vlan1
TRANSCRIPT
![Page 1: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/1.jpg)
Today we will cover:
• TCP/IP Model
• VLANs & Trunking
![Page 2: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/2.jpg)
TCP/IP Model
• See diagram on board
• The U.S. Department of Defense (DoD) created the TCP/IP reference model because it wanted a network that could survive anything, like a nuclear war
• We’ve been over TCP…
• Internet Protocol (IP)
![Page 3: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/3.jpg)
Internet Protocol Definition
• IP is a layer 3 protocol that offers a connectionless service that provides best-effort delivery across a network– Ex: post office
• IP looks for a way to move the packets to their destination.
• IP is packet-based networking– Layer 3 = packets
![Page 4: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/4.jpg)
TCP/IP Model Layers In Depth
• Application– Handles high-level protocols, encoding, and
dialogue control.– Ex: Telnet, FTP, LPD, SNMP, TFTP, SMTP,
NFS, X Window
• Transport (Host-to-Host)– Reliability, flow control, and error correction.– Ex: TCP, UDP
![Page 5: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/5.jpg)
TCP/IP Layers (cont.)
• Internetwork (Internet)– Defines logical addressing and routing.– Ex: ICMP, ARP, RARP, IP
• Network Interface (Network access)– Defines the protocols and hardware required
to deliver data across some physical network.– EX: Ethernet, Token Ring, FDDI
![Page 6: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/6.jpg)
VLANs & Trunking
.
![Page 7: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/7.jpg)
“Switching”
• “Switching” is a generic term that can be applied to Layer 2, Layer3, Layer 4, or any layer
• To switch is to filter or forward data
• A switch is a network device that filters, forwards, and floods frames based on the destination address of each frame.
![Page 8: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/8.jpg)
Switching
• A Layer 2 LAN switch, like a bridge, performs switching & filtering based on the MAC address (DLL)
• Remember:– Bridge = software-based– Switch = hardware-based
• All the ports on a bridge or a Layer 2 switch belong to the same Layer 3 network (i.e., the same IP network), so a broadcast by one station is forwarded by all the Layer 2 switches or bridges to all other stations.
![Page 9: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/9.jpg)
Switching
• A Layer 3 switch acts on a packet in the same way that a traditional router does.
• Layer 3 switches are basically a cross between a LAN switch and a router.– Each port on the switch is a separate LAN port– But, the forwarding engine, the ASIC (application
specific integrated circuit), calculates and stores routes based on Layer 3 addresses (IP addresses), NOT MAC addresses
![Page 10: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/10.jpg)
Switching
• A Layer 3 switch is a switch that performs hardware-based routing using Layer 3 (network) addresses.– Routers = software-based
• A Layer 3 switch is a cost effective alternative to the traditional router. (Usually)
![Page 11: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/11.jpg)
Switching
• Layer 4 switching is Layer 3 hardware-based routing that uses Layer 4 info
• Forwarding based on:– MAC addresses (Layer 2)– Source/destination IP addresses (Layer 3)– TCP/UDP (Layer 4) application port numbers
• More to come on different layer switching
![Page 12: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/12.jpg)
VLAN Concepts & Basics
• Think of a LAN and a broadcast domain as being basically the same thing.– Simple collision/broadcast model (p. 246, 247
INTRO)
• Without VLANs, a switch treats all interfaces on the switch as being in the same broadcast domain – all connected devices are in the same LAN.
![Page 13: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/13.jpg)
VLAN Basics (cont.):
• With VLANs, a switch can put some interfaces (ports) into one broadcast domain and some into another.
• Essentially, the switch creates multiple broadcast domains – the individual broadcast domains are called virtual LANs.– Example: see board (p. 264 INTRO)
![Page 14: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/14.jpg)
Motivations for using VLANs:
• To group users by department, or by groups that work together, instead of by physical location
• To reduce overhead by limiting the size of each broadcast domain
• To enforce better security
![Page 15: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/15.jpg)
VLAN Configuration
• Two methods:– Port-based (done with cables)– MAC-based (high admin overhead at first)– Network address (logical or IP address)
• Dynamic vs. static– Dynamic: done with VLAN Management Policy Server
(VMPS) database – maps MAC addresses to VLANs– Static
• Created by administrator
![Page 16: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/16.jpg)
VLAN Configuration
• We will cover VLAN switch commands in a few weeks
![Page 17: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/17.jpg)
Trunking w/ ISL & 802.1q
• Trunking – a method to support multiple VLANs that have members on more than one switch
• Example: see board (p. 265 INTRO)
• Cisco switches support two different trunking protocols:– Cisco Inter-Switch Link (ISL)– IEEE 802.1Q
![Page 18: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/18.jpg)
Cisco Inter-Switch Link (ISL)
• Cisco created ISL before the IEEE standardized a trunking protocol
• ISL is Cisco proprietary; it can only be used between two Cisco switches
• ISL encapsulates each frame in an ISL header & trailer
![Page 19: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/19.jpg)
ISL Header
• The ISL header includes several fields, but most important, the ISL header VLAN field provides a place to encode the VLAN number.
