A Beginner’s Guide to VLANs, Gateways, DNS, and Subnet Masks

VLAN (Virtual Local Area Network)

A VLAN is a logical subdivision of a LAN that creates separate broadcast domains. Devices in the same VLAN can communicate directly, while traffic between VLANs must be routed. This reduces unnecessary broadcast traffic and simplifies network management.

Example: An 800‑student high school can be divided into ten classes of 80 students each. Treat each class as a VLAN (e.g., VLAN 10, VLAN 20 … VLAN 100). Each VLAN gets its own IP subnet, so ARP requests stay within the class and do not flood the entire network.

Typical VLAN configuration includes a VLAN ID (1‑4094) and an associated IP subnet, e.g., VLAN 10 → 192.168.10.0/24.

Inter‑VLAN Routing

Single‑Arm Routing (Router‑on‑a‑Stick)

In a single‑arm routing setup a layer‑2 switch forwards traffic for multiple VLANs to a single physical router interface configured with sub‑interfaces, each tagged with a VLAN ID. The router performs routing between the VLAN sub‑nets.

Key steps:

Configure trunk ports on the switch to carry all VLAN tags.

Create sub‑interfaces on the router (e.g., Gig0/0.10 for VLAN 10, Gig0/0.20 for VLAN 20) and assign each the appropriate IP address.

Enable IP routing on the router.

Layer‑3 Switch

A layer‑3 switch integrates routing functions directly into the switching hardware. It contains both switching ASICs and a routing ASIC, allowing high‑speed inter‑VLAN routing without the bottleneck of an external router.

Typical configuration:

Enable routing on the switch (e.g., ip routing).

Assign SVIs (Switched Virtual Interfaces) for each VLAN, e.g., interface Vlan10 with IP 192.168.10.1/24.

Configure a default gateway if the switch must forward traffic to external networks.

Gateway

A gateway is the IP address of a router that connects a local subnet to other networks. Hosts send packets destined for outside their own subnet to this address.

In practice the first usable IP (e.g., 192.168.1.1) or the last usable IP (e.g., 192.168.1.254) of a subnet is often chosen as the gateway.

Example Subnets :

Subnet A: 192.168.1.0/24 – gateway 192.168.1.1 Subnet B: 192.168.2.0/24 – gateway 192.168.2.1 When a host in Subnet A wants to reach a host in Subnet B, it forwards the packet to its gateway (192.168.1.1). The gateway routes the packet to the gateway of Subnet B (192.168.2.1), which then delivers it to the destination host.

The default gateway is the specific gateway a host uses when no more specific route exists.

DNS (Domain Name System)

DNS translates human‑readable domain names into IP addresses. A client queries a DNS server to resolve a name such as www.baidu.com to its IP address (e.g., 61.135.169.105), which is then placed in the packet’s destination field.

MAC Address vs. IP Address

The MAC address is a 48‑bit hardware identifier burned into a network interface card. It is globally unique and does not change.

The IP address is a logical identifier assigned to a host on an IP network. IPv4 addresses can change (e.g., via DHCP), while IPv6 provides a larger address space.

Analogy: MAC address is like a person’s name (unchanging), IP address is like a mailing address that can change when the person moves.

Subnet Mask

A subnet mask separates the network portion and the host portion of an IP address. For a /24 network the mask is 255.255.255.0, meaning the first three octets identify the network and the last octet identifies the host.

Devices use the mask to determine whether a destination IP is on the same local network (no routing needed) or requires forwarding to a gateway.

Example: In the 192.168.1.0/24 network, hosts 192.168.1.10 and 192.168.1.20 are on the same subnet and can communicate directly. Host 192.168.1.10 sending to 192.168.2.5 sees that the network portion differs, so it forwards the packet to its gateway.