• No results found

VLAN - PMP 450 Features

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "VLAN - PMP 450 Features"

Copied!
18
0
0

Loading.... (view fulltext now)

Download now ( 18 Page )

Full text

(1)
(2)

Operates at Layer 2 of the IP model

Establishes a logical group within the network.

Regardless of initial or eventual physical

location, each computer in the VLAN can

access the same data

Provides flexibility in network segmentation,

simpler management, and enhanced security.

(3)

VLAN Transparent (disabled) and VLAN enabled modes

Layer 2 (Switch) VLAN specifications:

IEEE 802.1-Standards based

802.1q: “unique identifier” each for VLAN

802.1p: “priority levels” within each VLAN

802.1ad (Provider Bridge) aka “QinQ”:

Allows 802.1q VLANs inside of a 802.1ad VLAN.

802.1ad standard replaces 802.1QinQ protocol

VLAN VID and Priority Mapping based on MAC Address

VLAN VID and Priority Remarking

(4)

TCI TPID 2 bytes 2 bytes Payload Ether Type 2 bytes Variable Source Destination 6 bytes 6 bytes VID Priority CFI

3 bits 1 bit 12 bits

Priority – 802.1p CFI - Canonical Format Indicator

VID – VLAN Identifier TPID - Tag Protocol Identifier

Ethertype 0x8100

TCI - Tag Control Information

VLAN Tagging

(5)

TCI TPID Q Inner Tag Payload Ether Type 2 bytes Variable Source Destination 6 bytes 6 bytes

Inner Tag (Customer Tag) TPID - Tag Protocol Identifier

EtherType 0x8100

TCI - Tag Control Information

TCI TPID

Q Outer Tag

4 bytes 4 bytes Q Tag

Outer Tag (Service Tag)

TPID - Tag Protocol Identifier

EtherType 0x88a8 (Provider Bridging) or 0x8100,0x9100,0x9200,0x9300 (QinQ) TCI - Tag Control Information

(6)

Transparent Mode

Factory Default is transparent mode.

AP is configured to have “VLAN Disabled”

The SM configuration doesn’t matter

AP page

(7)

Transparent Mode Traffic Behavior

untagged untagged tagged tagged untagged untagged tagged tagged SM AP Management traffic is untagged QinQ QinQ QinQ QinQ

(8)

VLAN Enabled Mode - AP

4

3

1

2

5

6

7

(9)

1. Enable / Disable VLAN functions for AP sector

2. Ver <13.1.1 required APs to be set as an SM for spectrum analysis. Enable to retain local VLAN settings when rebooted as an SM.

3. Allow Frame Types Filter:

• All Frames

• Tagged Frames Only

• Untagged Frames Only

4. Dynamic Learning: AP will (Enable) or will not (Disable) add VLAN VIDs of upstream frames to the VID table.

5. Management VID: VID used to communicate with the module manager.

6. QinQ EtherType

– 0x88a8 for 802.1ad

– 0x8100, 0x9100, 0x9200, 0x9300 for 802.1QinQ (pre 802.1ad)

VLAN Enabled Mode - AP

(10)

VLAN Enabled Mode - AP

8

(11)

8. VLAN Membership Table

If Dynamic Learning is disabled, manual VLAN VIDs need to be entered into the Membership Table. Any packets arriving that are not in the table are dropped.

9. VLAN 802.1p Remarking

Tagged packets arriving at the AP’s Ethernet Port, can have their priority

remarked based on the existing VID. Packets exiting the Ethernet port are not remarked.

(12)

VLAN Enabled Mode - SM

1

2

3

4

5

6

(13)

VLAN Enabled Mode - SM

1. VLAN Port Type

– Q: Tags untagged packets as 802.1q

– QinQ: Tags untagged packets as 802.1q plus 802.1ad or tags 802.1q packets with 802.1ad

2. Accept QinQ: Enabled filters QinQ packet on Ethernet Port

3. SM Management VID Pass-through: When disabled, all data with the Management VID will be blocked at the Ethernet Port. (default Enabled)

4. Default Port VID: 802.1q Tag ID or Inner Tag ID for QinQ

5. Port VID and Priority MAC Address Mapping: Checks inbound MAC address of packet and overrides Default Port VID and Priority

– First 3 fields of MAC address are the Ethernet devices Manufacturer ie Intel, ATI

– Wildcards can be used in last 3 fields of MAC address using ff ff ff

(14)

VLAN Enabled Mode - SM

7

(15)

VLAN Enabled Mode - SM

7.

VLAN VID Remarking

Tagged packets arriving at the SP’s Ethernet Port, can have their VID remarked based on the existing VID. Packets exiting the Ethernet port are not remarked

8.

VLAN 802.1p Remarking

Tagged packets arriving at the SP’s Ethernet Port, can have their priority

remarked based on the existing VID. Packets exiting the Ethernet port are not remarked

(16)

VLAN Enabled Example Mode

Behavior

Untagged Tagged Untagged Tagged/Unaltered Tagged SM AP

Management traffic is tagged, If want to manage the SM from LAN port, traffic need to be tagged with the same VID as the Management VLAN of the SM

Note that when the SM is not connected with the AP, it will however only allow untagged management

QinQ QinQ QinQ Dropped Tagged Untagged Dropped or treated as VLAN 1

(VID matched with Default Port VID or MAC/VID mapping)

Tagged/Unaltered

(17)

Q-in-Q

Default(transparent, SM VLAN port type “Q”, AP VLAN disabled ) mode allows

passing Q-in-Q back-and-forth

You can also configure the SM to put a S-Tag to the traffic

Important!!! Don’t configure the SM to tag S-VID with “1”, it will NOT do

(18)

SM AP

Untagged QinQ (ctag contains Default vid)

QinQ, unaltered QinQ

VLAN Tagged QinQ, adding S-Tag

Provider-VID (S-VID) = X, !=1 !!!! Default VID = Y !=1

QinQ (S-VID = X, C-VID != Y) VLAN Tagged (S-Tag removed)

Dropped! VLAN Tagged (VID !=X & VID !=Y)

Untagged Dropped!

C-tag remains, even VID=0

QinQ tagging Mode Example

Behavior

QinQ (S-VID = X, C-VID = Y)

SM cannot be locally managed if connected to AP.

But can be locally managed without VLAN tagging when disconnected

Untagged

Untagged VLAN Tagged (VID ==X || VID == Y)

QinQ (S-VID != X, C-VID != Y) QinQ, unaltered

References

Download now ( PDF - 18 Page - 834.32 KB )

Related documents