802.
NOTICE Cabletron Systems reserves the right to make changes in specifications and other information contained in this document without prior notice. The reader should in all cases consult Cabletron Systems to determine whether any such changes have been made. The hardware, firmware, or software described in this manual is subject to change without notice.
Notice ii 802.
CONTENTS Figures .................................................................................................... vii Tables..................................................................................................... viii PREFACE Using This Guide ............................................................................ix Structure of This Guide...................................................................ix Related Documents ..............................................................
Contents CHAPTER 3 VLAN CONFIGURATION 3.1 Managing the Switch....................................................................3-1 3.1.1 Switch Without VLANs ....................................................3-1 3.1.2 Switch with VLANs ..........................................................3-2 3.2 Summary of VLAN Local Management........................................3-4 3.2.1 Preparing for VLAN Configuration...................................3-4 3.3 802.1Q VLAN Configuration Menu Screen ...........
Contents CHAPTER 4 EXAMPLES 4.1 Example 1, Single Switch Operation ........................................... 4-1 4.1.1 Solving the Problem........................................................ 4-2 4.1.2 Frame Handling .............................................................. 4-3 4.2 Example 2, VLANs Across Multiple Switches.............................. 4-4 4.2.1 Solving the Problem........................................................ 4-5 4.2.2 Frame Handling ....................................
Contents vi 802.
FIGURES Figure 1-1 2-1 3-1 3-2 3-3 3-4 3-5 3-6 3-7 3-8 3-9 3-10 3-11 3-12 3-13 3-14 3-15 4-1 4-2 4-3 4-4 4-5 4-6 4-7 4-8 4-9 4-10 4-11 Page Example of a VLAN .................................................................. 1-2 Inside the Switch ...................................................................... 2-4 Switch Management with Only Default VLAN .......................... 3-1 Switch Management with VLANs ............................................. 3-2 802.1Q VLAN Screen Hierarchy .........
TABLES Table 3-1 3-2 3-3 3-4 3-5 3-6 3-7 Page 802.1Q VLAN Configuration Menu Screen Menu Items .......... 3-7 Device VLAN Configuration Screen Field Definitions ............. 3-9 Port Assignment Configuration Screen Field Definitions........ 3-15 Port Filtering Configuration Screen Field Definitions ............. 3-19 VLAN Forwarding Configuration Screen Field Definitions ..... 3-22 Protocol VLAN Configuration Screen Field Definitions ......... 3-26 Protocol Ports Configuration Screen Field Definitions ...
PREFACE Welcome to the Cabletron Systems 802.1Q VLAN User’s Guide. This guide introduces and describes Cabletron Systems’ implementation of the IEEE 802.1Q standard for 802.1Q Virtual Local Area Network (VLAN) technology, and the VLAN Local Management screens used to configure Cabletron Systems products used in 802.1Q VLAN environments. USING THIS GUIDE This guide serves as a supplement to the Local Management chapter of the Cabletron Systems user’s guides for devices that support 802.1Q VLANs.
Preface RELATED DOCUMENTS Other Cabletron Systems documents that may be useful for understanding some of the concepts introduced or discussed in this guide are listed below: The SmartSwitch user’s guide of any Cabletron Systems 802.1Q VLAN aware SmartSwitch device. The manual can be obtained from the World Wide Web in Adobe Acrobat Portable Document Format (PDF) at the following site: http://www.cabletron.
CHAPTER 1 VIRTUAL LOCAL AREA NETWORKS This chapter introduces the concepts of Virtual Local Area Networks (VLANs) and discusses the central concepts of IEEE 802.1Q VLANs. This chapter also contains information on how to contact Cabletron Systems for additional support related to VLANs. 1.1 DEFINING VLANs A Virtual Local Area Network is a group of devices that function as a single Local Area Network segment (broadcast domain).
Chapter 1: Virtual Local Area Networks Building One S S F Building Two S S F F 10 9 A 1 trunk SmartSwitch S S Member of Sales Network 8 7 6 S F B SmartSwitch F Member of Finance Network 2263-01 Figure 1-1 Example of a VLAN In this example, the Sales and Finance workstations have been placed on two separate VLANs. In a plain Ethernet environment, the entire network is a broadcast domain, and the SmartSwitches follow the IEEE 802.
Types of VLANs 1.2 TYPES OF VLANs There are a number of different strategies for creating Virtual Local Area Networks, each with their own approaches to defining a station’s membership in a particular VLAN. 1.2.1 802.1Q VLANs An 802.1Q VLAN switch determines the VLAN membership of a data frame by its Tag Header, described later in this chapter. If the frame received is not tagged, the switch classifies the frame into the VLAN that is assigned as the default VLAN of the switch.
