Reports On Vlan

Download as pdf or txt
Download as pdf or txt
You are on page 1of 25

P.G. Dept. Of Computer Sci.

VLAN

A reports on Networks technology

Virtual Local Area Network

November 2012

Submitted By: - Shivaji R. Bhodkhe (MCA-1st yr) E-mail:- srbodkhe131288@gmail.com

(P.G. Dept. of Computer Science, SGBAU, Amravati-444602)

Page | 1

P.G. Dept. Of Computer Sci.

VLAN

INDEX
Contain 1. Abstract 2.Introduction 3.Computer Network 4. Local-Area Network (LAN) 4.1. Types of Local-Area Networks (LANs) 5.Metropolitan Area Ne twork (MAN) 5.1.Types of MAN (metropolitan Area Network) Technologies 5.2How MAN works 5.3. Advantages of MAN (Metropolitan Area Network) 6. Wide area network (WAN) 7. Network Devices 7.1 Router 7.1.1 Why do I need a Router? 7.1.2. Restrict Broadcasts to the LAN 7.1.3. Act as the Default Gateway 7.1.4. Move (route) Data between Networks 7 7.1.5. Learn and Advertise Loop-Free Paths 7.2. Hubs 7.3. Switches 7.3.1. Types of Network Switch: 7.3.2. Managed Switches: 7.3.3. Unmanaged Network Switch: 7.3.4. Smart Switches: 7.3.5. Advantages of Network Switch: 8. Types of VLAN's 8.1. Layer 1 VLAN: Membership by Port 8 Page Numbers 1 2

4 5

10 8.2. Layer 2 VLAN: Membership by MAC Address 8.3. Layer 2 VLAN: Membership by Protocol Type 8.4. Layer 3 VLAN: Membership by IP Subnet Address 8.5 Higher Layer VLAN's 8.6. Types of Connections 8.6.1 Trunk Link 8.6.2 Access Link

11

Page | 2

P.G. Dept. Of Computer Sci.

VLAN

8.6.3. Hybrid Link 9. Frame Processing 9.1 Filtering Database 9.2 Static Entries 9.3. Dynamic Entries 9.4. Tagging 10. Summary 11. References 12. Abbreviations

12

13 14 15

Page | 3

P.G. Dept. Of Computer Sci.

VLAN

Virtual Local Area Network


1. Abstract
The Virtual Local Area Network (VLAN) technology is one of the hottest areas of networking systems. A VLAN is a logical connection rather than physical that allows network devices to be combined as "virtual LANs". The VLAN technology functions by logically segmenting the network into different broadcast domains so that packets can only delivered between ports with the same VLAN identity (group member). By using this characteristic of VLAN there is a very flexible mechanism to group the physical ports together. Wireless networks also need the flexibility to collect more than two devices equipped with wireless communication and networking capability. In recent years, wireless network has been attracting a lot of attention due to wireless devices have enjoyed a tremendous rise in popularity. In order to communicate among some groups of wireless devices without the convention concept of clusters we propose a novel model to form the multiple-domain or the multiple-group as "virtual LANs" according to the logical connection in ad hoc networks. In this paper discuss on single switch VLAN, multiple switch VLAN and its working methods.

2. Introduction.
A Local Area Network (LAN) was originally defined as a network of computers located within the same area. Today, Local Area Networks are defined as a single broadcast domain. This means that if a user broadcasts information on his/her LAN, the broadcast will be received by every other user on the LAN. Broadcasts are prevented from leaving a LAN by using a router. The disadvantage of this method is routers usually take more time to process incoming data compared to a bridge or a switch. More importantly, the formation of broadcast domains depends on the physical connection of the devices in the network. Virtual Local Area Networks (VLAN's) were developed as an alternative solution to using routers to contain broadcast traffic.

3. Computer Network.
A computer network, or simply a network, is a collection of computers and other hardware interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.

Page | 4

P.G. Dept. Of Computer Sci.

