Solved

VLANs and LANs - a simple model for comment

Posted on 2013-11-22
17
242 Views
Last Modified: 2013-11-24
A follow on from http://www.experts-exchange.com/Hardware/Networking_Hardware/Q_28294473.html#a39668963

In my simple-minded way of thinking of it before all the equipment details get brought in:

-  a LAN is a bunch of copper (or other) cables connected together in some fairly physical way.  So, this could include switches.  But IP addresses or even MAC addresses have nothing to do with it .. so far.  If you dispute the use of the term "LAN" here that's OK but then I don't have a "label" for this.  What would you call it then?

- Just to be complete, one might have multiple physical LANs like this in the same site.  In fact, this is common in apartment houses, etc.  I have my LAN and gateway, you have yours, etc.  all on separate LANs.

- a VLAN, at its most basic level, is the same as a LAN but it's implemented within a switch in such a way that the switch ports are separated into different things that each look like a LAN for all intents and purposes.  It rather splits the switch up as if there were multiple switches, each connected in their own LAN.  Think of a bunch of 8-port switches taped together and each one plugged into a different set of cables / LANs.
So, the notion of a VLAN is handy if one has large switches and intends to have multiple LANs that can be supported by a single switch.

Note that I have not said "subnet" anywhere here.  In fact, multiple subnets can operate together on a single LAN.  The copper doesn't care.  Whether isolation is a question but the subnets can communicate fine unto themselves.

Two areas remain (perhaps there are more than two):
- if there are going to be multiple switches handling the same VLANs then capabilities like tagging and trunking are helpful.
- Routing between the VLANs is either needed or it isn't.  Routing VLANs to a single internet gateway is almost always needed.  And this is where IP addresses on ports come in, right?
So, these latter things become items of discussion and howtos.

Is this OK so far?  Comments?
0
Comment
Question by:Fred Marshall
  • 4
  • 3
  • 3
  • +3
17 Comments
 
LVL 3

Expert Comment

by:RKnebel512
ID: 39669876
It is hard to get into this discussion without the use of subnets, since the terms LAN and VLAN are usually defined in terms of broadcast domains.  But with a veto on the word subnet, I would say that your understanding is pretty accurate.

The point I would make is that, above, you say that "multiple subnets can operate together on a single LAN".  I think that when you cross the subnet line, you require a router and that point, you are going over WAN.  a router really is the point where a LAN stops.

The exception, I would say, is VLANs which can break up a LAN into separate subnets, but as the name suggests (Virtual LAN), a switch is still treating these as separate LANs.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39669971
Let's break this down in lay man's terms.

LAN = Local Area Network
VLAN  = Virtual Local Area Network

The difference between the 2 is one involves direct physical connections while the other is virtual (imaginary).

Notice the word "Local" in the definition compared to WAN

Now consider WLAN - Wireless Local Area Network

Local just means locally managed, or locally available.

A subnet is in itself a LAN. A LAN can either be physical or virtual. Virtual LANs give us the flexibility of running multiple subnets over the same physical topology. VLAN itself is not a magical term as it sounds.

Communication between subnets (interchangeably referred to as VLAN) definitely REQUIRES a route between them for connectivity.

Imagine Facebook,
Facebook is a Wide Area Network of people but people create their own niche of friends, in other words, Local Area Network of friends. There is no physical connection between friends on Facebook and that makes it virtual. Meaning, Facebook is a VWAN comprising of multiple VLANs.

I hope my breakdown of VLAN is clear enough. Many people perceive it's a terminology that refers to compartmentalizations on a switch which is true in a sense but it is more than that.
0
 
LVL 50

Accepted Solution

by:
Don Johnston earned 167 total points
ID: 39670025
Is this OK so far?  Comments?
I would agree with your comments/understanding without exception.
0
 
LVL 12

Assisted Solution

by:Infamus
Infamus earned 84 total points
ID: 39670234
I would agree with your comments/understanding without exception.

I second that...
0
 
LVL 25

Author Comment

by:Fred Marshall
ID: 39670897
A subnet is in itself a LAN. A LAN can either be physical or virtual. Virtual LANs give us the flexibility of running multiple subnets over the same physical topology. VLAN itself is not a magical term as it sounds.

Well, I tried to be clear in the "model" that a subnet is not a LAN.  And, a LAN is not a subnet.  A LAN can carry a subnet.  A subnet requires a LAN but doesn't dominate one of them necessarily - even though it usually does.

