While discussion of technology improvements often revolves around newer, faster, and more powerful hardware, many of the changes that we’ve been implementing over the past year have been designed to improve efficiency and performance through updates and settings modifications as well. One of the big areas of focus for this fall and winter is on Virtual Local Area Networks (VLANs).
One can think of VLANs in this sense:
- A LAN is a network to which a number of devices are attached; all of those devices can communicate directly with each other
- A VLAN is a way of segmenting out a physical network so that devices can only communicate with certain other devices. In the example at right, the computers in VLAN 2 can only communicate with other computers in VLAN 2, regardless of where they’re physically located. They cannot communicate with the computers in VLAN 5.
The problem with large, unregulated networks is that you end up with a lot of extra traffic being generated, and increase the potential for one problem to bring the entire network down. For instance, if my computer is accessing the internet, there’s no need for that data to travel anywhere except to the district’s internet router and firewall. While I can’t (easily) eliminate all extraneous traffic in that example using VLANs, by setting up a VLAN for my computer that is shared only by similar computers, I can at least guarantee that the traffic will not be wasting bandwidth by traveling to computers in other VLANs. Further, let’s say that my computer gets a virus that tries to install itself on other computers on the network. While my computer would still be able to contact other computers in its VLAN, the fact that it couldn’t contact (generally) computers in other VLANs helps to contain the virus and reduce its impact on the network.
The diagram at left is an early plan for segmenting ADM’s traffic into separate VLANs, with those VLANs largely being broken up into building wings and wired/wireless devices, as well as separate VLANs for servers, phones, and network storage devices. In this example, a laptop at DeSoto might be in VLAN 8, while a lab computer in the south wing of the High School would be in VLAN 5. Each of those computers would be allowed to communicate with VLAN 1 (servers, printers, and internet), VLAN 2 (network switches), and their own VLAN, but none of the traffic that they generate could have any direct impact on VLAN 6 (Adel Elementary wired) or VLAN 99 (Middle School wireless), for instance.
Full development and implementation of our new network segments will be completed later this month during winter break, and hopefully an even more effective network will greet all of you as you return after the holidays.