Allied Telesis 2.6.1 manual Vlan Membership using Vlan Tags

Page 75

Layer 2 Switching

75

Every frame admitted by the switch has a VID associated with it. If a frame arrives on a tagged port, the associated VID is determined from the VLAN tag the frame had when it arrived. If a frame arrives on an untagged port, it is associated with the VID of the VLAN for which the incoming port is untagged. When the switch forwards a frame over a tagged port, it adds a VLAN tag to the frame. When the switch forwards the frame over an untagged port, it transmits the frame as a VLAN-untagged frame, not including the VID in the frame.

The VLAN tag that the switch adds to a frame on egress depends on whether the frame is switched in Layer 3 or Layer 2. In Layer 3 switching, the switch determines the destination VLAN from its routing tables. The VID of the destination VLAN will be added to the frame on egress. In Layer 2 switching, the frame’s source and destination VLANs are the same. The VID that was associated with the frame on ingress will be associated with it on egress.

VLAN Membership using VLAN Tags

Ports can belong to many VLANs as tagged ports. Therefore, when the VLAN tag is used to determine which VLAN a packet belongs to, it is easy to:

Share network resources, such as servers and printers, across several VLANs

Configure VLANs that span several switches

For tagged ports, the switch uses the VID of incoming frames, and the frame’s destination field to switch traffic through a VLAN aware network. Frames are only transmitted on ports belonging to the required VLAN. Other vendors’ VLAN aware devices on the network can be configured to accept traffic from one or more VLANs. A VLAN-aware server can be configured to accept traffic from many different VLANs, and then return data to each VLAN without mixing or leaking data into the wrong VLANs.

Figure 14 on page 76 shows a network configured with VLAN tagging. Table 12 on page 76 shows the VLAN membership. The server on port 2 on Switch A belongs to both the admin and marketing VLANs. The two switches are connected through uplink port 26 on Switch A and uplink port 25 on Switch B, which belong to both the marketing VLAN and the training VLAN, so devices on both VLANs can use this link.

