Capitolo 5

Capitolo 5 VLAN: reti locali virtuali

LAN A LAN B LAN A LAN B LAN A LAN B

Lan produzione Lan amministrazione Lan progettazione Lan presidenza

Switch Switch Trunk Backbone VLAN 8 VLAN 2 VLAN 8 VLAN 8 VLAN 8 VLAN 2 VLAN 2

Switch A Switch B TRUNK TRUNK TRUNK TRUNK (tagged) (tagged) (tagged) TRUNK TRUNK Switch C Switch D ACCESS (untagged) ACCESS (untagged) ACCESS (untagged) ACCESS (untagged)

SW-Prova#sho vlan brief VLAN Name Status Ports ---- -------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/12, Fa0/13, Fa0/14, Fa0/15, Fa0/16, Fa0/17, Fa0/18, Fa0/19, Fa0/20, Fa0/21, Fa0/22, Fa0/23, Fa0/24, Fa0/25, Fa0/26, Fa0/27, Fa0/28, Fa0/29, Fa0/30, Fa0/31, Fa0/32, Fa0/33, Fa0/34, Fa0/35, Fa0/36, Fa0/37, Fa0/38, Fa0/39, Fa0/40, Fa0/41, Fa0/42, Fa0/43, Fa0/44, Fa0/45, Fa0/46, Fa0/47, Fa0/48, Gi0/1, Gi0/2

SW-Prova#vlan database Switch(vlan)#vlan 2 name Amministrazione VLAN 2 added: Name: Amministrazione Switch(vlan)#vlan 3 name Vendite VLAN 3 added: Name: Vendite Switch(vlan)#vlan 4 name prova-1 VLAN 4 added: Name: prova-1 Switch(vlan)#vlan 5 name prova-2 VLAN 5 added: Name: prova-2 Switch(vlan)#vlan 6 name prova-3 VLAN 6 added: Name: prova-3 Switch(vlan)#vlan 100 name Produzione VLAN 100 added: Name: Produzione SW-Prova(vlan)#exit APPLY completed. Exiting.... SW-Prova#

SW-Prova(config)#int fastEthernet 0/12 SW-Prova(config-if)#switchport access vlan 100 Switch(config-if)#exit ……. SW-Prova(config)#int fastEthernet 0/16 SW-Prova(config-if)#switchport access vlan 2 SW-Prova(config-if)#exit …….. SW-Prova(config)#int fastEthernet 0/20 SW-Prova(config-if)#switchport access vlan 3 SW-Prova(config-if)#exit …….. SW-Prova(config)#int fastEthernet 0/24 SW-Prova(config-if)#switchport access vlan 4 SW-Prova(config-if)#exit ……. SW-Prova(config)#int fastEthernet 0/28 SW-Prova(config-if)#switchport access vlan 5 SW-Prova(config-if)#exit …….. SW-Prova(config)#int fastEthernet 0/32 SW-Prova(config-if)#switchport access vlan 6 SW-Prova(config-if)#exit ……..

SW-Prova#show vlan brief VLAN Name Status Ports ---- -------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4, Fa0/5, Fa0/6, Fa0/7, Fa0/8, Fa0/9, Fa0/10, Fa0/11, Fa0/36, Fa0/37, Fa0/38, Fa0/39, Fa0/40, Fa0/41, Fa0/42, Fa0/43, Fa0/44, Fa0/45, Fa0/46, Fa0/47, Fa0/48, Gi0/1, Gi0/2 2 Amministrazione active Fa0/16, Fa0/17, Fa0/18, Fa0/19 3 Vendite active Fa0/20, Fa0/21, Fa0/22, Fa0/23 4 prova-1 active Fa0/24, Fa0/25, Fa0/26, Fa0/27 5 prova-2 active Fa0/28, Fa0/29, Fa0/30, Fa0/31 6 prova-3 active Fa0/32, Fa0/33, Fa0/34, Fa0/35 100 Produzione active Fa0/12, Fa0/13, Fa0/14, Fa0/15

SW-A SW-Prova SW-B TRUNK TRUNK TRUNK TRUNK (tagged) (tagged) VLAN 1 VLAN 2 VLAN 3 VLAN 4 VLAN 5 VLAN 6 VLAN 100 VLAN 1 VLAN 2 VLAN 3 VLAN 4 VLAN 5 VLAN 6 VLAN 100 VLAN 1 VLAN 2 VLAN 5 VLAN 6 ACCESS (untagged) ACCESS (untagged) ACCESS (untagged) SW-Prova(config)#interface GigabitEthernet 0/1 SW-Prova(config-if)#switchport mode trunk SW-Prova(config-if)#switchport trunk allowed vlan add 1,2,5,6 SW-Prova(config-if)#exit SW-Prova(config)#interface GigabitEthernet 0/2 SW-Prova(config-if)#switchport mode trunk SW-Prova(config-if)#switchport trunk allowed vlan all

