Connecting LANs, VLAN
Hello, so we will be continuing our discussion on data link layer on this course onComputer Networks and Internet. Today we will be talking something on connectingLANs and a concept called virtual LAN or VLAN this is keeping that other technologiesin place, we will try to see that how LANs can be connected whether the what are theissues into this connection of the LANs etcetera right.As we understand that in our modern day labs or modern day offices etcetera. There areseveral networks right or what we have talking about layer two networks right they needto be connected right. And in not only that lot of if you look at the today’s applications ortoday’s operations of any organization, any section, any division, any department. Theyare primarily dependent on applications which runs over networks right.So, it become it is becoming a what we say that it is becoming a necessity to keep thisnetwork always up. In doing so the network administrator loves to have a multipleconnection into the connecting network right. So that means, between two LAN therecan there should be more than one connection. So, that if connection is teared off fail forsome reasons, or other the other connection popup and start executing. Indeed doing sothere may be lot of other issues right. So, even there are redundant connection how tomanage them etcetera. So, connecting LAN in a appropriate fashion or in a seamless failproof way is a challenge.So, we will see that a basic consideration that what how do you connect LANs and typeof things today’s lecture. And also see a concept called virtual LAN right in the thought itis not only a layer 2 phenomena, it requires for routing layer 3 type of thing that we willsee that three level routing activity. But we see that it also helps in handling the things.Another concern of our in case of layer 2 is it is in the same broad cast domain thoughthe collision domains are divided, but still they are in the same broad cast domain, so thatdividing the broad cast domain into different things. So, that it gives better manageabilitybetter security of the traffic and all those things that will try to see in this lecture.So, if we come to the basic slides, or basic philosophy of layer wise connectivity, or peerto peer connectivity. So, what we will see that in the physical layer is hub and repeaterwhich are primarily signal regenerator at layer 2 or data link layer. We have layer 2switches or bridges which bridges LANs etcetera LAN.And we have also seen that MAC layer protocols and other things. Layer 3 is a primarilythat network activity one of the major part is or activity is routing. And then at the otherlayer there are primarily application to application connectivity, or in transport layer itgives a reliable are this is a that what we mostly say that there are gateway connectionsbetween the two applications.And as it indicates it is there can be multiple hub within the things and it goes on likepeer to peer. And also we understand that intermediate devices can open the packet up tothe layer it is enabled. So, if it is a hub or repeater it is it can see that layer 1 where as ifit is a switch or bridge it can switch about layer 2 and so and so forth right.And further we understand that your any upper layer phenomena or any upper layerdevice can have all the lower layer capabilities like a layer 2 bridge or switch can alsohave a signal repeating capability, or repeater capability. Like layer 3 switch has adefinitely a switching capability and also a repeating capability right.
So, hub a higher in the layer you have the capabilities doing the things. Then why not bythe something which is a layer 7 11? One of the major constraint is the cost right here,we have a huge cost on the if you go up in the ladder right.So, you may not require that much cost to be invested. Secondly, more is the capabilitymore is your processing time right, so that is why the cost is higher and not only that youneed to process. Like so you may not want to have so much thing or you need to planaccordingly where you require layer 2, layer 3, layer 4. All upper layer capabilityswitches right.So, these are different consideration which has a separate way of system administrationand management per say which need to look at that what are the things there. Otheraspects what we look at is the scalability right the network should be scalable right. So,today I may have 10 systems, tomorrow I have 15 systems. So, I that most of yournetworking infrastructure are somewhat it is in the backbone and changing them now andthen is very costly affair right. Costly affair in terms of monetary items, costly affair interms of other configuration power etcetera.So, when you increase the things there should be able to scalable; scalable to a definitelyto a range type of things. So, those things has to be kept in mind when we design thethings and this different type of things we are what we are discussing may help in able todo a better management of the things.So, if we look at the repeater or hub its act as a signal regenerators, so I can have a 1segment, 2 segment, and there is a repeater in between regenerates the things. Butnevertheless it is in the same broadcast and collision domain as it is in layer 1. And soconnecting more will in you will have a problem of more what we say more crunch onthe bandwidth. Because if there are more collision that more repetition of the thingsetcetera right.So, it has does not have any filtering per say because whether it understand layer 3 IP, orlayer 2 MAC right. And I can have hierarchy of hub a hub a say couple of hubs belowthe level and couple of so, it is I can hierarchy of hub. And again it save a lot ofbandwidth side.So bridges on the other end is a layer 2 phenomenon which connects LAN, separatescollision domain. So, bridge typically a LAN is in a different collision domain. But samebroadcast domain or bridges also separate the collision domain even if they are in thesame collision domain when I bridge them with layer 2 switch they are in the differentcollision domain.So that means, I have say file 5 LAN network, or 10 network connect with a bridge, orsay two LAN network connect with a bridge. Usually bridge bridges are typically twoport when it is multiport bridge we say a layer 2 switch right. So, this is convention there
