All computers on same switch can have direct access each to other, they are part of same colision domain. It means that when one computer send broadcast message it reaches all computers connected on same switch or connected swiches not devided by router.

Sometime we need to split this LAN in to few segment, for example if we have two companies sharing same physical network, or to divide network in groups of users from security reasons. Also, we can divide network part for visitors from employee part, printers part and thone parts. Also, broadcast signals will be limited only to smaller part of network.

We can do it by installing few switches and physically dividing network, or by configuring one switch that some ports belongs to one VLAN (Virtual LAN), other port to second VLAN, etc. Further, swithes can be connected on this way that one VLAN can be extended on some ports of other swiches.

Communication between different VLANs can be done by router (or Layer 3 Switch), which see them as separate network and made normal routing. This configuration is known as router on stick.

Sometimes the amount of broadcast traffic can be problem in networks. By dividing the computers into logical network segments VLANs we can rise down number of sources and amount in each segment.

Using VLAN we can:

  1. Equipment on different segments of LAN can act as on same LAN
  2. Equipment on sam segment of LAN can act as on that they are on different LANs
  3. Break colision domain on few smaller, reduce broadcast traffic

Read more:

Configure VLAN on Cisco switch – example
Extend VLANs on two or more Cisco switches – example
Layer 3 versus Layer 2 Switch for VLANs

