Connecting

Devices and
Virtual LANs
CS44 Data Communications

Dr. Shilpa Chaudhari

Department of Computer Science and
Engineering
Ramaiah Institute of Technology Bangalore
Outline
• Connecting Devices
◦ Hubs
◦ Link-Layer Switches
◦ Routers
• Virtual LANs
◦ Membership
◦ Configuration
◦ Communication between
Switches
◦ Advantages

2
Connecting Devices
• We use connecting devices to connect hosts together to
make a network or to connect networks together to make
an internet
• Connecting devices can operate in different layers of the
Internet model, there are 3 kinds of connecting devices:
◦ Hubs
◦ Link-layer switches
◦ Routers

3
Hubs
• A hub is a device that operates only in the physical layer
• Signals that carry information within a network can travel a fixed
distance before attenuation endangers the integrity of the data
• A repeater receives a signal and, before it becomes too weak or
corrupted, regenerates and retimes the original bit pattern
• The repeater then sends the refreshed signal
• In the past, when Ethernet LANs were using bus topology, a repeater
was used to connect two segments of a LAN to overcome the length
restriction of the coaxial cable
• Today, Ethernet LANs use star topology
◦ In a star topology, a repeater is a multiport device, often called a hub, that can
be used to serve as the connecting point and at the same time function as a
repeater.
4
Hubs ...
• When a packet from station A to station B arrives at the
hub, the signal representing the frame is regenerated to
remove any possible corrupting noise, but the hub
forwards the packet from all outgoing ports except the one
from which the signal was received
◦ Frame is broadcast - All stations in the LAN receive the frame, but
only station B keeps it. The rest of the stations discard it.

5
Hubs ...
• A hub does not have a filtering capability and does not
have the intelligence to find from which port the frame
should be sent out
• They do not have a link-layer address and they do not
check the link-layer address of the received frame
• They just regenerate the corrupted bits and send them out
from every port

6
Link-layer switch
• Operates in both the physical and the data-link layers
• As a physical-layer device, it regenerates the signal it receives
• As a link-layer device, the link-layer switch can check the MAC
addresses (source and destination) contained in the frame
• A link-layer switch has filtering capability - check the
destination address of a frame and can decide from which
outgoing port the frame should be sent
• A link-layer switch does not change the link-layer (MAC)
addresses in a frame

7
Link-layer switch ...
• A LAN with four stations that are connected to a link-layer
switch
• If a frame destined for station 71:2B:13:45:61:42 arrives at
port 1, the link-layer switch consults its table to find the
departing port
• According to its table, frames for 71:2B:13:45:61:42 should
be sent out only through port 2; therefore, there is no
need for forwarding the frame through other ports

8
Transparent switch
• A switch in which the stations are completely unaware of
the switch’s existence
• If a switch is added or deleted from the system,
reconfiguration of the stations is unnecessary
• According to the IEEE 802.1d specification, a system
equipped with transparent switches must meet three criteria:
◦ Forwarding : Frames must be forwarded from one station to another
correctly
◦ Learning : The forwarding table is automatically made by learning
frame movements in the network
◦ Loop Problem : Loops in the system must be prevented

9
Transparent switch:
Learning
• The earliest switches – static switching tables that were manually
entered during switch setup by the system administrator
◦ Simple process but was not practical
◦ If a station was added or deleted, the table had to be modified manually
◦ The same was true if a station’s MAC address changed, which is not a rare event
◦ For example, putting in a new network card means a new MAC address

• A better solution to the static table is a dynamic table that maps

addresses to ports (interfaces) automatically
• A switch gradually learns from the frames’ movements by
inspecting both the destination and the source addresses in each
frame that passes through the switch
◦ The destination address is used for the forwarding decision (table
lookup); the source address is used for adding entries to the table and for
updating purposes
10
11
Transparent switch:
Learning
1. When station A sends a frame to station D, the switch does not
have an entry for either D or A
◦ The frame goes out from all three ports; the frame floods the network
◦ However, by looking at the source address, the switch learns that station A
must be connected to port 1 - means that frames destined for A, in the
future, must be sent out through port 1
◦ The switch adds this entry to its table - first entry now

