VLANS and VTP

A VLAN is a logical grouping of network users and resources connected to administratively defined ports on a switch. When you create VLANs, you’re given the ability to create smaller broadcast domains within a layer 2 switched internetwork by assigning different ports on the switch to different subnetworks. A VLAN is treated like its own subnet or broadcast domain, meaning that frames broadcast onto the network are only switched between the ports logically grouped within the same VLAN.

By default, routers allow broadcasts to occur only within the originating network, while switches forward broadcasts to all segments. Oh, and by the way, the reason it’s called a flat network is because it’s one
broadcast domain , not because the actual design is physically flat.

Here’s a short list of ways VLANs simplify network management:

• Network adds, moves, and changes are achieved with ease by just configuring a port into the appropriate VLAN.
• A group of users that need an unusually high level of security can be put into its own                   VLAN so that users outside of the VLAN can’t communicate with them.
• As a logical grouping of users by function, VLANs can be considered independent from their physical or geographic locations.
• VLANs greatly enhance network security.
• VLANs increase the number of broadcast domains while decreasing their size.