To:   IEEE 802.1
From: John Hart, Floyd Backes
Date: July 10, 1995
Subject:  IEEE 802 Virtual LANs (VLANs),
          Proposed Definition and Requirements



1.   Introduction

A great deal of attention is being directed toward the subject of
Virtual  LANs  (VLANs),  both  in standards  bodies  and  in  the
industry at large. IEEE 802.1 has been working on the subject  of
VLANs  for  the last two meetings (Incline Village and West  Palm
Beach).

The  ability  to facilitate easier adds, moves and  changes,  the
enforcement of policies and accounting between and among  logical
groups  of users in a network, better control of traffic patterns
(i.e.  more  efficient  utilization  of  resources),  and  easier
monitoring  and control, are only some of the perceived  benefits
of  having  the  ability to support VLANs. Several  vendors  have
announced  plans  to "support VLANs" in their  product  offering,
however,   in   the   absence  of  a  standard   definition   and
architecture,  what is being offered as VLANs by one  vendor  can
vary  significantly from what is being offered as  VLANs  from  a
different  vendor.  This  inconstancy in  the  use  of  the  term
"Virtual  LAN"  is  causing confusion among people  who  buy  and
support   networks.   There   exists   no   standard   level   of
interoperability  between  VLAN solutions  offered  by  different
vendors.  The  industry  will benefit from  a  clear,  consistent
definition  and  standard  architecture  of  what  constitutes  a
Virtual LAN.

802.1  has  been  discussing VLANs  and  as  a  result  of  these
discussions, I propose that 802.1 constitute a working  group  to
draft  a  standard for VLANs. Since 802.1 is chartered to address
issues  related  to  interworking across all  different  802  LAN
types, this is the logical place to continue this work.

2.   Virtual LANs

In  order to develop a standard for VLANs the  first step  is  to
define  the problem that the standard is supposed to solve.  It's
necessary  to agree on a definition, and to agree on the  set  of
requirements that the standard will meet.

To  that  end, we propose the following definition  and  list  of
requirements as a basis for discussion.

2.1  Definition

At  the November, 94 meeting at Incline Village, 802.1 agreed  to
the following definition of an 802 LAN:

"An  IEEE  802  LAN  is  a communication resource  that  provides
sufficient capabilities to support the MAC service between two or
more  MAC  Service  Access Points (MSAPs).  In  particular,  this
requires  the ability to move LLC data from one MSAP to  n  other
MSAPs, where n can be any number from 1 to all of the other MSAPs
on  the network. An IEEE 802 LAN must, at a minimum, support both
LLC-1 and the internal sub-layer service defined in IEEE 802.1D -
1990."

Based  on  this  definition of a LAN,  I  propose  the  following
definition of a Virtual LAN:

An  IEEE 802 Virtual LAN (VLAN) is a communication resource  that
provides  sufficient  capabilities to  support  the  MAC  service
between  two  or  more  MAC  Service Access  Points  (MSAPs).  In
particular, this requires the ability to move  LLC data from  one
MSAP  to n other MSAPs, where n can be any number from 1 to  all,
or  to a logical subset of the other MSAPs in  the network. There
may be multiple logical subsets (i.e. multiple VLANs) in a single
IEEE 802.1D Bridged LAN [1].

An  IEEE 802 VLAN must, at a minimum, support both LLC-1 and  the
internal sub-layer service defined in IEEE 802.1D - 1990.


2.2  Requirements

1.    VLANs  are a way to add flexibility to an existing layer  2
  solution,  802.1D Bridged LANs. VLANs should not  amount  to  a
  reinvention of layer 3.

2.    Although  it  may be required that existing  IEEE  802  end
  systems  be changed in order to belong to multiple  VLANs,   it
  shall  be possible for an existing end system to belong  to  at
  least a single VLAN. In other words, the presence of one or more
  VLANs on a single physical network shall not hinder the ability
  of   an  IEEE  802  end  system,  as  currently  defined,  from
  communicating with other MSAPs in the same VLAN.

3.    VLANs  shall coexist with existing 802.1D Bridged LANs.  In
  other  words, the presence of multiple VLANs in a network shall
  not "break" 802.1D.

4.    It shall be possible to configure a logical subset of MSAPs
  in a Bridged Network to be on a single VLAN.

5.    VLANs  shall  support bi-directional Unicast  communication
  between  different  MSAPs in the same  VLAN  (VLANs  support  a
  unidirectional flow of multicast traffic from the source to a set
  of intended receivers).

6.    In  the  absence  of  malfunctioning  or  malicious  users,
  applications using MSAPs in one VLAN shall not have  access  to
  services provided by applications using MSAPs on a different VLAN
  (e.g. an IP ARP will not elicit a response from an IP end system
  which is on a different VLAN).

7.    A single physical point of attachment with a single network
  interface may participate in multiple VLANs.



3.   References

[1] ISO/IEEE 10038 (ANSI/IEEE 802.1D, 1993) MAC Bridges