I don't see how a subnet can be a "LAN".  One is a physical medium and the other is an addressing scheme.  They can coexist, usually do.  But they aren't the same thing.

VLANs must be separated over some physical topology to make sense.  For example, switch ports and their associated cables are often separated re: LANs/VLANs.  ... trunking aside.  That they are usually associated with subnets is true but not important here.  

I don't think I alluded to any magic whatsoever.  Actually the motivation is the opposite.

Would it help if at times we referred to "virtual physical LANs"?  That's what a VLAN is after all isn't it?  And that distinction only *within* a switch and with its ports.  So, if one switch port is assigned to VLAN1 and another switch port is assigned to VLAN2, they are separated, thus "virtual" as they live within the same switch.  In the simplest implementation, their cables are no different than any LAN(s).

Still OK?
0
 
LVL 3

Expert Comment

by:RKnebel512
ID: 39671427
I just can't think of an example with a LAN that has more than one subnet in it.  Two subnets have to be physically separated by a router (making them different LANs) or logically separated by VLANs (making them different Virtual LANs).

A LAN may be physical, whereas a subnet is logical, but the logical addressing scheme describes the physical medium.  A subnet is the logical representation of the physical medium.

A hint to this is in the name VLAN.  It is a Virtual LAN.  In order to split up a LAN into more than one subnet, we had to create more LANs.  They are logical LANs, but LANs none the same.

And to be fair, you said yourself, right above here, that "VLANs must be separated over some physical topology to make sense."  Subnets describe the physical media.  Where the LAN ends, so ends the subnet.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39671440
This is very interesting topic and I think it's because of the definition of "LAN" is different from how and who is explained to.

In general, LAN is a computer network that interconnects computers in a limited area such as a home, school, computer laboratory, or office building using network media.

In this case, a LAN can include multiple subnets as long as they are physically located locally.

But when you look at it in a technical point of view, a LAN is a subnet which resides behind a router so different subnet will be described as "LANs", NOT "LAN" and this goes for the same with the "VLANs".  

I think the answer for this "LAN" and "Subnet" discussion will be diffrent depend on how and who is looking it.

The conclusion from my humble thought is that we are all talking about the same thing but in a different point of view.
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 166 total points
ID: 39671650
I'd agree that your summarizations are 99.9% correct (You'll see why in a sec).  As Infamus quite rightly said though, it largely depends on who is looking at as to determine where the LAN boundary lies.

A network between two computers connected via crossover could be considered a LAN, just as a 1500-node multi-floored network in a college could be, even if it was formed by parts of smaller sub-networks in different buildings, all connnected together.

It's easy so separate the logical parts of this.  There, we've just done it.  Physical is the hardware which puts it all together.  Logical is the configuration or 'soft' stuff which is programmed into the hardware.

The bit I'm a bit confused by with regard to how you mean it is:
Routing VLANs to a single internet gateway is almost always needed.  And this is where IP addresses on ports come in, right?
I'm ok with the first sentence, but the second is open to interpretation I suppose, but that would lead me to think you're referring to NAT?  Actually though, what the statement looks like is not NAT, but rather PAT and that leads me to think about inbound port translation, not outbound internet connectivity.  Perhaps I'm just reading too far into it?

If you use traditional NAT you would translate all ports from one IP address to another, so no ports are specified.  The port from one IP address would be the same port when translated to an address at the router - just the IP address is changed.
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 25

Author Comment

by:Fred Marshall
ID: 39671841
craigbeck:  Yep.  The first word in the quote is "routing".  NAT is an example although I wasn't thinking of it when I wrote that.... Routes between LANs without NAT would also be included.
Example: default route to subnet with gateway>gateway.  Other routes between VLANs as needed/desired.  I'm more interested here in definitions than implementation details.  

Aren't smaller subnets in different buildings LANs unto themselves?  Now, whether they are "virtual" or not depends on how some central switch is set up.  And, that's the only example I can think of really.
0
 
LVL 50

Assisted Solution

by:Don Johnston
Don Johnston earned 167 total points
ID: 39671848
Here's my take on what's going on: I think that you're trying to get a hard and fast, absolute definition (or wanting to confirm your knowledge of something based on a definition) that simply doesn't exist.

Unfortunately, that doesn't always exist in this field. For example, just to use some of the terms that have been tossed about here.

