Isolate-User-VLAN Technology White Paper
|
|
- Mark Ferguson
- 5 years ago
- Views:
Transcription
1 Isolate-User-VLAN Technology White Paper Keywords: Isolate-user-VLANs, secondary VLANs Abstract: Isolate-user-VLAN adopts a two-tier VLAN structure: an upper level isolate-user-vlan and multiple lower-level secondary VLANs. Because the upstream device is aware of only the isolate-user-vlan but not the secondary VLANs, network configuration is simplified and VLAN resources are saved. This document mainly introduces the fundamentals and networking implementations of isolate-user-vlan. Acronyms: Acronym Full Spelling VLAN ARP Virtual Local Area Network Address Resolution Protocol Hangzhou H3C Technologies Co., Ltd. 1/11
2 Table of Contents 1 Overview Background Benefits Isolate-User-VLAN Implementation Concepts Isolate-User-VLAN Mechanism Reconfiguring Ports Synchronizing MAC Addresses Isolate-User-VLAN Packet Forwarding Restrictions Application Scenario Hangzhou H3C Technologies Co., Ltd. 2/11
3 1 Overview 1.1 Background In campus networks, to guarantee user information security and facilitate user management and traffic accounting, service providers require that users be isolated from each other on Layer 2. To achieve that, they can create a VLAN for each user. As shown in Figure 1, Switch B and Switch C are each connected to three users. If the service provider creates a VLAN for each user, six VLANs must be created on Device A. Device A IP network Switch B VLAN 10 - VLAN15 Switch C VLAN 10 VLAN 11 VLAN 12 VLAN 13 VLAN 14 VLAN15 Figure 1 Flat networking diagram As stipulated in IEEE 802.1Q, one device can support a maximum of 4094 VLANs. For a core device, if each user is configured with a different VLAN, 4094 VLANs are far from enough. To solve this problem, the isolate-user-vlan technology was developed. When the isolate-user-vlan function is enabled, the customer VLANs (VLAN 10 to VLAN 15) in Figure 1 can be configured as secondary VLANs, while services VLANs VLAN 2 and VLAN 3 can be configured as isolate-user-vlans, as shown in Figure 2. In this way, only VLAN 2 and VLAN 3 need to be configured on Device A, saving four VLANs. Hangzhou H3C Technologies Co., Ltd. 3/11
4 Device A VLAN 2 VLAN 3 IP network VLAN 2 VLAN 3 Switch B Switch C Host 2 VLAN 10 VLAN 11 VLAN 12 VLAN 13 VLAN 14 VLAN 15 Figure 2 Network diagram for isolate-user-vlan implementation 1.2 Benefits Isolate-user-VLAN adopts a two-tier VLAN structure: an isolate-user-vlan at the upper tier and multiple secondary VLANs at the lower tier. As upstream devices need to identify only isolate-user-vlans but not the secondary VLANs, the VLAN resources on the upstream devices are saved. Meanwhile, because each user has an individual secondary VLAN, users are isolated on Layer 2. The isolate-user-vlan function is mainly used in campus or enterprise networks. It saves VLAN resources while achieving Layer-2 isolation. Hangzhou H3C Technologies Co., Ltd. 4/11
5 2 Isolate-User-VLAN Implementation 2.1 Concepts Isolate-User-VLAN Technology White Paper An isolate-user-vlan is a VLAN of which the upstream device is aware. It is not the actual VLAN that an end station belongs to. A secondary VLAN is the VLAN that an end station is actually assigned to. An uplink port is a port that connects to and communicates with the upstream device. The isolate-user-vlan must be configured as the default VLAN of the uplink port, or else the port will not be able to forward packets sent from the secondary VLANs. A downlink port is a port that connects to and communicates with end stations. The default VLAN of a downlink port must be configured as the corresponding secondary VLAN, or else the port will not be able to forward packets received from the isolate-user-vlan. 2.2 Isolate-User-VLAN Mechanism To hide information about secondary VLANs and save VLAN resources, the isolateuser-vlan technology requires that: Packets from different secondary VLANs can be sent to the upstream device through uplink ports and carry no secondary VLAN information. Packets from isolate-user-vlans can be sent to end stations through downlink ports and carry no isolate-user-vlan information. As an isolate-user-vlan and its secondary VLANs use different VLAN IDs and contain different ports, their packets are isolated on Layer 2. To achieve the two requirements described above, the following is required: 1) Port reconfiguration and MAC address synchronization must be performed on the local device. For details, refer to Reconfiguring Ports and Synchronizing MAC Addresses. 2) The following configurations must be made on the upstream device: Hangzhou H3C Technologies Co., Ltd. 5/11
