Ethernet Switching

and Virtual LANs

4-1
Copyright 2005 Juniper Networks, Inc.

Proprietary and Confidential

www.juniper.net

Overview of Ethernet
Ethernet defined:
Family of LAN specifications, standardized in IEEE
802.3 Examples include:
10Base-T (802.3i)10 Mbps
100Base-TX (802.3u)100 Mbps
1000Base-T (802.3ab)1000 Mbps

Uses data link layer technology to create LANs

Shared mediuma single broadcast and collision
domain
Uniquely identifies all nodes on the LAN with 48-bit MAC
address

Uses CSMA/CD to avoid and manage frame

collisions
2008 Juniper Networks, Inc. All rights reserved.

Ethernet LANs (1 of 2)
Shared
medium

Characteristics:
Shared medium
Single collision domain
Nodes can transmit
simultaneously
2008 Juniper Networks, Inc. All rights reserved.

Collision
domain

Nodes can
transmit
simultaneously

Problems:
1. Traffic is seen by everyone
2. Collisions can occur
3. Unwanted resource consumption
3

Ethernet LANs (2 of 2)
As the network grows, the likelihood of
collisions increases
As collisions increase, overall LAN efficiency
decreases

2008 Juniper Networks, Inc. All rights reserved.

Overview of Bridging
Bridging:
Is defined in the IEEE 802.1D-2004 standard
Segments a single collision domain
Isolates the physical layer
Learns and maintains a forwarding table (bridge
table)
Performs intelligent forwarding decisions based on
the bridge table

2008 Juniper Networks, Inc. All rights reserved.

Bridging: How Does it Work?

Transparent bridging builds and maintains bridge
tables using the following mechanisms:
Learning:
Learns MAC address and associated port

Forwarding:
Forwards packets out proper egress interface towards
destination

Flooding:
Replicates packets out other ports for unknown destination
MAC addresses; also used when passing multicast and
broadcast traffic

Filtering:
Limits traffic to its associated network segment

Aging:
Ensures bridge table entries are current
2008 Juniper Networks, Inc. All rights reserved.

MAC Address Learning

Each MAC address is
associated with the frames
incoming interface

Source MAC addresses are

learned for all incoming
Ethernet frames
Pre DA

SA Type

Data

FCS

A1

MAC Address Table

ge-0/0/0:
ge-0/0/0:
ge-0/0/1:
ge-0/0/1:

0140.5501.1111
0140.5501.2222
0140.5501.3333
0140.5501.4444

0140.5501.1111

0140.5501.3333
ge-0/0/0

A2
0140.5501.2222

2008 Juniper Networks, Inc. All rights reserved.

B1

ge-0/0/1
B2
0140.5501.4444

= Hub

Forwarding: Known Unicast Frames (1 of

2)
MAC Address Table
ge-0/0/0: 0140.5501.1111
ge-0/0/0: 0140.5501.2222
ge-0/0/1: 0140.5501.3333
ge-0/0/1: 0140.5501.4444

A1 sends a
frame to
B2

A1

0140.5501.1111

Switch checks
forwarding
table
ge-0/0/0

A2 receives
A2
and
discards 0140.5501.2222
the frame
from A1

2008 Juniper Networks, Inc. All rights reserved.

B1
0140.5501.3333

ge-0/0/1
B2
0140.5501.4444

= Hub

Switch forwards
frame from A1 to
B2
8

Forwarding: Known Unicast Frames (2 of

2)
MAC Address Table
ge-0/0/0: 0140.5501.1111
ge-0/0/0: 0140.5501.2222
ge-0/0/1: 0140.5501.3333
ge-0/0/1: 0140.5501.4444

A1 sends a
frame to
A2

A1

0140.5501.1111

Switch checks
forwarding
table
ge-0/0/0

B1
0140.5501.3333

ge-0/0/1

A2 processes
A2
the frame from
A1
0140.5501.2222

B2
0140.5501.4444

= Hub

Switch filters
frame from A1 to
A2
2008 Juniper Networks, Inc. All rights reserved.