VLAN

Networks may be classified according to a wide variety of characteristics, such as the medium used to transport the data, communications protocol used, scale, topology, benefit, and organizational scope. Communications protocols define the rules and data formats for exchanging information in a computer network, and provide the basis for network programming. Well-known communications protocols include two Ethernet, a hardware and link layer standard that is ubiquitous in local area networks, and the Internet protocol suite, which defines a set of protocols for internetworking, i.e. for data communication between multiple networks, as well as host-to-host data transfer, and application-specific data transmission formats.

4. Local-Area Network (LAN)


A local-area network (LAN) is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings; however, one LAN can be connected to other LANs over any distance via telephone lines and radio waves. A system of LANs connected in this way is called a wide-area network (WAN). Most LANs connect workstations and personal computers. Each node (individual computer ) in a LAN has its own CPU with which it executes programs, but it also is able to access data and devices anywhere on the LAN. This means that many users can share expensive devices, such as laser printers, as well as data. Users can also use the LAN to communicate with each other, by sending e-mail or engaging in chat sessions. LANs are capable of transmitting data at very fast rates, much faster than data can be transmitted over a telephone line; but the distances are limited, and there is also a limit on the number of computers that can be attached to a single LAN.

4.1. Types of Local-Area Networks (LANs)


There are many different types of LANs, with Ethernets being the most common for PCs. Most Apple Macintosh networks are based on Apple's AppleTalk network system, which is built into Macintosh computers. The following characteristics differentiate one LAN from another: 1. Topology : The geometric arrangement of devices on the network. For example, devices can be arranged in a ring or in a straight line. 2. Protocols : The rules and encoding specifications for sending data. The protocols also determine whether the network uses a peer-to-peer or client/server architecture. 3. Media : Devices can be connected by twisted-pair wire, coaxial cables, or fiber optic cables. Some networks do without connecting media altogether, communicating instead via radio waves.

Page | 5

P.G. Dept. Of Computer Sci.

VLAN

5. Metropolitan Area Network (MAN)


A large computer network which extends to a city or to a large university campus is termed as metropolitan area network or MAN. The purpose of MAN (Metropolitan Area Network) is to provide the link to the internet in the long run. A MAN (Metropolitan Area Network) usually incorporates a number of LANs to form a network. This large network MANs (Metropolitan Area Network) backbone comprises of an optical fiber set-up.

5.1. Types of MAN (metropolitan Area Network) Technologies


Most widely used technologies to develop a MAN (Metropolitan Area Network) network are FDDI (fiber distribution data interface), ATM (Asynchronous Transfer Mode) and SMDS (switched multi megabit data service).ATM (Asynchronous Transfer Mode) is the most frequently used of all. ATM (Asynchronous Transfer Mode) is a digital data transfer technology. It was developed in 1980 to improve the transportation of real time data over a single network. ATM (Asynchronous Transfer Mode) works just like cell relay system, where data is separated in the form of fixed equal sized packets and is transferred overtime. The purpose of ATM (Asynchronous Transfer Mode) was to access clear audio and video results during a video conferencing. The attributes of ATM has enabled it to become a base of wide area data networking. ATM (Asynchronous Transfer Mode) combines the characteristics of circuit switching and packet switching, which allows it to transfer even the real time data. FDDI is a standard for data transfer over LAN, which can be extended to the range of approximately 200kms. FDDI can help support the data transmission of many thousand users. This is the reason why it is referred to as the MAN (Metropolitan Area Network) technology. FDDI uses optical fiber for its basic infrastructure that is why it is referred to as fiber distribution data interface. When data is

Page | 6

P.G. Dept. Of Computer Sci.

VLAN

transferred through a connectionless service we use the technology named as SMDS. Connectionless service implies that data is transferred by storing the information in the header and it reaches its destination independently through any network. When the data is transferred using the technology of SMDS, it also forms small data packets just like in ATM. However SMDS allows the transmission of data over large geographical areas in the form of datagrams (the data packets of an unreliable data service provider). Nowadays MAN (Metropolitan Area Network) links are established using infrared and microwave signals.

