VLAN Trunking:
Now lets take a look at what trunking is and the types of trunking methods and the
difference between them and also how the trunk ports work:
As
we discussed briefly about trunk ports in the previous post. Now let’s
understand the trunking concepts in more depth. And also apply trunking/configure
trunk ports on our previous topolgy.
What is a trunk / trunk port?
In
general the trunk of a tree is the part that carries water to to its branches
and even leaves/fruits and also the
trunk is used to carry the food from the leaves/fruits back to the roots.
In
network envirnonment the trunk port is a port on a switch/router that allows
multiple VLANs traffic to flow in and out of it.
What is trunking?
Trunking
is nothing but a mechanism for configuring the port of a network component
(commonly switch/router) to allow the traffic from multiple VLANs flow through
it. We can also restrict/prune few VLANs if we don’t like them to pass on a
trunk port.
Now let’s examine what happens in
trunking?
In
trunking mechanisms the orignial Ethernet frame is either modified or
encapsulated in order to carry VLAN information commonly called a VLAN
identifier or number. So that the devices understand from which VLAN the frame
originated and to which VLAN that frame should reach.
How it works?
The
switch adds the source port VLAN identifier to the ethernet frame so that the
device (typically a switch/router) at the other end of the trunk understands what VLAN originated this frame
and based on this information the destination switch makes the intelligent
forwarding decisions on not just the destionation MAC address, but also the
source VLAN identifier.
So
if the trunking mechanism on the sending switch and the receiving switch are
not same then they won’t understand the frames and drop them. It is just like
both the switches should speak/know the same language, if one switch speaks
English and other speaks Nepali then they can’t
communicate effectively. So it is mandatory that the both devices are
configured to support the same turnking protocol.
Tagging / Trunk tagging:
If
you’ve observed the turnking operation, it is just modifying or enapsulatin the
orignial ethernet frame, technically this is called as tagging or turnk tagging
(nothing but adding the VLAN information). This tagging is done in the hardware
by specalized proccessos called ASIC’s (Application Specific Intergrated
Circuits). However since this tagging is done in the hardware we don’t see any
latency issues.
Where do we use trunking/trunk ports?
Turnk ports are configured for
connecting two switches or switch and a router or switch and a file server with
a trunk capable NIC for multiple VLAN users to reach the server.
Understanding trunking with our topology:
This is our topology and the VLAN
configuration on switches is done accordingly and the ports Fa0/1 on both the
switches (switch0 & switch1) are configured as trunk ports.
Scenario1: Both the switches doen’t know any of the devices MAC
address.
Let’s say PC3(10.0.2.1) in VLAN2 on
switch0 wants to communicate to PC5(10.0.2.3) in VLAN2 on switch1. Since the
switch0 doesn’t have an entry for PC5’s MAC on its CAM table, switch0 will flood the frame for all the
ports that are in VLAN2, here Fa0/12 (PC4) on switch0 will receive it, and since
trunk ports support all the VLANs, this frame is also received by trunk port
Fa0/1.
However
PC4 ignores the frame since it is not destined for this. And now the frame will
step out through switch0’s trunk port Fa0/1, now here switch0 will add a tag
(called Vlan Ideenitfier as VLAN2) to this ethernet frame and then it will be
received on Fa0/1 on switch1, here it is also a trunk port so it accepts the
frame and understand that it is for VLAN2. Now switch1 check whether it has the
PC5 MAC address in its CAM table, since it doen’t have it floods to all of its
ports that are in VLAN2. However here there is only one port in VLAN2 on this
switch1 i.e, Fa0/3 (PC5), so this port will receive the frame.
But the important
thing here is the frame that is received by switch1 is a tagged frame and this can only be understood
by the trunk ports, but here Fa0/3 is an access port which can understand only
ethernet frames but not the tagged frames, so now switch1 will stripoff that
tag and then the original ethernet frame is sent to Fa0/3 (PC5). Finally PC5
sees that the frame is destined for itself and will reply back to PC3.
Scenario2: Both the switches know the MAC address of the
connected devices
Let’s say PC3(10.0.2.1) in VLAN2 on
switch0 wants to communicate to PC5(10.0.2.3) in VLAN2 on switch1. Since the
switch0 have an entry for PC5’s MAC on its CAM table towards trunk port
Fa0/1, switch0 will send the frame out
on Fa0/1.
Since Fa0/1 is trunk
port switc0 will add a tag (called Vlan Idneitfier) to this ethernet frame and
then it will be received on Fa0/1 on switch1, here it is also a trunk port so
it accepts the frame. Now switch1 examines the frame and understands that this
is frame is for PC5 in VLAN2, based on its MAC table it sends the frame to
Fa0/3 (PC5).
But the important
thing here is, the frame that is received by switch1 is a tagged frame and this can only be
understood by the trunk ports, but here Fa0/3 (PC5) is an access port which can
understand only ethernet frames but not the tagged frames, so now switch1 will
stripoff that tag and then the original ethernet frame is sent to Fa0/3 (PC5).
Finally PC5 will reply back to PC3.
This is how trunking works and helps
for multiple vlan traffic to flow through a single port. And the main advantage
of trunk ports is they reduced the requirement of the number of physical ports
on switches and also router for multiple VLAN communication. If the trunk ports
were not there then we need more physical ports for example: if there are 3
vlans on 2 switches and if they’ve to communicate then each vlan should have a
port connected to the other switch, so total 6 ports will be used but by using
trunk ports we can use only single port, so totally only 2 ports. This is how
the trunking reduced the expenditure too.
