What Is a VLAN and How Do Routers, Switches, and Gateways Work?

1. What Is a VLAN

VLAN stands for Virtual Local Area Network. A LAN can be a small home network or a large enterprise network. A VLAN specifically refers to a LAN that is divided by a router, creating separate broadcast domains.

Imagine a high school with 800 freshmen. If all students were placed in a single class, management would be chaotic. By dividing them into ten classes of 80 students each, each class receives a unique identifier, similar to how a VLAN isolates traffic.

When computer A wants to communicate with computer B, it sends an ARP request that is broadcast to all devices on the same network, consuming bandwidth and CPU resources. VLANs limit broadcasts to their own segment, reducing unnecessary traffic.

2. Single‑Arm Routing and Layer‑3 Switches

What Is Single‑Arm Routing?

Single‑arm routing is implemented by connecting a regular Layer‑2 switch to a router, allowing different VLANs to communicate through the router.

What Is a Layer‑3 Switch?

For small networks, single‑arm routing may suffice, but as VLAN traffic grows, the router can become a bottleneck, causing packet loss or congestion. A Layer‑3 switch integrates routing functionality into a switch, using ASIC hardware to process routes at high speed and providing large internal bandwidth.

Inside a Layer‑3 switch, separate switching and routing modules share a high‑speed internal bus, enabling fast inter‑VLAN routing without the limitations of a traditional router.

3. What Is a Gateway

1. Definition of a Gateway

A gateway (also called a protocol converter) operates at the transport layer to interconnect networks that use different high‑level protocols.

2. Understanding a Gateway

Just as a door connects two rooms, a gateway connects two networks, acting as the “gateway” for traffic moving between them.

3. Gateway IP Address

The gateway is an IP address within a subnet that serves as the exit point for traffic destined for other networks, typically the first or last usable address in the subnet.

Example Network A: IP range 192.168.1.1‑192.168.1.254, subnet mask 255.255.255.0. Its gateway could be 192.168.1.1. Network B: IP range 192.168.2.1‑192.168.2.254, subnet mask 255.255.255.0. Its gateway could be 192.168.2.1.

4. How Does a Gateway Enable Communication?

Without a router, devices in different networks cannot communicate via TCP/IP, even if they share the same switch. When a host determines that a destination is outside its local subnet, it forwards the packet to its configured gateway, which then routes it toward the destination network.

5. What Is a Default Gateway?

A default gateway is the router a host uses when it cannot find a more specific route; it is the fallback path for outbound traffic.

4. What Is DNS

DNS (Domain Name System) translates human‑readable domain names into IP addresses.

When you type www.baidu.com, your computer queries a DNS server to obtain the corresponding IP address (e.g., 61.135.169.105) so it can establish a connection.

5. MAC Addresses

IP and MAC

IP addresses identify a device on a network and can change, while the MAC address is a fixed physical identifier assigned by the hardware manufacturer.

MAC addresses are unique to each network interface and are used for low‑level network communication.

6. Subnet Masks

A subnet mask separates the network portion and host portion of an IP address, similar to how a surname separates families.

For example, the subnet 192.168.1.0/24 (mask 255.255.255.0) groups addresses 192.168.1.1‑192.168.1.254 together, while a larger subnet 192.168.0.0/16 (mask 255.255.0.0) groups a broader range.