Presentation is loading. Please wait.

Presentation is loading. Please wait.

Protocol-based VLAN (IEEE 802.1v) by Robert Wu (吳經義) August 30, 2002 1.

Published byRosa Franklin Modified over 9 years ago

Similar presentations

Presentation on theme: "Protocol-based VLAN (IEEE 802.1v) by Robert Wu (吳經義) August 30, 2002 1."— Presentation transcript:

1 Protocol-based VLAN (IEEE 802.1v) by Robert Wu (吳經義) August 30, 2002 1

2 AGENDA Virtual LAN Concept II. Ethernet Frame Format
III. How to Implement Protocol-based VLAN 2

3 Standard & References IEEE Draft P802.1v/D6
Standard for Supplement to IEEE 802.1Q VLAN Classification by Protocol & Port Nov. 28, 2000 IEEE Standards for Local & Metropolitan Area Networks : Virtual Bridged Local Area Networks July, 1998 IEEE Standard Frame Extensions for Virtual Bridged Local Area Network (VLAN) Tagging on Networks IEEE std 802.3ac-1998 A Standard for the Transmission of IP Datagrams over IEEE 802 Networks RFC 1042, Feb. 1988 Recommended Practice for MAC Bridging of Ethernet V2.0 in IEEE 802 Local Area Networks IEEE802.1H, 1995 Draft Standard for Local & Metropolitan Area Networks: Overview and Architecture IEEE P802/D29, 2001 7. The Switch Book by Rich Seifert 3

4 Virtual LAN Concept VLAN technology allows users to separate logical connectivity from physical connectivity. Users are still connected via physical cables to physical wiring devices, but the connectivity view from application is no longer restricted to the bounds of physical topology. ES #1 2 3 4 5 1 6 7 8 9 ES #2 ES #3 13 18 10 11 12 14 15 16 17 19 4

5 Layer-3(Network)-based VLAN Application-based VLAN
VLAN Membership Port-based VLAN MAC-based VLAN Protocol-based VLAN Layer-3(Network)-based VLAN Application-based VLAN 5

6 Tagged Ethernet Frame Format
Preamble 7 octets S F D 1 octet 6 octets Destination Address Source Address 6 octets 802.1Q Tag Type 81-00 TCI 2 octets 2 octets TAG Control Information MAC Length/Type 2 octets MAC client data octets 4 octets F C S 6

7 Tagged Frame Format(Con’t)
I VLAN Identifier(VID) User_priority CFI is the Canonical Format Indicator Tag header contains Tag Protocol ID & Tag Control Information(TCI) Tag Header is inserted between last octet of source field and first octet of Type/Length field 7

8 Ethernet Frame Format DA SA DA SA Untagged frame Remainder of frame
6 bytes 6 bytes 2 bytes Untagged frame DA SA Type Remainder of frame 6 bytes 6 bytes 4 bytes 802.1Q Tagged frame DA SA Tag Type Remainder of frame TPID COS CFI VLAN id 16 bits 3 bits 1 bit 12 bits 8

9 Individual VLAN Learning
Generic Router R All VLANs can share a single server—less routing R1 R2 Could also use .1Q trunk—Trunks must be tagged IP.1.0 IP.2.0 Sv1 IP.1.A IP.2.B 25 12 13 Switch with multiple FDBs VLA VLB ES1 4 5 1 2 ES2 ES4 IP.1.0 IP.2.0 ES3 9

10 All VLANs can share a single server—less routing
Shared VLAN Learning Generic Router R All VLANs can share a single server—less routing R1 R2 IP.1.0 IP.2.0 Sv1 IP.1.A IP.2.B 25 12 13 Switch with SFDB VLAN A VLAN B ES1 1 2 4 5 ES2 ES4 IP.1.0 IP.2.0 ES3 10

11 Protocol-based VLAN Match “port” and “protocols” VLAN-2 VLAN-27 VLAN-4
EtherSwitch-12 EtherSwitch-13 IP user-5 VLAN-2 IP user-2 IP user-6 VLAN-27 Host-10 UNIX IP Host-7 AppleTalk Server IPX user-4 IPX user-1 IPX Server VLAN-4 IP & IPX user-9 Match “port” and “protocols” 11

12 IP Frame Encapsulation
IP Protocol Data IP HDR Source Address Type or Length Ethernet Data Destination Address CRC (Type=0x0800 ) The IP layer is responsible for transferring data across routers between hosts on the Internet. 12

