Flexible network segmentation for high-speed LANs. Intel Networking Information Series. For today s networking professionals who need fast,

Similar documents
Understanding VLANs. Existing Shared LAN Configurations CHAPTER

How Did LANs Evolve to Multilayer Switching?

Case Study Parc de Vilgénis College

Trademarks. Statement of Conditions by NETGEAR, Inc. All rights reserved.

Routing Between VLANs Overview

Routing Between VLANs Overview

NETWORKING COMPONENTS

USING ISCSI AND VERITAS BACKUP EXEC 9.0 FOR WINDOWS SERVERS BENEFITS AND TEST CONFIGURATION

Switched Ethernet Virtual LANs

LOCAL AREA NETWORKS Q&A Topic 4: VLAN

Transparent Bridging and VLAN

The ehealth Traffic Accountant Reporting Application

SYSTEMS ADMINISTRATION USING CISCO (315)

LAYER 2/3/4 FRAME CLASSIFICATION PRIMER. Whitepaper

Chapter 6: Network Communications and Protocols

EVOLUTION OF VLAN. Manisha Barse Department of E&TC, D. Y. Patil College of Engineering, Akurdi, Pune, India.

INTRODUCTION. What You Need to Read. What this LANbook Covers

2. LAN Topologies Gilbert Ndjatou Page 1

QuickSpecs. HP enterprise access point WL520. Overview

Cisco Configuration Assistant

Chapter 8: Subnetting IP Networks

Management Software AT-S101. User s Guide. For use with the AT-GS950/8POE Gigabit Ethernet WebSmart Switch. Version Rev.

Prepared by Agha Mohammad Haidari Network Manager ICT Directorate Ministry of Communication & IT

Importance of Interoperability in High Speed Seamless Redundancy (HSR) Communication Networks

Layer 2 functionality bridging and switching

Increase Network Reliability and Reduce Costs with Cabling Management Software and Services Designed Especially for SYSTIMAX Installations

PowerConnect 'HOO_3RZHU&RQQHFW. Key Points. Product Description

Unicasts, Multicasts and Broadcasts

PASS4TEST IT 인증시험덤프전문사이트

Wired internetworking devices. Unit objectives Differentiate between basic internetworking devices Identify specialized internetworking devices

DATA COMMUNICATIONS MANAGEMENT. Gilbert Held INSIDE

Bridging and Switching Basics

LANs do not normally operate in isolation. They are connected to one another or to the Internet. To connect LANs, connecting devices are needed.

VLANs Level 3 Unit 9 Computer Networks

Fundamentals of Windows Server 2008 Network and Applications Infrastructure

Objectives. Hexadecimal Numbering and Addressing. Ethernet / IEEE LAN Technology. Ethernet

The following steps should be used when configuring a VLAN on the EdgeXOS platform:

Top-Down Network Design

Black Box Multicast Video-over-IP Solution

Cisco Systems, Inc. Norman Finn. July 9, /12. Class of Service in Class of Service in Norman Finn Cisco Systems

Cisco Exploration 3 Module 3 LAN Switching and Wireless Jim Johnston Class Notes September 9, 2008

8 VLANs. 8.1 Introduction. 8.2 vlans. Unit 8: VLANs 1

High-performance. Enterprise Scale. Global Mobility.

TCP/IP and OSI Model Ethernet LAN Network Cables Network Devices Network Topologies Redundant Internet Connections VLANs Wireless LANs Upcoming

- Hubs vs. Switches vs. Routers -

Introducing Campus Networks

Network Security Fundamentals. Network Security Fundamentals. Roadmap. Security Training Course. Module 2 Network Fundamentals

The Internet software layers

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Fundamentals of Networking Introduction to Networking Devices

Introduction to OSPF

Ethernet Network Redundancy in SCADA and real-time Automation Platforms.

