Cabletron Systems 802.1Q User Manual

Download

Page 1

802.1Q VLAN User’s Guide

9032599-02

Page 2

Page 3

NOTICE

Cabletron Systems reserves the right to make changes in speciﬁcations and other information contained in this document without prior notice. The reader should in all cases consult Cabletron Systems to determine whether any such changes have been made.

The hardware, ﬁrmware, or software described in this manual is subject to change without notice. IN NO EVENT SHALL CABLETRON SYSTEMS BE LIABLE FOR ANY INCIDENTAL,

INDIRECT, SPECIAL, OR CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING BUT NOT LIMITED TO LOST PROFITS) ARISING OUT OF OR RELATED TO THIS MANUAL OR THE INFORMATION CONTAINED IN IT, EVEN IF CABLETRON SYSTEMS HAS BEEN ADVISED OF, KNOWN, OR SHOULD HAVE KNOWN, THE POSSIBILITY OF SUCH DAMAGES.



Order Number: 9032599-02 February 1999

Cabletron Systems

of Cabletron Systems, Inc. All other product names mentioned in this manual may be trademarks or registered trademarks of

their respective companies.

and

ECUREFAST

are registered trademarks and

MARTSWITCH

is a trademark

802.1Q VLAN User’s Guide i

Page 4

Notice

ii 802.1Q VLAN User’s Guide

Page 5

Figures ....................................................................................................vii

Tables.....................................................................................................viii

PREFACE

Using This Guide............................................................................ix

Structure of This Guide...................................................................ix

Related Documents.........................................................................x

Document Conventions...................................................................x

CHAPTER 1 VIRTUAL LOCAL AREA NETWORKS

1.1 Defining VLANs...........................................................................1-1

1.2 Types of VLANs...........................................................................1-3

1.2.1 802.1Q VLANs................................................................1-3

1.2.2 SecureFast VLANs .........................................................1-3

1.2.3 Other VLAN Strategies ...................................................1-3

1.3 Benefits and Restrictions.............................................................1-4

1.4 VLAN Terms................................................................................1-4

1.5 Getting Help.................................................................................1-7

CHAPTER 2 VLAN OPERATION

2.1 Description...................................................................................2-1

2.2 VLAN Components......................................................................2-1

2.3 Configuration Process.................................................................2-2

2.3.1 Defining a VLAN .............................................................2-2

2.3.2 Classifying Frames to a VLAN........................................2-2

2.3.3 Customizing the VLAN Forwarding List.......................... 2-3

2.4 VLAN Switch Operation...............................................................2-3

2.4.1 Receiving Frames from VLAN Ports...............................2-4

2.4.2 Forwarding Decisions .....................................................2-5

2.4.2.1 Broadcasts, Multicasts, and Unknown

Unicasts..........................................................2-5

2.4.2.2 Known Unicasts..............................................2-5

2.5 GARP Switch Operation..............................................................2-6

802.1Q VLAN User’s Guide iii

Page 6

Contents

CHAPTER 3 VLAN CONFIGURATION

3.1 Managing the Switch....................................................................3-1

3.1.1 Switch Without VLANs ....................................................3-1

3.1.2 Switch with VLANs..........................................................3-2

3.2 Summary of VLAN Local Management........................................3-4

3.2.1 Preparing for VLAN Configuration...................................3-4

3.3 802.1Q VLAN Configuration Menu Screen..................................3-5

3.4 Device VLAN Configuration Screen.............................................3-8

3.4.1 Defining a VLAN............................................................3-10

3.4.2 Changing the VLAN to FID Association ........................3-11

3.4.3 Renaming a VLAN.........................................................3-11

3.4.4 Deleting a VLAN............................................................3-12

3.4.5 Enabling VLANs............................................................3-12

3.4.6 Disabling VLANs ...........................................................3-12

3.4.7 Changing the Forwarding Mode....................................3-13

3.4.8 Paging Through the VLAN List......................................3-13

3.5 Port Assignment Configuration Screen......................................3-14

3.5.1 Changing the Port Mode ...............................................3-15

3.5.2 Assigning a VLAN ID.....................................................3-16

3.5.3 Paging Through the Port List.........................................3-17

3.6 Port Filtering Configuration Screen............................................3-17

3.6.1 Displaying VLAN IDs Associated with a Port ................3-19

3.6.2 Selecting the Type of Filtering for a Port.......................3-20

3.7 VLAN Forwarding Configuration Screen....................................3-21

3.7.1 Viewing Current VLAN Ports.........................................3-22

3.7.2 Paging Through VLAN Forwarding List Entries.............3-23

3.7.3 Adding Forwarding List Entries .....................................3-23

3.7.4 Deleting Forwarding List Entries ...................................3-23

3.7.5 Changing the Frame Format.........................................3-24

3.8 Protocol VLAN Configuration Screen.........................................3-24

3.8.1 Displaying the Current Protocol, VLAN ID, and

Port Assignments..........................................................3-28

3.8.2 Assigning a Protocol Family to a VLAN ID....................3-28

3.8.3 Displaying the Protocol Types on Current Ports ...........3-30

3.9 Protocol Ports Configuration Screen..........................................3-31

3.9.1 Adding/Deleting Ports Associated with a VLAN ID........3-33

3.10 Quick VLAN Walkthrough ..........................................................3-33

iv 802.1Q VLAN User’s Guide

Page 7

Contents

CHAPTER 4 EXAMPLES

4.1 Example 1, Single Switch Operation...........................................4-1

4.1.1 Solving the Problem........................................................ 4-2

4.1.2 Frame Handling ..............................................................4-3

4.2 Example 2, VLANs Across Multiple Switches..............................4-4

4.2.1 Solving the Problem........................................................ 4-5

4.2.2 Frame Handling ..............................................................4-8

4.3 Example 3, 1D Trunk Connection to 802.1Q VLAN Network....4-10

4.3.1 Solving the Problem...................................................... 4-12

4.3.2 Frame Handling ............................................................4-13

4.4 Example 4, Isolating Network Traffic According to Protocol......4-17

4.4.1 Solving the Problem...................................................... 4-18

802.1Q VLAN User’s Guide v

Page 8

Contents

vi 802.1Q VLAN User’s Guide

Page 9

FIGURES

Figure Page

1-1 Example of a VLAN..................................................................1-2

2-1 Inside the Switch...................................................................... 2-4

3-1 Switch Management with Only Default VLAN.......................... 3-1

3-2 Switch Management with VLANs............................................. 3-2

3-3 802.1Q VLAN Screen Hierarchy ..............................................3-4

3-4 802.1Q VLAN Configuration Menu Screen ..............................3-6

3-5 Device VLAN Configuration Screen......................................... 3-8

3-6 Port Assignment Configuration Screen.................................. 3-14

3-7 Port Filtering Configuration Screen........................................ 3-18

3-8 VLAN Forwarding Configuration Screen................................ 3-21

3-9 Protocol VLAN Configuration Screen.....................................3-25

3-10 Protocol Ports Configuration Screen......................................3-31

3-11 Walkthrough Stage One.........................................................3-35

3-12 Walkthrough Stage Two.........................................................3-36

3-13 Walkthrough Stage Three ......................................................3-37

3-14 Walkthrough Stage Four ........................................................3-38

3-15 Final Walkthrough Stage........................................................3-40

4-1 Example 1, Single Switch Operation........................................4-1

4-2 Switch Configured for VLANs...................................................4-2

4-3 Example 2, VLANs Across Multiple Switches ..........................4-5

4-4 Bridge 1 Broadcasts Frames....................................................4-8

4-5 Transmitting to Switch 4...........................................................4-9

4-6 Transmitting to Bridge 4......................................................... 4-10

4-7 Example 3, 1D Trunk Connection to 802.1Q VLAN Network.4-11

4-8 Bridge 1 Broadcasts Frames..................................................4-14

4-9 Switch 2 Forwards to 1Q Trunk..............................................4-15

4-10 Switch 1 Forwards to 1D Trunk..............................................4-15

4-11 Example 4, Isolating Traffic According to Protocol.................4-18

802.1Q VLAN User’s Guide vii

Page 10

TABLES

Table Page

3-1 802.1Q VLAN Configuration Menu Screen Menu Items ..........3-7

3-2 Device VLAN Configuration Screen Field Definitions .............3-9

3-3 Port Assignment Configuration Screen Field Definitions........3-15

3-4 Port Filtering Configuration Screen Field Definitions .............3-19

3-5 VLAN Forwarding Configuration Screen Field Definitions .....3-22

3-6 Protocol VLAN Configuration Screen Field Definitions .........3-26

3-7 Protocol Ports Configuration Screen Field Definitions ..........3-32

802.1Q VLAN User’s Guide viii

Page 11

PREFACE

Welcome to the Cabletron Systems 802.1Q VLAN User’s Guide guide introduces and describes Cabletron Systems’ implementation of the IEEE 802.1Q standard for 802.1Q Virtual Local Area Network (VLAN) technology, and the VLAN Local Management screens used to conﬁgure Cabletron Systems products used in 802.1Q VLAN environments.

. This

USING THIS GUIDE

This guide serves as a supplement to the Local Management chapter of the Cabletron Systems user’s guides for devices that support 802.1Q VLANs. Read Chapter 1 and Chapter 2 ﬁrst to gain an understanding of VLANs, the associated terminology, and the process for conﬁguring VLANs on a switch. Look at the examples in Chapter 4 to see how VLANs can be created and changed using the existing network infrastructure in a building and how the switch handles the frames while they make their way through the networks shown in the examples.

Chapter 3 describes the VLAN Local Management screens and pro vides a

quick walkthrough on how to use them to conﬁgure VLANs in a switch.

STRUCTURE OF THIS GUIDE

This guide is organized as follows:

Chapter 1,

VLANs, including their beneﬁts and uses. This chapter also provides information about how to obtain additional help if needed.

Virtual Local Area Networks

, presents the basic concepts of

Chapter 2,

VLAN, the steps necessary to prepare an 802.1Q VLAN a ware switch for VLAN operation, and examines the operation of an 802.1Q VLAN switch.

Chapter 3,

local and remote management, shows the Local Management screens used in 802.1Q VLAN conﬁguration and explains their use.

Chapter 4,

how network transmissions are treated by the components of each VLAN.

802.1Q VLAN User’s Guide ix

VLAN Operation

VLAN Conﬁguration

Examples

, offers examples of 802.1Q VLANs and explains

, describes the operation of an 802.1Q

, describes how to set up the switch for

Page 12

Preface

VIRTUAL LOCAL AREA NETWORKS

This chapter introduces the concepts of Virtual Local Area Networks (VLANs) and discusses the central concepts of IEEE 802.1Q VLANs. This chapter also contains information on how to contact Cabletron Systems for additional support related to VLANs.

1.1 DEFINING VLANs

A Virtual Local Area Network is a group of devices that function as a single Local Area Netw ork se gment (broadcast domain). The de vices that make up a particular VLAN may be widely separated, both by geography and location in the network.

The creation of VLANs allows users located in separate areas or connected to separate ports to belong to a single VLAN group. Users that are assigned to such a group will send and receive broadcast and multicast trafﬁc as though they were all connected to a common network. VLAN aware switches isolate broadcast, multicast, and unknown trafﬁc received from VLAN groups, so that trafﬁc from stations in a VLAN are conﬁned to that VLAN.

When stations are assigned to a VLAN, the performance of their network connection is not changed. Stations connected to switched ports do not sacriﬁce the performance of the dedicated switched link to participate in the VLAN. As a VLAN is not a physical location, but a membership, the network switches determine VLAN membership by associating a VLAN with a particular port or frame type.

Figure 1-1 shows a simple example of a port based VLAN. Tw o b uildings

house the Sales and Finance departments of a single company, and each building has its own internal network. The stations in each building connect to a SmartSwitch in the basement. The two SmartSwitches are connected to one another with a high speed link.

802.1Q VLAN User’s Guide 1-1

Page 14

Chapter 1:

Virtual Local Area Networks

Building One Building Two

SmartSwitch SmartSwitch

Member of Sales Network

Figure 1-1 Example of a VLAN

trunk

Member of Finance Network

SSS

2263-01

In this example, the Sales and Finance workstations have been placed on two separate VLANs. In a plain Ethernet environment, the entire network is a broadcast domain, and the SmartSwitches follow the IEEE 802.1D bridging speciﬁcation to send data between stations. A broadcast or multicast transmission from a Sales workstation in Building One would propagate to all the switch ports on SmartSwitch A, cross the high speed link to SmartSwitch B, and then propagated out all switch ports on SmartSwitch B. The SmartSwitches treat each port as being equivalent to any other port, and have no understanding of the departmental memberships of each workstation.

In a VLAN environment, each SmartSwitch understands that certain individual ports or frames are members of separate workgroups. In this environment, a broadcast or multicast data transmission from one of the Sales stations in Building One would reach SmartSwitch A, be sent to the ports connected to other local members of the Sales VLAN, cross the high speed link to SmartSwitch B, and then be sent to any other ports and workstations on SmartSwitch B that are members of the Sales VLAN.

1-2 802.1Q VLAN User’s Guide

Page 15

Types of VLANs

1.2 TYPES OF VLANs

There are a number of different strategies for creating Virtual Local Area Networks, each with their own approaches to deﬁning a station’s membership in a particular VLAN.

1.2.1 802.1Q VLANs

An 802.1Q VLAN switch determines the VLAN membership of a data frame by its Tag Header, described later in this chapter. If the frame received is not tagged, the switch classiﬁes the frame into the VLAN that is assigned as the default VLAN of the switch.

Some or all ports on the switch may be conﬁgured to operate as GARP VLAN Registration Protocol (GVRP) ports. If a frame received is tagged, the frame is forwarded to the GVRP ports that are conﬁgured to transmit frames associated with the frame VLAN ID and protocol. If the received frame is not tagged, the frame is examined and tagged as belonging to the default VLAN. Then the frame is forwarded to the GVRP ports that are conﬁgured to transmit frames associated with the default VLAN and the frame protocol.

1.2.2 SecureFast VLANs

Cabletron Systems’ SecureF ast VLAN strategy takes a different approach to creating virtual LANs. In a SecureFast VLAN environment, the switches in the network recognize Network Layer routing requests and translate them. Based on this translation, the switches set up a connection between the end devices in the network.

1.2.3 Other VLAN Strategies

VLANs may also be created by a variety of addressing schemes, including the recognition of groups of MAC addresses or types of trafﬁc. One of the best-known VLAN-like schemes is the use of IP Subnets to divide networks into smaller subnetworks.

802.1Q VLAN User’s Guide 1-3

Page 16

Chapter 1:

Virtual Local Area Networks

1.3 BENEFITS AND RESTRICTIONS

The primary beneﬁt of the 802.1Q VLAN technology is that it provides localization of trafﬁc. This function also offers improvements in security and performance to stations assigned to a VLAN.

While the localization of trafﬁc to VLANs can improve security and performance, it imposes some restrictions on network devices that participate in the VLAN. Through the use of Filtering Database ID’s (FIDs) security can be implemented to enable or prevent users from one or more VLANs from communicating with each other.

