Tải bản đầy đủ - 0 (trang)
Chapter 7. Adding Local (Network) Roadways for No Extra Money

Chapter 7. Adding Local (Network) Roadways for No Extra Money

Tải bản đầy đủ - 0trang

Inthischapter,youwillreadaboutphysicalLANs,with

particularattentiontosomeconceptsthatwillhelpyou

understandVLANs.Then,you'llreadaboutVLANsandhowthey

arecreated.Alongtheway,you'lllearnsomeofthereasons

whyyoumightwanttouseVLANs.







ThePhysicalRealityPrecedestheVirtualReality

BeforeyoucanunderstandvirtualLANs,youneedtothink

aboutphysicalLANsandhowtheyhandlebroadcasts.Afteryou

havetheconceptsrelatedtobroadcastsfirmlyinmind,it's

mucheasiertothinkaboutVLANs.



PhysicalLANs:It'sAllAboutBroadcasts

Manypeoplehavedifferentideasaboutwhatanetworkreally

is.Forinstance,ifyouasksomeonewhoworksonservers,that

personmightthinkofaLANasaserverthat'sattachedtoan

Ethernet.ThepersonwhorunstheEthernetcableshasa

differentperspective,thinkingoftheLANasabunchofcables.

However,theperspectiveyouneedtohavetounderstand

VLANsisclosertothatofthenetworkengineer,whocaresmore

abouthubsandswitches.

Asyouprobablyrecall,hubsandswitchesbehavedifferently.

Hubsrepeatallreceivedelectricalsignalsoutallports,except

theportinwhichthesignalwasreceived,essentiallyflooding

theframe.Switchesdonotfloodallreceivedframes,but

insteaduseaMACaddresstable,whichtellsthemhowtobest

forwardaframe.

However,hubsandswitchesprocessbroadcastframes

indentically.AbroadcastframeisanEthernetframethathasa

destinationMACaddressfieldsettoFFFF.FFFF.FFFF.Broadcast

framesaresentforavarietyofreasons.(Theyareparticularly

usefulwhenacomputerdoesn'tknowsomepieceof

information;thecomputercansendabroadcasttoeveryone,

askingforthattidbitofinformation.)Regardlessofwhythe

broadcastframeissent,whenaswitchreceivesaframewhose

destinationaddressistheEthernetbroadcastaddress,it



forwardstheframeoutallportsexcepttheincomingport.A

hubrepeatsallframesincludingbroadcastsoutallportsexcept

theincomingport.(Infact,hubsdonotevenlookatthe

addresses.)So,althoughtheinternalprocessingonswitches

andhubsisdifferent,essentiallyaswitchactsjustlikeahubin

regardstobroadcastframes.



MasterofYourOwn(Broadcast)Domain

TounderstandVLANs,youneedtounderstandafewterms,

startingwiththetermbroadcastdomain.Abroadcastdomain

isagroupofdevicesforwhichabroadcastframesentbyone

deviceisreceivedbyallotherdevicesinthesamegroup.

Althoughthedefinitionisratherformal,you'vealreadyread

aboutalltheunderlyingconcepts,mainlyinChapter6,

"ReducingCongestionandDrivingFasterontheLocal(Network)

Roadway."Figure7-1showsthreeexamplesofbroadcast

domains.



Figure7-1.ThreeBroadcastDomains:AHub,a

Switch,andaHubandSwitch



[Viewfullsizeimage]



Asinglehubcreatesasinglebroadcastdomain,asshowninthe

upper-leftpartofthefigure.Thisfirstbroadcastdomain

consistsofthePCs,aswellasthecablingandhub.Ifanyof

thosedevicessendsabroadcastframe,thehubrepeatsthe

electricalsignaloutallotherportssothateveryonereceivesthe

signal.

Asingleswitchalsocreatesasinglebroadcastdomain.This

broadcastdomainincludesthedevicesthatareattachedtoa

singleswitch,alongwiththecablingandswitch.Becausethe

switchforwardsallbroadcastframesoutallports(besidesthe

incomingport),everyonegetsacopyofeachbroadcast,

meetingthedefinitionforbroadcastdomain.

Ahubandaswitch,connectedtogether,alsocreateasingle

broadcastdomain.ShowninthebottomofFigure7-1,ifa

deviceonthehubsendsabroadcast,thehubrepeatsitoutall

ports,includingtheonethat'sconnectedtotheswitch.When

theswitchreceivesthebroadcastframe,itforwardsthe

broadcastoutallotherswitchports,likealways.Similarly,when

adevicethatisconnectedtotheswitchsendsabroadcast,the

switchforwardsthebroadcastonallotherportsincludingthe

onethatisconnectedtothehubandthehubrepeatstheframe

outallotherports.



MultiplePhysicalLANsRequireMultiple

Switches

ALANconsistsofthedevicesinsideasinglebroadcastdomain.

TocreatemultiplephysicalLANs,youneedtousemultiple

physicalswitches,becauseaswitchforwardsanybroadcasts

outallports(excepttheportonwhichitwasreceived).For

example,imaginethatyoujusttookajobasnetworkengineer



atacompanywiththesmallnetworkshowninFigure7-2.



