Ethernet Vlan-aware switch query.
Bookmark this page:
 Yahoo!
 Google
 Windows Live
 del.icio.us
 digg
 Netscape
|
|
||||||||||||||||||||||
|
Posted by dilip_1379@hotmail.com on May 4, 2005, 7:40 am
Please log in for more thread options Hi All, I am working with ethernet-switch i have query regarding VLAN. If any body knows Please give your answer. Ethernet switch supports shared VLAN feature. Let say in-comming packet to any port is vlan-tagged packet. First, destination address lookup will be perform. Secondly Vlan-lookup will be perform based on current tag. but,if this tag with current packet is not program in the VLAN-table, i mean to say this tag is new for the switch. So, switch can not able to find that which port are the member of this vlan-tag. In this case, what switch should do ? 1)Drop the packet ? 2)Forward to destinatiion Port ? 3)Forward to internal CPU ? Thanks in advance. Dilip. | ||||||||||||||||||||||
|
Posted by Christopher Nelson on May 4, 2005, 8:26 am
Please log in for more thread options dilip_1379@hotmail.com wrote: It's not clear to me if you're writing the switch code for a new device or trying to anticipate what the correct behavior is for an off-the-shelf device you have in hand is. Either way, I think the answer is, "It depends." Some switches will revert to a port-based "VLAN" and route the packet based on the ingress port's membership in a port group. Others will drop it. I think some will flood the frame (or direct it if the destination MAC is known). Some have security settings that let you choose between those behaviors. | ||||||||||||||||||||||
|
Posted by Walter Roberson on May 4, 2005, 7:04 pm
Please log in for more thread options
:I am working with ethernet-switch i have query regarding VLAN. :Ethernet switch supports shared VLAN feature. :Let say in-comming packet to any port is vlan-tagged packet. :First, destination address lookup will be perform. :Secondly Vlan-lookup will be perform based on current tag. There are two possible modes of operation: single spanning tree and per-vlan spanning tree. In the per-vlan spanning tree mode, the lookup would happen in the other order, VLAN first and then destination MAC within that. :but,if this tag with current packet is not program in the VLAN-table, i :mean to say this tag is new for the switch. :So, switch can not able to find that which port are the member of this :vlan-tag. :In this case, what switch should do ? :1)Drop the packet ? You mention "shared" VLAN. The dynamic VLAN membership services, such as Cisco's VMPS, are "push" technologies: until a switch has been notified to know about a VLAN, the VLAN effectively doesn't exist. In such a case, the switch should really drop the packet, but there are often overrides available for that behaviour. -- "This was a Golden Age, a time of high adventure, rich living and hard dying... but nobody thought so." -- Alfred Bester, TSMD | ||||||||||||||||||||||
|
Posted by stephen on May 5, 2005, 1:20 am
Please log in for more thread options
> Hi All,
> > I am working with ethernet-switch i have query regarding VLAN. > If any body knows Please give your answer. > > Ethernet switch supports shared VLAN feature. > Let say in-comming packet to any port is vlan-tagged packet. > First, destination address lookup will be perform. > Secondly Vlan-lookup will be perform based on current tag. this is the wrong way around for many switches. modern switches tend to allow the same MAC address to occur in different VLANs - this allows a network to include multiple instances of the same well known MAC, bridging between VLANs, or devices with multiple interfaces where the MAC is the same. > but,if this tag with current packet is not program in the VLAN-table, i
> mean to say this tag is new for the switch. > So, switch can not able to find that which port are the member of this > vlan-tag. > > In this case, what switch should do ? > 1)Drop the packet ? > 2)Forward to destinatiion Port ? > 3)Forward to internal CPU ? if it is an unknown MAC, then it probably goes to the CPU anyway - but you should drop the packet since there isnt anywhere you can usefuly send it unless you have some sort of "any VLAN allowed" setting for a port. Doing anything else makes it possible for someone who can craft an arbitary packet to get it to cross between VLANs - there are enough security issues around without inventing extra ones...... since the drop is a misconfiguration issue the switch should possibly log the event as an error somewhere. >
--
> Thanks in advance. > Dilip. Regards Stephen Hope - return address needs fewer xxs | ||||||||||||||||||||||
|
Posted by anoop on May 9, 2005, 2:49 pm
Please log in for more thread options
dilip_1379@hotmail.com wrote: > Hi All,
i
> > I am working with ethernet-switch i have query regarding VLAN. > If any body knows Please give your answer. > > Ethernet switch supports shared VLAN feature. > Let say in-comming packet to any port is vlan-tagged packet. > First, destination address lookup will be perform. > Secondly Vlan-lookup will be perform based on current tag. > but,if this tag with current packet is not program in the VLAN-table, > mean to say this tag is new for the switch.
this
> So, switch can not able to find that which port are the member of > vlan-tag.
> > In this case, what switch should do ? > 1)Drop the packet ? > 2)Forward to destinatiion Port ? > 3)Forward to internal CPU ? If the VLAN tag is one that the switch hasn't seen before, it means it doesn't have a untagged/tagged membership set associated with that VLAN yet. In that case, if the switch has ingress filtering enabled, it will drop the packet there (because the ingress port is not part of the VLAN's membership). If the switch does not have ingress filtering on, then the frame will make it through the learning process and that MAC address will get learned on the port that it came in on. However, when it is forwarded and the egress port (or ports) do a lookup to determine if the port is in the member set for that VLAN, the frame will end up getting drop. In other words, if the VLAN is new to the switch, the frame will always be discarded. However, depending on whether or not ingress filtering is implemented and enabled, the frame may be dropped on ingress or egress. Anoop | ||||||||||||||||||||||
| Similar Threads | Posted |
| Ethernet Vlan-aware switch query. | May 4, 2005, 7:40 am |
| VLAN-Aware switch query... | June 6, 2005, 10:28 am |
| Placement of Layer 3 3COM switch query | May 31, 2005, 12:56 am |
| VLAN Query | November 4, 2004, 6:32 pm |
| STP-RSTP query | October 16, 2008, 3:29 am |
| igmp query and snooping | October 6, 2004, 6:13 am |
| query on port speed specification | January 5, 2008, 7:37 am |
| Query related to a stp and vlan case | June 26, 2008, 1:53 pm |
| query on Port-mirroring on Marvell Board | January 4, 2007, 4:32 am |
| Query on MSTP(Force port state) | July 15, 2007, 12:58 am |
| Need Ethernet Hub - NOT Switch | March 15, 2005, 10:15 pm |
| Ethernet Switch With a PC at Core | April 19, 2005, 12:26 am |
| ethernet switch book ?? | December 7, 2005, 1:02 am |
| Looking for Small Ethernet Switch With One SFP and a Few 10/100 | July 7, 2007, 3:02 pm |
| Ethernet switch on a PCI card | July 15, 2007, 4:12 pm |
> Ethernet switch supports shared VLAN feature.
> Let say in-comming packet to any port is vlan-tagged packet.
> First, destination address lookup will be perform.
> Secondly Vlan-lookup will be perform based on current tag.
> but,if this tag with current packet is not program in the VLAN-table,
> i mean to say this tag is new for the switch.
> So, switch can not able to find that which port are the member of
> this vlan-tag.
>
> In this case, what switch should do ?
> 1)Drop the packet ?
> 2)Forward to destinatiion Port ?
> 3)Forward to internal CPU ?