From: "Norman W. Finn" Subject: Slides for Implicit vs. Explicit VLAN Frame Tagging To: p8021@NIC.HEP.NET Date: Thu, 25 Jan 96 0:02:15 PST Here are the slides of the contribution presented, today, at the interim meeting. Implicit vs. Explicit VLAN Frame Tagging + Implicit tagging: the contents of the frame itself are sufficient to identify the VLAN to which it belongs. - Required when end stations in different VLANs have physical layer connectivity. - Prohibited where duplicate MAC addresses or unlike media tunneling are necessary. + Explicit tagging: the frame is encapsulated along with an explicit VLAN identifier. - Required to tunnel frames over unlike media (e.g. 802.5 over 100 Mbit Ethernet/802.3). - Required to handle duplicate MAC addresses in different VLANs. - Prohibited where giant frames and/or reduced MTU are a problem. + Interoperability between the two is essential. - Both are required. Both may be prohibited. - Their ranges of applicability overlap more than they are disjoint. + Interoperability with existing non-VLAN bridges is essential. Types of Bridging Type of frame is 802.5 or 802.3/Ethernet (or other, TBD). + "Simple" bridging does not change type or encapsulation. - Frame may be implicitly or explicitly tagged. Simple bridge doesn't care. - Outer frame is not touched. - Non-VLAN bridges are usually simple, though exceptions abound. + "Encapsulation" bridging does not change encapsulated type. - Implicitly tagged frame may be explicitly tagged and bridged to another port. - Explicitly tagged frame may be stripped and the remaining implicitly tagged frame bridged. - Explicitly tagged frame may have one tagging stripped and another added. - Inner frame is not touched. + "Translation" bridging alters the encapsulated type. - Inner frame is translated from one type to another. This often requires changing fields above (inside) the MAC layer. - Translation bridging may be combined with Simple or Encapsulation bridging. One Representation per LAN Segment + Across any group of VLAN switches sharing physical layer connectivity, a given VLAN has exactly one representation. - Implicit tagging on the wire is one representation. - Explicit tagging using method X, inner frame of type Y, is one representation. + Which representation to use on a given wire? - If any endstations belonging to a given VLAN are attached to a wire, then that VLAN must be implicitly tagged on that wire. - If one MAC address is common to two VLANs, then those two VLANs, in general, cannot both be implicitly tagged on the same wire. One Representation per LAN Segment COROLLARIES: + Different tagging schemes can be used on different wires for the same VLAN, according to the capabilities of the VLAN switches and needs of the sysadmin on each wire. + All VLAN switches on a given wire must have filters capable of classifying all implicitly-tagged VLANs on that wire. + A given wire may carry implicitly-tagged frames, explicitly-tagged frames, or both. + A VLAN switch using different explicit tagging schemes on different ports must translate between them. (The inner frame is not touched.) + Some endstations, e.g. large file servers, may choose to implement implicit and/or explicit tagging and participate in VLANs. + The parsing of implicit and/or explicit tags on a given wire must not exceed the (often primitive) capabilities of endstations on that wire to ignore irrelevant traffic. + If implicit tagging rules are inconsistent, bridging loops may result. Claim + On this foundation, any combination of simple, translation, and encapsulation bridges can be built. - Requirements on configuration, distribution, and mapping are clear. - No possibility of infinite spirals of encapsulation, even in the presence of momentary bridging loops. + Spanning tree problems are no worse than today, and new techniques are possible. Suggested Limitations + Allow only one method of explicit tagging on any given wire. Some vendors may be able to mix methods, but why? + For any given VLAN, all uses of a given external tagging technique (e.g. 802.10 or the forthcoming 802.1 mechanism) across an installation use the same value of the tag field. Otherwise, a packet rewrite may be required of each backbone switch. Norman Finn, Cisco Systems, Jan 24 1996