Cisco Etherswitch Service Modules

Chapter 4 NETWORK HARDWARE

EqualLogic Storage and Non-Stacking Switches. Sizing and Configuration

White Paper. OCP Enabled Switching. SDN Solutions Guide

Ethernet Hub. Campus Network Design. Hubs. Sending and receiving Ethernet frames via a hub

Internetworking is connecting two or more computer networks with some sort of routing device to exchange traffic back and forth, and guide traffic on

Lesson 1: Network Communications

Introduction to Networking Devices

ZENworks for Desktops Preboot Services

Networks: Communicating and Sharing Resources

ITEC 3800 Data Communication and Network. Introducing Networks

Cisco Cloud Services Router 1000V and Amazon Web Services CASE STUDY

Configuring IP Multicast Routing

Campus Networking Workshop. Layer 2 engineering Spanning Tree and VLANs

Chapter Seven. Local Area Networks: Part 1. Data Communications and Computer Networks: A Business User s Approach Seventh Edition

Configuring IP Multicast Routing

Configuring VLANs. Understanding VLANs CHAPTER

TEN ESSENTIAL NETWORK VIRTUALIZATION DEFINITIONS

for Windows 2000 Servers. Application server software for enterprises to compete in the digital economy.

Ch. 4 - WAN, Wide Area Networks

Configuring VLANs. Understanding VLANs CHAPTER

Hands-On Network Security: Practical Tools & Methods

Image courtesy Cisco Systems, Inc. Illustration of a Cisco Catalyst switch

CCNA Exploration Network Fundamentals. Chapter 09 Ethernet

Gigabit Networks, VLANs & Wireless LANs

TECHNICAL BRIEF. 3Com. XRN Technology Brief

Networking interview questions

Full file at

6.1.2 Repeaters. Figure Repeater connecting two LAN segments. Figure Operation of a repeater as a level-1 relay

Risanuri Hidayat. 13/03/2012 Jurusan Teknik Elektro dan Tekn Informasi UGM

CISCO SYSTEM ADMINISTRATION (41)

Unit C - Network Addressing Objectives Purpose of an IP Address and Subnet Mask Purpose of an IP Address and Subnet Mask

Choosing the Right. Ethernet Solution. How to Make the Best Choice for Your Business

White paper: Agentless Backup is Not a Myth. Agentless Backup is Not a Myth

Testing Ethernet Card for Silent Monitor

Growth. Individual departments in a university buy LANs for their own machines and eventually want to interconnect with other campus LANs.

VoIP / RoIP for Technicians

Exam : Cisco Certified Network Associate(CCNA) Title : Version : DEMO

J6848A Report Center Advanced network analysis and reporting for the Network Analyzer Wireline protocol test product

3.5 CONNECTING DEVICES

Appendix B Networks, Routing, and Firewall Basics

Vendor: EMC. Exam Code: E Exam Name: Cloud Infrastructure and Services Exam. Version: Demo

Competitive Analysis. Version 1.0. February 2017

Computer Communication & Networks / Data Communication & Computer Networks Week # 03

Management Software AT-S79. User s Guide. For use with the AT-GS950/16 and AT-GS950/24 Smart Switches. Version Rev.

Cisco RV180 VPN Router

SNIA Discussion on iscsi, FCIP, and IFCP Page 1 of 7. IP storage: A review of iscsi, FCIP, ifcp

Course Routing Classification Properties Routing Protocols 1/39

Transcription:

Virtual LANs Flexible network segmentation for high-speed LANs Intel Networking Information Series For today s networking professionals who need fast, concise information to help them understand new technologies that can make their networks more efficient and cost-effective.

Contents Executive Summary 3 The Need for VLANs 4 VLANs: A Semi-Technical Discussion 5 An Industry-Wide VLAN Standard 6 The Intel VLAN Solution 6 Summary and Conclusion 7 For More Information 7 Glossary of Terms 7 2