is nothing harm in talking that number of connection in the bridge, but this is the way orshowing domain the bridges.So, they use MAC layer, MAC address for filtering traffic; connecting segments form asingle network same broadcast domain. So once it is connected it is becomes a singlenetwork. So, I we have a bridge network which is a single network; that means, in thesame broad cast domain, but different collision domain right. So, that is none of theaspect of the thing and it can filter based on the MAC address, so that is the anotherproperty of bridging.So, like here what we see that there are in one LAN there are two systems with this MACaddresses. And the other LAN there are the two systems and there is a mapping thingsthat or which MAC address is connected to which port, which MAC address is connectedto which port and these are the mapping things right.So, if you see that in the port 1, so that the bridge has a 2 ports, port 1, these twomachines are connected port 2 machines are connected port 2 machines are connected,and here is the bridge table. So, what to from there what we see that bridge initially doesnot know who is connected 1, where once the data trans start transmitting the bridge startlearning this once it is learn then it is not that the port thing.
So, if a request comes from this particular thing it knows that it need to be host to port toport 1 it not to the port 2. If this is a multiport bridge or a layer 2 switch there can be amore bigger diagram a bigger table, but nevertheless I can forward the data into theappropriate table right.So, this is this way it able to learn and have divide collision domain and type of thingsright. So, what we see it is a still in the same broadcast domain, but two differentcollision domain right.So, I can have bridge or layer 2 switch with multiple connections and as we attaining thatit is it will learn that initially when A sends to D. So, that it learns that A is connected to 1and then typically C after E sends to frame A; it learns that E is in 3 and so and so forth.So, while communication goes on B bridge goes on learning and the bridge table goes onpopulating populated. So, once the bridge table is populated than it basically now it iseasier to the forward packet. And it basically works gives a better performance in termsof bandwidth; that means, the collision domain etcetera are broken into different things.So, there is a problem in bridge like, so as we are mentioning initially that given anetwork the it is it is sometimes desirable, and sometime make it making it some sort offail proof or having multiple connection between the network. So, I have say connected Ihave a say cash section, or a administrative section and a account section and then I havelot of communication. So, if there is a communication break the things may have becomeproblematic. So, what we do? We have multiple connection between these two LANsright.In doing so whether we are end up in a some problem right here in this a typical case it isshown that A is sending to D a message and it is it learns that A is connected to port 1,and bridge 1 and 2 does not have any connection to those are all transparent bridges andit also LANs that this is A is at 1 port 1, and then this message is broadcasted and thewhen this gets that message. So, it gets the message A from bridge 2 as a from the at port2 and then it converted to the port 1.A is connected to port 2, and go on doing this in a circular fashion. As if you rememberas the as our basic Ethernet, Ethernet frame does not have any TT a lot time lever wherethe timeout will be happening that is so to say. So that means, it goes on learning it goeson in a loop, and that creates a problem in the whole bridging thing. So, there so one ofthe one of the major challenge when we have this out of a bridge network all layer 2switch network is how to handle this loops right. There should not be any loop into the
things otherwise it will it not only it away all the bandwidth, it also creates a problem ofcommunicating between any source to destination.So, that is why you need to deploy some mechanisms. So one of the popular mechanismswhich is being deployed is the STP, or spanning tree protocol right. So, handling loopproblem in transparent bridge right, so spanning tree protocol. So, in this case if you seeLAN 1 is connected to LAN 2 one connection. LAN 1 is connected to LAN 3; 1connection and so and so forth.In other sense from LAN 1 to LAN 2 there are several ways I can connect this throughthis I can connect this through this I can connect this through this right. So, there aremultiple way how we can connect LAN 1 and LAN 2 right, so two LANs right. So, andin doing so we end up in that loop problem right if we allow this it will end up in aproblem.So, what we need to do is to handle of this. In order to handle this what we need to do isto look have a mechanism, or spanning tree protocol, that means I need to generate acycle free all loops free connectivity, or if you consider as a graph this one a loop freegraph into the thing.
