Using VLAN Segmentation and Separation to Improve an ITS Network

Today's ITS networks increasingly use video streams, connected controllers, and traffic monitoring software to improve the flow of vehicle traffic. However, the combination of these devices on a growing network bog down the ITS network and result in lost frames, network topology changes, and loss of connectivity to the very devices that are being managed—meet VLAN separation and segmentation.

A traditional network is very simple. There is one network address (192.168.1.0/24 as an example) and all the devices communicate on it as shown in Figure 1.

Figure 1: ITS Network without VLANs

As the number of devices grow, there is a significant increase in the background traffic managing the communications. Each of the devices sends out a regular broadcast signal, stating its presence on the network. The switches all communicate with each other as well. Once the number of devices grows above 100, the amount of broadcast traffic becomes significant enough to impact the network.

To reduce this background traffic and to allow for additional growth of the network, these devices need to be separated from each other, so the background communications don't overwhelm the network. VLANs (Virtual Local Area Networks) can separate this traffic. VLAN Separation provides a method to logically group each of the devices with each other isolating the broadcast traffic as shown in Figure 2.

Figure 2: ITS Network with VLAN Separation

In the figure above, there are now 5 separate networks – Controllers, Presence Detection, Presence Sensors, Cameras, and Management. Physically the network has not changed – it remains as shown in Figure 1. Logically, the network now consists of 5 switches however, each controlling a VLAN. Traffic is now isolated to each of the individual VLANs.

The Management VLAN is used to pass inter-switch traffic. This separation of network device types also provides a layer of security. The management VLAN is isolated from the devices, requiring its own credentials to access and configure.

This type of network design allows growth to proceed without generating more broadcast traffic than the network can handle. Beyond this phase of growth, which is good for up to 250 intersections, the VLANs can be separated into quadrants as shown in Figure 3.

Figure 3: ITS Network with VLAN Separation into Quadrants

Beyond 500 intersections the network should become Segmented, physically isolating each of the quadrants into their own sub-quadrants. At this point a group of layer 3 switches with routing capabilities becomes necessary.