Executive Summary Few people experience the rapid changes of today s business environment more than Information Technology (IT) managers. Employees move, business operations are restructured and new technologies emerge. All of these changes add pressure to networks already straining under the requirements of more users, more powerful workstations and more demanding applications. Virtual LANs (VLANs) can help IT managers adapt to these changes more easily and effectively, while increasing overall network performance. By offering a highly flexible means of segmenting a corporate network, VLANs reduce the performance bottlenecks that occur when traditional backbone routers can t meet the demands of fast, switched networks. A VLAN is a group of, servers and other network resources that behave as if they were connected to a single, network segment even though they may not be. For example, all marketing personnel may be spread throughout a building. Yet if they are all assigned to a single VLAN, they can share resources and bandwidth as if they were connected to the same segment (see Figure 1). The resources of other departments can be invisible to the marketing VLAN members, accessible to all, or accessible only to specified individuals, at the IT manager s discretion. This logical grouping of network nodes helps free IT managers from the restrictions of their existing network design and cabling infrastructure. It offers a fundamental improvement in the ease with which LANs can be designed, administered and managed. And since VLANs are software-based, they allow the network structure to quickly and easily adapt to the addition, relocation or reorganization of nodes. No longer does each change require a visit to the wiring closet. Equally important, VLANs help meet performance needs by segmenting the network more effectively. Unlike standard switching, they restrict the dissemination of broadcast as well as node-to-node traffic, so the burden of extraneous traffic is reduced throughout the network. Security can also be improved. Since all packets traveling between VLANs may also pass through a router, standard router-based security measures can be implemented to restrict access as needed. Despite the advantages of a welldesigned VLAN solution, the newness WAN Marketing Engineering Administration Router The VLAN Solution of the technology and the large number of proprietary implementations have created confusion in the marketplace. Some industry pundits have charged that VLANs may eventually become unnecessary as routing becomes faster and high-bandwidth technologies such as Fast Ethernet and Gigabit Ethernet emerge. They also note a slow, industrywide trend toward protocols that depend less upon broadcast traffic. These changes may, to some extent, reduce the importance of VLAN solutions in the future, but they won t eliminate many of the key advantages of the technology. And VLANs offer an immediate and cost-effective solution to several very real networking challenges a solution that can be integrated into existing networks without costly overhauls. The potential benefits should not be ignored. 3rd Floor 2nd Floor Ist Floor Figure 1: VLANs allow highly flexible, efficient network segmentation, enabling users and resources to be grouped logically, without regard to physical location. Printer Printer 3

The Need for VLANs By the 1980 s, most networks consisted of a simple, hierarchical arrangement in which multiple, shared-media networks were connected by a router (see Figure 2). With their sophisticated packet handling, routers allowed communication between networks when necessary, while effectively segmenting traffic so that large shared networks were not swamped by excessive traffic. Unfortunately, traditional routers were slow, complicated and expensive. As the need for faster networks emerged, a new solution was needed. es spearheaded the next evolution of network structure. By segmenting the network and providing dedicated bandwidth where needed, they greatly increased performance, while reducing cost and complexity (see Figure 3). However, traditional switches segment only unicast, or node-to-node, traffic. Unlike routers, they do not limit broadcast traffic (packets that are addressed to all the nodes within the network) or multicast traffic (packets that are distributed to a group of nodes). As networks have grown and traffic has increased, IT managers have been forced to segment their networks into more and more switched subnets to meet increasing performance demands. With these changes, broadcast and multicast traffic have placed a greater burden on network bandwidth. In the worst case scenario, broadcast traffic can spiral out of control, creating broadcast storms that can bring down the network. As switched networks have become more common, routers have continued to exist within the network. But they ve been forced toward the periphery, where speed is generally less critical. VLANs offer an effective solution to swamped routers and broadcast storms. By limiting the distribution of broadcast, multicast and unicast traffic, they can help free up bandwidth, reduce the need for expensive and complicated routing Benefits of VLANs Flexible network segmentation Users and resources that communicate most frequently with each other can be grouped into common VLANs, regardless of physical location. Each group s traffic is largely contained within the VLAN, reducing extraneous traffic and improving the efficiency of the whole network. Simple management The addition of nodes, as well as moves and other changes, can be dealt with quickly and conveniently from the management console rather than the wiring closet. Increased performance VLANs free up bandwidth by limiting node-to-node and broadcast traffic throughout the network. Better use of server resources With a VLAN-enabled adapter, a server can be a member of multiple VLANs. This reduces the need to route traffic to and from the server. Enhanced network security VLANs create virtual boundaries that can only be crossed through a router. So standard, router-based security measures can be used to restrict access to each VLAN as required. between switched networks, and eliminate the danger of broadcast storms. With these advantages, VLANs revive many of the key advantages of LAN routing, but with greater flexibility, performance, simplicity and affordability. A Traditional Fully Routed Network A Standard ed Network Corporate LAN Router Corporate LAN Router WAN Servers Server Server Server Figure 2: Traditional LAN routers segment the network and provide logical structure, but are slow, complicated and expensive. Figure 3: Standard switches are much faster than routers and provide dedicated bandwidth where needed, but are vulnerable to broadcast storms. 4

