Reports On Vlan
Reports On Vlan
Reports On Vlan
VLAN
November 2012
Page | 1
VLAN
INDEX
Contain 1. Abstract 2.Introduction 3.Computer Network 4. Local-Area Network (LAN) 4.1. Types of Local-Area Networks (LANs) 5.Metropolitan Area Ne twork (MAN) 5.1.Types of MAN (metropolitan Area Network) Technologies 5.2How MAN works 5.3. Advantages of MAN (Metropolitan Area Network) 6. Wide area network (WAN) 7. Network Devices 7.1 Router 7.1.1 Why do I need a Router? 7.1.2. Restrict Broadcasts to the LAN 7.1.3. Act as the Default Gateway 7.1.4. Move (route) Data between Networks 7 7.1.5. Learn and Advertise Loop-Free Paths 7.2. Hubs 7.3. Switches 7.3.1. Types of Network Switch: 7.3.2. Managed Switches: 7.3.3. Unmanaged Network Switch: 7.3.4. Smart Switches: 7.3.5. Advantages of Network Switch: 8. Types of VLAN's 8.1. Layer 1 VLAN: Membership by Port 8 Page Numbers 1 2
4 5
10 8.2. Layer 2 VLAN: Membership by MAC Address 8.3. Layer 2 VLAN: Membership by Protocol Type 8.4. Layer 3 VLAN: Membership by IP Subnet Address 8.5 Higher Layer VLAN's 8.6. Types of Connections 8.6.1 Trunk Link 8.6.2 Access Link
11
Page | 2
VLAN
8.6.3. Hybrid Link 9. Frame Processing 9.1 Filtering Database 9.2 Static Entries 9.3. Dynamic Entries 9.4. Tagging 10. Summary 11. References 12. Abbreviations
12
13 14 15
Page | 3
VLAN
2. Introduction.
A Local Area Network (LAN) was originally defined as a network of computers located within the same area. Today, Local Area Networks are defined as a single broadcast domain. This means that if a user broadcasts information on his/her LAN, the broadcast will be received by every other user on the LAN. Broadcasts are prevented from leaving a LAN by using a router. The disadvantage of this method is routers usually take more time to process incoming data compared to a bridge or a switch. More importantly, the formation of broadcast domains depends on the physical connection of the devices in the network. Virtual Local Area Networks (VLAN's) were developed as an alternative solution to using routers to contain broadcast traffic.
3. Computer Network.
A computer network, or simply a network, is a collection of computers and other hardware interconnected by communication channels that allow sharing of resources and information. Where at least one process in one device is able to send/receive data to/from at least one process residing in a remote device, then the two devices are said to be in a network. Simply, more than one computer interconnected through a communication medium for information interchange is called a computer network.
Page | 4
VLAN
Networks may be classified according to a wide variety of characteristics, such as the medium used to transport the data, communications protocol used, scale, topology, benefit, and organizational scope. Communications protocols define the rules and data formats for exchanging information in a computer network, and provide the basis for network programming. Well-known communications protocols include two Ethernet, a hardware and link layer standard that is ubiquitous in local area networks, and the Internet protocol suite, which defines a set of protocols for internetworking, i.e. for data communication between multiple networks, as well as host-to-host data transfer, and application-specific data transmission formats.
Page | 5
VLAN
Page | 6
VLAN
transferred through a connectionless service we use the technology named as SMDS. Connectionless service implies that data is transferred by storing the information in the header and it reaches its destination independently through any network. When the data is transferred using the technology of SMDS, it also forms small data packets just like in ATM. However SMDS allows the transmission of data over large geographical areas in the form of datagrams (the data packets of an unreliable data service provider). Nowadays MAN (Metropolitan Area Network) links are established using infrared and microwave signals.
Page | 7
VLAN
VLAN
Call relay is comparable to packet switching, but employs fixed length cells as an alternative to changeable length packets. Statistics is confused into fixed-length cells, and after that, it is elated to fundamental routes. It is finest for instantaneous exercise of voice and information, the visual projection of call relay can be extensive, a paradigm of protocol in the advertisement places is ATM. Generally, WANs are frequently assembled by means of leased lines. At every periphery of the leased line, a router is attached to the LAN on one side, and a centre within the WAN on the other. Despite the fact that there has been utilization of leased lines, WANs can in addition be ascertained by means of a modestly expensive circuit switching, or packet switching mode. Network protocols comprise TCP/IP that conveys transfer, and directing errands. Service providers to compel the connections that are exercised in WANs regularly operate protocols together with Packet over SONET/SDH, MPLs, ATM, and frame relay. X.25 was the chief untimely WAN protocol, and is repeatedly acknowledged as the grandfather of frame relay as several of the essential protocols, and utility of X.25 are offered in this contemporary period by frame relay. Companies use these to minimize cost by cutting the need for travel, and expensive long distance phone calls.These can diminish the charges of companies by diminishing the necessity of journey, and also of high-priced extended distance phone calls. In (WAN), you are able to contribute to data as well as video conferencing. In (WAN), you can share data as well do as video conferencing. When communication is being shared between computers, each operator can have the right to use the same information at the same time. The use of a WAN also improves employee output by increasing and accelerating work applications as well as dipping replication across the WAN.
