1 / 60

Training Agenda

Training Agenda. Virtual LANs Routing DHCP Relay Group Mobility, IP Multicast IP & IPX Filtering OmniChannel, Gigabit Case Study. Flat networks don’t scale. Networks based on LAN switches are flat networks. Flat, bridged network. Virtual LAN. VLANs.

menora
Download Presentation

Training Agenda

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TrainingAgenda Virtual LANs Routing DHCP Relay Group Mobility, IP Multicast IP & IPX Filtering OmniChannel, Gigabit Case Study

  2. Flat networks don’t scale • Networks based on LAN switches are flat networks Flat, bridged network

  3. Virtual LAN

  4. VLANs • A VLAN is a collection of users contained in a broadcast domain • VLANs allow for better isolation of broadcast traffic • enrollment in VLANs can be simplified with AutoTracker • VLANs can extend over the entire enterprise • VLANs can work with DHCP • VLANs can be “trunked” across high-speed links • stations join VLANs by matching policies • policies matching is performed on the switch • VLANs can span across all media interfaces

  5. Segmentation is required • Networks must be segmented • But what are these segments? Segment 2 Segment 4 Segment 1 Segment 3

  6. VLANs provide segmentation • Switch-centric model with VLANs • the routing function provides logical connectivity between the VLANs

  7. VLANs more flexible and easier to manage policies applied uniformly to all devices device can meet more than one policy, belong to more than one VLAN devices stay in VLAN even when moved Policy-based VLANs 198.403.107.XXX 0A032133DDD3 198.403.107.XXX 198.403.107.XXX 02070118A92B 020701A3EF1A 198.206.181.XXX

  8. Subnet 2 Subnet 4 Subnet 1 Subnet 3 Subnet-based VLANs • One of the most useful VLAN types is the “Layer 3 address-based VLAN” • VLAN membership based on layer 3 address (e.g., subnet)

  9. Summary: VLAN standards update • VLANS are required in large switched networks • VLAN frame tagging may be accomplished with: • LAN Emulation • 802.10 (to some routers over some media) • vendor proprietary (oops, pre-standard) • 802.1q • this is the standard being developed by IEEE 802.1 for VLAN frame tagging, expected ratification Q3/97 • VLANs also play an important role in layer 3 switching (more later)

  10. Routing

  11. Routing • VLANs (and ELANs) necessitate routing VLAN 2 VLAN 4 VLAN 1 VLAN 3

  12. Where do routers go, anyway? • Traditional hub / router architecture • routers form the backbone H H H

  13. Where do routers go, anyway? • Replace hubs with LAN switches • routers still form the backbone H H H

  14. Where do routers go, anyway? • But with servers increasingly being centralized… H H H

  15. Where do routers go, anyway? • …are we really improving performance? Are these LAN switches really doing anything? H H H No, the routers are in the way

  16. Where do routers go, anyway? • A fully switched network is required • but, since VLANs (or ELANs) are required, so is routing H H H

  17. VLAN 1 VLAN 3 Routing in a switched network • Option 1: use routers • “one-armed router” VLAN 2 802.1q, LANE 1.0, 802.10or separate connections

  18. VLAN 1 VLAN 3 Routing in a switched network • Option 2: embed routing in LAN or ATM switch VLAN 2

  19. VLAN 1 VLAN 3 Routing in a switched network • Option 3: put routing in hardware • packet-by-packet layer 3 switching VLAN 2

  20. Summary: routing • Routing is required in any large data network • The key question faced by many organizations today is what to do with existing routers • routers can continue to be used to forward traffic between layer 2 domains (VLANs, ELANs) • vastly fewer are required • routing can be performed by LAN / ATM switches

  21. DHCP Relay

  22. Port Policies MAC address Policies IP Subnet Policies IPX Subnet Policies Protocol Type Policies Multicast Policies Authenticated User Policies DHCP Port Policies DHCP MAC Policies DHCP relay • The UDP Relay feature provides a mechanism for forwarding UDP / IP broadcast packets between VLANs • Useful for DHCP in VLANs

  23. DHCP relay with external router 130.0.0.11 130.0.0.12 BOOTP Relay OmniSwitch Port 1 Port 2 125.0.0.1 Group 1 130.0.0.10 125.0.0.3 130.0.0.13 DHCP Server 125.0.0.2 130.0.0.14 130.0.0.15

  24. Router DHCP with internal router BOOTP Relay 125.0.0.21 130.0.0.21 125.0.0.1 Group 2 Group 3 130.0.0.13 DHCP Server 125.0.0.2 130.0.0.14 130.0.0.15

  25. Group Mobility

  26. Group mobility details • AutoTracker supports 96 Groups with 32 VLANs / group • Group mobility adds a new capability to move between groups, rather than only within VLANs • Groups are viewed as VLANs, so now we can configure up to 500 VLANs (really groups) in the OmniSwitch • if there are no users active on the VLAN group then the group is inactive • when a user attaches and matches the policies, the group becomes active