• By tagging a frame with the correct VLAN number inside the header, the sending switch can ensure that the receiving switch knows which VLAN the encapsulated frame belongs to– This is called Frame Tagging
![Page 20: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/20.jpg)
ISL Header (cont.)
• Also, the source and destination addresses in the ISL header use MAC addresses of the sending and receiving switch, not the node device that originally sent the frame.
![Page 21: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/21.jpg)
IEEE 802.1Q
• Years after Cisco created ISL, IEEE created the 802.1Q standard.
• 802.1Q uses a different style of header than does ISL for tagging frames with a VLAN number.
• 802.1Q does not encapsulate – it adds an extra 4-byte header to the middle of the original Ethernet header– Called Frame Tagging as well
• 802.1Q forces a recalculation of FCS– See frame example
![Page 22: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/22.jpg)
ISL & 802.1Q Compared:
• Both support a separate instance of spanning-tree for each VLAN.– What is purpose of STP?
![Page 23: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/23.jpg)
Passing Traffic Between VLANs
• Layer 2 switching refers to the typical switch-processing logic found at the DLL
• When VLANs are used, an L2 switch uses the same logic, but per VLAN.
• There is a MAC address table for each VLAN.– Unicasts – sent inside one VLAN cannot be forwarded
out ports in another VLAN.– Broadcasts – cannot traverse VLANs (need a router
for that)
![Page 24: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/24.jpg)
Traffic Between VLANs (cont.):
• Layer 3 Forwrding Using a Router:– Switches do not forward frames between different
VLANs!!!!– A router does this!!!
• Forwarding Using a Layer 3 Switch:– The term Layer-3 switch refers to a switch that also
has routing features– The router internal to the switch performs the same
routing function as a router.– L3 switches use
• ASICs• Software used to run other processes, like routing protocols
![Page 25: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/25.jpg)
VLAN Traffic (cont.)
• Layer 4 switching– The key to understanding Layer 4 switching is
to remember the function of TCP and UDP port numbers (see p. 155 INTRO for examples).
– With Cisco switches you can enable a feature called NetFlow switching, which performs accounting based on Layer 4 information (like port numbers) while forwarding traffic like a Layer 3 switch.
![Page 26: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/26.jpg)
VLAN Traffic (cont.):
• Layer 5-7 Switching:– Also called
• Layer 7 Switching• Application Layer Switching (named for TCP/IP Model)• L5-L7
– Looks past the Layer 4 header, into application layer headers, to make switching decisions
– A feature Cisco calls Content Delivery Networks (CDN).
![Page 27: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/27.jpg)
VLAN Traffic (cont.)
• Multilayer Switching:– A switch that concurrently performs switching
based on multiple layers.– For instance, most L3 switches also perform
L2 switching inside a VLAN and L3 switching for traffic between VLANs.
![Page 28: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/28.jpg)
Comparison of Switching Layers:
• L2 Switching– (no VLAN to another)
• L3 Switch
• L4 Switch
• L5-L7 Switch
• Multilayer
• Forwards based on MAC address.
• Based on destination IP address for traffic to another VLAN.
• Typically based on port numbers.
• Based on Application Layer (TCP/IP Model)
• Concurrent switching on multiple layers.
![Page 29: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/29.jpg)
Comparison Notes
• L2 switching is the only option in the table that does not allow forwarding from one VLAN to another.
• External router, connected to L2 switch – router forwards like always, based on destination IP address.
![Page 30: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/30.jpg)
VTP
• Will be added shortly
![Page 31: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/31.jpg)
VTP Pruning
• Will be added shortly.
![Page 32: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/32.jpg)
Quiz Time
.
![Page 33: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/33.jpg)
1
• What are the four layers of the TCP/IP model?
![Page 34: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/34.jpg)
2
• What two protocols function at the transport (host-to-host) layer of the TCP/IP model?
![Page 35: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/35.jpg)
3
• What are some protocols that operate at the TCP/IP Internet layer?
![Page 36: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/36.jpg)
4
• What is a Layer 3 switching device?
![Page 37: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/37.jpg)
5
• What are VLANs?
![Page 38: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/38.jpg)
6
• For VLANs to communicate with each other, what network component is needed?
![Page 39: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/39.jpg)
7
• What are the two most common trunking protocols supported by Cisco switches?
![Page 40: Vlan1](https://reader033.vdocuments.site/reader033/viewer/2022052410/5561ecb6d8b42aa5068b546c/html5/thumbnails/40.jpg)
Next Meeting March 22
• IP & Addressing Fundamentals
• Subnetting