Professional Documents
Culture Documents
UCTI LEVEL 2
INDIVIDUAL ASSIGNMENT
1
Table of Contents
Question 1............................................................................................................................4
Layer 2 Switching............................................................................................................4
Layer 3 Switching............................................................................................................6
Layer 2 switches (Store-and-Forward and Cut Through)................................................8
Layer 3 switches (Pure Routers)....................................................................................10
Spanning Tree Algorithm...............................................................................................11
Medium-sized Switched LAN Design...........................................................................16
Question 2..........................................................................................................................19
Virtual Local Area Network..........................................................................................19
VLAN Membership for MAC Layer end users.............................................................21
VLAN Mechanism.........................................................................................................23
802.1Q Standard.............................................................................................................24
Referencing........................................................................................................................28
Error: Reference source not found
2
Asia Pacific University College of Technology & Innovation
LAN Switching & WAN Networks (LSWN) -CT032-3-2
Individual Assignment
Intake : UC2F1007 IT {NC}
Lecturer : Salmiah Amin
Email ID : salmiah@apiit.edu.my
Date Due : 29th April 2011 (Week 13)
Question 1
a) Compare and contrast between the functionality, pros and cons of Layer 2 (bridging)
and Layer 3 (pure routing) LAN switches.
[10 marks]
c) Describe the functionality of Spanning Tree algorithm and explain the benefits of
implementing such algorithm.
[9 marks]
3
receiving that much data. This may require that the servers be
upgraded in some cases.
Draw the network diagram to implement the above design specification and
requirements. [21 marks]
Question 2
a) Describe with proper justification the reasons for implementing VLANs.
[10 marks]
b) Describe four (4) methods how MAC layer end-users are associated with a particular
VLAN or VLANs.
[8 marks]
4
[9 marks]
Question 1
Layer 2 Switching
Layer 2 switch uses the Media Access Control address (MAC address). It uses MAC
address of the network interface cards (NICs) of the host to decide where to forward and
drop frames in a Local Area Network.
i) Address learning
Layer 2 switches use a MAC forward/filter table to create and maintain information
of devices located in a network. The forward/filter table contains information of
network address of devices for sending frames to its destination. (TopBits)
When a device wants to send frames to another device, it will retrieve network
address from forward/filter table of the switch and forward the frames to the
destination. A point-to-point connection will be established between two devices to
share information.
When destination hardware address is found in the MAC forward/filter table, the
frame will be forwarded to the correct destination interface. Bandwidth will be
allocated for network segments after the frame is forwarded to the correct destination
interface. This concept is known as frame filtering. (TopBits)
If the destination hardware address s not found in the MAC forward/filter table, the
frame is flooded out all active destination interfaces. The frame will be received by
any interface, but no frame will be received if no respond is send to the switch. When
a device responds by returning a frame, the switch adds the MAC address of the
devices to the MAC forward/filter table. This proces will enables switch establish a
point-to- point connection between the two devices. If a server transmits a broadcast
5
on the LAN, the switch, by default, floods the frame out all its ports. Then only the
devices will give respond will receive the frames. (TopBits)
• Low cost
• Hardware-based bridging
• High speed
• Wire speed
• Low latency
• Increases bandwidth for each user
6
Layer 3 Switching
A Layer 3 switch is a high-performance device for network routing. A Layer 3 switch can
support the same routing protocols as network routers do. Both inspect incoming packets
and make dynamic routing decisions based on the source and destination addresses
inside.(Mitchell, 2011)
i) Packet Switching
Layer 3 implements a transport method of carrying these packets is called packet
switching. The IP packet within the frame contains a source network layer IP address
and a destination network layer IP address. The router maintains a routing table of
network paths it has learned, and the router examines the network layer destination IP
address of the packet. When the router has determined the destination network from
the destination IP address, the router examines the routing table and determines
whether a path exists to that network. (Castelli, 2004)
ii) Route Processing
Layer 3 switches perform table lookups determining the next hop along the route,
which in turn determines the output port over which to forward the packet or frame.
The router or Layer 3 switch makes this decision based on the network portion of the
destination address in the received packet. (Castelli, 2004)
During the routing processing, when the destination network is unreachable, that
means there is no path to the destination network and no default network. In this case,
the packet is discarded. (Castelli, 2004)
If the packet is able to be sent to its destination network, the route lookup will
determine the network hop to deliver the packet. During this process, the first hop to
transmit the packet will be lookup and then the next hop will be determined to find
the nearest path until the final destination is reached. (Castelli, 2004)
When the destination network is able to be directly attached to the router, the port can
directly attached to the network and reachable. For directly attached networks, the
next step maps the host portion of the destination network address to the data link
MAC address for the next hop or end node using the Address Resolution Protocol
table (for IP). It does not map the destination network address to the router interface.
