AN-135. Introduction. VLAN Overview IEEE 802.1Q VLAN Q Tag Based and Port Based VLAN Function and Setting in KSZ8995M/MA

Similar documents
Application Note 126. QoS Priority Support KS8993M / KS8995MA / XA. Introduction. Egress Port Priority Mechanism. Strict Priority Queuing

Register Bit Name Description Default Global Ctrl Reg 2 SGCR2. Table 1. Registers are used for Common and Egress Port Setting

Application Note. RMII Connections for. KSZ8895RQ and KSZ8864RMN Rev1.0. Introduction. Block Diagram of the KSZ8895RQ. Block Diagram of the KSZ8864RMN

KSZ8864 Evaluation Board User s Guide

KSZ9692PB User Guide Brief

NCT240 IP DSLAM with IAC4500 VLAN Tagging Implementation

Table 1 summarizes the supported device attribute differences between KSZ9021GN and KSZ9031MNX PHY devices. Device Attribute KSZ9021GN KSZ9031MNX

KSZ8895FMQ Evaluation Board User s Guide

Features VCC MIC1810 RESET RESET

KSZ8795CLXD-EVAL Board (KSZ8795CLX+KSZ9031RNX) Demo Evaluation Board User s Guide

Table 1 summarizes the supported device attribute differences between KSZ9021RN and KSZ9031RNX PHY devices. Device Attribute KSZ9021RN KSZ9031RNX

Chapter 4 Configuring Switching

VLAN - SP6510P8 2013/4. Copyright 2011 Micronet Communications, INC

8.3. Advanced Functionality Overview

DUAL TTL-to-DIFFERENTIAL PECL TRANSLATOR

KSZ8895MQ/RQ Evaluation Board User s Guide

SY55854U. General Description. Features. Functional Block Diagram. Applications. 2 x 2 Protection Crosspoint Switch

NOT RECOMMENDED FOR NEW DESIGNS SINGLE SUPPLY QUAD PECL/TTL-TO-PECL

For further information, please contact. DKT A/S Fanoevej 6 DK-4060 Kirke Saaby

How to configure the IAC4500 Internet Access Controller for Billing by Volume Application with NCT480 IP DSLAM using port location mapping

Bridge Functions Consortium

Features. Data Sheet. Micrel Inc Fortune Drive San Jose, CA USA tel +1 (408) fax + 1 (408)

Table of Contents 1 VLAN Configuration 1-1

Subjects, overview. DKT A/S Fanoevej 6 DK-4060 Kirke Saaby

Q VLAN User s Guide

Bridge Functions Consortium

Routing Between VLANs Overview

Configuring Firewall Filters (J-Web Procedure)

MIC1832. General Description. Features. Applications. Typical Application

Features. Applications

Management Software AT-S67 AT-S68. User s Guide FOR USE WITH AT-FS7016 AND AT-FS7024 SMART SWITCHES VERSION PN Rev A

Precision CML/LVPECL/LVDS 2:1 MUX with Internal Termination and Fail Safe Input

Management Software AT-S101. User s Guide. For use with the AT-GS950/8POE Gigabit Ethernet WebSmart Switch. Version Rev.

Features. Applications. MIC4126/27/28 Block Diagram

Junos Enterprise Switching

MIC705/706/707/708. General Description. Features. Applications. Typical Application. µp Supervisory Circuit

ProSAFE 8-Port 10-Gigabit Web Managed Switch Model XS708Ev2 User Manual

ANTC205. Introduction

Figure Untagged and 802.1Q-Tagged Ethernet frames

ProSAFE 8-Port and 16-Port 10-Gigabit Ethernet Web Managed Switch Models XS708Ev2 and XS716E User Manual

MIC706P/R/S/T, MIC708R/S/T

Routing Between VLANs Overview

8-Port Gigabit Ethernet Smart Managed Plus Switch with 2-Port 10G/Multi-Gig Uplinks User Manual

Configuring Access and Trunk Interfaces

ProSafe Plus Switch Utility

KSZ8081MNX / KSZ8091MNX

Risanuri Hidayat. 13/03/2012 Jurusan Teknik Elektro dan Tekn Informasi UGM

KSZ8081RNB / KSZ8091RNB

General Description. Features. Related Documentation. Evaluation Board. SY58600/601/602U Evaluation Board

48-Port Gigabit Ethernet Smart Managed Plus Switch User Manual

ProSAFE Easy-Mount 8-Port Gigabit Ethernet PoE+ Web Managed Switch

Configuring SPAN. Understanding SPAN CHAPTER. This chapter describes how to configure Switched Port Analyzer (SPAN) and on the Catalyst 2960 switch.

