한국어

네트워킹

온누리070 플레이스토어 다운로드
    acrobits softphone
     온누리 070 카카오 프러스 친구추가온누리 070 카카오 프러스 친구추가친추
     카카오톡 채팅 상담 카카오톡 채팅 상담카톡
    
     라인상담
     라인으로 공유

     페북공유

   ◎위챗 : speedseoul


  
     PAYPAL
     
     PRICE
     

pixel.gif

    before pay call 0088 from app


http://www.firewall.cx/networking-topics/vlan-networks/219-vlan-tagging.html



Introduction

We mentioned that Trunk Links are designed to pass frames (packets) from all VLANs, allowing us to connect multiple switches together and independently configure each port to a specific VLAN. However, we haven't explained how these packets run through the Trunk Links and network backbone, eventually finding their way to the destination port without getting mixed or lost with the rest of the packets flowing through the Trunk Links.

This is process belongs to the world of VLAN Tagging!

VLAN Tagging

VLAN Tagging, also known as Frame Tagging, is a method developed by Cisco to help identify packets travelling through trunk links. When an Ethernet frame traverses a trunk link, a special VLAN tag is added to the frame and sent across the trunk link.

As it arrives at the end of the trunk link the tag is removed and the frame is sent to the correct access link port according to the switch's table, so that the receiving end is unaware of any VLAN information.

The diagram below illustrates the process described above:

vlans-tagging-1

Here we see two 3500 series Catalyst switches and one Cisco 3745 router connected via the Trunk Links. The Trunk Links allow frames from all VLANs to travel throughout the network backbone and reach their destination regardless of the VLAN the frame belongs to. On the other side, the workstations are connected directly to Access Links (ports configured for one VLAN membership only), gaining access to the resources required by VLAN's members.

Again, when we call a port 'Access Link' or 'Trunk Link', we are describing it based on the way it has been configured. This is because a port can be configured as an Access Link or Trunk Link (in the case where it's 100Mbits or faster).

This is stressed because a lot of people think that it's the other way around, meaning, a switch's uplink is always a Trunk Link and any normal port where you would usually connect a workstation, is an Access Link port!

 

VLAN Tagging Protocol

We're now familiar with the term 'Trunk Link' and its purpose, that is, to allow frames from multiple VLANs to run across the network backbone, finding their way to their destination. What you might not have known though is that there is more than one method to 'tag' these frames as they run through the Trunk Links or ... the VLAN Highway as we like to call it.

 

InterSwitch Link (ISL)

ISL is a Cisco propriety protocol used for FastEthernet and Gigabit Ethernet links only. The protocol can be used in various equipments such as switch ports, router interfaces, server interface cards to create a trunk to a server and much more. You'll find more information on VLAN implementations on our last page of the VLAN topic.

Being a propriety protocol, ISL is available and supported naturally on Cisco products only:) You may also be interested in knowing that ISL is what we call, an 'external tagging process'. This means that the protocol does not alter the Ethernet frame as shown above in our previous diagram - placing the VLAN Tag inside the Ethernet frame, but encapsulating the Ethernet frame with a new 26 byte ISL header and adding an additional 4 byte frame check sequence (FCS) field at the end of frame, as illustrated below:

vlans-tagging-2

Despite this extra overhead, ISL is capable of supporting up to 1000 VLANs and does not introduce any delays in data transfers between Trunk Links.

In the above diagram we can see an ISL frame encapsulating an Ethernet II frame. This is the actual frame that runs through a trunk link between two Cisco devices when configured to use ISL as their trunk tagging protocol.

The encapsulation method mentioned above also happens to be the reason why only ISL-aware devices are able to read it, and because of the addition of an ISL header and FCS field, the frame can end up being 1548 bytes long! For those who can't remember, Ethernet's maximum frame size is 1518 bytes, making an ISL frame of 1548 bytes, what we call a 'giant' or 'jumbo' frame!

Lastly, ISL uses Per VLAN Spanning Tree (PVST) which runs one instance of the Spanning Tree Protocol (STP) per VLAN. This method allows us to optimise the root switch placement for each available VLAN while supporting neat features such as VLAN load balancing between multiple trunks.

Since the ISL's header fields are covered on a separate page, we won't provide further details here.

 

IEEE 802.1q

The 802.1q standard was created by the IEEE group to address the problem breaking large networks into smaller and manageable ones through the use of VLANs. The 802.1q standard is of course an alternative to Cisco's ISL, and one that all vendors implement on their network equipment to ensure compatibility and seamless integration with the existing network infrastructure.