13 IP Header Format Total: 20 bytes Total Length Identification
4 8 C E 10 14 VERS LEN Type Of Service Total Length Identification Flags Fragment Offset Protocol Time To live Header Checksum Source IP Address Protocol field: ICMP IGMP TCP EGP 17 - UDP 89 - OSPF Destination IP Address Option Padding D A T A Total: 20 bytes 13

14 II. Ethernet Frame Format III. How to Implement Protocol-based VLAN
Virtual LAN Concept II. Ethernet Frame Format III. How to Implement Protocol-based VLAN 14

15 Ethernet Frame Format Ethernet II Frame Preamble Type CRC 8 bytes 6 2
Destination MAC Address Source Type CRC 8 bytes 6 2 0-1500 4 IP Datagram IEEE with SNAP Frame Preamble Destination MAC Address Source Length CRC 8 bytes 6 2 4 DATA 0-1500 IP Packet Control 03 SSAP AA DSAP OUI/Protocol ID Note : OUI – 0000F8 for Bridge Tunnel Encapsulation Protocol 15

16 Tagged Ethernet Frame Format
SNAP Encoded 10 bytes FC DA SA AA-AA Packet... AA-AA Len IEEE 802.1Q Tag SNAP Header 16

17 Multiple protocols above LLC sublayer
Standard network layer protocols have been assigned reserved LLC addresses in ISO/IEC TR Other protocols are : 1) local assignment of LSAPs; 2) Sub-Network Access Protocol (SNAP) 6 bytes 6 bytes 2 bytes DA SA Type Remainder of frame Constant Copy Copy BPDU Data Control 03 SSAP 42 DSAP OUI/Protocol ID or IP Packet Control 03 SSAP AA DSAP OUI/Protocol ID 17

18 Ethernet MAC Frame Preamble CRC 8 bytes 6 2 4 DATA 0-1500 Packet Data
Ethernet MAC frame format includes 16-bit type/length value: Length Field Interpretation Undefined Type Field Interpretation hex DC FFFF decimal <----- Length Field Type Field > (IEEE format) (DIX format) Preamble Destination MAC Address Source Length/ Type CRC 8 bytes 6 2 4 DATA 0-1500 Packet Data LLC Control SSAP DSAP OUI/Protocol ID 1 1 1 5 18

19 Header Format in RFC1042 MAC Header 802.3/4/5 MAC 802.2 LLC 802.3 SNAP
DSAP SSAP Control 802.3 SNAP OUI/Protocol ID 19

20 Frame Types Length-encapsulated 802.3 frame Ethernet-2 DA/SA Type
Type-encapsulated IPX Raw frame LLC_other DA/SA Length FF-FF Length-encapsulated 802.3 frame(RFC 1042) RFC_1042 DA/SA Length AA-AA-03 Type Length-encapsulated 802.3/SNAP frame SNAP_other DA/SA Length AA-AA-03 Protocol ID Length-encapsulated 802.3 frame(802.1H) SNAP_8021H DA/SA Length AA-AA-03 00-00-F8 Type Tagged DA/SA 81-00 TCI 802.3 tagging frame 20

21 II. Ethernet Frame Format How to Implement Protocol-based VLAN
Virtual LAN Concept II. Ethernet Frame Format How to Implement Protocol-based VLAN Protocol-based VLAN per port-based, not for whole system Detect the value of the Length/Type field in a MAC frame 21

22 Frame Classification Yes No Yes No Yes No Yes No
Tagged Frame? Frame associated to matching VLAN(tag = VLAN ID) No Yes MAC belongs to MAC VLAN? Frame associated to matching VLAN(MAC-based VLAN) No IP SA belongs To IP VLAN? Yes Frame associated to matching VLAN(IP subnet-based VLAN) No Ether Type belongs to one of Protocol-based VLAN? Yes Frame associated to matching VLAN(Protocol-based VLAN) No Order of precedence in VLAN membership: VLAN ID, MAC-based VLAN, IP subnet-based VLAN, Protocol-based VLAN, then port-based VLAN. Frame associated to matching VLAN corresponding to the port 22

