UNIT 5: Connecting LANs, Backbone and Virtual LANs: Connecting devices, Back bone Networks, Virtual

LANs 6 Hours   

LANs: do not normally operate in isolation - connected to one another or to the Internet

Connecting devices: used to connect LANs and segments of LANs and can operate in different layers of the Internet

model

Connecting devices

Based on layer in which they operate in a network - 5 different categories:

1. Those which operate below the physical layer (a passive hub)

2. Those which operate at the physical layer (a repeater or an active hub)

3. Those which operate at the physical and data link layers ( a bridge or a two-layer switch)

4. Those which operate at the physical, data link, and network layers ( a router or a three-layer switch)

5. Those which can operate at all five layers (a gateway)

Passive hubs

it's a connector - connects the wires coming from different branches

Star-topology Ethernet LAN in: passive hub is a point - where signals coming from different stations collide

Hub - collision point

Type of the hub, is part of the media

Location: is below the physical layer

Repeaters

Device that operates only in the physical layer

Signals carrying information - within a network can travel a fixed distance - before attenuation endangers the integrity

of the data

Receives the signal - regenerates the original bit pattern(before it becomes too weak or corrupted) - then, sends the

refreshed signal - can extend the physical length of a LAN

Does not actually connect two LANs

Connects two segments of the same LAN - segments connected are still part of one single LAN - is not a device that

can connect two LANs of different protocols

Connects segments of a LAN

Fig. shows a repeater connecting two segments of a LAN

Can overcome - 10Base5 Ethernet cable length restriction

10Base5 Ethernet: length of the cable is limited to 500m

To extend the cable length: divide the cable into segments - install repeaters between segments

Note: Whole network is still considered one LAN

Segments: portions of the network, separated by the repeaters

Repeaters: acts as 2-port node

Operates only in the physical layer

Receives a frame from any of the ports – regenerates and forwards it to the other port

Forward every frame - has not filtering capability

Repeater and amplifier: comparison is little bit not so easier and also inaccurate

Amplifier: cannot discriminate between the intended signal and noise - amplifies equally everything fed into it

Repeater: does not amplify the signal - regenerates the signal

receives the weakened or corrupted signal - creates a copy bit by bit - at original strength

is a regenerator, not an amplifier

Location of the repeater: is vital

Must be placed: so that - signal reaches it before any noise changes the meaning of any of its bits

Little noise - can alter the precision of the bit's voltage without destroying its identity -

(Fig. shows: function of the repeater) - if corrupted bits moves much farther, accumulated noise can change its meaing

completely - then, original voltage is not recoverable, and the error needs to be corrected

Repeater - placed on the line before the legibility of the signal becomes lost - can still read the signal well enough to

determine the intended voltages and replicate them in their original form

Active hubs

Actually a multi-port repeater

Normally used to create connections between stations in a physical star topology

Ex.: hubs in Ethernet implementations (10Base-T)

Can be used create - multiple levels of hierarchy – as in Fig.

Hierarchical use of hubs: removes the length limitation of 10Base-T (100m)

Bridges

Filtering

Bridge and repeater:

Has filtering ability

Can check the destination address of a frame

Decide if the frame should be forwarded or dropped

If the frame is to be forwarded: decision must specify the port

Has a table - that maps addresses to ports

Has a table - used in filtering decisions

Ex.: 2 LANs - connected by a bridge

Frames destined for station 712B13456142 - arrives at port 1 - bridge consults the table to find the departing port

Table according to - frames for 712B13456142 leave through port 1 - so, there is no need for forwarding, and the frame

is dropped – here, LAN 2 remains free of traffic

Frames destined for station 712B13456141 arrives at port 2 - departing port is port 1 and, the frame is forwarded – here

LAN 1 and LAN 2, both LANs have traffic

Ex.: in 2-port bridge been shown –

In practice, bridge usually has more ports –

Bridge - does not change the physical address (MAC address), contained in the frame

Transparent bridge

Bridge in which - the stations are completely unaware of the bridge's existence

Bridge - is added or deleted from the system - reconfiguration of the stations is unnecessary

IEEE 801.1d specifications according to: system equipped with transparent bridges must meet 3 criteria

1. frames must be forwarded from one station to another

2. forwarding table is automatically made by learning frame movements in the network

3. loops in the system must be prevented

Forwarding: transparent bridge, must correctly forward the frames

Learning: earliest bridges: has static forwarding tables

Systems administrator: manually enter each table entry during bridge setup

Process was simple, but was not practical

Stations if, added or deleted: table had to be modified manually

Station's if MAC address changed: which is not rare case - then, also manually table had to be modified

