Introduction to Computer Networks Virtual Bridged LANs...
Transcript of Introduction to Computer Networks Virtual Bridged LANs...
![Page 1: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/1.jpg)
Introduction to Computer Networks
Virtual Bridged LANs(IEEE 802.1Q)
All rights reserved. No part of this publication and file may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior written permission of Professor Nen-Fu Huang (E-mail: [email protected]).
![Page 2: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/2.jpg)
VLAN - 2
Outline
� Introduction
� Virtual LAN (VLAN) Architecture
� Port-based VLAN
� VLAN Tag
� Summary
![Page 3: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/3.jpg)
VLAN - 3
VLAN Aims and Benefits
� Without VLAN, the layer 2 switches/bridges will forward received broadcast and multicast frames to all ports.
� Bandwidth wasting issue
� Security issue
� Easy administration of logical group of stations. Also moves, adds, and changes in members of theses groups.
� Traffic between VLANs is firewalled. The propagation of multicast and broadcast traffic between VLANs is limited.
![Page 4: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/4.jpg)
VLAN - 4
VLANTopology
H
VLANA
VAB
VLANA VLANC
H H
H
HVLANB
VAB
VAB
HybridLink
VLANB
Access Link
VLANA
B
VLANC
802.1D BLAN
VLANC
H
H
H
H
H
B
H
H
Access Link
Access Link
Access Link H
H
Trunk Link
Spanning Tree
H
Group in VLANA
H
![Page 5: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/5.jpg)
VLAN - 5
VLAN Aims and Benefits
� Supported over shared and point-to-point media.
� Each VLAN is uniquely identified (VID).
� Maintain compatibility with existing bridges/ switches and stations.
� In the absence of VLAN configuration, switches/ bridges work in Plug-and-Play.
![Page 6: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/6.jpg)
VLAN - 6
Overview of Virtual LAN
� Virtual LAN Services in Bridged LANs.
� Forwarding Process required to support VBLANs.
� Filtering Database needed to support VBLANs.
� Protocols and Procedures required to provide VLAN services and distribute the VLAN membership information.
� Management services and Operations required to configure and administer VBLANs.
![Page 7: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/7.jpg)
VLAN - 7
Outline
� Introduction
� Virtual LAN (VLAN) Architecture
� Port-based VLAN
� VLAN Tag
� Summary
![Page 8: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/8.jpg)
VLAN - 8
VLAN Architecture
� Based on a 3-level model:
� Configuration
� Distribution/Resolution
� RelayMIBs
Declaration ProtocolsReq/Resp Protocols
Ingress Rules Forwarding RulesEgress Rules
![Page 9: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/9.jpg)
VLAN - 9
Configuration
� The VLAN configuration is specified in the first place.
� Assignment of VLAN configuration.
![Page 10: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/10.jpg)
VLAN - 10
Virtual LANs Technologies
� Port-based VLAN
� MAC-based VLAN
� IP-subnet based VLAN
� Layer-3 Protocol based VLAN
![Page 11: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/11.jpg)
VLAN - 11
Port-based Virtual LANs
VLAN 1
VLAN 3 VLAN 2
Bridge/Switch 2
1 12
1 12 1 12
Bridge/Switch 1
Bridge/Switch 3
![Page 12: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/12.jpg)
VLAN - 12
VLAN 1 VLAN 2 VLAN 3 VLAN 4
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
MAC-based Virtual LANs
Bridge/Switch 2
Bridge/Switch 1
Bridge/Switch 3
![Page 13: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/13.jpg)
VLAN - 13
1 2 3 4
5
6 7 8
9 10 11 12 13 14 15 16
MAC-based Virtual LANs -- MAC5 moves
VLAN 1 VLAN 2 VLAN 3 VLAN 4
Bridge/Switch 2
Bridge/Switch 1
Bridge/Switch 3
![Page 14: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/14.jpg)
VLAN - 14
VLAN 1 = IP subnet 140.114.76VLAN 2 = IP subnet 140.114.77VLAN 3 = IP subnet 140.114.78
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
140.114.76.xx
140.114.77.xx
140.114.78.xx
140.114.78.xx140.114.76.xx
140.114.77.xx
IP Subnet-based Virtual LANs
Bridge/Switch 2
Bridge/Switch 1
Bridge/Switch 3
![Page 15: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/15.jpg)
VLAN - 15
VLAN 1 (IPX) VLAN 2 (IP)
1 2 3 4 5 6 7 8
9 10 11 12 13 14 15 16
Layer-3 Protocol based Virtual LANs
Bridge/Switch 2
Bridge/Switch 1
Bridge/Switch 3
![Page 16: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/16.jpg)
VLAN - 16
Distribution
� Distribute VLAN membership information for Bridges to determine on which VLAN a given packet should be forwarded.
