cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[WINNERS ANNOUNCED] Community Challenge: VLAN Explained

Community Manager

MerakiCommunity-CommunityChallenge


UPDATE Mon, June 24: Congratulations to the winners! Read the announcement.

 

UPDATE Mon, June 24: Voting is closed, stay tuned for the announcement of the winners!

 

UPDATE Weds, June 19: We have been blown away by the number of entries for this challenge, all of them showing such compassion for Carl and patience in helping him understand! Because we have so many entries to consider, we're extending the voting deadline until Monday June 24th at 10:59am. So be sure take a look at all of the entries and kudo your favorites before Monday! 

 

UPDATE Mon, June 17: Submissions have ended for this challenge! Now is your time to vote. Remember, we will have two winners — one chosen by the most kudos received and one selected by our panel of Meraki judges. So cast your vote by giving kudos to your favorite entries and we'll announce both winners on Friday, June 21st at 11am PDT.


Virtual local area networks, or VLANs if you ain’t got time for that, are critical components for simplifying network deployments through segmentation. Despite their abundant merits, it can be tricky to inspire appreciation in a lay-person, say, Carl from Finance.

 

For this month’s challenge, we’re asking you to explain, in the simplest possible terms, the concept of and benefits to utilizing VLANs. Your audience, let’s carry on with Carl, is intelligent, but non-technical and completely at sea when it comes to networking. You can use whatever media, analogies, or hyperbole necessary to help Carl understand.

 

The winners will receive stylish grey Cisco Meraki backpacks:

 

426ba5fc-2e96-41b6-9502-d55325d55224.png

 

How to enter

Submit your contest entry in a comment on this blog post before 11 a.m. PDT on Monday (June 17th, 2019). Entries won’t be made public until voting starts. After you submit your entry, you’ll see a message reading “Your post will appear as soon as it is approved.”

 

How to win

Voting begins when submissions close (at 11 a.m. PDT on Monday, June 17th, 2019), and continues to the end of the work week. Voting closes at 11 a.m. PDT on Friday, June 21st, 2019.

 

We will be selecting 2 winners:

 

  1. The Community Favorite — chosen by you, our Community members. Cast your vote by giving kudos to your favorite entries. The entry with the most kudos from community members who aren't Meraki employees will win!
  2. The Meraki Favorite — a panel of experts here at Meraki will select the Meraki Favorite prize.

 

The Fine Print

  • Limit one entry per community member.
  • Submission period: Tuesday, June 11th, 2019 at 11am PDT through Monday, June 17th, 2019 at 10:59am PDT
  • Voting period: Monday, June 17th, 2019 at 11am PDT through Friday, June 21st, 2019 at 11am PDT
  • Prize will be a selection of Meraki swag with value not exceeding USD 50.00
  • Official terms, conditions, and eligibility information
138 Comments
Just browsing
VLANs are like rooms in a home. If you are having a party and everyone is trying to have a conversation in the same room, things will get very loud and information may be lost (performance decreases) in some of those conversations. However if you separate everyone into rooms (VLANs) the volume will lower and conversations become easier (performance increases) to have because you're not hearing everyone else's conversation at once. This also helps keep the conversations a little more private (security) as not every person in the home (LAN) will hear every rooms (VLANs) conversations. This can also help if you wanted to keep the children separated from the adults, you could simply lock the door (separate the VLAN) to the neighboring room and they wouldn't be able to hear the adult's conversation (security).
Conversationalist

Benefits of using VLANs... VLAN itself is a benefit !

 

When segmenting our Network we can set up different mini-networks for each department in our company. We are setting up different VLANs with different accesses, rules, restrictions, etc... As well as maintenance is actually easier when you are working on individual VLANs or group of users rather than the whole network itself. You can set up different VLANs for each department of your company, like Sales, Engineering, Helpdesk, Marketing... even a Guest VLAN so if you have visitors, they can connect to your Network without compromising it. As well as for the company's departments... they don't need to see what is Marketing doing with their own private stuff as well as all the accesses that IT has within the company. That is what segmenting your Network into different VLANs is. 

 

 

 

Head in the Cloud

Hello, Carl,

 

I have heard that you now also need different VLANs for your part of the building.

Before we go into further planning, however, I would like to introduce you to the term VLAN and its benefits.

 

VLAN stands for Virtual Local Area Network.

 

So what's the point of a VLAN, you wonder?

Quite simple, for example the segmentation of a building, as in floors. Floor1 is VLAN1, floor2 is VLAN2 and so on.

And what's the point? It's also very simple, you can give access rights for individual floors based on this.

- Floor1, for example, can communicate with every other florr and access each Internet page.

- Floor2 may only communicate with Floor3 and not on any website, but only on Meraki.com / dashboard.meraki.com

- Floor3 is not allowed to communicate with any other floor or to the Internet. Only mails and access to certain servers are allowed.

- And so on, there's nearly no limit.

For WiFi, for example, we could enter the same VLAN on all floors, so if you change floors, it's the same everywhere. So nothing changes for your notebook and you don't have any stress because everything runs automatically.

