Sunteți pe pagina 1din 23

DL_020_E1

VLAN

ZTE University
Data Communication team

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Ethernet Broadcast Domain

In a flat network, every device sees


every transmitted packet

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Broadcast storms
Broadcast packets including:
ARP request,RIP,DHCP,NetBEUI,IPX
OK:
there are routers.Routers can divide broadcast domain.

BUT:
There are so a few ports on router
The number of broadcast domains depend on the ports on router
So many Ethernet ports on Layer 2 Switch

SO:
VLAN on Layer 2 Switch

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLANs

A VLAN is a broadcast domain


ZTE University univ.zte.com.cn
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLANs Establish Broadcast Domains

Broadcast Domain 2

Broadcast Domain 1

VLANs plus routers limit broadcasts to the domain of origin


ZTE University univ.zte.com.cn
5
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Frame Identification

VLAN1

VLAN1 VLAN2 VLAN3

Backbone

VLAN1
VLAN3
VLAN2
VLAN3 VLAN2

Specifically developed for multi-VLAN, inter-switch


communications
Places a unique identifier in header of each frame
Functions at Layer 2
ZTE University univ.zte.com.cn
6
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Link Types

Access Links

An access link is a link that is a member


of only one VLAN

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Link Types (Cont.)

Trunk Links

A trunk link is capable of carrying multiple VLANs

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Overview

Segmentation
3rd floor

Flexibility
2nd floor

Security
1st floor
SALES HR ENG

A VLAN = A broadcast domain = Logical network


ZTE University univ.zte.com.cn
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Operations

Switch A

Red Black Green


VLAN VLAN VLAN

Each logical VLAN is like a separate physical bridge

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Operations

Switch A Switch B

Red Black Green Red Black Green


VLAN VLAN VLAN VLAN VLAN VLAN

Each logical VLAN is like a separate physical bridge


VLANs can span across multiple switches

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Operations

Switch A Switch B

Trunk

Fast Ethernet

Red Black Green Red Black Green


VLAN VLAN VLAN VLAN VLAN VLAN

Each logical VLAN is like a separate physical bridge


VLANs can span across multiple switches
Trunks carries traffic for multiple VLANs
Trunks use special encapsulation to distinguish
between different VLANs

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Identification Methods

Green Green

Fast Ethernet
Blue Blue
Green Blue Red

Red
Red

RED VLAN RED VLAN

Packets traversing a shared backbone carry VLAN


identification within the packet header
VLAN Identification Options:
Cisco ISL
IEEE 802.1Q
ZTE University univ.zte.com.cn
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Identification Using IEEE 802.1Q

Initial MAC 2-Byte TPID


Initial Type/Data New CRC
Address 2-Byte TCI

2-byte tag protocol identifier (TPID)


A fixed value of 0x8100. This TPID value indicates that the
frame carries the 802.1Q/802.1p tag information.
2-byte tag control information (TCI)
12 bits are for ID of vlan

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
802.1Q Tagging

802.1Q trunks enable VLANs across a


backbone
Performed with ASIC
Not intrusive to client stations,
client does not see the 802.1q
VLAN Tag added header
by incoming
port Tagged Link Effective between switches,
carries VLAN routers and switches, switches
identifier
and servers with 802.1q network
interface cards

VLAN Tag
stripped by
forwarding port
ZTE University univ.zte.com.cn
15
The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Access vs. Trunk Ports (cont.)
Access Ports Access Ports
Red VLAN Red VLAN

Access Ports
Access Ports
Blue VLAN
Blue VLAN

RS1 RS2

Trunk Port

Access Ports Green VLAN Access Ports Green VLAN

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Access Ports

Access ports are used for DSLAM to dsl/Ethernet


subscriber connection

An Access port can only belong to one VLAN

By default all ports are Access ports

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Trunk Ports

Trunk ports carry data belonging to several VLANs

Trunk ports use tagging to identify which VLAN a


packet is associated with

Trunk ports are IEEE 802.1q compliant

The purpose of Trunk Ports is to span a VLAN across


several devices (DSLAM,Switch or Router)

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Static Vlan and Dynamic Vlan

Static Vlan:

Port Based VLAN

Dynamic Vlan:
MAC Based VLAN Layer 2
Subnet Based VLANLayer 3
User Based VLAN Above Layer 4

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
Review

Collision Domain &Broadcast Domain


Access Link & Trunk Link
Access port & Trunk Port
802.1Q
Static Vlan & Dynamic Vlan

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Configuration Steps

1.Add/Delete a VLAN

Add a VLAN or a group of VLANs by executing add-


vlan vlan-list. The VLAN ID value ranges from 2
to 4093. Delete an existing VLAN or a group of
existing VLANs by executing no add-vlan vlan-
list.

fsap(config)# add-vlan 101

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Configuration Steps

2.Specify/Delete the Standard VLAN Port

Configure the VLAN information by executing vlan vlan-list


slot-list/port-list [tag/untag] [one-to-one] [pvc pvc-
id]. Delete the VLAN information by executing no vlan vlan-
list slot/port-list [one-to-one] [pvc pvc-id].

fsap(config)# vlan 101 4/1 untag subscriber ports without tag

fsap(config)# vlan 101 10/1 tag the uplink port with tag

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.
VLAN Configuration Steps
3.Query VLAN Information
Display the VLAN information of the system by executing show
vlan.
fsap# show vlan
total number : 36
-----------------------------------
1 2 3 4 5 6 7 8 9 10
100 101 102 103 104 105 106 107 108 109
110 111 112 113 114 115 116 117 118 119
120 121 122 123 124 201
fsap# show vlan 101
VLANID : 101
VLANName : vlan101
Egress/UnTag PORTLIST
------------------------------------------------------------
Egress 4/1,10/1,12/1
UnTag 4/1

ZTE University univ.zte.com.cn


The information contained in the file is solely property of ZTE corporation. Any kind of disclosing without permission is prohibited.

S-ar putea să vă placă și