23 Protocol-based VLANs For Layer 3 module, protocol-based VLANs enable you to use protocol type and switching ports as the distinguishing characteristic for your VLANs. Important Consideration When you create this type of VLAN interface, review these guidelines : . If you plan to use the VLAN for bridging purposes, select one or more protocols per VLAN. Select them one protocol at a time. . If you plan to use the VLAN for routing, you can select one or more protocols per VLAN, one protocol at a time, and subsequently define a routing interface for each routable protocol that is associated with the VLAN. You can perform routing as follows : ~ You can route between VLANs defined on Layer-3 modules ~ You can use a Layer 3 module to route between VLANs that are defined on Layer 3 modules . The Layer 3 modules support routing for two protocol suites : IP & IPX. . To define a protocol-based VLAN interface, specify this information : 23

24 ~ The VID, or accept the next-available VID
~ The switching ports that are part of the VLAN interface. (If you have trunk ports, specify the anchor port for the trunk) ~ The protocol for the specified ports in the VLAN ~ IEEE 802.1Q tagging must be selected for ports that overlap on both port and protocol (for example, if two IPX VLANs overlap on port 3). ~ The name of this VLAN interface. . If you use IP as the protocol and also specify a Layer 3 address, the protocol-based VLAN becomes a network-based VLAN. You should consider removing an network-based VLANs and defining multiple IP interface per VLAN. The protocol suite describes which protocol entities can comprise a protocol- based VLAN. For example, VLANs on the Layer 3 module support the IP protocol suite, which has three protocol entities (IP, ARP, and RARP). 24

25 Support Protocol Suites for VLAN Configuration
Protocol Protocol Entries No. of protocol No. of protocol Suite Suites in a Suite IP IP, ARP, RARP(Ethernet-2, SNAP PID Novell IPX(supports all of below 4 IPX types) IPX IPX-type II(Ethernet-II) IPX LLC(DSAP/SSAP : 0xE0) IPX Raw(DSAP/SSAP : 0xF0) AppeTalk DDP, AARP(Ethernet-II, SNAP PID) Xerox XNS IDP, XNS address translation, XNS XNS compatibility(Ethernet-II, SNAP PID) DEXnet DEC MOP, DEC Phase IV, DEC LAT, DEC LAVC(Ethernet-II, SNAP PID) SNA SNA service over Ethernet(Ethernet-II DSAP/SSAP : 0x04 & 0x05) Banyan Banyan(Ethernet-II, DSAP/SSAP : 0xBC , SNAP PID) X X.25 Layer-3(Ethernet-II) NetBIOS NetBIOS(DSAP/SSAP : 0xF0) Default Default (all protocol types) (unspecific) 25

26 VLANs and the number of protocols :
Your Layer 3 modules impose two important limits regarding the number of VLANs and the number of protocols : . Number of VLANs supported - To determine the minimum number of VLANs that the Layer 3 module can support, use the equation described in “Number of VLANs” here. A Layer 3 module supports a maximum of 64 VLANs. . Maximum number of protocols - Use the value 15 as the limit of protocols that can be implemented on the Layer 3 module. A protocol suite that is used in more than one VLAN is counted only once towards the maximum number of protocols. Establishing routing between VLANs Your Layer 3 modules support routing IP, IPX VLANs. If VLANs are configured for other routable network layer protocols, they can communicate between them only via an external router or a Layer 3 module configured for routing. The Layer 3 module’s routing over bridging model lets you configure routing protocol interfaces based on a static VLAN defined for one or more protocols. 26

27 A routing interface for each protocol associated with the VLAN.
You must first define a VLAN to support one or more protocols and then assign A routing interface for each protocol associated with the VLAN. Important Considerations To create an IP interface that can route through a static VLAN, you must : 1. Create a protocol-based IP VLAN for a group of switching ports. (If the VLAN overlaps with another VLAN on any ports, be sure that you define in in accordance with the requirements of your VLAN mode). (This IP VLAN does not need to contain Layer 3 information unless you want a network-based IP VLAN). 2. Configure an IP routing interface with a network address and subnet mask and specify the interface type vlan. 3. Select the IP VLAN interface index that you want to bind to that IP interface. If Layer 3 information is provided in the IP VLAN interface for which you are configuring an IP routing interface, the subnet portion of both addresses must be compatible. 27