One or more VLANs can be assigned to a FID so that all the users that share a common FID can communicate with each other regardless of their VLAN afﬁliation. However, for the sake of security, the members of one FID cannot communicate with the members of another FID.

To set up a VLAN, all the network switch devices that are assigned to the VLAN must support the IEEE 802.1Q speciﬁcation for VLANs. Before you attempt to implement a VLAN strategy, ensure that the switches under consideration support the IEEE 802.1Q speciﬁcation.

1.4 VLAN T ERMS

T o fully understand the operation and conﬁguration of port based VLANs, it is essential to understand the deﬁnitions of several key terms.

VLAN ID

A unique number (between 1 and 4094) that identiﬁes a particular VLAN.

VLAN Name

A 32-character alphanumeric name associated with a VLAN ID. The VLAN Name is intended to make user-deﬁned VLANs easier to identify and remember.

Filtering Database Identiﬁer (FID)

Addressing information that the device learns about a VLAN is stored in the ﬁltering database assigned to that VLAN. Several VLANs can be assigned to the same FID to allow those VLANs to share addressing information. This enables the devices in the different VLANs to communicate with each other when the individual ports have been conﬁgured to allow communication to occur.

1-4 802.1Q VLAN User’s Guide

Page 17

VLAN Terms

The conﬁguration is accomplished using the Local Management VLAN Forwarding Conﬁguration screen. By default a VLAN is assigned to the FID that matches its VLAN ID.

Tag Header (VLAN Tag)

Four bytes of data inserted in a frame that identiﬁes the VLAN/frame classiﬁcation. The Tag Header is inserted into the frame directly after the Source MAC address ﬁeld. Twelve bits of the Tag Header represent the VLAN ID. The remaining bits are other control information.

Tagged Frame

A data frame that contains a Tag Header. A VLAN aware device can add the Tag Header to any frame it transmits.

Untagged Frame

A data frame that does not have a Tag Header.

Default VLAN

The VLAN to which all ports are assigned upon initialization. The Default VLAN has a VLAN ID of 1 and cannot be deleted or renamed.

Forwarding List

A list of the ports on a particular device that are eligible to transmit frames for a selected VLAN.

Port VLAN List

A per port list of all eligible VLANs whose frames can be forwarded out one speciﬁc port and the frame format (tagged or untagged) of transmissions for that port. The Port VLAN List speciﬁes what VLANs are associated with a single port for frame transmission purposes.

Filtering Database

A database structure within the switch that keeps track of the associations between MAC addresses, VLANs, and interface (port) numbers. The Filtering Database is referred to when a switch makes a forwarding decision on a frame.

1Q T runk

A connection between 802.1Q switches that passes only trafﬁc with a VLAN Tag Header inserted in the frame. By default, a port designated as a 1Q Trunk port has all VLANs in its Port VLAN List and is conﬁgured to transmit all frames as tagged frames. A 1Q Trunk drops all incoming frames that do not have a VLAN tag.

802.1Q VLAN User’s Guide 1-5

Page 18

Chapter 1:

1D T runk

Virtual Local Area Networks

A connection from a switch that passes only untagged trafﬁc. By default, a port designated as a 1D Trunk port has all VLANs on its Port VLAN List and is conﬁgured to transmit all frames as untagged frames.

Generic Attribute Registration Protocol (GARP)

GARP is a protocol used to propagate state information throughout a switched network.

GARP VLAN Registration Protocol (GVRP)

A GARP application used to dynamically create VLANs across a switched network.

GARP Multicast Registration Protocol (GMRP)

A GARP application that functions in a similar fashion as GVRP, except that GMRP registers multicast addresses on ports to control the ﬂooding of multicast frames.

1-6 802.1Q VLAN User’s Guide

Page 19

Getting Help

1.5 GETTING HELP

For additional support related to this device or document, contact Cabletron Systems using one of the following methods:

World Wide Web http://www.cab letron.com/ Phone (603) 332-9400 Internet mail support@cabletron.com FTP ftp://ftp.cabletron.com/

To send comments or suggestions concerning this document, contact the Cabletron Systems Technical Writing Department via the following email address:

Make sure to include the document Part Number in the email message.

TechWriting@cabletron.com

Before calling Cabletron Systems, have the following information ready:

•

Your Cabletron Systems service contract number

•

A description of the failure

anonymous your email address

•

A description of any action(s) already taken to resolve the problem (e.g., changing mode switches, rebooting the unit, etc.)

•

The serial and revision numbers of all involved Cabletron Systems products in the network

•

A description of your network environment (layout, cable type, etc.)

•

Network load and frame size at the time of trouble (if known)

•

The device history (i.e., have you returned the device before, is this a recurring problem, etc.)

•

Any previous Return Material Authorization (RMA) numbers

802.1Q VLAN User’s Guide 1-7

Page 20

Chapter 1:

Virtual Local Area Networks

1-8 802.1Q VLAN User’s Guide

Page 21

CHAPTER 2

VLAN OPERATION

This chapter describes the operation of a VLAN switch and discusses the operations that a VLAN switch performs in response to both normal and VLAN-originated network trafﬁc.

2.1 DESCRIPTION

The 802.1Q VLAN operation is slightly different than the operation of traditional switched networking systems. These differences are due to the importance of keeping track of each frame and its VLAN association as it passes from switch to switch or from port to port within a switch.

2.2 VLAN COMPONENTS

Before describing the operation of an 802.1Q VLAN, it is important to understand the basic elements that are combined to make up an 802.1Q VLAN.

Stations

A station is any end unit that belongs to a network. In the vast majority of cases, stations are the computers through which the users access the network.

Switches

In order to conﬁgure a group of stations into a VLAN, the stations must be connected to VLAN aware switches. It is the job of the switch to classify received frames into VLAN memberships and transmit frames, according to VLAN membership, with or without a VLAN Tag Header.

802.1Q VLAN User’s Guide 2-1

Page 22

Chapter 2:

VLAN Operation

2.3 CONFIGURATION PROCESS

Before a VLAN can operate, steps must be performed to conﬁgure the switch to establish and conﬁgure a VLAN. Cabletron Systems VLAN aware SmartSwitches default to operate in the 802.1Q VLAN mode. However, further conﬁguration is necessary to establish multiple logical networks.

NOTE

The actual steps involved in VLAN conﬁguration using Local Management are presented in Chapter 3,

Conﬁguration

must be taken in very general terms, and is intended only to aid in the Administrator’s understanding of VLAN switch operation.

.This brief section describes the actions that

VLAN

2.3.1 Deﬁning a VLAN

A VLAN must exist and have a unique identity before any ports or rules can be assigned to it. The Administrator deﬁnes a VLAN by assigning it a unique identiﬁcation number (the VLAN ID), a ﬁlter database association, and an optional name. The VLAN ID is the number that will identify data frames originating from, and intended for, the ports that will belong to this new VLAN.

2.3.2 Classifying Frames to a VLAN

Now that a VLAN has been created, rules are deﬁned to classify all frames in a VLAN. This is accomplished through management by associating a VLAN ID with each port on the switch. Optionally, frames can be classiﬁed according to a protocol identiﬁer contained within the frame. The order of frame classiﬁcation priority is by VLAN Tag, a protocol match, and lastly the PVID. This combination of the switch port’s identiﬁcation and the VLAN ID becomes the Port VLAN ID (PVID).

At the same time, the Administrator conﬁgures the trunk ports that need to consider themselves members of every VLAN. The conﬁguration of trunk ports is very important in multiswitch VLAN conﬁgurations where a frame’s VLAN membership needs to be maintained across several switches.

2-2 802.1Q VLAN User’s Guide

Page 23

VLAN Switch Operation

2.3.3 Customizing the VLAN Forwarding List

Each port on a VLAN aware switch has a VLAN forwarding list that contains, as a minimum, the PVID of the VLAN conﬁgured. Additionally, the Port VLAN Forwarding List of each port can be conﬁgured to allow any number of VLANs to be added to its list. In the case of GMRP (dynamic VLANs), the list can have VLANs added and deleted by the switch as directed by the protocol.

2.4 VLAN SWITCH OPERATION

IEEE 802.1Q VLAN switches act on the classiﬁcation of frames into VLANs. Sometimes, VLAN classiﬁcation is based on tags in the headers of data frames. These VLAN tags are added to data frames by the switch as the frames are transmitted out certain ports, and are later used to make forwarding decisions by the switch and other VLAN aware switches. In the absence of a VLAN tag header, the classiﬁcation of a frame into a particular VLAN depends upon the conﬁguration of the switch port that received the frame.

The operation of an 802.1Q VLAN switch is best understood from a point of view of the switch itself. To illustrate this concept, the examples that follow view the switch operations from

inside

the switch.

802.1Q VLAN User’s Guide 2-3

Page 24

Chapter 2:

VLAN Operation

Figure 2-1 depicts the inside of a switch with six ports, numbered one

through six. The switch has been conﬁgured to associate VLAN A and B with FID 2, VLAN C and D with FID 3, and VLAN E with FID 4. Port 6 has been classiﬁed as a 1Q Trunk Port. This classiﬁcation establishes that all VLANs are members of the Port VLAN List for Port 6 and the frames transmitted for all VLANs will contain a tag header. Also the PVID for Port 6 is set to the default VLAN with its corresponding relationship to FID 1. Although untagged frames are not usually present on a 1Q Trunk Port, any untagged frames received w ould need to be classiﬁed if the port has not been conﬁgured to drop all untagged frames.

Port 1

Port 2

A FID 2

D FID 3

Port 4

Figure 2-1 Inside the Switch

Port 5

B FID 2

E FID 4

Port 3

C FID 3

Default FID 1

Port 6

2599-02

2.4.1 Receiving Frames from VLAN Ports

When a switch is placed in 802.1Q Operational Mode, every frame received by the switch must belong, or be assigned, to a VLAN.

Untagged Frames

The switch receives a frame from Port 1 and examines the frame. The switch notices that this frame does not currently have a VLAN tag. The switch recognizes that Port 1 is a member of VLAN A and classiﬁes the frame as such. In this fashion, all untagged frames entering a VLAN switch assume membership in a VLAN.

NOTE

2-4 802.1Q VLAN User’s Guide

A VLAN ID is always assigned to a port. By default, it is the Default VLAN (VLAN ID = 1).

Page 25

VLAN Switch Operation

The switch will now make a forwarding decision on the frame, as described in Section 2.4.2, Forwarding Decisions.

Tagged Frames

In this example, the switch receives a tagged frame from Port 4. The switch examines the frame and notices the frame is tagged for VLAN C. This frame may have already been through a VLAN aware switch, or originated from a station capable of specifying a VLAN membership. If a switch receives a frame containing a tag, the switch will classify the frame in regard to its tag rather than the PVID for its port.

The switch will now make a forwarding decision on the frame, as described in Section 2.4.2, Forwarding Decisions.

2.4.2 Forwarding Decisions

The type of frame under consideration and the ﬁlter setting of a VLAN switch determines how it forwards VLAN frames.

2.4.2.1 Broadcasts, Multicasts, and Unknown Unicasts

If a frame with a broadcast, multicast, or other unknown address is received by an 802.1Q VLAN aware switch, the switch checks the VLAN classiﬁcation of the frame. The switch then forwards the frame out all ports that are identiﬁed in the Forwarding List for that VLAN. For example, if Port 3, shown in Figure 2-1, received the frame, the frame would then be sent to all ports that had VLAN C in their Port VLAN List.

2.4.2.2 Known Unicasts

When a VLAN switch receives a frame with a known MAC address as its destination address, the action taken by the switch to determine how the frame is transmitted depends on the VLAN, the VLAN associated FID, and if the port identiﬁed to send the frame is enabled to do so.

When a frame is received it is classiﬁed into a VLAN. The destination address is looked up in the FID associated with the VLAN. If a match is found, it is forwarded out the port identiﬁed in the lookup if, and only if, that port is allowed to transmit frames for that VLAN. If a match is not found, then the frame is ﬂooded out all ports that are allowed to transmit frames belonging to that VLAN.

802.1Q VLAN User’s Guide 2-5

Page 26

Chapter 2: VLAN Operation

For example, assume that a frame is received by the switch depicted in

Figure 2-1. This frame is a unicast untagged frame received on Port 3.

The frame is then classiﬁed for VLAN C. The switch then makes its forwarding decision by comparing the destination MAC address to its ﬁltering database. In this case, the MAC address is looked up in the ﬁltering database FID 3, which is associated with VLAN C and VLAN D. The switch recognizes the destination MAC address of the frame as being located out Port 4.

Having made the forwarding decision, the switch now examines the Port VLAN List of Port 4 to determine if it may transmit a frame belonging to VLAN C. If so, the frame is transmitted out Port 4. If Port 4 has not been conﬁgured to transmit frames belonging to VLAN C, the frame is discarded.

2.5 GARP SWITCH OPERATION

Some or all ports on the switch may be activated to operate under the Generic Attribute Registration Protocol (GARP) applications, GVRP and/or GMRP. For a description of the protocols and how the frames are handled, refer to the user’s guide of your SmartSwitch device.

2-6 802.1Q VLAN User’s Guide

Page 27

CHAPTER 3

VLAN CONFIGURATION

This chapter describes how to set up the switch for local or remote management, and the VLAN Local Management screens used to create and conﬁgure VLANs in a SmartSwitch.

3.1 MANAGING THE SWITCH

The switch may be managed locally via a terminal connected to the COM port, or remotely (SNMP or Telnet sessions) from a management station connected to a switch port that is a member of the same VLAN as the switch’s Host Data Port. (By def ault, this is the default VLAN.) When the switch is conﬁgured with VLANs, special precautions must be taken to use remote management.

3.1.1 Switch Without VLANs

When the switch is powered up, the switch uses its default settings to switch frames like an 802.1D switch. In this default conﬁguration, all ports are a member of the default VLAN (VLAN 1) including the virtual Host Data Port of the switch, so any port can be used to manage the device as shown in Figure 3-1.

802.1Q Switch

1 2

Host Data Port

4 5

3 6

NOTE: All ports, including the virtual Host Data Port, are members of the default VLAN. Therefore, any station shown may be used as the management station.

2599_14

Figure 3-1 Switch Management with Only Default VLAN

802.1Q VLAN User’s Guide 3-1

Page 28

Chapter 3: VLAN Conﬁguration

3.1.2 Switch with VLANs

If the switch is to be conﬁgured for multiple VLANs, it may be desirable to conﬁgure a management-only VLAN. This allows a management station connected to the management VLAN to manage all ports on the switch and make management secure by preventing management via ports assigned to other VLANs.

NOTE

The switch’s virtual Host Data Port, like any other port, has conﬁgurable VLAN membership. For manageability of the device to be maintained, this port must be a member of the same VLAN as the port to which the management station is connected.

Figure 3-2 shows an example of a switch conﬁgured with port 1 on the

Management VLAN port and the other users belonging to VLANs A, B, and C.

Management VLAN

VLAN A

802.1Q Switch

1 2

Host Data Port

4 5

3 6

VLAN B

VLAN C

Set as an 802.1Q Trunk port.

Figure 3-2 Switch Management with VLANs

25992_15

To set up the switch shown in Figure 3-2 to establish a management VLAN on port 1, use the process described below:

1. Use the Device VLAN Configuration screen for the following: a. Deﬁne a new VLAN named “Management VLAN” (or other

suitable name) and its VLAN ID. In this example, the VLAN ID is set to 2.