Subnet. Earlier you mentioned that subnets are usually associated with LANs. What if the IP network 199.1.2.0/24 is associated with the LAN? 199 is a class C address and in this case it's not subnetted. Which means that it's not really a subnet, right?  So the statement that a subnet is associated with a LAN would be incorrect. In that case it's a network that's associated with the LAN.

So let's look at "LAN". Local Area Network. How local is the area? Is it a geographic term. Distance? And what about "network"? If you ask a dozen people to define "LAN", you could get 12 different (and all correct) definitions.  And once you add the "V" word (virtual) to a term, you'll now get 24 definitions from 12 people.

The point that I'm trying to make is that I think you have a solid understanding of the topic. But trying to get an absolute, carved in granite, immutable response to what is a ___, is kind of like driving with the car on jacks. At the end of a long the day of driving, you'll still be in the same place.
0
 
LVL 45

Assisted Solution

by:Craig Beck
Craig Beck earned 166 total points
ID: 39671852
Aren't smaller subnets in different buildings LANs unto themselves?  Now, whether they are "virtual" or not depends on how some central switch is set up.  And, that's the only example I can think of really.
Well, there could be lots of 'subnets' in a group of buildings, but that was something you were trying to avoid wasn't it - the subnet issue?

I was trying to say that a PC-PC connection could be called a LAN in its own right, as well as a LAN cross-campus, for example.
0
 
LVL 25

Author Comment

by:Fred Marshall
ID: 39671862
craigbeck:
I agree with everything you've said here.
I *was* trying to avoid the subnet issue indeed.  
But I thought you had implied LANs by what you said.

In general, I think a "subnet" implies a LAN.  Although it need not be that way, it usually is.  Thus the implication.
0
 
LVL 12

Expert Comment

by:Infamus
ID: 39671864
So let's look at "LAN". Local Area Network. How local is the area? Is it a geographic term. Distance? And what about "network"? If you ask a dozen people to define "LAN", you could get 12 different (and all correct) definitions.  And once you add the "V" word (virtual) to a term, you'll now get 24 definitions from 12 people.

Exactly!!!
0
 
LVL 3

Assisted Solution

by:RKnebel512
RKnebel512 earned 83 total points
ID: 39671866
@donjohnston - I have been using the term subnet to make sure people know I am talking about a network address as opposed to a more general interpretation of the word "network".  And even a class C can be considered a subnet of the 0.0.0.0/0 entirety of the IP addressing scheme.  But, yes, you are right.  I agree that a network is associated with each LAN.

And I think you're also right that ironing out a unanimous definition is about as attainable as the silver unicorn.  As Infamus said above, "it will be different depending on how and who is looking it."

Nice discussion though.  Good to think about these things every now and then.
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 39672174
To further explain this in lay man's terms as it looks like the author may be viewing this a little too technically.

A good philosophy is "Keep It Simple"

Networking was born when Xerox came up with a way of transferring data from one point to another. The first basic network is legwork (snicker net - may only be familiar if you started networking in the early 90s like me or earlier), where someone would basically take a file and walk to another office with it

In the early stage of networking, we did not have the kind of technology we have now and categorizing networks into LAN and WAN made a lot of sense, one is local to you and one requires WAN links.

As Craigbeck stated, what you consider LAN is totally subjective and up to you depending on what you think is local. It is possible to have a local network between 2 cities if you use Ethernet hand off technology. I won't go further into that to avoid confusion.

To be clear, a phone conversation between you and your friend across the city is networking just as a phone conversation with your friend across the country or continent is.

Is your area network wide or local?

Honestly, I don't know how to break this down any further and I hope you grasped my point.

Most terminologies in networking are English words. A dictionary definition of those words most of the time will tell you what the terminology means. Eg Router, Switch, Access List, Access Point, Internet Protocol Address etc

There is no magic associated with them, in terms of functionality. How you configure them may require deeper understanding though.

I hope this helps
0
 
LVL 25

Author Comment

by:Fred Marshall
ID: 39672208
This has been helpful for me.  I think we can close it now.
I wonder if some understand that you can run multiple subnets over the same copper LAN?
Unless you snoop, there's no interaction.  It just works.  That's one reason to keep definitions straight.
I don't think that "local" is too great an impediment in understanding how things work.
0
 
LVL 50

Expert Comment

by:Don Johnston
ID: 39672456
Fmarshall,

While it's definitely not typical, multi-netting definitely does come in handy sometimes.
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Change management best practice 2 78
vm nic duplex 1 46
NIC card with 2 RJ45 ports doesnt detect second port 1 31
HSRP needed? 4 31
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now