As with all 'open standards' the IEEE 802.1q tagging method is by far the most popular and commonly used even in Cisco oriented network installations mainly for compatability with other equipment and future upgrades that might tend towards different vendors.

In addition to the compatability issue, there are several more reasons for which most engineers prefer this method of tagging. These include:

  • Support of up to 4096 VLANs
  • Insertion of a 4-byte VLAN tag with no encapsulation
  • Smaller final frame sizes when compared with ISL

Amazingly enough, the 802.1q tagging method supports a whopping 4096 VLANs (as opposed to 1000 VLANs ISL supports), a large amount indeed which is merely impossible to deplet in your local area network.

The 4-byte tag we mentioned is inserted within the existing Ethernet frame, right after the Source MAC Address as illustrated in the diagram below:

vlans-tagging-3

Because of the extra 4-byte tag, the minimum Ethernet II frame size increases from 64 bytes to 68 bytes, while the maximum Ethernet II frame size now becomes 1522 bytes. If you require more information on the tag's fields, visit our protocol page where further details are given.

As you may have already concluded yourself, the maximum Ethernet frame is considerably smaller in size (by 26 bytes) when using the IEEE 802.1q tagging method rather than ISL. This difference in size might also be interpreted by many that the IEEE 802.1q tagging method is much faster than ISL, but this is not true. In fact, Cisco recommends you use ISL tagging when in a Cisco native environment, but as outlined earlier, most network engineers and administrators believe that the IEEE802.1q approach is much safer, ensuring maximum compatability.

And because not everything in this world is perfect, no matter how good the 802.1q tagging protocol might seem, it does come with its restrictions:

  • In a Cisco powered network, the switch maintains one instance of the Spanning Tree Protocol (STP) per VLAN. This means that if you have 10 VLANs in your network, there will also be 10 instances of STP running amongst the switches. In the case of non-Cisco switches, then only 1 instance of STP is maintained for all VLANs, which is certainly not something a network administrator would want.
  • It is imperative that the VLAN for an IEEE 802.1q trunk is the same for both ends of the trunk link, otherwise network loops are likely to occur.
  • Cisco always advises that disabling a STP instance on one 802.1q VLAN trunk without disabling it on the rest of the available VLANs, is not a good idea because network loops might be created. It's best to either disable or enable STP on all VLANs.

 

LAN Emulation (LANE)

LAN Emulation was introduced to solve the need of creating VLANs over WAN links, allowing network managers to define workgroups based on logical function, rather than physical location. With this new technology (so to speak - it's actually been around since 1995!), we are now able to create VLANs between remote offices, regardless of their location and distance.

LANE is not very common and you will most probably never see it implemented in small to mid-sized networks, however, this is no reason to ignore it. Just keep in mind that we won't be looking at it in much depth, but briefly covering it so we can grasp the concept.

LANE has been supported by Cisco since 1995 and Cisco's ISO release 11.0. When implemented between two point-to-point links, the WAN network becomes totally transparent to the end users:

vlans-tagging-4

Every LAN or native ATM host, like the switch or router shown in the diagram, connects to the ATM network via a special software interface called 'LAN Emulation Client'. The LANE Client works with the LAN Emulation Server (LES) to handle all messages and packets flowing through the network, ensuring that the end clients are not aware of the WAN network infrastructure and therefore making it transparent.

The LANE specification defines a LAN Emulation Configuration Server (LECS), a service running inside an ATM switch or a physical server connected to the ATM switch, that resides within the ATM network and allows network administrators to control which LANs are combined to form VLANs.

The LAN Emulation Server with the help of the LANE Client, maps MAC addresses to ATM addresses, emulating Layer 2 protocols (DataLink layer) and transporting higher layer protocols such as TCP/IP, IPX/SPX without modification.

 

802.10 (FDDI)

Tagging VLAN frames on Fiber Distributed Data Interface (FDDI) networks is quite common in large scale networks. This implementation is usually found on Cisco's high-end switch models such as the Catalyst 5000 series where special modules are installed inside the switches, connecting them to an FDDI backbone. This backbone interconnects all major network switches, providing a fully redundant network.

The various modules available for the Cisco Catalyst switches allow the integration of Ethernet into the FDDI network. When intalling the appropriate switch modules and with the use of the 802.10 SAID field, a mapping between the Ethernet VLAN and 802.10 network is created, and as such, all Ethernet VLANs are able to run over the FDDI network.

vlans-tagging-5

The diagram above shows two Catalyst switches connected to a FDDI backbone. The links between the switches and the backbone can either be Access type links (meaning one VLAN passes through them) or Trunk links (all VLANs are able to pass through them). At both ends, the switches have an Ethernet port belonging to VLAN 6, and to 'connect' these ports we map each switch's Ethernet module with its FDDI module.