5.2How MAN works


MAN (Metropolitan Area Network) usually falls between LAN and WAN. It is generally applied to connect geographically dispersed LANs. Therefore the goal of MAN is to develop a communication link between two independent LAN nodes. A MAN (Metropolitan Area Network) is usually established using optical fiber. The network is established using routers and switches. A switch is a port which is active in handling the filtration of data usually coming in the form of frames. Any switch acts as a dual port, at one end it is handling filtration of data and at the other end managing connections. Router is another device for facilitating the networks connection. Router helps the data packets to identify the path to be taken. Hence in other words it keeps an eye on the data transfer. MAN (Metropolitan Area Network) is usually operated over an area of up to 50kms.

5.3. Advantages of MAN (Metropolitan Area Network)


MAN (Metropolitan Area Network) falls in between the LAN and WAN. It therefore increases the efficiency of handling data while at the same time saves the cost attached to establish a wide area network. MAN (Metropolitan Area Network) offers centralized management of data. It enables you to connect many fast LANs together. Telephone companies worldwide have facilitated the transfer of data with the help of an underground optical fiber network. These optical fibers increase the efficiency and speed of data transfer. The optical fibers enable you to access a speed of almost 1000mbps. If you develop a WAN of 1.45 mbps its cost is more than what it gives you. Whereas when you establish metropolitan area network it offers you the speed of 1000mbps as a whole with the lowest cost involved.

Page | 7

P.G. Dept. Of Computer Sci.

VLAN

6. Wide area network (WAN)


A wide area network (WAN) is a computer network that covers up a broad area (i.e., any network whose communications links traverse metropolitan, regional, or national boundaries. Unlike personal area networks (PANs), local area networks (LANs), campus area networks (CANs), or metropolitan area networks (MANs) are usually limited to a room, building, campus or particular metropolitan area (e.g. a town) correspondingly. WANs are used to connect LANs and other kinds of networks together, so that users and computers in one place can communicate with users and computers in other places. There are many WANs that are available to one particular organization working privately. Others built by ISPs provide connections from LAN of an organization to the Internet. There are several options of WAN connectivity that are discussed below: Circuit Switching Circuit switching is another WAN option. A circuit path is devoted at the end paths. Dialup connections are perfect example of circuit switching, and it is less expensive then leased lines. The speed of this network is 28-144 kbps and protocols are PPP, ISDN. Circuit Switching It is another option available in (WAN). A devoted circuit path is created between end points. An excellent example is dialup connections. It is relatively less expensive. The broadband range of this option is 28 - 144 kbps. Available protocols include PPP, ISDN.
Page | 8

P.G. Dept. Of Computer Sci.

VLAN

Call relay is comparable to packet switching, but employs fixed length cells as an alternative to changeable length packets. Statistics is confused into fixed-length cells, and after that, it is elated to fundamental routes. It is finest for instantaneous exercise of voice and information, the visual projection of call relay can be extensive, a paradigm of protocol in the advertisement places is ATM. Generally, WANs are frequently assembled by means of leased lines. At every periphery of the leased line, a router is attached to the LAN on one side, and a centre within the WAN on the other. Despite the fact that there has been utilization of leased lines, WANs can in addition be ascertained by means of a modestly expensive circuit switching, or packet switching mode. Network protocols comprise TCP/IP that conveys transfer, and directing errands. Service providers to compel the connections that are exercised in WANs regularly operate protocols together with Packet over SONET/SDH, MPLs, ATM, and frame relay. X.25 was the chief untimely WAN protocol, and is repeatedly acknowledged as the grandfather of frame relay as several of the essential protocols, and utility of X.25 are offered in this contemporary period by frame relay. Companies use these to minimize cost by cutting the need for travel, and expensive long distance phone calls.These can diminish the charges of companies by diminishing the necessity of journey, and also of high-priced extended distance phone calls. In (WAN), you are able to contribute to data as well as video conferencing. In (WAN), you can share data as well do as video conferencing. When communication is being shared between computers, each operator can have the right to use the same information at the same time. The use of a WAN also improves employee output by increasing and accelerating work applications as well as dipping replication across the WAN.

Page | 9

P.G. Dept. Of Computer Sci.