Figure7-2.SmallPhysicalLAN,andYouArein

Charge



[Viewfullsizeimage]



Withasingleswitch,youhaveasinglebroadcastdomainanda

singleLAN.However,yournewbosstoldyouwhenyouwalked

inthedoor,"We'vegottogetFredandBarneyonadifferent

LANthanBettyandWilma.Theyworkwithsuper-secret

projects,andwecan'tmeetoursecurityrequirementsifBetty

andWilmaareonthesameLAN.Nowgetcracking!"

ToputBettyandWilmainadifferentLANthantheboys,you

havetousetwoswitches.Figure7-3showsthealternative

design,nowwithtwophysicalLANs.



Figure7-3.TwoPhysicalLANs:BroadcastsDoNot

LeavetheOriginatingLAN



Notethatwithtwoswitches,eachswitchhasitsownaddress

table.WhenFredsendsabroadcast,switch1forwardsitoutall

otherportsinthiscase,onlytoBarney.Switch2doesnotreceive

acopyofthebroadcastinfact,thereisnotevenaphysical

cableconnetingthetwoswitchesinthiscase.

BecausethetwoswitcheshavecreatedtwoseparateVLANs,

bothbroadcastframesandunicastframesfromthetopLAN

cannotbeforwardedtothebottomLAN.Forinstance,ifFred

weretosendaframewithadestinationaddressof

0200.3333.3333(Wilma),switch1wouldnothaveWilma's

addressinitsaddresstable.Figure7-4summarizesthelogic.



Figure7-4.NoForwardingBetweentheTwo

PhysicalLANs



Withtwoseparateswitches,youcancreatetwophysicalLANs,

eachwithitsownMACaddresstable.Inthenextsection,you'll

readabouthowVLANscandoessentiallythesamething,but

usingonlyasingleswitch.Followingaresomekeypointsabout

physicalLANsthatwillhelpyouasyoulearnaboutVLANsinthe

nextsection:



EachLANhasanindependentMACaddresstableas

comparedtotheotherLANs.

BroadcastsoriginatinginoneLANarefloodedinsidethat

LAN.

BroadcastsoriginatinginoneLANarenotforwardedinto

theotherLANs.

UnicastsoriginatinginoneLANarenotforwardedintothe

otherLANs.







Virtual(LAN)Reality:OneSwitch,butMultiple

LANs

VLANsallowyoutocreatemultipleLANs,butwithoutrequiring

extraswitchhardware.Thissectiondescribeshowswitches

createvirtualLANs,followedbyashortdescriptionofsomeof

thereasonswhysomeonemightwanttousemultipleVLANs.



HowtoCreateaVirtualLAN

TocreatemultiplephysicalLANs,orbroadcastdomains,you

needmultipleLANswitches.However,addingmoreLAN

switchescanbeexpensive.Luckily,LANswitchvendorsinclude

afeatureintheirproductsthatallowsyoutocreatemultiple

broadcastdomainsinasingleswitch,essentiallyallowingyouto

createmultipleLANs,butwithouttheadditionalhardware.

ThesebroadcastdomainsarecalledvirtualLANs(VLANs).

VLANsaredefinedmoreformallyasfollows:

Abroadcastdomain,createdbyaswitch,usingasubset

ofthephysicalportsontheswitch.

Earlierinthechapter,youreadthatabroadcastdomainisthe

groupofdevicesforwhichabroadcastframesentbyone

deviceisreceivedbyalldevicesinthegroup.Andasyouwell

knownow,aphysicalLANisthesamethingasabroadcast

domain.

So,what'sthedifferencebetweenaphysicalLANandaVLAN?

Verylittle.Thekeyliesinthefactthatthenetworkengineer

canconfiguretheswitchandtellittotreatsomephysicalports

asiftheyareinonebroadcastdomainoneVLANandthen

configureotherportstobeinadifferentbroadcastdomainin



otherwords,adifferentVLAN.WhenyouwantmultipleLANs,

insteadofbuyinganewswitchtocreateanewphysicalLAN,

youcouldjustconfigureVLANs.Figure7-5showsanexample,

withthesamenetworkasinFigure7-3.



Figure7-5.TwoVirtualLANs:BroadcastsDoNot

LeavetheOriginatingVLAN



ThenetworkengineerconfiguredportsE0andE1tobeinVLAN

1andportsE2andE3tobeinVLAN2.Theswitchconsiders

thetwoVLANstobeseparate.Infact,thisnetworkbehaves

justlikeitwouldwiththetwophysicalswitchesshowninFigure



7-4.However,yougettheadvantageofnothavingtobuy

anotherswitch!

Noticethattheswitchkeepsaseparateaddresstableforeach

VLAN.So,theswitchdoeslearnallfourMACaddresses,butthe

switchdoesnotforwardbroadcastsorunicastsfromoneVLAN

totheother.Figure7-6outlinestheprocess.



Figure7-6.NoForwardingBetweentheTwo

VLANs



TheswitchknowsthattheframecameinportE0andthatE0

hasbeenconfiguredaspartofVLAN1.Theswitchlooksonlyat

theVLAN1addresstableandfindsamatch.So,theswitch

forwardstheframe.Eveniftherehadnotbeenamatchinthe

VLAN1addresstable,theswitchwouldhavefloodedtheframe,



Tài liệu bạn tìm kiếm đã sẵn sàng tải về

Chapter 7. Adding Local (Network) Roadways for No Extra Money

Tải bản đầy đủ ngay(0 tr)

×