28 . IP VLAN subnet 157.103.54.0 with subnet mask of 255.255.255.0
For example : . IP VLAN subnet with subnet mask of . IP host interface address with subnet mask of Layer 2 (bridging) communication is still possible within an IP VLAN (or router interface) for the group of ports within that IP VLAN. For IVL, IP data destined for a different IP subnetwork uses the IP routing interface to reach that different subnetwork even if the destination subnetwork is on a shared port. For SVL, using the destination MAC address in the frame causes the frame to be bridged; otherwise, it is routed in the same manner as for IVL. Enable IP routing. You perform similar steps to create IPX routing interfaces. Example 1: Routing between Layer 3 modules The configuration in Figure shows routing between Layer 3 modules. in this configuration : 28

29 IPX Raw Frame Format Dest Src Length D A T A FCS IPX NetWare Core FFFF
Header NetWare Core Protocol FFFF 29

30 IPX-802.2 Frame Format Dest Src Length 802.2 D A T A FCS 30 DSAP E0
SSAP E0 Cntl 03 IP protocol 8137 IPX header 30

31 IPX-802.3/802.2/SNAP Frame Format
Dst Src Length DATA FCS DSAP AA SSAP AA Cntl 03 Prot ID 000000 Type 8137 IPX Header 31

32 SAP Values for Frame 04 06 AA BC E0 F0 F4 FF
SNA IP SNAP Banyan IPX NetBIOS Lan Mgr. IPX-802.3 AA BC E F F FF For example : IP can be encapsulated in an “Ethernet” frame 3 ways : Ethernet-II frame Type = x0800 802.3 with frame SAP code = x06 802.3 with SNAP frame SAP code = xAA (indicates SNAP header) Control = x03 SNAP OUI = x (indicates SNAP Ether type same as Ethernet-II type) SNAP Ether type = x0800 32

33 Protocol Suites Configuration
Protocol Suites Protocol Entries DSAP/SSAP IP (IP) 0806 (ARP) 0835 (RARP) IPX-II 8137 IPX LLC E0E0 IPX Raw FFFF IPX SNAP AAAA XNS (NS IDP) 0601 0807 (XNS) AppleTalk 809B 80F3(AARP) DECnet (MOP) 6002 (MOP) 6003 (Phase IV) 6004 (LAT) 6007 (DIAG) SNA 80D 0505 0504 X NetBIOS F0F0 Banyan VINES 0BAD BCBC 33

34 NetWare’s Ethernet Frame Type
IEEE “raw” This follows IEEE standard frame specification without the 802.2 header. After the length field, Novell decided to use first 2-byte in the data portion of the packet, the IPX checksum field, to identify an raw frame using the IPX/SPX protocol. It’s Hex value is 0xFFFF. Ethernet II This follows the DIX Specification. The frame type field is always greater than 1500 octets. Novell was assigned Hex 0x8137 value for IPX/SPX. IEEE with 802.2 This follows IEEE standard frame specification with header. NetWare IPX/SPX packets contain the Hex value 0xE0E0 in the DSAP & SSAP fields. IEEE with SNAP This follows IEEE standard frame specification with SNAP protocol. The value of DSAP & SSAP fields in header are both set to 0xAA. Novell was assigned Hex 0x8137 value in protocol type field for IPX/SPX. 34

35 the unspecified protocol type.
To perform the calculation, determine the total number of protocol suites on your system. Remember to include the unspecified type for the default VLAN, even if you have removed the default VLAN and do not have other VLAN defined with the unspecified protocol type. Use the following guideline to count the protocol suites that are used on the Layer-3 module : . IP counts as one protocol suite for IP VLANs . AppleTalk counts as one protocol suite for AppleTalk VLANs . Generic IPX, which uses all four IPX types, counts as four protocol suites. (Each IPX type alone counts as one). To conserve VLAN resources, it is better to specify a specific IPX frame type than to use generic IPX. . DECnet counts as one protocol suite for DECnet VLANs. . The unspecified type of protocol suite counts as one, whether or not the default VLAN or port-based VLANs are defined. Even if you have only the unspecified protocol suite on the system, the limits is still 64 VLANs. . X.25, SNA, Banyan VINES, and NetBIOS each count as one protocol suite for their respective VLANs. 35

36 Protocol Group Database
Frame Type Value GroupID Ethernet B Ethernet B RFC_ B RFC_ B LLC_other FEFE C LLC_other FFFF A SNAP_other B C SNAP_8021H F A Port No GroupID VID VLAN No B C B C A 36