VLANs: A Semi-Technical Discussion In general, there are three basic models for determining and controlling how a packet gets assigned to a VLAN. Port-based VLANs In this implementation, the administrator assigns each port of a switch to a VLAN. For example, ports 1-3 might be assigned to the Sales VLAN, ports 4-6 to the Engineering VLAN and ports 7-9 to the Administrative VLAN (see Figure 4). The switch determines the VLAN membership of each packet by noting the port on which it arrives. When a user is moved to a different port of the switch, the administrator can simply reassign the new port to the user s old VLAN. The network change is then completely transparent to the user, and the administrator saves a trip to the wiring closet. However, this method has one significant drawback. If a repeater is attached to a port on the switch, all of the users connected to that repeater must be members of the same VLAN. MAC address-based VLANs The VLAN membership of a packet in this case is determined by its source or destination MAC address. Each switch maintains a table of MAC addresses and their corresponding VLAN memberships. A key advantage of this method is that the switch doesn t need to be reconfigured when a user moves to a different port. Marketing Engineering Administration However, assigning VLAN membership to each MAC address can be a time consuming task. Also, a single MAC address cannot easily be a member of multiple VLANs. This can be a significant limitation, making it difficult to share server resources between more than one VLAN. (Although a MAC address can theoretically be assigned to multiple VLANs, this can cause serious problems with existing bridging and routing, producing confusion in switch forwarding tables.) Layer 3 (or protocol)-based VLANs With this method, the VLAN membership of a packet is based on protocols (IP, IPX, Netbios, etc.) and Layer 3 addresses. This is the most flexible method and provides the most logical grouping of users. An IP subnet or an IPX network, for example, can each be assigned their own VLAN. Additionally, protocol-based membership allows the administrator to assign nonroutable protocols, such as Netbios or DECNET, to larger VLANs than routable protocols like IPX or IP. This maximizes the efficiency gains that are possible with VLANs. Port-Based VLANs 1 2 3 4 5 6 7 8 9 Another important distinction between VLAN implementations is the method used to indicate membership when a packet travels between switches. Two methods exist implicit and explicit. Implicit VLAN membership is indicated by the MAC address. In this case, all switches that support a particular VLAN must share a table of member MAC addresses. Explicit A tag is added to the packet to indicate VLAN membership. Cisco ISL and the IEEE 802.1q VLAN specifications both use this method. To summarize, when a packet enters its local switch, the determination of its VLAN membership can be port-based, MAC-based or protocol-based. When the packet travels to other switches, the determination of VLAN membership for that packet can be either implicit (using the MAC address) or explicit (using a tag that was added by the first switch). Port-based and protocol-based VLANs use explicit tagging as their preferred indication method. MAC-based VLANs are almost always implicit. The bottom line is that the IEEE 802.1q specification is going to support port-based membership and explicit tagging, so these will be the default VLAN model in the future. Figure 4: In a Port-based VLAN, each port of a switch can be assigned to a particular VLAN. 5