3-2 802.1Q VLAN User’s Guide

Page 29

Managing the Switch

b. Set the FID so the Management VLAN has its own number to

make the VLAN secure. In this example, the FID is 3 and no other VLAN should be assigned to this FID. This keeps the new VLAN from sharing its filtering database with other VLANs in the switch. For details on defining a VLAN, refer to Section 3.4.1.

2. Use the Port Assignment Configuration screen for the following:

a. Assign the VLAN ID, 2, of the ne w Management VLAN to a port.

In this example, it is port 1. Leave the Port Mode setting in the default value of HYBRID.

NOTE

It is not necessary to conﬁgure a physical port for management on each switch. Only those switches that will have a management station attached to it need a physical port assigned to the Management VLAN.

b. Assign the VLAN ID, 2, of the new Management VLAN to the

Host Data Port. The port number will depend on the device. This port is not a physical port and will usually be one number above the maximum number physical ports on the device, including the ports on any optional interfaces installed. In this example, it will be port 8. Leave the Port Mode setting in the default value of HYBRID. For details on assigning a VLAN ID, refer to

Section 3.4.2.

This process would be repeated on every switch that is connected in the network to ensure that each switch has a secure Management VLAN for switch management.

If the switch was connected to another switch via port 7, which was set as a 1Q Trunk port, then the management station connected to the Management VLAN port of either switch could manage both switches.

NOTE

The management stations at each switch must be on the same Management VLAN.

No matter how many switches are connected, a management station connected to any port on the same Management VLAN can be used to remotely manage any Cabletron Systems 802.1Q switch in the network as long as the Host Data Port of all the switches are members of the same Management VLAN.

802.1Q VLAN User’s Guide 3-3

Page 30

Chapter 3: VLAN Conﬁguration

3.2 SUMMARY OF VLAN LOCAL MANAGEMENT

The VLAN conﬁguration process is an extension of normal Local Management operations. A series of Local Management screens provides access to the functions and commands necessary to add, change, or delete VLANs and to assign ports to those VLANs.

A switch supporting 802.1Q VLANs provides the VLAN Conﬁguration screens as a standard part of its Local Management hierarchy when the switch is conﬁgured to operate in 802.1Q Mode. The hierarchy of the Local Management screens pertaining to 802.1Q VLAN conﬁguration is shown in Figure 3-3.

802.1Q VLAN Configuration Menu

Figure 3-3 802.1Q VLAN Screen Hierarchy

Device VLAN Configuration Port Assignment Configuration Port Filtering Configuration

VLAN Forwarding Configuration Protocol VLAN Configuration

Protocol Ports Configuration

25994_03

3.2.1 Preparing for VLAN Conﬁguration

A little forethought and planning is essential to a good VLAN implementation. Before attempting to conﬁgure a single switch for VLAN operation, consider the following:

• How many VLANs will be required

• What stations will belong to them

• What ports are connected to those stations

• What ports will be conﬁgured as GARP-aware ports

It may also be helpful to sketch out a diagram of your VLAN strategy. The examples provided in Chapter 4 may be useful for a depiction of the planning process.

Access Local Management as described in your device user’s guide. Perform all required initial setup operations. Navigate to the 802.1Q VLAN Conﬁguration Menu screen to begin the VLAN conﬁguration process for the device.

3-4 802.1Q VLAN User’s Guide

Page 31

802.1Q VLAN Conﬁguration Menu Screen

3.3 802.1Q VLAN CONFIGURATION MENU SCREEN

When to Use

To select screens to assign switched network ports to VLANs, deﬁne new VLANs, and conﬁgure port ﬁltering according to a VLAN list or untagged frames. Network users can be logically grouped into VLANs even if they span long physical distances over a vast, intricate physical network. The VLAN Local Management menu items listed on the 802.1Q VLAN Conﬁguration Menu allow such VLANs to be conﬁgured on a network at the switched port of the device or SmartSwitch chassis. Also, some or all of the ports on the switch can be conﬁgured as GVRP ports, which enable frames received with a particular VLAN ID and protocol to be transmitted on a limited number of ports. This keeps the trafﬁc associated with a particular VLAN and protocol to be isolated from the other parts of the network.

Before attempting the VLAN conﬁguration, ensure that the device to be conﬁgured has been set for 802.1Q SWITCHING mode. The mode selection is a Local Management operation that is accessible through the General Conﬁguration screen of the device.

The device resets when changing operational modes.

CAUTION

802.1Q VLAN User’s Guide 3-5

Page 32

Chapter 3: VLAN Conﬁguration

How to Access

Use the arrow keys to highlight the 802.1Q VLAN CONFIGURA TION MENU item from the module, device, or chassis speciﬁc Conﬁguration

Menu screen and press ENTER. The 802.1Q VLAN Conﬁguration Menu screen displays.

Screen Example

6C105 LOCAL MANAGEMENT

802.1Q VLAN Configuration Menu

Module Type: xxxxx-xx Slot Number: xx

DEVICE VLAN CONFIGURATION

PORT ASSIGNMENT CONFIGURATION PORT FILTERING CONFIGURATION VLAN FORWARDING CONFIGURATION PROTOCOL VLAN CONFIGURATION

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

EXIT

RETURN

25994-04

Figure 3-4 802.1Q VLAN Conﬁguration Menu Screen

3-6 802.1Q VLAN User’s Guide

Page 33

802.1Q VLAN Conﬁguration Menu Screen

Menu Deﬁnitions

Table 3-1 802.1Q VLAN Conﬁguration Menu Screen Menu Items Menu Item Screen Function

DEVICE VLAN CONFIGURATION

PORT ASSIGNMENT CONFIGURATION

PORT FILTERING CONFIGURATION

VLAN FORWARDING CONFIGURATION

PROTOCOL VLAN CONFIGURATION

Used to view, add, name, enable, or disable VLANs within the device, and also associate the VLANs to a Filter Database ID (FID). It also enables the user to conﬁgure attributes that apply to the entire switch and/or VLANs. Refer to Section 3.4 for additional information.

Displays a list of ports and enables the user to assign a Port VLAN ID (PVID) to each port. The screen also allows the user to change the operational mode of a port. Refer to Section 3.5 for additional information.

Used to set the switch to ﬁlter out inbound frames to prevent them from being forwarded by the switch out a particular port. This screen also lists the VLANs whose frames are eligible to be transmitted out that port. Refer to Section 3.6 for additional information.

Used to view which ports are included in the VLAN’s Forwarding List and whether to include a Tag Header in a frame being transmitted. Refer to Section 3.7 for additional information.

Used to assign VLAN IDs to protocol types of received frames and to access the Protocol Port Conﬁguration screen to add or delete transmitting ports associated with a speciﬁc VLAN ID and protocol type. Refer to

Section 3.6 for additional information.

802.1Q VLAN User’s Guide 3-7

Page 34

Chapter 3: VLAN Conﬁguration

3.4 DEVICE VLAN CONFIGURATION SCREEN

When to Use

To deﬁne the operating characteristics of the switch to add, name, delete, enable, and disable VLANs, and assign VLANs to FIDs. The screen can display up to eight VLANs simultaneously.

How to Access

Use the arrow keys to highlight the DEVICE VLAN CONFIGURA TION menu item on the 802.1Q VLAN Conﬁguration

Menu screen and press ENTER. The Device VLAN Conﬁguration screen displays.

Screen Example

6C105 LOCAL MANAGEMENT

Device VLAN Configuration

Module Type: xxxxx-xx Slot Number: xx

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

Forward Default VLAN Out All Ports: [NO]

VLAN ID 1

VLAN ID: 1 FID: 1 VLAN Name: DEFAULT VLAN [ADD]

SAVE

FID 1

VLAN Name DEFAULT VLAN

EXIT

Admin Status

[Enabled]

RETURN

25993-05

Figure 3-5 Device VLAN Conﬁguration Screen

3-8 802.1Q VLAN User’s Guide

Page 35

Device VLAN Conﬁguration Screen

Field Deﬁnitions

Table 3-2 Device VLAN Conﬁguration Screen Field Deﬁnitions Use this ﬁeld … To …

Forward Default VLAN Out All Ports (Toggle)

VLAN ID -

part of screen

(Read-Only)

FID -

upper

upper part

of screen

(Read-Only)

Admin Status

(Toggle)

VLAN ID -

lower

part of screen

(Modiﬁable)

lower part

FID -

of screen

(Modiﬁable)

Assign or remove the default VLAN from the Port VLAN List for all ports. When set to YES, the default VLAN is added to the Port VLAN List of all ports that do not already include it. When set to NO, the default VLAN is removed from the Port VLAN List of an y port that does not have the default VLAN as its PVID. The default is NO.

Display the assigned VLAN IDs that are conﬁgured in the module. Initially, only the Default VLAN (VLAN ID: 1) is listed.

Display the names assigned to the corresponding VLAN IDs. If a name has not been assigned to a VLAN, the VLAN Name ﬁeld displays, “Not Deﬁned”.

Set the current state of the associated VLAN. This ﬁeld toggles between Enabled and Disabled. An enab led VLAN is operational and a disabled VLAN is not operational. If a VLAN is disabled, all ports assigned to that VLAN will assume a PVID of the default VLAN.

Enter input to select or deﬁne a new VLAN ID.

Display the FID currently associated with the VLAN typed in the VLAN ID ﬁeld. A new number can be typed into the FID ﬁeld to reassign the VLAN to a different ﬁltering database. Each VLAN will def ault to a FID that matches its VLAN ID and can be changed to a FID from 1 to 1094.

VLAN Name -

lower part of screen

(Modiﬁable)

ADD/DEL

(Toggle)

Assign or change names of VLANs. The VLAN Name (with up to 32 characters) is an optional attribute of a VLAN, and is not required for VLAN operation.

T oggle the action tak en between adding the entered VLAN to the switch or deleting the selected VLAN from the switch.

802.1Q VLAN User’s Guide 3-9

Page 36

Chapter 3: VLAN Conﬁguration

3.4.1 Deﬁning a VLAN

To deﬁne a VLAN, proceed as follows:

1. Use the arrow keys to highlight the VLAN ID field.

2. Enter the VLAN ID using a unique number between 2 and 4094. The

VLAN IDs of 0, 1, and 4095 may not be used for user-defined VLANs. If an illegal number is entered, the Event Message Line will display:

”PERMISSIBLE RANGE FOR VLAN IDS: 2 to 4094” and the field will refresh with the previous value.

NOTE

Each VLAN ID must be unique. If a duplicate VLAN ID is

entered, the switch assumes that the Administrator intends to

modify the existing VLAN.

3. If the VLAN is to be assigned to a different filtering database, use the

arrow keys to highlight the FID field. If the VLAN is not going to be assigned to a different FID, go to step 5.

4. Type in the ID number of the FID.

5. Use the arrow keys to highlight the VLAN Name field.

6. Type a name of up to 32 ASCII characters in the VLAN Name field

This is an optional attribute of a VLAN, and is not required for VLAN operation.

7. Use the arrow keys to highlight the ADD/DEL field.

8. Press the SPACE bar to select ADD for a deﬁned VLAN. Press

ENTER. The new VLAN will be added to the VLAN list. The message “VLAN ADDED” displays in the Event Message Line in the upper left-hand corner of the screen.

The VLAN will not be saved to the switch until the configuration is saved.

9. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The message “SAVED OK” displays.

3-10 802.1Q VLAN User’s Guide

Page 37

Device VLAN Conﬁguration Screen

3.4.2 Changing the VLAN to FID Association

To change the association of a VLAN to a FID, proceed as follows:

1. Use the arrow keys to highlight the VLAN ID field.

2. Enter the VLAN ID of the VLAN of which the FID association is to

be changed. If an illegal number is entered, the Event Message Line will display:

”PERMISSIBLE RANGE FOR VLAN IDS: 2 to 4094” and the field will refresh with the previous value.

3. Use the arrow keys to highlight the FID field.

4. Type in the ID number of the FID. If the ID number is valid, the Event

Message Line in the upper left hand corner of the screen displays “VLAN # UPDATED”, where # represents the entered ID number.

5. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The message “SAVED OK” displays.

3.4.3 Renaming a VLAN

To change the name of an existing VLAN, proceed as follows:

1. Enter the VLAN ID. The VLAN Name field will automatically update

to display the VLAN’s current name.

2. Use the arrow keys to highlight the VLAN Name field.

3. Type a name of up to 32 ASCII characters in the VLAN Name field.

Press ENTER. If the name is valid, the Event Message Line in the upper left hand corner of the screen displays “VLAN # UPDATED”, where # represents the entered VLAN name.

4. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The message “SAVED OK” displays.

802.1Q VLAN User’s Guide 3-11

Page 38

Chapter 3: VLAN Conﬁguration

3.4.4 Deleting a VLAN

To delete a VLAN from the current VLAN list, proceed as follows:

1. Enter the VLAN ID. The VLAN Name field will automatically update

to display the VLAN’s name if that VLAN has been previously configured.

2. Use the arrow keys to highlight the ADD/DEL field.

3. Press the SPACE bar to select DEL. Press ENTER. The VLAN is

removed from the list. The message “VLAN DELETED” displays in the Event Message Line in the upper left-hand corner of the screen.

4. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The message “SAVED OK” displays.

NOTE

The default VLAN cannot be deleted from the list.

3.4.5 Enabling VLANs

To enable a VLAN, proceed as follows:

1. Use the arrow keys to highlight the Admin Status field of the selected

VLAN.

2. Press the SPACE bar to toggle the field to display Enabled.

3. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

4. Press ENTER. The message “SAVED OK” displays.

3.4.6 Disabling VLANs

To disable a VLAN, proceed as follows:

1. Use the arrow keys to highlight the Admin Status field of the selected

VLAN.

2. Press the SPACE bar to toggle the field to display Disabled.

3. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

3-12 802.1Q VLAN User’s Guide

Page 39

Device VLAN Conﬁguration Screen

4. Press ENTER. The message “SAVED OK” displays.

NOTE

The default VLAN cannot be disabled.

3.4.7 Changing the Forwarding Mode

To change the forwarding mode of the switch, proceed as follows:

1. Use the arrow keys to highlight the Forward Default VLAN Out All

Ports field.

2. Press the SPACE bar or BACKSPACE to toggle between YES and

NO. The YES selection places the default VLAN (VLAN ID=1) in the

Port VLAN Lists of all ports on the switch. The NO selection removes the default VLAN from the Port VLAN Lists of all ports, unless those ports have a PVID of 1 (those belonging to only the Default VLAN).

3. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

4. Press ENTER. The message “SAVED OK” displays.

3.4.8 Paging Through the VLAN List

To display additional VLANs that do not display in the current VLAN List as shown on the screen, use the NEXT or PREVIOUS commands located at the bottom of the screen, as follows:

NOTE

The NEXT and PREVIOUS ﬁelds will only display if there are further VLAN List entries to page through.

1. To display the next screen, use the arrow keys to highlight NEXT.

Press ENTER to view the entries on the next screen.