Chapter 1: Virtual Local Area Networks 1.3 BENEFITS AND RESTRICTIONS The primary benefit of the 802.1Q VLAN technology is that it provides localization of traffic. This function also offers improvements in security and performance to stations assigned to a VLAN. While the localization of traffic to VLANs can improve security and performance, it imposes some restrictions on network devices that participate in the VLAN.
VLAN Terms The configuration is accomplished using the Local Management VLAN Forwarding Configuration screen. By default a VLAN is assigned to the FID that matches its VLAN ID. Tag Header (VLAN Tag) Four bytes of data inserted in a frame that identifies the VLAN/frame classification. The Tag Header is inserted into the frame directly after the Source MAC address field. Twelve bits of the Tag Header represent the VLAN ID. The remaining bits are other control information.
Chapter 1: Virtual Local Area Networks 1D Trunk A connection from a switch that passes only untagged traffic. By default, a port designated as a 1D Trunk port has all VLANs on its Port VLAN List and is configured to transmit all frames as untagged frames. Generic Attribute Registration Protocol (GARP) GARP is a protocol used to propagate state information throughout a switched network. GARP VLAN Registration Protocol (GVRP) A GARP application used to dynamically create VLANs across a switched network.
Getting Help 1.5 GETTING HELP For additional support related to this device or document, contact Cabletron Systems using one of the following methods: World Wide Web http://www.cabletron.com/ Phone (603) 332-9400 Internet mail support@cabletron.com FTP ftp://ftp.cabletron.com/ anonymous your email address Login Password To send comments or suggestions concerning this document, contact the Cabletron Systems Technical Writing Department via the following email address: TechWriting@cabletron.
Chapter 1: Virtual Local Area Networks 1-8 802.
CHAPTER 2 VLAN OPERATION This chapter describes the operation of a VLAN switch and discusses the operations that a VLAN switch performs in response to both normal and VLAN-originated network traffic. 2.1 DESCRIPTION The 802.1Q VLAN operation is slightly different than the operation of traditional switched networking systems. These differences are due to the importance of keeping track of each frame and its VLAN association as it passes from switch to switch or from port to port within a switch. 2.
Chapter 2: VLAN Operation 2.3 CONFIGURATION PROCESS Before a VLAN can operate, steps must be performed to configure the switch to establish and configure a VLAN. Cabletron Systems VLAN aware SmartSwitches default to operate in the 802.1Q VLAN mode. However, further configuration is necessary to establish multiple logical networks. NOTE 2.3.1 The actual steps involved in VLAN configuration using Local Management are presented in Chapter 3, VLAN Configuration.
VLAN Switch Operation 2.3.3 Customizing the VLAN Forwarding List Each port on a VLAN aware switch has a VLAN forwarding list that contains, as a minimum, the PVID of the VLAN configured. Additionally, the Port VLAN Forwarding List of each port can be configured to allow any number of VLANs to be added to its list. In the case of GMRP (dynamic VLANs), the list can have VLANs added and deleted by the switch as directed by the protocol. 2.4 VLAN SWITCH OPERATION IEEE 802.
Chapter 2: VLAN Operation Figure 2-1 depicts the inside of a switch with six ports, numbered one through six. The switch has been configured to associate VLAN A and B with FID 2, VLAN C and D with FID 3, and VLAN E with FID 4. Port 6 has been classified as a 1Q Trunk Port. This classification establishes that all VLANs are members of the Port VLAN List for Port 6 and the frames transmitted for all VLANs will contain a tag header.
VLAN Switch Operation The switch will now make a forwarding decision on the frame, as described in Section 2.4.2, Forwarding Decisions. Tagged Frames In this example, the switch receives a tagged frame from Port 4. The switch examines the frame and notices the frame is tagged for VLAN C. This frame may have already been through a VLAN aware switch, or originated from a station capable of specifying a VLAN membership.
Chapter 2: VLAN Operation For example, assume that a frame is received by the switch depicted in Figure 2-1. This frame is a unicast untagged frame received on Port 3. The frame is then classified for VLAN C. The switch then makes its forwarding decision by comparing the destination MAC address to its filtering database. In this case, the MAC address is looked up in the filtering database FID 3, which is associated with VLAN C and VLAN D.
