Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Understanding VLANS

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 4 Posters 2.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      psychosematic
      last edited by

      I was wondering what are some of the benefits to using vlans over a flat network. I have decent knowledge of networking and have been using pfsense at home for about 1yr and have followed pretty closely to the development. I am now trying to employ pfsense on my network at work and trying to understand what benefit i could get out of using vlans.

      My situation is as follows:

      40pcs
      7 network printers
      1 ap
      1 sql server
      1 web/mail server
      1 fileserver

      I will be having bonded T-1's along with a cable modem. i currently have a cat 6 network that will be backed by 1 PowerEdge 2970. Like I said earlier I am pretty good with flat networks but trying to understand what I can accomplish or if it will be beneficial to me to run vlans. Any insight that anyone can give me, I would be most greatful for! ;)

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        You can separated departments ( sales, production etc. )
        In a segmented network you could get better performance, limit access to unnecessarily servers, future changes may be easier.
        http://www.ciscopress.com/articles/article.asp?p=170742&seqNum=2

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • B
          bilbus
          last edited by

          Mostly for security, but good for other stuff to. Used right its quite nice.

          We use them to install less equipment and provide seperate networks. With a Vlan you can run 2 ore more seperate networks on a single switch. You configure the ports on the switch and limit what ports can talk to other ports.

          For example on a factory floor you may have two OEMs equipment in there .. say two PLC networks or robot cells. Both networks need to comunicate with a logging / control server, but you dont want the plc/robot networks to talk to each other. You would have 3 Vlans.

          All devices on the 3 Vlans are on the same subnet (192.168.1.1/24)

          On a single switch
          Vlan1 - Network1
          Vlan2 - Network2
          Vlan3 - Server

          You can setup
          vlan1 to be able to talk to only vlan1 and 3.
          Vlan2 to be able to talk to only vlan2 and 3
          Vlan3 to be able to talk to vlan 1,2,3

          This way both networks can access a third network resource, but traffic from the two networks can never mix.

          1 Reply Last reply Reply Quote 0
          • jahonixJ
            jahonix
            last edited by

            @psychosematic:

            Like I said earlier I am pretty good with flat networks but trying to understand what I can accomplish or if it will be beneficial to me to run vlans.

            Actually, you can do lots of funky stuff with networking in general. It's just not always useful…  ;-)
            If you are "good with flat networks" then ask yourself if you have or plan to segment your network into subnets. That's when you can use VLANs. That of course implies using a VLAN capable (managed) switch. Oftentimes it is easier (and completely sufficient!) to put something like an access point on an additional interface of your pfSense (e.g. OPT1)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.