2. To display the previous screen, use the arrow keys to highlight

PREVIOUS. Press ENTER to view the entries on the previous screen.

802.1Q VLAN User’s Guide 3-13

Page 40

Chapter 3: VLAN Conﬁguration

3.5 PORT ASSIGNMENT CONFIGURATION SCREEN

When to Use

To select a mode of operation for each port and to assign a Port VLAN Identiﬁcation (PVID) to each port.

How to Access

Use the arrow keys to highlight the POR T ASSIGNMENT CONFIGURA TION menu item on the 802.1Q VLAN Conﬁguration

Menu screen and press ENTER. The Port Assignment Conﬁguration screen displays.

Screen Example

6C105 LOCAL MANAGEMENT

Port Assignment Configuration

Module Type: xxxxx-xx Slot Number: xx

Port

1 2 3 4 5 6 7 8 9 10 11 12

Port Mode

[1D TRUNK] [1Q TRUNK] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID]

VLAN ID

[0001]

[0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001]

FID

0001 0001 0001 0001 0001 0001 0001 0001 0001 0001 0001 0001

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

VLAN Name

Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN

SAVE PREVIOUS NEXT

EXIT

RETURN

25992-06

Figure 3-6 Port Assignment Conﬁguration Screen

3-14 802.1Q VLAN User’s Guide

Page 41

Port Assignment Conﬁguration Screen

Field Deﬁnitions

Table 3-3 Port Assignment Conﬁguration Screen Field Deﬁnitions

Use this ﬁeld … To …

Port

(Read-Only)

Port Mode

(Selectable)

VLAN ID

(Selectable)

FID (Read-Only) Display the FID associated with the VLAN ID. This ﬁeld

VLAN Name

(Read-Only)

See the port numbers of the interfaces of the current module.

Display the current operational mode for the corresponding port and select one of three modes: HYBRID, 1Q TRUNK, or ID TRUNK. The default is HYBRID.

Select the ID number of the VLAN that is associated with the current port (Port VLAN ID). This is the VLAN ID into which any untagged frame will be classiﬁed. The default PVID is 0001.

updates as the associated VLAN ID ﬁeld is changed. Display the name that is associated with the current

VLAN ID. If a name was not assigned to a VLAN, “NOT DEFINED” displays as the VLAN name.

3.5.1 Changing the Port Mode

To change the operational mode of a port, proceed as follows.

1. Use the arrow keys to highlight the PORT MODE field for the

module and port combination you wish to change.

2. Use the SPACE bar or BACKSPACE key to step through the available

selections. A port may be configured for any of the following modes:

• HYBRID – This is the default mode for all ports on the switch.

The initial Port VLAN List includes the PVID with a frame format of untagged. Any other VLANs desired for the Port VLAN List need to be manually conﬁgured. By changing the default mode to 1Q Trunk or 1D Trunk, the Port VLAN List and the associated frame type are automatically conﬁgured.

802.1Q VLAN User’s Guide 3-15

Page 42

Chapter 3: VLAN Conﬁguration

• 1Q TRUNK – This mode sets the port for transmitting to another

802.1Q aware device. In this mode, all frames are transmitted with a tag header included in the frame (excluding BPDUs). The switch will drop all untagged frames it receives on the 1Q T runk port. The Port VLAN List for the port includes all VLANs.

• 1D TRUNK – This mode sets the port for transmitting to a legacy

802.1D switch fabric. In this mode, all incoming frames are classiﬁed into the default VLAN and all frames are transmitted untagged. The switch expects to receive only untagged frames through the 1D Trunk port. This mode also updates the Port VLAN List and makes the port eligible to transmit frames for all VLANs. The 1D T runk mode can be used in conjunction with the “Forward Default VLAN Out All Ports” parameter and the Default VLAN to allow all stations on a legacy portion of the network to access all stations or servers in the 802.1Q portion of the network.

3. When the desired operational mode for the port is displayed, use the

arrow keys to highlight the SAVE command at the bottom of the screen.

4. Press ENTER. The message “SAVED OK” displays.

3.5.2 Assigning a VLAN ID

The Port Assignment Conﬁguration screen also enables the user to set each port’s VLAN ID (PVID) by stepping through a list of all conﬁgured VLANs. To assign a VLAN ID to a port in this manner, perform the following steps:

NOTE

1. Use the arrow keys to highlight the VLAN ID field for the port

2. Use the SPACE bar or BACKSPACE key to step sequentially through

3-16 802.1Q VLAN User’s Guide

It may be necessary to use the NEXT and PREVIOUS commands to page through the available ports. For instructions, refer to Section 3.5.3.

combination you wish to change.

the previously configured VLAN ID numbers. Only existing VLAN IDs will be displayed.

Page 43

Port Filtering Conﬁguration Screen

NOTE

New VLAN IDs must be created with the functions available on the Device VLAN Conﬁguration screen, discussed in

Section 3.4.

3. When the desired VLAN ID is displayed, use the arrow keys to

highlight the SAVE command at the bottom of the screen.

4. Press ENTER. The message “SAVED OK” displays.

3.5.3 Paging Through the Port List

To display additional ports that do not display in the current screen, use the NEXT or PREVIOUS commands at the bottom of the screen, as follows:

NOTE

1. To display the next screen, use the arrow keys to highlight NEXT.

2. To display the previous screen, use the arrow keys to highlight

The NEXT and PREVIOUS ﬁelds will only display if there are further Port List entries to page through.

Press ENTER to view the entries on the next screen.

PREVIOUS. Press ENTER to view the entries on the previous screen.

3.6 PORT FILTERING CONFIGURATION SCREEN

When to Use

To perform the following functions:

• Select a port and view a list of VLANs that are conﬁgured to ha ve their

frames transmitted out that port.

• Filter out certain incoming frames according to the VLAN List and

prevent them from being switched and transmitted out another port.

• Filter out of all incoming untagged frames so they will not be

transmitted out another port.

802.1Q VLAN User’s Guide 3-17

Page 44

Chapter 3: VLAN Conﬁguration

How to Access

Use the arrow keys to highlight the PORT FILTERING CONFIGURATION menu item on the 802.1Q VLAN Conﬁguration

Menu screen and press ENTER. The Port Filtering Conﬁguration screen displays.

Screen Example

6C105 LOCAL MANAGEMENT

Port Filtering Configuration

Module Type: xxxxx-xx Slot Number: xx

Port VLAN List

VLAN ID 0001 0003 0004 0012 0014 0020

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

VLAN Name Default VLAN Not Defined Not Defined Not Defined Not Defined Not Defined

Port: [002]

SAVE PREVIOUS NEXT

Filter Using VLAN Lists: [NO]

Filter All Untagged Frames: [NO]

EXIT

RETURN

25992-07

Figure 3-7 Port Filtering Conﬁguration Screen

3-18 802.1Q VLAN User’s Guide

Page 45

Port Filtering Conﬁguration Screen

Field Deﬁnitions

Table 3-4 Port Filtering Conﬁguration Screen Field Deﬁnitions Use this ﬁeld … To …

VLAN ID

(Read-Only)

VLAN Name

(Read-Only)

Port

(Selectable)

Filter Using VLAN Lists

(Toggle)

Filter All Untagged Frames

(Toggle)

See the VLAN ID of the VLANs that are conﬁgured to ha ve their frames transmitted out the port selected in the Port # ﬁeld.

See the names of the VLANs associated with the VLAN ID. If a VLAN does not have a name, “Not Deﬁned” is displayed.

To step to the port number of the interface being conﬁgured including the selection of ALL ports.

Filter out (drop) frames that are classiﬁed, via their VLAN tag, as belonging to a VLAN that is not on the Port VLAN List and prevent them from being forwarded by the switch.

This ﬁeld toggles between YES and NO. YES enables ﬁltering according to the Port VLAN List. NO allows the switch to forward the frames. The default is NO.

To ﬁlter out all incoming untagged frames so they will not be forwarded by the switch. This ﬁeld toggles between YES and NO. YES enables the ﬁltering of untagged frames. NO allows the switch to forward untagged frames. The default is NO.

3.6.1 Displaying VLAN IDs Associated with a Port

To display the VLAN IDs and VLAN Names of the VLANs associated with a particular port, proceed as follows:

1. Use the arrow keys to highlight the Port field.

2. Use the SPACE bar or BACKSPACE key to step through the available

port selections. The screen displays the Port VLAN List of the selected Port. If ALL is selected, no VLAN ID or VLAN Name information is displayed under Port VLAN List.

3. T o display additional VLANs that do not display in the current screen

display, use the NEXT or PREVIOUS commands located at the bottom of the screen, as follows:

802.1Q VLAN User’s Guide 3-19

Page 46

Chapter 3: VLAN Conﬁguration

NOTE

The NEXT and PREVIOUS ﬁelds will only display if there are

further VLANs in the list to page through.

4. To display the next screen, use the arrow keys to highlight NEXT.

Press ENTER to view the entries on the next screen.

5. To display the previous screen, use the arrow keys to highlight

PREVIOUS. Press ENTER to view the entries on the previous screen.

3.6.2 Selecting the Type of Filtering for a Port

A port can be set to ﬁlter out received frames according to its Port VLAN List. This keeps them from being transmitted and drops all untagged frames from being transmitted. To set this type of ﬁltering, proceed as follows:

1. Use the arrow keys to highlight the Port # field.

2. Use the SPACE bar or BACKSPACE key to step through the available

port selections.

3. Use the arrow keys to highlight the Filter Using VLAN List field.

4. Use the SPACE bar or BACKSPACE key to toggle between YES and

NO. When set to YES, the switch will drop all incoming frames that

are classified with a VLAN tag of a VLAN that does not appear on the Port VLAN List. The default is NO.

5. Use the arrow keys to highlight the Filter All Untagged Frames field.

6. Use the SPACE bar or BACKSPACE key to toggle between YES or

NO. When set to YES, the switch will drop all incoming frames that

do not have a VLAN tag header. The default is NO.

7. To save the settings, Use the arrow keys to highlight the SAVE

command at the bottom of the screen.

8. Press ENTER. The message “SAVED OK” displays. The settings are

saved.

3-20 802.1Q VLAN User’s Guide

Page 47

VLAN Forwarding Conﬁguration Screen

3.7 VLAN FORWARDING CONFIGURATION SCREEN

When to Use

To perform the following functions:

• View the ports included in a VLAN’s Forwarding List.

• Deﬁne which ports to include in the VLAN’s Forwarding List.

• Specify the formats of the frames (Tagged or Untagged) that a VLAN

port will forward.

How to Access

Use the arrow keys to highlight the VLAN FORWARDING CONFIGURATION menu item on the 802.1Q VLAN Conﬁguration

Menu screen and press ENTER. The VLAN Forwarding Conﬁguration screen displays.

Screen Example

6C105 LOCAL MANAGEMENT VLAN Forwarding Configuration

Module Type: xxxxx-xx Slot Number: xx

Current VLAN Ports

Port 15 Port 17 Port 20 Port 23 Port 24 Port 25 Port 35 Port 30

VLAN ID: [4094]

Port: [30]

SAVE PREVIOUS NEXT

VLAN Name: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

Port Type Etherent Frontpanel Etherent Frontpanel Etherent Frontpanel Etherent Frontpanel Etherent Frontpanel Etherent Frontpanel ATM ELAN Finance ATM PVC VCI-1 VP!-23

ATM PVC VCI-1 VPI-23

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

Frame Format Untagged Untagged Untagged Untagged Untagged Untagged Tagged Untagged

[DELETE]

Frame Type: [Untagged]

EXIT

RETURN

25991-08

Figure 3-8 VLAN Forwarding Conﬁguration Screen

802.1Q VLAN User’s Guide 3-21

Page 48

Chapter 3: VLAN Conﬁguration

Field Deﬁnitions

Table 3-5 VLAN Forwarding Conﬁguration Screen Field Deﬁnitions Use this ﬁeld … To …

Current VLAN Ports

(Read-Only)

Port Type

(Read-Only)

Frame Format

(Read-Only)

VLAN ID

(Selectable)

VLAN Name

(Read-Only) ADD/DELETE

(Toggle)

Port (Selectable) Select the port number of the interface being conﬁgured.

Frame Type

(Toggle)

See the ports that are currently conﬁgured to transmit frames classiﬁed to the selected VLAN.

See the MIB2 interface description for the selected s witch port.

See the frame format (Tagged or Untagged) for the frames of the selected VLAN that the port will transmit.

Select the identiﬁcation of the VLAN under examination. This screen displays the list of ports currently conﬁgured to transmit frames for the VLAN ID in this ﬁeld.

See the name associated with the VLAN ID.

Swap the action taken to add or delete a port from the VLAN Forwarding List.

The MIB2 interface description of the port appears to the right of the Port ﬁeld. In Section 3-8, ATM PVC VCI-1 VPI-23 is the Port Type for Port 30.

Select the format of frames (Tagged or Untagged) that will be transmitted by the selected port for this VLAN. The default is Untagged.

3.7.1 Viewing Current VLAN Ports

To display the VLAN Forwarding List for a particular VLAN, proceed as follows:

1. Use the arrow keys to highlight the VLAN ID field. Use the SPACE

bar or BACKSPACE to step to the desired VLAN ID and VLAN Name.

2. Press ENTER. The screen updates to display the VLAN Forwarding

List for the selected VLAN.

3-22 802.1Q VLAN User’s Guide

Page 49

VLAN Forwarding Conﬁguration Screen

3.7.2 Paging Through VLAN Forwarding List Entries

To display additional entries in the VLAN Forwarding List that do not appear on the screen, use the NEXT or PREVIOUS commands located at the bottom of the screen, as follows:

1. To display the next screen, use the arrow keys to highlight NEXT.

Press ENTER to view the entries on the next screen.

2. To display the previous screen, use the arrow keys to highlight

PREVIOUS. Press ENTER to view the entries on the previous screen.

3.7.3 Adding Forwarding List Entries

To add a port to the VLAN Forwarding List, proceed as follows:

1. Use the arrow keys to highlight the VLAN ID field. Use the SPACE

bar or BACKSPACE to step to the desired VLAN ID and VLAN Name. Press ENTER.

2. Use the arrow keys to highlight the Port field. Step through the

available ports on the module with the SPACE bar or BACKSPACE.

3. Use the arrow keys to highlight the ADD/DELETE field. Press the

SPACE bar to select ADD or DELETE. Press ENTER. The Forwarding List entry will be added to the list of current VLANs

once the configuration is saved.

4. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

5. Press ENTER. The message “SAVED OK” displays.

The port is added to the VLAN Forwarding List of the selected VLAN.

3.7.4 Deleting Forwarding List Entries

To remove a port from the currently displayed VLAN Forwarding List, proceed as follows:

1. Use the arrow keys to highlight the VLAN ID field. Use the SPACE

bar or BACKSPACE to step to the desired VLAN ID and VLAN Name. Press ENTER.

802.1Q VLAN User’s Guide 3-23

Page 50

Chapter 3: VLAN Conﬁguration

2. Use the arrow keys to highlight the Port field. Step through the

available ports on the module with the SPACE bar or BACKSPACE.

