In what I laughingly call my spare time I teach a graduate course in computer communications at St. Thomas University. Since I’ve been trying to make sense of Virtual Local Area Networks (VLANs), the class got to write a term paper on the subject. I asked everyone to:
1. Provide a clear and coherent definition of the term VLAN.
2. Describe the situations VLANs have been designed to address, contrasting VLANs with the alternatives.
3. Analyze the claimed benefits of VLANs.
So … A VLAN is an administratively-defined rather than physically-defined LAN subnet. With VLANs you can put everyone in a workgroup on the same virtual segment regardless of their physical location. This is supposed to reduce administrative overhead.
It’s also supposed to reduce network traffic. How? Workgroup members communicate with each other more than with anyone else; VLANs keep workgroup traffic within one virtual segment. Also, instead of broadcast traffic propogating throughout the LAN, it gets restricted to “broadcast domains” that correspond to the same virtual segments. (If you’re not a network weenie: while most network packets go between specific nodes on a network, some have a destination address of “everyone” – the sender “broadcasts” them.)
There’s more, but when you’re in IS management you’re not supposed to understand technology in great depth. You’re supposed to understand its nature, purpose, and fit with your organization’s business needs.
You’re also supposed to have a high-quality BS Detector set for maximum scan, since our industry has the highest BS/Customer ratio of any profession. (BS, if you’re not familiar with the term, is short for “BuShwah”.)
I’ve graded 34 graduate papers. I’m concerned VLANs are mostly bushwah, because the problems they’re designed to solve may not be important problems in the first place.
Let’s take assigning workstations to logical workgroups. Most organizations still co-locate workgroups, so a VLAN virtual segment and the network’s physical segmentation would largely coincide. No big VLAN benefit there.
More important, most traffic goes from workstation to server and back, not from workstation to workstation. With everything attached to switching hubs (and VLANs require the use of switching hubs) workstations should see only their own packets even without VLANs, except for those pesky broadcast packets.
How much LAN traffic comes from broadcasts? I can say with complete confidence I have absolutely no idea. I do know this: a lot of broadcast traffic comes from older protocols like Novell’s SAP and RIP (System Advertisement Protocol and Router Information Protocol). Novell, though, has replaced SAP and RIP with NLSP (Netware Link Services Protocol) which dramatically reduces broadcast traffic – a good idea, and one that further reduces the value of VLANs.
How about the reduced network administration from moves, adds and changes? I’m completely baffled here. Network bridges and switches automatically learn the location of every station’s address on the network. Move a station and they learn the new location without intervention.
With VLANs, you get to assign each workstation to a virtual segment manually. Sounds like more work, not less, especially since you already have to define workgroups in your network directory service.
Lots of very smart people believe in the value of VLANs, though, and that makes me wonder what I’m missing. So I’m going to do what any good manager should do: ask an expert to do the hard work, after which I plan to take the credit.
Nick Petreley (you’ll see his smiling face a few pages from here) knows everything there is to know about technology. He and Charlotte Ziems, InfoWorld’s Test Center Director, want to do solutions-based testing anyway. I think VLANs would be a great solution to test.