So, how this spanning tree can be implemented out here or how do I do that? So, inincidentally every B has a unique ID. Let me say every B layer to see has a unique ID;that means, B1, B2, B3, B4 let it be the unique IDs, so the select the bridge with thesmallest ID as the root bridge. So, what we select here that the bridge means smallest IDthan in this case B1 as the root bridge. So, that I have a bridge tree, so the root bridge isthe bridge with the smallest ID, mark one port in it bridge except the root bridge as theroot port right. So, the root port is the port with least cost path from the bridge to the rootbridge. So, every bridge will have a root port which has the path to the root bridge as aleast cost path right. Now least cost may be a consideration from the systemadministrator whatever organisation or whatever organization thinks it may be theminimum distance minimum hop to the path, or it may be the congestion free bandwidthdriven etcetera. So, that is the least cost path between the any root any note to the anybridge to the root bridge and that particular interface is marked as a star right, or say onestar.For each LAN choose a designated bridge. So, for now on the for the LAN we need tochoose a designated bridge the designated bridge as the least cost path between the LANand the root bridge right. So, that is the designated bridge as the least cost path betweenthe LAN and root bridge. Root bridge the arrows mark the corresponding port andconnects the LAN to its designated bridge the using the designated port right.
So, the mark the corresponding port that connects the LAN to its designated bridge asdesignated port right with a two star. So; that means, designated that LAN to thedesignated bridge is the through this term.Now mark the root port and the designated port as the forwarding port. Now we arecoming to that that mark the root port and designated port the forwarding port rest areblocking ports right the or every port with one on start are kept ports with no star aredropped right. So, this is the thing or our basic objectives is or the final goal is to havethere is only one path between any two bridge, so other are in block stage and there areonly one path between any two bridge.
Connecting LANs: VLAN- Part 2
Now looking applying STP, if we see so this is my root bridge and accordingly weconnected by 2 star or 1 star which is from this every bridge. And there are so these areall marked as forwarding where as this fellow, this fellow and this fellow are marked asblocking.So, if you if you see so this not having star, this also not having star, this also not havingstar, so these are having blocking. Now you see for every LAN there is only oneconnectivity to this other LAN like LAN 1 and LAN 2 through B 1; LAN 1 and LAN 3to B 2; LAN 4 to LAN 2 or LAN 2 to LAN 4 by B 4. So, this is the only these are theonly connectivity; that means, every LAN has one connection, one connectivity or onepath to this any other LAN.So, this STP, or this spanning tree protocol ensures that right. Again if you look at thespanning tree protocol is not done that new it is well studied, but it is a application of thisthings becomes much interesting. Now with this, now I can allow a redundantconnectivity right. So, if the connectivity goes off then I can have a option of switchingto another connectivity to do that. So, the connections will be one is forwarding’s mode,another in the blocking mode.Now if you look at the backbone networks. So, there are different variety of back bonenetwork, one very popular backbone switch is that multiport switch. So, in this case 6LAN a typically multiport switch ranges form say 8 to 16 to 48, even higher than thatright. So, these are the ports which are there in the multi port switch and acts as a backbone with a star connection.So, we can have a bridge connection; that means, there are 2 LAN’s, 3 LANs connectedwith bridge and point to point or point there several point to point links between
connecting between the bridges. So, these are this is also possible at the back bone thathow it correct to the thing.Now so what we have seen till now? We have we have looked into a bridge network. So,there are these are several LAN segments, LAN segments and we have layer 2 bridges orlayer 2 switches which connect this LAN right. Also the one interesting thing is that asthey are may be redundant connection any source, and between 2 LAN; that means, morethan one connection. So, at a time one of the connections will be made active right.Otherwise there will a problem loop or what we say bridge loop right.So, that this is a bridge network there can be loop which is which is extremely difficult tohandle. But; however, if we have this sort of things like your STP spanning tree protocoland so and so forth. So, then we can we are what we can see that is able to handle thethings. Next thing what we thought that will sit discuss in this context is the virtual LAN.What does it mean? I whatever we are discussing so far is the physical LAN that is thean end is there network etcetera is there. Now what is my requirement like say I want tomake a I have a generic lab and I want to make say into different segments to work onthe lab this say some of the data and maybe having sharing the same problem etceteraright.So, that