3. Use the arrow keys to highlight the ADD/DELETE field. Press the

SPACE bar to select DEL. Press ENTER. The Forwarding List entry will be deleted from the list of current

VLANs once the configuration is saved.

4. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

5. Press ENTER. The message “SAVED OK” displays and the port is

deleted from the VLAN Forwarding List of the selected VLAN.

3.7.5 Changing the Frame Format

To change the frame format for a port, proceed as follows:

1. Use the arrow keys to highlight the Port field. Step through the

available ports by pressing the SPACE bar or BACKSPACE.

2. Using the arrow keys, select the Frame Type field. Use the SPACE

bar or BACKSPACE to toggle between Tagged or Untagged.

3. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

4. Press ENTER. The message “SAVED OK” displays.

3.8 PROTOCOL VLAN CONFIGURATION SCREEN

When to Use

To assign a protocol to a VLAN ID on one or more ports on the switch. This enables the switch to add a particular VLAN identiﬁer with the speciﬁed protocol to each frame that arrives on a conﬁgured port. Other switches receiving the frame will classify the frame according to the VLAN identiﬁer within the frame. Entries may also be deleted or modiﬁed.

When the frame is transmitted, it is sent to the ports associated with the VLAN ID as established using the Protocol Port Conﬁguration screen.

3-24 802.1Q VLAN User’s Guide

Page 51

Protocol VLAN Conﬁguration Screen

How to Access

Use the arrow keys to highlight the PR O TOCOL VLAN CONFIGURA TION menu item on the 802.1Q VLAN Conﬁguration

Menu screen and press ENTER. The Protocol VLAN Conﬁguration screen displays.

Screen Example

2E253-49R LOCAL MANAGEMENT

Protocol VLAN Configuration

Module Type: xxxx-xx Slot Number: xx

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

VLAN ID Protocol Type

0001 0x0800 (IP) 0002 0x0801 (CUSTOM)

VLAN ID: [ 2 ]

Configure Ports: [ ALL PORTS ]

Protocol Type: [ CUSTOM ] Ether type: 0x0800

SAVE

PREVIOUS NEXT

Feature Status:

Configured Ports

ALL PORTS USER DEFINED PORT LIST

[ ENABLED ]

[ ADD/MODIFY ]

Action:

EXIT

Figure 3-9 Protocol VLAN Conﬁguration Screen

RETURN

25991_23

802.1Q VLAN User’s Guide 3-25

Page 52

Chapter 3: VLAN Conﬁguration

Field Deﬁnitions

Table 3-6 Protocol VLAN Conﬁguration Screen Field Deﬁnitions

Use this ﬁeld … To …

VLAN ID -

upper

part of screen

(Selectable) Protocol T ype -

upper part of screen

(Selectable) Configured

Ports

(Selectable)

VLAN ID

(Modiﬁable)

Configure Ports (Toggle)

Display the VLAN IDs currently conﬁgured and may be selected after the screen is saved to call up the Protocol Ports Conﬁguration screen using the ENTER key.

Display the protocol type associated with the VLAN ID in the VLAN ID column. This ﬁeld may be selected after the screen is saved to call up the Protocol P orts Conﬁguration screen.

Indicate if a VLAN ID and Protocol Type applies to all conﬁgurable ports or only those listed in the Protocol Ports Conﬁguration screen for that Priority and Protocol Type. Conﬁgurable ports are all the physical ports and existing virtual interfaces (such as for ATM).

Enter the VLAN ID which will be assigned to a protocol. The VLAN ID ma y be one already created or a ne w one . If a new VLAN ID is entered, it will be added to the VLAN Conﬁguration with a FID of the same value as the VLAN ID and a VLAN name of PROTOCOL VLAN. To enter the VLAN IDs, refer to Section 3.8.2.

Apply the priority and protocol type to all or none of the conﬁgurable ports. The choices are:

ALL PORTS NO PORTS NOTE: If ports are added or removed from the port list in

the Priority Ports Conﬁguration screen described in

Section 3.9, the Conﬁgured Ports for the particular VLAN

ID and Protocol Type will change from ALL PORTS or NO PORTS to USER DEFINED PORT LIST in the Protocol Priority Conﬁguration screen

3-26 802.1Q VLAN User’s Guide

Page 53

Protocol VLAN Conﬁguration Screen

Table 3-6 Protocol VLAN Conﬁguration Screen Field Deﬁnitions (Cont’d) Use this ﬁeld … To …

Protocol Type

(Selectable)

Feature Status (Toggle)

Select one of the following protocol types: IP – pertains to all IP associated Ether Types (i.e.,

0x0x0800, 0x0806, and, 0x8035). IPX – pertains to all IPX associated Ether Types (i.e.,

0x8137, 0x8138, and special cases, 0x0100 [LLC Type 1 Encapsulation] and 0x0101 [LLC Type 2 Encapsulation]).

Appletalk – pertains to all Appletalk associated Ether Types (i.e., 0x809B and 0x80F3).

Netbios – pertains to all Netbios associated Ether Types (i.e. 0x0102).

Banyan Vines – pertains to all Banyan Vines associated Ether Types (i.e., 0x0103 and 0x0BAD).

DECNET – pertains to all DECNET associated Ether Types.

CUSTOM – when this ﬁeld is chosen, Ether Type “0x0” displays so the user can input a particular Ether Type.

NOTE: Any Ether type selected or entered in the Ether type ﬁeld and saved will become part of the selection in the protocol ﬁeld.

For details, refer to Section 3.8.1. Enables or disables the entries. The entries can be made

but are not affectiv e until this ﬁeld is set to ENABLED. The choices for this ﬁeld are:

ENABLED DISABLED

Action

(Toggle)

Used to add or delete an entry (Priority) and its protocol. This ﬁeld toggles between [ADD/MODIFY] and [DELETE].

ADD/MODIFY– adds the new Priority and Protocol Type entries (for example, Priority [0] and Protocol Type [Banyan Vines]).

DELETE – deletes an existing entry with the associated priority (for example, Priority [0] and Protocol Type [Banyan Vines]).

802.1Q VLAN User’s Guide 3-27

Page 54

Chapter 3: VLAN Conﬁguration

Table 3-6 Protocol VLAN Conﬁguration Screen Field Deﬁnitions (Cont’d) Use this ﬁeld … To …

Ether type

(Modiﬁable)

Enter the values of a new Ether type when CUSTOM is selected in the Protocol Type ﬁeld.The value 0x0 will display, which can be modiﬁed. A protocol may ha v e more that one Ether Type. Any Ether Type greater than 05dc (hex) and less than ffff (hex) may be entered. The maximum number of Ether Types conﬁgured per switch is

32. If an attempt is made to enter more that 32, an error message, “ETHER TYPE T ABLE FULL” displays.

To enter values of a particular Ether Type, refer to

Section 3.8.2.

3.8.1 Displaying the Current Protocol, VLAN ID, and

Port Assignments

In some instances it may be desirable to see which VLAN IDs and the associated ports that are currently assigned to a particular protocol. To display this information, proceed as follows:

1. Use the arrow keys to highlight the Protocol field at the bottom of the

screen.

2. Press the SPACE bar to step to the appropriate protocol.

3. Press ENTER. The screen displays all VLAN IDs and associated ports

currently assigned to the selected protocol.

4. If there is more information than the screen can display, use the NEXT

and PREVIOUS command at the bottom of the screen to display the information.

3.8.2 Assigning a Protocol Family to a VLAN ID

To assign all Ether Types associated with a Protocol Family to a VLAN ID, proceed as follows:

NOTE

3-28 802.1Q VLAN User’s Guide

The list of Ether Type conﬁgurations is searched prior to the list of “Protocol F amily” conﬁgurations when a frame is received on a switch. This means that if Ether T ype of 0x0800 is conﬁgured on port 10 with VID of 5 and IP is conﬁgured on port 10 with VID of 6, the incoming frame will receive the VID 5 as Ether Types have priority over “Protocol Family”.

Page 55

Protocol VLAN Conﬁguration Screen

1. Use the arrow keys to highlight the VLAN ID field at the bottom of

the screen.

2. Enter the VLAN ID. If a new VLAN ID is entered that has not been

created on the switch, use a unique number between 2 and 4094. The VLAN IDs of 0, 1, and 4095 may not be used for user-defined VLANs. A FID will automatically be assigned to the new VLAN ID. The FID assigned will have the same value.

If an illegal number is entered, the Event Message Line will display: ”PERMISSIBLE RANGE FOR VLAN IDS: 2 to 4094” and the field will refresh with the previous value.

NOTE

Each VLAN ID must be unique. If a duplicate VLAN ID is entered, the switch assumes that the Administrator intends to modify the existing VLAN.

3. Use the arrow keys to highlight the Protocol field at the bottom of the

screen.

4. Use the SPACE bar to step to the appropriate protocol type; IP, IPX,

Appletalk, Netbios, Banyan Vines, DECNET, or CUSTOM. If CUSTOM is selected, Ether Type 0x0 displays. The user’s own Ether Type can then be entered if necessary.

NOTE

TIP

Any Ether Type entered in the Ether Type ﬁeld and saved will become part of the selection in the Protocol ﬁeld.

To see if there are VLANs currently assigned to the Protocol displayed in the Protocol ﬁeld, press ENTER.

5. Use the arrow keys to highlight the Configure Ports field near the

bottom of the screen.

6. Press the SPACE bar to toggle the field to apply the VLAN ID and

Protocol Type entries to either ALL PORTS or NO PORTS.

802.1Q VLAN User’s Guide 3-29

Page 56

Chapter 3: VLAN Conﬁguration

7. If CUSTOM was selected in the Protocol Type field, use the arrow

keys to highlight the Ether type field. Otherwise, go to step 9.

8. Enter your particular protocol type in the Ether type field.

9. Use the arrow keys to highlight the Action field.

10. Press the SPACE bar to toggle the field to either ADD/MODIFY or

DELETE the settings selected in the VLAN ID and Protocol Type fields.

11. Press ENTER and the new settings are displayed under the VLAN ID,

Protocol Type, and Configured Ports values.

12. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

13. Press ENTER. The message “SAVED OK” displays and the settings

are saved. A particular line of data displayed may now be highlighted to display the Protocol Ports Configuration screen, as described in

Section 3.8.3, to view, add, or delete ports from the priority in the

highlighted line.

3.8.3 Displaying the Protocol Types on Current Ports

To display the current ports and port types associated with a VLAN ID, the Protocol Ports Conﬁguration screen must be displayed. While in that screen, ports and their port type may be added to, or current ones deleted from, the VLAN ID. To access the Protocol Ports Conﬁguration screen, proceed as follows:

1. Highlight the line of information containing the VLAN ID of interest

to display the current ports and port types associated with that VLAN ID. The entries in the line of information must have been saved before you can select it to display the Protocol Ports Conﬁguration screen.

2. Press ENTER. The Protocol Ports Conﬁguration screen displays,

showing all current ports and port types associated with that VLAN ID. For more information about the Protocol Ports Conﬁguration screen and how to use it, refer to Section 3.9.

3-30 802.1Q VLAN User’s Guide

Page 57

Protocol Ports Conﬁguration Screen

3.9 PROTOCOL PORTS CONFIGURATION SCREEN

When to Use

To display the current ports and port types associated with a VLAN and protocol selected in the Protocol VLAN Conﬁguration screen described in

Section 3.8.

NOTE

can be used to access the Protocol Ports Conﬁguration screen as described below.

How to Access

Use the arrow keys to highlight a line of information under the VLAN ID/Protocol Type/Conﬁgured Ports BitMap columns in the Protocol Priority Conﬁguration screen and press ENTER. The Protocol Ports Conﬁguration screen displays.

Screen Example

6C105 LOCAL MANAGEMENT

Protocol Ports Configuration

The line of information selected must have been sa ved bef ore it

Module Type: xxxxx-xx Slot Number: xx

Current Protocol Ports 15

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

Port Type Ethernet

ATM PVC VCI-1 VPI-23

VLAN ID : Port: [ 31]

Protocol: 0X800

ATM PVC VCI-1 VPI-23

[ DELETE ALL PORTS ]

EXITSAVE PREVIOUS NEXT

RETURN

2599_24

Figure 3-10 Protocol Ports Conﬁguration Screen

802.1Q VLAN User’s Guide 3-31

Page 58

Chapter 3: VLAN Conﬁguration

Field Deﬁnitions

Table 3-7 Protocol Ports Conﬁguration Screen Field Deﬁnitions Use this ﬁeld … To …

Current Protocol Ports

(Read-Only)

Port T ype

(Read-Only)

VLAN ID

(Read-Only)

Protocol

(Read-Only)

Port

(Selectable)

DELETE ALL PORTS

(Selectable)

Display the current ports associated with the VLAN ID.

Display the Port Type associated with the port in the Current Ports column.

Display the VLAN ID that is in the line of information highlighted in the Protocol VLAN Conﬁguration screen.

Display the protocol in the line of information highlighted in the Protocol VLAN Conﬁguration screen.

Step through the ports to select a port to add of deleted from the VLAN ID shown in the VLAN ID ﬁeld. When a port is displayed the associated port type is displayed to the right of the port number. In Figure 3-10, the port is 31 and the associated port type is, ATM PVC VCI-1 VPI-23.

Add or delete a port selected in the Port ﬁeld of the VLAN ID displayed, or add all ports to, or deleted all ports that are conﬁgurable on the device. All ports includes, all physical and virtual ports such as ATM ports if supported. In Figure 3-10, the priority is “0”. The selections are as follows:

ADD PORT – adds the port selected in the Port ﬁeld. ADD ALL PORTS – adds ALL PORTS that are

conﬁgurable to the VLAN ID shown in the VLAN ID ﬁeld. DELETE PORT – deletes the port selected in the Port

ﬁeld. DELETE ALL PORTS – deletes ALL PORTS that are

conﬁgurable from the VLAN ID shown in the VLAN ID ﬁeld.

3-32 802.1Q VLAN User’s Guide

Page 59

Quick VLAN Walkthr ough

3.9.1 Adding/Deleting Ports Associated with a VLAN ID

To add or delete ports from a VLAN, proceed as follows:

1. Use the arrow keys to highlight the Port field.

2. Press the SPACE bar to step to the appropriate port number. The

associated protocol is displayed for that port.

3. Use the arrow keys to highlight the DELETE ALL PORTS field.

4. Press the SPACE bar to step to the appropriate selection to ADD

PORT , ADD ALL POR TS, DELETE PORT , or DELETE ALL PORTS from the VLAN ID shown in the VLAN ID ﬁeld.

5. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

6. Press ENTER. The message “SAVED OK” displays and the settings

are saved.

3.10 QUIC K VLAN WALKTHROUGH

The procedures below provide a short tutorial walkthrough that presents each of the steps necessary to conﬁgure a new VLAN, assign a port to it, and check the Port VLAN List of the port. You may wish to follow this walkthrough from start to ﬁnish before attempting to conﬁgure your own VLANs.

This walkthrough begins at the 802.1Q VLAN Conﬁguration Menu screen for a 6C105 chassis. Follow the instructions in your device user’s guide to navigate to this Local Management screen.

NOTE

The screens displayed by your devices may be marginally different from those shown in the illustrations for this walkthrough.