7
It needs to use the MAC of the final end node so that the node picks up the frame
from the medium. Also, you are assuming IP when stating that the router uses the
ARP table. Other Layer 3 protocols, such as Internetwork Packet Exchange (IPX), do
not use ARP to map their addresses to MAC addresses. (Castelli, 2004)
Address Resolution Protocol (ARP) is a network layer protocol used in IP to convert IP
addresses into MAC addresses. A network device looking to learn a MAC address
broadcasts an ARP request onto the network. The host on the network that has the IP
address in the request replies with its hardware MAC address. This is called ARP
mapping, the mapping of a Layer 3 network address to a Layer 2 data link address.
Routing table lookup in an IP router is more complex than a MAC address lookup for a
bridge, because at the data link layer addresses are 48-bits in length with fixed-length
fields. Additionally, data-link address space is flat, meaning there is no hierarchy or
dividing of addresses into smaller and distinct segments. MAC address lookup in a bridge
entails searching for an exact match on a fixed-length field, whereas address lookup in a
router looks for variable-length fields identifying the destination network. (Castelli, 2004)
IP addresses are 32 bits in length and consists of two fields which is the network
identifier and the host identifier.
Both the network and host portions of the IP address can be of a variable or fixed length,
depending on the hierarchical network address scheme used. Discussion of this
hierarchical, or subnetting, scheme is beyond the scope of this book, but suffice to say
you are concerned with the fact that each IP address has a network and host identifier.
The routing table lookup in an IP router determines the next hop by examining the
network portion of the IP address. After it determines the best match for the next hop, the
router looks up the interface port to forward the packets across.
(Castelli, 2004)
8
Layer 2 switches (Store-and-Forward and Cut Through)
The store-and forward method store the entire packet into internal memory, and then
performs a Cycle Redundancy Check (CRC) to to check the packet for errors before
forwarding the packet to its destination. However, this level of error-checking introduces
the highest latency of any of the switching methods. Bad data packets are discarded if
got any errors are found in the packet. After the error cheking, if the packet is error-free,
the packet will be dropped into the buffer. Source Address Table (SAT) is a table which
store lists of Media Address Control (MAC) address of network devices. Every packet
must go through the SAT Lookup Filter/Forward process to determine the destination
9
where the packet should be fowarded. Without any interruption, the transmission of the
frame will be operated until the packet is sent to its network destination.
ForwardingLogic
SAT
IN OUT
Buffer
Incoming Packet
With cu-through switches, the whole packet is not buffered entirely before forwarding
process begins. This result in a much lower latency for a single packet forwarding
operation than a store-and-forward operation. This lack of buffering of packet also
eliminates the error isolation capabilities of switches.
In Figure 2, the cut-through switch would have switch the packet the other segment
before even it could examine the Cyclic Redundancy Check (CRC) to determine if the
packet contained errors. This fundamental flaw of cut-through switches will cause the
10
switch attempated to correct it with a modified cut-through algorithm. This algorithm
calculates the CRC for all packets which undergo cut-through mode. If the calculation
has show that thereis many bad packets has forwarded to other segments, it reverts to
store-and-forward operation until the error packet rate drops below some other defined
threshold. In reality, it maybe a good solution but it is still allows a reasonable number of
error packets forwarded to other segment before the store-and-forward mode become
operational. (J.Roese, 1998)
Layer 3 switch is also known as pure router. The fundamental of router operation are
complex and having lower performance than LAN switching. Figure 3 illustrate the
process of moving data through a router.
Refram e into
Receive Strip off All Identify Route Check Access Forward
New M AC
Pecket Layer2 Fields Protocol Table List Packet
Layer Packet
Based on Figure 3, when packets is received by a router, all MAC layer fields will be
removed. This MAC layer filelds do not serve any process in router forwarding logic.
Then, thee router will identify protocol that contains in the packet. Every layer three
protocol has its own unique frame format and forwarding rules.
11
When the protocol is identified, the switch will perform a routing table calculation and
determine the destination of the packet will be forwarded. Many high end routers will
cache the route table lookup to improve performance for this step. After the destination is
determined, the router will apply access lists or policy or accounting servies to the packet.