Now let’s take a look at the types of trunking
methods.
Types of trunking methods/mechanism?
There
are two types of trunking methods one is IEEE 802.1Q (known/called as dot1Q) and
the second one is ISL (Inter Switch Link) this is cisco’s proprietary. However cisco also
support dot1Q method. But mostly high end switches support both whereas the low
end switches supports only dot1Q.
ISL
(Inter Swith Link):
ISL
is a cisco protocol for interconnecting multiple cisco switches through trunk
ports. ISL trnking supports up to 1000 VLANs.
ISL
protocol encapsulates the entire Ethernet frame with a 26 byte header and 4
bytes Frame Check Sequence (FCS). The VLAN information is contained in the ISL
header. A typical ISL frame consists of the below three fields: ISL Header,
Encapsulated frame, FCS.
Inside the ISL header there are few
more fields like: DA, Type, SA, LE, VLAN
…etc but these are the important ones for now.
DA(Destination
Address): This is a layer2 multicast
address: 01-00-0C-00-00-00. The first 40 bits of this address tell the
receiving device that this an ISL frame.
Type: This field indicates
the type of the frame that is encapsulated in the ISL frame. For Ethernet its
value is 0000, Token Ring (0001), FDDI (0010) and ATM (0011).
SA (Source Address): Source
Address of the switch port that is transmitting the ISL frame.
LE (Length): The length of
the Ethernet packet without ISL encapsulation.
VLAN (Destination VLAN ID):
The VLAN to which the packet should reach. It is a 15 bit value
There are many more fields in the ISL header but these are enough for
us, if need more info check out:
Encapsulated Frame: This is
the original Ethernet frame that needs to reach the destination.
FCS (Frame Check Sequence):
It is used by the receiver to ensure that the ISL frame is not corrupted.
IEEE 802.1Q (dot1Q):
The
main advantage of dot1Q trunking method is, it allows trunks between devices of
different vendors, whereas ISL allows trunk only between cisco devices. Actually
the cisco 2960 and few high end 6900 series switches support dot1Q only. Dot1Q
trunking supports 4096 vlans.
In
this method a 4 byte field called as TAG is inserted in to the ethernet frame
to include the VLAN information. This tag is inserted between the Source MAC
address field and the Length/Type field of the standard ethernet frame. This
tag is included for the frames that are not orginating from the native VLAN
i.e. for all the VLANs except the native VLAN (commonly VLAN1), the tag is
added to the frame, to indicate the receiver about the source VLAN.
So
if there is no tag in a frame the receiving device assumes that it is for
native VLAN, so we must have the same native VLAN configured on all the
switches. By this we can understand that the trunk ports configured using dot1Q
trunking will allow both tagged and untagged frames. Now let’s take a look, at
exactly what information will be there in a TAG:
Ethernet Frame:
Destination MAC
|
Source MAC
|
Length or Type
|
Data
|
Orignial FCS
|
802.1Q frame:
Destination MAC
|
Source MAC
|
TAG
(4 Bytes)
|
Length or Type
|
Data
|
New FCS
|
Now what fields does a 4 bytes TAG has:
Type
(2 Bytes)
|
Priority
(3 Bits)
|
Token Ring Encapsulation (1
Bit)
|
VLAN ID
(12 Bits)
|
Type: The type field is used to identify the layer2
protocol type. For instance, the ethernet frame protocol identifier value is
0x8100.
Priority: This field is used to prioritize the frame in traffic.
The priority values are defined in 802.1p standard. Since is uses three bits,
there can be 8 values for this field (000,001,010,110,100,101,110,111).
Token Ring
Encapsulation: This field is used to
indicate whether this frame is an encapsulated token ring frame.
VLAN ID: This field contains the vlan information. Since dot1q
support 4096 vlans the VLAN ID field has 12 bits. (212=4095) field
values can be from 0 to 4095.
Difference between ISL and 802.1Q:
ISL is cisco proprietary and presently
it is supported only by few high end switches only.
Dot1Q is an IEEE’s open standard, which
be used to create trunk connection between switches of different vendors.
ISL trunking supports 1000 VLANs.
Dot1Q trunking supports 4096 VLANs.
In ISL the original ethernet frame is
not modified, it is encapsulated between an ISL header and an FCS.
In dot1Q the orignal ethernet fram is
modified, a 4 bytes field called as TAG is inserted between the Source MAC
field and the Length/Type field of the ethernet frame.
In ISL frames of all the VLANs are
encapsulated with ISL header and FCS.
In dot1Q the frames of all the VLANs
are modified i.e., a vlan tag is inserted into the frame, except for the native
VLAN. This is the only reason for the condition that the native VLAN should be
same on all the switches for proper functioning.
In ISL the FCS of the original ethernet
frame is not modified. Whearas after the orginal frame is encapsulated inside
the ISL frame, the new FCS value is added to the end of the new frame.
In dot1q since the original ethernet
frame is being modified the trunking device
re-computes the FCS on the modified frame and includeds it in the frame.
In ISL frames of all the VLANs are
encapsulated including the native vlan.
In dot1Q the frames originating from native vlan are
not tagged.
We'll work on trunking more in upcoming posts
No comments:
Post a Comment