Download UNH-IOL_BFC_Knowledgebase_VLAN

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
page
39
page
40
page
41
page
42
page
43
page
44
Document related concepts

Internet protocol suite wikipedia , lookup

IEEE 1355 wikipedia , lookup

Point-to-Point Protocol over Ethernet wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

AppleTalk wikipedia , lookup

Wake-on-LAN wikipedia , lookup

Computer network wikipedia , lookup

Airborne Networking wikipedia , lookup

IEEE 802.11 wikipedia , lookup

Parallel port wikipedia , lookup

Nonblocking minimal spanning switch wikipedia , lookup

Network tap wikipedia , lookup

IEEE 802.1aq wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Zero-configuration networking wikipedia , lookup

UniPro protocol stack wikipedia , lookup

Spanning Tree Protocol wikipedia , lookup

Virtual LAN wikipedia , lookup

Transcript 
VLANs and GVRP
Curtis Simonson
Bridge Functions Consortium
InterOperability Lab
July, 2000
Presentation Overview



Standards Involved
Bridging Background
802.1Q/1D:
– the problem
– the solution
» GVRP
» Tagging Frames

Testing It
The ISO OSI Model
Standards Involved




IEEE Standard
The Bridge
Standards
(802.1)
Most widely
used with the
802.3 MAC
(who doesn’t
use Ethernet?)
Bridging is
MAC
independent
Quick Review - Shared Medium
 All
machines “share”
the network
 Only one machine can
talk at any one time
 Distance limitations
 Total throughput limit
 Collision likelihood
increased
Shared Medium (Repeated Network)
 All
machines “share”
the network
 Only one machine can
talk at any one time
 Distance limitations
Repeaters
5m
100m
– At most 205m.
 Total
throughput limit
 Collision likelihood
increased
End Stations
Bridging Review
 Connects
Separate
shared Networks
 Frame Translation/
Encapsulation (Token
Ring to Ethernet)
 Reduces Unicast
Traffic
 Switches: Allow for
multiple conversations
Bridging Background
Bridges work at
layer 2 of the OSI
Model
 Their primary
function is to
relay frames

Filtering Database Review
 One
database contains
MAC addresses,
which port they’re on,
and if they’re active
or disabled
 Duplicate MAC
addresses not allowed
(the second one would replace the
first)
Entry
1
2
3
4
5
6
7
8
9
10
11
12
MAC Addr
0800900A2580
002034987AB1
00000C987C00
00503222A001
Port
1
1
2
2
active
yes
yes
yes
yes
802.1Q - Standard for VLANs
 Defines
a method of
establishing VLANs
 Establishes the Tagged
Frame
 Provides a way to
maintain priority
information across
LANs
Reasons For Standardizing VLANs
 Old
implementations could only be defined in
one switch
 To connect a VLAN to another network, each
VLAN needed a router port
 The only multi-switch VLANs were proprietary:
–
–
–
–
Cisco: ISL
Bay: Lattisspan
3Com: VLT
Cabletron: SecureFast
Standards Based VLANs
 Includes
definition for a new GARP
application called GVRP (GARP VLAN
Registration Protocol)
– Propagate VLAN registration across the net
 Associate
incoming frames with a VLAN ID
 De-associate outgoing frames if necessary
 Transmit associated frames between VLAN
802.1Q compliant switches
What are VLANs - Virtual Local Area Networks?
 Divides
switch into two or
more “virtual” switches
with separate broadcast
domains
 Achieved by manual
configuration through the
switches’ management
interface
 Only that switch will be
segmented
Multiple VLANs in One Switch