QoS Setup Guide. Application Note 306 QoS Setup Procedure. QoS Set-up Guide

ProCurve Switch G ProCurve Switch G

Computer Networking. December 2004 CEN CN

Private and Public addresses. Real IPs. Lecture (09) Internetwork Layer (3) Agenda. By: Dr. Ahmed ElShafee

MARQUE : REFERENCE : CODIC : NETGEAR GSS108E-100EUS NOTICE

Configuring Port-Based and Client-Based Access Control (802.1X)

MIC2560. General Description. Features. Applications. Typical Application. PCMCIA Card Socket V CC and V PP Switching Matrix

MIC2027/2077. Features. General Description. Applications. Typical Application. Quad USB Power Distribution Switch

SY89645L. General Description. Features. Block Diagram. Applications. Markets. Precision Low Skew, 1-to-4 LVCMOS/LVTTL-to-LVDS Fanout Buffer

3.3V DUAL 1:10 PRECISION LVDS FANOUT BUFFER/TRANSLATOR WITH 2:1 INPUT MUX

Bridge Functions Consortium

VLAN Configuration via CLI on 300/500 Series Managed Switches

FSOS. Ethernet Configuration Guide

DSL Forum. Working Text WT-141 Draft Version 3.0. Protocol Independent Management Model for TR-101 Compliant Access Nodes

8-Port Gigabit Ethernet Smart Managed Plus Switch with Integrated Cable Management User Manual

User Guide. Unmanaged Pro Configuration Utility TL-SG105E / TL-SG108E / TL-SG116E TL-SG1016DE / TL-SG1024DE / TL-SG108PE / TL-SG1016PE

User Guide Easy Smart Configuration Utility

Configure Virtual LANs in Layer 2 VPNs

1:4 LVPECL/CML FANOUT BUFFER WITH INTERNAL TERMINATION

Understanding Basic 802.1ah Provider Backbone Bridge

Network Configuration Example

Features. Applications

Features MIC2779L IN OUT HTH GND. Cellular Telephone Battery Monitor

MIC2587 Evaluation Board

3.3V, 3.2Gbps DIFFERENTIAL 4:1 LVDS MULTIPLEXER with INTERNAL INPUT TERMINATION

User Manual ES-5808PHG. Gigabit 8-Port 802.3at PoE Web Smart Switch

Features. Applications

MIC2546/2547. Features. General Description. Applications. Typical Application. Dual Programable Current Limit Switch

Switched Ethernet Virtual LANs

Features. Applications

Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling

Configuring BPDU tunneling

Lecture 9: Switched Ethernet Features: STP and VLANs

Overlapping VLANs for Industrial Applications

VLAN. Mario Baldi. Pietro Nicoletti. Politecnico di Torino. Studio Reti

Managed Ethernet Switch User s Manual

8-Port Gigabit Ethernet Smart Managed Plus Switch with Integrated Cable Management User Manual

Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling

MIC2544A/2548A. General Description. Features. Applications. Typical Application. Programmable Current Limit High-Side Switch

Features. Applications. Micrel Inc Fortune Drive San Jose, CA USA tel +1 (408) fax + 1 (408)

Micrel Serial Programmer (MICUSB)

Features. V CC 2.7V to 5.5V 10k OVERCURRENT GND NC

Features. Applications

MIC826. General Description. Features. Applications. Typical Application

MAC-Based VLAN Technology White Paper

Features. Applications

KSZ9031RNX-EVAL Board User s Guide. Micrel, Inc All rights reserved

Configuring SPAN and RSPAN

Transcription:

AN-135 802.1Q Tag Based and Port Based VLAN Function and Setting in KSZ8995M/MA Introduction This document will discuss IEEE802.1Q tag-based VLAN and port-based VLAN setup for the KSZ8995M/MA devices. The reader should use this design note in conjunction with the datasheet which can be found at: http://www.micrel.com/page.do?page=product-info/fastether_sw_man.jsp. VLAN Overview Virtual LANs (VLANs) consist of a logical independent workgroup operating within a physical network. These workgroups behave as independent unique networks. The VLANs are defined by logical boundaries between workgroups. VLANs can be grouped by applications or functions. For example, the IT manager can define one VLAN for a multimedia application and another for an e-mail application. Alternately, it can have one VLAN for its Engineering Department, another for its Marketing Department, another for its Accounting Department, and so on. As these examples show, VLANs offers unparalleled flexibility to ensure the best possible performance of the network. The intent of this design note is to serve as a basic guide for using the Micrel KSZ8995M/MA in a VLAN application. IEEE 802.1Q VLAN The KSZ8995M/MA supports the IEEE 802.1Q specification for tagged frames. The IEEE specification defines a format of the frame in the network environment. An additional 4-octet header (or tag ) is inserted in a frame after the source MAC address and before the frame type. 12 bits of the tag are used to define the VLAN ID. When packets pass through the KSZ8995M/MA, the device will look in each of the VLAN, static MAC and dynamic MAC tables for an appropriate forwarding part. If the packet satisfies the necessary condition of the forwarding conditions, then the packet will then be forwarded to the destination port. See the Figure 1 for tagged frame format. Micrel Inc. 2180 Fortune Drive San Jose, CA 95131 USA tel +1 (408) 944-0800 fax + 1 (408) 474-1000 http://www.micrel.com

