VLAN Communication – How Can Hosts on Different VLANs Communicate?

Two separate VLANs must communicate through a layer-3 device, like a router.

Devices on a VLAN communicate with each other using layer-2. Layer-3 must be used to communicate between separate layer-2 domains.

Assuming the most common communications (layer-2 is ethernet and layer-3 is IP), when a host on a VLAN wants to communicate with another host on the same VLAN, it discovers the other hosts layer-2 (e.g. MAC) address with something like ARP, and it sends the frame to the MAC address.

When a host on one VLAN wants to send something to a host on another VLAN, it must use a layer-3 (e.g. IP) address. The host will use layer-2 to send the frames to its defined gateway (router). The router will strip off the layer-2 frame and inspect the layer-3 packet for the destination layer-3 address. The router will then look up the next hop for the layer-3 address. It will then create a new layer-2 frame for the layer-3 packet based on the layer-2 LAN on the interface where it needs to send the packet for the next hop. Other routers which may be in the path to the end LAN will repeat this process until the frame is placed on the final VLAN, where the receiving host gets the frame.

You should search for the OSI model and learn how it works. Just remember that it is a model, and some things in the real world don't necessarily work exactly like the model would predict, but it will give you a gross understanding of how data travel from an application on one host to an application on another host.