If the internal operations are completed, the router will build a new MAC layer packet
and deliver it to the next hop in the path. Since the router is connectionless, this process
will be repeated for every packet until all the packets is sent to its destination. (J.Roese,
1998)
Spanning Tree Protocol (STP) is a Layer 2 link management protocol that provides path
redundancy while preventing undesirable loops in the network. (Tripod.com, 2005)
Spanning tree algorithms were developed to prevent redundant transmission of data along
intermediate hops between a source and destination host on a mesh network topology.
Without spanning trees, a mesh network can be flooded and rendered unusable by
messages circulating in an infinite loop between hosts. (Mitchell, 2011)
The primary Spanning Tree Protocol (STP) is IEEE standard 802.1D, an algorithm
commonly used on Ethernet networks. This algorithm works by limiting the paths
messages can travel at any given time to a fully connected tree rather than a mesh. As
hosts join and leave the network, this protocol dynamically updates the tree accordingly.
(Mitchell, 2011)
The three basic steps in the execution of the STP algorithm are as follows:
12
Every LAN segment must designate a port from among all the ports on all the bridges
connected to that segment. Traffic from that segment will head towards the root
bridge through the designated port. (Adtran, 2004)
BPDU frames contain information regarding the originating switch port, Media Access
Control (MAC) address, switch port priority, and the switch port cost. The cost of a
switch port is based on the number of network segments the frame crosses before
reaching its destination.(eTutorials.org, 2008)
BPDU messages are also exchanged across bridges and switches to detect loops in the
network topology. Any loops found are removed by shutting down the selected bridge
and switch interfaces and placing the redundant switch ports in a backup, or blocked,
state. (eTutorials.org, 2008)
13
Each port on a switch using STP is in one of the following five states:
After 20 seconds, the switch port moves from the blocking state to the listening state.
i) Listening state (eTutorials.org, 2008)
The listening state is the first transitional state for a port after the blocking state. The
listening state is where the STP determines that the port should participate in frame
forwarding. The switch does not perform any learning or forwarding functions while
in the listening state, and it therefore does not incorporate station locations into its
address database as it would if the switch were in a blocking state, because there is no
address table to update (while in a blocking state). In the listening state, a switch
performs the following functions:
• Discards frames received from the attached network segment.
• Discards frames switched from another port for forwarding.
• Receives BPDUs from the network segment and directs them to the switch system
module for processing.
• Processes BPDUs received from the switch system module.
• Receives and responds to network management messages, such as a network
administrator disabling the port.
After 15 seconds, the switch port moves from the listening state to the learning state.
14
• Incorporates LAN host location information into its address database.
• Receives BPDUs from the network segment and directs them to the switch system
module for processing.
• Receives, processes, and transmits BPDUs received from the system module.
• Receives and responds to network management messages, such as a network
administrator disabling the port.
After 15 seconds, the switch port moves from the learning state to the forwarding
state.
A port stays in the forwarding state until a change occurs in the network topology,
such as the addition of a new bridge or switch, a new bridge or switch port, or the
failure of a bridge, switch, or port. When a change in the topology is detected, all
switches recompute the network topology; this process is called convergence.
15
• Receives BPDUs, but does not direct them to the switch system module.
• Does not receive BPDUs for transmission from the switch system module.
• Receives and responds to network management messages, such as notification of
a network administrator enabling a port.
Benefits
1. Redundancy
STP provides redundancy to all devices in the network. This is accomplished in the
STP by ensuring that each device has a path to multiple switches. When there are
multiple paths for each device to send data, it will choose only one path is active at a
time to send data. In the event that the active path experiences an error, another path
will be opened. This allows the device to have constant access to the rest of the
network even in the event of network connectivity problems along one or more lines.
