A follow on from http://www.experts-exchange.com/Hardware/Networking_Hardware/Q_28294473.html#a39668963
In my simple-minded way of thinking of it before all the equipment details get brought in:
- a LAN is a bunch of copper (or other) cables connected together in some fairly physical way. So, this could include switches. But IP addresses or even MAC addresses have nothing to do with it .. so far. If you dispute the use of the term "LAN" here that's OK but then I don't have a "label" for this. What would you call it then?
- Just to be complete, one might have multiple physical LANs like this in the same site. In fact, this is common in apartment houses, etc. I have my LAN and gateway, you have yours, etc. all on separate LANs.
- a VLAN, at its most basic level, is the same as a LAN but it's implemented within a switch in such a way that the switch ports are separated into different things that each look like a LAN for all intents and purposes. It rather splits the switch up as if there were multiple switches, each connected in their own LAN. Think of a bunch of 8-port switches taped together and each one plugged into a different set of cables / LANs.
So, the notion of a VLAN is handy if one has large switches and intends to have multiple LANs that can be supported by a single switch.
Note that I have not said "subnet" anywhere here. In fact, multiple subnets can operate together on a single LAN. The copper doesn't care. Whether isolation is a question but the subnets can communicate fine unto themselves.
Two areas remain (perhaps there are more than two):
- if there are going to be multiple switches handling the same VLANs then capabilities like tagging and trunking are helpful.
- Routing between the VLANs is either needed or it isn't. Routing VLANs to a single internet gateway is almost always needed. And this is where IP addresses on ports come in, right?
So, these latter things become items of discussion and howtos.
Is this OK so far? Comments?