Scribd Logo
Carica

Benvenuto in Scribd!

  • Dell FTOS 03c VLAN Configuration

    Caricato da

    Bambang Adi
    63 visualizzazioni10 pagine
    Vlan

    Copyright

    © © All Rights Reserved

    Formati disponibili

    PDF, TXT o leggi online da Scribd

    Hai trovato utile questo documento?

    Questo contenuto è inappropriato?

    Segnala questo documento
    Vlan

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    63 visualizzazioni10 pagine

    Dell FTOS 03c VLAN Configuration

    Caricato da

    Bambang Adi
    Vlan

    Copyright:

    © All Rights Reserved
    Scarica in formato PDF, TXT o leggi online su Scribd
    Segnala contenuti inappropriati
    di 10

    Interface Configuration

    Module 3C - VLANs

    Objectives

    What is a VLAN?
    How VLANs got started
    How tagging works
    Define VLAN-aware Devices
    Explain the native VLAN
    Routing and VLANs
    What is a VLAN Interface?
    VLAN Interface Configuration
    VLAN Verification

    3C-2

    What is a Virtual Local Area Network (VLAN)?


    I am!
    My MAC address is
    00:01:e8:0d:b7:3c

    Who is
    10.10.10.2?

    A logical Layer2 broadcast


    domain
    Before VLANs, the Ethernet was a
    single broadcast domain
    Everyone listened to the
    destination MAC address of
    FF:FF:FF:FF:FF:FF
    Hosts in a VLAN behave as if they
    were on different LANs
    Members of the blue VLAN
    only listen to FF:FF:FF:FF:FF:FF
    Members of the green VLAN
    only listen to FF:FF:FF:FF:FF:FF

    3C-3

    Creating Separate Logical Network


    Broadcasts go everywhere in an unconfigured network!
    Pre

    SFD

    MAC - Destination

    If a frame is sent to F
    must process it.

    MAC - Source

    Ethertype

    Payload

    all L2 devices in the same network

    What if we separate each host in the VLAN by distinct devices?


    This is what was traditionally done
    Expensive
    Static

    3C-4

    FCS

    Layer 2 Domains Connected with Layer 3


    Devices
    Even if different IP subnets are used, this is still an inefficient topology:

    100.0.0.0 /24

    200.0.0.0 /24

    Routers are expensive!


    There has to be a way for L2 devices to distinguish broadcast traffic

    3C-5

    VLANs are Separate Networks


    On a single Layer 2 device, Tags are used to distinguish different broadcast
    traffic

    Tags distinguish the blue VLAN from the green VLAN


    Pre

    SFD

    FF:FF:FF:FF:FF:FF

    MAC - Source

    Ethertype

    Payload

    FCS

    Pre

    SFD

    FF:FF:FF:FF:FF:FF

    MAC - Source

    Ethertype

    Payload

    FCS

    Hey! We said network devices are color blind


    3C-6

    Use Additional Fields in the Ethernet Frame


    Pre

    SFD

    MAC - Destination

    MAC - Source

    Pre

    SFD

    MAC - Destination

    MAC - Source

    TPID

    Ethertype

    Payload

    TPID

    Priority

    Ethertype

    CFI

    FCS

    Payload

    FCS

    VLAN ID

    Field

    Values

    Description

    Tag Protocol Identifier (TPID)

    8100

    Identifies that 802.1q tagging information is to follow

    Priority

    07

    3 bit value that may be used to identify 8 priority levels

    Canonical Format Indicator (CFI)

    0 or 1

    Specifies Canonical or Non-canonical address format

    VLAN ID

    0 4095

    The Tag
    0
    1
    2 4095

    Used for Priority Tagged Frames


    Typically the default VLAN of a port
    User defined broadcast domain

    3C-7

    The VLAN ID is the Tag

    The blue VLAN (100) is distinguished from the green VLAN (200)

    Pre

    SFD

    FF:FF:FF:FF:FF:FF

    MAC - Source

    VLAN 100

    Ethertype

    Payload

    FCS

    Pre

    SFD

    FF:FF:FF:FF:FF:FF

    MAC - Source

    VLAN 200

    Ethertype

    Payload

    FCS

    3C-8

    VLAN-aware Devices Support 802.1q Tags


    Because of VLAN IDs, multiple broadcast domains can now exist over
    the same topology
    A

    100 U

    200 U

    Gi 0/0
    Gi 0/1

    100 U

    Gi 0/0

    100 T
    300 T

    Gi 0/2

    Gi 0/2

    100 T
    300 U

    100 T
    300 U

    200 U

    Gi 0/0

    Gi 0/0

    Gi 0/3

    Gi 0/3

    100 T
    200 T
    300 T

    100 T
    200 T
    300 T

    Gi 0/4

    100 T
    200 T

    Because of VLAN IDs, multiple broadcast

    There are 3 questions to ask when understanding VLANs:


    1.
    Which specific broadcast domains exist on the switch?

    In this example, it is decided that BLUE (100) and YELLOW (200) and RED
    (300) are needed
    2. Which VLANs will each interface be a member of?
    3.
    For each interface will they be Tagged (T) or Untagged (U) members?

