IBM Cloud Docs
Getting started with VLANs

Getting started with VLANs

Virtual Local Area Networks (VLANs) are used by IBM Cloud® to isolate broadcast traffic on the public and private networks.

VLANs are assigned as needed to fulfill other offerings. For instance, if you place a compute order for a data center in which you don't yet have a presence, you automatically receive a VLAN. Additional compute orders for the same data center, which do not specify network requirements, usually are placed in the previously assigned VLAN. All VLANs that are assigned automatically are also removed automatically when you no longer have resources that require them.

VLANs are specific to the routers used in IBM Cloud data centers, and a data center contains multiple routers for both the public and private networks. Thus, it is possible that multiple VLANs can be assigned within a single data center. It also is possible to order additional VLANs to construct more complex network topologies; typically in conjunction with a Virtual Router Appliance.

We refer to purchased VLANs as Premium VLANs and VLANs automatically managed by IBM Cloud as Automatic VLANs. Learn more about how VLANs operate in About VLANs.

Managing VLANs

Follow these steps to review the VLANs on your account.

  1. From your browser, open the IBM Cloud console and log in to your account.
  2. From the console, click the Navigation Menu icon Navigation Menu icon and select Classic Infrastructure.
  3. Select Network > IP Management > VLANs.

The VLANs listing displays information about your VLANs, and it provides access to each VLAN, along with associated devices or subnets.

Understanding pod versus data center selection

The options for where to order a VLAN provide for different needs and constraints. This section summarizes reasons why you might select one option over another.

The Order by Pod option allows you to specify the exact pod (and thus router) where you require a VLAN. Use this option if you have a specific reason for the VLAN to exist in that pod. Reasons for this include using the VLAN with an existing Gateway Appliance or multi-VLAN Firewall. Typically, if you are ordering additional VLANs as part of a larger deployment scheme, you know what pod you want the VLANs in. If so, choose this option.

Use the Order by data center option when the location of the VLAN is less important. This option is best when you want to seed a location for which you will cluster other resources. If your deployments follow a network first strategy (as opposed to ordering servers first), using this option to establish your presence in a new data center provides the best experience. Your requested VLANs are fulfilled by any pod in the selected data center; set no expectations about which pod will be selected when choosing this option.

It's best to use the least specific location option available that fits your current need.

Complex orders

The portal ordering experience only provides for ordering a single VLAN configuration per order. A configuration consists of the desired network, location option, and quantity. While it is possible to order multiple VLAN configurations in a single order via the API, each configuration quantity is restricted to 1. This means that each VLAN configuration provided is fulfilled independently. Thus, if each configuration utilizes the data center location option, each VLAN can be assigned to different pods within that data center.

A note about capacity

An attempt to order a VLAN may be prevented due to capacity restrictions in the location selected. If encountered, it affects all users trying to order VLANs in that location; no recourse is available. If possible, we encourage you to establish a presence in another data center, and consider taking advantage of VLAN spanning. If your location needs are flexible, it's best to use the least specific location option when ordering VLANs, because this allows for greater flexibility in allocating your VLANs. Additionally, VLAN capacity in a previously attempted location can become available at a later time.

Canceling premium VLANs

When you are ready to remove a premium VLAN, locate the VLAN in your account's VLAN listing and click Cancel VLAN from the VLAN's Actions menu Actions menu.

Premium VLANs cannot be cancelled if they are being used by other products. The following uses prevent cancellation:

  • Servers directly homed on the VLAN (as opposed to trunked).
  • Firewall products which serve the entire VLAN. This excludes non-dedicated hardware firewalls, for instance.

Additionally, some products and features do not prevent cancellation of a VLAN, but are affected by its removal. This includes being protected by a Virtual Router Appliance. The VLAN association is removed whether it is bypassed or not.