VLAN

1
VLAN
2
What Do We Mean by Bandwidth Management?

• Brings back router-oriented benefits into our
  networks while improving upon router deficiencies
• Classic router benefits
• Broadcast containment and policy Enforcement
  (security)
• Classic router deficiencies
• Change management
• Complex administration
• Cost
• How?
• Layer 3 handling, VLANs, routing, filtering, ...

3
VLANs for Bandwidth Allocation
Theres More to VLAN Technology than Tagging
Logical Views
Management
Level of Automation
Configuration
Membership Criteria
Defines Membership Policies
Spanning Boxes
Explicit and Implicit
4
Policy-Based Virtual LANs

• Defines membership policies
• Flexible VLAN policy definition
• Port grouping
• MAC address grouping
• Protocol grouping
• Application control
• Mature technology

Backbone LAN
Port Group
Protocol Group
Address Groups
5
Protocol-Based VLAN Definitions

• VLANs defined by existing paradigms
• Layer 3 ID, layer 2 simplicity
• Support for routable and non-routable protocols
• IP subnet, AppleTalk, IPX, DECnet, NetBIOS,
  Netbeui, XNS, SNA, Vines, X.25, and Wildcard
• Non-proprietary implementation

NetBIOS
IPX
Subnet 2
IP
Subnet 1
Subnet 4
Subnet 7
6
How Does Routing Fit In?
Q Why? A1 You cant flatten a network
overnight A2 Routing allows directed unicasts to
traverse VLANs
Routing
R
Bridging
3
4
1
2
VLAN-B
IP Subnet A
VLAN-A
7
Where Should the Router Reside?

• Inside the Switch Multinetting, Per-port
  configuration, ASICRISC preprocessing, no Hops,
  no links, lower cost
• Outside the Switch More routing protocols

Internal Routing
External Router
R
R
Bridging
B
1
2
3
4
5
Switch
B
3
4
1
2
VLAN-B
VLAN-A
VLAN-B
VLAN-A
8
Routing/VLAN Structure

• Logical protocol-based VLAN engines
• Route between VLANs
• IP, IPX, Appletalk
• Switch within VLANs
• Flexibly combined with other definition options
• ASIC accelerated

Routing Engine
158.101.20.X
158.101.10.X
VLAN Engine
VLAN Engine
Switching Engine
S
S
MAC
MAC
MAC
158.101.10.1
158.101.10.2
158.101.20.1
158.101.20.2
158.101.20.3
9
Using Protocol-Based VLANs to Allocate Bandwidth
Broadcast Containment
IP-Based Fileservers

• VLANs vs. Filters
• VLAN Advantage
• Protocol dependent
• Less maintenance
• Address filter advantage
• Simple, clear

AT Network
IP Subnet A
IP Subnet A
AppleTalk Must Be Supported on a Majority-IP LAN

• User Benefits
• Support required protocols
• Optimize response time for other protocols

10
Using Protocol-Based VLANs to Allocate Bandwidth
Broadcast Firewalls
IP-Based Fileservers

• VLANs vs. Filters
• VLAN advantage
• Easily span boxes
• Protocol dependent
• Port group filter advantage
• Simple, clear

NetBIOS
IP Subnet A
IP Subnet A
Test Lab Generating NetBIOS Traffic

• User Benefits
• Improved application and desktop response time
• Reduce exposure to lab broadcast storms

11
Using Protocol-Based VLANs to Enforce Policy
Restricted Subnet Access
Engineering Server IP subnet B
HR Server IP Subnet A

• VLANs vs. Filters
• VLAN advantage
• Protocol dependent
• Less maintenance
• Address group filter advantage
• Tighter security

Only Members of IP Subnet A VLAN can Access HR
Server
IP Subnet A
IP Subnet B
IP Subnet A
IP Subnet B

• User Benefits
• Policy enforcement for secure access

12
Using Protocol-Based VLANs to Ease the
Adds/Moves/Change Problem
Moving an IP Device - No Station Reconfiguration
9
9
7
5
4
IP Subnet A
IP Subnet A
IP Subnet B
IP Subnet B
User Needs to Move Across Building

• User Benefit
• No workstation changes needed

13
VLANs on the Backplane
Inter swich Link (ISL)
RISC
14
Relationship between VLANs and ELANs

• ELANs are simply another switch port
• ELANs are flat, fast and simple, but suffer the
  same broadcast issues as
• Bandwidth issues addressed by same techniques
• Filters, VLANs, IP Multicasting, Integral Routing
• VLANs particularly sensible in ATM
• Each ELAN is a Virtual path to begin with
• ELAN configuration is flexible
• ELANs are meant to be parallel
• The same issues driving high function switching
  apply to (LANE-based) ATM networks

15
TELSYS