VLAN

7. Network Devices
Networking hardware or networking equipment typically refers to devices facilitating the use of a computer network. Typically, this includes gateways, routers, network bridges, switches, hubs, and repeaters. Also, hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, modems, ISDN terminal adapters, line drivers, wireless access points, networking cables and other related hardware

7.1 Router
A router is specialized computer connected to more than one network running software that allows the router to move data from one network to another. Routers operate at the network layer (OSI Model's layer 3). The primary function of a router is to connect networks together and keep certain kinds of broadcast traffic under control. There are several companies that make routers: Cisco (Linksys), Juniper, Nortel (Bay Networks), Redback, Lucent, 3Com, and HP just to name a few.

7.1.1 Why do I need a Router?


Routers used in networks perform the following functions: 1. Restrict broadcasts to the LAN

Page | 10

P.G. Dept. Of Computer Sci.

VLAN

2. Act as the default gateway. 3. Move (route) data between networks 4. Learn and advertise loop free paths

7.1.2. Restrict Broadcasts to the LAN


Networks (especially Ethernet networks) use broadcast communication at the physical, datalinkand network layer. Network layer broadcasts are transmissions sent to all hosts using the network layer protocol (usually Internet Protocol [IP] or IPX). Network broadcast communication is used to communicate certain kinds of information that makes the network function (ARP, RARP, DHCP, IPX-SAP broadcasts etc.). Since several devices could attempt to transmit simultaneously and cause collisions, it is preferable to separate large sets of hosts into different broadcast domains using a switch, or router. As the number of hosts on the network increases, the amount of broadcast traffic increases. If enough broadcast traffic is present on the network, then ordinary communication across the network becomes difficult. To reduce broadcasts, a network administrator can break up a network with a large number of hosts into two smaller networks. Broadcasts are then restricted to each network, and the router performs as the 'default gateway' to reach the hosts on the other networks.

7.1.3. Act as the Default Gateway


Especially in today's networks, people are connecting to the Internet. When your computer wants to talk to a computer on another network, it does so by sending your data to the default gateway (your local router). The router receives your data, looks for the remote address of that far-off computer makes a routing decision and forwards your data out a different interface that is closer to that remote computer. There could be several routers between you and the remote computer, so several routers will take part in handing off the packet, much like a fireman's bucket brigade.

7.1.4. Move (route) Data between Networks


Routers have the capability to move data from one network to another. This allows two networks managed by different organizations to exchange data. They create a network between them and exchange data between the routers on that network. Because a router can accept traffic from any kind of network it is attached to, and forward it to any other network, it can also allow networks that could not normally communicate with each other to exchange data. In technical terms, a token ring network and an Ethernet network can communicate over a serial network. Routers make all this possible. A router can take in an Ethernet frame, strip the Ethernet data off, and then drop the IP data into a frame of another type such as SDH/SONET, PDH/T1, ATM, and FDDI. In this way a router can also perform 'protocol conversion', provided it has the appropriate
Page | 11

P.G. Dept. Of Computer Sci.

VLAN

hardware and software to support such a function. The whole point, however, is to forward the data from the interface it receives data on, to another interface that retransmits the received data onto another interface serving another network.

7.1.5. Learn and Advertise Loop-Free Paths


Routers can only learn and advertise routes dynamically if they are using a routing protocol such as RIP, OSPF, EIGRP, IS-IS or BGP. Otherwise, a human has to configure the routes by hand, which is called static routing. Routing moves data on a hop-by-hop basis, what is often called 'hot potato' routing. If a set of routers ends up passing the data around in a circle, without reaching the destination, it's called a 'routing loop'. Packets get tossed around the loop until they die of old age: their 'Time to Live' counter in the IP datagram is decremented as it passes through each router and eventually it reaches zero and is discarded.

7.2. Hubs
On 10BaseT and 100BaseTX Ethernet networks larger than two computers, each computer or printer (or other networked device) is connected to a hub. The hub is a small box that gathers the Signals from each individual device, optionally amplifies each signal, and then sends the signal out to all other connected devices. Amplification helps to ensure that devices on the network receive reliable information. You can think of an Ethernet hub like the hub of a wheel, at the center of the spokes that connect each individual computer or printer. Hubs are also called Concentrators or repeaters. Hubs come in various sizes, the most common being 12-port or 24port (meaning they can connect to 12 or 24 computers/printers/hubs). All of the clients, servers, and peripherals connected to a hub (or to a set of interconnected hubs) share the bandwidth (data delivery capacity) of your network. Technically, they form a single collision domainan area of an Ethernet network in which data sent to or from a device may potentially collide with the data from other devices. As you add more clients, servers, and peripherals to an Ethernet network, the number of collisions increases and the performance of your network degrades. You can improve

Page | 12

P.G. Dept. Of Computer Sci.