Software Release 2.6.1 C613-02039-00 REV A

Page 74 Page 76
Image 75
Page 74 Page 76
Contents AT-8800 Series Switch Page Contents AT-8800 Series Switch User Guide Operating the switchMaintenance and Troubleshooting Page Introducing the AT-8800 Series Switch Why Read this User Guide?Chapter AT-8800 Series Switch Documentation Set Where To Find More InformationFeatures of the AT-8800 Series Switch Online Technical SupportIntroduction Software Features Management FeaturesSpecial Feature Licences Do if You Clear Flash Memory Completely on This Chapter Getting Started with the Command Line Interface CLIConnecting a Terminal or PC Terminal Communication ParametersParameters for terminal communication Value Assigning an IP Address Enter the password at the password promptGetting Started with the Command Line Interface CLI LoggingTo change the IP address for an interface, enter the command Setting RoutesChanging a Password Choosing a PasswordTo add a static route, enter the command Not available Using the CommandsGetting Command Line Help To display the current help file, enter the commandAliases Setting System Parameters Enabling Special Feature LicencesGetting Started with the Graphical User Interface GUI Getting Started with the Graphical User Interface GUISupported browsers and operating systems What is the GUI?Accessing the Switch via the GUI Browser and PC SetupHttp Proxy Servers See Option 2 Installing the Switch into the LAN on Establishing a Connection to the SwitchSee Option 3 Connecting to an Installed Switch on See Option 1 Configuring the Switch before Installation onOption 1 Configuring the Switch before Installation Use this procedure ifSee Http Proxy Servers on page 23 for more information Plug the switch into the LAN Option 2 Installing the Switch into the LANDefault username is manager At the login prompt, enter the user name and passwordAssign the vlan1 interface an IP address See Secure Access on page 29 for more informationIf necessary, bypass the Http proxy server Option 3 Connecting to an Installed SwitchFind out the IP address of the switch’s interface Select a PCCreate a Security Officer user account Secure AccessThen enter the password for CIPHER, sbr4y3 To enable system security, use the commandTo create an RSA key pair, use the command System Status System StatusQuality of Service and traffic filters Using the GUI Navigation and FeaturesConfiguration Menu Using Configuration PagesAn example of a configuration page with a selection table Editable Fields Monitoring Menu Management MenuDiagnostics Menu Changing the PasswordContext Sensitive GUI Help Saving Configuration Entered with the GUI Combining GUI and CLI ConfigurationConfiguring Multiple Devices Upgrading the GUI To upgrade the GUIThen delete the GUI resource file, using the command Load the new file onto the switchTroubleshooting Install the new file as the preferred GUIPoint your web browser at the switch’s IP address Deleting Temporary Files Accessing the Switch via the GUITraffic Flow Time and NTP SolutionSolutions IP Addresses and DhcpLoading Software Page A Security Officer prompt looks like Using Scripts onUser Accounts and Privileges Snmp and MIBs onLogin Normal Mode and Security Mode To display the current operating mode, enter the commandOperating the switch Specific Parameters Storing Files in Flash Memory Remote ManagementExample output from the Show File command Using ScriptsStoring Multiple Scripts Saving the Switch’s ConfigurationLoading and Uploading Files File Naming ConventionsFile extensions and file types Extension File type/function SPA Loading FilesDownload the patch file Setting Loader DefaultsExample Load a Patch File Using Http To load a patch file Configure the LoaderTo upload a log file Uploading Files From the SwitchExample Upload a Configuration File Using Tftp More informationUpgrading Switch Software Example Upgrade to a New Software Release Using To upgrade to a new software releaseLoad the new release file onto the switch Test the release Enter the licence password for the software releaseMake the release the default permanent release Enter licence information for the releaseExample Upgrade to a new patch file To upgrade to a new patch fileCheck that the file is successfully loaded Snmp and MIBs Using the Built-in EditorFor More About Operations and Facilities Where interface is the name of an interface, such as vlan11AT-8800 Series Switch User Guide Enabling and Disabling Switch Ports Switch PortsTo display information about switch ports, use the command To enable or disable a switch port, use the commandsSTP Autonegotiation of Port Speed and Duplex Mode Speed 10/100 Port TrunkingShow VLAN=ALL Packet Storm Protection Layer 2 SwitchingPort Mirroring Port security Virtual Local Area Networks VLANs Example output from the Show Switch Port Intrusion commandTpid Vlan TaggingFormat of user priority and Vlan data in an Ethernet frame Vlan Membership using Vlan Tags Vlan membership of example of a network using tagged ports Vlan Membership of Untagged PacketsMember ports Vlans with untagged ports Creating VLANsTo destroy a VLAN, use the command To add tagged ports to a VLAN, use the commandSummary of Vlan tagging rules Protected VLANsVlan Interaction with STPs and Trunk Groups Layer 2 Switching Process Generic Vlan Registration Protocol GvrpIngress Rules Learning Process Forwarding Process Layer 2 Filtering Example output from the Show Switch Filter command Egress Rules Quality of ServiceSpanning Tree Modes Spanning Tree Protocol STPSpanning Tree and Rapid Spanning Tree Port States Spanning tree port states State MeaningRapid Spanning Tree port states State Meaning Configuring STP SET STP=stpnameALL PRIORITY=0..65535 Example output from the Show STP command Do not occur Parameter Meaning Switch Max AgeTo display STP port information, use the command Example output from the Show STP Port command 94AT-8800 Series Switch User GuideTo show STP counters, use the command Discarded 96AT-8800 Series Switch User GuideReceive TransmitIgmp Snooping Interfaces to Layer 3 ProtocolsDisable Igmpsnooping Group List Example output from the Show IP Igmp commandParameters TriggersEvent DescriptionLayer IP Multicasting Then use either of the following commandsDisplays the interfaces enabled for IP routing Figure Internet Protocol IPRouting Information Protocol RIP Novell IPXLayer 103 AppleTalk Example output from the Show IPX Circuit commandLayer 105 Resource Reservation Protocol RsvpPage Maintenance and Troubleshooting Switch startup messages How the Switch Starts UpSet system territory How to Avoid ProblemsWatch for software updates If you accidentally do this, you will need to What to Do if You Clear Flash Memory CompletelyWhat to Do if Passwords are Lost What to Do if the PPP Link Disconnects RegularlyGetting the Most Out of Technical Support Maintenance and Troubleshooting 113 Resetting Switch DefaultsChecking Connections Using Ping To get debugging output, enter the commandTelnet Fails Troubleshooting IP ConfigurationsTo set Ping defaults, enter the command Stop a Ping that is in progress, enter the commandMaintenance and Troubleshooting 115 Troubleshooting Dhcp IP AddressesYour switch is acting as a Dhcp client Your switch is acting as a Dhcp serverNo Routes are Visible to the Remote Router Troubleshooting IPX ConfigurationsTo check that the PPP link is active, enter the command Local Workstations Can Not Access Remote ServersCheck route tables Using Trace Route for IP TrafficTo halt a trace route that is in progress, enter the command
Top Page Image Contents