October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 1

VLAN Fundamentals

J. J. EkstromVP Engineering & CTO

SwitchSoft Systems, Inc.(Formerly UB Networks’ Utah Development

Center)1010 N. State Orem, UT 84057(801) 224-5400 voice(801) 224-3461 fax 9611033.PPT

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 2

VLAN Fundamentals• VLAN switch design

possibilities• Examples• Business requirement

implications• Network management

implications

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 3

A switch is only a switch!

Don’t expect more from VLANs than a switch can provide.

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 4

What does a switch do?• Receive packets

from its ports• Analyze the

received packets • Make forwarding

decisions• Forward packets

on its ports• Nothing more!

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 5

VLAN Aware Switches• VLANs change the way we think

about switch configuration more than they change the switch.

• A VLAN aware switch performs two independent tasks.– Assigning packets to VLANs– Assigning VLANs to Ports

• These tasks may occur on different switches!

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 6

Assigning packets to VLANs• Packet contents

– MAC based VLAN– Protocol based VLAN

• Other information– Ingress port (control DB)– User information– Other sources?

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 7

Control DBControl DB

Management DBManagement DB

Assigning packets to VLANs

Packet

Security DBSecurity DB

VLAN1

VLAN2

VLAN3

VLAN5

VLAN4

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 8

Assigning VLANs to ports• Statically - VLAN explicitly

bound to port• Dynamically

– assignment changes when events, such as arrival of a packet, occur

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 9

Assigning VLANs to Ports

VLAN1

VLAN2

VLAN3

VLAN5

VLAN4

Control DBControl DB

Management DBManagement DB

Packet

Security DBSecurity DB

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 10

Assignment timing• Switch configuration time

– Static port based– Static MAC based

• Packet arrival time– Protocol based– MAC based

• Management Event– Time of day– Move/change

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 11

Business Requirements• Moves/adds/changes• Bandwidth management• Security

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 12

Moves/adds/changes• Packet content at packet arrival

time– Least manual intervention– Protocol, MAC based best

• Other data and times– Manual configuration (typically)– Not as plug and play (typically)– Anything possible with dynamic

access by switch to management and security services

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 13

Bandwidth management• Packet content at packet

arrival time– Least manual intervention– Protocol, MAC based best

• Other data and times– Manual configuration (typically)– Not as dynamic (typically)

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 14

Security• Packet content

– Susceptible to spoofing

• Other information– As secure as the source of

information– Physical control of ports and port

based gives strongest control

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 15

Cisco Catalyst• Static assignment of packets to

VLANs by port on input• Static assignment of VLANs to

ports on output• Total isolation between VLANs• Switches share packet VLAN

assignment through tagging– 802.10– ISL

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 16

UB Dragon• Static assignment of packets to

VLANs by port on input• Static assignment of VLANs to

ports on output• Sets of overlapping VLANs• Switches share packet VLAN

assignment through tagging– PlusBus protocol in enclosure– 802.10 between enclosures

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 17

Compaq “Fast Pipe”• Dynamic assignment of packets

to VLANs by protocol on input• Static assignment of VLANs to

ports on output• Ports in different VLANs for

different protocols• No trunking!

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 18

Agile• Dynamic assignment of packet

to VLAN by packet content at arrival

• Dynamic assignment of VLAN to port to by packet content seen

• Ports in different VLANs for different protocols

• Most “Plug and Play” approach

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 19

Management implications

• Any combination of choices in the design of the switch can be more or less manageable.

• Access to management functions is important!– Telnet management– SNMP management– Other management protocols?

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 20

Visualization, Design, and Management• Design the logical network in

functional terms• Visualization tools to check design• Automatically derive switch

configuration in existing infrastructure

• Automatically configure switches• Propose hardware changes to be able

to better implement logical network• Visualization tools to view logical

mapping to physical

October1996

VLAN Fundamentals Copyright (c) 1996 SwitchSoft Systems,

Inc. 21

Summary• There is a limited set of options

for implementing VLANs• Each has strengths and

weaknesses relative to the others• Management complexity is the

major hurdle to overcome• Tools are needed to help visualize

actual configuration and to aid in creating new configurations