2. When station D sends a frame to station B, the switch has no entry

for B, so it floods the network again
◦ However, it adds one more entry to the table related to station D

3. The learning process continues until the table has information

about every port
◦ However, note that the learning process may take a long time
◦ For example, if a station does not send out a frame (a rare situation), the station will never have an
entry in the table
12
Transparent switch: Loop Problem
• Transparent switches work fine as long as there are no
redundant switches in the system
• Redundant switches (more than one switch between a pair
of LANs) to make the system more reliable
◦ If a switch fails, another switch takes over until the failed one is
repaired or replaced
• Redundancy can create loops in the system, which is very
undesirable
◦ Loops can be created only when two or more broadcasting LANs
(those using hubs, for example) are connected by more than one
switch

13
14
Transparent switch: Loop Problem
• Simple example of a loop created in a system with two LANs connected by two
switches.
• 1. Station A sends a frame to station D – As the tables of both switches are empty,
both forward the frame and update their tables based on the source address A.
• 2. Now there are two copies of the frame on LAN 2
◦ The copy sent out by the left switch is received by the right switch, which does not have any
information about the destination address D; it forwards the frame
◦ The copy sent out by the right switch is received by the left switch and is sent out for lack of
information about D.
◦ Each frame is handled separately because switches, as two nodes on a broadcast network sharing the medium, use an access
method such as CSMA/CD. The tables of both switches are updated, but still there is no information for destination D.

• 3. Now there are two copies of the frame on LAN 1 - Step 2 is repeated, and both
copies are sent to LAN2.
• 4. The process continues on and on
Note that switches are also repeaters and regenerate frames. So in each iteration,
there are newly generated fresh copies of the frames

15
Spanning Tree Algorithm
• A switched LAN – how to create a topology in which each LAN
can be reached from any other LAN through one path only (no
loop) without changing the physical topology of the system
• Solution: create a logical topology that overlays the physical
one
◦ IEEE specification uses the spanning tree algorithm to create a loopless
topology
◦ In graph theory, a spanning tree is a graph in which there is no loop

• To find the spanning tree, we need to assign a cost (metric) to

each arc
◦ The interpretation of the cost is left up to the systems administrator
eg. the minimum hops (hop count is normally 1 from a switch to the
LAN and 0 in the reverse direction)
16
A system with four LANs and five switches

17
3-step process for finding
spanning tree
• 1. Every switch has a built-in ID (normally the serial number, which is unique)
◦ Each switch broadcasts this ID so that all switches know which one has the smallest ID
◦ The switch with the smallest ID is selected as the root switch (root of the tree)
◦ Assume that switch S1 has the smallest ID. It is, therefore, selected as the root switch.

• 2. The algorithm tries to find the shortest path (a path with the shortest
cost) from the root switch to every other switch or LAN
◦ The shortest path can be found by examining the total cost from the root switch to the
destination eg. Use Dijkstra algorithm
• 3. The combination of the shortest paths creates the shortest tree
• 4. Based on the spanning tree, we mark
◦ the ports that are part of it, the forwarding ports, which forward a frame that the
switch receives
◦ those ports that are not part of the spanning tree, the blocking ports, which block the
frames received by the switch

18
3-step process for finding
spanning tree
• Finding the shortest paths and the spanning tree in a
system of switches

19
3-step process for finding
spanning tree
• The logical systems of LANs with forwarding ports (solid lines) and blocking ports (broken
lines).
• There is only one path from any LAN to any other LAN in the spanning tree
system – No loops are created
◦ Real spanning tree algorithm in LAN uses dynamic process through a software package at
each node

