cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

[WINNERS ANNOUNCED] Community Challenge: VLAN Explained

Community Manager

MerakiCommunity-CommunityChallenge


UPDATE Mon, June 24: Congratulations to the winners! Read the announcement.

 

UPDATE Mon, June 24: Voting is closed, stay tuned for the announcement of the winners!

 

UPDATE Weds, June 19: We have been blown away by the number of entries for this challenge, all of them showing such compassion for Carl and patience in helping him understand! Because we have so many entries to consider, we're extending the voting deadline until Monday June 24th at 10:59am. So be sure take a look at all of the entries and kudo your favorites before Monday! 

 

UPDATE Mon, June 17: Submissions have ended for this challenge! Now is your time to vote. Remember, we will have two winners — one chosen by the most kudos received and one selected by our panel of Meraki judges. So cast your vote by giving kudos to your favorite entries and we'll announce both winners on Friday, June 21st at 11am PDT.


Virtual local area networks, or VLANs if you ain’t got time for that, are critical components for simplifying network deployments through segmentation. Despite their abundant merits, it can be tricky to inspire appreciation in a lay-person, say, Carl from Finance.

 

For this month’s challenge, we’re asking you to explain, in the simplest possible terms, the concept of and benefits to utilizing VLANs. Your audience, let’s carry on with Carl, is intelligent, but non-technical and completely at sea when it comes to networking. You can use whatever media, analogies, or hyperbole necessary to help Carl understand.

 

The winners will receive stylish grey Cisco Meraki backpacks:

 

426ba5fc-2e96-41b6-9502-d55325d55224.png

 

How to enter

Submit your contest entry in a comment on this blog post before 11 a.m. PDT on Monday (June 17th, 2019). Entries won’t be made public until voting starts. After you submit your entry, you’ll see a message reading “Your post will appear as soon as it is approved.”

 

How to win

Voting begins when submissions close (at 11 a.m. PDT on Monday, June 17th, 2019), and continues to the end of the work week. Voting closes at 11 a.m. PDT on Friday, June 21st, 2019.

 

We will be selecting 2 winners:

 

  1. The Community Favorite — chosen by you, our Community members. Cast your vote by giving kudos to your favorite entries. The entry with the most kudos from community members who aren't Meraki employees will win!
  2. The Meraki Favorite — a panel of experts here at Meraki will select the Meraki Favorite prize.

 

The Fine Print

  • Limit one entry per community member.
  • Submission period: Tuesday, June 11th, 2019 at 11am PDT through Monday, June 17th, 2019 at 10:59am PDT
  • Voting period: Monday, June 17th, 2019 at 11am PDT through Friday, June 21st, 2019 at 11am PDT
  • Prize will be a selection of Meraki swag with value not exceeding USD 50.00
  • Official terms, conditions, and eligibility information
138 Comments
Comes here often

Carl, VLANs are like a slew of restaurants you are offering to your friends and family. Some restaurants come with bland menus because you know for the safety of the patrons, they need some parameters to work within. Some restaurants are more "middle tiered" and come with robust menus that you let your seasoned foodies get an experience that is more tailored to their experiences. Some of the foodies are keen on seafood, some are keen on meat, and then there are the ones that don't need to be around those substances because they are Vegan. Then there is the fully robust restaurant that give full access to all the food options and the bar because they don't need any guidelines. In the full service restaurant, they have access to it all and can even go to the kitchen to custom build the menu they want. These restaurants are separate, but are all owned by the same parent company that indicates which patrons are given access to each restaurant based on their experience and needs. 

 

The benefits to this separation is so that each option does not over lap with the other and each patron has exactly what they need and nothing more. The patrons are happy and the corporate owners do not have to worry about issues or complaints. 

Conversationalist

VLANs make it easy for network administrators to partition a single switched network, enabling systems to be divided into logical groups, and establish rules about how devices in the separate groups are allowed to communicate with each other, for example, imagine that you live in a small town that has around 300 houses with the same characteristics, and some day you need to get an envelope that comes from another state, the delivery man must know how to submit that envelope to its destiny, first of all the envelope need to have a tag, this tag can contain the state, street, house number and receiver's name, with this information does not matter if your house has the same features, the envelope will be arriving at its destination, the same scenario happen with VLANs, the envelopes are equal to frames and are attached to hosts, but the differentiation consists on each frame that has a tag number, and can be delivered to some devices or not, at this point the VLAN's traffic is separated from other VLANs, and forwarding it only where the VLAN is configured.