6 Creating a VLAN with the VLAN ID the same as that of the isolate-user-vlan. Configuring the incoming port to configure its link type as hybrid and the isolateuser-vlan as the default VLAN of the port, and to allow packets from the default VLAN to pass through untagged Reconfiguring Ports The system automatically reconfigures the ports in an isolate-user-vlan and those in its secondary VLANs as follows: Changing the link type of the uplink port(s) as hybrid, and configuring them to allow the packets from the secondary VLANs to pass through untagged. Because the isolate-user-vlan has been manually configured as the default VLAN of the incoming port on the upstream device, the upstream device considers all the incoming packets as belonging to the isolate-user-vlan and tags them with the isolate-user-vlan tag. In this way, the secondary VLAN information is hidden from the upstream device. Changing the link type of each downlink port to hybrid and allowing packets from the isolate-user-vlan to pass through untagged. As shown in Figure 3, all the ports are access ports by default. Ports Ethernet 1/2, Ethernet 1/3, and Ethernet 1/5 belong to VLAN 2, VLAN 3, and VLAN 5 respectively. Related settings of the ports are shown in Table 1. Configure VLAN 5 as the isolate-user-vlan and VLAN 2 to 4 as the secondary VLANs. After your configuration finishes, the settings of the ports are changed to those shown in Table 2. Hangzhou H3C Technologies Co., Ltd. 6/11
7 Device MAC: mac_a VLAN 5 Switch Eth1/5 Eth1/5 Eth1/2 Eth1/3 VLAN 2 VLAN 3 Host 2 MAC: mac_2 Host 3 MAC: mac_3 Figure 3 Network diagram for isolate-user-vlan configuration synchronization Table 1 Port settings before configuration synchronization Port Type Default VLAN Allowed VLAN(s) Eth1/5 Access 5 VLAN 5 Eth1/2 Access 2 VLAN 2 Eth1/3 Access 3 VLAN 3 Table 2 Port settings after configuration synchronization Port Type Default VLAN VLAN role Allowed VLAN(s) Eth1/5 Hybrid 5 Eth1/2 Hybrid 2 Isolate-user- VLAN Secondary VLAN Allows the packets from VLAN 2, VLAN 3, and VLAN 5 to pass through untagged. Allows the packets from VLAN 2 and VLAN 5 to pass through untagged. Hangzhou H3C Technologies Co., Ltd. 7/11
8 Port Type Default VLAN VLAN role Allowed VLAN(s) Eth1/3 Hybrid 3 Secondary VLAN Allows the packets from VLAN 3 and VLAN 5 to pass through untagged Synchronizing MAC Addresses After port reconfiguration is completed, the packets from the secondary VLANs can be sent out the uplink ports untagged and those from the isolate-user-vlan can be sent out the downlink ports untagged. Normally, the outgoing ports for forwarding these packets are identified through MAC address learning. For example, the Switch in the network shown in Figure 3 creates and maintains a MAC address table shown in Table 3. Assume the Device sends Host 2 a packet with the source MAC address as mac_a and the destination MAC address as mac_2. When port Ethernet 1/5 of the Switch receives the packet, Ethernet 1/5 tags the packet with VLAN 5 (the default VLAN of Ethernet 1/5), and then looks up the MAC address table for an entry matching mac_2 and VLAN 5. Failing in finding a match, the Switch broadcasts the packet in VLAN 5 out Ethernet 1/2 and Ethernet 1/3. Thus, the packet reaches its destination. As the switch has to forward each packet (downstream or upstream) by broadcasting it, a large amount of broadcasts will be created if the isolate-user-vlan and its secondary VLANs contain a large number of ports. This not only decreases bandwidth use efficiency but also causes data security problems because broadcast packets are easy to be intercepted. To resolve the problem, the MAC address synchronization mechanism is used. The MAC address synchronization mechanism includes two aspects: Synchronizing the dynamic MAC addresses learned by the downlink ports in the secondary VLANs to the isolate-user-vlan. Synchronizing the dynamic MAC addresses learned by the uplink ports in the isolate-user-vlan to the secondary VLANs. However, when the isolate-user-vlan is associated with too many secondary VLANs, Hangzhou H3C Technologies Co., Ltd. 8/11
9 the MAC address table can get excessively large after MAC address synchronization, affecting forwarding performance. In addition, considering downstream traffic is usually heavier than upstream traffic and must be unicast while upstream traffic can be broadcast, all H3C switches support synchronizing MAC addresses from secondary VLANs to isolate-user-vlans, but only some support synchronizing MAC addresses from isolate-user-vlans to secondary VLANs. After MAC address synchronization, the MAC address table on the Switch in Figure 3 changes to the one shown in Table 4. Table 3 MAC address table before the synchronization Destination MAC VLAN Outgoing port mac_2 2 Ethernet 1/2 mac_3 3 Ethernet 1/3 mac_a 5 Ethernet 1/5 Table 4 MAC address table after the synchronization Destination MAC VLAN Outgoing port mac_2 2 Ethernet 1/2 mac_2 5 Ethernet 1/2 mac_3 3 Ethernet 1/3 mac_3 5 Ethernet 1/3 mac_a 5 Ethernet 1/5 mac_a 2 Ethernet 1/5 mac_a 3 Ethernet 1/5 2.3 Isolate-User-VLAN Packet Forwarding This section takes the traffic transmission for Host 2 in Figure 3 as an example to illustrate the isolate-user-vlan implementation. 1) Host 2 sends out its first upstream unicast packet. The packet is untagged, with the source MAC address being mac_2 and the destination MAC address being mac_a. Hangzhou H3C Technologies Co., Ltd. 9/11