(Enne, 2011)
2. Loop Prevention
A loop exists when there is more than one available path between devices. This can
result in duplicate data and confusion in the data-forwarding process. STP, however,
only allows a single active path between devices at a time, which prevents the
formation of loops in the network. (Enne, 2011)
3. Root Switch
The creation of a root switch helps to eliminate loops and reduce network traffic. A
LAN using STP has a number of switches but only one root switch. A switch is a
piece of networking equipment, also known as a bridge, that connects segments of a
network to each other. The root switch of an STP network is elected as the result of
data gathering by all switches in the network and determination of the logical center
of the network rather than the physical center. The root switch is the switch that has
the shortest path to the majority of network devices. The other switches then calculate
the shortest path to the root switch and set all other paths as backups. (Enne, 2011)
16
17
Medium-sized Switched LAN Design
18
24-Port Ethernet Hub
19
20
Building 1
• 500 end users, of which 300 are to be attached to MicroLAN and 200 are to
receive dedicated switch ports
• five Novell servers and ten UNIX servers providing NFS services
• Internet router/network address translator
• one backbone switch providing 30 fast Ethernet interfaces
= 9
17
Building 2
By using 2 Intermediate Distribution Frame (IDF) switches, one IDF switch with
attached 12 Workgroup Switch and another with 13 Workgroup switch.
= 18
18
Question 2
Virtual Local Area Network
19
Virtual Local Area Network (VLAN) is collection of nodes that are grouped together in a
single broadcast domain that is based on something other than physical location. A
broadcast domain is a network (or portion of a network) that will receive a broadcast
packet from any node located within that network. (Tyson, 2001)
A VLAN solution can provide this simplicity in any network that implements a
router-based hierarchy. The end-user’s PC needs new network address and a
reconfiguration of router to assign access control for the user when the user is moved
to a new area in the network. In this simple move of end-user’s PC, it needs many
additional tasks to adopt the end system to its new location.
In a VLAN system, the network is now able to adjust its configuration when the users
are moved. In this situation, VLAN act as a container for subnetting to distribute
network address to every user in the network. In addition, more advanced systems can
dynamically adapt the VLAN to any location the user moves to without manual
intervention.
20
users which means that users are sharing the same physical topology but logically
separate networks.
For example, in a company, network administrator can use VLANs to separate a
single physical network into many private virtual networks for different departments.
Using these private virtual networks, network sharing can be shared privately in a
department.
iv) Security
VLANs can enchance security of data broadcast to be only accessiable by those users
who can have authorize to access to the specific broadcast of data and reduce the
chances of an outsider gaining access to the data. VLAN's can also be used to
control broadcast domains, set up firewalls, restrict access, and inform the
network manager of an intrusion.
(J.Roese, 1998)
21
v)
VLAN membership defines how groups of MAC layer end users are associated with a
particular VLAN or VLANs. There are many methods for this process, ranging from
simple port association to complex protocol-based association.
Port VLAN
1 1
2 1
3 2
4 1
Figure 5: Assignment of ports to different VLAN's.
22
00-80-5F-98-9D-29 1
Figure 6: Assignment of MAC address to different VLAN's
This method is most suitable in situation where end-users move around the network.
By associating their MAC address to a set of VLANs, the user’s PC can move
anywhere in the network and keep its membership.
Protocol VLAN
IP 1
IPX 2
IP/IPX 3
Figure 7: Assignment of protocol to different VLAN's
This type of VLAN is most useful for broadcast and multicast control on switched
LANs. By ceating different VLANs for specific protocols, users ultilizing those
protocols are allowed to see the broadcasts of that VLAN, while users not un the
VLAN are prevented from seeing that protocol. By isolating a protocol to only the
users ultilizing that protocol, the switched LAN is able to scale up to much larger
sizes.
IP subnet VLAN
192.20.160.0 1
202.221.161.0 2
168.18.0.0 3
23
Figure 8: Assignment of IP subnet addresses to different VLAN's
24
v)
VLAN Mechanism
The primary VLAN distribution mechanism in use is known as frame tagging. A frame
tag is defined as an identifier within packets that describes the packets’ VLAN
membership. Frame tags can either be explicit or implicit. An explicit frame tag consists
of an additional field or fields added to existing packets, making them as belonging to
one or more VLANs. An implicit frame tag is an existing field in the origina packet that
identifies its membership in VLANs.
An implicit tagging is shown in Figure 9. An implicit tag is defined as the switch using
internal characteristic of the original packet to identift its VLAN. Some of the fields that
can be used as implicit tags are the source or destination addresses. An example of an
implicit tag is a packet sent to the BPDU multicast address.
Most vendor do not implement implicit tagging, because it is difficult to be ultilized. But,
it also can be used to eliminates the posibility of oversized packets and generally
increases the overall efficiency of the switches’ forwading logic, since no packet
modification is required.
An explicit tagging is shown in Figure 10. It shows a modification on the original packet
by adding an explicit tag in its structure. This kind of tagging is done for packets that
cannot support the concept of an inplicit tag. Many vendor simply implement explicit
tags on all the packets. By using this method, the more complex analysis of implicit tags
is not needed.