  27. Group mobility details • Group mobility also provides dynamic auto-activation of LAN Emulation clients • saves switch resources • saves network resources • scalable for large networks • a group can have an elan name attribute associated with it, so when a group becomes active the associated LEC attaches to the ELAN

  28. How does this all work? • The default group (Group #1) is used as a holding group for all ports participating in group mobility • AutoTracker rules operates the same; just use a group other than default Group #1 for AutoTracker if you are also using group mobility • all ports on the default group are candidates to move to one of the configured mobile groups • groups now have a new group mobility flag • if this flag is set the group is participating in group mobility and policies are applied at the group level

  29. Group mobility When a new user comes on-line, AutoTracker observes his traffic and applies it to policies of defined groups. OmniSwitch AutoTracker ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  30. Group mobility OmniSwitch AutoTracker The required Group is created. ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  31. Group mobility OmniSwitch The switch then joins the ELAN mapped to that Group. AutoTracker ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  32. Group mobility Traffic matching on another Group is observed. OmniSwitch AutoTracker ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  33. Group mobility The required ELAN is joined. OmniSwitch AutoTracker ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  34. Group mobility Group Mobility works with shared media hubs since AutoTracker provides Group mapping for both Ports and MACs. OmniSwitch AutoTracker HUB ELAN ELAN ELAN ELAN ELAN ELAN LANE 1.0 Backbone

  35. Group mobility • AutoTracker rules without group mobility; restricts any port to join only one of 32 VLANS without port reassignments • group mobility expands that to 500 VLANs (groups) • a user can belong to any of 500 groups, and can belong to multiple groups at the same time • Group mobility allows users with multiple stacks to join multiple groups using the same AutoTracker policies • the first policy match becomes the spanning tree master • additional policy matches do not generate BPDUs

  36. Group mobility example Server ATM SWITCH 8 OC-12 16 LEC / interface 128 Subnets 4 OC-3 64 LECS 4 OC-3 64 LECS A user can join any of 64 subnets dynamically

  37. IP Multicast Routing&IP Multicast Switching (IPMS)

  38. What is multicast traffic? • Similar to broadcast traffic • It’s like selective broadcast • Only those that request the traffic get it • Allows a one to many communication rather than one to one

  39. Multicast versus unicast • unicast sends one packet per destination • multicast sends one packet for many destinations Unicast Multicast

  40. Why is multicast so great? • It conserves bandwidth • Uses for multicast: • resource discovery (OSPF, RIP2, Bootp) • multipoint file transfer (Starburst Com.) • conferencing: many to many (CuSeeMe) • video netcasting (Precept Software IPTV) • redundant systems (parallel databases) • battlefield simulations (parallel processing) • information distribution in data warehousing

  41. What is multicast routing? • Details: • multicast router knows who wants traffic • finds out who is sending the traffic • delivers traffic only to those who want it • routers communicate with each other and users to gather the information • once information is shared, the traffic is sent where it needs to go

  42. Protocols implemented • Most commonly used protocols: • IGMP (Internet Group Management Protocol) • RFC 1112 (V2 described in draft) • DVMRP (Distance Vector Multicast Routing Protocol) • RFC 1075 (v3 described in draft) • used between routers to exchange multicast route information • Internet’s MBONE built using these protocols

  43. DVMRP routing tree Group 1 Source Group 1 membership Group 1 membership

  44. DVMRP tree after pruning Group 1 Source Group 1 membership Group 1 membership

  45. IPMS (IP Multicast Switching): intercepts IGMP packets to track membership by SVPN (source virtual port number), rather than by network client application requests membership in a multicast group; only those members will receive the multicast traffic Traffic is controlled by port rather than by network Performance significantly improved because forwarding decision is made by network interface All port forwarding lists are established dynamically; no configuration required Co-exists with existing multicast VLANs Why is IPMS so much better?

  46. IP / IPX Filtering

  47. Triggered IPX support • RFC 2091: • only changed info, rather than all info, is sent • receiver is able to apply changes immediately • reduced routing traffic and uses less memory • no periodic broadcasts of “redundant” information

  48. IP RIP filters • RIP input filters • control which networks are allowed into the routing table when IP RIPs are received • RIP output filters • control the list of networks included in routing updates sent out an interface; this controls which networks the router advertises in its IP RIP updates

  49. IPX Watchdog spoofing • Why? • to prevent IPX Watchdog packets from initiating connections on dial-on-demand links when no other data is being sent • This feature will allow the Xylan router to respond to a server’s Watchdog requests on behalf of a remote client. • the Watchdog query packet will never cross the WAN link if IPX Watchdog spoofing is enabled

  50. NetWare Serialization packet filters • NetWare Serialization packet filtering: • If serialization packet filtering is enabled on a WAN interface, when the router receives a serialization packet, it will drop the packet instead of activating a dial-up link • NetWare Serialization packets will never cross a WAN link which has filtering enabled • There is one drawback: • this can allow users to bypass Novell’s licensing scheme

More Related