CHAPTER 3 VLAN CONFIGURATION This chapter describes how to set up the switch for local or remote management, and the VLAN Local Management screens used to create and configure VLANs in a SmartSwitch. 3.1 MANAGING THE SWITCH The switch may be managed locally via a terminal connected to the COM port, or remotely (SNMP or Telnet sessions) from a management station connected to a switch port that is a member of the same VLAN as the switch’s Host Data Port. (By default, this is the default VLAN.
Chapter 3: VLAN Configuration 3.1.2 Switch with VLANs If the switch is to be configured for multiple VLANs, it may be desirable to configure a management-only VLAN. This allows a management station connected to the management VLAN to manage all ports on the switch and make management secure by preventing management via ports assigned to other VLANs. NOTE The switch’s virtual Host Data Port, like any other port, has configurable VLAN membership.
Managing the Switch b. Set the FID so the Management VLAN has its own number to make the VLAN secure. In this example, the FID is 3 and no other VLAN should be assigned to this FID. This keeps the new VLAN from sharing its filtering database with other VLANs in the switch. For details on defining a VLAN, refer to Section 3.4.1. 2. Use the Port Assignment Configuration screen for the following: a. Assign the VLAN ID, 2, of the new Management VLAN to a port. In this example, it is port 1.
Chapter 3: VLAN Configuration 3.2 SUMMARY OF VLAN LOCAL MANAGEMENT The VLAN configuration process is an extension of normal Local Management operations. A series of Local Management screens provides access to the functions and commands necessary to add, change, or delete VLANs and to assign ports to those VLANs. A switch supporting 802.1Q VLANs provides the VLAN Configuration screens as a standard part of its Local Management hierarchy when the switch is configured to operate in 802.1Q Mode.
802.1Q VLAN Configuration Menu Screen 3.3 802.1Q VLAN CONFIGURATION MENU SCREEN When to Use To select screens to assign switched network ports to VLANs, define new VLANs, and configure port filtering according to a VLAN list or untagged frames. Network users can be logically grouped into VLANs even if they span long physical distances over a vast, intricate physical network. The VLAN Local Management menu items listed on the 802.
Chapter 3: VLAN Configuration How to Access Use the arrow keys to highlight the 802.1Q VLAN CONFIGURATION MENU item from the module, device, or chassis specific Configuration Menu screen and press ENTER. The 802.1Q VLAN Configuration Menu screen displays. Screen Example 6C105 LOCAL MANAGEMENT 802.1Q VLAN Configuration Menu Module Type: xxxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.
802.1Q VLAN Configuration Menu Screen Menu Definitions Table 3-1 802.1Q VLAN Configuration Menu Screen Menu Items Menu Item Screen Function DEVICE VLAN CONFIGURATION Used to view, add, name, enable, or disable VLANs within the device, and also associate the VLANs to a Filter Database ID (FID). It also enables the user to configure attributes that apply to the entire switch and/or VLANs. Refer to Section 3.4 for additional information.
Chapter 3: VLAN Configuration 3.4 DEVICE VLAN CONFIGURATION SCREEN When to Use To define the operating characteristics of the switch to add, name, delete, enable, and disable VLANs, and assign VLANs to FIDs. The screen can display up to eight VLANs simultaneously. How to Access Use the arrow keys to highlight the DEVICE VLAN CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen and press ENTER. The Device VLAN Configuration screen displays.
Device VLAN Configuration Screen Field Definitions Table 3-2 Device VLAN Configuration Screen Field Definitions Use this field … To … Forward Default VLAN Out All Ports (Toggle) Assign or remove the default VLAN from the Port VLAN List for all ports. When set to YES, the default VLAN is added to the Port VLAN List of all ports that do not already include it. When set to NO, the default VLAN is removed from the Port VLAN List of any port that does not have the default VLAN as its PVID.
Chapter 3: VLAN Configuration 3.4.1 Defining a VLAN To define a VLAN, proceed as follows: 1. Use the arrow keys to highlight the VLAN ID field. 2. Enter the VLAN ID using a unique number between 2 and 4094. The VLAN IDs of 0, 1, and 4095 may not be used for user-defined VLANs. If an illegal number is entered, the Event Message Line will display: ”PERMISSIBLE RANGE FOR VLAN IDS: 2 to 4094” and the field will refresh with the previous value. NOTE Each VLAN ID must be unique.
Device VLAN Configuration Screen 3.4.2 Changing the VLAN to FID Association To change the association of a VLAN to a FID, proceed as follows: 1. Use the arrow keys to highlight the VLAN ID field. 2. Enter the VLAN ID of the VLAN of which the FID association is to be changed. If an illegal number is entered, the Event Message Line will display: ”PERMISSIBLE RANGE FOR VLAN IDS: 2 to 4094” and the field will refresh with the previous value. 3. Use the arrow keys to highlight the FID field. 4.
