnets you must either use routing or a router/multi-layer switch.

Hope this helps


I need more clarification. I understand how the two differ as far as implementation, it is the results of the two that I can differentiate between.
Can you elaborate on this ..."subnets broadcast are still seen by all devices within the network but devices just can not communicate with each other"
Steven Carnahan

"Can you elaborate on this ..."

lets say you have two subnets on the same network and

If a device in the first one sends a broadcast message out it will go to any device on the network no matter what IP address is configured. So all devices willl need to proccess the broadcast to see if they need to act on it. This is usually done with discovery type communications such as ARP

With vlans the same broadcast would go out but the switch would only allow those broadcast to be sent out ports that are members of that vlan.


Great thank you both.

