The Physical Reality Precedes the Virtual Reality


Before you can understand virtual LANs, you need to think about physical LANs and how they handle broadcasts. After you have the concepts related to broadcasts firmly in mind, it's much easier to think about VLANs.

Physical LANs: It's All About Broadcasts

Many people have different ideas about what a network really is. For instance, if you ask someone who works on servers, that person might think of a LAN as a server that's attached to an Ethernet. The person who runs the Ethernet cables has a different perspective, thinking of the LAN as a bunch of cables. However, the perspective you need to have to understand VLANs is closer to that of the network engineer, who cares more about hubs and switches.

As you probably recall, hubs and switches behave differently. Hubs repeat all received electrical signals out all ports, except the port in which the signal was received, essentially flooding the frame. Switches do not flood all received frames, but instead use a MAC address table, which tells them how to best forward a frame.

However, hubs and switches process broadcast frames indentically. A broadcast frame is an Ethernet frame that has a destination MAC address field set to FFFF.FFFF.FFFF. Broadcast frames are sent for a variety of reasons. (They are particularly useful when a computer doesn't know some piece of information; the computer can send a broadcast to everyone, asking for that tidbit of information.) Regardless of why the broadcast frame is sent, when a switch receives a frame whose destination address is the Ethernet broadcast address, it forwards the frame out all ports except the incoming port. A hub repeats all framesincluding broadcastsout all ports except the incoming port. (In fact, hubs do not even look at the addresses.) So, although the internal processing on switches and hubs is different, essentially a switch acts just like a hub in regards to broadcast frames.

Master of Your Own (Broadcast) Domain

To understand VLANs, you need to understand a few terms, starting with the term broadcast domain. A broadcast domain is a group of devices for which a broadcast frame sent by one device is received by all other devices in the same group.

Although the definition is rather formal, you've already read about all the underlying concepts, mainly in Chapter 6, "Reducing Congestion and Driving Faster on the Local (Network) Roadway." Figure 7-1 shows three examples of broadcast domains.

Figure 7-1. Three Broadcast Domains: A Hub, a Switch, and a Hub and Switch


A single hub creates a single broadcast domain, as shown in the upper-left part of the figure. This first broadcast domain consists of the PCs, as well as the cabling and hub. If any of those devices sends a broadcast frame, the hub repeats the electrical signal out all other ports so that everyone receives the signal.

A single switch also creates a single broadcast domain. This broadcast domain includes the devices that are attached to a single switch, along with the cabling and switch. Because the switch forwards all broadcast frames out all ports (besides the incoming port), everyone gets a copy of each broadcast, meeting the definition for broadcast domain.

A hub and a switch, connected together, also create a single broadcast domain. Shown in the bottom of Figure 7-1, if a device on the hub sends a broadcast, the hub repeats it out all ports, including the one that's connected to the switch. When the switch receives the broadcast frame, it forwards the broadcast out all other switch ports, like always. Similarly, when a device that is connected to the switch sends a broadcast, the switch forwards the broadcast on all other portsincluding the one that is connected to the huband the hub repeats the frame out all other ports.

Multiple Physical LANs Require Multiple Switches

A LAN consists of the devices inside a single broadcast domain. To create multiple physical LANs, you need to use multiple physical switches, because a switch forwards any broadcasts out all ports (except the port on which it was received). For example, imagine that you just took a job as network engineer at a company with the small network shown in Figure 7-2.

Figure 7-2. Small Physical LAN, and You Are in Charge


With a single switch, you have a single broadcast domain and a single LAN. However, your new boss told you when you walked in the door, "We've got to get Fred and Barney on a different LAN than Betty and Wilma. They work with super-secret projects, and we can't meet our security requirements if Betty and Wilma are on the same LAN. Now get cracking!"

To put Betty and Wilma in a different LAN than the boys, you have to use two switches. Figure 7-3 shows the alternative design, now with two physical LANs.

Figure 7-3. Two Physical LANs: Broadcasts Do Not Leave the Originating LAN


Note that with two switches, each switch has its own address table. When Fred sends a broadcast, switch1 forwards it out all other portsin this case, only to Barney. Switch2 does not receive a copy of the broadcastin fact, there is not even a physical cable conneting the two switches in this case.

Because the two switches have created two separate VLANs, both broadcast frames and unicast frames from the top LAN cannot be forwarded to the bottom LAN. For instance, if Fred were to send a frame with a destination address of 0200.3333.3333 (Wilma), switch1 would not have Wilma's address in its address table. Figure 7-4 summarizes the logic.

Figure 7-4. No Forwarding Between the Two Physical LANs


With two separate switches, you can create two physical LANs, each with its own MAC address table. In the next section, you'll read about how VLANs can do essentially the same thing, but using only a single switch. Following are some key points about physical LANs that will help you as you learn about VLANs in the next section:

  • Each LAN has an independent MAC address table as compared to the other LANs.

  • Broadcasts originating in one LAN are flooded inside that LAN.

  • Broadcasts originating in one LAN are not forwarded into the other LANs.

  • Unicasts originating in one LAN are not forwarded into the other LANs.




Computer Networking first-step
Computer Networking First-Step
ISBN: 1587201011
EAN: 2147483647
Year: 2004
Pages: 173
Authors: Wendell Odom

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net