Chapter 3: VLAN Configuration 3.4.4 Deleting a VLAN To delete a VLAN from the current VLAN list, proceed as follows: 1. Enter the VLAN ID. The VLAN Name field will automatically update to display the VLAN’s name if that VLAN has been previously configured. 2. Use the arrow keys to highlight the ADD/DEL field. 3. Press the SPACE bar to select DEL. Press ENTER. The VLAN is removed from the list. The message “VLAN DELETED” displays in the Event Message Line in the upper left-hand corner of the screen. 4.
Device VLAN Configuration Screen 4. Press ENTER. The message “SAVED OK” displays. The default VLAN cannot be disabled. NOTE 3.4.7 Changing the Forwarding Mode To change the forwarding mode of the switch, proceed as follows: 1. Use the arrow keys to highlight the Forward Default VLAN Out All Ports field. 2. Press the SPACE bar or BACKSPACE to toggle between YES and NO. The YES selection places the default VLAN (VLAN ID=1) in the Port VLAN Lists of all ports on the switch.
Chapter 3: VLAN Configuration 3.5 PORT ASSIGNMENT CONFIGURATION SCREEN When to Use To select a mode of operation for each port and to assign a Port VLAN Identification (PVID) to each port. How to Access Use the arrow keys to highlight the PORT ASSIGNMENT CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen and press ENTER. The Port Assignment Configuration screen displays.
Port Assignment Configuration Screen Field Definitions Table 3-3 Port Assignment Configuration Screen Field Definitions Use this field … To … Port (Read-Only) See the port numbers of the interfaces of the current module. Port Mode (Selectable) Display the current operational mode for the corresponding port and select one of three modes: HYBRID, 1Q TRUNK, or ID TRUNK. The default is HYBRID.
Chapter 3: VLAN Configuration • 1Q TRUNK – This mode sets the port for transmitting to another 802.1Q aware device. In this mode, all frames are transmitted with a tag header included in the frame (excluding BPDUs). The switch will drop all untagged frames it receives on the 1Q Trunk port. The Port VLAN List for the port includes all VLANs. • 1D TRUNK – This mode sets the port for transmitting to a legacy 802.1D switch fabric.
Port Filtering Configuration Screen NOTE New VLAN IDs must be created with the functions available on the Device VLAN Configuration screen, discussed in Section 3.4. 3. When the desired VLAN ID is displayed, use the arrow keys to highlight the SAVE command at the bottom of the screen. 4. Press ENTER. The message “SAVED OK” displays. 3.5.
Chapter 3: VLAN Configuration How to Access Use the arrow keys to highlight the PORT FILTERING CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen and press ENTER. The Port Filtering Configuration screen displays. Screen Example 6C105 LOCAL MANAGEMENT Port Filtering Configuration Module Type: xxxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.
Port Filtering Configuration Screen Field Definitions Table 3-4 Port Filtering Configuration Screen Field Definitions Use this field … To … VLAN ID (Read-Only) See the VLAN ID of the VLANs that are configured to have their frames transmitted out the port selected in the Port # field. VLAN Name (Read-Only) See the names of the VLANs associated with the VLAN ID. If a VLAN does not have a name, “Not Defined” is displayed.
Chapter 3: VLAN Configuration NOTE The NEXT and PREVIOUS fields will only display if there are further VLANs in the list to page through. 4. To display the next screen, use the arrow keys to highlight NEXT. Press ENTER to view the entries on the next screen. 5. To display the previous screen, use the arrow keys to highlight PREVIOUS. Press ENTER to view the entries on the previous screen. 3.6.
VLAN Forwarding Configuration Screen 3.7 VLAN FORWARDING CONFIGURATION SCREEN When to Use To perform the following functions: • View the ports included in a VLAN’s Forwarding List. • Define which ports to include in the VLAN’s Forwarding List. • Specify the formats of the frames (Tagged or Untagged) that a VLAN port will forward. How to Access Use the arrow keys to highlight the VLAN FORWARDING CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen and press ENTER.
Chapter 3: VLAN Configuration Field Definitions Table 3-5 VLAN Forwarding Configuration Screen Field Definitions Use this field … To … Current VLAN Ports (Read-Only) See the ports that are currently configured to transmit frames classified to the selected VLAN. Port Type (Read-Only) See the MIB2 interface description for the selected switch port. Frame Format (Read-Only) See the frame format (Tagged or Untagged) for the frames of the selected VLAN that the port will transmit.
