Date: Thu, 19 Oct 1995 11:10:40 -0700 (PDT) To: p8021@nic.hep.net From: jfw@alantec.com (John Wakerly) Subject: Implementation Subgroup Notes IEEE 802.1 Interim Meeting Summary of VLAN Implementation Subgroup Discussions of 10/11/95 (Presented on 10/13/95 by John Wakerly, Alantec Corp.) SWITCH IMPLEMENTATION 1. Base (minimal) System - uses 802.1d as we know it - filters unicast packets on destination address only - unknown/broadcast/multicast packets can go to a subset of ports, possibly different for each unknown/broadcast/multicast 2. Next level of sophistication/complication system uses both source and destination addresses in the forwarding decision 3. Next level uses both source and destination addresses and type field in the forwarding decision 4. Next level may use both source, destination, and type look even further into the packet (e.g., layer-3 info) VLAN IMPLEMENTATION Premises: 1. A VLAN-aware switch restricts packet forwarding according to VLAN membership. 2. A VLAN-aware switch associates (implicitly or explicitly) each received packet with a VLAN (one or more VLANs?). - ingress port # - source address - source address, type - layer-3 info - arbitrary Observations: o Multicast and unicast traffic need not be handled identically (e.g., unicast packets could be associated with a "default" VLAN and forwarded anywhere). o Some associations can be made by looking at the packet (e.g., source address). Others cannot (e.g., port number). o It is useful to think of "ingress", "intermediate", and "egress" VLAN-aware switches and ports, with trunks connecting switches. But this raises a question: Can end-stations be connected to trunks? o VLAN-aware intermediate and egress switches must also associate each received packet with a VLAN (is this absolutely true?). Big question: Do these switches recompute the VLAN association, or is the packet tagged by the ingress switch? Tagging Pros and Cons: + Makes for fast, simple VLAN-aware intermediate switches + Carries traffic for any VLAN regardless of ingress switch's association means + Scalability - Breaks remote bridges, etc., which rely on snooping certain packets - Requires tagged and non-tagged copies of packets on trunks with end-stations connected - MTU violation or fragmentation/reassembly ? Ascom/Timeplex patent