SW-A SW-Prova SW-B TRUNK TRUNK TRUNK TRUNK (tagged) (tagged) VLAN 1 VLAN 2 VLAN 3 VLAN 4 VLAN 5 VLAN 6 VLAN 100 VLAN 1 VLAN 2 VLAN 3 VLAN 4 VLAN 5 VLAN 6 VLAN 100 VLAN 1 VLAN 2 VLAN 5 VLAN 6

81-00 801.Q Tag Destination Address 6 3 1 user priority CFI Source Address 6 Length/Type = TPID 2 VID (VLAN ID) - 12 bits Tag Control Information 2 Client Length/Type 2 • Definito in: • IEEE 802.3ac • IEEE 802.1Q MAC Client DATA 42 - 1500 PAD FCS 4

HUB / Repeater HUB / Repeater HUB / Repeater HUB / Repeater Tutte le interfacce dei calcolatori sono VLAN-aware e devono essere configurate come trunk (generazione di pacchetti tagged) REALIZZAZIONE ANARCHICA DELLE VLAN

Switch A Switch B TRUNK TRUNK TRUNK TRUNK (tagged) (tagged) (tagged) TRUNK TRUNK Switch C Switch D Tutte le interfacce dei calcolatori sono VLAN-aware e devono essere configurate come trunk (generazione di pacchetti tagged) TRUNK (tagged) TRUNK (tagged) TRUNK (tagged) TRUNK (tagged) REALIZZAZIONE ANARCHICA DELLE VLAN

Switch A Switch B TRUNK TRUNK TRUNK TRUNK (tagged) (tagged) (tagged) TRUNK TRUNK Switch C Switch D TRUNK TRUNK ACCESS (untagged) ACCESS (untagged) ACCESS (untagged) ACCESS (untagged)

LAN XY VLAN 10 VLAN-aware bridge VLAN-aware bridge VLAN 10 Access link Access link VLAN 20 VLAN 30 Hybrid link Access link VLAN-unaware end station VLAN-unaware end station VLAN 30 Associate dai bridge alla VLAN 30 VLAN-unaware end station VLAN-aware end station VLAN 20

Control Destination Addr. Source Addr. Length DSAP SSAP Multicast 01-80-C2-00-00-21 Singlecast Indirizzo del Bridge XY 042H 042H XID FCS GVRP PDU 0 = LeaveALL 1= JoinEmpty 2= JoinIn 3= Leave Empty 4= LeaveIN 5= Empty 1÷2 3 4 5 6 ÷7 Protocol Identifier: 00-01 Attribute Type: 00-01 Attribute Length: 04 Attributo 1 Attribute Event VLAN ID Lista degli attibuti Attribute Length: 04 Attributo n Attribute Event VLAN ID End Mark 00

Switch SVL Port MAC adress Ag. Time VLAN 408-00-2b-16-50-a0 1 2 7 08-00-2b-c4-e6-aa 2 4 5 08-00-2b-20-10-56 7 2 2 08-00-5a-10-40-e1 12 6 VLAN 2 VLAN 2 VLAN 2 VLAN 4 VLAN 4 VLAN 6 VLAN 6 4 5 6 7 8 9 08-00-5a-10-40-e1 08-00-2b-16-50-a0 08-00-2b-c4-e6-aa 08-00-2b-20-10-56

Switch IVL Port MAC adress Ag. Time 408-00-2b-16-50-a0 1 5 08-00-2b-20-10-56 7 7 08-00-2b-c4-e6-aa 2 2 08-00-5a-10-40-e1 12 FID # 1 VLAN 2 FID # 2 VLAN 4 FID # 3 VLAN 6 VLAN 2 VLAN 2 VLAN 2 VLAN 4 VLAN 4 VLAN 6 VLAN 6 4 5 6 7 8 9 08-00-5a-10-40-e1 08-00-2b-16-50-a0 08-00-2b-c4-e6-aa 08-00-2b-20-10-56

Server Porta 3 TRUNK Switch IVL Porta 1 VLAN 10 VLAN 15 Porta 2 VLAN 15 VLAN 10 Client A Client B Switch(config)#int fastEthernet 0/3 Switch(config-if)#switchport mode trunk Switch(config-if)#switchport trunk allowed vlan add 10,15 Switch(config-if)#end

Server Porta 3 Switch IVL Porta 1 VLAN 10 VLAN 15 Porta 2 VLAN 15 VLAN 10 Client A Client B Switch(config)#int fastEthernet 0/3 Switch(config-if)#switchport mode multi Switch(config-if)#switchport multi vlan add 10 Switch(config-if)#switchport multi vlan add 15 Switch(config-if)#end

VLAN 20 Server VLAN - Tabella di condivisione Porta 3 VLAN Porte condivise VLAN 20 Switch SVL 20 porta 1 e 2 10 porta 3 15 porta 3 VLAN 10 Porta 1 VLAN 15 Porta 2 VLAN 15 VLAN 10 Client A Client B