VLAN Forwarding Configuration Screen 3.7.2 Paging Through VLAN Forwarding List Entries To display additional entries in the VLAN Forwarding List that do not appear on the screen, use the NEXT or PREVIOUS commands located at the bottom of the screen, as follows: 1. To display the next screen, use the arrow keys to highlight NEXT. Press ENTER to view the entries on the next screen. 2. To display the previous screen, use the arrow keys to highlight PREVIOUS.
Chapter 3: VLAN Configuration 2. Use the arrow keys to highlight the Port field. Step through the available ports on the module with the SPACE bar or BACKSPACE. 3. Use the arrow keys to highlight the ADD/DELETE field. Press the SPACE bar to select DEL. Press ENTER. The Forwarding List entry will be deleted from the list of current VLANs once the configuration is saved. 4. Use the arrow keys to highlight the SAVE command at the bottom of the screen. 5. Press ENTER.
Protocol VLAN Configuration Screen How to Access Use the arrow keys to highlight the PROTOCOL VLAN CONFIGURATION menu item on the 802.1Q VLAN Configuration Menu screen and press ENTER. The Protocol VLAN Configuration screen displays. Screen Example 2E253-49R LOCAL MANAGEMENT Protocol VLAN Configuration Module Type: xxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.
Chapter 3: VLAN Configuration Field Definitions Table 3-6 Protocol VLAN Configuration Screen Field Definitions Use this field … To … VLAN ID - upper part of screen (Selectable) Display the VLAN IDs currently configured and may be selected after the screen is saved to call up the Protocol Ports Configuration screen using the ENTER key. Protocol Type upper part of screen (Selectable) Display the protocol type associated with the VLAN ID in the VLAN ID column.
Protocol VLAN Configuration Screen Table 3-6 Protocol VLAN Configuration Screen Field Definitions (Cont’d) Use this field … To … Protocol Type (Selectable) Select one of the following protocol types: IP – pertains to all IP associated Ether Types (i.e., 0x0x0800, 0x0806, and, 0x8035). IPX – pertains to all IPX associated Ether Types (i.e., 0x8137, 0x8138, and special cases, 0x0100 [LLC Type 1 Encapsulation] and 0x0101 [LLC Type 2 Encapsulation]).
Chapter 3: VLAN Configuration Table 3-6 Protocol VLAN Configuration Screen Field Definitions (Cont’d) Use this field … To … Ether type (Modifiable) Enter the values of a new Ether type when CUSTOM is selected in the Protocol Type field.The value 0x0 will display, which can be modified. A protocol may have more that one Ether Type. Any Ether Type greater than 05dc (hex) and less than ffff (hex) may be entered. The maximum number of Ether Types configured per switch is 32.
Protocol VLAN Configuration Screen 1. Use the arrow keys to highlight the VLAN ID field at the bottom of the screen. 2. Enter the VLAN ID. If a new VLAN ID is entered that has not been created on the switch, use a unique number between 2 and 4094. The VLAN IDs of 0, 1, and 4095 may not be used for user-defined VLANs. A FID will automatically be assigned to the new VLAN ID. The FID assigned will have the same value.
Chapter 3: VLAN Configuration 7. If CUSTOM was selected in the Protocol Type field, use the arrow keys to highlight the Ether type field. Otherwise, go to step 9. 8. Enter your particular protocol type in the Ether type field. 9. Use the arrow keys to highlight the Action field. 10. Press the SPACE bar to toggle the field to either ADD/MODIFY or DELETE the settings selected in the VLAN ID and Protocol Type fields. 11.
Protocol Ports Configuration Screen 3.9 PROTOCOL PORTS CONFIGURATION SCREEN When to Use To display the current ports and port types associated with a VLAN and protocol selected in the Protocol VLAN Configuration screen described in Section 3.8. The line of information selected must have been saved before it can be used to access the Protocol Ports Configuration screen as described below.
Chapter 3: VLAN Configuration Field Definitions Table 3-7 Protocol Ports Configuration Screen Field Definitions Use this field … To … Current Protocol Ports (Read-Only) Display the current ports associated with the VLAN ID. Port Type (Read-Only) Display the Port Type associated with the port in the Current Ports column. VLAN ID (Read-Only) Display the VLAN ID that is in the line of information highlighted in the Protocol VLAN Configuration screen.
Quick VLAN Walkthrough 3.9.1 Adding/Deleting Ports Associated with a VLAN ID To add or delete ports from a VLAN, proceed as follows: 1. Use the arrow keys to highlight the Port field. 2. Press the SPACE bar to step to the appropriate port number. The associated protocol is displayed for that port. 3. Use the arrow keys to highlight the DELETE ALL PORTS field. 4.
