Presentation on theme: "Session #: 7061 Dwight Reifsnyder Virtual LANS. Session #: 706 Whats the Point? Why Bother? IEEE 802.1Q tagging (VLAN) is a useful method of managing."— Presentation transcript:
Session #: 7061 Dwight Reifsnyder Virtual LANS
Session #: 706 Whats the Point? Why Bother? IEEE 802.1Q tagging (VLAN) is a useful method of managing VoIP traffic in your LAN. Avaya recommends that you establish a voice VLAN, set L2QVLAN to that VLAN and provide voice traffic with priority over other traffic. IP Phones LAN Admin Guide, Feb 2007
Session #: EYAWTK – Session Overview Provide a basic understanding of VLANS Discuss IP phone VLAN implementation We might accidentally learn some other useful information if we are not careful
Session #: 706 Broadway Suites Service Provider for downtown Boulder office buildings, including Executive Suites Multiple, diverse businesses in one space Fortune 500 services on a small company budget
Session #: 706 Broadway Suites
Session #: What is a Virtual LAN? A virtual LAN, commonly known as a VLAN, is a method of creating independent logical networks within a physical network. Virtual LANs operate at Layer 2 (the data link layer) of the OSI model. Wikipedia
Session #: 706 Background – The 7 layer burrito OSI Model Squishy, not specific VLANs are in Layer 2
Session #: 706 What Lives at Layer 2? Software – Ethernet Protocol End Points Ethernet Hubs Ethernet Switches
Session #: 706 L2 Hardware – Endpoints Phones and PCs are multi layer devices We will talk about them at layer 2 today
Session #: 706 L2 Hardware – Network Hub Network Hubs – broadcast traffic not very efficient
Session #: 706 L2 Hardware – Network Switch Network Switches – Starts like a hub Gradually directs traffic to specific ports instead of broadcast How do they do that?
Session #: 706 Detour - L2 MAC Addresses Like a VIN Number on a car Unique to each and every network device E D MAC addresses are used to identify the sender and recipient of an ethernet packet
Session #: 706 Network Switch Stores MAC addresses and associated port numbers in a table Makes network more efficient!
Session #: 706 Evolution - Managed Switches Have a user console that can show - If a port is connected or not Port speed (10MB, 100MB, 1000MB) MAC address table Calls out with alarms Best solution for Administrators Cost more $$$$$!
Session #: 706 Segregation – Sorry Dr. King.. Sometimes we need to have departments separated – HR, confidentiality Marketing, high bandwidth usage Operations Each department needs its own LAN
Session #: 706 Segregation – The Old Way Multiple Managed Network Switches Costly Complex
Session #: 706 Segregation – The New Idea Multiple MAC Address Tables One switch, divided into 'Virtual LANs Great idea, how would it work?
Session #: 706 Detour - RFCs (secret recipes) Request for Comments Internet Engineering Task Force (IETF) Institute of Electrical and Electronics Engineers (IEEE)
Session #: 706 Some Common RFCs 802.1a,b,g,etc Wireless Ethernet (WiFi) 854Telnet 802.1xNetwork Access Control 1719Private Class IP numbers 821SMTP (Simple Mail Transport Protocol) 1939POP3 (Post Office Protocol 3) 802.3AFPower Over Ethernet 2131DHCP (Dynamic Host Configuration)
Session #: 706 RFC 802.1q - VLANs Defines how to segregate a single L2 network switch into multiple virtual' LANs or networks with multiple MAC tables One managed network $witch can now serve multiple departments without losing security or performance
Session #: 706 Layer 2 Switch with VLANs Logical evolution from switching table Port based VLAN identification – every port belongs to a VLAN Separate broadcast domains VLAN 1 – Operations VLAN 2 – Human ResourcesVLAN 3 – Marketing
Session #: 706 VLANs Across Switches
Session #: 706 VLAN Tags – Don't Lose my Bag DEN CHI NYC ELM SAT
Session #: 706 VLAN Tags – Ethernet Packets Ethernet packet fields Header Payload End VLAN tagging information is added to the header, making it slightly longer
Session #: 706 VLAN Trunking Across Switches The ports which join the switches are defined as belonging to native VLAN and a secondary VLAN. The secondary VLAN sends tagged packets so they can be segregated
Session #: 706 Read you loud and clear… VLAN compliant devices can accept tagged or untagged packets Packets without tags stay in the native VLAN (port based VLAN) Packets with tags go into the VLAN defined by the tag (if that VLAN is allowed on that port)
Session #: 706 Eh? What was that? Non VLAN compliant devices discard tagged packets – they have an invalid header length!
Session #: 706 What Devices Read Tags? VLAN compliant switches VLAN compliant IP phones Microsoft Windows ? X
Session #: 706 Review - Who Sends Tags? Devices are all in Port Based VLANs – no tagsTrunk between switches must send and receive tags
Session #: q VLAN Port Parameters Native VLAN (port based VLAN) Secondary VLANs Tagging
Session #: 706 IP Phone Deployment Avaya suggests that phones should always be in their own VLAN Increases security Cuts down on broadcast traffic Increases voice quality Makes troubleshooting easier
Session #: 706 IP Phones have a Network Switch! 2 VLANs, 1 Port! The phone contains a VLAN compliant 3 port network switch!!
Session #: 706 Detour – Phones & DHCP & VLANs DHCP is an ethernet broadcast request used by devices to get an IP number Broadcast packets do not cross VLANs Each VLAN needs its own DHCP Server
Session #: 706 Detour – Phones & DHCP & VLANs On bootup, the phone sends a DHCP request in the native VLAN (port VLAN) The phone is notified if there is a specific voice VLAN The phone sends a new DHCP request with the correct VLAN tag
Session #: 706 Review – Who Sends Tags? The green VLAN is the native VLAN for both network switch ports The blue VLAN is a secondary VLAN for both network switch ports