Flooding: Broadcast, Multicast, or

Unknown Unicast Frames
A1 sends
broadcast frame
on to LAN
(DA:
FFFF.FFFF.FFFF)
A1

MAC Address Table

ge-0/0/0: 0140.5501.1111
ge-0/0/0: 0140.5501.2222
ge-0/0/1: 0140.5501.3333

B1

ge-0/0/1: 0140.5501.4444

0140.5501.3333

0140.5501.1111
ge-0/0/0

ge-0/0/1

A2

B2

0140.5501.2222

0140.5501.4444

= Hub

Switch floods frame out all ports

associated with the LAN
(except the port on which it was
received)
2008 Juniper Networks, Inc. All rights reserved.

10

Viewing the MAC Address Table

Use the show ethernet-switching table
command to view MAC address table entries
user@switch> show ethernet-switching table
Ethernet-switching table: 6 entries, 3 learned
VLAN
MAC address
Type
blue
*
Flood
blue
00:19:e2:50:7c:0b Learn
orange
*
Flood
orange
00:19:e2:50:3f:ee Learn
purple
*
Flood
purple
00:19:e2:50:77:b1 Learn

Entries are organized

based on associated
VLAN
2008 Juniper Networks, Inc. All rights reserved.

Age
48
42
38

Interfaces
All-members
ge-0/0/10.0
All-members
ge-0/0/13.0
All-members
ge-0/0/16.0

Each VLAN maintains

an entry used for
flooding
11

Clearing the MAC Address Table

Use the clear ethernet-switching table
command to clear MAC address table
contentsclear ethernet-switching table ?
user@switch>
Possible completions:
<[Enter]>
interface
|

Execute this command

Clear MAC table for specified interface
Pipe through a command

Clear all entries in table or

only the entries for a
specific interface

2008 Juniper Networks, Inc. All rights reserved.

12

Overview of VLANs
VLANs:

VLAN Orange

VLAN Orange

VLAN Orange

2008 Juniper Networks, Inc. All rights reserved.

VLAN Blue

Segment a single broadcast domain into multiple

broadcast domains
Allow for grouping users based on business needs,
regardless of physical location

VLAN Blue

VLAN Blue

13

Default and Management VLANs

All network ports belong to the default
VLAN in the factory-default configuration
user@switch> show vlans default
Name
Tag
Interfaces
default
ge-0/0/0.0*, ge-0/0/1.0*, ge-0/0/2.0, ge-0/0/3.0,
ge-0/0/4.0, ge-0/0/5.0*, ge-0/0/6.0, ge-0/0/7.0,
ge-0/0/8.0, ge-0/0/9.0, ge-0/0/10.0*, ge-0/0/11.0*,
ge-0/0/12.0*, ge-0/0/13.0*, ge-0/0/14.0*, ge-0/0/15.0*,
ge-0/0/16.0*, ge-0/0/17.0*, ge-0/0/18.0*, ge-0/0/19.0,
ge-0/1/0.0, ge-0/1/1.0, ge-0/1/2.0, ge-0/1/3.0

The mgmt VLAN allows redundant management

connections to the vme interface (EX 4200 switches only)
user@switch> show vlans mgmt
Name
Tag
Interfaces
mgmt
me0.0*
2008 Juniper Networks, Inc. All rights reserved.

14

Switch Port Modes

Switch ports operate in either access or trunk
mode
Access mode:
Connects to network devices (desktop, IP phones, printers,
and so forth)
Typically transmit untagged Ethernet frames for a single
VLAN; the exception is when the voice VLAN feature is being
used
Default mode for all ports

Trunk mode:
Connects to other switches or a router
Typically transmits tagged Ethernet frames for multiple
VLANs; the exception is when the native VLAN option is
configured or control traffic is sent
Must be explicitly configured

2008 Juniper Networks, Inc. All rights reserved.

15

802.1QEthernet Frame
4-byte tag inserted into Ethernet frame
(max 1522 bytes)
Tag Protocol Identifier (TPID): 16 bits, default
0x8100
Priority: 3 bits, 802.1p
Canonical Format Indicator (CFI): 1 bit, default 0
Unique VLAN identifier (VID): 12 bits
DestinationSource TAG Type/
MAC
MAC
Length

TPID Priority CFI

2008 Juniper Networks, Inc. All rights reserved.

Data

FCS

VID

16

802.1QTrunk Links
A trunk is a single Ethernet link that can
carry traffic for multiple VLANs

VLAN Orange

2008 Juniper Networks, Inc. All rights reserved.

VLAN Blue

VLAN Orange

VLAN Blue
VLAN Blue

VLAN Orange
VLAN Orange

VLAN Blue
VLAN Blue

VLAN Orange

VLAN Orange

VLAN Blue

17

VLAN Configuration Example

Port-Based
Assignment

VLAN Orange

VLAN Blue

VLAN Purple

[edit]
user@switch# show interfaces

ge-0/0/13 {
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members orange;
}
}
}
}
VLAN

Referenced
[edit]
user@switch# show vlans

orange {
vlan-id 101;
}

VLAN
Defined
2008 Juniper Networks, Inc. All rights reserved.

