NetComm NB712 manual Vlan Virtual Local Area Network, Frame Specification

Page 12

3 VLAN (Virtual Local Area Network)

Virtual LAN (VLAN) is defined as a group of devices on one or more LANs that are configured so that they can communicate as if they were attached to the same wire, when in fact they are located on a number of different LAN segments. Because VLAN is based on logical instead of physical connections, it is extremely flexible.

The IEEE 802.1Q defines the operation of VLAN bridges that permit the definition, operation and administration of VLAN topologies within a bridged LAN infrastructure. VLAN architecture benefits include:

1.Increased performance

2.Improved manageability

3.Network tuning and simplification of software configuration

4.Physical topology independence

5.Increased security options

As DSL (over ATM) links are deployed more and more extensively, VLAN (VLAN-to-PVC) over DSL links is becoming a popular requirement of networks.

The following section will discuss the implementation of VLAN-to-PVC only for bridge mode operation, i.e., the VLAN spreads over both the COE and CPE sides, where there is no layer 3 routing involved.

3.1Specification

1.The unit supports up to 8 active VLANs with shared VLAN learning (SVL) bridge out of 4096 possible VLANs specified in IEEE 802.1Q.

2.Each port always belongs to a default VLAN with its port VID (PVID) as an untagged member. Also, a port can belong to multiple VLANs and be tagged members of these VLANs.

3.A port must not be a tagged member of its default VLAN.

4.If a non-tagged or null-VID tagged packet is received, it will be assigned with the default PVID of the ingress port.

5.If the packet is tagged with non-null VID, the VID in the tag will be used.

6.The look up process starts with VLAN look up to determine whether the VID is valid. If the VID is not valid, the packet will be dropped and its address will not be learned. If the VID is valid, the VID, destination address, and source address lookups are performed.

7.The VID and destination address lookup determines the forwarding ports. If it fails, the packet will be broadcast to all members of the VLAN, except the ingress port.

8.Frames are sent out tagged or untagged depending on if the egress port is a tagged or untagged member of the VLAN that the frames belong to.

9.If VID and source address look up fails, the source address will be learned.

3.2Frame Specification

An untagged frame or a priority-tagged frame does not carry any identification of the VLAN to which it belongs. Such frames are classified as belonging to a particular VLAN based on parameters associated with the receiving port. Also, priority tagged frames, which, by definition, carry no VLAN identification information, are treated the same as untagged frames.

A VLAN-tagged frame carries an explicit identification of the VLAN to which it belongs; i.e., it carries a tag header that carries a non-null VID. This results in a minimum tagged frame length of 68 octets. Such a frame is classified

12

NB712 / NB714 User Guide

 