Page | 9
VLAN
7. Network Devices
Networking hardware or networking equipment typically refers to devices facilitating the use of a computer network. Typically, this includes gateways, routers, network bridges, switches, hubs, and repeaters. Also, hybrid network devices such as multilayer switches, protocol converters, bridge routers, proxy servers, firewalls, network address translators, multiplexers, network interface controllers, wireless network interface controllers, modems, ISDN terminal adapters, line drivers, wireless access points, networking cables and other related hardware
7.1 Router
A router is specialized computer connected to more than one network running software that allows the router to move data from one network to another. Routers operate at the network layer (OSI Model's layer 3). The primary function of a router is to connect networks together and keep certain kinds of broadcast traffic under control. There are several companies that make routers: Cisco (Linksys), Juniper, Nortel (Bay Networks), Redback, Lucent, 3Com, and HP just to name a few.
Page | 10
VLAN
2. Act as the default gateway. 3. Move (route) data between networks 4. Learn and advertise loop free paths
VLAN
hardware and software to support such a function. The whole point, however, is to forward the data from the interface it receives data on, to another interface that retransmits the received data onto another interface serving another network.
7.2. Hubs
On 10BaseT and 100BaseTX Ethernet networks larger than two computers, each computer or printer (or other networked device) is connected to a hub. The hub is a small box that gathers the Signals from each individual device, optionally amplifies each signal, and then sends the signal out to all other connected devices. Amplification helps to ensure that devices on the network receive reliable information. You can think of an Ethernet hub like the hub of a wheel, at the center of the spokes that connect each individual computer or printer. Hubs are also called Concentrators or repeaters. Hubs come in various sizes, the most common being 12-port or 24port (meaning they can connect to 12 or 24 computers/printers/hubs). All of the clients, servers, and peripherals connected to a hub (or to a set of interconnected hubs) share the bandwidth (data delivery capacity) of your network. Technically, they form a single collision domainan area of an Ethernet network in which data sent to or from a device may potentially collide with the data from other devices. As you add more clients, servers, and peripherals to an Ethernet network, the number of collisions increases and the performance of your network degrades. You can improve
Page | 12
VLAN
performance by isolating network traffic into many smaller collision domains. Unfortunately, hubs cannot divide a network in this fashion; they simply repeat every signal all to all connected devices. Instead, to divide networks into multiple collision domains you can deploy switches, bridges, or routers. Each switch port, bridge port, or router port forms a new collision domain.
7.3. Switches
Like a hub, an Ethernet switch is a device that gathers the signals from devices that are connected to it, and then regenerates a new copy of each signal. Switches, however, are more powerful than hubs and can substantially increase your network performance. In order to understand how they perform this magic, it is necessary to understand first how they work. Most common switches operate by learning the MAC addresses of all connected clients, servers, and peripherals, and associating each address with one of its ports. When a switch receives an incoming signal, it creates a temporary circuit between the sender and receiver. The temporary circuit provides two important benefits. First, the circuit allows the sender and receiver momentarily First, the circuit allows the sender and receiver momentarily to exchange information without intrusion from other devices on the network. That is, each pair of communicating devices utilizes the full bandwidth (data carrying capacity) of the network instead of sharing that bandwidth, as they do in unswitched Ethernet networks. To say this another way, each switch port defines a collision domain containing only a small number of devices and thereby helps provide maximum performance for Ethernet networks. Second, the circuit ensures that information travels directly between the communicating computers. This behavior differs markedly from unswitched Ethernet networks. In unswitched networks, data from a transmitting computer is sent by the nearest hub to all connected devices (not just to the recipient) and therefore congests parts of the network needlessly.Like all network equipment, switches benefit your network only if they are deployed in the proper manner. If your network is congested and if traffic pools in certain areas, then you can improve network performance by replacing hubs with switches, or by connecting hubs to switches in a hierarchical manner. (You can see a diagram of a school network that uses a hierarchy of switches and hubs at http://www.3com.com/nsc/500612c.html . The switches are gray boxes and the hubs are black boxes labeled with numbers to indicate how many ports they have.) For the pools of
Page | 13
VLAN
heavy traffic, switches increase bandwidth while segregating the traffic from the rest of the network. However, if your network is not congested or if your traffic patterns do not create pools of congestion, then switches may actually cause your network performance to deteriorate. This performance degradation occurs because switches examine the information inside each signal on your network (to determine the addresses of the sender and receiver) and therefore process network information more slowly than hubs. Recently, manufacturers have begun to offer switches that examine OSI level 3 (network routing) information such as that contained in the IP portions (rather than the data link portions) of a network signal. Later in this chapter, you will discover that routers also examine this information. Level 3 switches blur the distinction between switches and routers. Level 3 switches can replace routers within your network or between your network and the Internet (while level 2 switches can replace hubs, but not routers).