10 2) When the downlink port Ethernet 1/2 on the Switch receives the packet, it tags the packet with the default VLAN ID 2, and learns the source MAC address in the default VLAN. As a result, the MAC address entry mac_2 + VLAN 2 + Ethernet 1/2 is created, indicating that the outgoing port for the traffic with destination MAC address mac_2 and VLAN ID 2 is Ethernet 1/2. 3) According to the MAC address synchronization mechanism, this MAC address is synchronized to VLAN 5 at the same time and the Switch creates the MAC address entry mac_2 + VLAN 5 + Ethernet 1/2. 4) Because the Switch does not have the MAC address entry for mac_a yet, it broadcasts this packet in VLAN 2. 5) As the Switch has performed port reconfiguration for the isolate-user-vlan implementation, Ethernet 1/5 allows the traffic from VLAN 2 to pass through untagged. Thus, the packet is sent out Ethernet 1/5 with its tag removed. 6) Device A responds to the packet after receiving it. 7) When the Switch receives the response packet on uplink port Ethernet1/5, it tags the packet with the default port VLAN ID 5 and learns the source MAC address in the default VLAN to create the MAC address entry mac_a + VLAN 5 + Ethernet 1/5. Through the MAC address synchronization mechanism, two more MAC address entries mac_a + VLAN 2 + Ethernet 1/5 and mac_a + VLAN 3 + Ethernet 1/5 are created. 8) The Switch looks up the MAC address table based on the destination MAC address and VLAN ID of the response packet (that is, mac_2 and VLAN 5), and finds out that the outgoing port is Ethernet 1/2. Thus, the Switch removes the tag of the response packet and forwards it out Ethernet 1/2 to Host 2. Thus, bidirectional communication between Host 2 and the Device is achieved. 2.4 Restrictions For secondary VLANs to communicate with each other, you need to configure local ARP proxy on the upstream device, which will increase the load on layer 3 devices considerably. 3 Application Scenario The following figure illustrates a typical isolate-user-vlan application scenario. Hangzhou H3C Technologies Co., Ltd. 10/11
11 VOD AUDIO NMS IP network Device VLAN 4 VLAN 2 VLAN 12 VLAN 14 Host 1 Host 11 Switch A Switch B VLAN 5 VLAN 6 VLAN 16 VLAN 15 Host 2 Host 3 Host 13 Host 12 Figure 4 Isolate-user-VLAN network diagram The network contains a large number of users who support different types of services, such as video, audio, and data. To guarantee user information security and differentiate service traffic, the VLAN technology is used to isolate layer 2 packets. To save limited VLAN resources on the upstream device, you can configure the isolateuser-vlan function on the switch. In the mean time, you can configure multiple ports as the uplink ports of the isolate-user-vlan. By configuring ACLs and QoS, you can have different uplink ports transmit different types of traffic, thus simplifying network management. Copyright 2008 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd. The information in this document is subject to change without notice. Hangzhou H3C Technologies Co., Ltd. 11/11
H3C S12500 VLAN Configuration examples
H3C S12500 VLAN Configuration examples Copyright 2014 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any means without
More informationMAC-Based VLAN Technology White Paper
MAC-Based VLAN Technology White Paper Keywords: MAC-based VLAN, 802.1X, MAC address authentication Abstract: As a way of grouping VLAN members, MAC address-based VLAN (MAC-based VLAN) decides the VLAN
More informationSecBlade Firewall Cards ARP Attack Protection Configuration Examples
SecBlade Firewall Cards ARP Attack Protection Configuration Examples Keywords: ARP Abstract: ARP provides no security mechanism and can be easily utilized by attackers to launch attacks. The device provides
More informationStateful Failover Technology White Paper
Stateful Failover Technology White Paper Keywords: Stateful failover, master/backup mode, load balancing mode, data synchronization, link switching Abstract: A firewall device is usually the access point
More informationHUAWEI AR Series SEP Technical White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 1.0. Date
HUAWEI AR Series SEP Technical White Paper Issue 1.0 Date 2015-01-19 HUAWEI TECHNOLOGIES CO., LTD. 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by
More informationH3C S9500 QoS Technology White Paper
H3C Key words: QoS, quality of service Abstract: The Ethernet technology is widely applied currently. At present, Ethernet is the leading technology in various independent local area networks (LANs), and
More informationTransient Traffic Interruption on Ports Due to Source MAC Address Attacks Troubleshooting. Table of Contents
Table of Contents Chapter 1 Transient Traffic Interruption on Ports Due to Source MAC Address Attacks Troubleshooting... 1-1 1.1 Symptom... 1-1 1.2 Related Information... 1-1 1.3 Diagnosis... 1-2 1.4 Troubleshooting...
