I've watched alot of demonstration videos but this is the first i've commented on. I just wanted to say this is hands down the best and easiest to understand tutorial i have ever watched on the topic of VLANS. Thank you!
Great question. A layer 3 switch, also often referred to as a Multi-layer switch (MLS) can do the logical routing between VLANs, and in that case the switch is doubling as both a switch and router. You are right on the money.
If VLAN200 clients need dhcp, and the dhcp server is in VLAN100, then we will need to use a DHCP relay agent, connected to VLAN200 to forward the requests to the DHCP server. Keith
Thanks for the idea. We have a new project we will be working on in the next couple months, and it will involve lots that. During that time, we'll create several Micro Nuggets on that topic. Thanks again, Keith.
Keith, you have helped me ALMOST land a job in IT with no experience or education whatsoever. I’m very, very close. I want to thank you for all of this content. You make it so understandable, and I thank you. I’m almost 40 years old, changing from police officer to IT.
When users connect using a VPN (connecting remotely) they will not be in the same VLAN or have the same IP addressing they would as if they were physically on the network. When using a VPN they are logically connecting to the VPN server/firewall/router, and that device is forwarding packets further into the network based on their routing/filtering policy.
Hi Keith, Glad I caught you here. But my question it isn't in this video but on your CBT Nuggets CCNP Sec. Firewall 642-618, video #5 ACLs on the ASA. This is my 1st month as a member and I've been followed through your Nuggets using my own home lab. My question is particularly how do I setup to simulate outside internet? So I can do testing from outside network inbound to most trusted network inside. I connected via T/W cable at home. I really appreciated your help so I can continue w/video.
Hello, thank you very much for the video! I just have one question.. What is the point of separating networks via vlans when you can do so with subnetting? Therefore, broadcasts only are sent to each subnet. Thanks in advance. :)
This video is very helpful to me because I don't know much about networking stuffs. I just wanted to ask if creating a VLAN needs an application on the computer. One thing, if you want to build a network, for example, the networks are separated in floors, do they need a switch at every floor? (So they'll be connected physically?) Thank you!
Hi Keith.. Thanks for the video was really insightful. I have a doubt, how will this work for scenarios where the employees are mobile. For instance, one sales person wants to work out of the accounting office. In that case, how would VLANs work as I m assuming that they would be connecting to one of the ports from the accounting office. Thanks.
Hello Ariel- I am happy to know you are a subscriber, welcome aboard. Its one of the best investments a person can make in themselves. Lets do this, so that we can have an troubleshooting chat (not associated with this video), visit me on my facebook page "Keith Barker Networking", and there we can walk through the steps I use to connect to the live internet from the ASA in GNS3. Will that work for you? Keith
With a multi-layer switch, the switch itself can take care of the routing needs and process data a lot faster than if we were to route data to a third device, usually a router.
Hi Keith - thanks so much for your replied. That will work just great my friend. I actually have some major questions like this one here for you so my level of understanding at least adequate. I'll see you in facebook - Thanks buddy.
If VLAN partitions at L2, why are the IP address ranges different for Sales and Accounting? Why does the Router have 2 Ip address (10.1.0.1 and 10.2.0.1) ? I mean the router is not like on 2 different L3 networks? I get confused when L3 stuff (eg router, subnetting) gets discussed when explaining VLAN , as I fail to understand what role L3 plays in case of VLAN.
so how do prevent outside internet traffic from reaching computers on vlan 2 and keep them restricted to vlan 1. but I want the PC on vlan1 to be able to communicate with the devices on vlan 2?
FuriouslyFurious Did you find an answer? I believe you need to config an acl. Look up Access Control List for VLANs. You could use port security for the interfaces in the other VLAN.
I watched this video but it's still unclear to me why you would use a VLAN to separate broadcast domains. Isn't that what the router is supposed to do? Also, I'm pretty confused with how you could separate broadcast domains (which are L3) on an L2 device such as the switch.
