Now we just talked about with switches that we don't get broadcast isolation, and the reason for that is broadcast isolation is kind of a layer three function, or at least it certainly has very strong elements of later. Three. Because to broadcast, there's a specific I P address that's used.
So, for instance, if you're on the 10 Network, the broadcast addresses
10 not 255255255 So it's It's a layer three function in switches. Natively
don't provide that functionality. Okay, so traditionally to get broadcast isolation what we've used a routers layer three devices that are able to understand that this domain to the left, maybe the 10 network in this domain to the right might be the $10.8 network or
the 1921680 network, whatever that may be.
So traditionally broadcast isolation has been done on Layer three devices, and that's what rounders do. So the two things routers do. They use I P addresses to direct traffic, and they use their able to isolate broadcast traffic.
But robbers are expensive,
and you know when we talk about routers being expensive, it's not even necessarily that when you look at the price tag on a router, it's that much different than the price tag on a switch. But when you go out and get a switch, you're gonna get 24 ports for 36 ports or 48 port. When you go out and buy a router is forest land ports go. You're gonna get one,
Okay, so on a port by port basis routers are very expensive. So what we'd like to be able to do is to get that broadcast isolation on a switch to save money.
Not all switches do this natively, but most switches today provide an operating system function of, ah, virtual land of the land. And what a villain does is it creates broadcast remains on a switch.
So the nice thing about that is they're very easy to configure. They're very easy to reconfigure that could be logically grouped, much more so than being physically group.
It's a very good environment, tohave so ultimately I'll create assuming the switch allows it. I'll create virtual lands and I'll assign port one D virtual land to the sales, the land or the finance feeling under the H R V Land.
And the nice thing is, is multiple villains could be on a switch.
Were a single villain conspire and multiple switches. So again, you get a lot of flexibility here, and it's much cheaper than doing this on a router. However, switch is still our layer two devices natively.
So if you create billions on a layer to switch, you have true isolation
between the finance villain in this case in the H R V land.
Okay, and what I mean by that is users and HR can't contact finance and finance can't contact a jar because in order to do so, we would need a device in the middle that understands that the finance domain is on the 10.0 network in the h ours on the 10.8 and a switch doesn't have that understand.
So what we need is a layer three device, and that's why if you've ah, you're familiar with layer three switches, we bring layer three switches in, not just so that we can have the lands, but so that we can have inner villain communication. Okay,
so the point I want to stress to you here certainly for testing purposes, but also just true and in the world
but switches a layer to device. What it does natively is it uses Mac addresses to direct traffic, and it isolates collision domains.
Routers layer three device isolates broadcast traffic and uses I P addresses.
V lands can be implemented on some switches to get broadcast isolation on a switch,
and then a layer three switch would be necessary to have the villains communicate. So I hope that makes sense. There really are some fine distinctions there, and I would certainly want you to know those for the purpose of the exam.