1. On the 802.1Q VLAN Conﬁguration Menu screen, use the arrow keys

to highlight the DEVICE VLAN CONFIGURATION menu item. Press ENTER. The Device VLAN Configuration screen displays.

2. In this walkthrough, we will not change the setting of the Forward

Default VLAN Out All Ports fields from their default setting of NO.

802.1Q VLAN User’s Guide 3-33

Page 60

Chapter 3: VLAN Conﬁguration

3. Use the arrow keys to highlight the VLAN ID field. Assign a number

to a new VLAN by typing the number “2” in the VLAN ID field.

4. Use the arrow keys to highlight the FID field. In this example we will

assign the new VLAN to FID 2 by typing the number “2” in the FID field.

5. Use the arrow keys to highlight the VLAN Name field. Type “TEST

VLAN” in the VLAN Name field. Press ENTER.

6. Use the arrow keys to highlight the ADD/DEL field.

7. Press the SPACE bar to toggle the field to ADD. Press ENTER. The

VLAN is added to the list.

8. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The message “SAVED OK” displays. The screen refreshes and VLAN 2, the TEST VLAN has been added to the Device VLAN Configuration screen and all learning of MAC addresses will be updated in FID 2. The screen should now look like

Figure 3-11.

NOTE

3-34 802.1Q VLAN User’s Guide

This new VLAN is currently disabled, as the DISABLED ﬁeld to the far right shows. When all the rules and settings for the VLAN are in place, it will be necessary to return to this screen and enable the VLAN.

Page 61

Module Type: xxxxx-xx Slot Number: xx

Quick VLAN Walkthr ough

6C105 LOCAL MANAGEMENT

Device/VLAN Configuration

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

Forward Default VLAN Out All Ports: [NO]

EXIT

Admin Status

[Enabled] [Disabled]

RETURN

25993-09

VLAN ID 1 2

VLAN ID: 1 FID: 2 VLAN Name: TEST VLAN [ADD]

SAVE

FID 1 2

VLAN Name DEFAULT VLAN TEST VLAN

Figure 3-11 Walkthrough Stage One

It is now time to assign a port to this new VLAN.

9. Use the arrow keys to highlight the RETURN command at the bottom

of the screen. Press ENTER. The 802.1Q VLAN Configuration Menu screen displays. Use the arrow keys to select the PORT ASSIGNMENT CONFIGURATION menu item and press ENTER. The Port Assignment Configuration screen displays.

NOTE

For the purposes of this walkthrough, port 3 will be conﬁgured.

10. Use the arrow keys to highlight the VLAN ID field for the module and

port combination you wish to change.

NOTE

802.1Q VLAN User’s Guide 3-35

As this port will connect to a single workstation, and is not to be used for switch-to-switch communications, it is not necessary to change the PORT MODE from the default setting of HYBRID.

Page 62

Chapter 3: VLAN Conﬁguration

11. Use the SPACE bar to step sequentially through the previously

configured VLAN ID numbers. When the number 0002 (the new VLAN ID) is displayed, the FID field updates to 0002, and the VLAN

Name field updates showing the name assigned to this VLAN, TEST VLAN.

12. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. The PVID for Port 3 is now configured to the TEST VLAN. The TEST VLAN is also added to the Port VLAN List for Port 3 with a frame format of Untagged. The screen should now look like Figure 3-12.

6C105 LOCAL MANAGEMENT

Port Assignment Configuration

Module Type: xxxxx-xx Slot Number: xx

Port

1 2 3 4 5 6 7 8 9 10 11 12

Port Mode

[1D TRUNK] [1Q TRUNK] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID]

VLAN ID

[0001]

[0001] [0002] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001]

FID

0001 0001 0002 0001 0001 0001 0001 0001 0001 0001 0001 0001

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

VLAN Name

Default VLAN Default VLAN TEST VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN Default VLAN

SAVE PREVIOUS NEXT

EXIT

RETURN

25992-10

Figure 3-12 Walkthrough Stage Two

Now that port 3 belongs to the TEST VLAN, we will designate one port as a 1Q Trunk port for a connection to another VLAN aware switch. This 1Q Trunk port will carry trafﬁc from all VLANs, allowing VLAN frames to maintain their VLAN ID across multiple switches.

NOTE

3-36 802.1Q VLAN User’s Guide

For the purposes of this walkthrough, port 10 will be conﬁgured as the trunk port.

Page 63

Quick VLAN Walkthr ough

13. Use the arrow keys to highlight the Port Mode field for port 10. Use

the SPACE bar or BACKSPACE key to step sequentially through the possible settings of the port until 1Q TRUNK is displayed.

14. Use the arrow keys to highlight the SAVE command at the bottom of

the screen. Press ENTER. Port 10 is now acting as a 1Q Trunk port and every VLAN is in its Port VLAN List. The frame format for every VLAN is also set to tagged. The screen should now look like

Figure 3-13.

6C105 LOCAL MANAGEMENT Port Assignment Configuration

Module Type: xxxxx-xx Slot Number: xx

Port

1 2 3 4 5 6 7 8 9 10 11 12

Port Mode

[HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [HYBRID] [1Q TRUNK] [HYBRID] [HYBRID]

VLAN ID

[0001]

[0001] [0002] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001] [0001]

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

VLAN Name

DEFAULT VLAN DEFAULT VLAN TEST VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN DEFAULT VLAN

SAVE PREVIOUS NEXT

EXIT

RETURN

25991-11

Figure 3-13 Walkthrough Stage Three

Now that the TEST VLAN and the 1Q Trunk connection are set up, we can proceed to activate the TEST VLAN.

802.1Q VLAN User’s Guide 3-37

Page 64

Chapter 3: VLAN Conﬁguration

15. On the 802.1Q VLAN Main Menu screen, use the arrow keys to

highlight the DEVICE VLAN CONFIGURATION menu item. Press ENTER. The Device VLAN Configuration screen, Figure 3-14, displays.

6C105 LOCAL MANAGEMENT

Device/VLAN Configuration

Module Type: xxxxx-xx Slot Number: xx

Forward Default VLAN Out All Ports: [NO]

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

EXIT

Admin Status

[Enabled] [Enabled]

RETURN

25993-12

VLAN ID 1 2

VLAN ID: 1 FID: 2 VLAN Name: DEFAULT VLAN [ADD]

SAVE

FID 1 2

VLAN Name DEFAULT VLAN TEST VLAN

Figure 3-14 Walkthrough Stage Four

16. Use the arrow keys to highlight the Admin Status field of

VLAN ID 2, the TEST VLAN.

17. Press the SPACE bar to toggle the field to display Enabled.

18. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

19. Press ENTER. The message “SAVED OK” displays. The switch

activates the new VLAN.

This effectiv ely completes the conﬁguration of a single VLAN, assigning it to a port, and conﬁguring the switch to forward the frames received on that port to be forwarded with the VLAN information included in the frame.

3-38 802.1Q VLAN User’s Guide

Page 65

Quick VLAN Walkthr ough

The Port VLAN List of any port on the device can also be checked at any time using the Port Filtering Conﬁguration screen. A list of all ports eligible to transmit frames for a given VLAN will also be listed on the VLAN Forwarding Conﬁguration screen. Each port can also be set to ﬁlter out (drop) incoming frames that have VLAN tags that do not match with any of those in its Port VLAN List, and also ﬁlter out all untagged frames received by the port. As a default neither function is activated.

In this walkthrough, we will show how to display the Port VLAN List of port 10 and set the port to ﬁlter out all untagged frames that it receives.

20. On the 802.1Q VLAN Main Menu screen, use the arrow keys to

highlight the PORT FILTERING CONFIGURATION menu item. Press ENTER. The Port Filtering Configuration screen displays.

21. Use the arrow keys to highlight the Port field.

22. Press the SPACE bar to step the field to display 2.

23. Use the arrow keys to highlight the Filter All Untagged Frames field.

24. Press the SPACE bar to toggle the field to display YES.

25. Use the arrow keys to highlight the SAVE command at the bottom of

the screen.

26. Press ENTER. The message “SAVED OK” displays. The Port

Filtering Configuration screen displays the Port VLAN List for port 2 and the Filtering All Untagged Names field is set to YES as shown in

Figure 3-15.

802.1Q VLAN User’s Guide 3-39

Page 66

Chapter 3: VLAN Conﬁguration

6C105 LOCAL MANAGEMENT

Port Filtering Configuration

Module Type: xxxxx-xx Slot Number: xx

Port VLAN List

VLAN ID 0001 0001

VLAN Name DEFAULT VLAN 1Q TRUNK

Firmware Revision: XX.XX.XX BOOTPROM Revision: XX.XX.XX

Port : [10]

SAVE PREVIOUS NEXT

Filter Using VLAN Lists: [NO]

Filter All Untagged Frames: [YES]

EXIT

RETURN

25992-20

Figure 3-15 Final Walkthrough Stage

This effectively completes the displaying of the Port VLAN List and the setting of the port ﬁltering of all untagged frames.

3-40 802.1Q VLAN User’s Guide

Page 67

CHAPTER 4

EXAMPLES

This chapter provides examples of how VLAN aware SmartSwitches can be conﬁgured to group users at the port level to create VLANs in existing networks. Each example presents a problem and shows how it is solved by conﬁguring the switches using the VLAN Local Management screens. The actual procedures and screens used to conﬁgure a VLAN aware switch are covered in Chapter 3, VLAN Conﬁguration. Also provided in the discussion of each example is a description of how the frames transmitted from one user would traverse the network to its target device.

4.1 EXAMPLE 1, SINGLE SWITCH OPERATION

This ﬁrst example looks at the conﬁguration of a single Ethernet switch for VLAN operation. In this example, two groups of three users are to be assigned to two VLANs to isolate them from one another. The blue users (B1, B2, B3) are to be kept completely separate from the red users (R1, R2, R3). Figure 4-1 shows the initial state of the switch.

802.1Q Switch

Figure 4-1 Example 1, Single Switch Operation

802.1Q VLAN User’s Guide 4-1

3 6

B3R1

2263_11

Page 68

Chapter 4: Examples

4.1.1 Solving the Problem

To set up this switch, users will be assigned to two new VLANs, red stations to the Red VLAN, and blue stations to the Blue VLAN. The information below describes how the switch is conﬁgured to create these two VLANs and how users are assigned to them.

1. First, the switch is set for 802.1Q operation. Since traffic isolation is

to be based on VLAN membership alone, the switch is set so the Red VLAN is a member of FID 2 and the Blue VLAN is a member of FID 3 from the Device/VLAN Configuration screen.

2. The Administrator uses the Device/VLAN Configuration screen to

define the two VLANs for this switch; the Red VLAN, with a VLAN ID of 002, and the Blue VLAN, with a VLAN ID of 003.

3. The Administrator brings up the Port Assignment Configuration

screen and assigns the ports to the VLANs.

• Ports 1, 2, and 3: VLAN ID 002 (Red VLAN)

• Ports 4, 5, and 6: VLAN ID 003 (Blue VLAN)

4. Now that the ports have been assigned, the VLANs are enabled from

the Device/VLAN Configuration screen.

802.1Q Switch

VLAN ID 002

VLAN ID 003

Figure 4-2 Switch Conﬁgured for VLANs

4-2 802.1Q VLAN User’s Guide

3 6

VLAN ID 003VLAN ID 002

B3R1

2263_12

Page 69

Example 1, Single Switch Operation

The switch will now classify each frame received as belonging to either the Red or Blue VLANs. T raf ﬁc from one VLAN will not be forwarded to the members of the other VLAN, and all frames transmitted by the switch will be normal, untagged Ethernet frames.

4.1.2 Frame Handling

This section describes the operations of the switch when two frames are received. The ﬁrst frame is a broadcast sent by station R1.

1. Station R1 transmits the broadcast frame. The switch receives this

frame on Port 1. As the frame is received, the switch classifies it. The frame is untagged, so the switch classifies it as belonging to the VLAN that Port 1 is assigned to, the Red VLAN.

2. At the same time, the switch adds the source MAC address of the

frame and the VLAN associated with port 1 to its Source Address Table in FID 2. In this fashion it learns that station R1 is located out Port 1.

3. Once the frame is classified, its destination MAC address is examined.

The switch discovers that the frame is a broadcast, and treats it as it would any other unknown destination MAC address. The switch forwards the frame out all ports in the Red VLAN’s Forwarding List except for the one that received the frame. In this case, the frame is sent to Ports 2 and 3.

The second frame is a unicast, where station R2 responds to station R1’s broadcast.

4. Station R2, having received and recognized the broadcast from R1,

transmits a unicast frame as a response. The switch receives this frame on Port 2. The switch classifies this new untagged frame as belonging to the Red VLAN.

5. The switch adds the source MAC address and VLAN for station R2 to

its Source Address Table in FID 2, and checks the Source Address Table for the destination MAC address given in the frame. The switch finds the MAC address and VLAN in this table, and recognizes that the MAC address and VLAN match for R1 is located out Port 1.

802.1Q VLAN User’s Guide 4-3

Page 70

Chapter 4: Examples

6. The switch examines its VLAN configuration information and

determines that the frame for Red VLAN is allowed to be forwarded out Port 1 and that it must be sent in an untagged format.

7. The switch forwards the frame out Port 1. Any other unicast

transmissions between stations R1 and R2 will be handled identically.

4.2 EXAMPLE 2, VLANS ACROSS MULTIPLE

SWITCHES

This second example investigates the steps that must be taken to set up VLANs across multiple 802.1Q VLAN switches. This includes the conﬁguration and operation of 1Q Trunks between 802.1Q VLAN switches.

As shown in Figure 4-3, two companies, “Redco” and “Blue Industries”, share ﬂoors 2 and 4 in a building where the network infrastructure is supplied by the building owner. The objective is to completely isolate the network trafﬁc of the two companies by limiting the user’s trafﬁc through the ports of two switches, thus maintaining security and shielding the network trafﬁc from each company. This example will show the use and conﬁguration of a 1Q Trunk connection and the creation of VLANs across multiple switches.

4-4 802.1Q VLAN User’s Guide

Page 71

Example 2, VLANs Across Multiple Switches

Redco

User A

Floor 4

Floor 3

Blue Industries

File Server

Floor 2

Blue Industries

Bridge 1 Bridge 2

Red VLAN

Bridge 3

Blue VLAN

Redco

Blue VLAN

Bridge 4

Red VLAN

File Server

Floor 1

User 802.1D Legacy Bridge 802.1Q VLAN Aware Switch

File Server

22632_13

Figure 4-3 Example 2, VLANs Across Multiple Switches

4.2.1 Solving the Problem

To solve the problem in this example, the users are assigned to VLANs using Switch 4 and Switch 2 as shown in Figure 4-3. Redco users are assigned to the Red VLAN and Blue Industries users to the Blue VLAN. The following information shows how Switch 4 and Switch 2 are conﬁgured to create the two VLANs to isolate the users of the two companies from one another on the network using the existing infrastructure.

802.1Q VLAN User’s Guide 4-5

Page 72

Chapter 4: Examples

Switch 4

Switch 4 is set as follows:

1. Two VLANs are added to the list of VLANs in the Device/VLAN

Configuration screen and assigned to a FID. In this example they are as follows:

• VLAN ID 2, FID 2, with a VLAN Name of Red

• VLAN ID 3, FID 3, with a VLAN Name of Blue

Because the VLANs are assigned to two separate FIDs, the users on VLAN ID 2 and VLAN ID 3 cannot communicate with each other.

