Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
0
Virtual LANs
Standard 802.1Q, 802.1v, 802.1s
Giuseppe Bianchi
Broadcast issues
Switches:
Giuseppe Bianchi
However
Giuseppe Bianchi
Floor
2
LAB 1
(telecom)
LAB 2
(nanotech)
Floor
1
OFFICES
LAB 2
(telecom)
Giuseppe Bianchi
Armadio di
piano
Well before
network
partitioning needs
emerge from
customers of the
building!
Prese RJ45
Stanza
Stanza
Stanza
Canalina in PVC
Armadio di
piano
Prese RJ45
Stanza
Stanza
Stanza
Giuseppe Bianchi
Giuseppe Bianchi
VLAN Membership
Per Port
THE typical VLAN approach
The IEEE 802.1Q approach
Per User
Via MAC address
Via VLAN tag
Per Protocol
New feature in IEEE 802.1V
Combination (cross-layer)
Supported as proprietary extensions
Via IP subnet address
.
Giuseppe Bianchi
1 VLAN = 1 IP subnet
Routers are needed to move frames from different VLANs
Even if STAs are in the same physical network
Inter-VLAN connectivity through router: improves security
May apply packet filtering mechanisms such as ACL, etc
Giuseppe Bianchi
160.80.81.0/24
160.80.80.0/24
160.80.80.100
160.80.81.100
VLAN tagging
Giuseppe Bianchi
Port types
TRUNK port: transmits and receives tagged frames
i.e. with explicit VLAN membership indication
Access links
A link connected to an access port
Typically the PC-to-switch link
or small-hub-to-switch link
Access port
S1
TX/RX frames:
standard Ethernet (no QTAG prefix)
S2
Giuseppe Bianchi
VLAN-aware
switch
Access port
VLAN-unaware
switch
VLAN-unaware
switch
S1
S3
S2
Giuseppe Bianchi
Trunk links
A link connected to a trunk port
Typically switch-to-switch or switch-to-router links
frequently server-to-switch link
If PC-to-switch link:
Trunk port
Hybrid links
Giuseppe Bianchi
Unspecified
3 EE Excellent Effort
4 CL Controlled Load
5 VI
Proprietary solutions
(e.g. CISCO ISL)
Cisco Inter Switch Link Protocol
ISL
Frame encapsulated in
ISL (26 bytes)
frame
FCS (4 bytes)
10
Access links
Trunk
link
Giuseppe Bianchi
11
Green
Blue,
Green
Red,
Green
Giuseppe Bianchi
12
Learning
Learning process affected by VLAN
MAC address is no more the only information to consider!
VLAN Identifier is also necessary
Shared VLAN Learning (SVL)
1 single filtering DB
if individual MAC Address learned in one VLAN, learned information used
in forwarding decisions relative to all other VLANs
Independent VLAN Learning (IVL)
1 filtering DB per each VLAN ID
if individual MAC Address learned in one VLAN, learned information NOT
used in forwarding decisions relative to all other VLANs
Filtering DB - SVL
Dest MAC Address
----------------00-00-08-11-aa-01
00-b0-8d-13-1a-f1
a8-11-06-00-0b-b4
08-01-00-00-a7-64
00-ff-08-10-44-01
Ports
----1/1
1/7
2/3
2/4
2/6
Age
--1
4
0
1
5
vlan
12
43
12
1
12
Giuseppe Bianchi
13
Filtering DB - IVL
FID=12
Ports
----1/1
2/3
2/6
Age
--1
0
5
FID=43
Ports
----1/7
Age
--4
FID=1
Ports
----2/4
Age
--1
SVL vs IVL
In most cases, no matter wthere IVL or SVL is used
However, in some particolar cases, IVL or SVL are
necessary
Untagged set
Set of ports through which, if frames are to be transmitted, they shall
be transmitted without tag
Untagged set for a port may include multi VLANs (see SVL example
next)
14
Why IVL? /1
Note: is a bridge device!
Were it a router, no problems!
Why IVL? /2
15
Why SVL?
VLAN unaware
server to be
shared among
VLANs
Must use untagged
access link
Asymmetric
VLANs!
Giuseppe Bianchi
Giuseppe Bianchi
16
Giuseppe Bianchi
17
MSTP
(802.1s, 2002)
Based on RSTP
Hierarchical approach
One single spanning tree
connects regions
Common Spanning Tree (CTS)
across regions
Each region has at least an
Internal Spanning Tree (IST)
Called Common IST (CIST)
One region acts as a virtual
single bridge in terms of
spanning tree!
Multiple spanning tree
Details and new BPDU format
instances (MSTI) are
quite complex - Refer to standard
possible inside each
region
Giuseppe Bianchi
CIST
+
MSTI
Giuseppe Bianchi
18