20
Advantages of
Switches
• Collision Elimination: a link-layer switch eliminates the
collision - increasing the average bandwidth available to a
host in the network
◦ In a switched LAN, there is no need for carrier sensing and collision
detection; each host can transmit at any time
• Connecting Heterogenous Devices: can connect devices
that use different protocols at the physical layer (data
rates) and different transmission media
◦ As long as the format of the frame at the data-link layer does not
change, a switch can receive a frame from a device that uses
twisted-pair cable and sends data at 10 Mbps and deliver the
frame to another device that uses fiber-optic cable and can receive
data at 100 Mbps
21
Routers
• A router is a three-layer device - operates in the physical,
data-link, and network layers
◦ As a physical-layer device, it regenerates the signal it receives
◦ As a link-layer device, the router checks the physical addresses
(source and destination) contained in the packet
◦ As a network-layer device, a router checks the network-layer
addresses
• A router is an internetworking device that connects
independent networks to form an internetwork
• Router will change the MAC addresses it receives because
the MAC addresses have only local jurisdictions

22
Routers ...
• There are three major differences between a router and a repeater or a
switch
1. A router has a physical and logical (IP) address for each of its interfaces
2. A router acts only on those packets in which the link-layer destination
address matches the address of the interface at which the packet arrives
3. A router changes the link-layer address of the packet (both source and
destination) when it forwards the packet

23
Routers ...
• An organization with two separate buildings with a Gigabit
Ethernet LAN installed in each building
• The organization uses switches in each LAN
• The two LANs can be connected to form a larger LAN using
10 Gigabit Ethernet technology that speeds up the
connection to the Ethernet and the connection to the
organization server
• A router then can connect the whole system to the
Internet

24
Virtual LAN
• A station membership is geographic s in a LAN if it
physically belongs to that LAN
• What happens if we need a virtual connection between
two stations belonging to two different physical LANs?
◦ We can roughly define a virtual local area network (VLAN) as a
local area network configured by software, not by physical wiring

25
Virtual LAN example 1
• A switched LAN in an engineering firm in which nine
stations are grouped into three LANs that are connected by
a switch
◦ The LAN is configured to allow this arrangement

Three engineers Two engineers Four engineers

work together work together work together

26
Virtual LAN
example ...
What would happen if the administrators needed to move
two engineers from the first group to the third group, to
speed up the project being done by the third group?
• In a switched LAN, changes in the work group mean
physical changes in the network configuration
◦ The LAN configuration would need to be changed
◦ The network technician must rewire.
◦ The problem is repeated if, in another week, the two engineers
move back to their previous group
• The same switched LAN divided into VLANs

27
Virtual LAN example
2
• The whole idea of VLAN technology is to divide a LAN into logical, instead of physical, segments
• Each VLAN is a work group in the organization
• If a person moves from one group to another, there is no need to change the physical configuration
• The group membership in VLANs is defined by software, not hardware
• Any station can be logically moved to another VLAN
• All members belonging to a VLAN can receive broadcast messages sent to that particular VLAN
• This means that if a station moves from VLAN 1 to VLAN 2, it receives broadcast messages sent to
VLAN 2, but no longer receives broadcast messages sent to VLAN 1

28
Virtual LAN example 3
• Moving engineers from one group to another through software is
easier than changing the configuration of the physical network
• VLAN technology even allows the grouping of stations connected to
different switches in a VLAN
• A backbone local area network with two switches and three VLANs
◦ Stations from switches A and B belong to each VLAN

29
Virtual LAN example 3
...
• This is a good configuration for a company with two
separate buildings
• Each building can have its own switched LAN connected by
a backbone
• People in the first building and people in the second
building can be in the same work group even though they
are connected to different physical LANs

30
VLAN Notes
• VLAN defines broadcast domains
• VLANs group stations belonging to one or more physical
LANs into broadcast domains
• The stations in a VLAN communicate with one another as
though they belonged to a physical segment