Trunk link (tutte le VLAN) Bridge VLAN-aware Bridge VLAN-aware 1o Caso Access link Spanning tree porta Blocking VLAN 15 Spanning tree porta Blocking Trunk link (tutte le VLAN) Bridge VLAN-aware Bridge VLAN-aware 2o Caso Access link VLAN 15

Client del Server A bridge 802.1D VLAN -unaware (VLAN 10) Server A (VLAN 10) Bridge 802.1Q VLAN-aware 1o Caso STP porta Blocking Server B (VLAN 15) (VLAN 15) bridge 802.1D VLAN -unaware Client del Server B STP Porta Blocking Client del Server A bridge 802.1D VLAN -unaware (VLAN 10) Server A (VLAN 10) Bridge 802.1Q VLAN-aware 2o Caso Server B (VLAN 15) (VLAN 15) bridge 802.1D VLAN -unaware Client del Server B

1 - Ethernet 2 - 802.3 RFC 1042 3 - 802.3 Private SNAP DA/SA Type ………. 4 - 802.3 conforme a 802.1H DA/SA Length AA-AA-03 00-00-00 Type ………. DA/SA Length AA-AA-03 PID ………. 5 - 802.3 con altri indirizzi LLC DA/SA Length AA-AA-03 00-00-F8 Type ………. DA/SA Length LLC DSAP/SSAP ……….

Ethernet 802.3 RFC 1042 Group ID VID Insieme di VID per la porta 1 A 234 Protocol Group Database B 567 Tipo di pacchetto Ether Type/ LLC Group ID C 234 DA/SA Type ………. D 567 Ethernet 08-00 A Ethernet 08-06 B RFC 1042 08-00 C RFC 1042 08-06 F 1 PVID porta 1 (Port VLAN ID) DA/SA Length AA-AA-03 00-00-00 Type ………. Group ID VID Insieme di VID per la porta 2 A 123 B 123 PVID porta 2 789

Albero 1 Bridge Priority Indirizzo MAC 1,8000,08002b102062 B B A C A C Albero 2 Bridge Priority 1,7000,08002b201056 2,7000,08002b201056 Indirizzo MAC 1,6000,08002bc4e6aa 2,8000,08002bc4e6aa 2,6000,08002b102062 Root albero 1 Root albero 2 Albero 1 VLAN 1, 3, 8, 10 Albero 2 VLAN 2, 4, 5, 6

Region 1 4420 RG1 (4420/4420) 4770 RG2 (4420/4860) 4650 RG2 (4420/4860) 8720 RG2 (4420/4860) 4970 RG2 (4420/4860) 8570 RG1 (4420/4420) 6830 RG1 (4420/4420) 8840 RG2 (4420/4860) Region 2 A P C E D H G K S N M I L J B Q R O F 4860 RG2 (4420/4860) 4530 SST (4420) Region 3 Region 4 4690 RG4 (4420/4690) 4940 RG3 (4420/4940) 4750 SST (4420)

4420 RG1 (4420/4420) R E D F Q G P O S 4530 SST (4420) Region 2 4860 RG2 (4420/4860) 4750 SST (4420) Region 3 Region 4 4940 RG3 (4420/4940) 4690 RG4 (4420/4690)

Porzione del CST nella Region 1 0,4420,08002b201056 Region 1 CIST Root 0,8570,08002bc4e6aa 0,6830,08002b102062 Region 1 Region 1 1,6000,08002bc4e6aa 1,8000,08002b102062 Root MSTI 1 B B B C A C A A C MSTI 1 Region 1 2,7000,08002b201056 1,7000,08002b201056 Region 1 Region 1 2,8000,08002bc4e6aa 2,6000,08002b102062 Root MSTI 2 MSTI 2 Region 1 Region 1 Region 1

MSTI BPDU 1–2 3 4 5 6–13 14–17 18–25 26–27 28–29 30–31 32–33 34–35 36 37–38 39–89 90–93 94–101 102 103 Protocol Identifier Protocol Version Identifier BPDU Type CIST Flags CIST Root Identifier CIST External Path Cost CIST Regional Root Identifier CIST Port Identifier Message Age Max Age Hello Time Forward Delay Version 1 Length = 0 Version 3 Length MST Configuration Identifier CIST Internal Root Path Cost CIST Bridge Identifier CIST Remaining Hops MSTI Configuration Messages (può essere assente) 1 2–9 10–13 14 15 16 MSTI Flags MSTI Regional Root Identifier MSTI Internal Root Path Cost MSTI Bridge Priority MSTI Port Priority MSTI Remaining Hops MSTI Configuration Message

Capitolo 5

Capitolo 5

Presentation Transcript

CAPITOLO 5

Capitolo 5

Capitolo 5