YML829 Rev1

Image 12
Contents Page Contents NB714 User Guide Features Package ContentsIntroduction Specification RoutingBridging SecurityIndicators ATM QoSAAL5 Encapsulation WAN InterfaceApplication Physical/ElectricalMemory Product InformationFirewall Types of Firewall Packet FilteringThere are three types of firewall Denial of Service Attack Circuit GatewayApplication Gateway Ping of death SYN FloodIcmp Flood UDP FloodVlan Virtual Local Area Network Frame SpecificationApplications VID uniquely identifies the Vlan to which the frame belongsGetting to know the router Front PanelLED status Rear Panel LAN 1,2,3,4Connecting your G.SHDSL Modem Router Check the Terminal Access ProgramDetermine Connection Setting Check the Ethernet Adapter in PCBridge EoA Route EoA IPoA PPPoA Install the Shdsl Router PPPoECross-over Ethernet cables can be used Port router with network topologyConfiguration via Web Browser Router, which will lose any previous configuration Basic Setup System error or disconnectionClick Basic for basic installation Bridge Mode LAN ParametersEnter Host Name WAN1 Parameters Enter VPI Enter VCI Click LLC Click NextRouting Mode Click Next to setup WAN1 parameters Dhcp ClientLAN IP Type Dhcp Server IP typeIP Address Subnet MaskTrigger Dhcp Service DNS ServerDhcp relay RelayPPPoE or PPPoA AAL5 EncapProtocol For more information, refer to the section on NAT/DMZPassword Password ConfirmUsername Idle TimeEprom IPoA or EoA GatewayEprom Advanced Setup Annex Type Link TypeData rate Data RateShdsl SNR margin Margin range is from 0 toMargin, the better the line connection Reconnect for better line connectionWAN QoS Quality of Service UBR Unspecified Bit RateCBR Constant Bit Rate PCR Peak Cell Rate in kbpsBridge Eprom Vlan Pvid PacketsRIP Mode RouteAuto RIP Summary Press ModifyAuthentication required RIP VersionPoison Reverse NAT/DMZ Multi-DMZ Multi-NATVirtual Start IP Address Count Global Start IP AddressVirtual Server Firewall Basic Firewall SecurityAutomatic Firewall Security Advanced Firewall Security Click Advanced Firewall Security and then press FinishSYN Attack Connections and will be unresponsiveAddresses originating from your network Ping of death attack attempts to crash your system byDirection DescriptionSrc. IP Address Dest. IP AddressFiltering Rule for Smtp connection Filtering rule will be configured as followUpdate Filtering Rule Filtering ResultWhen the rule is ordered as ABC Rule Order10.0.0.0 172.16.6.0 Permit 10.1.99.0 172.16.0.0 Deny Any IP QoS NB714 User Guide Administration Security NB712 / NB714 User Guide Snmp MIBSnmp status CommunityVersion Community Time Sync Click on Time SyncSntp service Time ServerTime Zone Utility System Info Restore Configuration Backup Configuration10.2 Config Tool Lose all the configured parametersUpgrade Logout To logout the router, press logoutRestart Status You can monitor the followingLAN-to-LAN connection with bridge Mode CO sideLAN Parameters WAN1 Parameters Enter IP 192.168.1.1 Enter Subnet MaskEnter Gateway 192.168.1.1 Enter Host Name Enter VPI Enter VCI EncapCPE Side Host Name Enter SohoVCI32 EncapLLC LAN to LAN Connection with Routing Mode Dhcp ServiceClick Route and CO Side then press Next IP Address 192.168.20.1 Subnet Mask 255.255.255.0 Host NameClick Next to setup the IP parameters WAN ParametersClick Route and CPE Side then press Next IP Address 192.168.10.1 Subnet Mask 255.255.255.0 Host Name192.168.30.2 Useradmin Password Serial ConsoleTelnet Baudrate 9600 Data Bits Parity Check Stop Bits Flow-controlOperation Interface Window structure Menu Driven Interface Commands To choose another parametersCtrl + C To quit the configuring item Ctrl + Q For help Menu Tree 14.7 Configuration Ping Packet internet groper command Admin Done via utility commandUtility Exit Quit systemStatus Show SystemConfig ScriptReboot AdministrationWrite PingUser Profile Snmp Edit Community Entry List ShowSupervisor Password and ID Move the cursor to service and press enter SntpMove the cursor to sntp and press enter Move the cursor to timeserver1 and press enterMove the cursor to list and review the setting Setup UtilityExit ModeShdsl 14.16.3 WAN Bridge After enter add menu, the screen will prompt as followVlan Move the cursor to vlan and press enter14.16.6 802.11Q Vlan Follow the following steps to configure 802.11q VlanFor each VLAN, Vlan ID is a unique number among 1~4095 Generic command can setup RIP mode and auto summery mode You can review the list of RIP parameters via list commandRoute Screen will display the following14.16.8 LAN IP share14.16.10 NAT You can configure NAT parameters in nat menuMapping 14.16.11 PAT After key in enter, the screen will prompt as belowYou can enable the demilitarized zone via active command firewall security level can configure via level command14.16.12 DMZ FirewallActive DoS Protection IPQoS You can view the Dhcp configuration via list command DhcpDefault DNS proxyHost name Appendix a Cable Information RJ-45 Network Ports10Mbps 100MbpsStraight and crossover cable configuration Straight-Through CablingCross-Over Cabling Shdsl Line Connector Console Cable No connectionRxD O TxDAppendix B Registration and Warranty Information Contact InformationProduct Warranty