Applicazioni Telematiche

8/13/2019 Applicazioni Telematiche

1/24

Lab. App licazioni Telematich e - Prof. Marco Listant i - A.A. 2011/2012INFOCOMDept

Angelo Coiro

Laboratorio

Applicazioni Telematiche


2/24

INFOCOMDept

Lab. App licazioni Telematich e - Prof. Marco Listant i - A.A. 2011/2012

Virtual LAN (VLAN)


3/24


Virtual LAN (VLAN)

Standard defined in IEEE 802.1Q

Virtual LAN: allows to define different virtual

LANs on the same physical infrastructureEach VLAN is a different broadcast domain

Two stations not belonging to the same VLAN cannot communicatewith each other

Why VLAN?To limit broadcast and multicast traffic in the network.

To create different IP sub-network on the same physicalinfrastructure


4/24


VLAN: example

Vith VLANTwo separeted VirtualLAN (Green and Red)

One Physical LAN (Gray)

One switch

Without VLANTwo physical LANs (Greenand Red)

Two switches


5/24


VLAN

IEEE 802.1Q standard defines two kinds of VLAN:

1. Port-based VLAN

Switch ports are explicitely assigned to a specifivc VLAN by means of the

Port VLAN Identifier (PVID)

2. Protocol-based VLAN

Etherent frames are classified as belonging to a specific VLAN on thebasis of the protocol they are carrying (Protocol Id)

Each VLAN is a broadcast domain for a specific protocol


6/24


Port-based VLAN: a simple example

Ports 1, 2, and 3 are assigned to VLAN 10

Ports 4, 5, and 6 are assigned to VLAN 20

Devices attached to ports belonging todifferent VLANs cannot communicate witheach other

Port-based VLANPort 1 Port 2 Port 3 Port 4 Port 5 Port 6

VLAN 10(PVID=10)

VLAN 20(PVID=20)


7/24Lab. App licazioni Telematich e - Prof. Marco Listant i - A.A. 2011/2012

INFOCOMDept

Definitions

Port VLAN Identifier (PVID):identifier that associatesframes entering in a port of the switch to a specific VLAN

The PVID is used only if the frame is not a tagged frame

VLAN members:set of ports composing a VLAN

Untagged member:a port that is member of a specific VLAN fromwhich frames are sent without adding the TAG

Tagged member:a port that is member of a specific VLAN from whichframes are sent adding the TAG

Two parameters for each portPVID:used to assign frames to a given VLAN when frames areuntagged

VLAN memeber: used to identify ports belonging to a given VLAN

A port can be member of more than one VLAN


8/24


VLAN Tagging

DA SA VLAN Payload

FCS

TPID TCI

User

Priority CFI VLAN ID

2 Bytes 2 Bytes

3 bits 1 bit 12 bits

The Tag is used to distinguish which VLAN a framebelongs to

It is necessary to add the Tag in some situations

The Tag carries the VLAN Ientifier


9/24


VLAN Tagging: example

Ports 1,2,3 (4,5,6) of Switch1 (Switch2) are untagged members

of VLAN 10 and have PVID=10Ports 1,2,3 (4,5,6) of Switch2 (Switch1) are untagged membersof VLAN 20 and have PVID=20

Ports 7 of both switches are Tagged members of both VLAN 10

and VLAN 20

VLAN 10

VLAN 20

Port 1 Port 2 Port 3 Port 4 Port 5 Port 6Port

7

Switch1

Port 1 Port 2 Port 3 Port 4 Port 5 Port 6Port

7

Switch2Ethernetframes


10/24


Port-based VLAN

prima

dopo


11/24


VLAN: default configuration

Default VLAN configuration:

Every ports are untaggedmember of VLAN 1, and

have PVID=1

All frames entering in aswitch are classified as

belonging to VLAN 1 (sincePVID=1 on any port)

Frames can be forwardedto any other port without

adding the Tag


12/24


VLAN on CISCO devices

In CISCO a port can be:

Access:it is associated to only one VLAN and sendsuntagged traffic

PVID=x

untagged member of VLAN x

Trunk:it can be associated to several VLANs and sendstagged traffic except for the Native VLAN

PVID=Native

Tagged member of VLANs x1, x2,, xn.

Untagged member of VLAN Native.


13/24


14/24


Configuring Switch Ports

Access the specifig interface configuration

Switch(config)# interface gigabitEthernet 0/1

All commnds related to VLAN begin withSwitchport


15/24


Configuring Switch Ports

Mode:sets the mode of a port (Access or Trunk)

Ex:Switch(config-if)# switchport mode access

Access:

sets parameters for that port when it is inaccess mode

Just one parameter (Vlan) that indicates the VLAN whichthe port belongs to

Ex:Switch(config-if)# switchport access vlan 10

Trunk: sets parameters for that port when it is intrunk mode


16/24


Trunk parameters

Native:specifies the native VLAN for that port whenit is in trunk mode

Ex.: Switch(config-if)# switchport trunk native vlan 10

It menas PVID=10 and untagged member of VLAN 10Untagged frames received on that port are classified asbelonging to VLAN 10

Frames belonging to VLAN 10 are sent without the tag on that port

Allowed:specifies the set of VLANs which the portbelongs to

Ex.: Switch(config-if)# switchport trunk allowed vlan 10

By default all VLANs are allowed on a port in trunk mode


17/24


Allowed VLANs

If we want to limit allowed VLANs:

Delete all allowed VLANs with the command:

Switch(config-if)# switchport trunk allowed vlan none

Add desired VLANs with the command:

Switch(config-if)# switchport trunk allowed vlan x1; x2;; xn

VLANs previously added are deletedSwitch(config-if)# switchport trunk allowed vlan add x1;

x2;; xn

VLANs previously added are kept


18/24


Example: Scenario 1

To do

Configure the two switchso as to obtain the two

VLANs (Green and Red)

Assign addresses to PCsand the two Servers


19/24


Adding a router (1/2)

To interconnect the two VLANs with

each other and with the Internet weneed a router with two physicalinterfaces attached to the sameswitch

Internet Internet

Port 1 Port 3 Port 4 Port 2

Port 9Switch2


Port 9Switch1


20/24


Adding a Router (2/2)

In this way we connect just one

interface of the router to the sitchconfiguring port 3 of Switch2 as aTrunk port for Green and RedVLANs

Internet Internet

Port 1 Port 2

Port 9

Port 3

Switch2


Port 9Switch1


21/24


Sub-interfaces on routers

The Router receives tagged frames on thatinterface

The physical interface must be divided intwo logical su-interfaces belonging to twodifferent IP sub-networks

A physical Ethernet interface can be dividedin several IP interfaces by using VLANs ansending tagged frames


22/24


Configuring sub-interfaces (1/2)

To access sub-interface configuration:

Interface .

To specify the VLAN_ID

Encapsulation dot1q


23/24


24/24


Sub-Interface: Protocol Vision

VLAN allows a physical interface to be split

in several logical IP intefacesThe Relay entity interconnects all IPinterfaces performing the forwardingoperation

IP

PHYMAC

V-LANV-LAN

IP IP IP

PHYMAC

V-LAN V-LAN

IP IP

Relay Entity

Higher Layer Protocols (e.g. ICMP, TCP, OSPF)

Applicazioni Telematiche

Documents

Transcript of Applicazioni Telematiche