Ex.: putting a new network card - means, a new MAC address

Dynamic table - solution to static table problem

Dynamic table: maps addresses to ports automatically - to make dynamic tables: a bridge is needed, that gradually

learns from the frame movements - for doing to this, bridge inspects both the destination and the source addresses -

Destination address: used to for forwarding decision (table lookup)

Source address: for adding entries to the table and for updating purposes

Fig. shows a learning bridge and the process of learning

Elaboration of above said process:

1. Station A sends a frame to station D: bridge does not have an entry for either D or A

Frame goes out from all 3 ports - frame floods the network

Source address - looking bridge learns the station A must be located on the LAN connected to port 1

Bridge adds this entry to its table - table got the first entry

2. Station E - when sends a frame to station A:

Bridge has an entry for A - so, it forwards the frame only to port 1 - there is no flooding

Forwarding - uses the source address of the frame E - to add a second entry to the table

3. Station B sends a frame to station C:

Bridge has no entry for C - once again, so, it floods the network

Adds one more entry to the table

4. Process of learning continues as the bridge forwards frames

Loop problem

Transparent bridges: works fine as long as - there are no redundant bridges in the system

System administrators: like to have redundant bridges (more than one bridge between a pair of LANs) - to make

system more reliable

Bridge if fails: another bridge takes over until the failed one is repaired or replaced

Redundancy: can create loops in the systems - which is undesirable

Fig. shows a simple loop created in a system with 2 LANs connected by two bridges

1. Station A: sends a frame to station D

Tables of both bridges: are empty

Both forward the frame and update their tables - based on source address A

2. Two copiers of frames on: LAN 2 present now

Copy sent out by bridge 1: is received by bridge 2 - which has no information about the destination address D - it

floods the bridge

Copy sent out by bridge 2: is received by bridge 1 - and is sent out for lack of information about D

Note: Each frame is handled separately - because bridges - as 2 nodes on a network sharing the medium - use access

methods like CSMA/CD

Tables of bridges are updated - still there is no information for destination D

3. There are 2 copies of frames on LAN 1

Step 2 is repeated - both the copies flood the network

4. Process continues on and on

Note: Bridges are the repeaters and regenerate the frames - In each iteration, there are newly generated fresh copies of

frames

Looping to solve: IEEE specification requires - that bridges use the spanning tree algorithm to create a loop-less

topology

Spanning tree

Graph theory in: graph in which there is no loop

Bridged LAN in: creating a topology in which each LAN can be reached from any other LAN through one path only

(no loop)

Physical topology of the system cannot be changed: physical connections between cables and bridges due to

Fig .shows: system with 4 LANs and 5 bridges - Physical system and its representation in graph theory, is shown

LANs in some textbooks: represent as nodes and the bridges as the connecting arcs - here, both LANs and bridges -

shown as nodes

Connecting arcs: show the connection of a LAN to a bridge and vice versa

Spanning tree finding:

Assign: a cost (metric) to each arc - interpretation of the cost is left up to the systems administrator

It may be the path with minimum hops (nodes), path with minimum delay, or the path with maximum bandwidth

2 ports: have the same shortest value - system administrator chooses the one - here, minimum hops been chosen

Hop count: normally 1 from a bridge, and 0 in the reverse direction

Spanning tree finding process, 3 steps:

1. Each bridge has - built in ID (normally, serial number - unique)

Each bridge broadcasts - this ID – same that all bridges know which one has the smallest ID

Bridge with the smallest ID - is selected as the root bridge(root of the tree)

Assumption: bridge B1 has the smallest ID - so, selected as the root bridge

2. Algorithm - tries to find the shortest path (path with the shortest cost) - from the root bridge - to every other bridge or

LAN - shortest path can be found by examining the total cost from the root bridge to the destination

Fig. shows - shortest paths

3. Combination of the shortest paths - creates the shortest tree - shown in Fig.

Spanning tree based - marking the ports - which are part of the spanning tree (forwarding tree) - which, forward a frame

that the bridge receives marking also of those ports that are - not part of the spanning tree (blocking ports) - which

block the frames received by the bridge

Fig. shows physical systems of LANs - with forwarding points (solid lines) and blocking ports (broken lines)

Note: Only one single path from any LAN - to any other LAN in the spanning tree system - i.e., - only one single path

from one LAN to any other LAN

No loops are created -there is only one - path from LAN 1 to LAN 2, LAN 3, or LAN 4

