logo

LAN vs VLAN vs VXLAN

LAN

LAN = Local Area Network.

A LAN is a group of computer devices in the same place and share the same physical network. The devices on the same LAN are connected to the same network switch, or one of a set of interconnected switches, either directly or through wireless access points (APs) connected to the same switch.

Once traffic crosses a router and engages Layer 3 (IP-related) functions, it is not considered to be on the same LAN, even if everything stays in the same building or floor. As a result, a location could have many interconnected LANs.

VLAN vs LAN

VLAN = Virtual Local Area Network.

Both LAN and VLAN operates at Layer 2 of the network, the Ethernet level.

VLAN sits on top of the LAN: VLANs partition a single switched network into a set of overlaid virtual networks that can meet different functional and security requirements. This partitioning avoids the need to have multiple, distinct physical networks for different use cases.

VLANs work by applying tags to network frames and handling these tags in networking systems.

A VLAN is identified on network switches by a VLAN ID. Each port on a switch can have one or more VLAN IDs assigned to it and will land in a default VLAN if no other one is assigned. Each VLAN provides data-link access to all hosts connected to switch ports configured with its VLAN ID.

A VLAN ID is translated to a VLAN tag, a 12-bit field in the header data of every Ethernet frame sent to that VLAN. Because a tag is 12 bits long, up to 4,096 VLANs can be defined per switching domain.

One disadvantage of VLANs in a modern data center or cloud infrastructure is the limit of 4,096 VLANs per switching domain. A single network segment may host tens of thousands of systems and hundreds or thousands of distinct tenant organizations, each of which may need tens or hundreds of VLANs.

VLAN is software defined: we can group hosts together even if the hosts are not directly connected to the same network switch.

Many Internet hosting services use VLANs to separate customers' private zones from one other, allowing each customer's servers to be grouped in a single network segment no matter where the individual servers are located in the data center.

VLAN vs VXLAN

VXLAN = Virtual eXtensible Local Area Network.

VXLAN is a tunneling protocol that carries layer 2 packets over a layer 3 network, that is ethernet over IP; creating multiple L2 overlay networks in a given L3 overlay network.

  • VXLAN scales to 16 million unique identifiers versus 4,000 VLAN identifiers.
    • VLAN: 12 bit identifier, up to 4094 virtual networks.
    • VXLAN: 24-bit identifier, around 16 million VXLANs.

VLANs connect geographically separate devices.

In VLAN, a layer 2 network is divided into subnetworks using virtual switches and creating multiple broadcast domains within a single LAN network.

In VXLAN, a layer 2 network is overlaid on an IP underlay, and the layer 2 ethernet frame is encapsulated in a UDP packet and sent over a VXLAN tunnel.