Introduction to Network Switching
In modern corporate networks, simply connecting all computers to the same physical switch can cause serious security and performance problems.
What is a VLAN
A Virtual Local Area Network (VLAN) allows you to segment a single physical switch infrastructure into multiple separate logical networks.
Devices belonging to different VLANs cannot communicate with each other at level 2, improving overall security.
This segmentation drastically reduces the propagation of broadcast traffic, preserving precious overall bandwidth.
Access Ports and Trunk Ports
The configuration of switch ports is mainly divided into two distinct operating modes.
Access ports (Access Ports) connect terminal devices (PCs, printers) and rigidly belong to only one VLAN.
Trunk ports connect switches to each other or to a router, simultaneously transporting traffic belonging to multiple different VLANs.
To distinguish packets belonging to different VLANs on a Trunk, the international IEEE 802.1Q tagging standard is used.
Inter-VLAN Routing
Since VLANs separate traffic at level 2, it is essential to introduce a level 3 device to make them communicate with each other.
This communication, called Inter-VLAN Routing, can be implemented through Layer 3 switches or with the Router-on-a-stick configuration.
The Spanning Tree Protocol (STP)
To prevent complete interruption due to physical loops caused by redundant connections, switches use the Spanning Tree Protocol.
STP logically disables redundant ports, reactivating them instantly in failover mode if a primary link stops working.
Conclusions
The strategic use of VLANs, trunking, and STP protocols constitutes the foundation for designing secure and efficient corporate local networks.