There is only one path from LAN 2 to LAN 1, LAN 3, and LAN 4 - the same is true for - LAN 3 and LAN 4

Dynamic algorithm

Spanning tree algorithms: described as - they need manual entries - this is not true

Each bridge - is equipped - with a software package - that carries out this process dynamically

Bridges send special messages - to one another - called bridge protocol data units (BPDUs) - to update the spanning

tree

Spanning tree - is updated - when there is a change in the system - such as a failure of a bridge or an addition or

deletion of bridges

Source routing bridges

Prevention of loops with redundant bridges another way: use of source routing bridges

Transparent bridges: function include filtering frames - forwarding - and blocking

Source routing bridges: function include - filtering, forwarding, and blocking of frames - done by source station - and ,

to some extent, by destination station

Source routing: sending station defines - the bridges that the frame must visit

Addresses of bridges: are included in the frame

Frame contains: source and destination addresses and addresses of all bridges to be visited

Source gets these bridges: addresses through the exchange of special frames - with the destination prior to sending the

data frame

Source routing bridges: designed by IEEE - to be used with Token ring LANs - these LANs are not common today

Bridges connecting different LANs

Bridge - should be able to connect LANs using different protocols at the DLL - such as Ethernet LAN to a wireless

LAN - theoretically

Issues to be consider to above function:

1. Frame format: each LAN type - has its own frame format (compare an Ethernet frame with a wireless LAN frame)

2. Maximum data size: incoming frame size - if, is large - for the destination LAN - data must be fragmented into

several frames - data need to be reassembled, at the destination

No protocol - at the DLL allows the fragmentation and reassembly of frames - this is allowed in network layer

Bridge must - discard any frames too large for its system

3. Data rate: each LAN: type has its own data rate (compare the 10-Mpbs data rate of an Ethernet with the 1-Mpbs

data rate of a wireless LAN) - bridge must buffer the frame, to compensate for this difference

4. Bit order: each LAN type has its own strategy - in the sending of bits

some send, MSB in a byte first others, send the LSB first

5. Security: some LANs - like wireless LANs - implement - security measures in the DLL

Other LANs - like the Ethernet - do not – security, involves encryption

Bridge - when receives, a frame from a wireless LAN it needs to decrypt the message before forwarding it to an

Ethernet LAN

6. Multimedia support: some LANs support multimedia and quality of services needed for this type of

communication, others not

Two-layer switches

Switch

Can mean 2 different things

Switch meaning can be clarified - by level at which it operates

Types: 2-layer switch and 3-layer switch

1. 3-layer switch: used at the network layer

2. 2-layer switch: used at the physical layer and data link layer - Ex.: bridge

2-layer switch is a bridge:

With many ports and a design that allows better (faster) performance

Bridge with few ports - can connect a few LANs together

Bridge with many ports may be able to allocate a unique port to each station, with each station on its own independent

entity means, no competing traffic (no collision - as in Ethernet)

Does as like switch - makes a filtering decision based on the MAC address of the frame it received

Can be more sophisticated - can have a buffer to hold the frames for processing

Can have a switching factor that forwards the frames faster

Cut-through switches: new 2-layer switches - have been designed to forward the frame - as soon as they check the

MAC addresses in the header of the frame

Routers

Router: 3-layer device - that routes, packets based on their logical addresses (host-to-host addressing)

Normally, connects LANs and WANs in the Internet - has a routing table - that is used for making decisions about the

route - Routing tables: normally, dynamic and updated using routing protocols

Fig. shows a part of the Internet - that uses routers to connect LANs and WANs

Three-layer switches

3-layer switch: is a router - faster and more sophisticated

Switching fabric: allows faster lookup and forwarding

Router and 3-layer switch - terms are using here, interchangeably

Gateway

Gateway and router: terms some textbooks uses interchangeably

Gateway: normally, a computer that operates - in all 5 layers of the Internet or 7 layers of OSI model

Takes an application message, reads it and interprets it - can be used as a connecting device between 2 inter-networks -

that use different models

Ex. shows network designed to use the OSI model - can be connected to another network using the Internet model

Connecting the 2 systems: can take a frame as it arrives from the first system - move it up to the OSI application layer -

and, remove the message - can provide security

Used to filter - unwanted application layer messages

Backbone networks

Allows, several LANs to be connected

No station is directly connected to the backbone – stations are the parts of a LAN - connects the LANs