More informationSecBlade Firewall Cards NAT Configuration Examples
SecBlade Firewall Cards NAT Configuration Examples Keywords: NAT, PAT, private IP address, public IP address, IP address pool Abstract: This document describes the characteristics, applications scenarios,
More informationSYN Flood Attack Protection Technology White Paper
Flood Attack Protection Technology White Paper Flood Attack Protection Technology White Paper Keywords: flood, Cookie, Safe Reset Abstract: This document describes the technologies and measures provided
More informationPPPoE Technology White Paper
PPPoE Technology White Paper Keywords: PPP, Ethernet, PPPoE Abstract: Point-to-Point Protocol over Ethernet (PPPoE) provides access to the Internet for hosts on an Ethernet through a remote access device
More informationSecBlade Firewall Cards Stateful Failover Configuration Examples
SecBlade Firewall Cards Stateful Failover Configuration Examples Keywords: Stateful failover, active/standby mode, active/active mode, data synchronization, traffic switchover Abstract: A network that
More informationIPv6 ND Configuration Example
IPv6 ND Configuration Example Keywords: IPv6 ND Abstract: This document describes the application environment and typical configuration of IPv6 ND. Acronyms: Acronym Full spelling ARP FIB Address Resolution
More informationMulticast Technology White Paper
Multicast Technology White Paper Keywords: Multicast, IGMP, IGMP Snooping, PIM, MBGP, MSDP, and SSM Mapping Abstract: The multicast technology implements high-efficiency point-to-multipoint data transmission
More informationOperation Manual ARP H3C S5500-SI Series Ethernet Switches. Table of Contents
Table of Contents Table of Contents... 1-1 1.1 ARP Overview... 1-1 1.1.1 ARP Function... 1-1 1.1.2 ARP Message Format... 1-1 1.1.3 ARP Address Resolution Process... 1-2 1.1.4 ARP Mapping Table... 1-3 1.2
More informationSecPath Series Firewalls Virtual Firewall Configuration Examples
SecPath Series Firewalls Virtual Firewall Configuration Examples Keywords: VPN instance, VRF, private address, public address, address pool Abstract: This document describes the virtual firewall implementation
More informationSecBlade Firewall Cards Attack Protection Configuration Example
SecBlade Firewall Cards Attack Protection Configuration Example Keywords: Attack protection, scanning, blacklist Abstract: This document describes the attack protection functions of the SecBlade firewall
More informationNCT240 IP DSLAM with IAC4500 VLAN Tagging Implementation
NCT240 IP DSLAM with IAC4500 VLAN Tagging Implementation The NetComm NCT240 24 Port IP DSLAMs support 802.1Q VLAN Tagging. This white paper is written to help IP DSLAM system integrator to set up and configure
More informationMSTP Technology White Paper
MSTP Technology White Paper Key words: STP, RSTP, MSTP, rapid transition, multiple instances, redundancy loop, redundancy link, load sharing Abstract: This article introduces basic MSTP terms, MSTP algorithm
More informationHow to configure the IAC4500 Internet Access Controller for Billing by Volume Application with NCT480 IP DSLAM using port location mapping
How to configure the IAC4500 Internet Access Controller for Billing by Volume Application with NCT480 IP DSLAM using port location mapping Introduction The following paper provides instructions on how
More informationH3C S7500E-XS Switch Series FAQ
H3C S7500E-XS Switch Series FAQ Copyright 2016 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any means without prior
More informationS1700 Series Switches
S1700 Series Switches S1700 Series Switches Product Overview The S1700 series enterprise switches (S1700s) are next-generation energy-saving Ethernet access switches. The S1700 uses high-performance hardware,
More informationTable of Contents 1 VLAN Configuration 1-1
Table of Contents 1 VLAN Configuration 1-1 Overview 1-1 Introduction to VLAN 1-1 VLAN Fundamentals 1-2 Types of VLAN 1-3 Introduction to Port-Based VLAN 1-3 Configuring a VLAN 1-4 Configuration Task List
More informationRRPP Technology White Paper
RR Technology White aper Keywords: RR, RR domain, RR ring, control VLAN, protected VLAN, master node, transit node, edge node, assistant-edge node, ring group. Abstract: The Rapid Ring rotection rotocol
More informationTable of Contents 1 QoS Overview QoS Policy Configuration Priority Mapping Configuration 3-1
Table of Contents 1 QoS Overview 1-1 Introduction to QoS 1-1 Introduction to QoS Service Models 1-1 Best-Effort Service Model 1-1 IntServ Service Model 1-2 DiffServ Service Model 1-2 QoS Techniques Overview
More informationH3C S9500 Series Routing Switches
Command Manual Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: T2-08194S-20081225-C-1.24 Product Version: S9500-CMW310-R1648 Copyright 2007-2008, Hangzhou H3C Technologies Co., Ltd.