Chapter 3: VLAN Configuration 3. Use the arrow keys to highlight the VLAN ID field. Assign a number to a new VLAN by typing the number “2” in the VLAN ID field. 4. Use the arrow keys to highlight the FID field. In this example we will assign the new VLAN to FID 2 by typing the number “2” in the FID field. 5. Use the arrow keys to highlight the VLAN Name field. Type “TEST VLAN” in the VLAN Name field. Press ENTER. 6. Use the arrow keys to highlight the ADD/DEL field. 7.
Quick VLAN Walkthrough 6C105 LOCAL MANAGEMENT Device/VLAN Configuration Module Type: xxxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX Forward Default VLAN Out All Ports: [NO] 2 FID 1 2 VLAN ID: 1 FID: 2 VLAN ID 1 Admin Status VLAN Name DEFAULT VLAN TEST VLAN [Enabled] [Disabled] VLAN Name: TEST VLAN SAVE [ADD] EXIT RETURN 25993-09 Figure 3-11 Walkthrough Stage One It is now time to assign a port to this new VLAN. 9.
Chapter 3: VLAN Configuration 11. Use the SPACE bar to step sequentially through the previously configured VLAN ID numbers. When the number 0002 (the new VLAN ID) is displayed, the FID field updates to 0002, and the VLAN Name field updates showing the name assigned to this VLAN, TEST VLAN. 12. Use the arrow keys to highlight the SAVE command at the bottom of the screen. Press ENTER. The PVID for Port 3 is now configured to the TEST VLAN.
Quick VLAN Walkthrough 13. Use the arrow keys to highlight the Port Mode field for port 10. Use the SPACE bar or BACKSPACE key to step sequentially through the possible settings of the port until 1Q TRUNK is displayed. 14. Use the arrow keys to highlight the SAVE command at the bottom of the screen. Press ENTER. Port 10 is now acting as a 1Q Trunk port and every VLAN is in its Port VLAN List. The frame format for every VLAN is also set to tagged. The screen should now look like Figure 3-13.
Chapter 3: VLAN Configuration 15. On the 802.1Q VLAN Main Menu screen, use the arrow keys to highlight the DEVICE VLAN CONFIGURATION menu item. Press ENTER. The Device VLAN Configuration screen, Figure 3-14, displays. 6C105 LOCAL MANAGEMENT Device/VLAN Configuration Module Type: xxxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.
Quick VLAN Walkthrough The Port VLAN List of any port on the device can also be checked at any time using the Port Filtering Configuration screen. A list of all ports eligible to transmit frames for a given VLAN will also be listed on the VLAN Forwarding Configuration screen. Each port can also be set to filter out (drop) incoming frames that have VLAN tags that do not match with any of those in its Port VLAN List, and also filter out all untagged frames received by the port.
Chapter 3: VLAN Configuration 6C105 LOCAL MANAGEMENT Port Filtering Configuration Module Type: xxxxx-xx Slot Number: xx Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.
CHAPTER 4 EXAMPLES This chapter provides examples of how VLAN aware SmartSwitches can be configured to group users at the port level to create VLANs in existing networks. Each example presents a problem and shows how it is solved by configuring the switches using the VLAN Local Management screens. The actual procedures and screens used to configure a VLAN aware switch are covered in Chapter 3, VLAN Configuration.
Chapter 4: Examples 4.1.1 Solving the Problem To set up this switch, users will be assigned to two new VLANs, red stations to the Red VLAN, and blue stations to the Blue VLAN. The information below describes how the switch is configured to create these two VLANs and how users are assigned to them. 1. First, the switch is set for 802.1Q operation.
Example 1, Single Switch Operation The switch will now classify each frame received as belonging to either the Red or Blue VLANs. Traffic from one VLAN will not be forwarded to the members of the other VLAN, and all frames transmitted by the switch will be normal, untagged Ethernet frames. 4.1.2 Frame Handling This section describes the operations of the switch when two frames are received. The first frame is a broadcast sent by station R1. 1. Station R1 transmits the broadcast frame.
Chapter 4: Examples 6. The switch examines its VLAN configuration information and determines that the frame for Red VLAN is allowed to be forwarded out Port 1 and that it must be sent in an untagged format. 7. The switch forwards the frame out Port 1. Any other unicast transmissions between stations R1 and R2 will be handled identically. 4.2 EXAMPLE 2, VLANS ACROSS MULTIPLE SWITCHES This second example investigates the steps that must be taken to set up VLANs across multiple 802.1Q VLAN switches.