You use a VLAN to separate networks that you don't want communicating without an ACL. There could be confidential information on one subnet(accounting) that you don't want the sales team to see, thus the reason for a VLAN. It's no different than having 2 separate switches that plug into a router except with VLAN's you would only require one switch that plugs into a router, thus saving the company money on hardware, etc
ok. actually my question sounded not well thought out. here's my real question. I have a PC that I want to dedicate as a host for a game server. I want to give certain people access to remote into the server, but I want them to stay off of my other devices.
I am still struggling to understand why we use VLANs. If the purpose is to divide the network, why not just put them on different switches? That way you don't need to configure anything. Put accounting on switch 1, sales on switch 2, and then connect them to a router.
Well there's a very simple answer! Cost! Why buy multiple switches when you just need one? One switch with hundreds of VLAN's on it. The other purpose for VLAN's is security, you don't want the sales team to have access to the HR department or accounting department and VLAN's will prevent that.
Woah....you start out talking about Accounting in Las Vegas and Sales in Reno and connected via WAN. Then, you say both departments grew. Why does it matter that they grew? And if they're in different cities, how can they be on the same LAN? They can't. You need to improve the way you discuss this to be more logical and sequentially relevant.
Thanks for the idea. We have a new project we will be working on in the next couple months, and it will involve lots that. During that time, we'll create several Micro Nuggets on that topic. Thanks again, Keith.
ok. actually my question sounded not well thought out. here's my real question. I have a PC that I want to dedicate as a host for a game server. I want to give certain people access to remote into the server, but I want them to stay off of my other devices.
You need a router with ACL's or a firewall. Assign that dedicated host an external IP, allow incoming traffic to it over very granular ports and deny the same source traffic to anything else
Thanks for the kind words.
Best wishes,
Keith
Thanks for the kind feedback. It is appreciated.
Best wishes,
Keith
I've watched alot of demonstration videos but this is the first i've commented on. I just wanted to say this is hands down the best and easiest to understand tutorial i have ever watched on the topic of VLANS. Thank you!
Jamie Hatch Thanks for the comment/compliment!
Just what I came to the comment section to say
Same here!
agreed!!
+1 to that
Great question.
A layer 3 switch, also often referred to as a Multi-layer switch (MLS) can do the logical routing between VLANs, and in that case the switch is doubling as both a switch and router. You are right on the money.
If VLAN200 clients need dhcp, and the dhcp server is in VLAN100, then we will need to use a DHCP relay agent, connected to VLAN200 to forward the requests to the DHCP server.
Keith
Thanks for the idea. We have a new project we will be working on in the next couple months, and it will involve lots that. During that time, we'll create several Micro Nuggets on that topic.
Thanks again,
Keith.
Thanks you for the feedback!
Glad you enjoyed the video.
Best wishes,
Keith Barker
Thanks for the note! Glad you liked it.
Keith
Keith, you have helped me ALMOST land a job in IT with no experience or education whatsoever. I’m very, very close. I want to thank you for all of this content. You make it so understandable, and I thank you. I’m almost 40 years old, changing from police officer to IT.
We're honored to have you as a part of our learner community! Please do not hesitate to reach out if you have any questions.
#CBTNlearner
This the first video that I finally grasped VLAN.
Have been binge-watching CBT nuggets. You made it so simple to understand while still covering all the aspects. Thank you!
Awesome, thank you Sushma! Glad that the videos have been helpful for you.
Thanks for the feedback!
Keith
Thank you so much for this video, it takes my Network teacher an hour to explain this, and you explained it in 8 and a half minutes. Thank you ;)
Best explanation of VLAN by far. Great video!
Another great video Keith!
Keith Barker ROCKS!
Love the sound effects specifically at 5:05 !
There’s no another easiest way than this 😀. Thanks a lot
Still helping people after 8 years
thank you Keith.. really appreciate for taking time to reply..
I'm a savvy network guy so VLANs are child's play for me - but I must admit you explained that fantastically.
Ok, see you there.
Wonderful video, Keith. Informative and well structured. Thanks a million.
