VLAN

Suman Pandey

References

• D. Passmore, and J. Freeman, “The Virtual LAN Technology Report”, http://www.3com.com/nsc/200374.html, March, 1997

• IEEE 802.1Q, “IEEE Standard for Local and Metropolitan Area Networks: Virtual Bridge Local Area Networks”, 1998

• Meng Guo , Subrata Mazumdar , “Discovery of Spanning Trees in Virtual Bridged LAN” , The Quarterly Newsletter of SNMP Technology, Comment, and Events, Volume 9, Number 1, December, 2001

Outline

• General Concepts of VLAN– What is VLAN ?– Why use VLAN's?– Different way to assign VLAN Membership.– Spanning Tree in VLAN– Frame processing and 802.1Q standard– Different kind of logical VLAN architecture

• Implementation Details of VLAN for Topology Discovery– Different Vendor specific Solutions– SPECTRUM VLAN manager implementation– MIB used

General Concepts of VLAN

Paper: The Virtual LAN Technology Report

What is VLAN ?

• vendor-specific solution and strategy, so defining it is an issue.

• VLAN's allow a network manager to logically segment a LAN into different broadcast domains.

• multiple physical LAN segments independent of physical location and can communicate as if they were on a common LAN

Why use VLAN's?

• Performance

• Formation of Virtual Workgroups

• Simplified Administration

• Reduced Cost

• Security

VLAN Membership

• Membership by Port • Membership by MAC

Address• Membership by IP

Subnet Address

port vlan

1 1

2 1

3 2

4 1

disadvantage of this method is that it does not allow for user mobility.

VLAN Membership• Membership by Port • Membership by MAC Address• Membership by IP Subnet Address

MAC Address vlan

1212354145121 1

2389234873743 1

3045834758445 2

5483573475843 1

Advantage :

• no reconfiguration needed

Disadvantage :

• VLAN membership must be assigned initially.

• performance degradation as members of different VLANs coexist on a single switch port

VLAN Membership

• Membership by Port • Membership by MAC

Address• Membership by IP

Subnet Address

IP Subnet vlan

23.2.24 1

26.21.35 2

Advantage: • Good for application-based VLAN

strategy• User can move workstations• eliminate the need for frame tagging

Disadvantage :• Performance/ looking for L3 address in

packet.• Less effective with protocols such as

IPX™, DECnet®, or AppleTalk®• “unroutable” protocols such as NetBIOS

Frame Processing in VLAN env

Role of Bridges• bridge on receiving data determines to which

VLAN the data belongs either by implicit or explicit tagging [802.1Q].

• The bridge also keeps track of VLAN members in a filtering database which it uses to determine where the data is to be sent

• all the bridges in the VLAN should contain the same information in their respective filtering databases

Active Topology of Network with Bridges

Filtering Database

• Membership information for a VLAN is stored in a filtering database – Static Entries

• Static Filtering Entries: for every port whether frames to be sent to a specific MAC address or group address and on a specific VLAN should be forwarded or discarded, or follow dynamic entry

• Static Registration Entries: whether frames to be sent to a specific VLAN are to be tagged or untagged and which ports are registered for that VLAN

– Dynamic Entries (learnt by bridges)• Dynamic Filtering Entries: • Group Registration Entries: follows GVRP protocol.• Dynamic Registration Entries:

Tagging [802.1Q]

• Ethernet Frame Tag Header:

• Token Ring and Fiber Distributed Data Interface (FDDI) tag header:

• TCI

VLAN architecture going forward

Infrastructural VLAN Service-Based VLAN

Other Details of the Report

• DHCP with VLAN

• ATM with VLAN

• VLAN Migration Strategy

• Automatic configuration of VLAN

Implementation Details of VLAN for Topology Discovery

Paper: Discovery of Spanning Trees in Virtual Bridged LAN

Different Vendor specific Solutions

• Avaya's VLANMaster application - only works with Avaya’s Cajun switches.

• Aprisma's SPECTRUM VLAN Manager It uses the Cabletron Discovery Protocol (CDP) to find all CDP compatible 802.1Q switches in a domain

• Cisco's VlanDirector uses Cisco Discovery Protocol (CDP) VlanDirector cannot manage any devices that do not run CDP.

• 3COM's Enterprise VLAN Manager • Granite open source C API/SDK to provision VLAN

configurations using SNMP for Riverstone products.

MIB Information

MIB used • RFC1213-MIB • BRIDGE-MIB (RFC 1493)• Q-BRIDGE-MIB (RFC 2674).Bridge MIB Used• dot1dStpPort • dot1qPvid • dot1dStpPortState • dot1dStpPortDesignatedRoot • dot1dStpPortDesignatedBridge • dot1dStpPortDesignatedPort

Discovery of Spanning Trees and VLANs

Steps• Deduce the target Virtual Bridged LAN from an arbitrary

IP address in the Virtual Bridged LAN • Automatically discover all the bridges in the target Virtual

Bridged LAN• Collect spanning tree and VLAN related MIB variables

from the discovered brides using SNMP • Construct the spanning trees in the Virtual Bridged LAN

and associate the spanning trees with VLANs.

Implementation Detail

They have used Avaya's Cajun switches, and the STP is stored in PROMINET-MIB

Collecting Spanning Tree Related Information

12

Implementation Detail

Construction of Per-VLAN Spanning Tree Spanning Tree of VLAN 12

34