What Is a VLAN?
a VLAN — a Virtual LAN — a logical segmentation of a switch into separate broadcast domains, so groups of devices are isolated from each other without needing separate physical switches.
How it works
A switch normally puts all ports in one broadcast domain. VLANs divide it: ports assigned to VLAN 10 behave as one network, VLAN 20 as another — traffic between them requires routing, exactly as if they were on different physical switches. Trunk links carry multiple VLANs between switches using 802.1Q tags.
Why it matters
VLANs are the foundation of every enterprise LAN design — separating departments, guest traffic, voice and management for security and performance. They're core CCNA material: see the full VLANs & trunking guide and practise in the VLAN lab.
Frequently asked questions
What is a VLAN in simple terms?
A way to split one physical switch into multiple logical networks — devices in different VLANs can't communicate without a router, as if they were on separate switches.
Why are VLANs used?
Security (isolating sensitive systems), performance (smaller broadcast domains) and organisation (grouping users by function regardless of physical location).
Can devices in different VLANs communicate?
Only through a Layer 3 device — a router or Layer 3 switch performing inter-VLAN routing.
Related articles
Want hands-on training?
Learn this on real Cisco lab devices with placement support at Attila Technologies, Ahmedabad.