Sunday, April 4, 2010


Trunking (a.k.a tagging) passes multi-VLAN information between switches. A link set as a trunk passes all VLAN traffic over. Every vendor other than Cisco would call trunk links "tag links".
Trunking is performed with a protocol called 802.1Q. Before 802.1Q, Cisco used a prioprietary ISL protocol. 802.1Q is a Layer 2 industry standard protocol. A tagged Ethernet frame looks like this:

The TAG is made up of 4 bytes of information. In the 4 byte 802.1Q tag, you'll first have a 2 byte TPID. The TPID has a fixed value of 0x8100 which indicates the use of 802.1Q.

Following that is a the two byte TCI. The TCI contains a 3-bit CoS (which stands for "Class of Service", used during QoS), a CFI, and the VID. The CFI is a one bit field. The VID is a 12-bit field that identifies a VLAN.

VLANs and tagging are a switching technology, so computers can't understand them. All VLAN and tagging information are stripped before it is sent out of an access port.

Any untagged packets sent into a trunk link will be sent into the native VLAN. The native VLAN is designed as a way to handle untagged packets. If a trunk port's native VLAN is 15, then untagged broadcasts for a trunk will be forwarded out of all VLAN 15 ports.

A VLAN mismatch is when two sides have different VLANs. When this happens, broadcasts will actually end up in both VLANs. This effectively bridges the two VLANs together. The switch will notify of such a mismatch.

In a typical VoIP implementation, phones will be set up like this:

In this case, packets from the phone will end up in VLAN50 and untagged packets from the computer are put into whatever VLAN is the native on the switch. This allows separation of the phone and computer even though they are using the same switch port.

VTP stands for VLAN Trunking Protocol. A better name for it would be the VLAN Replication Protocol because its job is to replicate VLANs. VTP replicates VLAN information across trunk links. VTP, however, is dangerous if used incorrectly.

VTP works by revision numbers. The revision number increments every time a VLAN configuration is saved. Switches then propagate the updates with the newest revision number around until all the switches are on the same page. The revision number helps switches keep track of who has the latest database.

However, if you introduce an old switch into the VTP domain with a higher VTP revision, it will propagate that revision and wipe out all existing VLAN configurations on all switches. Ports that are assigned to non-existent VLANs will be inactive and down. VTP accidents typically happen when lab equipment are put into production network.

There are three VTP modes:
1) Server (Default)
Servers can change VLAN information. It can forward, send and receive VTP updates and it saves VLAN configurations.

2) Client
Clients cannot change VLAN information. It can forward and receive VTP updates but it cannot save VLAN configurations.

3) Transparent
Transparents can change VLAN information. It can forward VTP updates and it can save VLAN configurations.

Note that even though a client cannot change VLAN information, if it has a higher REV number, it can actually overwrite server configurations.

Another benefit of VTP is VLAN pruning. VLAN pruning helps keep unnecessary broadcast traffic from crossing trunk links. It only works on VTP servers.

No comments :

Post a Comment