An Industry-Wide VLAN Standard Many vendors have already developed their own proprietary VLAN solutions and products. Although these can provide significant benefits, an industry standard is clearly needed to ease the confusion and make the benefits of VLANs more accessible to IT managers. At present, the IEEE is still working on the 802.1q specification, which will help ensure the interoperability of VLAN implementations between switches and NICs from different vendors. Ratification of 802.1q is expected in the spring of 1998, but products based on the specification will start to appear on the market in early 1998. A second IEEE specification, 802.1p, defines the use of priority bits, which are part of the explicit VLAN tag as defined in 802.1q. There are two different VLAN models which will both be specified in the 802.1q specification: the shared model and the independent model. Both are explicit tagging implementations. They will generally work together, but problems can arise. Specifically, if you have a bridge router in your network, you would probably do well to adopt the independent model. If not, either option would work. Some switches will support both models, but you must choose one when configuring the switch for your network. The Intel VLAN Solution A proprietary VLAN solution can provide significant benefits. But once the IEEE specifications have been finalized, most future networking products will be designed to support and extend that new industry standard. So a standards-based VLAN solution is more likely to retain and extend its value as your network grows and you incorporate new products and technologies. Intel currently offers network adapters that are hardware-compatible with the upcoming IEEE VLAN specifications. Once the specifications are ratified, simple software upgrades will be available by disk or from the Intel Web page to establish compliance. Adapters that support this simple upgrade path include: Intel EtherExpress TM Server Adapter Intel EtherExpress PRO/100 PCI Adapter Intel EtherExpress PRO/100+ PCI Adapter Since the industry standards are not yet finalized, Intel switches currently support a proprietary VLAN solution, using the MAC address-based method with Layer 3 extensions. This is an extremely flexible approach, enabling an efficient, high-performance VLAN solution. The Intel EtherExpress PRO/100 Server Adapter compliments the implementation in Intel switches with its support for Cisco s proprietary ISL VLAN protocol. In the future, Intel intends to offer strong support for the IEEE VLAN specifications in both switches and adapters. Both port-based and MAC address-based VLANs will be supported using an implicit model. Explicit tagging will be also be supported using both the shared and independent models. This support for multiple implementations will make it as easy as possible for IT managers to create their own VLAN solutions, and help ensure compatibility with other VLAN implementations within their network. Flexible VLAN support is only one way in which Intel switches and adapters help ensure maximum performance and adaptability in changing network environments. (For more information, see the Adaptive Technology and Layer 3 ing briefs in the Intel Network Information Series, FaxBack 1758 and 1769.) Intel s support for emerging VLAN technologies derives naturally from Intel s commitment to delivering highperformance connectivity solutions to and servers. Intel now offers a complete line of industry-leading networking products and network management software. All offer high-performance, costeffective networking solutions, designed to empower users at the desktop while easing the burden on IT managers. Intel has also played a leading role in shifting the industry toward simplified PC and server management. The Wired for Management (WfM) initiative was launched by Intel in September of 1996. One result of this wide-ranging effort is the Wired for Management Baseline Specification. This defacto industry standard is already helping to make 6

the next generation of networked easier to manage and support. The goal is nothing less than a network of that can be fully managed from a central location. Intel is strongly committed to developing and supporting other industry-wide standards as well, through cooperation with other key vendors and standards organizations. Because in today s heterogenous networking environments, a solution can only be cost-effective if it interoperates readily with existing components and software. To safeguard your investment, Intel continually tracks and supports trends and specifications relating to VLANs and other emerging networking technologies. Summary and Conclusion By segmenting the corporate network with a new level of flexibility, VLANs offer a fundamental improvement to the network by working to simplify management, while increasing performance and enhancing security. Desktops, servers and other network resources can be organized according to the needs of the business, rather than the restrictions of the wiring closet. VLANs also address the limitations of standard switch segmentation by containing broadcast as well as node-tonode traffic. This helps eliminate router bottlenecks and reduces the danger of broadcast storms. Also, as a softwarebased solution, VLANs allow IT managers to adapt more easily to the inevitable network changes that occur in a fast-paced business environment. Intel s current VLAN solution offers a highly flexible approach, using explicit tagging so that each node can be assigned to multiple VLANs. In future switches and adapters, Intel will provide multiple VLAN solutions to better meet the specific needs of individual networks, while also supporting the upcoming IEEE specifications. Glossary of Terms For More Information Visit Intel on the World Wide Web at http://www.intel.com/network for more information on Intel s complete line of LAN adapters, switches and other high-performance networking solutions. Broadcast Network traffic that is disseminated to all the nodes on a sharedmedia segment Explicit model VLAN membership is indicated by adding a tag to each packet Implicit model VLAN membership is determined by examining information that already exists within each packet (the MAC address) Independent Model One of two explicit VLAN models specified in the IEEE 802.1q specification Layer 3 (or protocol)-based VLANs Each packet s protocol or Layer 3 addressing is examined individually by the switch to determine VLAN membership MAC Address-based VLANs VLAN membership is determined by the MAC address of each individual node Multicast Network traffic that is disseminated to selected nodes Node Each of the individual computers or other devices on a network Packet A chunk of data bits and associated information, including source address and destination address, formatted for transmitting from one node to another Port-based VLANs Each port of a switch is assigned to a particular VLAN Router A device that connects two networks at the Network Layer (Layer 3) of the OSI model; operates like a bridge, but also can choose routes through a network Segmentation The division of a network into separate shared-media subnets Shared Model One of two explicit VLAN models specified in the IEEE 802.1q specification A device that connects multiple network segments at the Data Link Layer (Layer 2) of the OSI model. They operate more simply and at higher speeds than routers. Unicast Network traffic between two nodes VLAN Virtual LAN; a logical grouping of network nodes that act as if they are connected to a single, shared-media network 7