Multiple VLANs can be defined on the same switch
Why VLANs?
 Lots
of broadcast traffic wastes bandwidth
– VLANs create separate broadcast domains
» Microsoft Networking
» Novell Networking
» NetBEUI
» IP RIP
» Multicast (sometimes acts like broadcast)
 VLANs
can span multiple switches and
therefore create separate broadcast domains
that span multiple switches
More Reasons...
 Link
Multiplexing
– slower speed
technologies share the
high-bandwidth uplink
– multiple IP subnets on
one physical link with
layer 3 switching (such
as to connect Morse,
Leavitt and Ocean if
we were switched
instead of routed)
And One More Reason...
 Security
– Traffic is only seen by who it is intended for
» example: Two separate VLANs, one for accounting
and one for sales. Sensitive accounting data
transmitted over the network will only be seen by
devices in the accounting VLAN.
Basic VLAN Concepts






Port-based VLANs
– Each port on a switch is in one and only one VLAN (except trunk
links)
Tagged Frames
– VLAN ID and Priority info is inserted (4 bytes)
Trunk Links
– Allow for multiple VLANs to cross one link
Access Links
– The edge of the network, where legacy devices attach
Hybrid Links
– Combo of Trunk and Access Links
VID
– VLAN Indentifier
Tagged Frames
4
Bytes inserted
after Destination
and Source
Address
 Tagged Protocol
Identifier (TPID)
= 2 Bytes (x8100)
– length/type field
 Tagged
Control
Information
(TCI) = 2 Bytes
– contains VID
Trunk Link

Attaches two VLAN switches - carries
Tagged frames ONLY.
Access Links
 Access
Links are Untagged for VLAN
unaware devices - the VLAN switch adds
Tags to received frames, and removes Tags
when transmitting frames.
Hybrid Links
 Hybrid
Links - ALL VLAN-unaware devices
are in the same VLAN
So Far So Good...
 So
one might ask: “how does the Filtering
Database handle VLANs?”
 Two answers:
– multiple (distinct) tables: one for each VLAN
– one table, with a VLAN column
 They
sound similar, but it turns out they are
VERY different
Multiple Tables
MFD (multiple
Filtering Databases) or
it might also be called
Independent Learning
 Each VLAN learns
MAC addresses
independently, so
duplicate MAC
addresses are OK as
long as they are in
different VLANs.
Each Table is
for One VLAN
 Called
Entry
MAC Addr
Port active
Entry
MAC Addr
Port active
1 0800900A2580
Entry
MAC Addr 1 Port yes
active
1 0800900A2580
1 Port yes
Entry
MAC
Addr
active
2 002034987AB1
1 0800900A2580 1 1 yes yes
2 002034987AB1
1 0800900A2580 1 1 yes yes
3 0500A1987C00
2 002034987AB1 2 1 yes yes
3 0500A1987C00
2 002034987AB1 2 1 yes yes
4 00503222A001
3 0500A1987C002 2 yes yes
4 00503222A001
0500A1987C002 2 yes yes
5 4 300503222A001
2
yes
5 4 00503222A001
2
yes
6 5
6
7 65
7
8 76
8
9 87
9
10 9 8
10
11 10 9
11
12 1110
12 11
12
12
One (Big) Table
 Called
SFD (Single
Filtering Database) or
Shared Learning
 No duplicate MAC
addresses
 Asymmetric VLAN
possible
Entry
1
2
3
4
5
6
7
8
9
10
11
12
MAC Addr
0800900A2580
002034987AB1
0500A1987C00
00503222A001
080034090478
049874987AB1
0555A1945600
00503222A023
Port
1
1
2
2
3
5
5
5
active VLAN
yes
2
yes
2
yes
2
yes
2
yes
1
yes
1
yes
3
yes
2
Independent Learning I
 Legacy
router
learns MAC
addresses from
both VLANs
 Requires 2 physical
links
Independent Learning II