Page | 14
VLAN
for the networking devices such as VLANs. They also increase the working ability of the parts connected by the switches.
8. Types of VLAN's
VLAN membership can be classified by port, MAC address, and protocol type.
Page | 15
VLAN
The main disadvantage of this method is that it does not allow for user mobility. If a user moves to a different location away from the assigned bridge, the network manager must reconfigure the VLAN.
Figure: Assignment of MAC addresses to different VLAN's. The main problem with this method is that VLAN membership must be assigned initially. In networks with thousands of users, this is no easy task. Also, in environments where notebook PC's are used, the MAC address is associated with the docking station and not with the notebook PC. Consequently, when a notebook PC is moved to a different docking station, its VLAN membership must be reconfigured.
Page | 16
VLAN
Figure: Assignment of IP subnet addresses to different VLAN's. Although VLAN membership is based on Layer 3 information, this has nothing to do with network routing and should not be confused with router functions. In this method, IP addresses are used only as a mapping to determine membership in VLAN's. No other processing of IP addresses is done. In Layer 3 VLAN's, users can move their workstations without reconfiguring their network addresses. The only problem is that it generally takes longer to forward packets using Layer 3 information than using MAC addresses.
Page | 17
VLAN
Page | 18
VLAN
Figure9: Hybrid link containing both VLAN-aware and VLAN-unaware devices. It must also be noted that the network can have a combination of all three types of links.
9. Frame Processing
A bridge on receiving data determines to which VLAN the data belongs either by implicit or explicit tagging. In explicit tagging a tag header is added to the data. The bridge also keeps track of VLAN members in a filtering database which it uses to determine where the data is to be sent. Following is an explanation of the contents of the filtering database and the format and purpose of the tag header .
VLAN
source address and VLAN ID (VID), is received, and updates the filtering database. The entry is updated only if all the following three conditions are satisfied: a) this port allows learning, b) the source address is a workstation address and not a group address, and c) there is space available in the database. Entries are removed from the database by the ageing out process where, after a certain amount of time specified by management (10 sec --- 1000000 sec), entries allow automatic reconfiguration of the filtering database if the topology of the network changes. There are three types of dynamic entries: a) Dynamic Filtering Entries: which specify whether frames to be sent to a specific MAC address and on a certain VLAN should be forwarded or discarded. b) Group Registration Entries: which indicate for each port whether frames to be sent to a group MAC address and on a certain VLAN should be filtered or discarded. These entries are added and deleted using Group Multicast Registration Protocol (GMRP). This allows multicasts to be sent on a single VLAN without affecting other VLAN's. c) Dynamic Registration Entries: which specify which ports are registered for a specific VLAN. Entries are added and deleted using GARP VLAN Registration Protocol (GVRP), where GARP is the Generic Attribute Registration Protocol. GVRP is used not only to update dynamic registration entries, but also to communicate the information to other VLAN-aware bridges. In order for VLAN's to forward information to the correct destination, all the bridges in the VLAN should contain the same information in their respective filtering databases. GVRP allows both VLAN-aware workstations and bridges to issue and revoke VLAN memberships. VLAN-aware bridges register and propagate VLAN membership to all ports that are a part of the active topology of the VLAN. The active topology of a network is determined when the bridges are turned on or when a change in the state of the current topology is perceived. The active topology is determined using a spanning tree algorithm which prevents the formation of loops in the network by disabling ports. Once an active topology for the network (which may contain several VLAN's) is obtained, the bridges determine an active topology for each VLAN. This may result in a different topology for each VLAN or a common one for several VLAN's. In either case, the VLAN topology will be a subset of the active topology of the network (see Figure 10).