 

As we all know, pictures tell more than a thousand words, here a simple one, to understand the above even better:

 

Floors.png

 

In principle, all providers can use the technology, but I have in mind the Meraki solution for you. I can give you easy access to the Meraki website (dashboard), where you can get an overview yourself and see everything transparently that has been set, if that's what you want.

 

Hope this helps, talk to you soon. If you have any questions just give me a call or sent me a e-mail.

Marc

Here to help

A Vlan is a lot like a food for your kids, Carl.  When your kids are eating you probably noticed they don't like to eat potatoes with their peas mixed in so they sometimes separate the foods with their spoon or hand or fork.  A Vlan also works as a divider stopping certain traffic from talking to other traffic.  It also stops a break in one Vlan( Virtual-Lan) from messing up the other Vlans usually, similarly if your kids let all their food touch they would have a meltdown, Carl.  A full network down is a lot worse than just part of the network being down, just like if the peas touch the potatoes, but the beef roast was still safe. If that were to happen your kid could still eat something, and if the one Vlan broke the other Vlans, typically, won't break as well and can still be salvaged! This is how the vlan domains work, at layer 2... This changes a bit once we introduce inter-Vlan routing, or kids matching specific food! I hope this helps Carl!food seperation.jpgvlan seg.png 

Getting noticed

If a normal LAN is a highway, then VLANs are almost like the lanes.  They are all on the same physical road and sometimes you can merge and see other traffic but they don't always exit the same place or lead to the same destination

Here to help

VLAN and their benefits.

 

Simply expressed, a VLAN (Virtual Local Area Network) is a configured network within a network.

A LAN (Local Area Network) links all clients and resources within a small private network. This network may require further differentiation e.g a business that has various departments such as Finance, HR, Sales and Management.. VLANs can be set up to exclusively interconnect departments within the LAN e.g HR and Management locating within VLAN10 and Finace and Sales locating within VLAN20.

This provides a more hierarchical organisation as opposed to a flat network. It also is less susceptible to Broadcast storms, which is a form of intrusion attack

They are relatively easy to set up particularly with quality devices.

Comes here often

Carl, do you remember that kid in high school that always seemed to be welcome in any social click? Each VLAN is it's own click and the port at your desk can join whichever appropriate one you need to connect to do get the job done.

Conversationalist

Virtual subnets.

Conversationalist

 

 

 

 

Here is my entry: 

 

"Hey Carl, 

   SO you want to understand the idea and concept of VLANs...let me simplify it for you.  Carl..you've traveled on an airplane before, right?  Of course you have, so what do you do?   You pick a destination, when you want to go, your seat assignment, and then purchase it.  Once purchased you get a ticket that has a Flight Number on it.   On the day of your trip, you go to the airport, go through security, look at your ticket, you check your flight number and see which Gate you need to be at.  Once at your Gate you see it's labeled with your destination and flight number, you wait for your plane, board and off you go. 

 

So now that you understand that, let's peel back the label and let's reveal the players here: 

The Airport would be the Switch in a network,

The Gate would be the switchports that cables plug into,

The airplane is the data that travels

the Flight Number would be the VLAN

 

You see with out flight numbers (VLANs) we wouldn't know which airplane to hop on to travel, so it would utter chaos and people hopping on random planes, going to random, places.   So VLANs allow us to say "hey you belong on this plane to get to your destination, the Gate might change, but the Flight number won't" .    

 

You think you got it Carl?  " 

 

- Tony Cuevas

 

New here

So, Carl. Imagine that you work in a one-floor office and everybody shares the same open room. If you make a call to a colleague, everybody would hear his/her phone ring and you could wave to him from a distance. That would be your Local Area Network (LAN): everybody can hear and see you and if all employees try to talk to each other, that would be a noisy and messy environment.

 

Now assume that you split the same office into glass-cells, by department. Now the same phone call would only be heard by his/her department, but you still share the same floor. You could say that now you are segmented as Virtual LANs or VLANs, you're controlling the workplace in a way that you won't overload it with unwanted noise.

 

As a bonus, now picture that you and your colleague work on different floors. To get a hold of him you must call him or take the elevator to see him. That's a more direct and narrow approach and we could say that you ROUTED your information to him.

Just browsing

VLAN in a simple word is two separate networks within one network. Meaning let's say you have different departments in your company such as Finance, Management, Marketing and Sales and you don't want the Salespeople to access the Computers on the Finance network, so you create two VLANs for those departments. Or let's say you have a wifi network that your entire company connects to but you want to have a guest wifi network for your visitors that is separated from your corporate wifi network, so you set your guest wifi network on another VLAN.

Here to help

Hey Carl,

VLANs are great.

With them you can virtually build seperate switches without the need to buy seperate switches. Everything works virtually in there. You won't have to buy one switch for your two controlling guys and another one for the sales team to keep them apart. You can even plug your lab into the same physical switch without worrying the sales guys will mess it up somehow because logically everything can be seperated. You will save lots of money AND gain addiotional features like firewalling between these virtiual switches.