Figure 1. Ethernet Packet with 802.1Q VLAN Tag Creating VLANs in KSZ8995M/MA The KSZ8995M/MA supports 16 active VLANs out of a possible 4096 VLANs. The KSZ8995M/MA provides a 16- entry VLAN table. Each entry has a VID (VLAN ID), FID (filter ID), VLAN Membership and Valid fields. 12-bit VLAN ID represents 4096 possible VLANs specified in IEEE 802.1Q. 4-bit Filter ID is created by the device and it represents the 16 active VLANs supported by the KSZ8995M/MA. The FID is the mapped ID, it maps any one of the 4096 VLANs to one of the 16 active VLANs. By reducing the 12 bits of the VID to only 4 bits of the FID, the look up function is now more efficient. During the lookup and learning of the MAC addresses, the FID+DA and FID+SA combination is used. This look-up mechanism allows identical MAC addresses to be used in different VLAN. 5-bit VLAN membership field represents the forwarding ports of the VLAN. 1-bit valid field controls the validity of the entry. The information stored in the VLAN table is compared with the VID embedded in the ingress packet. The VLANs also manage the broadcast domain, and creates a logical partition of the workgroups. When the destination address is unknown or the ingress packet is a broadcast or multicast packet, the chip will only broadcast within the VLAN that the incoming packet belongs to. Each of the entries in the VLAN table represents a VLAN group. The KSZ8995M/MA supports 16 VLAN groups totally. The membership field of the each of the VLAN entries represents all of the members of this VLAN group. The VLAN table format is shown in Table 1. 2

Bit Name R/W Description Default 21 Valid R/W =1, the entry is valid 1, entry is invalid 20-16 Membership R/W Specify which ports are members of the VLAN. If a DA look up fails (no match in both static and dynamic tables), the packet associated with this VLAN will be forwarded to ports specified in this field. E.g. 11001 means port 5, 4, and 1 are in this VLAN. 15-12 FID R/W Filter ID. KS8995M/MA supports 16 active VLANs represented by these four bit fields. FID is the mapped ID. If 802.1Q VLAN is enabled, the look up will be based on FID+DA and FID+SA. 11-0 VID R/W IEEE 802.1Q 12 bit VLAN ID 1 Table 1. Format of the VLAN Table (16 entries) 11111 0 The 802.1Q Tagged Packet Look-up Process in KSZ8995M/MA If the 802.1Q VLAN mode is enabled, the KSZ8995M/MA will parse the ingress packets for information needed to identify an egress port. If the ingress is untagged, the chip will then assign a VID to the ingress packet. If the packet is tagged with a null VID, the packet will be assigned the default port VID of the ingress port. If the packet is tagged with non-null VID, the tagged VID will be used. The look up process will start from the VLAN table look up. If the VID is not found, then the packet will be dropped and no address learning will take place. If the VID is found, then the FID will be retrieved and the FID+DA and FID+SA lookups are then performed. The FID+DA look up determines the forwarding ports. If FID+DA lookup fail, the packet will then be broadcast to all of the members (excluding the ingress port) within the VLAN group. FID+SA is used for learning; if FID+SA is unknown, the FID+SA will then be learnt and entered into the lookup table. The look-up procedure is as follows: The device begins the look-up phase by referencing the VLAN table based on the VID of the ingress packet. If the VID is not found in the VLAN table, then the packet will be dropped. If the VID is found in the VLAN table, then the FID is retrieved. At this point, the packet with FID+DA will go to the static MAC table for look-up. If the FID+DA is not found in the static MAC table, then the KSZ8995M/MA will try to look up the FID+DA in the dynamic MAC table. If the FID+DA is not found in the dynamic MAC table either, and then the packet will be broadcast to all of the membership ports with the same VLAN ID in the VLAN table. The following flowchart describes the look-up process as shown in Figure 2 for details. 3

