5 - Ethernet Switching and VLANs

Copyright © 2005 Juniper Networks, Inc. Proprietary and Confidential www.juniper.net

4-1

Ethernet Switching and Virtual LANs

© 2008 Juniper Networks, Inc. All rights reserved. 2

Overview of Ethernet

Ethernet defined:•Family of LAN specifications, standardized in IEEE

802.3 Examples include:• 10Base-T (802.3i)—10 Mbps• 100Base-TX (802.3u)—100 Mbps• 1000Base-T (802.3ab)—1000 Mbps

•Uses data link layer technology to create LANs• Shared medium—a single broadcast and collision

domain• Uniquely identifies all nodes on the LAN with 48-bit MAC

address•Uses CSMA/CD to avoid and manage frame

collisions


Ethernet LANs (1 of 2)

Characteristics:•Shared medium•Single collision domain•Nodes can transmit

simultaneously

Problems:1. Traffic is seen by everyone 2. Collisions can occur3. Unwanted resource consumption

Sharedmedium

Collisiondomain

Nodes can transmit

simultaneously


Ethernet LANs (2 of 2)

As the network grows, the likelihood of collisions increases•As collisions increase, overall LAN efficiency

decreases


Overview of Bridging

Bridging: •Is defined in the IEEE 802.1D-2004 standard•Segments a single collision domain•Isolates the physical layer•Learns and maintains a forwarding table (bridge

table)•Performs intelligent forwarding decisions based on

the bridge table


Bridging: How Does it Work?

Transparent bridging builds and maintains bridge tables using the following mechanisms:•Learning:

• Learns MAC address and associated port•Forwarding:

• Forwards packets out proper egress interface towards destination

•Flooding: • Replicates packets out other ports for unknown destination

MAC addresses; also used when passing multicast and broadcast traffic

•Filtering: • Limits traffic to its associated network segment

•Aging: • Ensures bridge table entries are current


MAC Address Learning

MAC Address Table

0140.5501.1111

0140.5501.2222

ge-0/0/0

ge-0/0/0: 0140.5501.1111ge-0/0/0: 0140.5501.2222ge-0/0/1: 0140.5501.3333ge-0/0/1: 0140.5501.4444

Pre TypeDA SA FCSData

B2

ge-0/0/1

A1

A2

B1

0140.5501.3333

0140.5501.4444 = Hub

Source MAC addresses are learned for all incoming Ethernet frames

Each MAC address is associated with the frame’s incoming interface


Forwarding: Known Unicast Frames (1 of 2)

MAC Address Table

ge-0/0/0: 0140.5501.1111

ge-0/0/0: 0140.5501.2222

ge-0/0/1: 0140.5501.3333

ge-0/0/1: 0140.5501.4444

0140.5501.1111

0140.5501.2222

ge-0/0/0

B2

ge-0/0/1

A1

A2

B1

0140.5501.3333

0140.5501.4444 = Hub

A1 sends a frame to

B2

Switch checks forwarding

table

Switch forwards frame from A1 to

B2

A2 receives and

discards the frame from A1


Forwarding: Known Unicast Frames (2 of 2)

MAC Address Table

ge-0/0/0: 0140.5501.1111

ge-0/0/0: 0140.5501.2222

ge-0/0/1: 0140.5501.3333

ge-0/0/1: 0140.5501.4444

0140.5501.1111

0140.5501.2222

ge-0/0/0

B2

ge-0/0/1

A1

A2

B1

0140.5501.3333

0140.5501.4444 = Hub

A1 sends a frame to

A2

Switch checks forwarding

table

Switch filters frame from A1 to

A2

A2 processes the frame from

A1


Flooding: Broadcast, Multicast, or Unknown Unicast Frames

0140.5501.1111

MAC Address Table

0140.5501.2222

ge-0/0/0

ge-0/0/0: 0140.5501.1111

ge-0/0/0: 0140.5501.2222

ge-0/0/1: 0140.5501.3333

ge-0/0/1: 0140.5501.4444

B2

ge-0/0/1

A1

A2

B1

0140.5501.3333

0140.5501.4444 = Hub

Switch floods frame out all ports associated with the LAN

(except the port on which it was received)

A1 sends broadcast frame

on to LAN (DA:

FFFF.FFFF.FFFF)


Viewing the MAC Address Table

Use the show ethernet-switching table command to view MAC address table entries

user@switch> show ethernet-switching table Ethernet-switching table: 6 entries, 3 learned VLAN MAC address Type Age Interfaces blue * Flood - All-members blue 00:19:e2:50:7c:0b Learn 48 ge-0/0/10.0 orange * Flood - All-members orange 00:19:e2:50:3f:ee Learn 42 ge-0/0/13.0 purple * Flood - All-members purple 00:19:e2:50:77:b1 Learn 38 ge-0/0/16.0

Entries are organized based on associated

VLAN

Each VLAN maintains an entry used for

flooding


Clearing the MAC Address Table

Use the clear ethernet-switching table command to clear MAC address table contentsuser@switch> clear ethernet-switching table ?