    3C-9

    Logically Diagrams:
    C

    VLAN 100

    Gi 0/0

    Gi 0/2

    Gi 0/2

    Gi 0/0
    Gi 0/3

    Gi 0/1

    Gi 0/4

    Gi 0/3

    VLAN 200

    Gi 0/0

    Gi 0/0

    VLAN 300

    3C-10

    Gi 0/2

    Gi 0/2

    G
    Gi 0/3

    Gi 0/3

    Gi 0/3

    Gi 0/3

    Gi 0/4

    VLAN IDs (Tags) Match or Frame are


    Dropped
    Router Port Configuration

    Switch Port Configuration

    not configured

    Tagged 3

    Tagged 3

    Tagged 4

    Untagged 4

    For each VLAN on the Router above, what happens to the frames at the
    Switch?
    Only frames from the Red and
    VLANs will be accepted by the switch
    Note, however, that frames from the
    VLAN will get assigned to
    the Blue (Native) VLAN by the switch

    3C-11

    The Native VLAN is the VLAN on an


    Interface for Untagged Traffic
    The identified VLAN traffic that is configured as untagged on a trunk port in
    Hybrid mode
    Can be configured on a port along with multiple tagged VLANs
    Not all devices support this
    For example, you may be able to configure tagged VLANs on a port, but
    not an untagged VLAN
    Or Vice-versa: If you configure an untagged VLAN, you cant configure
    other tagged VLANs
    Router Port Configuration

    Switch Port Configuration

    not configured

    Tagged 3

    Tagged 3

    Tagged 4

    Untagged 4

    The native VLAN for the router above is green


    The native VLAN for the switch above is blue
    The Default VLAN is where all unassigned ports in a VLANs are placed
    3C-12

    What is a VLAN Interface?


    A VLAN interface is a Layer3 gateway
    To cross from one Layer2 domain to another Layer2 domain, traffic must
    be routed
    B
    A

    91.0.0.254
    100.0.0.254
    33.0.0.254

    C:\WINDOWS>ipconfig

    C:\WINDOWS>ipconfig

    Windows IP Configuration

    Windows IP Configuration

    Ethernet adapter Local Area Connection:


    Connection-specific
    IP Address. . . . .
    Subnet Mask . . . .
    Default Gateway . .

    DNS
    . .
    . .
    . .

    Suffix
    . . . .
    . . . .
    . . . .

    .
    .
    .
    .

    :
    :
    :
    :

    Ethernet adapter Local Area Connection:

    force10.com
    100.0.0.8
    255.255.255.0
    100.0.0.254

    Connection-specific
    IP Address. . . . .
    Subnet Mask . . . .
    Default Gateway . .

    This is no different than:

    DNS
    . .
    . .
    . .

    Suffix
    . . . .
    . . . .
    . . . .

    .
    .
    .
    .

    :
    :
    :
    :

    force10.com
    91.0.0.123
    255.255.255.0
    91.0.0.254

    91.0.0.254

    Even though the bridge has the blue


    VLAN, traffic must cross via a router

    B
    100.0.0.254

    3C-13

    VLAN Interface Configuration


    Interface Type

    Modes
    Possible

    Default
    Mode

    Require
    Creation

    Physical
    1-Gigabit Ethernet, 10-Gigabit Ethernet
    interfaces, and SONET interfaces

    L2, L3

    Unset

    No

    Shutdown
    (disabled)

    N/A

    N/A

    No

    Shutdown
    (disabled)

    L3

    L3

    Yes

    No Shutdown
    (enabled)

    N/A

    N/A

    No

    Enabled

    L2, L3

    Unset

    Yes

    Shutdown
    (disabled)

    L2

    Yes
    (except
    Default)

    Management
    Located on the RPM and provides
    management access
    Loopback
    Virtual interface in which the software
    emulates a physical interface
    Null
    Virtual interface that is always up, but no
    traffic flows on this interface

    Port Channel
    Virtual interface that provides
    redundancy by allowing the
    aggregation of up to 16 physical
    interfaces
    VLAN
    Logical interfaces to separate broadcast
    domains

    3C-14

    L2, L3

    Default State

    Shutdown
    (L2 Forwarding
    enabled)
    (L3 Forwarding
    disabled)

    VLAN Interfaces
    VLANs insert an additional 4-bytes in
    Ethernet frame for broadcast domain
    segregation
    This extra information contains a
    VLAN ID#
    VLAN interfaces are logical interfaces
    and are in L2 mode by default
    L2 traffic is forwarded out all ports
    in the VLAN
    L3 traffic is not forwarded via the
    interface until the VLAN interface is
    configured as no shutdown
    FTOS supports up to 4094 plus one
    Default (VLAN 1)

    Both physical interfaces and Port


    Channel interfaces can be members
    of a VLAN interface
    All interfaces configured for L2 are
    initially untagged members of the
    Default VLAN 1
    Can participate as Untagged in
    only 1 VLAN interface (Any VLAN
    ID)
    Needs to be designated as a
    Tagged member of additional
    VLAN interfaces

    Native VLANs (Hybrid Port)