Is itself a LAN that uses a LAN protocol like Ethernet

Each connection to the backbone - is itself another LAN

Many different architectures, can be used for a backbone - more common are bus and star

Bus backbone

Topology: bus

Can use - one of the protocols - that supports - a bus topology - like 10Base5 or 10Base2

Normally - used as a distribution backbone - to connect different buildings in an organization

Each building - can comprise - either a single LAN or another backbone (normally a star backbone)

Ex.: backbone that connects single- or multiple-floor buildings on a campus

Each single-floor building usually - has a single LAN

Each multiple-floor building - has a backbone (usually, a star) - - connects each LAN on a floor

Bus backbone - interconnects - these LANs and backbones

Fig. shows an ex. of a bridge-based backbone with 4 LANs

Fig. in - if a station in a LAN needs to send a frame to another station in the same LAN - corresponding bridge blocks

the frame - frame never reaches the backbone

If a station - needs to send a frame to a station in another LAN - the bridge passes the frame to the backbone - which is

received by the appropriate bridge - and is delivered to the destination LAN

Each bridge: connected to the backbone has a table - that shows - the stations on the LAN side to the bridge

Blocking or delivery of a frame - is based on the contents of this table

Star backbone

Called also -as a collapsed or switched backbone

Topology: star

Topology in backbone - is just one switch (so, erroneously called as a collapsed backbone) - that connects the LANs

Fig. shows a star topology - switch in this configuration: does the job of the backbone and at the same time connects

the LANs

Star backbones: used mostly, as a distribution backbone inside a building

Multi-floor building in: one LAN that serves each particular floor

Star backbone: connects these LANs

Backbone network: is just a switch - can be installed in the basement or the first floor - and separate cables can run

from the switch to each LAN

If the individual LANs - have a physical star topology - either the hubs (or switches) - can be installed in a closet on the

corresponding floor - or all can be installed close to the switch – often, a rack or chassis in the basement where the

backbone switch and all hubs or switches are installed

Connecting remote LANs

Common application of backbone network - connecting remote LANs

Type of backbone network is useful: when a company has several offices with LANs and needs to connect them

Connection can be done through bridges - called remote bridges

Bridges: acts as connecting devices - connecting LANs and point-to-point networks - such as leased telephone lines or

ADSL lines

Point-to-point network in this case is considered - a LAN without stations

Point-to-point link - can use a protocol such as PPP

Fig. shows a backbone connecting remote LANs

Point-to-point link: acts as a LAN in a remote backbone connected by remote bridges

Virtual LANs

Station is considered - a part of a LAN - if it physically belongs to that LAN

Criterion of a membership: is geographic

Virtual connection if we need between 2 stations - belonging to 2 different physical LANs - virtual LANs (VLANs)

defined for that - as a LAN configured by software - not by physical wiring

Ex.: to elaborate on this definition

Fig. shows switched LAN in an engineering firm - in which 10 stations are grouped into 3 LANs - connected by a

switch

First 4 engineers work together as the first group - next 3 engineers work together, as the second group - last 3

engineers work together, as the 3rd group - LAN is configured to allow this arrangement

If administrators needed to move 2 engineers from first group to the 3rd group - to speed up the project being done by

the 3rd group - LAN configuration would need to be changed - network technician - must rewire

Problem: if next week 2 engineers move back to their previous group

Switched LAN: in changes in the work group mean - physical changes in the network configuration

Fig. shows a switch connecting 3 LANs

Fig. shows: same switched LAN - divided into VLANs

Whole idea of VLAN technology: is to divide a LAN into logical - instead, physical segments

LAN can be divided into several logical LANs called - VLANs

Each VLAN: in a work group in the organization

Person if moved from one group to another: no need to change the physical configuration

Group membership: in VLANs is defined by software - not hardware

Station can be logically - moved to another VLAN

Members belonging to a VLAN - can receiver broadcast messages sent to that particular VLAN

Fig. shows a switch using VLAN software

If the station: moves from VLAN 1 to VLAN 2 - it receives broadcast messages - sent to VLAN 2 - but no longer

receives broadcast messages sent to VLAN 1

VLANs - can solve problems in - previous example - easily

Moving engineers: from one group to another through software - is easier than - changing the configuration of the

physical network

VLAN technology: allows the grouping of stations connected - to different switches in a VLAN

Fig. shows a backbone LAN with 2 switches and 3 VLANs

Stations from switches A and B - belong to each VLAN

Fig. shows two switches in a backbone using VLAN software

Two separate buildings - of companies for - it is good configurations

Each building: can have its own switched LAN - connected by a backbone

People in first and people in second building: can be in the same network group even though they are connected to

different physical LANs

VLANs: create broadcast domains

Group stations - belonging to one or more physical LANs - into broadcast domains

Stations - communicate with one another - as though they belonged to a physical segment

Membership

Characteristics used to group stations in a VLAN:

Venders - use different characteristics such as port numbers, MAC addresses, IP addresses, IP multicast addresses, or a

combination of 2 or more of these

Port numbers

VLAN vendors: use switch port numbers as a membership characteristic

Ex.: administrator can define - that stations connecting to ports 1, 2, 3, and 7 belong to VLAN 1

Stations connecting to ports 4, 10, and 12 belong to VLAN 2 and so on

MAC addresses

Some VLAN vendors: use 48-bit MAC address - as a membership characteristic

Ex.: administrator can stipulate that stations having MAC addresses E21342A12334 and F2A123BCD341 belong to

VLAN 1

IP addresses

Some VLAN vendors: use the 32-bit IP address - as a membership characteristic

Ex.: administrator can stipulate - that stations having IP addresses 181.34.23.67, 181.34.23.72, 181.34.23.98, and

181.34.23.112 belong to VLAN 1

Multicast IP addresses

Some VLAN vendors: use multicast IP address - as a membership characteristic

Multicasting - at the IP layer - is - translated to multicasting at the DLL

Combination

Software available form some vendors: allows all these characteristics - to be combined

Administrator: can choose one or more characteristics - when installing the software

Software can be - reconfigured - to change the settings

Configuration

Stations grouping into different VLANs

Stations are configured: in one of the 3 ways - manual, semiautomatic, and automatic

1. Manual configuration

Network administrator: uses VLAN software - to manually assign the stations into different VLANs at setup

Migration - later, from one VLAN to another is also done - manually

Note: this is not a physical configuration - it's a logical configuration

'manually': term means that the administrator types the port numbers, IP addresses, or other characteristics - using the

VLAN software

2. Automatic configuration

Stations are automatically - connected or disconnected from a VLAN using criteria - defined by the administrator

Ex.: administrator can define - project number as the criterion for being a member of a group

When a user changes the project - he or she automatically migrates to a new VLAN

3. Semiautomatic configuration

Somewhere between -a manual configuration and an automatic configuration

Initializing is done manually - with migrations done automatically

Communication between switches

In multi-switched backbone: each switch must know not only which station belongs to which VLAN - also, the

membership of stations connected to other switches

Ex.: Fig. in - switch A must know the membership status of stations connected to switch B

Switch B - must know the same about switch A

3 methods - have been devised - for the purpose - table maintenance, frame tagging, and time-division multiplexing

1. Table maintenance

When a station sends: a broadcast frame to its group members - switch creates an entry in a table and records station

membership

Switches send - their tables to one another periodically for updating

2. Frame tagging

Frame when - is traveling - between switches - an extra header is added to the MAC frame to define the destination

VLAN

Frame tag is used by the receiving switches to determine the VLANs to be receiving the broadcast message

3. Time-division multiplexing (TDM)

Connection (trunk) between switches - is divided into timeshared channels

Ex.: if the total number of VLANs - in a backbone is 5 - each trunk is divided into 5 channels

Traffic: destined for VLAN 1 travels in channel 1

Traffic: destined for VLAN 2 travels in channel 2, and so on

Receiving switch: determines - the destination VLAN - by checking the channel from which the frame arrived

IEEE standard

1996 - IEEE 802.1 subcommittee: passed a standard called 802.1Q - -it defines - format for frame tagging and the

format to be used in multi-switched backbones

Enables the use of multi-vendor equipment in VLANs

IEEE 802.1Q: has opened way for standardization in other issues related to VLANs - most vendors accepted this

standard

Advantages

Several advantages using VLANs:

1. Cost and time reduction

VLANs - reduce the migration cost of stations going from one group to another - physical reconfiguration: takes time

and is costly

Physically - instead of moving - one station to another segment or even to another switch - much easier and quicker it

to - move it by using software

2. Creating virtual work groups

VLANs: can be used - to create virtual work groups

Ex.: In a campus environment, professors working on the same project - can send broadcast messages to one another -

without the necessity of belonging to the same department - it reduces traffic - if, the multicasting capability of IP -was

previously used

3. Security

VLANs: provide an extra measure of security

People belonging to the same group: can send broadcast messages - with the guaranteed assurance - that, users in other

groups will not receive these messages