may be a section say in the lab there is a section call maybe a one part of thestudents are working on assignment on networking. So, there is a network group there isa computer architecture and operating systems clouds group. So, there may be a datascience group and type of things right. So, I have different groups nevertheless they areconnected in the same layer 2 switch, or bridge layer to so; that means, the samebroadcast domain right.So, what I want to do? I want to segregate them into different groups right. So, whetherthere is a possibility to create a virtual LAN within the LAN right, so the LAN is there inthe layer 2 LAN along with the virtual LAN right. So, this is a serious means andpractical requirement for organisations having different departments, layer accounting,sales, purchase and sort of thing. They are companies like these they are will be are willbe very convenient to have this thing. So, this VLAN case up like that one.So, as we are discussing we can have this layer hub, or switch for different floor and thena router to route the things. Why router is required? We will come to that. Here also yousee there may be three buildings right three separate building where there is a departmentfor say account department, or section for say maintenance and type of things right.So, the location of this one and location of this one is maybe different like one maybebuilding 1, another maybe building 3 and but what I require that all administrationshould be one in one LAN. So, that their communication are faster if there is a securityenhancement is required instead of doing it across the board, I can do it only for thatparticular things and there may be several requirement, rather they share the onlybroadcast.In another sense there are in the separate collision domain now you want to do it in aseparate broad cast domain. One interesting thing you can see that it is from the samelayer 2 switch it is coming up one going to this VLAN 1, another is some other VLANsor something right. So, this you know this is what the basic of VLAN is. So, it provides asegmentation based on broad cast domain; broad cast domain. VLAN’s logicallysegments switch network based on the function project teams or application of theorganisation regardless of the physical location and connection to the network, so that isthe requirement of the switch network a VLAN network right.
So, now so all work station server used by a particular group share the same VLAN IDand physically connected to the location, so this is my objective. So, hope those are newto the VLAN concept and get it. So, I have different I want to segregate sayadministration systems and etcetera accounts etcetera sales.And then the administration department or the people working for the administration ofsystems in the administration department may be across several physical locations. But Iwant to bring them in separate VLAN and that the within the layer 2 this things arecoming up here right.So, VLANs are created to provide segmentation service traditionally provided byphysical routers in the LAN configuration. If you look at the LAN in the physicalrouters, this segregate those things right in the in the routing, every interface as aseparate LAN with a separate broadcast, and collision domain right.So, VLANs address, address, scalability, security network management as we arediscussing routers in VLAN topology provides broadcast filtering, security, trafficthrough etcetera. Switches may not bridge any traffic between VLANs, as would validintegrity of the VLAN things right. So that means, a switch where if a switch of a 8 portcan 4 port can be VLAN 1.
And other 4 port can be VLAN 2, but they will not route the traffic because they do nothave the routing capability. You require a layer 3, or layer 3 switch or router to do thatthat what exactly here also we are showing that this is a router which allows this VLAN1, VLAN 2 and VLAN 3; 3 VLANs to be can be routed things.Similarly same thing that I can have this different VLANs and the server from switch offparticular this may be, but they are in the same layer 2 switches, these three VLANs,three machines indifferent VLAN etcetera. So, VLAN is a broadcast domain created byone or more switches. The network design above create three different broadcast domain,so this is having this colour is one broadcast, this is one broadcast domain right.So, without VLAN you see I have this switches for one engineering marketing sales likethis, another switch and etcetera and then connecting. But with VLAN I can have a dualswitch and have all this segments right. So, this may be in the same floor on the sameparticular floor and then, but I can have this type of things right. So, without VLANseach group on the different IP networks and so and so forth.So, VLANs can be done statically that is port by port each port has a shares thatdynamic. Otherwise dynamically; that means, I need to have done a applications at the