18

Monitoring VLAN Assignments

user@switch> show vlans
Name
Tag
Interfaces
blue
100
ge-0/0/10.0*
default
ge-0/0/0.0, ge-0/0/5.0*
orange
101
ge-0/0/13.0*
purple
102
ge-0/0/16.0*
mgmt
me0.0*
user@switch> show vlans orange detail
VLAN: orange, 802.1Q Tag: 101, Admin state: Enabled
Number of interfaces: 1 (Active = 1)
Untagged interfaces: ge-0/0/13.0*

2008 Juniper Networks, Inc. All rights reserved.

19

802.1Q Trunk Configuration Example

[edit]
user@switch# show interfaces
...
ge-0/0/18 {
unit 0 {
family ethernet-switching {
port-mode trunk;
vlan {
members [ orange blue ];
}
}
}
}

Single physical link

carries traffic for
multiple VLANs

[edit]
user@switch# show vlans
blue {
vlan-id 100;
}
orange {
vlan-id 101;
}

2008 Juniper Networks, Inc. All rights reserved.

20

Monitoring 802.1Q Trunks

user@switch> show vlans orange detail
VLAN: orange, 802.1Q Tag: 101, Admin state: Enabled
Number of interfaces: 2 (Active = 2)
Untagged interfaces: ge-0/0/13.0*
Tagged interfaces: ge-0/0/18.0*

Interface is
802.1Q trunk for
both VLANs

user@switch> show ethernet-switching interfaces

Interface
State
VLAN members
Blocking
ge-0/0/10.0 up
blue
unblocked
ge-0/0/13.0 up
orange
unblocked
ge-0/0/18.0 up
blue
unblocked
orange
unblocked
me0.0
up
mgmt
unblocked

Interface
belongs to
both VLANs
2008 Juniper Networks, Inc. All rights reserved.

21

Routed VLAN Interface

Logical Layer 3 VLAN interface used for
inter-VLAN routing

VLAN Orange

VLAN Blue

VLAN Purple

2008 Juniper Networks, Inc. All rights reserved.

22

RVI Configuration Example

[edit]
user@switch# show interfaces
ge-0/0/13 {
unit 0 {
family ethernet-switching {
port-mode access;
vlan {
members orange;
}
}
}
}

vlan {
unit 101 {
family inet {
address 10.1.2.1/24;
}
}
}

2008 Juniper Networks, Inc. All rights reserved.

[edit]
user@switch# show vlans
blue {
vlan-id 100;
l3-interface vlan.100;
}
orange {
vlan-id 101;
l3-interface vlan.101;
}
purple {
vlan-id 102;
l3-interface vlan.102;
}

This example facilitates routing

through all interfaces associated
with the blue, orange, and
purple VLANs
23

Monitoring an RVI
user@switch> show interfaces terse
Interface
Admin Link
vlan
up
up
vlan.100
up
up
vlan.101
up
up
vlan.102
up
up

vlan
Proto

Local

inet
inet
inet

10.1.1.1/24
10.1.2.1/24
10.1.3.1/24

Remote

RVI state and IP

address details

user@switch> show vlans orange extensive

VLAN: orange, Created at: Thu Apr 17 22:31:43 2008
802.1Q Tag: 101, Internal index: 17, Admin state: Enabled, Origin: Static
Protocol: Port-based, Layer 3 interface: vlan.101 (UP)
IP addresses: 10.1.2.1/24
Number of interfaces: Tagged 1 (Active = 1), Untagged 1 (Active = 1)
ge-0/0/18.0*, tagged, trunk
ge-0/0/13.0*, untagged, access

At least one port must

be active for RVI state to
be up
2008 Juniper Networks, Inc. All rights reserved.

24