VLAN

performance by isolating network traffic into many smaller collision domains. Unfortunately, hubs cannot divide a network in this fashion; they simply repeat every signal all to all connected devices. Instead, to divide networks into multiple collision domains you can deploy switches, bridges, or routers. Each switch port, bridge port, or router port forms a new collision domain.

7.3. Switches
Like a hub, an Ethernet switch is a device that gathers the signals from devices that are connected to it, and then regenerates a new copy of each signal. Switches, however, are more powerful than hubs and can substantially increase your network performance. In order to understand how they perform this magic, it is necessary to understand first how they work. Most common switches operate by learning the MAC addresses of all connected clients, servers, and peripherals, and associating each address with one of its ports. When a switch receives an incoming signal, it creates a temporary circuit between the sender and receiver. The temporary circuit provides two important benefits. First, the circuit allows the sender and receiver momentarily First, the circuit allows the sender and receiver momentarily to exchange information without intrusion from other devices on the network. That is, each pair of communicating devices utilizes the full bandwidth (data carrying capacity) of the network instead of sharing that bandwidth, as they do in unswitched Ethernet networks. To say this another way, each switch port defines a collision domain containing only a small number of devices and thereby helps provide maximum performance for Ethernet networks. Second, the circuit ensures that information travels directly between the communicating computers. This behavior differs markedly from unswitched Ethernet networks. In unswitched networks, data from a transmitting computer is sent by the nearest hub to all connected devices (not just to the recipient) and therefore congests parts of the network needlessly.Like all network equipment, switches benefit your network only if they are deployed in the proper manner. If your network is congested and if traffic pools in certain areas, then you can improve network performance by replacing hubs with switches, or by connecting hubs to switches in a hierarchical manner. (You can see a diagram of a school network that uses a hierarchy of switches and hubs at http://www.3com.com/nsc/500612c.html . The switches are gray boxes and the hubs are black boxes labeled with numbers to indicate how many ports they have.) For the pools of

Page | 13

P.G. Dept. Of Computer Sci.

VLAN

heavy traffic, switches increase bandwidth while segregating the traffic from the rest of the network. However, if your network is not congested or if your traffic patterns do not create pools of congestion, then switches may actually cause your network performance to deteriorate. This performance degradation occurs because switches examine the information inside each signal on your network (to determine the addresses of the sender and receiver) and therefore process network information more slowly than hubs. Recently, manufacturers have begun to offer switches that examine OSI level 3 (network routing) information such as that contained in the IP portions (rather than the data link portions) of a network signal. Later in this chapter, you will discover that routers also examine this information. Level 3 switches blur the distinction between switches and routers. Level 3 switches can replace routers within your network or between your network and the Internet (while level 2 switches can replace hubs, but not routers).

7.3.1. Types of Network Switch:


There are different types of networking switch based upon the form and the configuration. On the basis of their form they are categorized into rack mounted, chassis or catalyst switch etc. And on the basis of configuration they are differentiated into managed, unmanaged, smart or enterprise managed switches.

7.3.2. Managed Switches:


A type of network switch in which different types of methods are used to manage the different parts of the network and can able to upgrade the working and the performance of the switch with the help of common methods of management is called as the managed network switch.

7.3.3. Unmanaged Network Switch:


Basically these networking switches are designed for those customers that are not able to spend more money because those are less expensive. A type of network switch in which interface is not involved is called as unmanaged network switches. They are designed for the direct use.

7.3.4. Smart Switches:


Basically the smart network switches are the important types of managed switches in which the specific management features are discussed. Typically these switches reused

Page | 14

P.G. Dept. Of Computer Sci.

VLAN

for the networking devices such as VLANs. They also increase the working ability of the parts connected by the switches.