� Various possibilities exist for achieving this:
� Declaration Protocols for distributing VLAN associations.
�GARP (Generic Attributes Registration Protocol) is used to distribute membership information among Bridges.
� Request/Response protocols to request a specific VLAN association (SNMP).
![Page 17: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/17.jpg)
VLAN - 17
Relay
� The procedure to tag frames, modify tagged frames, and untag frames.
� VLAN frame format to carry VLAN IDs (VIDs).
� Ingress rules
� Mapping received frames to VLANs
� Forwarding rules
� Where received frames should be forwarded
� Egress rules
� Mapping frames for output ports and format (tagged or untagged):
![Page 18: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/18.jpg)
VLAN - 18
Relay
� The Port-based approach specifies ingress, forwarding and egress rules based on VLAN membership, which allow bridges to:
� Classify all received untagged frames as belonging to particular VLAN (PVID, Port VID).
� Recognize the VID associated with received tagged frames.
� Make use of this VID to forwarding/filtering.
� Transmit frames in tagged or untagged format, as defined for a given Port/VLAN pairing.
![Page 19: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/19.jpg)
VLAN - 19
Frame Tagging
� Implicit tagging
� A frame is classified to a particular VLAN based on the data content of the frame (MAC address, Layer 3 Protocol ID, etc) and/or the receiving Port.
� Explicit tagging
� A frame carries an explicit ID of the VLAN to which it belongs.
DA
SA
Tag(VLAN ID)
PT
N BytesC-Data
46 <= N <= 1496
FCS
![Page 20: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/20.jpg)
VLAN - 20
Ingress Rules/Egress Rules
� Each frame received is classified as belonging to exactly one VLAN by associating a VID with it.
� The classification is achieved as follows
� Explicit Tagging : the VID value it carries
� Implicit Tagging : the PVID associated with the port it is received.
� Frames shall be filtered if outgoing port is not present in the Member Set of the VLAN
![Page 21: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/21.jpg)
VLAN - 21
Outline
� Introduction
� Virtual LAN (VLAN) Architecture
� Port-based VLAN
� VLAN Tag
� Summary
![Page 22: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/22.jpg)
VLAN - 22
Port-Based VLAN Definitions
� VLAN aware devices understand VLAN membership and VLAN frame format.
� VLAN unaware devices.
� An Access Link is a LAN segment used to multiplex one or more VLAN unaware devices into a port of a VLAN Bridge.
� All frames on an access link are implicitly tagged.
� No VLAN tagged frames on an access link.
� Viewed as being on the edge of the network.
� Can be attached to other 802.1D-conforment Bridges (BLAN).
![Page 23: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/23.jpg)
VLAN - 23
Definitions
� A Trunk Link is a LAN segment used to multiplex
VLANs between VLAN Bridges.
� All devices connect to a Trunk Link must be VLAN aware.
� All frames (including end station frames) on a Trunk Link are explicitly tagged with a VLAN ID.
� A Hybrid Link is a LAN segment that has both VLAN aware and unaware devices.
� There can be a mix of Tagged Frames and Untagged Frames but they must be from different VLANs.
![Page 24: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/24.jpg)
VLAN - 24
VLANTopology
H
VLANA
VAB
VLANA VLANC
H H
H
HVLANB
VAB
VAB
HybridLink
VLANB
Access Link
VLANA
B
VLANC
802.1D BLAN
VLANC
H
H
H
H
H
B
H
H
Access Link
Access Link
Access Link H
H
Trunk Link
Spanning Tree
H
Group in VLANA
H
![Page 25: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/25.jpg)
VLAN - 25
Rules for Tagging Frames on a Hybrid link
� For each VLAN, all frames traversing a particular hybrid link must be tagged the same way:
� All implicitly tagged or
� All carrying the same explicit tag.
� There can be a mix of implicitly and explicit tagged frames but they must be for different VLANs.