More informationS1700 Series Switches
S1700 Series Switches S1700 Series Switches Product Overview The S1700 series enterprise switches (S1700) are next-generation energy-saving Ethernet access switches. The S1700 uses high-performance hardware,
More informationConfiguring Private VLANs
36 CHAPTER This chapter describes private VLANs (PVLANs) on Catalyst 4500 series switches. It also provides restrictions, procedures, and configuration examples. This chapter includes the following major
More informationConfiguring Private VLANs
This chapter contains the following sections: Information About Private VLANs, page 1 Guidelines and Limitations for Private VLANs, page 6 Configuring a Private VLAN, page 6 Verifying Private VLAN Configuration,
More informationQoS Technology White Paper
QoS Technology White Paper Keywords: Traffic classification, congestion management, congestion avoidance, precedence, differentiated services Abstract: This document describes the QoS features and related
More informationWhite Paper. Huawei Campus Switches VXLAN Technology. White Paper
White Paper Huawei Campus Switches VXLAN Technology White Paper 1 Terms Abbreviation VXLAN NVo3 BUM VNI VM VTEP SDN Full English Name Virtual Extensible Local Area Network Network Virtualization over L3
More informationMulticast Protocol Configuration Examples H3C S7500 Series Ethernet Switches Release Table of Contents
Table of Contents Table of Contents Chapter 1 Multicast Protocol Overview... 1-1 1.1 Overview... 1-1 1.2 Configuration Guidance... 1-2 1.2.1 Configuring IGMP Snooping... 1-2 1.2.2 Configuring IGMP... 1-5
More informationH3C SecPath UTM Series. Configuration Examples. Hangzhou H3C Technologies Co., Ltd. Manual Version: 5W
H3C SecPath UTM Series Configuration Examples Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Manual Version: 5W101-20100520 Copyright 2009-2010, Hangzhou H3C Technologies Co., Ltd. and its licensors
More informationH3C S10500 Attack Protection Configuration Examples
H3C S10500 Attack Protection Configuration Examples Copyright 2015 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any
More informationHPE FlexFabric 7900 Switch Series
HPE FlexFabric 7900 Switch Series VXLAN Configuration Guide Part number: 5998-8254R Software version: Release 213x Document version: 6W101-20151113 Copyright 2015 Hewlett Packard Enterprise Development
More informationTable of Contents Chapter 1 Multicast VLAN Configuration
Table of Contents Table of Contents... 1-1 1.1 Multicast VLAN Overview... 1-1 1.2 Configuring Multicast VLAN... 1-1 1.3 Multicast VLAN Configuration Examples... 1-2 1.4 Introduction to Multicast VLAN PLUS...
More informationTable of Contents 1 Port Mirroring Configuration 1-1
Table of Contents 1 Port Mirroring Configuration 1-1 Introduction to Port Mirroring 1-1 Classification of Port Mirroring 1-1 Implementing Port Mirroring 1-2 Other Functions Supported by Port Mirroring
More informationTable of Contents Chapter 1 EPON System Configuration Chapter 2 OLT Configuration Chapter 3 ONU Configuration
Table of Contents Table of Contents Chapter 1 EPON System Configuration... 1-1 1.1 Introduction to EPON System... 1-1 1.2 EPON System Configuration Tasks... 1-2 1.3 Configuring the Interval to Sample System
More informationConfiguring IP Multicast over Unidirectional Links
Configuring IP Multicast over Unidirectional Links IP multicast requires bidirectional communication, yet some networks include broadcast satellite links, which are unidirectional. Unidirectional link
More informationL2 MPLS VPN (VPLS) Technology White Paper
S9500 L2 MPLS VPN (VPLS) Technology White Paper L2 MPLS VPN (VPLS) Technology White Paper Keywords: MPLS, VPLS Abstract: MPLS technologies make it very easy to provide VPN services based on IP technologies
More informationNetwork Configuration Example
Network Configuration Example Configuring Private VLANs on a QFX Switch Using Extended Functionality Modified: 2016-08-01 Juniper Networks, Inc. 1133 Innovation Way Sunnyvale, California 94089 USA 408-745-2000
More informationEthernet. Network Fundamentals Chapter Cisco Systems, Inc. All rights reserved. Cisco Public 1
Ethernet Network Fundamentals Chapter 9 1 Objectives Identify the basic characteristics of network media used in Ethernet. Describe the physical and data link features of Ethernet. Describe the function
More informationConfiguring Port-Based Traffic Control
CHAPTER 22 This chapter describes how to configure the port-based traffic control features on the Cisco ME 3400 Ethernet Access switch. For complete syntax and usage information for the commands used in
More informationSwitching & ARP Week 3
Switching & ARP Week 3 Module : Computer Networks Lecturer: Lucy White lbwhite@wit.ie Office : 324 Many Slides courtesy of Tony Chen 1 Ethernet Using Switches In the last few years, switches have quickly
More informationConfiguring SPAN and RSPAN
34 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network
More informationDHCP Technology White Paper
DHCP Technology White Paper Keywords: DHCP, DHCP server, DHCP relay agent, DHCP client, BOOTP client. Abstract: This document describes DHCP basic concepts and applications, as well as the main functions
More informationConfiguring IGMP Snooping
This chapter describes how to configure Internet Group Management Protocol (IGMP) snooping on a Cisco NX-OS device. About IGMP Snooping, page 1 Licensing Requirements for IGMP Snooping, page 4 Prerequisites
More informationThe DPtech LSW3600-SI series switches include the following models: LSW T2GC-SI: 24 10/100 BASE-T Ethernet ports, 2 Gigabit SFP ports (Combo).