Start PTF=NULL NO VLAN ID VALID? -Search VLAN table -Ingress VLAN filtering -Discard NPVID check YES Search complete. Get PTF from static table FOUND Search Static Table This search is based on DA or DA+FID NOT FOUND Search complete. Get PTF from dynamic table FOUND Dynamic Table Search This search is based on DA+FID NOT FOUND Port VLAN Membership PTF Port To Forward Figure 2. 802.1Q Tagged Packet Look-Up Flowchart After the FID is derived from the VID, the FID+DA is used to determine the destination ports in the static MAC table and the dynamic MAC table. In 802.1Q VLAN mode, the port-based VLAN membership of the port registers should be set to the default value of all 1. This is because the switch supports both tag-based VLANs and port-based VLANs. The membership within the VLAN is a logical AND between the tag-based VLAN membership and the port-based VLAN membership. If the destination port is not part of the port-based membership group, even if the tag is correct the packet will not be forwarded. Because the look-up utilizes both the VID and the DA, it is therefore possible to have identical MAC addresses within different VLAN in the same network. 4

For details determining forwarding look-up in a variety of cases, please see Table 2. DA found in Static MAC table USE FID flag? FID match? DA+FID found in dynamic MAC table Action No Don t care Don t care No Broadcast to the membership ports defined in the VLAN table bits [20:16] No Don t care Don t care Yes Send to the destination port defined in the dynamic MAC table bits [54:52] Yes 0 Don t care Don t care Send to the destination port(s) defined in the static MAC table bits [52:48] Yes 1 No No Broadcast to the membership ports defined in the VLAN table bits [20:16] Yes 1 No Yes Send to the destination port defined in the dynamic MAC table bits [54:52] Yes 1 Yes Don t care Send to the destination port(s) defined in the static MAC table bits [52:48] Table 2. FID+DA Look-Up in the VLAN Mode For details of the learning process, please see Table 3. SA+FID found in dynamic MAC table No Yes Action The SA+FID will be learned into the dynamic table. Time stamp will be updated. Table 3. FID+SA Look-Up in the VLAN Mode Note: Refer to datasheet Rev2.4, pages 53 and 56 for Static MAC and Dynamic MAC Tables. 5

Registers Associated with VLAN Configuration Additional VLAN configurations support is available in other registers. In addition to the basic VLAN configuration, advanced VLAN features are also supported in the KSZ8995M/MA, e.g. VLAN ingress filtering and discard non- PVID Packets (PVID= Port default VID) as defined in Port Registers Control 2 bit 6 and bit 5. These features can be controlled on a per port basis. Please see Table 4 for related registers. Register Bit Name Description Default Register 5 (0x05): Global Control 3 Register 6 (0x06): Global Control 4 Control 3 for port Control 4 for port Control 2 for port Control 0 for port Control 1 for port 7 802.1Q VLAN Enable 3 Null VID Replacement 7-0 Default Tag [15:8] =1, 802.1Q VLAN mode is turned on. VLAN table needs to set up before the operation., 802.1Q VLAN is disabled =1, will replace NULL VID with port VID (12 bits), no replacement for NULL VID Port s default tag, containing 7-5: user priority bits 4: CFI bit 3-0 : VID[11:8] 7-0 Default Tag [7:0] Port s default tag, containing 7-0: VID[7:0] 6 Ingress VLAN Filtering 5 Discard Non- PVID Packets =1, the switch will discard packets whose VID port membership in VLAN table bits [20:16] does not include the ingress port., no ingress VLAN filtering =1, the switch will discard packets whose VID does not match ingress port default VID., no packets will be discarded 2 Tag Insertion =1, when packets are output on the port, the switch will add 802.1Q tags to packets without 802.1Q tags when received. The switch will not add tags to packets already tagged. The tag inserted is the ingress port s port VID., disable tag insertion 1 Tag Removal =1, when packets are output on the port, the switch will remove 802.1Q tags from packets with 802.1Q tags when received. The switch will not modify packets received without tags., disable tag removal 4-0 Port VLAN Membership Define the port s Port VLAN membership. Bit 4 stands for port 5, bit 3 for port 4 bit 0 for port 1. The Port can only communicate within the membership. A 1 includes a port in the membership, a 0 excludes a port from membership Table 4. Related Registers with VLAN in the KSZ8995M/MA x1f 6