What a brilliant explanation. Thank you Keith
A life saving video!!!!!!!!! Great Job!!
thank alot !!! the only 1 video make a clear explanation about vlan !! thank you !!
Best video by CBT nuggets,,Thanks you very much Keith...u r a Gem of a person
When users connect using a VPN (connecting remotely) they will not be in the same VLAN or have the same IP addressing they would as if they were physically on the network. When using a VPN they are logically connecting to the VPN server/firewall/router, and that device is forwarding packets further into the network based on their routing/filtering policy.
you know what? I really don't get what my professor saying about VLAN, but bcoz of this video, DAMN. I know now =)
jojo alberto We are glad you found this tutorial beneficial! Thanks for the feedback.
One of the best videos cleared up alot
Thanks for the feedback Langelihle Mnguni!
Thanks a ton, you made it too simple to learn, yet covered all aspects :)
Very useful and easy to understand video! Thanks for this!
Finally, an explanation I could understand, thank you!
Thanks. Clear and to the point.
You're a king 👑
Simple yet informative. Keep it up.
Thank you for making this video.
We're so glad you enjoyed it! Thank you for learning with us.
This helped out big time! Thank you so much!
Extremely well made videos, informative and illustrative, well done!
This is a great illustration. Thank you
Hi Keith, Glad I caught you here. But my question it isn't in this video but on your CBT Nuggets CCNP Sec. Firewall 642-618, video #5 ACLs on the ASA. This is my 1st month as a member and I've been followed through your Nuggets using my own home lab. My question is particularly how do I setup to simulate outside internet? So I can do testing from outside network inbound to most trusted network inside. I connected via T/W cable at home. I really appreciated your help so I can continue w/video.
Sir I have a question out of the this tutorial
Which is
How can configure two routers and 1 switch between them
Thanks for the informative video. I appreciate the time and effort you have put into this. Keep up the great work.
Now i understand after 1000 of videos 😋
Very good and simple explanation
Great video. Easy to understand. Thank you.
This video is brilliant. Well done And thanks!
Hello, thank you very much for the video! I just have one question.. What is the point of separating networks via vlans when you can do so with subnetting? Therefore, broadcasts only are sent to each subnet. Thanks in advance. :)
clear everything about vlan. it helps me a lot . thanks :)
This video is very helpful to me because I don't know much about networking stuffs. I just wanted to ask if creating a VLAN needs an application on the computer. One thing, if you want to build a network, for example, the networks are separated in floors, do they need a switch at every floor? (So they'll be connected physically?) Thank you!
Yet another great MN :D Keep up the great work :D
Thanks for explaining it so well, you got through my thick skull :-)
Clearly explained !!
Thank you, Santosh! Keith really knows his stuff.
Great video!
Hi Keith.. Thanks for the video was really insightful. I have a doubt, how will this work for scenarios where the employees are mobile. For instance, one sales person wants to work out of the accounting office. In that case, how would VLANs work as I m assuming that they would be connecting to one of the ports from the accounting office.
Thanks.
dude u r awesooooooome!!!!!!!!!!!!!!!!!
Fantastic!
Thanks a million, Super help
Glad it helped!
Great video, thank you! It helped me a lot.
Hello Ariel-
I am happy to know you are a subscriber, welcome aboard. Its one of the best investments a person can make in themselves.
Lets do this, so that we can have an troubleshooting chat (not associated with this video), visit me on my facebook page "Keith Barker Networking", and there we can walk through the steps I use to connect to the live internet from the ASA in GNS3. Will that work for you?
Keith
thnku for the Nice info on VLAN
With a multi-layer switch, the switch itself can take care of the routing needs and process data a lot faster than if we were to route data to a third device, usually a router.
Helpful. Nice work.
Hi Keith - thanks so much for your replied. That will work just great my friend. I actually have some major questions like this one here for you so my level of understanding at least adequate. I'll see you in facebook - Thanks buddy.
Excellent!!!
