Under what circumstances do you need to divide the VLAN? The benefits of dividing VLAN into local area networks. 04/14 Update SLTechnology News&Howtos

Under what circumstances do you need to divide the VLAN? The benefits of dividing VLAN into local area networks.

2025-04-14 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Network Security >

Shulou(Shulou.com)06/01 Report--

VLAN is generally divided for the following purposes:

Dividing the intranet into different network segments can improve the security of the intranet and make it easier to manage. For example, wired and wireless are in different network segments, wireless devices are not allowed to access the corporate intranet, which can protect internal information security; and different Internet access strategies and flow control strategies can be configured for different network segments.

Split the broadcast domain to avoid broadcast storms. The phenomenon of broadcast storm is more prominent in the wireless era, AP equipment discovery, management and other operations will produce broadcast packets.

So, under what circumstances do you need to divide VLAN? The main considerations are as follows:

The need for intranet information security. For example: do you need to restrict access to server resources on the intranet? Especially when WiFi is provided, it is easy for foreign devices to access the enterprise intranet, which leads to security risks (security can not rely on wireless passwords).

Management needs. Dividing different network segments between different departments will be easier to manage.

Broadcast storm. Traditionally, no more than 255terminals per VLAN are recommended, but in the wireless era, it is generally not recommended to have more than 200terminals.

It is recommended to use WFilter's "Network Health Detection plug-in" to detect. If WFilter detects broadcast storms and there are high Ping values and high latency in the private network, you need to consider dividing VLAN.

On what devices is the VLAN divided? There are generally two options:

Divide the VLAN on the switch.

Divide the VLAN on the router gateway.

To put it simply: the internal network restriction function of layer 3 switch is more powerful, and it is more convenient to divide VLAN on routers. If there is a lot of data exchange between different network segments, it needs to be divided by a layer 3 switch; otherwise, it can be satisfied by dividing the VLAN directly with the router. As shown below:

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.