Lastly, the special FDDI modules mentioned above support both single VLANs (non-trunk) and multiple VLANs (trunk).

To provide further detail, the diagram below shows the IEEE 802.10 frame, along with the SAID field in which the VLAN ID is inserted, allowing the frame to transit trunk links as described:

vlans-tagging-6

It's okay if your impressed or seem confused with the structure of the above frame, that's normal:) You'll be suprised to find out that the Cisco switch in the previous diagram must process the Ethernet II frame and convert it before placing it on the IEEE 802.10 backbone or trunk.

During this stage, the original Ethernet II frame is converted to an Ethernet SNAP frame and then finally to an IEEE 802.10 frame. This conversion is required to maintain compatability and reliability between the two different topologies. The most important bit to remember here is the SAID field and its purpose.

 

Summary

This page introduced four popular VLAN tagging methods, providing you with the frame structure and general details of each tagging method. Out of all, the IEEE 802.1q and ISL tagging methods are the most popular, so make sure you understand them quite well.

 

Previous - VLANs - Access & Trunk Links                                                                       Next - InterSwitch Link (ISL) Protocol Analysis

 

 

Last Updated on Monday, 22 October 2012 21:16
 
Subscribe To Receive Free Article Updates!

조회 수 :
97674
등록일 :
2013.03.11
15:42:12 (*.160.42.88)
엮인글 :
http://webs.co.kr/index.php?document_srl=18579&act=trackback&key=bd6
게시글 주소 :
http://webs.co.kr/index.php?document_srl=18579
List of Articles
번호 제목 글쓴이 날짜 조회 수
34 a b c class Subnet Mask Cheat Sheet admin 2019-10-16 19870
33 Apple 소프트웨어 제품에서 사용하는 TCP 및 UDP 포트 admin 2019-04-19 27758
32 windows linux whois ip domain 도메인 아이피 소유자 확인 명령어 admin 2019-02-16 136778
31 route 및 iptables를 이용한 리눅스 특정 IP 접속 차단하는 법 admin 2018-04-15 21672
30 IPv6와 IPv4의 차이점 기존의 IPv4의 문제점 admin 2018-04-15 18278
29 사례를 통해 알아가는 실전 패킷분석 A 기업의 UDP 트래픽 급증의 원인은 admin 2018-04-15 13438
28 리눅스 linux 현재 사용중인 랜카드 트래픽 대역폭 확인 프로그램 nload admin 2017-11-04 32855
27 whois site ip owner check admin 2015-08-03 19184
26 TCP flag(URG, ACK, PSH, RST, SYN, FIN) admin 2014-04-05 87599
25 ping 핑 에 의한 패킷 전송 10 단계 그림으로 설명 file admin 2014-02-13 35761
24 Cisco - CCNP, CCIE - QoS. Quality Of Service admin 2013-08-29 75136
23 Securing Networks Access List Implementation on Cisco Routers admin 2013-08-02 186928
22 Analyzing High CPU Utilization Issues on Cisco Catalyst 6500 Series admin 2013-08-01 34361
21 ping 설명 ICMP Internet Control Message Protocol 설명 여러가지 admin 2013-05-09 127831
20 네트웍을 공부하려고 하는분 네이버 네트워크 전문가 따라 잡기 카페 admin 2013-04-20 79655
19 List of TCP and UDP port numbers admin 2013-04-16 78027
18 3com tftp damon program 3cdv2r10 file admin 2013-03-17 30889
» VLAN Tagging - Understanding VLANs Ethernet Frames admin 2013-03-11 97674
16 Cisco Catalyst Fixed Configuration Layer 2 and Layer 3 Switches admin 2013-01-30 51146
15 Quality of Service Guide - QOS admin 2012-01-06 72934
14 IP Precedence, TOS & DSCP admin 2012-01-06 82645
13 [Cisco] NAT Config 해설 admin 2011-12-19 279509
12 트래픽관리를 위한 MRTG 서버구축 admin 2011-12-16 39747
11 Brocade FastIron GS Series manuall file admin 2011-12-16 132561
10 CAT.6 UTP 케이블링 작업 요령 file admin 2011-12-16 39815
9 윈도우에서 특정아이피 차단 설정 하기 admin 2011-12-16 43487
8 GRE Tunnel /VPN admin 2011-12-16 33887
7 VLAN과 TRUNK admin 2011-12-16 31158
6 와룡의 네트워크 카페에서 라우팅 ,스위칭공부 admin 2011-12-16 36218
5 방화벽 자료 admin 2011-12-16 31000