7.3.5. Advantages of Network Switch:


Due to the reliable and the easy working of the network switches to manage the network by joining the different segments of the network. Some of the particular advantages of the network switching are given below. 1. Network switches are very beneficial for the expenditure of the network and can also helpful in decreasing the load from the systems individually 2. They are also helpful for the in maintaining and enhancing the performance of the network using switches 3. In the networking data is transmitted in the form of the data packets and in these cases there are more chances of collision between the packets but network switches are also able to avoid the collision between the data grams

8. Types of VLAN's
VLAN membership can be classified by port, MAC address, and protocol type.

8.1. Layer 1 VLAN: Membership by Port


Membership in a VLAN can be defined based on the ports that belong to the VLAN. For example, in a bridge with four ports, ports 1, 2, and 4 belong to VLAN 1 and port 3 belongs to VLAN 2 (see Figure). Port 1 2 3 4 VLAN 1 1 2 1

Figure: Assignment of ports to different VLAN's.

Page | 15

P.G. Dept. Of Computer Sci.

VLAN

The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a different location away from the assigned bridge, the network manager must reconfigure the VLAN.

8.2. Layer 2 VLAN: Membership by MAC Address


Here, membership in a VLAN is based on the MAC address of the workstation. The switch tracks the MAC addresses which belong to each VLAN (see Figure). Since MAC addresses form a part of the workstation's network interface card, when a workstation is moved, no reconfiguration is needed to allow the workstation to remain in the same VLAN. This is unlike Layer 1 VLAN's where membership tables must be reconfigured. MAC Address 1212354145121 2389234873743 3045834758445 5483573475843 VLAN 1 2 2 1

Figure: Assignment of MAC addresses to different VLAN's. The main problem with this method is that VLAN membership must be assigned initially. In networks with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the MAC address is associated with the docking station and not with the notebook PC. Consequently, when a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured.

8.3. Layer 2 VLAN: Membership by Protocol Type


VLAN membership for Layer 2 VLAN's can also be based on the protocol type field found in the Layer 2 header (see Figure). Protocol IP IPX VLAN 1 2

Figure: Assignment of protocols to different VLAN's.

Page | 16

P.G. Dept. Of Computer Sci.

VLAN

8.4. Layer 3 VLAN: Membership by IP Subnet Address


Membership is based on the Layer 3 header. The network IP subnet address can be used to classify VLAN membership (see Figure). IP Subnet 23.2.24 26.21.35 VLAN 1 2

Figure: Assignment of IP subnet addresses to different VLAN's. Although VLAN membership is based on Layer 3 information, this has nothing to do with network routing and should not be confused with router functions. In this method, IP addresses are used only as a mapping to determine membership in VLAN's. No other processing of IP addresses is done. In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses. The only problem is that it generally takes longer to forward packets using Layer 3 information than using MAC addresses.

8.5 Higher Layer VLAN's


It is also possible to define VLAN membership based on applications or service, or any combination thereof. For example, file transfer protocol (FTP) applications can be executed on one VLAN and telnet applications on another VLAN. The 802.1Q draft standard defines Layer 1 and Layer 2 VLAN's only. Protocol type based VLAN's and higher layer VLAN's have been allowed for, but are not defined in this standard. As a result, these VLAN's will remain proprietary.

8.6. Types of Connections


Devices on a VLAN can be connected in three ways based on whether the connected devices are VLAN-aware or VLAN-unaware. Recall that a VLAN-aware device is one which understands VLAN memberships (i.e. which users belong to a VLAN) and VLAN formats.

Page | 17

P.G. Dept. Of Computer Sci.

VLAN

8.6.1 Trunk Link


All the devices connected to a trunk link, including workstations, must be VLANaware. All frames on a trunk link must have a special header attached. These special frames are called tagged frames (see Figure).

Figure: Trunk link between two VLAN-aware bridges.

8.6.2 Access Link


An access link connects a VLAN-unaware device to the port of a VLAN-aware bridge. All frames on access links must be implicitly tagged (untagged) (see Figure8). The VLAN-unaware device can be a LAN segment with VLAN-unaware workstations or it can be a number of LAN segments containing VLAN-unaware devices (legacy LAN).

Figure 8: Access link between a VLAN-aware bridge and a VLAN-unaware device.

