A VLAN (Virtual LAN) groups devices on separate logical networks, even if theyβre on the same physical switch.
Subnetting divides a large IP network into smaller segments (subnets).
| VLAN ID | Department | Purpose |
|---|---|---|
| 10 | Admin | Management systems |
| 20 | Sales | Laptops, PCs |
| 30 | Development | Testing and dev tools |
| 40 | Guest Wi-Fi | Internet-only access |
| 50 | Servers | Database, file servers |
Assume: 192.168.1.0/24
Each VLAN gets its own /28 subnet (14 usable IPs):
| VLAN ID | Subnet | IP Range |
|---|---|---|
| 10 | 192.168.1.0/28 | 192.168.1.1 β 192.168.1.14 |
| 20 | 192.168.1.16/28 | 192.168.1.17 β 192.168.1.30 |
| 30 | 192.168.1.32/28 | 192.168.1.33 β 192.168.1.46 |
| 40 | 192.168.1.48/28 | 192.168.1.49 β 192.168.1.62 |
| 50 | 192.168.1.64/28 | 192.168.1.65 β 192.168.1.78 |
# Create VLAN
vlan 10
name Admin
# Assign port to VLAN
interface FastEthernet0/1
switchport mode access
switchport access vlan 10
802.1Q β VLAN tagging standard
Inter-VLAN Routing β Allows VLANs to communicate
Trunk Port β Carries multiple VLANs across switches
ACL (Access Control List) β Controls traffic between VLANs