Data Sheet DPtech LSW3600-SI Series DPtech LSW3600-SI Series Ethernet Switches Overview DPtech LSW3600-SI series are next generation secure and energy-efficient Ethernet switch products self-developed
More informationConfigure Ethernet Physical Interface Properties on page 82. Configure 802.1Q VLANs on page 83. Configure the Management Ethernet Interface on page 84
Chapter 8 The JUNOSg cable modem termination system (CMTS )supports the following types of Ethernet interfaces: Fast Ethernet Gigabit Ethernet Management Ethernet interface, which is an out-of-band management
More informationConfigure the Protocol Family on page 40. Configure the Interface Address on page 40
Chapter 5 Configure Protocol Family and Address Interface Properties For each logical interface, you must configure one or more protocol families. You can also configure interface address properties. To
More informationControlled/uncontrolled port and port authorization status
Contents 802.1X fundamentals 1 802.1X architecture 1 Controlled/uncontrolled port and port authorization status 1 802.1X-related protocols 2 Packet formats 2 EAP over RADIUS 4 Initiating 802.1X authentication
More informationHP FlexFabric 5700 Switch Series
HP FlexFabric 5700 Switch Series FAQ Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and
More informationHUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN HUAWEI TECHNOLOGIES CO., LTD. Issue 1.1. Date
HUAWEI USG6000 Series Next-Generation Firewall Technical White Paper VPN Issue 1.1 Date 2014-03-14 HUAWEI TECHNOLOGIES CO., LTD. 2014. All rights reserved. No part of this document may be reproduced or
More informationExample: Configuring Layer 2 Protocol Tunneling on EX Series Switches
Example: Configuring Layer 2 Protocol Tunneling on EX Series Switches Requirements Layer 2 protocol tunneling (L2PT) allows you to send Layer 2 protocol data units (PDUs) across a service provider network
More informationIndex. Numerics. Index p priority (QoS) definition Q VLAN standard w as a region 5-54
Index Numerics 802.1p priority (QoS) 802.1Q VLAN standard 5-7 802.1w as a region 5-54 A active path 5-5 address IP 7-8 advertisement 3-3 applicable products 1-ii ARP age setting 7-10 cache 7-4 cache table
More informationTable of Contents 1 ARP Configuration Guide 1-1
Table of Contents 1 ARP Configuration Guide 1-1 Configuring ARP Basics 1-1 Network Diagram 1-1 Networking and Configuration Requirements 1-1 Applicable Product Matrix 1-1 Configuration Procedure 1-1 Complete
More informationConfiguring IPv4. Finding Feature Information. This chapter contains the following sections:
This chapter contains the following sections: Finding Feature Information, page 1 Information About IPv4, page 2 Virtualization Support for IPv4, page 6 Licensing Requirements for IPv4, page 6 Prerequisites
More informationSecBlade Firewall Cards Log Management and SecCenter Configuration Example
SecBlade Firewall Cards Log Management and SecCenter Configuration Example Keywords: Syslog Abstract: This document describes the log management function of SecBlade firewall cards, and presents configuration
More informationSections Describing Standard Software Features
30 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationLoad Balancing Technology White Paper
Load Balancing Technology White Paper Keywords: Server, gateway, link, load balancing, SLB, LLB Abstract: This document describes the background, implementation, and operating mechanism of the load balancing
More informationCCNA 1 Chapter 5 v5.0 Exam Answers 2013
CCNA 1 Chapter 5 v5.0 Exam Answers 2013 1 2 A host is trying to send a packet to a device on a remote LAN segment, but there are currently no mappings in its ARP cache. How will the device obtain a destination
More informationConfiguring Private VLANs
Finding Feature Information, on page 1 Prerequisites for Private VLANs, on page 1 Restrictions for Private VLANs, on page 1 Information About Private VLANs, on page 2 How to Configure Private VLANs, on
More informationH3C S12500 sflow Configuration Examples
H3C S12500 sflow Configuration Examples Copyright 2013 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by any means without
More informationMulticast H3C Low-End Ethernet Switches Configuration Examples. Table of Contents
Table of Contents Table of Contents Chapter 1 Protocol Overview... 1-1 1.1 Overview... 1-1 1.2 Support of Features... 1-2 1.3 Configuration Guidance... 1-3 1.3.1 Configuring IGMP Snooping... 1-3 1.3.2
More informationHP 5920 & 5900 Switch Series FAQ
HP 5920 & 5900 Switch Series FAQ Copyright 2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services
More informationConfiguring SPAN and RSPAN
Finding Feature Information, page 1 Prerequisites for SPAN and RSPAN, page 1 Restrictions for SPAN and RSPAN, page 2 Information About SPAN and RSPAN, page 3 How to Configure SPAN and RSPAN, page 14 Monitoring
More informationConfiguring SPAN and RSPAN
41 CHAPTER This chapter describes how to configure the Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 4500 series switches. SPAN selects network traffic for analysis by a network
More informationConfiguring IP Multicast over Unidirectional Links
Configuring IP Multicast over Unidirectional Links Last Updated: December 16, 2011 IP multicast requires bidirectional communication, yet some networks include broadcast satellite links, which are unidirectional.
