[ Pobierz całość w formacie PDF ]
.Because Q's prefix (f.g.k)differs from H's (a.b.c), the IP logic at H tells H that it must transmit the packet to a router.Let's assume that H has discovered the IP address a.b.c.R1 of a router on its LAN (seeSection 11.2.5.2 for several methods by which it might have done this).H issues an ARP todiscover the router's data link address (in this case, f) and issues a packet to Q by having thedata link header source = h, destination = f, and the IP header source = a.b.c.H, destination =f.g.k.Q.Router R receives the packet and determines based on the prefix f.g.k in the IP header'sdestination address that it belongs in the LAN connected to its upper right port.Router R thenissues an ARP to determine the data link address of IP node f.g.k.Q and is told q.Now toforward the packet R transmits it onto the port in VLAN B with data link header source = j anddestination = q.The IP header is the same as it was before, namely, source = a.b.c.H,destination f.g.k.Q.Note that from R's point of view as well as the endnodes' points of view, this entire scenariolooks exactly as if there were two physical LANs (see Figure 5.9).Figure 5.9.Router R connects LANs A and B5.3.4 Example: VLAN Forwarding with Switch as RouterNow let's assume that the switch can act as a router.From the endnodes' point of view,everything looks the same, as shown in Figure 5.10.Figure 5.10.Combination switch/router connects VLANs A and BIn this case the router R does not use up ports on the switch.If there are 8 ports allotted toVLAN A, there can be 8 stations attached to VLAN A.The switch must know that R's MACaddress on VLAN A is f and on VLAN B is j.When the switch receives a packet from VLAN A(that is, it arrived on one of the ports 1 8), there are three possibilities." The destination data link address is unknown within ports 1 8.In this case the packetwill be forwarded onto all the ports 1 8 except the one it was received from." The destination data link address is known to reside on port i, where i is within ports1 8.The packet will be transmitted only onto port i." The destination data link address is f, in which case the packet is handled by theswitch's IP router logic.Note that if H transmits a packet with destination data link address q, it will be treated like anunknown destination within VLAN A because the switch does not bridge between the twoVLANs.5.3.5 Dynamic Binding of Links to VLANsThe standards committee did not attempt to standardize any dynamic binding of ports toVLANs.Any such solutions offered are proprietary.Some products attempt to learn themapping by learning from received packets.If the VLAN mapping is based on IP addressprefix, the learning must be based on the source address in the IP header (after the switchhas determined that the packet is indeed an IP packet based on the protocol type indicated inthe layer 2 header).If the VLAN mapping is based on protocol, the learning must be based onthe protocol type or DSAP (destination service access point) in the data link header.Learning the mapping is tricky.Until a station transmits a packet, the switch does not knowwhich VLAN the port belongs to.If a packet is received from a port known to be in VLAN Awith an unknown destination data link address or with a multicast or broadcast data linkdestination address, the switch would like to transmit that packet only onto ports that are inthe same VLAN as the source.But it presumably should also transmit the packet onto portswith unknown VLAN mapping because they might be in VLAN A.If the VLAN mapping is based on the protocol spoken, it becomes ugly to try to have theswitch dynamically learn the VLAN/port mapping because a given station might speakmultiple protocols and therefore be in multiple VLANs.For example, let's say that IP = VLANA and AppleTalk is VLAN B.If a station on port x transmits an AppleTalk packet, it means thatport x is in VLAN B.But unfortunately the switch cannot conclude that port x is not in VLAN Abecause the station might also speak IP.To be safe, then, the switch would have to assume that all ports might be in all VLANs andtransmit unknown and broadcast packets to all ports.But that would eliminate most of theadvantage of VLANs.So undoubtedly, if any vendors attempt to provide dynamic binding ofports to VLANs, they make the assumption that a station will transmit packets for eachprotocol that it speaks.Until it transmits and the packet is correctly received by the switch, theswitch simply does not forward packets properly to that station.The same problem can occur if ports can have multiple stations.Multiple stations can occur ifa switch is connected to another switch's port or if the port is a bus topology that has multiplestations on the same wire.Let's first discuss the case in which ports can have multiplestations (see Figure 5.11).Figure 5.11.Ports with multiple stationsInitially, each port on the switch was intended to be a separate VLAN, and stations wereassigned IP addresses accordingly.The switch is configured to know that VLAN1 has IPprefix X, VLAN2 has IP prefix Z, and VLAN3 has IP prefix Q, but it doesn't yet know whichports correspond to which VLANs.Eventually, it learns, by examining IP packets, that port a isVLAN2, port b is VLAN1, and port c is VLAN3.Now let's make things more complicated.Let's move station Q.F to the LAN with prefix Z (seeFigure 5.12).Figure 5.12.Move Q.F to LAN ZThe idea is not to force the user to reconfigure the moved station to have a new IP address.Because its IP address will not change, it must continue to function as part of the LAN whoseprefix is Q even though it's physically on a different link [ Pobierz całość w formacie PDF ]