Noob vlan questions
-
So I never used vlans or anything before like that.
I am just wondering, what is the point?
Can't you just do the same thing with firewall rules?
Like creating a new firewall rule that blocks traffic from say lan1 to lan2?
Thx -
Think of a VLAN as a physical LAN without extra cable.
So what you're saying is exactly right, create lan1 & lan2 using separate physical media or virtualize it. Then add firewall rules for connection, as traffic between separate lan:s need to go through a router.The benefits of VLAN:s are several, to mention a few:
- You don't have to get extra equipment for every lan - a vlan-capable switch can handle multiple lan:s.
- You can add clients to a specific vlan in several ways, for instance:
- Ports 1-4 on switch are vlan2, ports 5,8 & 12 are vlan3 etc.
- Create a vlan based on clients mac-adress
- You can have a VLAN with clients in Rome, New York, Berlin whereever