10 VLAN OVERVIEWVLAN OverviewIntroduction to VLAN The traditional Ethernet is a flat network, where all hosts are in the samebroadcast domain and connected with each other through hubs or switches. Thehub is a physical layer device without the switching function, so it forwards thereceived packet to all ports. The switch is a link layer device which can forward thepacket according to the MAC address of the packet. However, when the switchreceives a broadcast packet or an unknown unicast packet whose MAC address isnot included in the MAC address table of the switch, it will forward the packet toall the ports except the inbound port of the packet. In this case, a host in thenetwork receives a lot of packets whose destination is not the host itself. Thus,plenty of bandwidth resources are wasted, causing potential serious securityproblems.The traditional way to isolate broadcast domains is to use routers. However,routers are expensive and provide few ports, so they cannot subnet the networkparticularly.The virtual local area network (VLAN) technology is developed for switches tocontrol broadcast in LANs.By creating VLANs in a physical LAN, you can divide the LAN into multiple logicalLANs, each of which has a broadcast domain of its own. Hosts in the same VLANcommunicate with each other as if they are in a LAN. However, hosts in differentVLANs cannot communicate with each other directly. Figure 25 illustrates a VLANimplementation.