10/18/2020
The interconnection of the VLAN is shown in the following figure
Example
 
In the above diagram two VLANs created, namely, VLANs 2 which is for sales and VLAN 3 which is for HR. even though the devices and computers are in the same switch segment, they are virtually separated. Users from vlan2 can access or communicate to other users within the same VLAN. But they cannot have access to the user in VLAN 3. Here, one single broadcast is separated into smaller broadcasts.

VLAN Membership

VLAN membership is a tag which is identified the ports that belong to the respective VLANs. The total number of VLAN IDs range from 1 to 1005. By default, all the ports are present in VLAN 1. VLAN is ‘native’. For management purposes, the IP address can be configured in the VLAN 1 interface. We can create VLAN from 2nd ID to 1001 ID. However, 1002 to 1005 are reserved.
There are two types of VLAN membership, namely
  •   Static VLAN
  •   Dynamic VLAN

Static VLANs

Static VLANs are the usual method of creating VLANs. They are the most secure. The administrator assigns some switch ports to a particular VLAN statically which is also known as port-based VLAN membership. Computers and devices connected to that specific port would be considered a member of that VLAN.
Switches maintain a VLAN mapping table for the frame forwarding purpose based on VLAN configured.
Example:
 
Static VLAN Mapping
 
Port Number
 VLAN No./Name
Ethernet 0
Vlan1
Ethernet 1
Vlan2
Ethernet 2
Vlan3
Tips
 Multiple VLANs can be assigned to a different port in a single switch.
When a user moves from one place to another (change port). The administrator must reassign the VLAN membership for the new interface. If there are a lot of moves, then it can be administrative pain. To overcome this, dynamic VLANs membership is used.

Dynamic VLANs

By using VLANs, the switch automatically assigns the port to the VLAN using information like the MAC address from the user devices. The network administrator must configure the VLAN database
To establish a VLAN membership, the switch sends queries to the VLAN membership policy server (VMPS). This happens when a device is connected to the switch port.
When a host connects to a switch port which is configured to do dynamic memberships the switch check the MAC address of the host. It then retrieves information from the VMPS about the location of the MAC address in a specific VLAN. The switch then modifies the VLAN membership of that port dynamically.
When we move a device from one switch port in a switch to another switch, dynamically VLANs will automatically configure the membership of the VLAN. Hence, this membership always remains the same for the user even if there is a cache in the location
The switch maintains a VLAN mapping table for the frame forwarding purpose based on VLAN configured.
Host MAC Address
VLAN No./Name
01-aa-ca-03-e1
VLAN1
A1-ae-a0-03-de
VLAN1
E1-ba-da-03-32
VLAN2
F1-e1-01-03-32
VLAN2
ee-c9-21-03-c2
VLAN3
A1-98-6e-03-2e
VLAN3
Note
 Though it seems simple, it is difficult to crate the VMPS database. It is also difficult to maintain it, if your network is very large
Tips:
 Static VLAN is a very simple and easy method to assign a VLAN, while the dynamic VLAN:
Assume that a company has two floors. The floors are connected with each other via layer-2 switches. For redundancy purpose, each switch is connected is connected to with two links. The company has two departments HR and Sales. In each floor, we have two PCs for each department
Configurations used in this topology are as following
 
Device
IP Address
Subnet Mask
Gateway
VLAN
Connected With
PC0
192.168.10.2
255.255.255.0
192.168.10.1
VLAN2
Floor 1 switch on F0/1
PC1
192.168.10.3
255.255.255.0
192.168.10.1
VLAN3
Floor 1 switch on F0/2
PC2
192.168.10.4
255.255.255.0
192.168.10.1
VLAN3
Floor 1 switch on F0/3
PC3
192.168.10.5
255.255.255.0
192.168.10.1
VLAN2
Floor 1 switch on F0/1
PC4
192.168.10.6
255.255.255.0
192.168.10.1
VLAN3
Floor 1 switch on F0/2
PC5
192.168.10.7
255.255.255.0
192.168.10.1
VLAN3
Floor 1 switch on F0/3