Intel Services Intel PC & LAN Products Customer Information and Support Phone Numbers or find us on the World Wide Web at http://www.intel.com/network NORTH AMERICAN SERVICE CENTER: OREGON, USA Intel BBS 1-503-264-7999 FaxBack* 1-800-525-3019 or 503-264-6835 Product Information 1-800-538-3373 or 503-264-7354 Technicians Network and ProShare Conferencing/Video Products 1-916-377-7000 CPU, OverDrive Processors and Math Processors 1-800-321-4044 Phone Hours: 7:00 5:00 M-W, F 7:00 3:00 Th (US Pacific Time) EUROPEAN SERVICE CENTRE: SWINDON, UK Intel BBS +44-1793-432-955 FaxBack +44-1793-432-509 Product Information +44-1793-431-155 Technicians Hours (British Time) English +44-1793-404-900 (08:00 midnight) French +44-1793-404-988 (08:00 17:00, Tu 08:00 16:00) German +44-1793-404-777 (08:00 17:00, Tu 08:00 16:00) Italian +44-1793-404-141 (08:00 17:00, Tu 08:00 16:00) ASIA-PACIFIC SERVICE CENTER: SYDNEY, AUSTRALIA Product Information +61-2-9937-5800 Technicians +1-800-649-931 Hours: 05:00 15:00 ASIA-PACIFIC SERVICE CENTER: SINGAPORE Product Information +65-735-3811 Technicians +65-831-1311 Hours: 05:00 15:00 ASIA-PACIFIC SERVICE CENTER: HONG KONG Product Information +65-735-3811 Technicians +852-2-844-4456 Hours: 05:00 15:00 ASIA-PACIFIC SERVICE CENTER: KOREA Product Information +65-735-3811 Technicians +822-767-2595 Hours: 05:00 15:00 ASIA-PACIFIC SERVICE CENTER: TAIWAN Product Information +65-735-3811 Technicians +886-2-718-9915 Hours: 05:00 15:00 JAPAN SERVICE CENTER: TSUKUBA, JAPAN Product Information and Technicians Network and ProShare Conferencing/Video Products +81-298-47-0800 OverDrive Processors and Math Processors 03-5454-1886 Hours: 09:00 17:00 M-F modem settings: 8-N-1, up to 14.4Kbps Or contact your dealer or distributor. NOTE: Call our FaxBack service and order document #9089 for a current list of phone numbers. CUSTOMER SUPPORT Intel Customer Support Services offers a broad selection of programs including extended phone support, upgrades, parts replacement, on-site services and installation. For more information, contact us on the World Wide Web at http://support.intel.com or call 800-538-3373, ext. 276. Service and availability may vary by country. FOR ALL OTHER INTERNATIONAL SALES AND TECHNICAL SUPPORT QUESTIONS Contact your local dealer or distributor or call the North American Service center at +1-503-264-7354. SUPPORT FILES ON THE INTERNET Support information for Intel Brand products is available on the Internet for downloading by Anonymous FTP and for viewing or downloading on the World Wide Web. World Wide Web address (URL) Corporate: http://www.intel.com Customer Support: http://support.intel.com Intel FTP Server Hostname: ftp.intel.com File directory location: /pub/support/enduser_reseller (For FTP Server access instructions, order document #9051) MAILING ADDRESS North American Service Center Intel Customer Support JF3-333 5200 NE Elam Young Parkway Hillsboro, OR 97124-6497 USA European Service Centre Branded Products Support Centre Intel Corporation (UK), Ltd. Pipers Way Swindon, Wiltshire England SN3 1RJ NP0995 Intel Corporation, 1997. * Third party trademarks are the property of their respective owners. Please Recycle.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback