VLAN Interview Questions & Answers

👤 TechClick 📅 Feb 15, 2026 ⏱️ 10 min read 🏷️ Networking & Switching

Understanding VLANs is crucial for any network engineer. Whether you are prepping for a CCNA exam or a job interview, these core questions cover the fundamentals of Virtual LANs, tagging, and switching.

💡 Key Concept

A VLAN logically separates a physical network. It reduces broadcast domains, improves security, and organizes users by department rather than physical location.

1. What is VLAN and how does it function?
A VLAN (Virtual Local Area Network) is a way to segment a physical network into logical subgroups. This allows for greater network organization and security, as well as the ability to segment network traffic regardless of physical location.
2. What is the difference between a VLAN and a subnet?
A VLAN segments a physical network (Layer 2) into logical subgroups, while a subnet segments a larger IP address space (Layer 3) into smaller subgroups. They often map 1:1, but they operate at different layers of the OSI model.
3. How does VLAN tagging work?
VLAN tagging is a method of identifying packets as belonging to a specific VLAN. This is done by adding a VLAN tag (or header) to the Ethernet frame. The tag includes information such as the VLAN ID (12 bits) and priority. This allows traffic from different VLANs (e.g., voice and data) to travel over the same physical link (trunk) while remaining separate.
4. How do you configure a VLAN on a switch?
The process varies by vendor, but the general steps are:
  1. Log into the switch and enter configuration mode.
  2. Create a VLAN by assigning it a unique ID (e.g., VLAN 10) and a name.
  3. Assign switch ports to the VLAN (Access Mode).
  4. Configure uplink ports as Trunk ports to carry multiple VLANs.
  5. Save the configuration changes.
5. Why do we create VLANs?
  • Broadcast Control: Reduces the size of broadcast domains, improving network performance.
  • Security: Sensitive data can be isolated on its own VLAN (e.g., HR dept).
  • Flexibility: Users can be grouped by department rather than physical switch location.
  • Cost: Reduces the need for expensive physical routers and cabling changes.
6. How to delete a VLAN?
To delete a VLAN you typically use the no vlan [ID] command. Note that VLAN information is often stored in a separate file called vlan.dat in Flash memory, not just in the running-config. To completely wipe VLANs, you may need to delete this file.
7. Key difference between Trunk and Access Port?
  • Access Port: Belongs to and carries traffic for a single VLAN. Connected to end devices like PCs/Printers.
  • Trunk Port: Carries traffic for multiple VLANs simultaneously using tagging (802.1Q). Connected to other switches or routers.
8. What is Inter-VLAN Routing?
By default, hosts in different VLANs cannot communicate. Inter-VLAN routing is the process of using a Layer 3 device (Router or Layer 3 Switch) to route traffic between these isolated VLANs.
9. Difference between ISL and IEEE 802.1Q?
  • ISL (Inter-Switch Link): Cisco proprietary. Encapsulates the entire original frame with a 26-byte header and 4-byte trailer. (Largely obsolete).
  • 802.1Q (Dot1Q): Industry Standard. Inserts a small 4-byte tag into the existing Ethernet header. Preferred and widely used.
10. What are the VLAN Ranges?
  • VLAN Range: 0 - 4096
  • Default VLAN: 1 (Cannot be deleted or renamed)
  • Normal Range: 2 - 1001 (Stored in vlan.dat)
  • Reserved (Token Ring): 1002 - 1005
  • Extended Range: 1006 - 4095 (Stored in running-config, available in VTP Transparent mode)