The envelope´s owner will be able to read the information, nobody else can do it, because these differenciation tag provides exact information shipping.

Comes here often

 

A VLAN is like having several types of VIP plane boarding lines instead of one big line where no one has priority.A VLAN is like having several types of VIP plane boarding lines instead of one big line where no one has priority.

 

Here to help

Let said you have a big Warehouse for storage, the square footage of this big Warehouse is a multiply of 2 (don't ask me why, but that's what it is.)

you want to section it out to make multiple smaller storages, so that you can rent to others for good.

you only allowed to section each area to half, no matter how big the original area is. Also, by section out the bigger area, you lost 2 square feet for each smaller areas, one square foot for the door, and the other square foot for the wall, luckily, no matter how big the resulting section area is, you only lost 2 square feet each.

 

after you got the right size of the storage area that the customer wants, they can move things in their rental area/storage freely. but if they want to move things outside or to other storage area in your big warehouse, they needs to go thru you first, and you will keep a record of where the things come from, and where should it go.

 

does it make sense?

Comes here often

VLANs (Virtual Local Area Network) are virtualization in our LANs segments, for example:

 

We have one switch with 24 ports, if we created 2 vlans, 10 and 20, and ADD ports 1 to 12 in vlan 10 and ports 13 to 24 in vlan 20 ...

 

After this moment, we have 2 logical switches, it one with 12 ports, one of then in ports 1 to 12 and other in ports 13 to 24, because in this scenario one PC in port 7 don't communicate with other pc in port 20, in our case.

 

 

In this ilustration below, one scenario without VLANs...WITHOUT VLANs.jpg

 

 

 

In this ilustration below, one scenario with VLANs implementeded...WITH VLANs.jpg

 

 

 

Regards

Douglas Rodrigues

 

 

 

 

 

Comes here often

A VLAN is a small network inside your network that helps to keep things separate that you would like to have separate. Similar to lock boxes in a bank vault, it helps increase security and stability.

Here to help

Vlans are like having separate railroad tracks for keeping your trains for traffic separate from each other but flowing down the same pathway.  

Kind of a big deal

image.png

New here

VLAN is separation of group by sub netting. Different VLAN cannot communicate without the help of layer 3 conjunction. Same VLAN members can communicate each other even though the geographical location is apart. 

Here to help

What is a VLAN?

The Virtual Local Area Network (VLAN), is a logical subnetwork within a switch or an entire physical network

and separates physical networks into sub-networks by ensuring that VLAN-enabled switches do not forward frames (data packets) to another VLAN (although the sub-networks may be connected to common switches).

It can expand across multiple switches.

Conversationalist

Here it is outlined, briefly, the amazing value of VLAN-Virtual Local Area Network technology in the network evolution.

 

The networks are complex and their architecture/structure changes for adapting to new and future needs.

 

So VLAN is an important and essential network technology for LAN segmentation and configuration: it makes easier and improves the interactions among end systems attached to layer 2 switch device;  just like the fire and the wheel were important for humankind in the far past.

 

In depth this technology allows the setups of several logical groups/collection of hosts (up to 4094 VLANs, but some are reserved) that communicate among them as if they were attached to the same wire, regardless of their physical location; there is also an extension of VLAN, called VXLAN, for large environment like new IOT-Internet of thing contexts with the possibility to overcome the constraints of classic VLAN.

 

Each group is a separate broadcast domain (where every host sends packets to all others in the group).

 

Some fundamental benefits of VLAN are described here:

 

  • these network segmentations are very useful because could be based on organizational needs of the company (financial area, engineering area and marketing area) or functional/application needs;
  • VLAN can limit the number of hosts and so it reduces the interference and interaction between the broadcast domains, enhancing security;
  • VLAN encompasses and reduces packet traffic: broadcast, unicast and multicast traffic in layer 2 devices; and improve the use of bandwidth;
  • possible VLAN reconfiguration can be done through software/CLI-Command Line Configuration rather than by physically unplugging and moving devices or wires and this brings greater flexibility in the network administration;
  • VLANs can be locally significant or be trunked over multiple layer 2 devices; VLAN can span anywhere in network, which happens due to trunk link connection;
  • VLAN tagging, developed by Cisco, is the technique for identifying the frames that travel in trunk link with special tags.

