VLAN Functions – Technology in the world of networking and networking has experienced a significant development from function updates. One of the networks we need to know is Vlan. The presence of VLAN itself is able to make us able to control data traffic management.
Vlan Functions different from a regular LAN where the VLAN network itself is a virtual version network that provides convenience and flexibility to support a simplified adaptation and change process.
What are VLANs?
What is VLAN? what are vlans used for? Let’s look at the following explanation:
VLAN stands for virtual local area network, which is a collection of devices on one or more LAN networks that are created or configured by software so that they can communicate with each other as if they were in the same channel.
These VLANs can be created and configured via software or software. That way the advantage is that you don’t have to bother if the device is moved around without the need to configure again.
The uses of VLANs are
The function of a VLAN is to provide configuration on a physical computer network into multiple domain channels.
Even though they have different channels, the paths generated by these VLANs still pass through the same connecting devices as for example using a proxy.
VLAN technology can allow multiple VLANs to coexist in a physical LAN network.
VLANs usually use switches instead of routers like typical LAN configurations.
Vlan aims to
The use of VLANs is usually used to consider whether you still want to use a traditional LAN network or not. And the following are some of the benefits of VLANs:
- Add Security
LAN is a private network that is not accessible to unauthorized users. In terms of LAN security, it is very maximal because every access must get permission or permission from the network administrator.
VLAN in this case has its own security that allows businesses or companies because there are various sensitive data that need to be kept confidential.
- Cost Efficiency
This VLAN is a facility and feature of a virtual LAN so there is no need to prepare cables or other hardware such as routers or switches.
- No Need to Reset Computer Network
In order to be able to connect to a LAN network, each computer needs to be reconfigured and started from scratch.
VLAN You can move your computer wherever you want without needing to reset LAN settings from scratch.
Basically the computer being moved is still connected to the VLAN network.
- Better Performance Improvement
VLANs have the performance of making a flat layer 2 network into multiple logical workgroups so as to reduce traffic from the network.
It aims to separate between non-essential and important networks which makes it more optimal.
- Easy Administration
The next benefit of VLAN is that it simplifies the administrative process. All server computer configurations and connections make it easier for administrators to manage and control a much more secure network.
Based on its function, VLANs can be divided into several types, including:
- Default VLANs
The default VLAN is the name for the configuration since the switch is first turned on. This type of VLAN is still standard with all switch ports available and connected in basic functionality.
- VLAN data
This type of VLAN has the main function in managing data traffic that occurs in a VLAN network.
This type of VLAN has the main function of managing data traffic that occurs in a VLAN network.
- Voice VLAN
In general, a voice VLAN is a network that supports VoIP services and has been specifically designed to support voice-based communication needs.
- VLAN Management
As the name implies VLAN This is a virtual LAN network system that can be configured as needed.
- Native VLANs
The native VLAN is the network VLAN that is returned to the port if it is not tagged or not on the switch.
Correct Vlan Configuration
Creating a VLAN Topology
In using VLAN technology, make sure you have determined the topology first.
Configuring the IP Address on Each PC
Each connected device needs to have its IP address configured in order to be able to connect to each other.
After everything is connected, you can test the topology that you have created.
How to Create a Vlan on Mikrotik
To create a VLAN on Mikrotik you can do:
Mikrotik Vlan Settings
- First you need to create a topology as shown below.
- To access the proxy using the Winbox application with the help of wine.
- First, we first run the configuration on Mikrotik1 by accessing it using Winbox via Laptop1. On the neighbor tab in winbox, click on the detected proxy MAC address and click connect to access it.
- Set the identity help on your proxy so that later if there is a detected proxy, we will not be confused when choosing it. The way is together by clicking on System then Identity.
- Give your Mikrotik an identity, for example named “Mikrotik-1”. Then click “Apply” and “OK”.