Steps for Creating Port-Based VLAN: 1. Set Port Registers Control 1, Port VLAN Membership bits [4-0] for port VLAN mask. 2. Confirm Register 5 Global Control 3, bit 7 (default) and 802.1Q VLAN is turned off. 3. For example, set up ports 1, 2, 3 and 5 for port-based VLAN 1, and set up ports 4 and 5 for port- based VLAN 2. As VLAN 1 has overlap with VLAN 2 at port 5, the broadcast and multicast packets may cross VLAN boundaries when port 5 is the ingress port. The setting of the membership field on the port registers are set as follows: Set port 1, port 2 and port 3 Registers Control 1 bits [4-0] = (1, 0, 1, 1, 1) to the same value. Set Port 4 Register Control 1 bits [4-0] = (1, 1, 0, 0, 0). Set Port 5 Register Control 1 bits [4-0] = (1, 1, 1, 1, 1) for both port based VLAN 1 and VLAN 2. From this setting of port 5, if broadcast and multicast packets come in from port 5, the packets will cross the VLAN boundary to all ports excluding the ingress port 5. When using port based VLANs, it is advised not to overlap the ports in the VLANs, as shown in the above example. This will prevent VLAN traffic from crossing boundaries. Steps for Creating 802.1Q Tag VLAN: 1. Set Register 5 Global Control 3 bit 7 to turn on the 802.1Q VLAN Enable. 2. Set Register 6 Global Control 4 bit 3 for null VID replacement using default VID if the tagged packet is null VID. 3. Set Port Register Control 3 and Control 4 for default tag of the ingress port when 802.1Q VLAN is enabled and ingress packet is non-tag or null tag. Then the default tag and its value will be used in VLAN table for look-up. 4. Set Port Registers Control 2 bit 6 for ingress VLAN Filtering if it is required. 5. Set Port Registers Control 2 bit 5 for Discard Non-PVID packets if it is required. 6. If you want to add the default tag for the ingress packet with non-tag on the egress port, set Port Register Control 0 bit 2 for tag insertion at the egress port. 7. When using 802.1Q VLAN mode look-up result, port registers control 1 bits [4-0] of the port VLAN membership should be in the default value. 8. Write the VID and FID of the VLAN group into the VLAN table. For example: Port 1, 2, 3 and 5 are tag VLAN 1 (Write an entry with VID=1 FID=1 VLAN membership = (1, 0, 1, 1, 1) for port 1, 2, 3, and 5 in the VLAN table). Port 4, 5 are tag VLAN 2 (Write an entry with VID=2 FID=2 VLAN membership= (1, 1, 0, 0, 0) for port 4 and 5 in the VLAN table). Set default tag for VID Set Port 1, 2, and 3 Registers Control 4 VID=1 Set Port 4 Register Control 4 VID=2 Set tag insertion for port 5 Set Port 5 Register Control 0 bit 2=1 for tag insertion on egress port 5. When packets are passed from ingress port 1, 2, or 3 then the egress port 5 will insert a tag with VID=1. When packets are passed from ingress port 4 then the egress port 5 will insert a tag with VID=2. Usually, port 5 is connected to a microprocessor which will recognize the VID of each packet. When port 5 sends back packets to the ingress ports where the packet originated from, port 5 will segregate the traffic for VLAN 1 and VLAN 2. Since the 8021.Q tag VLAN is based on the VID, and not based on the physical ports, the broadcast and multicast traffic can not pass the VLAN boundaries. 7

Summary The KSZ8995M/MA 5-port switch has very flexible VLAN function capabilities. It allows the customer to create a large variety combination of VLAN groups by utilizing both port-based and 802.1Q based VLANs. In addition, the unique lookup algorithm allows identical MAC addresses to coexist within the same network, making the KSZ8995M/MA are very useful in isolating and segregating specific flows within the network. MICREL, INC. 2180 FORTUNE DRIVE SAN JOSE, CA 95131 USA TEL +1 (408) 944-0800 FAX +1 (408) 474-1000 WEB http:/www.micrel.com The information furnished by Micrel in this data sheet is believed to be accurate and reliable. However, no responsibility is assumed by Micrel for its use. Micrel reserves the right to change circuitry and specifications at any time without notification to the customer. Micrel Products are not designed or authorized for use as components in life support appliances, devices or systems where malfunction of a product can reasonably be expected to result in personal injury. Life support devices or systems are devices or systems that (a) are intended for surgical implant into the body or (b) support or sustain life, and whose failure to perform can be reasonably expected to result in a significant injury to the user. A Purchaser s use or sale of Micrel Products for use in life support appliances, devices or systems is a Purchaser s own risk and Purchaser agrees to fully indemnify Micrel for any damages resulting from such use or sale. 2006 Micrel, Incorporated. 8

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback