UNIT 5: Connecting LANs, Backbone and Virtual LANs: Connecting devices, Back bone Networks, Virtual LANs 6 Hours

LANs: do not normally operate in isolation - connected to one another or to the Internet Connecting devices: used to connect LANs and segments of LANs and can operate in different layers of the Internet model

Connecting devices
Based on layer in which they operate in a network - 5 different categories: 1. Those which operate below the physical layer (a passive hub) 2. Those which operate at the physical layer (a repeater or an active hub) 3. Those which operate at the physical and data link layers ( a bridge or a two-layer switch) 4. Those which operate at the physical, data link, and network layers ( a router or a three-layer switch) 5. Those which can operate at all five layers (a gateway)

Passive hubs
it's a connector - connects the wires coming from different branches Star-topology Ethernet LAN in: passive hub is a point - where signals coming from different stations collide Hub - collision point

Type of the hub, is part of the media Location: is below the physical layer

Repeaters
Device that operates only in the physical layer Signals carrying information - within a network can travel a fixed distance - before attenuation endangers the integrity of the data Receives the signal - regenerates the original bit pattern(before it becomes too weak or corrupted) - then, sends the refreshed signal - can extend the physical length of a LAN Does not actually connect two LANs Connects two segments of the same LAN - segments connected are still part of one single LAN - is not a device that can connect two LANs of different protocols Connects segments of a LAN Fig. shows a repeater connecting two segments of a LAN

Can overcome - 10Base5 Ethernet cable length restriction 10Base5 Ethernet: length of the cable is limited to 500m To extend the cable length: divide the cable into segments - install repeaters between segments Note: Whole network is still considered one LAN

Segments: portions of the network, separated by the repeaters Repeaters: acts as 2-port node Operates only in the physical layer Receives a frame from any of the ports regenerates and forwards it to the other port Forward every frame - has not filtering capability Repeater and amplifier: comparison is little bit not so easier and also inaccurate Amplifier: cannot discriminate between the intended signal and noise - amplifies equally everything fed into it Repeater: does not amplify the signal - regenerates the signal receives the weakened or corrupted signal - creates a copy bit by bit - at original strength is a regenerator, not an amplifier

Location of the repeater: is vital Must be placed: so that - signal reaches it before any noise changes the meaning of any of its bits Little noise - can alter the precision of the bit's voltage without destroying its identity (Fig. shows: function of the repeater) - if corrupted bits moves much farther, accumulated noise can change its meaing completely - then, original voltage is not recoverable, and the error needs to be corrected Repeater - placed on the line before the legibility of the signal becomes lost - can still read the signal well enough to determine the intended voltages and replicate them in their original form

Active hubs
Actually a multi-port repeater Normally used to create connections between stations in a physical star topology Ex.: hubs in Ethernet implementations (10Base-T) Can be used create - multiple levels of hierarchy as in Fig. Hierarchical use of hubs: removes the length limitation of 10Base-T (100m)

Bridges

Filtering Bridge and repeater: Has filtering ability Can check the destination address of a frame Decide if the frame should be forwarded or dropped If the frame is to be forwarded: decision must specify the port

Has a table - that maps addresses to ports Has a table - used in filtering decisions

Ex.: 2 LANs - connected by a bridge Frames destined for station 712B13456142 - arrives at port 1 - bridge consults the table to find the departing port Table according to - frames for 712B13456142 leave through port 1 - so, there is no need for forwarding, and the frame is dropped here, LAN 2 remains free of traffic Frames destined for station 712B13456141 arrives at port 2 - departing port is port 1 and, the frame is forwarded here LAN 1 and LAN 2, both LANs have traffic Ex.: in 2-port bridge been shown In practice, bridge usually has more ports Bridge - does not change the physical address (MAC address), contained in the frame

Transparent bridge Bridge in which - the stations are completely unaware of the bridge's existence Bridge - is added or deleted from the system - reconfiguration of the stations is unnecessary

IEEE 801.1d specifications according to: system equipped with transparent bridges must meet 3 criteria 1. frames must be forwarded from one station to another 2. forwarding table is automatically made by learning frame movements in the network 3. loops in the system must be prevented Forwarding: transparent bridge, must correctly forward the frames Learning: earliest bridges: has static forwarding tables Systems administrator: manually enter each table entry during bridge setup Process was simple, but was not practical Stations if, added or deleted: table had to be modified manually Station's if MAC address changed: which is not rare case - then, also manually table had to be modified Ex.: putting a new network card - means, a new MAC address

Dynamic table - solution to static table problem Dynamic table: maps addresses to ports automatically - to make dynamic tables: a bridge is needed, that gradually learns from the frame movements - for doing to this, bridge inspects both the destination and the source addresses -

Destination address: used to for forwarding decision (table lookup) Source address: for adding entries to the table and for updating purposes Fig. shows a learning bridge and the process of learning

Elaboration of above said process: 1. Station A sends a frame to station D: bridge does not have an entry for either D or A Frame goes out from all 3 ports - frame floods the network Source address - looking bridge learns the station A must be located on the LAN connected to port 1

Bridge adds this entry to its table - table got the first entry 2. Station E - when sends a frame to station A: Bridge has an entry for A - so, it forwards the frame only to port 1 - there is no flooding Forwarding - uses the source address of the frame E - to add a second entry to the table 3. Station B sends a frame to station C: Bridge has no entry for C - once again, so, it floods the network Adds one more entry to the table 4. Process of learning continues as the bridge forwards frames

Loop problem Transparent bridges: works fine as long as - there are no redundant bridges in the system System administrators: like to have redundant bridges (more than one bridge between a pair of LANs) - to make system more reliable

Bridge if fails: another bridge takes over until the failed one is repaired or replaced Redundancy: can create loops in the systems - which is undesirable Fig. shows a simple loop created in a system with 2 LANs connected by two bridges

1. Station A: sends a frame to station D Tables of both bridges: are empty Both forward the frame and update their tables - based on source address A 2. Two copiers of frames on: LAN 2 present now Copy sent out by bridge 1: is received by bridge 2 - which has no information about the destination address D - it floods the bridge Copy sent out by bridge 2: is received by bridge 1 - and is sent out for lack of information about D

Note: Each frame is handled separately - because bridges - as 2 nodes on a network sharing the medium - use access methods like CSMA/CD Tables of bridges are updated - still there is no information for destination D 3. There are 2 copies of frames on LAN 1 Step 2 is repeated - both the copies flood the network 4. Process continues on and on Note: Bridges are the repeaters and regenerate the frames - In each iteration, there are newly generated fresh copies of frames Looping to solve: IEEE specification requires - that bridges use the spanning tree algorithm to create a loop-less topology

Spanning tree Graph theory in: graph in which there is no loop Bridged LAN in: creating a topology in which each LAN can be reached from any other LAN through one path only (no loop) Physical topology of the system cannot be changed: physical connections between cables and bridges due to Fig .shows: system with 4 LANs and 5 bridges - Physical system and its representation in graph theory, is shown LANs in some textbooks: represent as nodes and the bridges as the connecting arcs - here, both LANs and bridges shown as nodes Connecting arcs: show the connection of a LAN to a bridge and vice versa

Spanning tree finding: Assign: a cost (metric) to each arc - interpretation of the cost is left up to the systems administrator It may be the path with minimum hops (nodes), path with minimum delay, or the path with maximum bandwidth 2 ports: have the same shortest value - system administrator chooses the one - here, minimum hops been chosen Hop count: normally 1 from a bridge, and 0 in the reverse direction Spanning tree finding process, 3 steps: 1. Each bridge has - built in ID (normally, serial number - unique) Each bridge broadcasts - this ID same that all bridges know which one has the smallest ID Bridge with the smallest ID - is selected as the root bridge(root of the tree) Assumption: bridge B1 has the smallest ID - so, selected as the root bridge 2. Algorithm - tries to find the shortest path (path with the shortest cost) - from the root bridge - to every other bridge or LAN - shortest path can be found by examining the total cost from the root bridge to the destination Fig. shows - shortest paths 3. Combination of the shortest paths - creates the shortest tree - shown in Fig.

Spanning tree based - marking the ports - which are part of the spanning tree (forwarding tree) - which, forward a frame that the bridge receives marking also of those ports that are - not part of the spanning tree (blocking ports) - which block the frames received by the bridge Fig. shows physical systems of LANs - with forwarding points (solid lines) and blocking ports (broken lines) Note: Only one single path from any LAN - to any other LAN in the spanning tree system - i.e., - only one single path from one LAN to any other LAN No loops are created -there is only one - path from LAN 1 to LAN 2, LAN 3, or LAN 4 There is only one path from LAN 2 to LAN 1, LAN 3, and LAN 4 - the same is true for - LAN 3 and LAN 4

Dynamic algorithm Spanning tree algorithms: described as - they need manual entries - this is not true Each bridge - is equipped - with a software package - that carries out this process dynamically Bridges send special messages - to one another - called bridge protocol data units (BPDUs) - to update the spanning tree Spanning tree - is updated - when there is a change in the system - such as a failure of a bridge or an addition or deletion of bridges

Source routing bridges Prevention of loops with redundant bridges another way: use of source routing bridges

Transparent bridges: function include filtering frames - forwarding - and blocking Source routing bridges: function include - filtering, forwarding, and blocking of frames - done by source station - and , to some extent, by destination station

Source routing: sending station defines - the bridges that the frame must visit Addresses of bridges: are included in the frame Frame contains: source and destination addresses and addresses of all bridges to be visited Source gets these bridges: addresses through the exchange of special frames - with the destination prior to sending the data frame Source routing bridges: designed by IEEE - to be used with Token ring LANs - these LANs are not common today

Bridges connecting different LANs Bridge - should be able to connect LANs using different protocols at the DLL - such as Ethernet LAN to a wireless LAN - theoretically Issues to be consider to above function: 1. Frame format: each LAN type - has its own frame format (compare an Ethernet frame with a wireless LAN frame) 2. Maximum data size: incoming frame size - if, is large - for the destination LAN - data must be fragmented into several frames - data need to be reassembled, at the destination No protocol - at the DLL allows the fragmentation and reassembly of frames - this is allowed in network layer Bridge must - discard any frames too large for its system 3. Data rate: each LAN: type has its own data rate (compare the 10-Mpbs data rate of an Ethernet with the 1-Mpbs data rate of a wireless LAN) - bridge must buffer the frame, to compensate for this difference 4. Bit order: each LAN type has its own strategy - in the sending of bits

some send, MSB in a byte first others, send the LSB first 5. Security: some LANs - like wireless LANs - implement - security measures in the DLL

Other LANs - like the Ethernet - do not security, involves encryption Bridge - when receives, a frame from a wireless LAN it needs to decrypt the message before forwarding it to an Ethernet LAN 6. Multimedia support: some LANs support multimedia and quality of services needed for this type of communication, others not

Two-layer switches Switch

Can mean 2 different things Switch meaning can be clarified - by level at which it operates Types: 2-layer switch and 3-layer switch 1. 3-layer switch: used at the network layer 2. 2-layer switch: used at the physical layer and data link layer - Ex.: bridge

2-layer switch is a bridge: With many ports and a design that allows better (faster) performance Bridge with few ports - can connect a few LANs together Bridge with many ports may be able to allocate a unique port to each station, with each station on its own independent entity means, no competing traffic (no collision - as in Ethernet) Does as like switch - makes a filtering decision based on the MAC address of the frame it received Can be more sophisticated - can have a buffer to hold the frames for processing Can have a switching factor that forwards the frames faster

Cut-through switches: new 2-layer switches - have been designed to forward the frame - as soon as they check the MAC addresses in the header of the frame

Routers
Router: 3-layer device - that routes, packets based on their logical addresses (host-to-host addressing) Normally, connects LANs and WANs in the Internet - has a routing table - that is used for making decisions about the route - Routing tables: normally, dynamic and updated using routing protocols Fig. shows a part of the Internet - that uses routers to connect LANs and WANs

Three-layer switches
3-layer switch: is a router - faster and more sophisticated Switching fabric: allows faster lookup and forwarding Router and 3-layer switch - terms are using here, interchangeably

Gateway
Gateway and router: terms some textbooks uses interchangeably Gateway: normally, a computer that operates - in all 5 layers of the Internet or 7 layers of OSI model

Takes an application message, reads it and interprets it - can be used as a connecting device between 2 inter-networks that use different models Ex. shows network designed to use the OSI model - can be connected to another network using the Internet model Connecting the 2 systems: can take a frame as it arrives from the first system - move it up to the OSI application layer and, remove the message - can provide security Used to filter - unwanted application layer messages

Backbone networks
Allows, several LANs to be connected No station is directly connected to the backbone stations are the parts of a LAN - connects the LANs Is itself a LAN that uses a LAN protocol like Ethernet Each connection to the backbone - is itself another LAN Many different architectures, can be used for a backbone - more common are bus and star

Bus backbone
Topology: bus Can use - one of the protocols - that supports - a bus topology - like 10Base5 or 10Base2 Normally - used as a distribution backbone - to connect different buildings in an organization Each building - can comprise - either a single LAN or another backbone (normally a star backbone) Ex.: backbone that connects single- or multiple-floor buildings on a campus Each single-floor building usually - has a single LAN Each multiple-floor building - has a backbone (usually, a star) - - connects each LAN on a floor Bus backbone - interconnects - these LANs and backbones Fig. shows an ex. of a bridge-based backbone with 4 LANs

Fig. in - if a station in a LAN needs to send a frame to another station in the same LAN - corresponding bridge blocks the frame - frame never reaches the backbone If a station - needs to send a frame to a station in another LAN - the bridge passes the frame to the backbone - which is received by the appropriate bridge - and is delivered to the destination LAN Each bridge: connected to the backbone has a table - that shows - the stations on the LAN side to the bridge Blocking or delivery of a frame - is based on the contents of this table

Star backbone
Called also -as a collapsed or switched backbone Topology: star Topology in backbone - is just one switch (so, erroneously called as a collapsed backbone) - that connects the LANs Fig. shows a star topology - switch in this configuration: does the job of the backbone and at the same time connects the LANs Star backbones: used mostly, as a distribution backbone inside a building Multi-floor building in: one LAN that serves each particular floor Star backbone: connects these LANs

Backbone network: is just a switch - can be installed in the basement or the first floor - and separate cables can run from the switch to each LAN If the individual LANs - have a physical star topology - either the hubs (or switches) - can be installed in a closet on the corresponding floor - or all can be installed close to the switch often, a rack or chassis in the basement where the backbone switch and all hubs or switches are installed

Connecting remote LANs

Common application of backbone network - connecting remote LANs Type of backbone network is useful: when a company has several offices with LANs and needs to connect them Connection can be done through bridges - called remote bridges Bridges: acts as connecting devices - connecting LANs and point-to-point networks - such as leased telephone lines or ADSL lines Point-to-point network in this case is considered - a LAN without stations Point-to-point link - can use a protocol such as PPP Fig. shows a backbone connecting remote LANs Point-to-point link: acts as a LAN in a remote backbone connected by remote bridges

Virtual LANs
Station is considered - a part of a LAN - if it physically belongs to that LAN Criterion of a membership: is geographic Virtual connection if we need between 2 stations - belonging to 2 different physical LANs - virtual LANs (VLANs) defined for that - as a LAN configured by software - not by physical wiring Ex.: to elaborate on this definition Fig. shows switched LAN in an engineering firm - in which 10 stations are grouped into 3 LANs - connected by a switch

First 4 engineers work together as the first group - next 3 engineers work together, as the second group - last 3 engineers work together, as the 3rd group - LAN is configured to allow this arrangement If administrators needed to move 2 engineers from first group to the 3rd group - to speed up the project being done by the 3rd group - LAN configuration would need to be changed - network technician - must rewire Problem: if next week 2 engineers move back to their previous group Switched LAN: in changes in the work group mean - physical changes in the network configuration Fig. shows a switch connecting 3 LANs Fig. shows: same switched LAN - divided into VLANs

Whole idea of VLAN technology: is to divide a LAN into logical - instead, physical segments LAN can be divided into several logical LANs called - VLANs Each VLAN: in a work group in the organization Person if moved from one group to another: no need to change the physical configuration Group membership: in VLANs is defined by software - not hardware

Station can be logically - moved to another VLAN Members belonging to a VLAN - can receiver broadcast messages sent to that particular VLAN Fig. shows a switch using VLAN software If the station: moves from VLAN 1 to VLAN 2 - it receives broadcast messages - sent to VLAN 2 - but no longer receives broadcast messages sent to VLAN 1 VLANs - can solve problems in - previous example - easily Moving engineers: from one group to another through software - is easier than - changing the configuration of the physical network VLAN technology: allows the grouping of stations connected - to different switches in a VLAN Fig. shows a backbone LAN with 2 switches and 3 VLANs Stations from switches A and B - belong to each VLAN Fig. shows two switches in a backbone using VLAN software

Two separate buildings - of companies for - it is good configurations Each building: can have its own switched LAN - connected by a backbone People in first and people in second building: can be in the same network group even though they are connected to different physical LANs VLANs: create broadcast domains Group stations - belonging to one or more physical LANs - into broadcast domains Stations - communicate with one another - as though they belonged to a physical segment

Membership
Characteristics used to group stations in a VLAN: Venders - use different characteristics such as port numbers, MAC addresses, IP addresses, IP multicast addresses, or a combination of 2 or more of these

Port numbers VLAN vendors: use switch port numbers as a membership characteristic Ex.: administrator can define - that stations connecting to ports 1, 2, 3, and 7 belong to VLAN 1 Stations connecting to ports 4, 10, and 12 belong to VLAN 2 and so on

MAC addresses Some VLAN vendors: use 48-bit MAC address - as a membership characteristic Ex.: administrator can stipulate that stations having MAC addresses E21342A12334 and F2A123BCD341 belong to VLAN 1

IP addresses Some VLAN vendors: use the 32-bit IP address - as a membership characteristic Ex.: administrator can stipulate - that stations having IP addresses 181.34.23.67, 181.34.23.72, 181.34.23.98, and 181.34.23.112 belong to VLAN 1

Multicast IP addresses Some VLAN vendors: use multicast IP address - as a membership characteristic Multicasting - at the IP layer - is - translated to multicasting at the DLL

Combination Software available form some vendors: allows all these characteristics - to be combined Administrator: can choose one or more characteristics - when installing the software Software can be - reconfigured - to change the settings

Configuration
Stations grouping into different VLANs Stations are configured: in one of the 3 ways - manual, semiautomatic, and automatic 1. Manual configuration Network administrator: uses VLAN software - to manually assign the stations into different VLANs at setup Migration - later, from one VLAN to another is also done - manually Note: this is not a physical configuration - it's a logical configuration 'manually': term means that the administrator types the port numbers, IP addresses, or other characteristics - using the VLAN software

2. Automatic configuration Stations are automatically - connected or disconnected from a VLAN using criteria - defined by the administrator Ex.: administrator can define - project number as the criterion for being a member of a group When a user changes the project - he or she automatically migrates to a new VLAN

3. Semiautomatic configuration Somewhere between -a manual configuration and an automatic configuration Initializing is done manually - with migrations done automatically

Communication between switches

In multi-switched backbone: each switch must know not only which station belongs to which VLAN - also, the membership of stations connected to other switches Ex.: Fig. in - switch A must know the membership status of stations connected to switch B Switch B - must know the same about switch A 3 methods - have been devised - for the purpose - table maintenance, frame tagging, and time-division multiplexing 1. Table maintenance When a station sends: a broadcast frame to its group members - switch creates an entry in a table and records station membership Switches send - their tables to one another periodically for updating

2. Frame tagging Frame when - is traveling - between switches - an extra header is added to the MAC frame to define the destination VLAN Frame tag is used by the receiving switches to determine the VLANs to be receiving the broadcast message

3. Time-division multiplexing (TDM) Connection (trunk) between switches - is divided into timeshared channels Ex.: if the total number of VLANs - in a backbone is 5 - each trunk is divided into 5 channels Traffic: destined for VLAN 1 travels in channel 1 Traffic: destined for VLAN 2 travels in channel 2, and so on Receiving switch: determines - the destination VLAN - by checking the channel from which the frame arrived

IEEE standard
1996 - IEEE 802.1 subcommittee: passed a standard called 802.1Q - -it defines - format for frame tagging and the format to be used in multi-switched backbones Enables the use of multi-vendor equipment in VLANs IEEE 802.1Q: has opened way for standardization in other issues related to VLANs - most vendors accepted this standard

Advantages
Several advantages using VLANs: 1. Cost and time reduction VLANs - reduce the migration cost of stations going from one group to another - physical reconfiguration: takes time and is costly Physically - instead of moving - one station to another segment or even to another switch - much easier and quicker it to - move it by using software

2. Creating virtual work groups VLANs: can be used - to create virtual work groups

Ex.: In a campus environment, professors working on the same project - can send broadcast messages to one another without the necessity of belonging to the same department - it reduces traffic - if, the multicasting capability of IP -was previously used

3. Security VLANs: provide an extra measure of security People belonging to the same group: can send broadcast messages - with the guaranteed assurance - that, users in other groups will not receive these messages