37 Protocol Filtering Scheme
There are two mechanism : Forwarding rule is based on mapping either the packet’s Ethernet type or DSAP/SSAP to a port-specific VLAN ID Filtering technique with mask string 37

38 Protocol Classification Algorithm
0x5DC<it< 0x600 >=0x0600 Examine Type/ Length field? Decode LSAP <=0x05DC Invalid Type/Length Examine DSSP/SSAP/ Control =0xFFFF/E0E0 for raw IPX/IPX-II =0xF0F0 for NetBIOS =0xAAAA03 =0x for RFC1042 =0x0000F8 for IEEE802.1H =others for unknown protocol Examine SNAP OUI =0x080007 N SNAP protocol ID=0x809B? Y AppleTalk encapsulation Invalid protocol 38

Download ppt "Protocol-based VLAN (IEEE 802.1v) by Robert Wu (吳經義) August 30, 2002 1."

Similar presentations

IP Fragmentation. MTU Maximum Transmission Unit (MTU) –Largest IP packet a network will accept –Arriving IP packet may be larger IP Packet MTU.

IP Fragmentation. MTU Maximum Transmission Unit (MTU) –Largest IP packet a network will accept –Arriving IP packet may be larger IP Packet MTU.
CompTIA Network+ Chapter 2

CompTIA Network+ Chapter 2
“Internetworking” Bridges –Transparent bridges –Source Routing - Transparent Bridges Routers (Network Layer) Brouters 11 2 3 22 11.

“Internetworking” Bridges –Transparent bridges –Source Routing - Transparent Bridges Routers (Network Layer) Brouters
Chapter Three Network Protocols.

Chapter Three Network Protocols.
1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.

1 Fall 2005 Hardware Addressing and Frame Identification Qutaibah Malluhi CSE Department Qatar University.
Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.

Internet Control Message Protocol (ICMP). Introduction The Internet Protocol (IP) is used for host-to-host datagram service in a system of interconnected.
1 6/14/2015 06:27 CS575Internetworking & Routers1 Rivier College CS575: Advanced LANs Chapter 13: Internetworking & Routers.

1 6/14/ :27 CS575Internetworking & Routers1 Rivier College CS575: Advanced LANs Chapter 13: Internetworking & Routers.
Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn 2004-2005.

Oct 21, 2004CS573: Network Protocols and Standards1 IP: Addressing, ARP, Routing Network Protocols and Standards Autumn
Routing Fundamentals and Subnetting

Routing Fundamentals and Subnetting
CSCI 4550/8556 Computer Networks Comer, Chapter 20: IP Datagrams and Datagram Forwarding.

CSCI 4550/8556 Computer Networks Comer, Chapter 20: IP Datagrams and Datagram Forwarding.
1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.

1 Version 3.0 Module 10 Routing Fundamentals and Subnetting.
Data/Link Layer Issues Protocol & Services Topology Error Detection & Recovery.

Data/Link Layer Issues Protocol & Services Topology Error Detection & Recovery.
Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.

Defining Network Protocols Application Protocols –Application Layer –Presentation Layer –Session Layer Transport Protocols –Transport Layer Network Protocols.
Network Layer (Part IV). Overview A router is a type of internetworking device that passes data packets between networks based on Layer 3 addresses. A.

Network Layer (Part IV). Overview A router is a type of internetworking device that passes data packets between networks based on Layer 3 addresses. A.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
CCENT Study Guide Chapter 11 VLANs and Inter-VLAN Routing.

CCENT Study Guide Chapter 11 VLANs and Inter-VLAN Routing.
TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,

TCP/IP Networking sections 13.2,3,4,5 Road map: TCP, provide connection-oriented service IP, route data packets from one machine to another (RFC 791) ICMP,
Module 10. Internet Protocol (IP) is the routed protocol of the Internet. IP addressing enables packets to be routed from source to destination using.

Module 10. Internet Protocol (IP) is the routed protocol of the Internet. IP addressing enables packets to be routed from source to destination using.
G64INC Introduction to Network Communications Ho Sooi Hock Internet Protocol.

G64INC Introduction to Network Communications Ho Sooi Hock Internet Protocol.
IEEE 802.1q - VLANs Nick Poorman.

IEEE 802.1q - VLANs Nick Poorman.

Similar presentations

Ads by Google