Date: Tue, 7 May 1996 13:24:34 -0700 (PDT) To: p8021@hepnrc.hep.net From: jfw@fore.com (John Wakerly) Subject: Re: Default VLAN & loops At 1:08 PM 5/7/96 -0400, Witz1961@aol.com wrote: >There is a need for a "default" VLAN that spans the entire bridging >infrastructure. > >This is needed for two reasons. One is that you would want management to be >able to be forwarded over a VLAN that never is pruned. The other is that >you will want the ability to forward frames (as opposed to dropping them) >when you do not have a VLAN mapping for those frames. > >I don't believe that this leaves open the possibility of loops. I'm sure >that there are some complex cases that I have not gone through. A better >exercise is for everyone to put on their thinking caps and see if a loop >existence can be proved. I'm sure that there is the possibility of a one >time loop (frame doubling back as it were), but I have not found a case >where the frame travels infinitely. The problem occurs when, for example: 1) an ingress switch (call it A) classifies the frame as belonging to the "default" VLAN, tags it, and forwards it over the global spanning tree, 2) an egress switch (B) strips the tag from the frame and transmits the untagged frame on a segment S, 3) another switch (C), with a more comprehensive set of classification criteria, picks up the frame from segment S, classifies it into a VLAN V, tags it, and forwards it along a DIFFERENT spanning tree (for VLAN V), 4) the frame is eventually stripped and reaches switch A again, and the process repeats. Can the problem occur if there is only a single, global Spanning Tree? I don't think so. So this issue probably goes more with multiple Spanning Trees than with default VLANs. (Other scenarios of inconsistent frame classification can cause the same problem.) I think the proposed rule about never forwarding a frame on the port on which it is received, whether you've added or stripped a tag or not, protects against loops when there is a single global Spanning Tree. J