From: "Norman W. Finn" Subject: Slides for External and Internal Addresses in Explicit Tags To: p8021@NIC.HEP.NET Date: Thu, 25 Jan 96 0:03:46 PST Here are the slides of the contribution presented, today, at the interim meeting. External and Internal Addresses in Explicit Tags We assume that a tagged VLAN frame carries: + Destination MAC address, Source MAC address, and RIF (if required) + A tag indicating which VLAN the encapsulated frame belongs to + An indication whether the encapsulated frame is 802.3/Ethernet or 802.5 (or other, TBD). This indication may be implicit in the tag value (TBD). + The encapsulated frame, bit-for-bit identical with original + One or more FCSs (TBD) Address Export Problem If Destination/Source MAC addresses are required to match those in the encapsulated frame, as in 802.10: + We cannot "tunnel" frames over unlike media. - E.g. use 100 Mbit 802.3/Ethernet as a backbone for 802.5 VLANs - Cannot export RIFs in that case + We cannot easily carry duplicated MAC addresses. - Duplicate MAC addresses in different VLANs are not unusual. - Recommended behavior in 802.5 networks - Common for DECNet Phase IV and for Sun workstations + We do not want to require backbone bridges to "snoop" inside the encapsulated packet, or even at the tag value, to process packets. Destination/Source MAC addresses What do we use for the Destination? + Use the address of the VLAN switch to which the frame is destined. + Let each VLAN switch use several MAC addresses. + Export the inner MAC address to the outside. Destination/Source MAC addresses - 1 Use the address of the VLAN switch to which the frame is destined. + VLAN switches carry other VLAN switches' MAC addresses as payload in their bridging tables, along with the existing port numbers. + A VLAN switch puts its own MAC address as the source of each encapsulated frame. + VLAN switches learn other VLAN switches' MAC addresses along with the inner MAC addresses. + An "all VLAN switches" multicast address is used when the destination VLAN switch is unknown. Destination/Source MAC addresses - 2 Let each VLAN switch use several MAC addresses. + Assign a MAC address MAC[n,m] on port n for each other port m on the VLAN switch other than n. + When bridging a frame from ports m to n, use MAC[n,m] as the source MAC address. + On incoming frames, a naive, trusting VLAN switch may use the destination MAC address to direct the arriving frame to a particular output port. + Other VLAN switches learn the associations between inner and outer MAC addresses. + Use the multicast address if the destination VLAN switch is unknown. Destination/Source MAC addresses - 3 Export the inner MAC address to the outside. + Works perfectly, as long as the disadvantages are acceptable. Use All Three Methods! + Assignment of one or more MAC addresses to be used by a given VLAN switch is that switch's business. + Any assignment is allowed, providing that the MAC addresses used are unique over the range of the tagging mechanism, not just the three suggested. + If all VLAN switches learn inner/outer MAC address associations, they do not care how the outer MAC addresses are assigned. + Any switch that does not or cannot learn inner/outer MAC address associations may use any unique MAC address(es) for the outer source, and use the multicast MAC address for the outer destination. + "Stupid" or "selfish" VLAN switches may soak up others bandwidth and compute cycles, but they do not affect interoperability. The user can select VLAN switch capabilities appropriate to particular needs. Norman Finn, Cisco Systems, Jan 24 1996