Wednesday, May 5, 2021

My CCNA Studies - What I learned about VLANs and Trunks?

Lately, I have been concentrating my CCNA studies on Implementing VLANs and Trunks. Today I want to provide you a brief overview of what VLANs and Trunks are. The reason I have been concentrating on this is that at my company an office needed to have certain computers set up on a VLAN due to the data transactions they were doing on certain computers. Something I learned about two years ago was about securing and separating point of sales computers that require a virtual local area network. This helps so others are not able to easily see or connect to those computers. They process credit card transactions and it is important to make sure that they are compliant and secure. 


What is a VLAN? 


Having the point of sales device to be on a VLAN is what we did. Well, that is what network support did and I just statically assigned the IP addresses to the computers. We logically segmented the systems to be under a group which would be for Point of Sales transactions. This process is great to help separate different groups and departments. This is also important, especially if sensitive or confidential information needs to be "same" network as other computers are in the office. Other examples to segment them would be to separate the Human Resources department from Sales. Given that HR may have important employee data that needs to be protectors and separated from others within the company.  

How I see a VLAN is that it creates a "hidden" network within a network. Think of it as having a Windows operating system on a Macintosh computer by using VMWare Fusion or Virtual Box. Having this creates a way to only connect servers on the same logical network. This can all be done, just like having Windows on a Mac, through software. This is extremely helpful given that one does not have to purchase more equipment for this to work. Now my analogy may not be exact but hopefully, you can understand a bit about what a VLAN looks like.  


According to Cisco Student Learning Guide, Implementing and Administering Cisco Solutions, "switches often use links that carry data from multiple VLANs and allow VLANs to be extended across an entire network. These are called trunks.".

In all a VLAN uses the same physical network but have their independent network. Just like a point of sales computers maybe not the same as the manager's computer in the office. If it is, then it should not be. By having this in place it provides a layer of security and one benefit on "containing broadcasts within a VLAN improves the overall performance of the network.". One YouTube page that I go to for information is from Practical Networking. Their video and website provide greatly simplified information on networking. Plus their subnetting videos are great and easy to follow. Check out their video on  What are VLANs?


What is Trunking with 802.1Q? 


Trunking to me is where two lanes are combined to the same port. What I understand from what I have read is that it allows one to take advantage of any unused ports to create double the speed instead of having to purchase more hardware. For example, if you have 100Mbps it would double to 200Mbps. Is this good? I think so but I do not think it is that simple. I guess networking is not with larger networks. In all "trunking allows switches to pass frames from multiple VLANs over a single physical connection.". A trunk also "allows the transport of frames from different VLAN.". (Cisco Solutions student learning guide CCNA page 163). 


Cisco Catalyst switches do support the IEEE 802.1 Q trunking protocol and a reason why I see that when an ethernet frame is put on a trunk it will need to add a VLAN tag about the VLAN. Note that VLAN trunking is connected to a Layer 2 switch. "The router does the routing, with the switch creating the VLANs." (CCNA 200-201 OCG Vol 1 Chapter 17. IP Routing in the LAN). 


In conclusion, I have experienced this as a desktop support technician when I had to call in to get a few computers set up on a specific VLAN. Before I did not know what the tech meant about VLANs but any time I see a point of sales computer I can imagine that they were segmented from other computers on the network. As always please take my posts only as my point of view on my studies for the CCNA and always do your research. If you have not already done so go to OReilly or on Amazon and get the Cisco CCNA cert guide and let me know how your studies are going. I would be eager to hear how your studies are going.  


Don't stop learning. Keep it up even if it is for a few minutes each day.