- In the topology above, the configuration that we have to do on the ports is to impact eth1 and eth2 as access ports and impact eth5 as Trunk port. Then for making the VLAN, we create 2 VLANs, namely VLAN10 and VLAN 20 on Ether 5 (the master VLAN is Ether5) because VLAN 5 is what we make as Port Trunk. To effect a new interface, click on “interface” then click on “+” (add).
- Choose the option “VLAN” we will create a new VLAN interface.
- For making this first VLAN, I created it together with the name vlan-10 and the VLAN ID 10, then for the interface, we used ether5 as the master interface. Click “Apply” and “OK”.
- Recreate the new VLAN interface with the VLAN name “vlan-20” and the VLAN ID 20. Then for the interface, we use ether5 as the master interface. Click “Apply” and “OK”.
- After the VLAN creation is complete, then what we need to do is create 2 new bridge interfaces, namely bridge-vlan10 and bridge-vlan20. the bridge-vlan10 will later be used to bridge vlan 10 with ether1 so that vlan10 can be accessed via the ether1 port, while the bridge-vlan20 will later be used to bridge the vlan 20 with ether2 so that vlan20 can be accessed via the ether2 port. To add a bridge interface, you can click on the interface and then click on the “+” (add) symbol.
- Select “Bridge” to create a new bridge interface.
- In the new brige interface, enter the name of the bridge in the name column for example “bridge-vlan10”, then click “Apply” and “OK”.
- Then create a new bridge with the name “bridge-vlan20”, then click “Apply” and “OK”.
- In order for a VLAN to be accessed via a physical port, it must be registered to a specific bridge. By clicking the “Bridge” menu, move to the “port” tab and then click the “+” (add) symbol.
- Then in the Bridge Port window, you need to enter vlan-10 into bridge-vlan10. Then click “Apply” and “OK”.
- Create a new bridge port again then insert the ether1 interface into bridge-vlan10. Select “Apply” and “OK”, after this step the ether port should be able to be used as access from vlan 100
- Re-create a new bridge port and then enter the vlan-20 interface into bridge-vlan20. Then click “Apply” and “OK”.
- Create a new Bridge port again, then enter the ether2 interface into bridge-vlan20. Click “Apply” and “OK”, after this step is complete the ether2 port should be able to be used as access from vlan 20.
- After the configuration of the Mikrotik-1 is complete, then we move on to the configuration of the Mikrotik-2. In general, the configuration carried out on Mikrotik-2 is the same as the Mikrotik-1 configuration. First we give identity to Mikrotik-2 by clicking on “System” then “Identity”.
- Give your Mikrotik an identity, for example here I give the identity along with “Mikrotik-2”. Then click “Apply” and “OK”.
- For other configurations, just equate it with the configuration that we have implemented in Mikrotik-1.
- After all configurations for the two mikrotik have been completed, then we do the IP settings for each laptop. For IP assignment, just set what is available for the topology that has been made, namely:
- Laptop1 = 192.168.1.1/24
- Laptop2 = 192.168.2.1/24
- Laptop3 = 192.168.1.2/24
- Laptop4 = 192.168.2.2/24
- In testing the previously configured vlan configuration, you need to ping from Laptop3 to Laptop1 and Laptop4 to Laptop2 which have the same VLAN ID, if successful then the configuration is correct.
- Try pinging a different VLAN ID, from Laptop4 to Laptop3 and from Laptop3 to Laptop2.
Ping from Laptop4 to Laptop3
Ping from Laptop3 to Laptop2
The ping results above failed because the laptop and other laptops had different vlan IDs, different subnets, and there was no routing path to connect laptops with different subnets.
Where to Get VLANs?
Where can you get VLANs? Of course you can get it from the manufacturer that provides the software, such as Mikrotik. However, for digital VLAN business needs that are used in enterprise class, you can contact NetData on the nds.id website.
From the discussion about the VLAN function above, it can be concluded that this virtual LAN is capable of being an alternative to conventional LAN networks.
Many conveniences offered by VLANs such as easy to configure, cost-effective, and can meet the needs of corporate networks such as regular LAN networks. Thus a review of VLANs this time may be useful.