Page | 20
VLAN
Figure: Active topology of network and VLAN A using spanning tree algorithm.
9.4. Tagging
When frames are sent across the network, there needs to be a way of indicating to which VLAN the frame belongs, so that the bridge will forward the frames only to those ports that belong to that VLAN, instead of to all output ports as would normally have been done. This information is added to the frame in the form of a tag header. In addition, the tag header: i) Allows User Priority Information To Be Specified, ii) Allows Source Routing Control Information To Be Specified, And iii) Indicates The Format Of Mac Addresses. Frames in which a tag header has been added are called tagged frames. Tagged frames convey the VLAN information across the network. The tagged frames that are sent across hybrid and trunk links contain a tag header. There are two formats of the tag header: i) Ethernet Frame Tag Header: The ethernet frame tag header (see Figure11) consists of a tag protocol identifier (TPID) and tag control information (TCI).
Page | 21
VLAN
Figure11: Ethernet frame tag header. ii) Token Ring and Fiber Distributed Data Interface (FDDI) tag header: The tag headers for both token ring and FDDI networks consist of a SNAP-encoded TPID and TCI.
Figure12: Token ring and FDDI tag header. TPID is the tag protocol identifier which indicates that a tag header is following and TCI (see Figure 13) contains the user priority, canonical format indicator (CFI), and the VLAN ID.
Figure13: Tag control information (TCI). User priority is a 3 bit field which allows priority information to be encoded in the frame. Eight levels of priority are allowed, where zero is the lowest priority and seven is the highest priority. How this field is used is described in the supplement 802.1p. The CFI bit is used to indicate that all MAC addresses present in the MAC data field are in canonical format. This field is interpreted differently depending on whether it is an ethernet-encoded tag header or a SNAP-encoded tag header. In SNAP-encoded TPID the field indicates the presence or absence of the canonical format of addresses. In ethernet-encoded TPID, it indicates the presence of the Source-Routing Information (RIF) field after the length field. The RIF field indicates routing on Ethernet frames. The VID field is used to uniquely identify the VLAN to which the frame belongs. There can be a maximum of (212- 1) VLAN's. Zero is used to indicate no VLAN ID, but that user priority information is present. This allows priority to be encoded in non-priority LAN's.
Page | 22
VLAN
10. Conclusion
As we have seen there are significant advances in the field of networks in the form of VLAN's which allow the formation of virtual workgroups, better security, improved performance, simplified administration, and reduced costs. VLAN's are formed by the logical segmentation of a network and can be classified into Layer1, 2, 3 and higher layers. Only Layer 1 and 2 are specified in the draft standard 802.1Q. Tagging and the filtering database allow a bridge to determine the source and destination VLAN for received data. VLAN's if implemented effectively, show considerable promise in future networking solutions.
Page | 23
VLAN
11. References
1) David Passmore, John Freeman, ``The Virtual LAN Technology Report,'' March 7, 1997, http://www.3com.com/nsc/200374.html A very good overview of VLAN's, their strengths, weaknesses, and implementation problems. 2) IEEE, ``Draft Standard for Virtual Bridge Local Area Networks,'' P802.1Q/D1, May 16, 1997, This is the draft standard for VLAN's which covers implementation issues of Layer 1 and 2 VLAN's. 3) Mathias Hein, David Griffiths, Orna Berry, ``Switching Technology in the Local Network: From LAN to Switched LAN to Virtual LAN,'' February 1997, Textbook explanation of what VLAN's are and their types. 7) Susan Biagi, "Virtual LANs," Network VAR v4 n1 p. 10-12, January 1996, An Overview of VLAN's, advantages, and disadvantages. 8) David J. Buerger, ``Virtual LAN cost savings will stay virtual until networking's next era,'' Network World, March 1995, A short summary on VLAN's. 9) IEEE, ``Traffic Class Expediting and Dynamic Multicast Filtering,'' 802.1p/D6, April 1997, This is the standard for implementing priority and dynamic multicasts. Implementation of priority in VLAN's is based on this standard.
Page | 24
VLAN
12. Abbreviations
CFI - Canonical Format Indicator FDDI - Fiber Distributed Data Interface FTP - File Transfer Protocol GARP - Generic Attribute Registration Protocol GMRP - Group Multicast Registration Protocol GVRP - GARP VLAN Registration Protocol IEEE - Institute of Electrical and Electronic Engineers LAN - Local Area Network MAC - Media Access Control RIF - Source-Routing Information TCI - Tag Control Information TPID - Tag Protocol Identifier VID - VLAN ID VLAN - Virtual Local Area Network
Page | 25