2. Ports 1 and 3 are assigned to the Port VLAN ID (PVID) as follows

using the Port Assignment Configuration screen:

• Port 1, VLAN ID: 2 for the Red VLAN

• Port 3, VLAN ID: 3 for the Blue VLAN

This causes the switch to classify all untagged frames received as belonging to the VLAN specified by each port PVID and to replace the previous PVID information in the port VLAN List with the new PVID information. This makes Port 1 part of the Red VLAN, Port 3 part of the Blue VLAN, and both are set as VLAN frame format of untagged.

3. Port 4 is configured as a 1Q Trunk port as follows using the Port

Assignment Configuration screen:

• Port Mode: 1Q Trunk

Port 4 is set as an 802.1Q Trunk port, which makes the port eligible to transmit to all VLANs, and all frames forwarded out this port are forwarded as tagged frames. By default there is no PVID associated with the trunk port and the port remains as a member of the Default VLAN. With the original classification information inserted in the frame Tag Header, the receiving switch will maintain the original frame classification.

4-6 802.1Q VLAN User’s Guide

Page 73

Example 2, VLANs Across Multiple Switches

Switch 2

Switch 2 is set as follows:

1. Two VLANs are added to the list of VLANs using the Device/VLAN

Configuration screen and assigned to a FID. In this example they are as follows:

• VLAN ID 2, FID 2, with a VLAN Name of Red

• VLAN ID 3, FID 3, with a VLAN Name of Blue

2. A Port VLAN ID is assigned to each port (1 and 3) as follows using

the Port Assignment screen:

• Port 1, VLAN ID: 223 for the Blue VLAN

• Port 3, VLAN ID: 222 for the Red VLAN

These settings change the configuration of the switch, so that Port 1 is part of Blue VLAN, Port 3 is part of Red VLAN, and both are set as frame type of untagged.

3. Port 2 is configured as a 1Q Trunk port as follows using the Port

Assignment Configuration screen:

• Port 2, Port Mode: 1Q Trunk

Port 2 is set as an 802.1Q Trunk port, which makes its Port VLAN List contain all VLANs and sets all frames forwarded out this port as tagged frames. This completes the transmission path between Switch 4 and Switch 2.

802.1Q VLAN User’s Guide 4-7

Page 74

Chapter 4: Examples

4.2.2 Frame Handling

The following describes how, when User A attempts to log on to the File Server on Bridge 4, the frames from User A are classiﬁed on Switch 4 and traverse the network. In this example, the MAC address of User A is “Y” and the MAC address for the File Server is “Z”. The following description includes illustrations to help understand how the frames ﬂow through the network.

1. User A sends a frame with a Broadcast Destination Address in an

attempt to locate the File Server. The frame is received on User A’s port of Bridge 1 and, because the frame is a broadcast frame, it is transmitted out all ports of Bridge 1 as shown in Figure 4-4.

Redco Blue Industries

Bridge 2

Blue VLAN

Floor 4

User A

Bridge 1

Red VLAN

2263_14

Figure 4-4 Bridge 1 Broadcasts Frames

2. Switch 4 receives the frame from Bridge 1 and immediately classifies

it as belonging to the Red VLAN. After the frame is classified, Switch 4 checks the Destination Address and, upon discovering that it is a Broadcast Destination Address, forwards the frame out all ports in the Red VLAN Forwarding List excluding Port 1, which received the frame. In this example, it is only Port 4.

Switch 4 updates its Source Address Table in FID 2 if it didn’t already have a dynamic entry for MAC address “Y” in FID 2. Because Switch 4 received the frame on Port 1, it does not forward the frame out that port, but does forward the frame to Port 4.

The frame is transmitted to Switch 2 with a VLAN Tag Header inserted in the frame. The VLAN Tag Header indicates that the frame is classified as belonging to the Red VLAN. Figure 4-5 shows the path taken to this point to reach Switch 2.

4-8 802.1Q VLAN User’s Guide

Page 75

Example 2, VLANs Across Multiple Switches

The VLAN Tag Header is inserted because Switch 4, Port 4 is designated as an 802.1Q Trunk port. In this case, the Port Mode setting for Port 4 is 802.1Q Trunk and the VLAN Frame format for that VLAN is tagged.

Redco

User A

Floor 4

Floor 3

Blue Industries

Floor 2

Blue Industries

Bridge 1 Bridge 2

Red VLAN

Bridge 3

Blue VLAN

Redco

Blue VLAN

Bridge 4

Red VLAN

Figure 4-5 Transmitting to Switch 4

File Server

22631_15

3. When Switch 2 receives the tagged frame on its Port 2, it checks the

frame’s VLAN Tag Header and determines that the frame is classified as belonging to the Red VLAN, and that the frame is a broadcast frame. Switch 2 forwards the frame to all ports in the Red VLAN Forwarding List excluding Port 2, which received the frame. In this example, the only eligible port is Port 3, which connects to Bridge 4. Switch 2 checks its Forwarding List, which specifies that the VLAN frame type for that port is untagged. Switch 2 then updates its Source Address Table in FID 3 for MAC address “Y” if necessary. The untagged frame is then transmitted out Port 3 to Bridge 4. Bridge 4 forwards the frame out all its ports because it is a broadcast frame, and the server receives it as shown in Figure 4-6.

802.1Q VLAN User’s Guide 4-9

Page 76

Chapter 4: Examples

Floor 3

Blue Industries

Bridge 3

Blue VLAN

Redco

Bridge 4

Red VLAN

File Server

Floor 2

Figure 4-6 Transmitting to Bridge 4

2263_16

4. The File Server responds with a unicast frame to User A. All switches

between the File Server and User A have an entry in their respective Source Address Tables identifying which port to use for forwarding the frame to User A, MAC address “Y” in FID 3. All switches update their Source Address Tables for the File Server’s MAC address “Z” as the frame is forwarded through the switch fabric to User A. The

802.1D switches update their Source Address Tables based on the source MAC address and receive port and the 802.1Q switches update their databases based on the source MAC address, VLAN, and receive port.

5. The frame from the File Server is received on Switch 2, and forwarded

to Switch 1 as a tagged frame classified as belonging to the Red VLAN. Switch 1 removes the tag and forwards the frame to Bridge 1, which in turn forwards the frame out of the port attached to User A. All subsequent frames between User A and the File Server are forwarded through the switch fabric in the same manner.

4.3 EXAMPLE 3, 1D TRUNK CONNECTION TO 802.1Q

VLAN NETWORK

This example illustrates the use of a 1D Trunk to connect a device to a network of 802.1Q VLAN switches.

In this example, a merger has taken place between the companies in the previous example, Redco and Blue Industries. The two companies have become divisions within a single corporation, Green Incorporated.

4-10 802.1Q VLAN User’s Guide

Page 77

Example 3, 1D Trunk Connection to 802.1Q VLAN Network

As illustrated in Figure 4-7, a third group of stations, the Green Incorporated staff, is added to the facility. Also, the Green Incorporated Network Administrators want to add a Mail Server to the network on the ﬁrst ﬂoor.

User B

Floor 4

Floor 3

Floor 2

Green Incorporated.

Bridge 1 Bridge 2

Red VLAN

Bridge 3

Blue VLAN

Green VLAN

Blue VLAN

Bridge 4

Red VLAN

Mail Server

File Server

Floor 1

User 802.1D Legacy Bridge 802.1Q VLAN-Aware Switch

Server

22631_17

Figure 4-7 Example 3, 1D Trunk Connection to 802.1Q VLAN Network

The Green Incorporated Network Administrators want to continue to separate normal network trafﬁc between the Blue and Red VLANs, and create a new isolated VLAN for Green, Incorporated users. All divisions in the facility are to have equal access to the Mail Server on the ﬁrst ﬂoor.

802.1Q VLAN User’s Guide 4-11

Page 78

Chapter 4: Examples

4.3.1 Solving the Problem

Much of the existing network conﬁguration can remain as it was for

Example 2, VLANs Across Multiple Switches. However, the Forward

Default VLAN Out All Ports must be set to YES on Switch 4 and 2, and a new 1Q Trunk port must be activated and conﬁgured on Switch 2. There are no other real changes to the network above the ﬁrst ﬂoor.

Switch 4

Switch 4 is set as follows:

1. The Forward Default VLAN Out All Ports is set to YES using the

Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1. This allows all traffic received from the mail server via Switch 2 and Switch 1 to be received and classified to the Default VLAN of Switch 4.

Switch 2

Switch 2 is set as follows:

1. The Forward Default VLAN Out All Ports is set to YES using the

Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1.

2. The port mode of Port 4 is set using the Port Assignment screen:

• Port 4, Port Mode: 1Q Trunk

This causes Port 4 to be set as an additional 802.1Q Trunk port, which makes its Port VLAN List contain all VLANs, and all frames forwarded out this port are forwarded as tagged frames.

Switch 1

Switch 1 needs to be added to the network backbone to handle trafﬁc from the Green Incorporated network and the mail server. To accomplish this Switch 1 is conﬁgured as follows:

1. One VLAN is added to the list of VLANs in the Device/VLAN

Configuration screen. In this example, Switch 1 is set as follows:

• VLAN ID 4, FID 4, with a VLAN Name of Green

4-12 802.1Q VLAN User’s Guide

Page 79

Example 3, 1D Trunk Connection to 802.1Q VLAN Network

2. The Forward Default VLAN Out All Ports is set to YES using the

Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1.

3. A Port VLAN ID is assigned to Port 1 using the Port Assignment

screen, as follows:

• Port 1, VLAN ID: 224 for the Green VLAN

This setting changes the configuration of the switch, so that Port 1 is part of the Green VLAN and is set to transmit a frame type of untagged.

4. The port mode of Ports 2 and 3 are set using the Port Assignment

screen:

• Port 2, Port Mode: 1Q Trunk

• Port 3, Port Mode: 1D Trunk

Port 2 is set as an 802.1Q Trunk port, which makes the port eligible to transmit frames of all VLANs, and sets all frames forwarded out this port as tagged frames.

Port 3 is set as a 1D Trunk port, where frames classified as belonging to any VLAN are forwarded untagged, and received frames are classified as belonging to the Default VLAN. This allows the Mail Server to send/receive mail traffic to/from all VLAN users on the network backbone,

4.3.2 Frame Handling

The following describes how, when User B attempts to contact the Mail Server on Switch 1, the frames are classiﬁed on Switch 4 and traverse the network.

1. User B sends a broadcast frame in an attempt to contact the Mail

Server. The frame enters Bridge 1 and, being a broadcast, is forwarded to all ports. Bridge 1 learns User B’s MAC address from the Source Address field of the frame and adds it to its Source Address Table in FID 1.

802.1Q VLAN User’s Guide 4-13

Page 80

Chapter 4: Examples

2. Switch 4 receives the frame and classifies this new untagged frame as

belonging to the Red VLAN. Since the frame is a broadcast, it is forwarded to any ports that are classified as eligible to receive Red VLAN frames. Switch 4 also updates its Source Address Table for FID 1, identifying User B as being located out Port 1.

On Switch 4, the only port eligible to receive Red VLAN frames is Port 4, the 1Q Trunk. The frame is forwarded out Port 4 with the Red VLAN Tag header being added, as shown in Figure 4-8.

User B

Blue VLAN

2263_18

Floor 4

Bridge 1 Bridge 2

Red VLAN

Figure 4-8 Bridge 1 Broadcasts Frames

3. Switch 2 receives the tagged Red VLAN frame on Port 2, as shown in

Figure 4-9. The VLAN Tag in the frame is maintained, classifying the

frame as belonging to the Red VLAN. The switch forwards the broadcast frame out all the eligible ports, Ports 3 and 4. Switch 2 simultaneously updates its Source Address Table for FID 1 to reflect the location of User B (Port 2).

The frame forwarded out Port 3 has its VLAN Tag stripped before transmission, and it is passed to Bridge 4 as a normal broadcast frame. The frame that is transmitted out Port 4, the 1Q Trunk, retains its VLAN tag.

4-14 802.1Q VLAN User’s Guide

Page 81

Floor 3

Example 3, 1D Trunk Connection to 802.1Q VLAN Network

Floor 2

Bridge 3

Blue VLAN

Bridge 4

Red VLAN

File Server

2263_19

Figure 4-9 Switch 2 Forwards to 1Q Trunk

4. When Switch 1 receives the tagged broadcast frame, it also examines

the tag and classifies the frame as belonging to the Red VLAN. This broadcast frame is then sent to all ports eligible to receive Red VLAN frames. In this case only the 1D trunk, Port 3, is eligible, as it is considered a member of all VLANs for forwarding purposes. The VLAN Tag is stripped from the frame and the frame is transmitted out Port 3 as shown in Figure 4-10. The Source Address Table, FID 1 for Switch 1 is updated to contain User B.

Floor 2

Green, Inc.

Green VLAN

Mail Server

Floor 1

2263_20

Figure 4-10 Switch 1 Forwards to 1D Trunk

5. The Mail Server receives the broadcast frame and recognizes it. The

Mail Server responds with a unicast frame to User B. This frame crosses the 1D Trunk and is received by Switch 1. Switch 1 classifies the unicast frame as belonging to the Default VLAN (the only membership for the 1D Trunk port).

802.1Q VLAN User’s Guide 4-15

Page 82

Chapter 4: Examples

Switch 1 checks the Filtering Database for the MAC address of User B. User B’s MAC address is located, and Port 2 is identified as User B’s location. The frame is then checked for eligibility and frame format for Port 2. Since Port 2 is a 1Q Trunk port, it is eligible to transmit frames for all VLANs. The frame is tagged and transmitted out Port 2.

The switch also recognizes the MAC address of User B in its Source Address Table, FID 1, and updates that table to contain the MAC address and port combination of the Mail Server.

6. This tagged unicast frame is received by Switch 2. The frame is

already tagged as belonging to the Default VLAN, so no classification needs to be done. The switch recognizes User B’s MAC address in its Source Address Table, FID 1, and updates that table to contain the Mail Server’s MAC address and port combination.

The switch checks the Filtering Database for the MAC address of User B. User B’s MAC address is located, and Port 2 is identified as the location of User B. The frame is checked for eligibility and frame format for Port 2. Since Port 2 is a 1Q Trunk port, it is eligible to transmit frames for all VLANs. The frame is tagged and transmitted out port 2.

7. Switch 4 receives the frame on its 1Q Trunk port, Port 4, and examines

the frame’s Tag. The frame maintains its Default VLAN classification. The switch also refers to its Source Address Table, FID 1, to see if it can locate an entry for User B. User B is found to be located on Port 1. The switch also updates its Source Address Table, FID 1, with the port and MAC address combination for the Mail Server.

The switch examines the Filtering Database and locates the MAC address entry for User B and Port 1. The frame is then checked for eligibility and frame format for Port 1. As Port 1 is considered eligible to transmit to the Default VLAN, the frame is transmitted out Port 1 without a VLAN Tag.

