D-Link DHS-3224V Switch User’s Guide

Within the Layer 2 switching environment, all end nodes are identified on the network by their unique MAC address. No matter what basis is used to uniquely identify end nodes and assign these nodes VLAN membership, packets cannot cross VLANs without a network device performing a routing function between the VLANs.

For VDSL applications, VLANs can be used for a group of ports used by a single subscriber. For example, one client may have a company network of a size that requires more than one port on the Switch. In this case, the Switch can be used to create one VLAN for the group of port leased the single subscriber. The client can then administer VDSL access on the private network as desired. All the ports within the client’s VLAN can freely exchange packets through the VDSL Switch. Once the VLAN has been created, there should not be any more configurations decisions for the VDSL Switch manager, as long as there are no additional ports required by the client. If the client prefers to lease additional bandwidth (i.e. more ports), these can be easily added to the client’s VLAN if there are unused ports available on the Switch.

The Switch supports only IEEE 802.1Q VLANs. The port untagging function can be used to remove the 802.1Q tag from packet headers to maintain compatibility with devices that are tag-unaware.

By default the Switch assigns all ports to a single 802.1Q VLAN named DEFAULT_VLAN. The DEFAULT_VLAN has a VID = 1.

IEEE 802.1Q VLANs

To help you understand 802.1Q VLANs as implemented by the Switch, it is necessary to understand the following:

Tagging - The act of putting 802.1Q VLAN information (a tag) into the header of a packet.

Untagging - The act of stripping 802.1Q VLAN information out of the packet header.

Ingress Port - A port on a switch where packets are flowing into the switch and VLAN decisions must be made.

Egress Port - A port on a switch where packets are flowing out of the switch, either to another switch or to an end station, and tagging decisions must be made.

IEEE 802.1Q (tagged) VLANs are implemented on the Switch. 802.1Q VLANs require tagging, which enables them to span the entire network (assuming all switches on the network are IEEE 802.1Q-compliant).

VLANs allow a network to be segmented in order to reduce the size of broadcast domains. All packets entering a VLAN will only be forwarded to the stations (over IEEE 802.1Q enabled switches) that are members of that VLAN, and this includes broadcast, multicast and unicast packets from unknown sources.

VLANs can also provide a level of security to your network. IEEE 802.1Q VLANs will only deliver packets between stations that are members of the VLAN.

Any port can be configured as either tagging or untagging. The untagging feature of IEEE 802.1Q VLANs allow VLANs to work with legacy switches that don't recognize VLAN tags in packet headers. The tagging feature allows VLANs to span multiple 802.1Q-compliant switches through a single physical connection and allows Spanning Tree to be enabled on all ports and work normally.

The main characteristics of IEEE 802.1Q are as follows:

Assigns packets to VLANs by filtering

Assumes the presence of a single global spanning tree

Uses an explicit tagging scheme with one-level tagging

802.1Q Packet Forwarding Decisions

Packet forwarding decisions are made based upon the following three types of rules:

Ingress rules - rules relevant to the classification of received frames belonging to a VLAN.

Forwarding rules between ports - decides filter or forward the packet

Egress rules - determines if the packet must be sent tagged or untagged.

32

Page 46
Image 46
D-Link DHS-3224V manual Ieee 802.1Q VLANs, 802.1Q Packet Forwarding Decisions