MAC address use a software base of the MAC address to VLAN mapping etcetera, sothat MAC can be. So, each switch port can be assign different VLANs ports assignedsame VLANs say on the same broadcast domain, port that do not belong to a VLAN donot receive this broad cast.So, that if that port belong all the port belonging to the VLAN in the same broad castdomain. So, what we are trying to look at the different switches? We define the ports andthese ports are a designated with the VLANs right I say that 1 to 4 is in this switch is theVLAN 3, another switch also 1 to 4, and the etcetera etcetera those are the things.So, I need to only connect to the things right. And if you look at the operations staticmembership VLANs are called port based and port centric member see VLANs right. Asa device enters the network, it automatically assumes the VLAN membership of the portto which it is attached. So, once you connected it is attached, it is the default VLAN forevery port in the switch is the management VLAN. Management VLAN is alwaysVLAN 1, and may not be deleted right, or because you can basically destroy the VLAN,or delete the VLAN etcetera, all other ports in the switch may be reassigned in alternateVLANs.So, important on VLANs, VLANs are assigned on switch port there is no assignmentdone on the host that is usually not done. In order to host be a part of the VLANs it mustassigned in IP address that belongs to the proper subnet that is important. So not onlythat port where it is connected, but also IP address which is at the proper subnet isrequired, or in other sense if VLAN drives that in subnetting type of things rightsomewhat equivalent.Assigning a host to the VLAN 2 is a two step process right, connect the host to thecorrect port of the switch. So, dynamicmembership VLANs are created to network management software. It requires a separatesoftware, dynamic VLAN allows membership based on MAC address of the deviceconnected to the switch. As a device enter the network it queries the database and theswitch for the VLAN membership right. So, once in the network it can enquiry on thethings. So, it may be distributed in differentphysiological we can arrange that. Easily move workstation on the LAN, easily atworkstation on the LAN, easily change VLAN configuration, easily control networktraffic and improve security. So, there are several advantages of using VLANs.Each address must be entering the switch and configured individually and there isa protocol based configured like MAC address by instead is a logical, or IP address it isnot so common these days. So, the predominant is the port based.So, VLAN tagging as the traffic moves or the layer two frame move so there is theVLAN tagging that tag with the VLAN number which is read and stripped off at theother end to read that actual content. Another interesting is that if the switch cannotsegregate the VLAN, there are possibility there are thing it can still trunk the thing acrossthe switch because there may be switch large network and go on doing that. So, it goeson trunking the things.So, the VLAN tagging is used when the link needs to carry the traffic for more than oneVLAN right. So, when only one VLAN is fine, but if you have more than one VLANthen I need to have a tagging. So, trunk link as the packets are received by the switchfrom one any attached end device a unit packet identifier is added for the each of theheader.The header information designate the VLAN membership of each packet right, thepacket is then forwarded to the appropriate switch, or router based on the VLANidentifier and MAC address right. Upon reaching the destination nodes switch VLAN IDis removed from the packet by the adjacent switch and forward to the attached device.So, at the end point it is tip top and put the thing right. So, this is VLAN link and VLANtrunking is there.So, with no VLAN we have multiple link, where with a VLAN trunk we can have asingle line to have the both the VLAN with the VLAN tagging.And finally, there can be two types of VLAN one is end to end campus wide VLAN.Another is geographical location based VLAN.First one is most on based on functionality like here that accounting, here also VLAN 10here also VLAN 10 engineering and so and so forth. So, it is a based on thing VLANeverywhere model. So you can have that the function based
The other one is more of a location based here the accounting is VLAN 10, but whereasthis location is defined the accounting is VLAN 30. So, it is location based on thephysical location of the system VLAN dedicated to each access layer of the switch andaccounting switch are different in different VLANs. For example, there can be even inthe same location these are two accounting things on the VLAN. So, what we will seethat VLAN allows us to better manageability have a some sort of the I mean allows us tohave deferent broad cast domain within the within at the layer 2 level.But one thing need to be kept in mind this at four port of a particular switch is VLAN 1,other port is VLAN 3. Then if you want to send the packet from this one of the port 1, 2,3, 4 is VLAN 1; 4, 5, 6, 7, 8 is VLAN say 3; then a port 2 wants to communicates to port7. Then I require a layer 3 device or routing router to route this packet from the things.Because they are in separate broadcast and collision domain right both broad cast domainand they are in separate network needs a router thing. But nevertheless it allows us a in abetter manageability right. So, with this let us conclude today’s lecture on connectingLANs and VLANs we will be continuing our discussion on this networking topic insubsequent classes.Thank you.