� For the hybrid link in the example
�All frames for VLANs A and B are explicit tagged
� All frames for VLAN C are implicitly tagged.
![Page 26: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/26.jpg)
VLAN - 26
Spanning Tree and VLAN
� Eliminate loops in a bridged LAN.
� Provide the routing path for any pair of nodes.
� All VLANs are aligned along the spanning tree.
� A VLAN is defined by a subset of the spanning tree.
� Each VLAN may be overlaid on different segments or entirely separate from each other.
� The topology of each VLAN is dynamic.
![Page 27: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/27.jpg)
VLAN - 27
Bridge Operation for VLAN
� A Bridge filters frames to ensure that traffic destined for a given VLAN is forwarded only on segments (ports) that form a path to members of that VLAN.
� For each VLAN, the bridge needs to keep:
� Member set (Port IDs)
� Untagged set (Port IDs)
![Page 28: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/28.jpg)
VLAN - 28
Examples of Member set and Untagged set
VLAN 1
VLAN 3 VLAN 2
Switch 2
1 12
1 12 1 12
Switch 1
Switch 3
2 3 4 5 6 7 8 9 11
2 4 6 8 4 6 9 11
Member Set::::VLAN 1 - ports 2, 3, 4, 5VLAN 2 - ports 7, 11, 12VLAN 3 – ports 6, 7, 8, 9
Untag Set::::VLAN 1 - ports 2,3,4,5VLAN 2 - ports 11, 12 VLAN 3 – ports 8, 9
Member Set::::VLAN 1 - port 1VLAN 2 – ports 1 9, 11VLAN 3 – ports 1, 4, 6
Untag Set::::VLAN 1 -VLAN 2 - ports 9, 11 VLAN 3 – ports 4, 6
Member Set::::VLAN 1 - port 12VLAN 2 – port 12VLAN 3 – ports 2,4,6
,8,12Untag Set::::VLAN 1 -VLAN 2 -VLAN 3 – ports 2,4,
6,8
![Page 29: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/29.jpg)
VLAN - 29
VLAN Addressing Learning
� Shared VLAN Learning (SVL)
� The addresses learned by each VLAN are shared for all VLANs
� Independent VLAN Learning (IVL)
� The addresses learned from each VLAN are NOT shared
� In most cases, SVL or IVL produces the same result.
� But in some special cases, we need to specify the learning mode of bridge.
![Page 30: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/30.jpg)
VLAN - 30
Examples of SVL and IVL
VLAN 1
VLAN 3 VLAN 2
Switch 2
1 12
1 12 1 12
Switch 1
Switch 3
2 3 4 5 6 7 8 9 11
2 4 6 8 4 6 9 11
MAC Addr Port Time (S)
A 2 20 B 3 18 C 4 25 D 5 4
FD of VLAN 1
MAC Addr Port Time (S)
E 11 20 F 12 18 G 7 25 H 7 4
FD of VLAN 2
A B C D E F
G H
![Page 31: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/31.jpg)
VLAN - 31
� Server (Bridge-Router, or Connector) connecting multiple independent VLANs.
� Connector and stations are VLAN unaware (untag).
� Connector did not turn on spanning tree algorithm.
� VLAN Red (A) <--> VLAN Blue (B) should be delivered to Connector (firewalled).
� The Filtering databases should be independent (IVL).
� Otherwise, MAC A(B) will be learned from different ports 1,4 (2,3) alternatively.
� Then, the frames from A (B) to B(A) will be delivered in a wrong way.
IVL Example -- Multiple Independent VLANs
![Page 32: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/32.jpg)
VLAN - 32
VLAN Bridge
PVID = Red
PVID = Red
PVID = Blue
PVID = Blue
Bridge Router
Port X Port Y
Port 4Port 3
Port 2Port 1
A B
A XB Y
MAC Port
A 1B 3
MAC PortVLAN Red
A 4B 2
MAC PortVLAN Blue
Member Set::::Red - Ports 1,3Blue - Ports 2,4
Untag Set::::Red - Ports 1,3Blue - Ports 2,4
Filtering DB
IVL Example -- Multiple Independent VLANs
Correct pathsFor A->B and B->A
![Page 33: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/33.jpg)
VLAN - 33
PVID = Red
PVID = Red
PVID = Blue
PVID = Blue
Bridge Router
Port X Port Y
Port 4Port 3
Port 2Port 1
A B
A XB Y
MAC Port
A 4B 3
MAC Port
SVL (Red, Blue)
Filtering DB
If SVL is used for this case
?
