Ads 468x60px

Monday, July 11, 2011

VLAN Technology - 2

In this section, we will discuss about remaining VLAN types in continuation in last post VLAN technology.

MAC-based VLAN

The MAC-based VLAN divides VLAN ID for packets according to the source MAC address of the received packets. The untag packets received in the port are process as follows according to different configuration:
  • If the source MAC and the MAC address of MAC-based VLAN are consistent, and the In port of the packets is allocated to the VLAN of the corresponding VLAN ID, the packet is allocated to the VLAN ID corresponding to the MAC VLAN.
  • If the packets have no MAC set by the matched MAC VLAN, the packets are divided to the default VLAN ID of the port.


IP subnet-based VLAN

The IP subnet-based VLAN divides VLAN ID for packets according to the source IP address of the received packets. The untag packets received in the port are process as follows according to different configuration:

  • If the source IP address is in the network segment of IP subnet-based VLAN, and the In port of the packets is allocated to the VLAN of the corresponding VLAN ID, the packet is allocated to the VLAN ID corresponding to the network segment.
  • If the packets have no network segment set by the matched IP subnet VLAN, the packets are divided to the default VLAN ID of the port.


Protocol-based VLAN

The protocol-based VLAN divides VLAN ID for packets according to the encapsulation format and protocol type of the received packets. The protocol VLAN defines the protocol template. The protocol template is composed of the frame encapsulation format and the protocol type. The same port can be configured with multiple protocol templates. When the protocol VLAN is enabled in the port, the port is configured with protocol template, the protocol VLAN process the received untag packets as follows according to different configuration.

  • If the packet matches the protocol template, and the In port of the packet is allocated to the VLAN of the corresponding VLAN ID, the packet is allocated to VLAN ID corresponding to the port configuration protocol template.
  • If the packets have no matched protocol template, the packets are divided to the default VLAN ID of the port. 
Till now we have seen, types of VLANs. Now we will have a example for each type of VLAN configuration. 


Port-Based VLAN Example

Configuring VLAN for Access Port

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode .
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)#port mode access
Configure the type of a port as Access
(The default type is Access)
switch(config-port-0/1)#port access vlan 10
Add the port into VLAN 10.

 Configuring VLAN of a Trunk Port

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)#port mode trunk
Configure the type of the port as Trunk
switch(config-port-0/1)#port trunk allowed vlan 10 - 20
The port permits VLAN 10–20 to pass
switch(config-port-0/1)#port trunk pvid vlan 30
Configure the default VLAN of the port
switch(config-port-0/1)#vlan dot1q tag pvid
Configure the default VLAN packets of a Trunk port to be sent with Tag

Configuring VLAN of Hyrbid Port

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)#port mode hybrid
Configure the type of the port as Hybrid.
switch(config-port-0/1)# port hybrid untagged vlan 10
The port is added to VLAN 10. The VLAN packets are sent without tag
switch(config-port-0/1)#port hybrid tagged  vlan 30
The port is added to VLAN30. The VLAN packets are sent with tag.
switch(config-port-0/1)# port hybrid pvid vlan 20
Configure the default VLAN of the port

MAC-Based VLAN Example

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode
switch(config)# mac-vlan mac-address 1.1.1 vlan 10
Configure the items in the MAC VLAN table, to assign the Untagged of the corresponding MAC into the VLAN.
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)# mac-vlan enable
Configure the port to enable the MAC VLAN function

IP Subnet-Based VLAN Example

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode
switch(config)# ip-subnet-vlan ipv4 100.100.100.100 mask 255.255.255.0 vlan 10
Configure the items in IP subnet VLAN table, to assign the Untagged of the corresponding network segment to the VLAN.
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)# ip-subnet-vlan enable
Configure the port enabling IP subnet VLAN function

Protocol-Based VLAN Example

Command
Description
switch#configure terminal
Users enter the global configuration mode from the privilege user mode
switch(config)#protocol-vlan profile 1 frame-type ETHERII ether-type 0x8200
Configure the protocol template
switch(config)#port 0/1
Enter port 0/1 configuration status
switch(config-port-0/1)# protocol-vlan enable
Configure the port to enable the protocol VLAN function
switch(config-port-0/1)#protocol-vlan profile 1 vlan 10
Configure the port to match the corresponding VLAN of the protocol template

Hope this post can help you with better understanding of VLAN technology and types of VLAN and related configuration. 
This configuration is tested on Maipu switches.

For any feedback, Plz comment with Name and Mail Id. New users can use Name/URL option.
Posted by Uttamkumar at 10:49 AM 11 comments
Labels: , ,

Sunday, July 10, 2011

UNI and NNI Interface - Metro Ethernets

In this section, we will see about Metro Ethernet port concepts. In Metro Ethernet switch installation, we many time come across UNI and NNI terms in port configuration.
Today I would like to discuss about this both terms-

Explanation of UNI and NNI interface:

According to MEF 9 forum standard, MAIPU UNI and NNI logical relation is by the following:

  • UNI- User network interface
  • NNI- Network Node interface
 UNI and NNI is only active in local switch.

 By default, UNI interface is in shutdown status, this you can use for access ports and all UNI interfaces even they are in the same VLAN but cannot access with each other.
 (This prevent the Illegal users connect to switch and access the network, only got the permission from the administrator and open the port from NOC)

 By default, NNI interface is in no shutdown status. NNI port you can use for trunk ports, It use to connect two switches. NNI can communicate with UNI, NNI can communicate with NNI too.

To make both UNI ports to communicate to each other - 

For access ports, I suggest to configure as the UNI port. If both ports are in same VLAN and you want to enable communication between this two ports.

Please configure  community property*
MP3900(config-port-0/0/16)#uni-isolate ?        
    community             Command community
isolated              Command isolated ------ By the default.

By default the UNI ports will be in isolated, you can configure community. Both ports will communicate each other.

This I tested on Maipu 3900 switch with 6.2.71.pck IOS. Every IOS will support this feature.

Hope this information will help be informative for you.

For any feedback, Plz comment with Name and Mail Id. New users can use Name/URL option. 
Posted by Uttamkumar at 3:12 AM 32 comments
Labels: , , ,
Subscribe to: Posts (Atom)
Related Posts Plugin for WordPress, Blogger...