Example 2, VLANs Across Multiple Switches Redco Blue Industries 2 Bridge 1 User A Bridge 2 1 Red VLAN 4 3 Blue VLAN 4 Floor 4 Floor 3 Redco Blue Industries 2 File Server Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN Floor 2 Floor 1 User 802.1D Legacy Bridge 802.1Q VLAN Aware Switch File Server 22632_13 Figure 4-3 4.2.
Chapter 4: Examples Switch 4 Switch 4 is set as follows: 1. Two VLANs are added to the list of VLANs in the Device/VLAN Configuration screen and assigned to a FID. In this example they are as follows: • VLAN ID 2, FID 2, with a VLAN Name of Red • VLAN ID 3, FID 3, with a VLAN Name of Blue Because the VLANs are assigned to two separate FIDs, the users on VLAN ID 2 and VLAN ID 3 cannot communicate with each other. 2.
Example 2, VLANs Across Multiple Switches Switch 2 Switch 2 is set as follows: 1. Two VLANs are added to the list of VLANs using the Device/VLAN Configuration screen and assigned to a FID. In this example they are as follows: • VLAN ID 2, FID 2, with a VLAN Name of Red • VLAN ID 3, FID 3, with a VLAN Name of Blue 2.
Chapter 4: Examples 4.2.2 Frame Handling The following describes how, when User A attempts to log on to the File Server on Bridge 4, the frames from User A are classified on Switch 4 and traverse the network. In this example, the MAC address of User A is “Y” and the MAC address for the File Server is “Z”. The following description includes illustrations to help understand how the frames flow through the network. 1.
Example 2, VLANs Across Multiple Switches The VLAN Tag Header is inserted because Switch 4, Port 4 is designated as an 802.1Q Trunk port. In this case, the Port Mode setting for Port 4 is 802.1Q Trunk and the VLAN Frame format for that VLAN is tagged. Redco Blue Industries 2 User A Bridge 1 Bridge 2 1 3 4 Red VLAN Blue VLAN 4 Floor 4 Floor 3 Redco Blue Industries 2 Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN Floor 2 22631_15 Figure 4-5 Transmitting to Switch 4 3.
Chapter 4: Examples Floor 3 Redco Blue Industries 2 Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN Floor 2 2263_16 Figure 4-6 Transmitting to Bridge 4 4. The File Server responds with a unicast frame to User A. All switches between the File Server and User A have an entry in their respective Source Address Tables identifying which port to use for forwarding the frame to User A, MAC address “Y” in FID 3.
Example 3, 1D Trunk Connection to 802.1Q VLAN Network As illustrated in Figure 4-7, a third group of stations, the Green Incorporated staff, is added to the facility. Also, the Green Incorporated Network Administrators want to add a Mail Server to the network on the first floor. User B 2 Bridge 1 Bridge 2 1 Red VLAN 4 3 Blue VLAN 4 Floor 4 Floor 3 2 Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN 4 Floor 2 Green Incorporated. 2 1 Green VLAN 1 Mail Server 3 Floor 1 User 802.
Chapter 4: Examples 4.3.1 Solving the Problem Much of the existing network configuration can remain as it was for Example 2, VLANs Across Multiple Switches. However, the Forward Default VLAN Out All Ports must be set to YES on Switch 4 and 2, and a new 1Q Trunk port must be activated and configured on Switch 2. There are no other real changes to the network above the first floor. Switch 4 Switch 4 is set as follows: 1.
Example 3, 1D Trunk Connection to 802.1Q VLAN Network 2. The Forward Default VLAN Out All Ports is set to YES using the Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1. 3.
Chapter 4: Examples 2. Switch 4 receives the frame and classifies this new untagged frame as belonging to the Red VLAN. Since the frame is a broadcast, it is forwarded to any ports that are classified as eligible to receive Red VLAN frames. Switch 4 also updates its Source Address Table for FID 1, identifying User B as being located out Port 1. On Switch 4, the only port eligible to receive Red VLAN frames is Port 4, the 1Q Trunk.
Example 3, 1D Trunk Connection to 802.1Q VLAN Network Floor 3 2 Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN 4 Floor 2 2263_19 Figure 4-9 Switch 2 Forwards to 1Q Trunk 4. When Switch 1 receives the tagged broadcast frame, it also examines the tag and classifies the frame as belonging to the Red VLAN. This broadcast frame is then sent to all ports eligible to receive Red VLAN frames.