Possible completions: <[Enter]> Execute this command interface Clear MAC table for specified interface | Pipe through a command

Clear all entries in table or only the entries for a

specific interface


Overview of VLANs

VLANs:•Segment a single broadcast domain into multiple

broadcast domains•Allow for grouping users based on business needs,

regardless of physical location

VLAN Orange

VLAN Orange

VLA

N O

ran

ge VLAN Blue

VLAN Blue

VLA

N B

lue


Default and Management VLANs

All network ports belong to the default VLAN in the factory-default configuration

The mgmt VLAN allows redundant management connections to the vme interface (EX 4200 switches only)

user@switch> show vlans default Name Tag Interfacesdefault ge-0/0/0.0*, ge-0/0/1.0*, ge-0/0/2.0, ge-0/0/3.0, ge-0/0/4.0, ge-0/0/5.0*, ge-0/0/6.0, ge-0/0/7.0, ge-0/0/8.0, ge-0/0/9.0, ge-0/0/10.0*, ge-0/0/11.0*, ge-0/0/12.0*, ge-0/0/13.0*, ge-0/0/14.0*, ge-0/0/15.0*, ge-0/0/16.0*, ge-0/0/17.0*, ge-0/0/18.0*, ge-0/0/19.0, ge-0/1/0.0, ge-0/1/1.0, ge-0/1/2.0, ge-0/1/3.0

user@switch> show vlans mgmt Name Tag Interfacesmgmt me0.0*


Switch Port Modes

Switch ports operate in either access or trunk mode•Access mode:

• Connects to network devices (desktop, IP phones, printers, and so forth)

• Typically transmit untagged Ethernet frames for a single VLAN; the exception is when the voice VLAN feature is being used

• Default mode for all ports•Trunk mode:

• Connects to other switches or a router• Typically transmits tagged Ethernet frames for multiple

VLANs; the exception is when the native VLAN option is configured or control traffic is sent

• Must be explicitly configured


802.1Q—Ethernet Frame

4-byte tag inserted into Ethernet frame (max 1522 bytes)•Tag Protocol Identifier (TPID): 16 bits, default

0x8100•Priority: 3 bits, 802.1p•Canonical Format Indicator (CFI): 1 bit, default 0•Unique VLAN identifier (VID): 12 bits

TPIDTPIDPriorityPriority CFICFI VIDVID

DestinationMAC Data FCSSource

MACType/

LengthTAG


802.1Q—Trunk Links

A trunk is a single Ethernet link that can carry traffic for multiple VLANs

VLAN Orange

VLAN Orange

VLA

N O

ran

ge

VLAN Blue

VLAN Blue

VLA

N B

lue

VLAN Orange

VLAN Orange

VLA

N O

ran

ge

VLAN Blue

VLAN Blue

VLA

N B

lue


[edit]user@switch# show interfaces …ge-0/0/13 { unit 0 { family ethernet-switching { port-mode access; vlan { members orange; } } }}…[edit]user@switch# show vlans …orange { vlan-id 101;}

VLAN Configuration Example

VLAN Blue

VLAN Purple

VLAN Orange

VLAN Defined

VLAN Referenced

Port-Based Assignment


user@switch> show vlans Name Tag Interfacesblue 100 ge-0/0/10.0*default ge-0/0/0.0, ge-0/0/5.0*orange 101 ge-0/0/13.0*purple 102 ge-0/0/16.0*mgmt me0.0*

user@switch> show vlans orange detail VLAN: orange, 802.1Q Tag: 101, Admin state: EnabledNumber of interfaces: 1 (Active = 1) Untagged interfaces: ge-0/0/13.0*

Monitoring VLAN Assignments


802.1Q Trunk Configuration Example

[edit]user@switch# show interfaces ...ge-0/0/18 { unit 0 { family ethernet-switching { port-mode trunk; vlan { members [ orange blue ]; } } }}

[edit]user@switch# show vlans blue { vlan-id 100;}orange { vlan-id 101;}

Single physical link carries traffic for multiple VLANs


Interface belongs to

both VLANs

Monitoring 802.1Q Trunks

user@switch> show vlans orange detail VLAN: orange, 802.1Q Tag: 101, Admin state: EnabledNumber of interfaces: 2 (Active = 2) Untagged interfaces: ge-0/0/13.0* Tagged interfaces: ge-0/0/18.0*

user@switch> show ethernet-switching interfaces Interface State VLAN members Blocking ge-0/0/10.0 up blue unblockedge-0/0/13.0 up orange unblockedge-0/0/18.0 up blue unblocked orange unblockedme0.0 up mgmt unblocked

Interface is 802.1Q trunk for

both VLANs


Routed VLAN Interface

Logical Layer 3 VLAN interface used for inter-VLAN routing

VLAN Blue

VLAN Purple

VLAN Orange


RVI Configuration Example

[edit]user@switch# show interfaces ge-0/0/13 { unit 0 { family ethernet-switching { port-mode access; vlan { members orange; } } }}…vlan { unit 101 { family inet { address 10.1.2.1/24; } }}…

[edit]user@switch# show vlans blue { vlan-id 100; l3-interface vlan.100;}orange { vlan-id 101; l3-interface vlan.101;}purple { vlan-id 102; l3-interface vlan.102;}

This example facilitates routing through all interfaces associated with the blue, orange, and purple VLANs


user@switch> show interfaces terse vlan Interface Admin Link Proto Local Remotevlan up up vlan.100 up up inet 10.1.1.1/24 vlan.101 up up inet 10.1.2.1/24 vlan.102 up up inet 10.1.3.1/24

user@switch> show vlans orange extensive VLAN: orange, Created at: Thu Apr 17 22:31:43 2008802.1Q Tag: 101, Internal index: 17, Admin state: Enabled, Origin: StaticProtocol: Port-based, Layer 3 interface: vlan.101 (UP)IP addresses: 10.1.2.1/24Number of interfaces: Tagged 1 (Active = 1), Untagged 1 (Active = 1) ge-0/0/18.0*, tagged, trunk ge-0/0/13.0*, untagged, access

Monitoring an RVI

RVI state and IP address details

At least one port must be active for RVI state to

be up

Documents

5 - Ethernet Switching and VLANs