31
Membership – characteristic
to group stations in a VLAN
• Interface Numbers: Some VLAN vendors use switch interface numbers as a membership
characteristic
◦ The administrator can define that stations connecting to ports 1, 2, 3, and 7 belong to VLAN 1, stations
connecting to ports 4, 10, and 12 belong to VLAN 2, and so on.
• MAC Addresses: Some VLAN vendors use the 48-bit MAC address as a membership
characteristic
◦ For example, the administrator can stipulate that stations having MAC addresses E2:13:42:A1:23:34
and F2:A1:23:BC:D3:41 belong to VLAN 1.
• IP Addresses: Some VLAN vendors use the 32-bit IP address as a membership
characteristic
◦ For example, the administrator can stipulate that stations having IP addresses 181.34.23.67,
181.34.23.72, 181.34.23.98, and 181.34.23.112 belong to VLAN 1.
• Multicast IP Addresses: Some VLAN vendors use the multicast IP address as a
membership characteristic
◦ Multicasting at the IP layer is now translated to multicasting at the datalink layer
• Combination: Recently, the software available from some vendors allows all these
characteristics to be combined.
◦ The administrator can choose one or more characteristics when installing the software
◦ In addition, the software can be reconfigured to change the settings.
32
VLAN: Configuration
• How are the stations grouped into different VLANs?
• Stations are configured in one of three ways:
1. Manual Configuration - a logical not a physical configuration
◦ the administrator types the port numbers, the IP addresses, or other characteristics,
using the VLAN software to manually assign the stations into different VLANs at setup
◦ Later migration from one VLAN to another is also done manually

2. Automatic Configuration: stations are automatically connected or

disconnected from a VLAN using criteria defined by the administrator
◦ For example, the administrator can define the project number as the criterion for
being a member of a group
◦ When a user changes projects, he or she automatically migrates to a new VLAN

3. Semiautomatic Configuration: between a manual configuration and an

automatic configuration
◦ Usually, the initializing is done manually, with migrations done automatically

33
Communication between Switches
• In a multi-switched backbone, each switch must know not
only which station belongs to which VLAN, but also the
membership of stations connected to other switches
• Three methods have been devised for this purpose:
◦ table maintenance
◦ frame tagging
◦ Time division multiplexing

34
Communication between Switches
• Table Maintenance: when a station sends a broadcast frame to its group
members, the switch creates an entry in a table and records station membership
◦ The switches send their tables to one another periodically for updating
• Frame Tagging: when a frame is travelling between switches, an extra header is
added to the MAC frame to define the destination VLAN
◦ The frame tag is used by the receiving switches to determine the VLANs to be receiving the
broadcast message
◦ IEEE 802.1Q defines the format for frame tagging
• Time-Division Multiplexing (TDM): the connection (trunk) between switches is
divided into time-shared channels
◦ For example, if the total number of VLANs in a backbone is five, each trunk is divided into five
channels
◦ The traffic destined for VLAN 1 travels in channel 1, the traffic destined for VLAN 2 travels in
channel 2, and so on
◦ The receiving switch determines the destination VLAN by checking the channel from which
the frame arrived

35
Advantages to using
VLANs
• Cost and Time Reduction: VLANs can reduce the migration cost of
stations going from one group to another.
◦ Physical reconfiguration takes time and is costly
◦ Instead of physically moving one station to another segment or even to another
switch, it is much easier and quicker to move it by using software.
• Creating Virtual Work Groups: VLANs can be used to create virtual
work groups
◦ For example, in a campus environment, professors working on the same project
can send broadcast messages to one another without the necessity of belonging
to the same department
◦ This can reduce traffic if the multicasting capability of IP was previously used.
• Security: VLANs provide an extra measure of security
◦ People belonging to the same group can send broadcast messages with the
guaranteed assurance that users in other groups will not receive these messages

36