Chapter 4: Examples Switch 1 checks the Filtering Database for the MAC address of User B. User B’s MAC address is located, and Port 2 is identified as User B’s location. The frame is then checked for eligibility and frame format for Port 2. Since Port 2 is a 1Q Trunk port, it is eligible to transmit frames for all VLANs. The frame is tagged and transmitted out Port 2.
Example 4, Isolating Network Traffic According to Protocol 4.4 EXAMPLE 4, ISOLATING NETWORK TRAFFIC ACCORDING TO PROTOCOL This final example illustrates how to restrict AppleTalk protocol traffic of a network to prevent unwanted multicast frames from slowing down the whole network and yet be able to send and receive frames associated with other protocols. In this example, illustrated in Figure 4-7, the Publications Department is relocating from another site to the third floor.
Chapter 4: Examples User B 2 Bridge 1 Bridge 2 1 Red VLAN 4 3 Blue VLAN 4 Floor 4 Publications 2 2 3 4 1 3 1 3 Yellow VLAN 5 8 4 Grey VLAN Printer 5 6 7 Floor 3 2 Bridge 4 Bridge 3 1 Blue VLAN 2 File Server 3 Red VLAN 4 Floor 2 Green, Inc. 2 1 Green VLAN 1 Mail Server 3 Floor 1 User 802.1D Legacy Bridge 802.1Q VLAN-Aware Switch Server 2599_18 Figure 4-11 4.4.
Example 4, Isolating Network Traffic According to Protocol Switch 5 will be configured to isolate all AppleTalk protocol frame traffic to the devices in the Grey VLAN and all other protocol traffic to the Yellow VLAN. Switch 3 will link the traffic from Switch 5 to the buildings network backbone. Two 1Q Trunk ports must be activated and configured on Switch 3, and one 1Q Trunk port must be activated and configured on Switch 4.
Chapter 4: Examples Switch 5 Switch 5 is set as follows: 1. Two VLANs are added to the list of VLANs in the Device/VLAN Configuration screen. In this example, it is set as follows: • VLAN ID 5, FID 5, with a VLAN Name of Yellow • VLAN ID 6, FID 6, with a VLAN Name of Grey 2. The Forward Default VLAN Out All Ports is set to YES using the Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port. 3.
Example 4, Isolating Network Traffic According to Protocol 5. The AppleTalk frames must now be restricted to Ports 2 through 8 of the Yellow VLAN.
Chapter 4: Examples 4-22 802.
INDEX Numerics 1D Trunk 1-6, 3-16, 4-10 1Q Trunk 1-5, 3-16, 4-4 C Chapters organization ix Configuration 2-2 Conventions x D Default VLAN 1-5 Device VLAN Configuration screen ADD/DEL (Toggle) 3-9 Admin Status (Toggle) 3-9 FID - lower part of screen (Modifiable) 3-9 FID - upper part of screen (Read-Only) 3-9 VLAN ID - lower part of screen (Modifiable) 3-9 VLAN ID - upper part of screen (Read-Only) 3-9 VLAN Name - lower part of screen (Modifiable) 3-9 VLAN Out All Ports (Toggle) 3-9 changing 3-13 Frame for
Index P Port Assignment Configuration screen FID (Read-Only) 3-15 Port Mode (Selectable) 3-15 VLAN ID (Selectable) 3-15 VLAN Name (Read-Only) 3-15 Port Filtering Configuration screen Filter All Untagged Frames (Toggle) 3-19 Filter Using VLAN Lists (Toggle) 3-19 Port # (Selectable) 3-19 VLAN ID (Read-Only) 3-19 VLAN Name (Read-Only) 3-19 Port mode 1D Trunk 3-16 1Q Trunk 3-16 changing 3-15 Hybrid 3-15 Port VLAN list 1-5 Protocol isolating network according to 4-17 Protocol Ports Configuration Screen Current
Index U Untagged frame 1-5, 2-4 V VLAN assigning ports 2-2 components 2-1 configuration 2-2 default VLAN 1-5 defining 2-2 definition 1-1 to 1-4 operation 2-3 terms 1-4 types 1-3 VLAN Configuration deleting 3-12 disabling 3-12 enabling 3-12 VLAN Forwarding Configuration screen ADD/DELETE (Toggle) 3-22 Current VLAN Ports (Read-Only) 3-22 Frame Format - upper part of screen (Read-Only) 3-22 Frame Type- lower part of screen (Toggle) 3-22 Port (Selectable) 3-22 Port Type (Read-Only) 3-22 VLAN ID (Selectable) 3
Index Index-4 802.
