Virtual LAN

A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a computer network at the data link layer (OSI layer 2).LAN is an abbreviation for local area network.

To subdivide a network into virtual LANs, one configures network equipment. Simpler equipment can partition only per physical port (if at all), in which case each VLAN is connected with a dedicated network cable. More sophisticated devices can mark frames through VLAN tagging, so that a single interconnect (trunk) may be used to transport data for multiple VLANs. Since VLANs share bandwidth, a VLAN trunk can use link aggregation, quality-of-service prioritization, or both to route data efficiently.

VLANs allow network administrators to group hosts together even if the hosts are not on the same network switch. This can greatly simplify network design and deployment, because VLAN membership can be configured through software. Without VLANs, grouping hosts according to their resource needs necessitates the labor of relocating nodes or rewiring data links.

Network architects set up VLANs to provide the network segmentation services traditionally provided by routers only in LAN configurations. VLANs address issues such as scalability, security, and network management. Routers in VLAN topologies filter broadcast traffic, enhance network security, perform address summarization, and mitigate network congestion. Switches may not bridge network traffic between VLANs, as doing so would violate the integrity of the VLAN broadcast domain.

...
Wikipedia