VLAN

Virtual Local Area Network

Other
Introduced in Rel-6
A network technology that logically segments a physical LAN into multiple broadcast domains, isolating traffic for security, management, and performance. In 3GPP, VLANs are used extensively in transport networks (e.g., fronthaul, backhaul) and within data centers to separate traffic from different network slices, operators, or service types.

Description

A Virtual Local Area Network (VLAN) is a fundamental Layer 2 networking construct that creates independent logical networks within a shared physical network infrastructure. It operates by inserting a VLAN tag (defined by IEEE 802.1Q) into the Ethernet frame header. This 4-byte tag contains a 12-bit VLAN Identifier (VID), which ranges from 1 to 4094, allowing the segmentation of a single physical switch or network into thousands of distinct broadcast domains. Frames belonging to a specific VLAN are only forwarded to ports configured as members of that VLAN, effectively isolating broadcast, multicast, and unknown unicast traffic. This logical separation is enforced by network switches, which maintain forwarding tables per VLAN.

In 3GPP system architectures, VLANs play a crucial role in transport network segmentation. They are used to separate traffic from different logical entities over a common physical infrastructure. For example, in the Radio Access Network (RAN), VLANs can isolate fronthaul traffic (e.g., CPRI/eCPRI streams between a Distributed Unit (DU) and a Radio Unit (RU)) from backhaul traffic (between the DU/CU and the core network). They also separate control plane, user plane, and synchronization plane traffic, ensuring quality of service and security. Within the 5G Core network, deployed as virtualized network functions (VNFs) in data centers, VLANs are used to create isolated networks for management, northbound, southbound, and east-west traffic, aligning with cloud-native principles.

The implementation involves VLAN-aware switches and routers at network demarcation points. In a typical mobile network, a cell site router may use VLANs to separate traffic from multiple sectors or different radio access technologies before aggregating it onto a shared backhaul link. In network slicing, VLANs (often combined with other technologies like MPLS or SRv6) provide the underlying Layer 2 isolation for different network slice instances, ensuring one slice's traffic does not interfere with another's. Configuration and management of VLANs are critical for network operations, often automated through SDN (Software-Defined Networking) controllers as part of the wider transport network management defined in 3GPP specifications.

Purpose & Motivation

VLAN technology was created to address the limitations of traditional flat Layer 2 networks, which suffered from large broadcast domains, security vulnerabilities, and inflexible physical topology constraints. Before VLANs, network segmentation required separate physical switches and cabling for each department or service, leading to high costs and poor resource utilization. VLANs introduced logical segmentation, allowing a single switch to serve multiple groups as if they were on separate physical networks, thereby solving scalability and management problems in enterprise and carrier networks.

3GPP's adoption and specification of VLAN usage were driven by the evolution toward all-IP transport and cloud-native networks. As mobile networks moved from dedicated TDM/ATM links to shared Ethernet/IP transport for cost efficiency, a mechanism was needed to maintain strict traffic separation for different services (e.g., voice, data, signaling) and different tenants (e.g., mobile virtual network operators). VLANs provided a standardized, widely supported method to achieve this isolation on packet-switched networks. With the advent of 5G and network slicing, the need for strong traffic isolation became paramount. VLANs, as a proven and reliable technology, form a foundational layer for creating the isolated connectivity subnets required by end-to-end network slices, enabling the concurrent operation of diverse services with varied performance and security requirements on a common physical infrastructure.

Key Features

  • Logical segmentation of a physical LAN using IEEE 802.1Q tags
  • Isolates broadcast domains for improved security and performance
  • Supports up to 4094 VLAN IDs (VIDs) per network domain
  • Enables flexible, topology-independent group design
  • Critical for traffic separation in RAN transport (fronthaul/backhaul) and data centers
  • Foundational technology for implementing transport layer isolation in network slicing

Evolution Across Releases

Rel-6 Initial

VLAN technology was first referenced in 3GPP specifications as part of the move towards all-IP transport networks. Initial applications focused on using VLANs for basic traffic separation in the IP-based backhaul of UTRAN and GERAN, helping to isolate user plane, control plane, and management traffic over shared Ethernet infrastructure.

TS 21.905TS 22.804TS 22.821TS 23.234TS 23.501TS 23.734TS 28.314TS 28.833TS 29.514TS 29.890TS 32.501TS 32.833

Defining Specifications

SpecificationTitle
TS 21.905 3GPP TS 21.905
TS 22.804 3GPP TS 22.804
TS 22.821 3GPP TS 22.821
TS 23.234 3GPP TS 23.234
TS 23.501 3GPP TS 23.501
TS 23.734 3GPP TS 23.734
TS 28.314 3GPP TS 28.314
TS 28.833 3GPP TS 28.833
TS 29.514 3GPP TS 29.514
TS 29.890 3GPP TS 29.890
TS 32.501 3GPP TR 32.501
TS 32.833 3GPP TR 32.833