VLAN-aware router only needs one physical link
Problems
 Can’t
combine SFD and MFD switches in
one network
 Some switches only do one or the other, and
can’t be changed
 Hybrids of SFD and MFD makes this tricky
Future Additions
 Layer
3 based VLANs
– IP traffic on a different VLAN than IPX
 Multiple
Spanning Trees (one per VLAN)
– allows for using the disabled links
 ATM
to IEEE VLAN mapping
– Emulated LANs
GARP (yeah, I know, “the world according to”… that’s a new one!)
 Generic Attribute
 Standard
Registration Protocol
Defines:
– method to declare attributes to other GARP
participants
– frame type to convey GARP messages:
Protocol Data Unit (PDU)
– rules and timers for registering/de-registering
attributes
GARP - how?
 A device
wants
to declare a
certain attribute
 It sends a
declaration
 The bridge
receives it and
propagates it
throughout the
network.
GARP - two devices
 A second
device wants to
declare a
certain
attribute
 Now a “path”
has been
formed.
GMRP
 GARP Multicast
Registration Protocol
 Defines a GARP Application (instance of
the generic framework)
 Allows devices to declare membership in a
multicast group
GMRP - multiple devices
 Devices
declare
membership in a
multicast group
 All multicast
frames for that
group propagate
only to the proper
devices.
GMRP - Pros & Cons
 Pros:
– provides multicasting
that isn’t broadcasting
– works “through”
legacy bridges
– allows asymmetric
pruning
 Cons:
– end stations must
support 802.1p
– no interface between
IGMP and GMRP (yet)
GVRP - GARP VLAN Registration Protocol
 Disadvantages
to Static VLANs
– Static VLANs are created via management
– Must be maintained by a network admin
– Static VLANs must be reconfigured for every
network topology change
GVRP Simplifies All This!
 GVRP creates
dynamic VLANs
– No manual configuration needed
– GVRP is maintained by the devices themselves
– Topology change? No problem, GVRP
recreates the dynamic VLAN automatically
What can GVRP do for you?
 Allows
the creation of VLANs with a specific
VID and a specific port, based on updates from
GVRP-enabled devices.
 Advertises manually configured VLANs to other
GVRP-enabled device. As a result of this the
GVRP-enable devices in the core of the network
need no manual configuration in order to interoperate.
GVRP Info
 GVRP is
a GARP application that registers
attributes for dynamic VLANs
 GVRP deals only with the management of
dynamic VLANs
 Everything that you have learned about
static VLAN packet format and
transmission applies
VLAN Data Frame Format Review
 GVRP handles
data in the same way as Static
VLANs do.
– Header, inserted after the destination and source
addresses, that contains Protocol Identifier and VID
How GVRP does all this:
 The
method of advertisement used by
GVRP-enabled devices consists of sending
Protocol Data Units (PDUs), similar to
Spanning Tree BPDUs, to a known
multicast MAC address (01 80 C2 00 00 21)
to which all GVRP-enabled devices listen to
for updates. GVRP advertisement follows
the definition of GARP.
What do these PDUs contain?
 A single
PDU may contain several different
messages telling the GVRP-enabled device
to perform a specific action.
– Join: register the port for the specified VLAN
– Leave: de-register the port for the specified
VLAN
» LeaveAll: de-register all VLAN registrations on
that port
– Empty: request to re-advertise dynamically
and statically configured VLANs
Windows screenshot —>
Vendors (current):
Cisco Systems, 3Com
and Hewlett Packard
Several others are
developing working
implementations also.
 Industry
Implementation Example
– 3Com manufactures Network Interface Cards that take
advantage of GVRP
– Accessed via the Control Panel (DynamicAccess )
– Extremely easy to configure
®
Example: GARP/GVRP
S
E
E
RED
S
S
E
E
GREEN
Related documents
Review Questions of Switching Networks
Review Questions of Switching Networks
document 8758227
document 8758227
ppt
ppt
Class Power Points for Chapter #9
Class Power Points for Chapter #9
VLANS Presentation
VLANS Presentation
Release notes_1.3
Release notes_1.3
What are the Advantages and Disadvantages of a Policy
What are the Advantages and Disadvantages of a Policy
Ethernet Link SMS-800
Ethernet Link SMS-800
Network Devices - Eastern Oregon University
Network Devices - Eastern Oregon University
Designing Converged Networks
Designing Converged Networks
Module 9 VLAN Trunking Protocol
Module 9 VLAN Trunking Protocol
Basic Configuration of WAP4410N
Basic Configuration of WAP4410N