8.6.3. Hybrid Link


This is a combination of the previous two links. This is a link where both VLANaware and VLAN-unaware devices are attached (see Figure9). A hybrid link can have both tagged and untagged frames, but all the frames for a specific VLAN must be either tagged or untagged.

Page | 18

P.G. Dept. Of Computer Sci.

VLAN

Figure9: Hybrid link containing both VLAN-aware and VLAN-unaware devices. It must also be noted that the network can have a combination of all three types of links.

9. Frame Processing
A bridge on receiving data determines to which VLAN the data belongs either by implicit or explicit tagging. In explicit tagging a tag header is added to the data. The bridge also keeps track of VLAN members in a filtering database which it uses to determine where the data is to be sent. Following is an explanation of the contents of the filtering database and the format and purpose of the tag header .

9.1 Filtering Database


Membership information for a VLAN is stored in a filtering database. The filtering database consists of the following types of entries:

9.2 Static Entries


Static information is added, modified, and deleted by management only. Entries are not automatically removed after some time (ageing), but must be explicitly removed by management. There are two types of static entries: a) Static Filtering Entries: which specify for every port whether frames to be sent to a specific MAC address or group address and on a specific VLAN should be forwarded or discarded, or should follow the dynamic entry, and b) Static Registration Entries: which specify whether frames to be sent to a specific VLAN are to be tagged or untagged and which ports are registered for that VLAN.

9.3. Dynamic Entries


Dynamic entries are learned by the bridge and cannot be created or updated by management. The learning process observes the port from which a frame, with a given
Page | 19

P.G. Dept. Of Computer Sci.

VLAN

source address and VLAN ID (VID), is received, and updates the filtering database. The entry is updated only if all the following three conditions are satisfied: a) this port allows learning, b) the source address is a workstation address and not a group address, and c) there is space available in the database. Entries are removed from the database by the ageing out process where, after a certain amount of time specified by management (10 sec --- 1000000 sec), entries allow automatic reconfiguration of the filtering database if the topology of the network changes. There are three types of dynamic entries: a) Dynamic Filtering Entries: which specify whether frames to be sent to a specific MAC address and on a certain VLAN should be forwarded or discarded. b) Group Registration Entries: which indicate for each port whether frames to be sent to a group MAC address and on a certain VLAN should be filtered or discarded. These entries are added and deleted using Group Multicast Registration Protocol (GMRP). This allows multicasts to be sent on a single VLAN without affecting other VLAN's. c) Dynamic Registration Entries: which specify which ports are registered for a specific VLAN. Entries are added and deleted using GARP VLAN Registration Protocol (GVRP), where GARP is the Generic Attribute Registration Protocol. GVRP is used not only to update dynamic registration entries, but also to communicate the information to other VLAN-aware bridges. In order for VLAN's to forward information to the correct destination, all the bridges in the VLAN should contain the same information in their respective filtering databases. GVRP allows both VLAN-aware workstations and bridges to issue and revoke VLAN memberships. VLAN-aware bridges register and propagate VLAN membership to all ports that are a part of the active topology of the VLAN. The active topology of a network is determined when the bridges are turned on or when a change in the state of the current topology is perceived. The active topology is determined using a spanning tree algorithm which prevents the formation of loops in the network by disabling ports. Once an active topology for the network (which may contain several VLAN's) is obtained, the bridges determine an active topology for each VLAN. This may result in a different topology for each VLAN or a common one for several VLAN's. In either case, the VLAN topology will be a subset of the active topology of the network (see Figure 10).

Page | 20

P.G. Dept. Of Computer Sci.

VLAN

Figure: Active topology of network and VLAN A using spanning tree algorithm.

9.4. Tagging
When frames are sent across the network, there needs to be a way of indicating to which VLAN the frame belongs, so that the bridge will forward the frames only to those ports that belong to that VLAN, instead of to all output ports as would normally have been done. This information is added to the frame in the form of a tag header. In addition, the tag header: i) Allows User Priority Information To Be Specified, ii) Allows Source Routing Control Information To Be Specified, And iii) Indicates The Format Of Mac Addresses. Frames in which a tag header has been added are called tagged frames. Tagged frames convey the VLAN information across the network. The tagged frames that are sent across hybrid and trunk links contain a tag header. There are two formats of the tag header: i) Ethernet Frame Tag Header: The ethernet frame tag header (see Figure11) consists of a tag protocol identifier (TPID) and tag control information (TCI).