 

 

Comes here often

VLANs are like having dedicated floors in a building for various functions or departments, you can control access to the floors for security, establish priority for for what floor is served by the elevators first yet move people (data) from one floor to the next if access is needed to both!

 

In a simple move we have established added security, priority for faster/more reliable service yet created a situation where both can be accessed if needed. 

Comes here often
For different network devices to communicate they need two means (physical and logical), the physical part is an Ethernet cable and the logical part are the VLANs. Imagine that the logical part is a highway, so if this highway does not have marked lines between the lanes this will cause a circulation problem between the cars because they do not have a defined traffic guide. When we put lines between the different lanes, these would be the VLANs, if we realize this will allow free transit, greater order and greater traffic control. In conclusion, in data networks VLANs allow us to separate data traffic between different groups of network devices allowing us to communicate more effectively between them.
Here to help

Hello Carl,

 

Hope this finds you well, as per our conversation to purchase an meraki full stack solution support (VLAN) Virtual Local Area Network i would like here to briefly point to the concept and benefit of having such technology using the following methodology  :

 

Could you imagine company building rooms without any tags , any body can access any room , guest as  well once they enter to the building they can go everywhere, when someone is looking for an department room will go through all rooms to find you that all traffic in the building could be solved by tagging the rooms as will guest or any not wanted access could be isolated on the other hand let say finance has office on each floor in around the building would you prefer as a finance member authenticated to access to handle a key for each room or one master key for all, that's more or less what vlan can manage in the computers networking Security ,efficiency and Segmentation of the network traffic,

 

Sincerely,

Hosam            

 

   

Comes here often

A great way to think of a LAN vs a VLAN, is a house compared to an apartment. Let's imagine the structure as hardware and the tenants inside as virtual local area networks (VLANs). A house is a single structure with a single tenant living inside. If VLANs did not exist, there would only be one virtual network "tenant" inside of each switch "structure". Now, picture an apartment. This is a single structure with multiple tenants living inside subdivided homes. There are multiple virtual networks "tenants" inside a single switch "structure". The homes inside the apartment building are connected by hallways, elevators, and doors. These are how the tenants (virtual networks) are interconnected inside one single LAN (structure) and allow them to communicate within one another.

 

Imagine this, if you were a housing developer and were tasked with building homes for a large group of people in the most efficient way possible, would you build 100 separate house structures (LANs) or you would you build 1 structure (LAN) with 100 apartments (VLANs) inside? 

Comes here often

 

VLAN stands for "virtual local area network" is a smaller logical segment within a larger, physical, wired network. Basically VLAN's are used to control the broadcast domain. As consider a company like ABC in which there are 15000 of PC`s and they are connected on a network and all are in same subnet. The windows operating system is working on each computer, So as the windows operating system is always broadcasting its every service. So if we consider that our all PC`s are in a same subnet so the every PC will sends its service broadcast and when it is coming towards a switch it will broadcast it we can`t use router as all PC`s are in a same subnet. Switch will divide only the collision domain and not the broadcast domain so switch will make a multiple copies of that and send to its every port and so if 1 switch has 24 or 48 ports then there are more switches in that network. In this case Switches performance will get degraded and end users will get affected due to poor network performance. 

 

In order to create a virtual LAN, the network equipment, such as routers and switches must support VLAN configuration. The hardware is typically configured using a software admin tool that allows the network administrator to customize the virtual network. The admin software can be used to assign individual ports or groups of ports on a switch to a specific VLAN.

 

Advantages of VLAN such as ease of Administration, Confinement of broadcast domains, Reduced Broadcast traffic and Enforcement of Security policies.

 

  • VLANs enable logical grouping of end-stations that are physically dispersed on a network.

            When users on a VLAN move to a new physical location but continue to perform the same job function, the end-stations of those users do not need to be reconfigured. Similarly, if users change their job functions, they need not physically move: changing the VLAN membership of the end-stations to that of the new team makes the users' end-stations local to the resources of the new team.

 

  • VLANs reduce the need to have routers deployed on a network to contain broadcast traffic.

            Flooding of a packet is limited to the switch ports that belong to a VLAN.

 

  • Confinement of broadcast domains on a network significantly reduces traffic.

             By confining the broadcast domains, end-stations on a VLAN are prevented from listening to or receiving broadcasts not intended for them. Moreover, if a router is not connected between the VLANs, the end-stations of a VLAN cannot communicate with the end-stations of the other VLANs.

Conversationalist
You want simple? https://drive.google.com/open?id=11Iqi7hK59HUxwk-6GwaHsVYwZNZZDgmj I make no apologies for the artwork.
Comes here often

our mothers its a router, my name is jorge and iam a vlan, my sister Andrea its another vlan, we come from my mom who is the router but each are unic and we can or cant share info or talk each other if mom whant haha my song and daughter are host belong to vlan jorge and my sister andre has its own host (their children)

 

 

Just browsing
A Vlan is a subnet and broadcast domain. Vlans improve security by segregating users by function, location or application.