Man this was very good i am a beginner in the Network world thanks
edgoodman01 You're welcome! Thanks for the feedback.
Thank you
Thanks Keith. Super awesome explanation.
Is it possible to request for a nugget showing how to route Layer 2 protocols (like DEC) on MPLS.
Cheers
Hello What CBT course is this video from? Thanks
Nice Explanations..
Good one.
how can I configure computer on different VLAN to communicate with each other ?HELP ME
Awesome.
Really helpful
If VLAN partitions at L2, why are the IP address ranges different for Sales and Accounting? Why does the Router have 2 Ip address (10.1.0.1 and 10.2.0.1) ? I mean the router is not like on 2 different L3 networks? I get confused when L3 stuff (eg router, subnetting) gets discussed when explaining VLAN , as I fail to understand what role L3 plays in case of VLAN.
Nice, thank you!
Excellent
this just made life so much easier lol
Romeo Patroni That's what we are here for! Thanks for the feedback.
What software are you using for this video??
***** The CBT Nuggets trainers all use Wacom tablets and each trainer uses a different software. Unfortunately, we can not disclose this information.
This was helpful! :)
Why cannot I configure my default switch on GNS3 2.2.3 ? Only routers are configurable. Any one has an idea? THanX
so how do prevent outside internet traffic from reaching computers on vlan 2 and keep them restricted to vlan 1. but I want the PC on vlan1 to be able to communicate with the devices on vlan 2?
FuriouslyFurious Did you find an answer? I believe you need to config an acl. Look up Access Control List for VLANs. You could use port security for the interfaces in the other VLAN.
helpful.thank you.
Nice Video :)
WHAT ABOUT TRUNK PORT?
that was helpful :) thanks
great!!!
I watched this video but it's still unclear to me why you would use a VLAN to separate broadcast domains. Isn't that what the router is supposed to do? Also, I'm pretty confused with how you could separate broadcast domains (which are L3) on an L2 device such as the switch.
You use a VLAN to separate networks that you don't want communicating without an ACL. There could be confidential information on one subnet(accounting) that you don't want the sales team to see, thus the reason for a VLAN. It's no different than having 2 separate switches that plug into a router except with VLAN's you would only require one switch that plugs into a router, thus saving the company money on hardware, etc
inter-VLAN pls!
ok. actually my question sounded not well thought out. here's my real question. I have a PC that I want to dedicate as a host for a game server. I want to give certain people access to remote into the server, but I want them to stay off of my other devices.
When you mean port 0/25? What exactly does that mean? Does that mean row 0 and column 25?
It's called a router, pronounced "roo-ter".
did you have a flu when dong this video ? lol
I am still struggling to understand why we use VLANs. If the purpose is to divide the network, why not just put them on different switches? That way you don't need to configure anything. Put accounting on switch 1, sales on switch 2, and then connect them to a router.
Well there's a very simple answer! Cost! Why buy multiple switches when you just need one? One switch with hundreds of VLAN's on it. The other purpose for VLAN's is security, you don't want the sales team to have access to the HR department or accounting department and VLAN's will prevent that.
Woah....you start out talking about Accounting in Las Vegas and Sales in Reno and connected via WAN. Then, you say both departments grew. Why does it matter that they grew? And if they're in different cities, how can they be on the same LAN? They can't.
You need to improve the way you discuss this to be more logical and sequentially relevant.
drittspill
Ditched cbt nuggets. The voice is way to enthusiastic like this isn’t THAT exciting
Thanks for the kind words.
Best wishes,
Keith
Thanks for the idea. We have a new project we will be working on in the next couple months, and it will involve lots that. During that time, we'll create several Micro Nuggets on that topic.
Thanks again,
Keith.
ok. actually my question sounded not well thought out. here's my real question. I have a PC that I want to dedicate as a host for a game server. I want to give certain people access to remote into the server, but I want them to stay off of my other devices.
You need a router with ACL's or a firewall. Assign that dedicated host an external IP, allow incoming traffic to it over very granular ports and deny the same source traffic to anything else