    C-Series as of FTOS 7.5
    E-Series as of FTOS 7.6
    S-Series as of FTOS 7.6
    Z-Series all versions

    3C-15

    Steps for Creating a VLAN


    1. Place interface in L2 Mode

    (Automatically added as untagged


    member of VLAN 1)

    2. Enter the VLAN configuration


    mode
    3. Assign interfaces to a VLAN
    4. Assign an IP address to a
    VLAN (optional)
    5. Configure the L3 Interface to
    route traffic
    6. View VLAN interface
    configuration
    7. View all VLAN information on
    the switch
    Precede these commands with
    no to remove interfaces from the
    VLAN

    3C-16

    2
    3

    5
    6

    Force10(conf)# int gi 0/6


    Force10(conf-if-gi-0/6)# switchport
    Force10(conf-if-gi-0/6)# end
    Force10# conf
    Force10(conf)# interface VLAN 777
    Force10(conf-if-vl-777)# tagged gi 0/6
    Force10(conf-if-vl-777)# tagged po 1
    Force10(conf-if-vl-777)# ip address 7.7.7.7/24
    Force10(conf-if-vl-777)# no shutdown
    Force10(conf-if-vl-777)# show conf
    !
    interface Vlan 777
    ip address 7.7.7.7/24
    tagged GigabitEthernet 0/6,36
    tagged Port-channel 1
    no shutdown
    Force10(conf-if-vl-777)# exit
    Force10(conf)# do show VLAN
    Codes: * - Default VLAN, G - GVRP VLANs
    NUM
    Status
    Description
    Q Ports
    * 1
    Inactive
    U Gi 0/8-9
    701
    Inactive
    T Po1(Gi 0/24-26)
    U Gi 0/12
    777
    Active
    T Gi 0/6,36
    T Po1(Gi 0/24-26)
    1000 Active
    T Gi 0/36

    Native VLAN Support


    Allows a physical or LAG port to be connected to both VLAN aware and
    VLAN unaware stations.
    Original FTOS behavior was a port could be either untagged for only 1 VLAN
    or tagged for multiple VLANs
    As a result a port (Physical or LAG) can be either connected to VLAN
    aware station (which generates and understands VLAN tags) or to VLAN
    unaware stations (which cannot understand VLAN tags).
    In some deployments a L2 port needs both tagged and untagged traffic on
    the same physical or LAG port.
    For example when connecting a VOIP phone and a PC on to the same
    port of the switch, the VOIP phone is configured to generate tagged
    packets (with VLAN = VOICE VLAN) and the PC attached generates
    untagged packets
    D
    F

    3C-17

    To Make a Port a Hybrid


    Force10(conf-if-gi-0/0)# [no] portmode hybrid
    The example below configures Gig7/0 as a Tagged member of vlan 20 and
    Untagged member of vlan 10
    Vlan 10 hence becomes the native vlan of the port
    At this point the port will accept untagged frames (it will classify them as
    vlan 10 frames) and the port will accept vlan 20 tagged frames.

    Force10(conf)# int gi 0/0


    Force10(conf-if-gi-0/0)# portmode hybrid
    Force10(conf-if-gi-0/0)# switchport
    Force10(conf-if-gi-0/0)# int vlan 10
    Force10(conf-if-vl-10)# untagged gi 0/0
    Force10(conf-if-vl-10)# int vlan 20
    Force10(conf-if-vl-20)# tagged gi 0/0

    3C-19

    Related Native VLAN Commands


    1.

    2.
    3.

    Verify the Port is a Hybrid


    Hybrid is a newly added
    value for 802.1QTagged
    This used to be True/False
    based on whether the port
    is Tagged/Untagged
    This would now be
    Hybrid/True/False based on
    whether the port is
    Hybrid/Tagged/Untagged

    Force10(conf-if-vl-20)# do show interfaces


    switchport
    Name: GigabitEthernet 7/0
    802.1QTagged: Hybrid
    Vlan membership:
    Vlan
    10, Vlan
    20
    Native VlanId:
    10.

    Force10(conf-if-vl-20)# int vlan 10


    Force10(conf-if-vl-10)# no untagged gi 7/0
    Force10(conf-if-vl-10)# int vlan 20
    Force10(conf-if-vl-20)# no tagged gi 7/0
    Force10(conf-if-vl-20)# int gi 7/0
    Force10(conf-if-gi-7/0)# no sw
    Force10(conf-if-gi-7/0)# no portmode hybrid

    Note Native VLAN ID is listed


    Unconfigure a Hybrid Port
    The hybrid configuration can
    be removed only after the
    other configurations on the
    port are removed.

    3C-20

    Summary

    A VLAN is a logical broadcast domain


    Multiple VLANs can exist over a
    common physical domain with the
    use of tags
    A tag is extra information, defined by
    802.1q, that is inserted in the Ethernet
    frame
    The tag is used to identify which
    broadcast domain a frame should be
    forwarded to
    VLAN-aware Devices are devices that
    support 802.1q
    The Native VLAN is the VLAN that
    sends & receives untagged frames on
    a port
    A VLAN Interface is the Layer3
    gateway of the broadcast domain

    3C-21

    Potrebbero piacerti anche