More informationConfiguring Private VLANs Using NX-OS
This chapter describes how to configure private VLANs on Cisco NX-OS devices. Private VLANs provide additional protection at the Layer 2 level. This chapter includes the following sections: Finding Feature
More informationConnecting to the Network
Connecting to the Network Networking for Home and Small Businesses Chapter 3 1 Objectives Explain the concept of networking and the benefits of networks. Explain the concept of communication protocols.
More informationConfiguring Private VLANs
CHAPTER 15 This chapter describes how to configure private VLANs on the Cisco 7600 series routers. Note For complete syntax and usage information for the commands used in this chapter, refer to the Cisco
More informationChapter 5: Ethernet. Introduction to Networks - R&S 6.0. Cisco Networking Academy. Mind Wide Open
Chapter 5: Ethernet Introduction to Networks - R&S 6.0 Cisco Networking Academy Mind Wide Open Chapter 5 - Sections 5.1 Ethernet Protocol Describe the Ethernet MAC address and frame fields 5.2 LAN Switches
More informationTop-Down Network Design
Top-Down Network Design Chapter Five Designing a Network Topology Original slides copyright by Cisco Press & Priscilla Oppenheimer Network Topology Design Issues Hierarchy Redundancy Modularity Well-defined
More informationHuawei Sx7 Series Switches. SVF Technology White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 01 Date 2014-11-20 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei 2015. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written
More informationConfiguring SPAN. Understanding SPAN CHAPTER. This chapter describes how to configure Switched Port Analyzer (SPAN) and on the Catalyst 2960 switch.
CHAPTER 23 This chapter describes how to configure Switched Port Analyzer (SPAN) and on the Catalyst 2960 switch. Note For complete syntax and usage information for the commands used in this chapter, see
More informationSections Describing Standard Software Features
27 CHAPTER This chapter describes how to configure quality of service (QoS) by using automatic-qos (auto-qos) commands or by using standard QoS commands. With QoS, you can give preferential treatment to
More informationTechnical Notes. QoS Features on the Business Ethernet Switch 50 (BES50)
Technical Notes QoS Features on the Business Ethernet Switch 50 (BES50) Version: NN70000-004 issue 1.00 Date: February 3 rd, 2009 Status: Released Copyright 2009 Nortel Networks. All rights reserved. The
More informationTable of Contents 1 QinQ Configuration BPDU Tunneling Configuration 2-1
Table of Contents 1 QinQ Configuration 1-1 Introduction to QinQ 1-1 Understanding QinQ 1-1 Implementations of QinQ 1-2 Modification of TPID Value of QinQ Frames 1-3 Configuring Basic QinQ 1-4 Configuring
More informationHuawei CloudEngine Series. VXLAN Technology White Paper. Issue 06 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 06 Date 2016-07-28 HUAWEI TECHNOLOGIES CO., LTD. 2016. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationAttack Prevention Technology White Paper
Attack Prevention Technology White Paper Keywords: Attack prevention, denial of service Abstract: This document introduces the common network attacks and the corresponding prevention measures, and describes
More informationH3C SR G Core Routers
H3C SR8800 10G Core Routers Layer 2 LAN Switching Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: SR8800-CMW520-R3347 Document version: 6W103-20120224 Copyright
More informationCitrix 1Y0-240 Exam. Volume: 69 Questions
Volume: 69 Questions Question: 1 Scenario: A NetScaler is configured with the following modes: *MBF *USIP *USNIP *Layer 3 mode A Citrix Administrator configured a new router and now requires some of the
More informationConfiguring VPLS. VPLS overview. Operation of VPLS. Basic VPLS concepts
Contents Configuring VPLS 1 VPLS overview 1 Operation of VPLS 1 VPLS packet encapsulation 4 H-VPLS implementation 5 Hub-spoke VPLS implementation 7 Multi-hop PW 8 VPLS configuration task list 9 Enabling
More informationCSC 401 Data and Computer Communications Networks
CSC 401 Data and Computer Communications Networks Link Layer, Switches, VLANS, MPLS, Data Centers Sec 6.4 to 6.7 Prof. Lina Battestilli Fall 2017 Chapter 6 Outline Link layer and LANs: 6.1 introduction,
More informationTable of Contents 1 QinQ Configuration 1-1
Table of Contents 1 QinQ Configuration 1-1 Introduction to QinQ 1-1 Background 1-1 QinQ Mechanism and Benefits 1-1 QinQ Frame Structure 1-2 Implementations of QinQ 1-3 Modification of the TPID Value in
More informationQuality of Service (QoS): Managing Bandwidth More Effectively
15 Quality of Service (QoS): Managing Bandwidth More Effectively Contents Introduction................................................. 15-2 Terminology............................................... 15-5
More informationHUAWEI Secospace USG Series User Management and Control White Paper
Doc. code HUAWEI Secospace USG Series User Management and Control White Paper Issue 1.0 Date 2014-03-27 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2012. All rights reserved.
