Go To
Feature Articles

Using VLAN Segmentation and Separation to Improve an ITS Network

Today's ITS networks increasingly use video streams, connected controllers, and traffic monitoring software to improve the flow of vehicle traffic. However, the combination of these devices on a growing network bog down the ITS network and result in lost frames, network topology changes, and loss of connectivity to the very devices that are being managed—meet VLAN separation and segmentation.

A traditional network is very simple. There is one network address (192.168.1.0/24 as an example) and all the devices communicate on it as shown in Figure 1.

Figure 1: ITS Network without VLANs

As the number of devices grow, there is a significant increase in the background traffic managing the communications. Each of the devices sends out a regular broadcast signal, stating its presence on the network. The switches all communicate with each other as well. Once the number of devices grows above 100, the amount of broadcast traffic becomes significant enough to impact the network.


Challenges with Traditional ITS Networks

Traditional Intelligent Transportation Systems (ITS) networks often use a single network where all devices share the same IP address space. However, when unmanaged switches are employed, this setup can lead to the following issues as the network grows:

  • Performance Problems:
    More devices on the network mean more broadcast traffic, which can slow down the network.

  • Security Concerns:
    Having different types of devices on the same network can create security risks.

  • Management Complications:
    Network expansion leads to increased complexity in network management, making it more challenging to maintain and optimize.


What is VLAN segmentation?

VLAN segmentation, executed through managed switches, divides a physical network into multiple logical networks. This technique enhances the performance, security, and manageability of ITS Networks by minimizing broadcast traffic, isolating diverse traffic and users, and simplifying troubleshooting and configuration across distinct network segments.


Benefits of VLAN Segmentation

Leveraging VLANs for network segmentation brings about substantial advantages in terms of network performance, security, and manageability.

  • Enhanced Performance:
    VLAN segmentation significantly reduces broadcast traffic, resulting in a marked improvement in overall network performance.

  • Heightened Security:
    By isolating diverse types of devices into separate VLANs, network security is notably enhanced, as unauthorized access is mitigated.

  • Streamlined Management:
    The independent management of each VLAN simplifies network administration, making it more efficient and easier to maintain.


Implementing VLAN Separation in ITS Networks

To reduce this background traffic and to allow for additional growth of the network, these devices need to be separated from each other, so the background communications don't overwhelm the network. VLANs (Virtual Local Area Networks) can separate this traffic. VLAN Separation provides a method to logically group each of the devices with each other isolating the broadcast traffic as shown in Figure 2.

Figure 2: ITS Network with VLAN Separation

In the figure above, there are now 5 separate networks – Controllers, Presence Detection, Presence Sensors, Cameras, and Management. Physically the network has not changed – it remains as shown in Figure 1. Logically, the network now consists of 5 switches however, each controlling a VLAN. Traffic is now isolated to each of the individual VLANs.

The Management VLAN is used to pass inter-switch traffic. This separation of network device types also provides a layer of security. The management VLAN is isolated from the devices, requiring its own credentials to access and configure.

This type of network design allows growth to proceed without generating more broadcast traffic than the network can handle. Beyond this phase of growth, which is good for up to 250 intersections, the VLANs can be separated into quadrants as shown in Figure 3.


Figure 3: ITS Network with VLAN Separation into Quadrants

Beyond 500 intersections the network should become Segmented, physically isolating each of the quadrants into their own sub-quadrants. At this point a group of layer 3 switches with routing capabilities becomes necessary.

history