this post was submitted on 08 Jul 2023
218 points (99.5% liked)

196

16738 readers
3236 users here now

Be sure to follow the rule before you head out.

Rule: You must post before you leave.

^other^ ^rules^

founded 2 years ago
MODERATORS
 
all 15 comments
sorted by: hot top controversial new old
[–] [email protected] 17 points 1 year ago

Why did I read all of this in TF2 Soldier's voice

[–] [email protected] 14 points 1 year ago

tech shitposting

yesss

[–] Krobz 10 points 1 year ago

aah thank you I love this meme format so fucking much

[–] Adori 6 points 1 year ago (2 children)
[–] [email protected] 11 points 1 year ago (1 children)

Which part?

Are you confused about VLANs or the meme format?

VLANs are just a way to separate machines on a network, without having to buy all the hardware infrastructure to build a second network. It's a super useful tool to have, but it makes everything a little more complicated.

The post itself is just a take on the "STOP DOING MATH" meme

[–] Adori 2 points 1 year ago

never knew bout vlans, thats sounds hella useful, but double edged sword type beat.

[–] maengooen 10 points 1 year ago (1 children)

A virtual local area network, or vlan, is a logically defined subset of a computer network that are used to control, from an administrator/system level, which computers are 'connected' to others. There can be an unbroken, physical connection between two devices, but they won't be able to communicate because network hardware is stepping in and segregating the network.

This is good because it can increase security- rather than having your sensitive information on your company network with a password, which can be cracked or stolen, being the only thing controlling access to it, with a vlan you can limit access to even attempt to use a password to only the parts of your network that actually require it. It also controls traffic and congestion on the network, because some data is 'broadcast', effectively addressed "to whom it may concern,". A vlan places a wall around parts of the network that keeps these broadcasts inside, i.e. splits broadcast domains. Ordinarily, this would require different hardware and physical design, which can increase cost and complexity.

But on the other hand, the physical network structure encouraged by this design is very flat, with all devices physically connected to each other. It is only inside configuration on the network hardware that things are broken up and divided, which means if whoever set it up didn't document it, you are required to not only figure out where all the cables go, but also how the network systems are controlling the data. It's also another "thing" that can break. If there were physical segmentation, you could follow a cable and see where its gone wrong, and if something were plugged into the wrong port, it would be plugged into the wrong device entirely, and you would just move the connection to the correct device. With a vlan, you'll have a switch with dozens of ports, each having its own independent configuration defined on a table, which means it can be plugged into the correct device, but the wrong individual port out of dozens. The configuration could also become corrupt, or be broken by an accidental change or hardware failure, and you would now need to rebuild the table, going through each individual port and configuring which vlan was supposed to be on it.

[–] maengooen 8 points 1 year ago

aka i don't either and i need help at my new job 🥲

[–] [email protected] 6 points 1 year ago

This is why I always hard connect each of virtual machines to a separate port.

[–] lp0101 5 points 1 year ago
[–] [email protected] 5 points 1 year ago (1 children)

@[email protected] @[email protected] honestly, using VLAN is just out of my budget for my home network. Especially since I don't really have a managed switch to put it all with

[–] [email protected] 5 points 1 year ago

Managed switches aren't too much more than their unmanaged counterparts. More importantly, you'd need a firewall that supports it. Doesn't do you any good to have vlans if you don't have a firewall to enforce traffic between those zones. Getting a firewall is the expensive bit, unless you use an old computer and toss pfsense/opnsense on it, or you buy a baby soho firewall (~$150-$200)

[–] [email protected] 4 points 1 year ago

Subnets are not security