Page | 21

P.G. Dept. Of Computer Sci.

VLAN

Figure11: Ethernet frame tag header. ii) Token Ring and Fiber Distributed Data Interface (FDDI) tag header: The tag headers for both token ring and FDDI networks consist of a SNAP-encoded TPID and TCI.

Figure12: Token ring and FDDI tag header. TPID is the tag protocol identifier which indicates that a tag header is following and TCI (see Figure 13) contains the user priority, canonical format indicator (CFI), and the VLAN ID.

Figure13: Tag control information (TCI). User priority is a 3 bit field which allows priority information to be encoded in the frame. Eight levels of priority are allowed, where zero is the lowest priority and seven is the highest priority. How this field is used is described in the supplement 802.1p. The CFI bit is used to indicate that all MAC addresses present in the MAC data field are in canonical format. This field is interpreted differently depending on whether it is an ethernet-encoded tag header or a SNAP-encoded tag header. In SNAP-encoded TPID the field indicates the presence or absence of the canonical format of addresses. In ethernet-encoded TPID, it indicates the presence of the Source-Routing Information (RIF) field after the length field. The RIF field indicates routing on Ethernet frames. The VID field is used to uniquely identify the VLAN to which the frame belongs. There can be a maximum of (212- 1) VLAN's. Zero is used to indicate no VLAN ID, but that user priority information is present. This allows priority to be encoded in non-priority LAN's.

Page | 22

P.G. Dept. Of Computer Sci.

VLAN

10. Conclusion
As we have seen there are significant advances in the field of networks in the form of VLAN's which allow the formation of virtual workgroups, better security, improved performance, simplified administration, and reduced costs. VLAN's are formed by the logical segmentation of a network and can be classified into Layer1, 2, 3 and higher layers. Only Layer 1 and 2 are specified in the draft standard 802.1Q. Tagging and the filtering database allow a bridge to determine the source and destination VLAN for received data. VLAN's if implemented effectively, show considerable promise in future networking solutions.

Page | 23

P.G. Dept. Of Computer Sci.

VLAN

11. References
1) David Passmore, John Freeman, ``The Virtual LAN Technology Report,'' March 7, 1997, http://www.3com.com/nsc/200374.html A very good overview of VLAN's, their strengths, weaknesses, and implementation problems. 2) IEEE, ``Draft Standard for Virtual Bridge Local Area Networks,'' P802.1Q/D1, May 16, 1997, This is the draft standard for VLAN's which covers implementation issues of Layer 1 and 2 VLAN's. 3) Mathias Hein, David Griffiths, Orna Berry, ``Switching Technology in the Local Network: From LAN to Switched LAN to Virtual LAN,'' February 1997, Textbook explanation of what VLAN's are and their types. 7) Susan Biagi, "Virtual LANs," Network VAR v4 n1 p. 10-12, January 1996, An Overview of VLAN's, advantages, and disadvantages. 8) David J. Buerger, ``Virtual LAN cost savings will stay virtual until networking's next era,'' Network World, March 1995, A short summary on VLAN's. 9) IEEE, ``Traffic Class Expediting and Dynamic Multicast Filtering,'' 802.1p/D6, April 1997, This is the standard for implementing priority and dynamic multicasts. Implementation of priority in VLAN's is based on this standard.

Page | 24

P.G. Dept. Of Computer Sci.

VLAN

12. Abbreviations

CFI - Canonical Format Indicator FDDI - Fiber Distributed Data Interface FTP - File Transfer Protocol GARP - Generic Attribute Registration Protocol GMRP - Group Multicast Registration Protocol GVRP - GARP VLAN Registration Protocol IEEE - Institute of Electrical and Electronic Engineers LAN - Local Area Network MAC - Media Access Control RIF - Source-Routing Information TCI - Tag Control Information TPID - Tag Protocol Identifier VID - VLAN ID VLAN - Virtual Local Area Network

Page | 25

You might also like