Incorrect pathFor B --->A
Member Set::::Red - Ports 1,3Blue - Ports 2,4
Untag Set::::Red - Ports 1,3Blue - Ports 2,4
![Page 34: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/34.jpg)
VLAN - 34
� Static Filtering Entry
� Static VLAN Registration Entry
� Dynamic Filtering Entry
� Dynamic VLAN Registration Entry
The Filtering Databases for VLAN
![Page 35: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/35.jpg)
VLAN - 35
Static Filtering Entry
MAC VLAN ID Port MAP
MACa 2
MACb 3
MACc 3
MACd 2
MACe 4
Control ElementIndividual MAC, Group MAC, All Group MAC, All Unregistered Group MAC
Forward, Filter, According to dynamic FD
![Page 36: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/36.jpg)
VLAN - 36
Static VLAN Registration Entry
VLAN ID Port MAP
2
3
4
5
6
Control ElementGVRP Registrar Administrative Control :
Registration Fixed, Forbidden, Normal.Tagged/Untagged
![Page 37: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/37.jpg)
VLAN - 37
Dynamic Filtering Entry (By Learning Process)
MAC FID Port (MAP) Time
MACa 2
MACa 3
MACb 3
MACb 2
MACc 4
Individual MAC
200
120
100
250
60
![Page 38: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/38.jpg)
VLAN - 38
Dynamic VLAN Registration Entry
VLAN ID Port MAP
2
3
4
5
6
Control Element
VID is registered on this port ?
![Page 39: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/39.jpg)
VLAN - 39
Outline
� Introduction
� Virtual LAN (VLAN) Architecture
� Port-based VLAN
� VLAN Tag
� Summary
![Page 40: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/40.jpg)
VLAN - 40
VLAN Tag Structure
� Tag Protocol Identifier (TPID)
� Tag Control Information (TCI)
� User-Priority
� Canonical Format Indicator
� VIDEthernet-encoded
TPID
TCI
SNAP-encoded TPID
TCI
3 1 12 Bits
Canonical Format IndicatorUser-Priority
VLAN Identifier (VID)
2
2
8
2
![Page 41: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/41.jpg)
VLAN - 41
SNAP Header (AA-AA-03)
SNAP-encoded TPID
TCI
8 2 Bytes
Tag Format (SNAP-encoded)
SNAP PID (00-00-00)
Tag Type (81-00)
3 Bytes
3 Bytes
2 Bytes
SNAP: SubNetwork Access ProtocolThe SubNetwork Access Protocol (SNAP) is an a standard for the transmission of IP datagrams over IEEE 802 networks. In other words, IP datagrams could be sent on IEEE 802 networks encapsulated within the 802.2 LLC and SNAP data link layers and the 802.3, 802.4 or 802.5 physical network layers.
![Page 42: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/42.jpg)
VLAN - 42
Summary
� VLAN is designed to logical group of stations.
� The members of a VLAN can be removed and added dynamically.
� Without VLAN, the broadcast and multicast frames will be forwarded to all ports.
� Bandwidth wasting issue
� Security issue
� With VLAN, the propagation of multicast and broadcast frames between VLANs is limited.
![Page 43: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/43.jpg)
VLAN - 43
Summary
� Directly communications between different VLANs is not allowed. The communication should be directed to a router.
� IEEE 802.1Q defines port-based VLAN
� Three-phase model
� VLAN configuration
� Declaration/Distribution VLAN membership
� Frame Relay
� VLAN ID is 12 bits (4096 VLANs)
![Page 44: Introduction to Computer Networks Virtual Bridged LANs ...ant.comm.ccu.edu.tw/.../1_Lecture/5_VLAN.pdf · VLAN - 3 VLAN Aims and Benefits Without VLAN, the layer 2 switches/bridges](https://reader034.fdocuments.net/reader034/viewer/2022042622/5f969a1674f3531ff868d6e5/html5/thumbnails/44.jpg)
VLAN - 44
Summary
� Three types of link:
� Access Link: all frames are untagged
� Trunk Link: all frames are tagged
� Hybrid Link: a mix of tagged frames and untagged frames but they must be from different VLANs.
� For each VLAN, the bridge needs to keep:
� Member set (Port IDs)
� Untagged set (Port IDs)