VLAN vs. Subnet

What is the difference between a subnet and a vlan? How does a subnet and vlan work differently from each other?”

“While going through the CCNP switch book of CISCO, I encountered this statement “The switch port supports one VLAN, but multiple subnets can exist on that single VLAN.” I thought that since a vlan is a broadcast domain, only one subnet can be associated with a particular VLAN. Could anyone please clarify how this is possible?…”

“I am studying VLANs and doing some related labs. In this context I have two questions: How can I capture packets on a VLAN interface in GNS3? Am I right saying that an access L2 port strip off the tag before forwarding packet to host? If so, where can I capture to see vlan tags in L2 frames?”

The above questions were raised by some Cisco users. What is the main difference between a subnet and a vlan? Basically, VLAN is a layer 2 concept. Subnet is a layer 3 concept.

Normally, 1 IP subnet is associated with 1 layer 2 broadcast domains (VLAN). Every useful VLAN (from an IP perspective) will have an IP network associated with it. VLANs are for creating broadcast domains (different networks) at the L2 level. But only PCs on the same VLAN can communicate, unless you have a L3 switch or router, in which case, you will still have to subnet (give the VLANs IP addresses).

VLANs (layer 2) and subnets (layer 3) go hand -n- hand. If you are working on the same device, such as a L3 switch, you have to use a seperate VLAN ID for each seperate subnet.  Example:

vlan 2

interface vlan 2

ip address 192.168.2.1 255.255.255.0

vlan 3

interface vlan 3

ip address 192.168.3.1 255.255.255.0

**Note each subnet has it’s own VLAN ID.

If you are going across a L3 boundardy, you can re-use the VLAN ID like this:

SW1–>R1<—SW2

SW1:

vlan 2

interface vlan 2

ip address 192.168.2.254 255.255.255.0

R1:

Interface Fa0/0

ip address 192.168.2.1 255.255.255.0

Interface Fa0/1

ip address 192.168.200.1 255.255.255.0

SW2:

vlan 2

int vlan 2

ip address 192.168.200.254 255.255.255.0

Note the VLAN ID is the same, however!!! it is still different subnets……meaning that even still VLANs and Subnets go hand and hand. ….Here we list some points with examples to tell a detailed difference between VLAN and Subnetting.

VLAN vs. Subnet

Subnetting and implementation of VLANs provide administrators flexibility when trying to come up with networks on medium to very large scales. In essence, VLANs and subnets are similar in the purpose of their development. But they have obvious differences in functionality, operation, or deeper objectives.

VLAN (Virtual Local Area Network) exists when two or more ports are connected physically or grouped together by some piece of network hardware/software that supports VLAN functionalities. On the whole, a VLAN is very similar to that of a physical LAN. Their main difference is VLANs capability to group end stations together without the requirement of being located on the same network switch. In VLAN, configuration of the network can be done via software extensively. Basically, VLANs are used at layer 2 to break up broadcast domains.

Each VLAN is considered as a separate entity and it can only reach another VLAN through a router. You can use a single network with VLANs but when one network goes down for some reason, the entire logical network is concerned. VLANs are very useful when an IT professional (system or network admin) wants to group organization departments for better work performance, less traffic, and more efficiency.

A subnet is essentially a group of IP addresses. Any particular address can reach any address without using any routing device if they belong to the same subnet. Now, if the address you want to reach is outside of your subnet, then just like in VLANs, you will have to go through a router. Subnet is at layer 3 (IP), wherein IP addresses belong.

When you are subnetting, you are actually dividing an IP address into smaller subnets. This accomplishes an addition of multiple networks to the system, a thing that any organization or agency would constantly need. The great thing about subnetting is that subnets are unaffected with other subnets going down or having technical breakdowns.

It can be said that VLAN is software-based and subnetting is primarily hardware-based. Though VLANS are somewhat perceived to be lacking in security as they can be hacked, it is still the more popular network segregation of choice by many administrators.

Main Points we need to get:

  • VLAN is found to be more popular than subnetting but, more often than not, both are used to complement each other.
  • VLAN is works at the layer 2 while subnet is at layer 3.
  • Subnets are more concerned about IP addresses.
  • Many would consider that subnetting is more secure but VLAN brings more network efficiency.
  • VLAN is largely software-based while subnet is hardware-based.

More Networking Topics:

Layer-3 Switching or Layer-2 Switching?

Switch Types and LAN Switching

Share This Post

Post Comment