The disadvantage of explicit tagging is that it add to the size of the original packet and
may cause oversized packet to be generated on interswitch links. If this happen, there is
no guarantee that the packet can be delivered. Because of this, some vendors have linited
their use of explicit tagging to broadcast and multicast.
(J.Roese, 1998)
25
26
802.1Q Standard
Fuctionality
Features
The general goals of the 802.1Q standard are to simply to define an architecture for
VLANs and the protocols and fuction requirements of an 802.1Q VLAN switch. The
actual specification is based on other IEEE 802.1 standards such as transparent bridging
and spanning tree algorithm. 802.1Q introduced the concept of a virtual bridged network
or VLAN and defines an operational model of VLAN-capable switch for implementation
of IEEE 802.1Q VLAN.
802.1Q VLANs have the capabilities for identify end systems or switch neighbors using
new ingress and egree rules, GARP VLAN Registration Protocol (GVRP) and its
distribution mechanism. Each of these three areas allows the switch has the capability to
create logical bridged LANs over common switch fabric.
(J.Roese, 1998)
27
Capabilities
The 802.1Q-compatible switches classify the inbound packets based on the VLAN
identifier (VID) of the port were received on. It is possible that the switch will receive a
packet on a port connected to another 802.1Q-compatible switch or an end user capable
of categorizing user’s packets into VLAN. This ingress categorization of packets involves
the addition of a frame tag if needed. The frame indicates the VLAN ID of the packet
along with others information related to the priority of the packet and addressing format.
The delivery mechanisms of 802.1Q also known as Egress Rules. In this rules, the switch
will examine the packets received and deliver the packets to ports based on the VLAN
membership for sharing.
(J.Roese, 1998)
28
GARP VLAN Registration Protocol (GVRP)
GVRP is generally used to support multiple switch topologies abd VLAN-aware end
nodes. This protocol is a signaling method used to identify VLAN membership to peer
switches in the network. In a switched VLANs, GVRP is used to identify its capabilities
for attaching switches over the spanning tree topology or GVRP end system to attach the
switch port.
For communication between the end system and the 802.1Q switch, GVRP is used to
register end user with support to a VLAN port ID and allows the switch to forward
received packets with that VID to the port with the end user. GVRP must be used for
commuication between switches to identify which VLAN are to be sent up or down the
spanning tree link. Each switch must register with others switch within VLANs, so that
the packets can be delivered to the switch with those VIDs.
(J.Roese, 1998)
Distribution Mechanism
Tag protocol ID is used in the existing Ethernet II and Ethernet SNAP headers to identify
the packet as tagged packet. IEEE specified 8100 as the registered protocol type for
802.1Q tagging.
There are three fields in TCI. The first field is the priority field. 802.1Q supports tagging
of packets for not just VLAN ID but also to established packet prioritization. Three bits
of the two-byte TCI are allocated for priority. Therefore, it gives the network a total of
eight levels of prioritization, which can mapped to vendor-specific queuing and priority
mechanisms.
29
The next bit is used to indicate the address format of the packet. It is known as the
canonical format indicator and assists the switches in converting from Ethernet least
significant bit first addressing to Token Ring / FDDI most significant bit first addressing.
The final 12 bits of the TCI are the VID, indicating the VLAN this packet associated
with.
With the use of GVRP mechanisms for identifying the VLAN that exists between
switches, the tagging mechanisms can mark the packet as a member of a specific VLAN.
The packet can be sent through spanning tree backbone of switches and assuring it is
being delivered to the right VLAN as indicated in VID. In short, this tagging allows the
VLAN’s packet to travel in the different link of switches and still allow for the correct
identification of the VID of packet.
(J.Roese, 1998)
30
Referencing
Castelli, M.J., 2004. How a LAN Switch Works. [Online] Available at:
http://www.ciscopress.com/articles/article.asp?p=357103&seqNum=4 [Accessed 9 April
2011].
Enne, V., 2011. The Advantages of Spanning Tree Protocol. [Online] Available at:
http://www.ehow.com/list_6157099_advantages-spanning-tree-protocol.html [Accessed
23 April 2011].
Mitchell, B., 2011. Layer 3 Switches - What Is a Layer 3 Switch? [Online] Available at:
http://compnetworking.about.com/od/hardwarenetworkgear/f/layer3switches.htm
[Accessed 9 April 2011].
31