8. Bridge 1 receives the frame and recognizes User B’s MAC address.

The frame is forwarded to the correct port and the bridge’s Source Address Table is updated with an entry for the Mail Server’s MAC address. User B receives the Mail Server’s response. Any further unicast traffic between the Mail Server and User B will be handled in the same fashion by the switches in the network.

4-16 802.1Q VLAN User’s Guide

Page 83

Example 4, Isolating Network Trafﬁc According to Protocol

4.4 EXAMPLE 4, ISOLATING NETWORK TRAFFIC

ACCORDING TO PROTOCOL

This ﬁnal example illustrates how to restrict AppleTalk protocol trafﬁc of a network to prevent unwanted multicast frames from slowing down the whole network and yet be able to send and receive frames associated with other protocols.

In this example, illustrated in Figure 4-7, the Publications Department is relocating from another site to the third ﬂoor. This netw ork will consist of six computers and a printer using several protocols including the AppleTalk protocol. A characteristic of the AppleTalk protocol is to send all frames as multicast frames. These multicast frames will be isolated to a VLAN (Grey VLAN) to prevent them from slowing down the other networks.

A second VLAN (Yellow VLAN) will be established to handle trafﬁc of other protocols. The Publications Department users will have access to the mail server on the ﬁrst ﬂoor along with the Red, Blue, and Green VLANs.

802.1Q VLAN User’s Guide 4-17

Page 84

Chapter 4: Examples

User B

Floor 4

Floor 3

Floor 2

Green, Inc.

Bridge 1 Bridge 2

Red VLAN

Bridge 3

Blue VLAN

Green VLAN

Blue VLAN

Publications

ellow VLAN

YYellow VLAN

Red VLAN

Mail Server

Bridge 4

4 5

Grey VLAN

Printer

File Server

Floor 1

User 802.1D Legacy Bridge 802.1Q VLAN-Aware Switch

Server

2599_18

Figure 4-11 Example 4, Isolating Trafﬁc According to Protocol

4.4.1 Solving the Problem

Much of the existing network conﬁguration can remain as it was for

Example 3, 1D Trunk Connection to 802.1Q VLAN Network. However,

Switch 3, Switch 5, and the devices that will make up Publication’s Grey VLAN have been added.

4-18 802.1Q VLAN User’s Guide

Page 85

Example 4, Isolating Network Trafﬁc According to Protocol

Switch 5 will be conﬁgured to isolate all AppleTalk protocol frame trafﬁc to the devices in the Grey VLAN and all other protocol trafﬁc to the Yellow VLAN. Switch 3 will link the trafﬁc from Switch 5 to the buildings network backbone.

Two 1Q Trunk ports must be activated and conﬁgured on Switch 3, and one 1Q Trunk port must be activated and conﬁgured on Switch 4.

Ports 2, 3, 4, 5, 6, 7, and 8 of Switch 5 are connected to the Publication Department devices. These ports will be conﬁgured to classify all AppleTalk frames into the AppleTalk VLAN (Grey). The same ports will also be conﬁgured to classify all other protocol frames into a second VLAN (Yellow). Port 1 will be assigned to the Yellow VLAN to handle the trafﬁc between Switch 3 and 5.

Switch 3

Switch 3 is set as follows:

1. One VLAN is added to the list of VLANs in the Device/VLAN

Configuration screen. In this example, Switch 3 is set as follows:

• VLAN ID 5, FID 5, with a VLAN Name of Yellow

2. The Forward Default VLAN Out All Ports is set to YES using the

Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port and all VLANs become members of FID 1.

3. A Port VLAN ID is assigned to Port 3 using the Port Assignment

screen, as follows:

• Port 3, VLAN ID: 5, FID 5

4. The port mode of Ports 2 and 4 are set using the Port Assignment

screen:

• Port 2, Port Mode: 1Q Trunk

• Port 4, Port Mode: 1Q Trunk

Ports 2, and 4 are set as 802.1Q Trunk ports, which makes these ports eligible to transmit frames of all VLANs, and sets all frames forwarded out these ports as tagged frames. This allows traffic from Switch 4 to reach Switch 2 on the network backbone.

802.1Q VLAN User’s Guide 4-19

Page 86

Chapter 4: Examples

Switch 5

Switch 5 is set as follows:

1. Two VLANs are added to the list of VLANs in the Device/VLAN

Configuration screen. In this example, it is set as follows:

• VLAN ID 5, FID 5, with a VLAN Name of Yellow

• VLAN ID 6, FID 6, with a VLAN Name of Grey

2. The Forward Default VLAN Out All Ports is set to YES using the

Device/VLAN Configuration screen. This adds the Default VLAN to the Port VLAN List of every switch port.

3. To allow all frames (except the AppleTalk frames, which will be

prevented in steps 4 and 5) from being transmitted out Port 1 to Switch 3 and the network backbone, Port VLAN IDs are assigned to all switch ports using the Port Assignment screen, as follows:

• Port 1, VLAN ID: 5 for the Yellow VLAN

• Port 2, VLAN ID: 5 for the Yellow VLAN

• Port 3, VLAN ID: 5 for the Yellow VLAN

• Port 4, VLAN ID: 5 for the Yellow VLAN

• Port 5, VLAN ID: 5 for the Yellow VLAN

• Port 6, VLAN ID: 5 for the Yellow VLAN

• Port 7, VLAN ID: 5 for the Yellow VLAN

• Port 8, VLAN ID: 5 for the Yellow VLAN

4. On the Protocol VLAN Configuration screen, the VLAN ID 6 of the

Grey VLAN is assigned to the AppleTalk protocol.

• VLAN ID 6, Protocol Type: AppleTalk, Status: ADD

This creates the protocol VLAN ID 6 that will handle only AppleTalk frames and enables ports to be assigned the this VLAN.

4-20 802.1Q VLAN User’s Guide

Page 87

Example 4, Isolating Network Trafﬁc According to Protocol

5. The AppleTalk frames must now be restricted to Ports 2 through 8 of

the Yellow VLAN. On the Protocol Ports Configuration screen, All ports except Port 1 are assigned to the AppleTalk protocol, as follows:

• Port 2, VLAN ID: 6, Protocol: AppleTalk

• Port 3, VLAN ID: 6, Protocol: AppleTalk

• Port 4, VLAN ID: 6, Protocol: AppleTalk

• Port 5, VLAN ID: 6, Protocol: AppleTalk

• Port 6, VLAN ID: 6, Protocol: AppleTalk

• Port 7, VLAN ID: 6, Protocol: AppleTalk

• Port 8, VLAN ID: 6, Protocol: AppleTalk

Any AppleTalk frame received on ports 2 through 8 will be broadcast to all other ports on Switch 5 associated with the AppleTalk protocol. For example, if Port 2 received a frame with the AppleTalk protocol, Switch 5 would only transmit the frame to Ports 2, 3, 4, 6, 7, and 8.

6. Use the VLAN Forwarding Configuration screen to assign Port 1 to

the Yellow VLAN and set the frame type to tagged. With this configuration, the frames transmitted on Port 1 are tagged as being from the Yellow VLAN.

If a frame associated with any protocol other than AppleTalk (for example, for the mail server) is received on any of the Ports 2 through 8, the frame would be part of the Yellow VLAN and transmitted out Port 1 as a tagged frame to Switch 3 and handled in the same manner as previously described in the previous examples to route the frame to the Mail Server on the first floor.

Any unicast frames received via Port 1 that are destined for a device in the Yellow VLAN are transmitted to the correct device. Any broadcast frames received via Port 1 are transmitted to all the devices in the Yellow VLAN and handled in a similar manner as previously described in Example 2.

802.1Q VLAN User’s Guide 4-21

Page 88

Chapter 4: Examples

4-22 802.1Q VLAN User’s Guide

Page 89

INDEX

Numerics

1D Trunk 1-6, 3-16, 4-10 1Q Trunk 1-5, 3-16, 4-4

Chapters

organization ix Configuration 2-2 Conventions x

Default VLAN 1-5 Device VLAN Configuration screen

ADD/DEL (Toggle) 3-9

Admin Status (Toggle) 3-9

FID - lower part of screen

(Modifiable) 3-9

FID - upper part of screen

(Read-Only) 3-9

VLAN ID - lower part of screen

(Modifiable) 3-9

VLAN ID - upper part of screen

(Read-Only) 3-9

VLAN Name - lower part of screen

(Modifiable) 3-9

VLAN Out All Ports (Toggle) 3-9

Examples 4-1

FID. See Filtering Database ID Filtering Database 1-5 Filtering Database ID 1-4 Forwarding list 1-5

adding entries 3-23

customizing 2-3

deleting entries 3-23

viewing 3-22 Forwarding mode

changing 3-13

Frame format

changing 3-24

Frames

tagged 1-5, 2-5 untagged 1-5, 2-4

Host data port 3-2, 3-3 Hybrid 3-15

Isolating Network Traffic According

to Protocol 4-17

Lists

Forwarding 1-5 Port VLAN 1-5

Local management. See managing the

switch

Managing the switch 3-1

when configured with VLANs 3-2 when not configured with

VLANs 3-1

Network Traffic

isolating 4-17

Organization of chapters ix Other manuals x

802.1Q VLAN User’s Guide Index-1

Page 90

Index

Port Assignment Configuration screen

FID (Read-Only) 3-15 Port Mode (Selectable) 3-15 VLAN ID (Selectable) 3-15 VLAN Name (Read-Only) 3-15

Port Filtering Configuration screen

Filter All Untagged Frames

(Toggle) 3-19

Filter Using VLAN Lists

(Toggle) 3-19

Port # (Selectable) 3-19 VLAN ID (Read-Only) 3-19 VLAN Name (Read-Only) 3-19

Port mode

1D Trunk 3-16 1Q Trunk 3-16 changing 3-15

Hybrid 3-15 Port VLAN list 1-5 Protocol

isolating network according to 4-17 Protocol Ports Configuration Screen

Current Ports - upper part of screen

(Read-Only) 3-32

DELETE ALL PORTS

(Selectable) 3-32

Port

(Selectable) 3-32

Port Type - upper part of screen

(Read-Only) 3-32 Priority (Read-Only) 3-32 Protocol (Read-Only) 3-32

Protocol VLAN Configuration

screen 3-24 Action (Toggle) 3-27 Configured Ports 3-26

Configured Ports BitMap - upper

part of screen

(Selectable) 3-26 Ether type (Modifiable) 3-28 Feature Status 3-27 Ports - upper part of screen

(Read-Only) 3-26 Protocol Type (Selectable) 3-27 VLAN ID - (Modifiable) 3-26 VLAN ID - upper part of screen

(Read-Only) 3-26

Related Documents x Remote management. See managing

the switch

Screens

802.1Q VLAN Configuration Menu

screen 3-5 Device VLAN Configuration

screen 3-8 Port Assignment Configuration

screen 3-14 Port Filtering Configuration

screen 3-17 Protocol VLAN Configuration

screen 3-24 VLAN Forwarding Configuration

screen 3-21

Station 2-1 Switch 2-1

Tag 1-5 Tag Header 1-5 Tagged frame 1-5, 2-5

Index-2 802.1Q VLAN User’s Guide

Page 91

Untagged frame 1-5, 2-4

VLAN

assigning ports 2-2 components 2-1 configuration 2-2 default VLAN 1-5 defining 2-2 definition 1-1 to 1-4 operation 2-3 terms 1-4 types 1-3

VLAN Configuration

deleting 3-12 disabling 3-12 enabling 3-12

VLAN Forwarding Configuration

screen ADD/DELETE (Toggle) 3-22 Current VLAN Ports

(Read-Only) 3-22 Frame Format - upper part of screen

(Read-Only) 3-22 Frame Type- lower part of screen

(Toggle) 3-22 Port (Selectable) 3-22 Port Type (Read-Only) 3-22 VLAN ID (Selectable) 3-22 VLAN Name (Read-Only) 3-22

VLAN ID 1-4

assigning 3-16

VLAN Local Management 3-4 VLAN name 1-4

Index

802.1Q VLAN User’s Guide Index-3

Page 92

Index

Index-4 802.1Q VLAN User’s Guide

Cabletron Systems 802.1Q User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

NOTICE

CONTENTS

FIGURES

TABLES

PREFACE

VIRTUAL LOCAL AREA NETWORKS

1.1 DEFINING VLANs

1.2 TYPES OF VLANs

1.2.1 802.1Q VLANs

1.2.2 SecureFast VLANs

1.2.3 Other VLAN Strategies

1.3 BENEFITS AND RESTRICTIONS

1.4 VLAN T ERMS

1.5 GETTING HELP

VLAN OPERATION

2.1 DESCRIPTION

2.2 VLAN COMPONENTS

2.3 CONFIGURATION PROCESS

2.3.2 Classifying Frames to a VLAN

2.3.3 Customizing the VLAN Forwarding List

2.4 VLAN SWITCH OPERATION

2.4.1 Receiving Frames from VLAN Ports

2.4.2 Forwarding Decisions

2.4.2.1 Broadcasts, Multicasts, and Unknown Unicasts

2.4.2.2 Known Unicasts

2.5 GARP SWITCH OPERATION

VLAN CONFIGURATION

3.1 MANAGING THE SWITCH

3.1.1 Switch Without VLANs

3.1.2 Switch with VLANs

3.2 SUMMARY OF VLAN LOCAL MANAGEMENT

3.3 802.1Q VLAN CONFIGURATION MENU SCREEN

3.4 DEVICE VLAN CONFIGURATION SCREEN

3.4.2 Changing the VLAN to FID Association

3.4.3 Renaming a VLAN

3.4.4 Deleting a VLAN

3.4.5 Enabling VLANs

3.4.6 Disabling VLANs

3.4.7 Changing the Forwarding Mode

3.4.8 Paging Through the VLAN List

3.5 PORT ASSIGNMENT CONFIGURATION SCREEN

3.5.1 Changing the Port Mode

3.5.2 Assigning a VLAN ID

3.5.3 Paging Through the Port List

3.6 PORT FILTERING CONFIGURATION SCREEN

3.6.1 Displaying VLAN IDs Associated with a Port

3.6.2 Selecting the Type of Filtering for a Port

3.7 VLAN FORWARDING CONFIGURATION SCREEN

3.7.1 Viewing Current VLAN Ports

3.7.2 Paging Through VLAN Forwarding List Entries

3.7.3 Adding Forwarding List Entries

3.7.4 Deleting Forwarding List Entries

3.7.5 Changing the Frame Format

3.8 PROTOCOL VLAN CONFIGURATION SCREEN

3.8.2 Assigning a Protocol Family to a VLAN ID

3.8.3 Displaying the Protocol Types on Current Ports

3.9 PROTOCOL PORTS CONFIGURATION SCREEN

3.9.1 Adding/Deleting Ports Associated with a VLAN ID

3.10 QUIC K VLAN WALKTHROUGH

EXAMPLES

4.1 EXAMPLE 1, SINGLE SWITCH OPERATION

4.1.1 Solving the Problem

4.1.2 Frame Handling

4.2.1 Solving the Problem

4.2.2 Frame Handling

4.3.1 Solving the Problem

4.3.2 Frame Handling

4.4.1 Solving the Problem

INDEX

Numerics