Transcript VLAN
VLAN Suman Pandey References • D. Passmore, and J. Freeman, “The Virtual LAN Technology Report”, http://www.3com.com/nsc/200374.html, March, 1997 • IEEE 802.1Q, “IEEE Standard for Local and Metropolitan Area Networks: Virtual Bridge Local Area Networks”, 1998 • Meng Guo , Subrata Mazumdar , “Discovery of Spanning Trees in Virtual Bridged LAN” , The Quarterly Newsletter of SNMP Technology, Comment, and Events, Volume 9, Number 1, December, 2001 Outline • General Concepts of VLAN – – – – – – What is VLAN ? Why use VLAN's? Different way to assign VLAN Membership. Spanning Tree in VLAN Frame processing and 802.1Q standard Different kind of logical VLAN architecture • Implementation Details of VLAN for Topology Discovery – Different Vendor specific Solutions – SPECTRUM VLAN manager implementation – MIB used General Concepts of VLAN Paper: The Virtual LAN Technology Report What is VLAN ? • vendor-specific solution and strategy, so defining it is an issue. • VLAN's allow a network manager to logically segment a LAN into different broadcast domains. • multiple physical LAN segments independent of physical location and can communicate as if they were on a common LAN Why use VLAN's? • • • • • Performance Formation of Virtual Workgroups Simplified Administration Reduced Cost Security VLAN Membership • Membership by Port • Membership by MAC Address • Membership by IP Subnet Address port vlan 1 1 2 1 3 2 4 1 disadvantage of this method is that it does not allow for user mobility. VLAN Membership • Membership by Port • Membership by MAC Address • Membership by IP Subnet Address MAC Address vlan 1212354145121 1 2389234873743 1 3045834758445 2 5483573475843 1 Advantage : • no reconfiguration needed Disadvantage : • VLAN membership must be assigned initially. • performance degradation as members of different VLANs coexist on a single switch port VLAN Membership • Membership by Port • Membership by MAC Address • Membership by IP Subnet Address IP Subnet vlan 23.2.24 1 26.21.35 2 Advantage: • Good for application-based VLAN strategy • User can move workstations • eliminate the need for frame tagging Disadvantage : • Performance/ looking for L3 address in packet. • Less effective with protocols such as IPX™, DECnet®, or AppleTalk® • “unroutable” protocols such as NetBIOS Frame Processing in VLAN env Role of Bridges • bridge on receiving data determines to which VLAN the data belongs either by implicit or explicit tagging [802.1Q]. • The bridge also keeps track of VLAN members in a filtering database which it uses to determine where the data is to be sent • all the bridges in the VLAN should contain the same information in their respective filtering databases Active Topology of Network with Bridges Filtering Database • Membership information for a VLAN is stored in a filtering database – Static Entries • Static Filtering Entries: for every port whether frames to be sent to a specific MAC address or group address and on a specific VLAN should be forwarded or discarded, or follow dynamic entry • Static Registration Entries: whether frames to be sent to a specific VLAN are to be tagged or untagged and which ports are registered for that VLAN – Dynamic Entries (learnt by bridges) • Dynamic Filtering Entries: • Group Registration Entries: follows GVRP protocol. • Dynamic Registration Entries: Tagging [802.1Q] • Ethernet Frame Tag Header: • Token Ring and Fiber Distributed Data Interface (FDDI) tag header: • TCI VLAN architecture going forward Infrastructural VLAN Service-Based VLAN Other Details of the Report • • • • DHCP with VLAN ATM with VLAN VLAN Migration Strategy Automatic configuration of VLAN Implementation Details of VLAN for Topology Discovery Paper: Discovery of Spanning Trees in Virtual Bridged LAN Different Vendor specific Solutions • Avaya's VLANMaster application - only works with Avaya’s Cajun switches. • Aprisma's SPECTRUM VLAN Manager It uses the Cabletron Discovery Protocol (CDP) to find all CDP compatible 802.1Q switches in a domain • Cisco's VlanDirector uses Cisco Discovery Protocol (CDP) VlanDirector cannot manage any devices that do not run CDP. • 3COM's Enterprise VLAN Manager • Granite open source C API/SDK to provision VLAN configurations using SNMP for Riverstone products. MIB Information MIB used • RFC1213-MIB • BRIDGE-MIB (RFC 1493) • Q-BRIDGE-MIB (RFC 2674). Bridge MIB Used • dot1dStpPort • dot1qPvid • dot1dStpPortState • dot1dStpPortDesignatedRoot • dot1dStpPortDesignatedBridge • dot1dStpPortDesignatedPort Discovery of Spanning Trees and VLANs Steps • Deduce the target Virtual Bridged LAN from an arbitrary IP address in the Virtual Bridged LAN • Automatically discover all the bridges in the target Virtual Bridged LAN • Collect spanning tree and VLAN related MIB variables from the discovered brides using SNMP • Construct the spanning trees in the Virtual Bridged LAN and associate the spanning trees with VLANs. Implementation Detail 1 They have used Avaya's Cajun switches, and the STP is stored in PROMINET-MIB 2 Collecting Spanning Tree Related Information Implementation Detail 3 Construction of Per-VLAN Spanning Tree 4 Spanning Tree of VLAN 12