 

 

Thank you.

Best regards.

Francesca

Comes here often

Hello Carl,

 

My name is Glen; I'm with the Network Engineering Team.

 

We have been addressing concerns in regards to inter-branch network performance as well as scalability to support our future growth. As we were working on how and where to make changes, there has been a few key areas to which we will be improving the network for each location's Finance Department. This will be done by implementing VLANs (virtual local area networks) to better segment and secure network traffic throughout all departments. Making these required changes will temporarily impact all departments, especially Finance, after normal business hours. Before we begin this project, we want to ensure you and your Team is educated on what these changes are and how the network will better serve your needs after our work is done.

 

I'm not knowledgeable on all aspects of day to day finance, but I would like to explain VLANs using the Finance Department as an example. I'm sure there's an income, through various avenues, that has to tunnel through the finance department. Whether the money is from the services we provide, our 3rd party ventures/partnerships, fund-raising etc; it comes through the finance department. I assume it's safe for me to assume each one of those avenues are important for later reporting, so they are assigned a code and/or name. That is the same principle used for assigning VLANs throughout your location's network. So the security camera traffic is separated from finance traffic, the guest wifi from both, and so on.

 

Now, again referencing my analogy, the main account all money from each avenue (VLAN) is funneled into can be considered the "tunnel" to where I'm sure it's preferred money go into this account rather than a random customer's account. Well a VLAN tunnel in a network performs the same task for data traffic. Service-income can be considered VLAN-10, 3rd party ventures/partnerships VLAN-20, and fund-raising VLAN-30. All traffic pertaining to VLANS 10, 20, and 30 will be assigned to pass through the main account, the "trunk".

 

Standing back from my poor understanding of the Finance Department, that I'm positive is more faceted than I used it for, this is how networks utilize VLAN routing. From this basic explanation, imagine the possibilities on a larger scale. The vast amount of traffic that can traverse the same network, but not bottle-neck or be sent somewhere it doesn't belong makes a big difference on day to day productivity... security and speed will be improved ten-fold. I'll follow-up with the change-order and maintenance schedules requiring your approval in the next few days 

 

I'll be happy to discuss everything in further detail, so please don't hesitate reaching out with any questions, concerns, and/or comments.

 

 

Best regards,

 

Glen 

Conversationalist
Conversationalist

Vlans are amazing features when it comes to networking, they use the same physical medium to create subnets and traffic different data. To better understand how this works, let's imagine that our network switch is a building with several floors and apartments, access through the floors is done only via stairs. In our example each floor represents a Vlan and each apartment on each floor represents equipment such as printers and computers, or departments, or even different sites. Residents of the apartments are the data that travels through the network. Residents (data packets) of a particular floor (Vlan) are only able to communicate with the residents of the same floor. If there is a need to communicate with residents of another floor he needs to resort to the stairs (Gateway) that know how to route these dwellings to the other floors and the resident will be allowed to follow or not.
Following this concept, we have the assurance that no "inhabitant" will enter floors that he is not authorized and thus we keep the network segmented and safe.

Conversationalist

A Virtual Local Area Network or VLAN, is a broadcast (logical) domain, in which all the members can interconnect each other using physical (MAC) addressing. This membership is defined with a VLAN ID (typically from 1 - 4096), where the ID = 1 is reserved for a special kind of VLAN: Native. This Native VLAN is the default for the whole switch ports (working in layer 2), until the Administrator manually change it to another VLAN ID. Warmest regards, Team.

Community Manager

UPDATE: Submissions have ended for this challenge! Cast your vote by giving kudos to your favorite entries — you have until Friday, June 21st at 11am PDT to vote.

Community Manager

UPDATE: We have been blown away by the number of entries for this challenge, all of them showing such compassion for Carl and patience in helping him understand!

 

Because we have so many entries to consider, we're extending the voting deadline until Monday June 24th at 10:59am. So be sure take a look at all of the entries and kudo your favorites before Monday! 

 

Feel free to vote for more than one, and, also, there's no shame in promoting this on social media 😉

Community Manager

Congratulations to the winners! We have announced the Community Favorite and Meraki Favorite winners here.