More informationProduct Overview. Product Overview. Product Specifications. Ordering Information. Service Scenario for PON Interface Layout Operating Status LEDs
Product Overview Service Scenario for PON Interface Layout Operating Status LEDs Product Specifications Capabilities Physical Specifications Ordering Information Product Overview The H665 is Optical Network
More informationContents. QoS overview 1
Contents QoS overview 1 QoS service models 1 Best-effort service model 1 IntServ model 1 DiffServ model 1 QoS techniques overview 1 Deploying QoS in a network 2 QoS processing flow in a device 2 Configuring
More informationDHCP Configuration Examples H3C S7500 Series Ethernet Switches Release Table of Contents
DHCP Configuration Examples Table of Contents Table of Contents Chapter 1 DHCP Functions Overview... 1-1 1.1 Supported DHCP Functions... 1-1 1.2 Configuration Guide... 1-2 1.2.1 Configuring the DHCP Server...
More informationConfiguring SPAN and RSPAN
CHAPTER 32 This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on the Catalyst 3750-X or 3560-X switch. Unless otherwise noted, the term switch refers to a Catalyst
More informationSEP Technology White Paper
Issue 01 Date 2013-05-25 HUAWEI TECHNOLOGIES CO., LTD. 2012. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of
More informationUser Guide. Unmanaged Pro Configuration Utility TL-SG105E / TL-SG108E / TL-SG116E TL-SG1016DE / TL-SG1024DE / TL-SG108PE / TL-SG1016PE
User Guide Unmanaged Pro Configuration Utility TL-SG105E / TL-SG108E / TL-SG116E TL-SG1016DE / TL-SG1024DE / TL-SG108PE / TL-SG1016PE 1910012421 REV1.0.1 May 2018 CONTENTS About This Guide Intended Readers...1
More informationWorkgroup Bridges. Cisco WGBs. Information About Cisco Workgroup Bridges. Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9
Cisco WGBs, page 1 Third-Party WGBs and Client VMs, page 9 Cisco WGBs Information About Cisco A workgroup bridge (WGB) is a mode that can be configured on an autonomous IOS access point to provide wireless
More informationInternetwork Expert s CCNP Bootcamp. Hierarchical Campus Network Design Overview
Internetwork Expert s CCNP Bootcamp Hierarchical Campus Network Design Overview http:// Hierarchical Campus Network Design Overview Per Cisco, a three layer hierarchical model to design a modular topology
More informationConfiguring Virtual Port Channels
Configuring Virtual Port Channels This chapter describes how to configure virtual port channels (vpcs) on Cisco Nexus 5000 Series switches. It contains the following sections: Information About vpcs, page
More informationConfiguring SPAN and RSPAN
24 CHAPTER This chapter describes how to configure Switched Port Analyzer (SPAN) and Remote SPAN (RSPAN) on your Catalyst 2950 or Catalyst 2955 switch. Note For complete syntax and usage information for
More informationH3C S3600V2 Switch Series
H3C S3600V2 Switch Series Layer 3 - IP Services Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 2101 Document version: 6W100-20110905 Copyright 2011,
More informationFSOS. Ethernet Configuration Guide
FSOS Ethernet Configuration Guide Contents 1 Configuring Interface... 1 1.1 Overview...1 1.2 Configuring Interface State...1 1.2.1 Configurations...1 1.2.2 Validation...1 1.3 Configuring Interface Speed...
More informationRouting Between VLANs Overview
Routing Between VLANs Overview This chapter provides an overview of VLANs. It describes the encapsulation protocols used for routing between VLANs and provides some basic information about designing VLANs.
More informationH3C S5120-EI Series Ethernet Switches. Layer 3 - IP Services. Configuration Guide. Hangzhou H3C Technologies Co., Ltd.
H3C S5120-EI Series Ethernet Switches Layer 3 - IP Services Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Document Version: 6W102-20100722 Product Version: Release 2202 Copyright
More information