1 / 27

Introduction t o VLAN , IGMP, Spanning Tree Protocol

Speaker : 龔哲幀 指導教授:柯開維教授. Introduction t o VLAN , IGMP, Spanning Tree Protocol. Outline. VLAN(Virtual LAN) What are VLANs ? Why need the VLAN ? VLAN Configurations VTP (VLAN Trunking Protocol) IGMP (Internet Group Management Protocol) IGMP V1/V2/V3 IGMP Snooping Spanning Tree.

akamu
Download Presentation

Introduction t o VLAN , IGMP, Spanning Tree Protocol

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Speaker:龔哲幀 指導教授:柯開維教授 Introduction to VLAN, IGMP,SpanningTree Protocol

  2. Outline • VLAN(Virtual LAN) • What are VLANs ? Why need the VLAN ? • VLAN Configurations • VTP (VLAN Trunking Protocol) • IGMP (Internet Group Management Protocol) • IGMP V1/V2/V3 • IGMP Snooping • Spanning Tree

  3. What are VLANs ? Why need the VLAN ? • Segmentation • Scalability & Flexibility • Security • heavily burdened

  4. VLAN Configurations • Port-based VLAN • MAC-based VLAN • IP subnet-based VLAN • Protocol-based VLAN • Rule-based VLAN

  5. Port-based VLAN • Easy to setup configuration, but inflexible

  6. MAC-based VLAN • Provide good security since spoofing a MAC address is not easy

  7. IP subnet-based VLAN

  8. Protocol-based VLAN

  9. Rule-based VLAN 比 較

  10. VTP (VLAN Trunking Protocol) • VLAN Trunking Protocol, VTP目的是要管理交換機上所有設定的VLAN,可新增、刪除、修改 VLAN,並維護網路的一致性,其範圍為相同VTP Domain 名稱,而且互連在一起的Switch。

  11. VTP (VLAN Trunking Protocol) • 主要功能 • VTP允許VLAN通過多種傳輸媒介。 • VTP維護VLAN領域內資訊的同步。 • VTP可以確實地監控和追蹤VLAN的運作。 • VTP只會在 Trunk port 上傳遞。 • VTP在Trunk port 會廣播的資訊有: • 管理領域名稱 • 設定的繼承號碼 • 已知的VLAN參數

  12. VTP (VLAN Trunking Protocol) • Modes: • Server 模式:Switch預設模式,必須在此模式才能新增、修改或刪除VTP網域中的VLAN,在此模式下對交換機所作的任何修改都會影響給整個VTP網域。 • Transparent 模式:不參與VTP網域運作,只轉送VTP資訊。 • Client 模式:接收來自VTPServer的資訊,並更新VLAN,但不能做任何更改。

  13. VTP (VLAN Trunking Protocol) • VTP Pruning • 在Switch中,我們還可以啟動VTP Pruning功能,以刪除不必要的flooded traffic 的資訊通過其它的 Switch,以節省頻寬,增加整體網路效能。

  14. IGMP(Internet Group Management Protocol) • 主要是用來定義如何在Layer 3建立multicast group,這個protocol不是用來傳送資料用的,專門用來建立與管理multicast group 。 • D class • (224.0.0.0 ~ 239.255.255.255) • 是用來做multicast group

  15. IGMP (Internet Group Management Protocol) • IGMPv1: Hosts can join multicast groups. There were no leave messages. Routers were using a time-out based mechanism to discover the groups that are of no interest to the members.

  16. IGMP(Internet Group Management Protocol) • IGMPv2: Leave messages were added to the protocol. Allow group membership termination to be quickly reported to the routing protocol, which is important for high-bandwidth multicast groups and/or subnets with highly volatile group membership.

  17. IGMP (Internet Group Management Protocol) • IGMPv3 Major revision of the protocol. It allows hosts to specify the list of hosts from which they want to receive traffic from. Traffic from other hosts is blocked inside the network. It also allows hosts to block inside the network packets that come from sources that sent unwanted traffic.

  18. IGMP V1/V2/V3 • IGMP V1:兩種 query 和report ; router 等待超時時間才知道組成員已經不存在。 • IGMP V2:三種query,report和Leave而且Query包也分為兩種,一為正常的Query,查詢所有的組是否有成員(類似於V1);一種為特殊的query,在收到Leave封包後,路由器所發出的只查詢該組的query封包。 • IGMP V3:兩種query和report。增加Source filtering功能,host可以通知路由器,指定只收或者不收,某些特定的組和原地址的封包,防止了Unkonw host的DOS攻擊,query分為三種, 查詢所有組的/特殊組的/特殊組和特殊源地址的。

  19. IGMP Snooping • IGMP snooping(Internet Group Management Protocol snooping)是運行在layer 2 Ethernet Switches上的群播約束機制,用於管理和控制群播組。

  20. B C A D IGMP Snooping • IP multicasting without IGMP snooping

  21. B C A D IGMP Snooping • IP multicasting with IGMP snooping

  22. Spanning Tree • Without STP Broadcast Storm

  23. Spanning Tree • With STP

  24. Spanning Tree • STP運作原理有下列要素: • 每個網路上都有一個Root Bridge • 每個non-Root Bridge 有一個Root Port • 每個區段上都有一個Designated Port • Non-designated Port 是無用的,通常就是被Blocking的Port。 • Root Bridge是由最低的Bridge ID所得。 • Bridge ID是由Priority 加上MAC address所組成。 • Root Port是由到達Root Bridge最低Path Cost (路徑成本)的Port所取得。

  25. Spanning Tree

  26. Reference • Cisco ROUTER入門之理論、實務與認證,蕭文龍、林奇南,2006,碁華。 • 區域網路交換器技術發展,田慶明,工研院交大網路測試中心。 • http://speed.cis.nctu.edu.tw/~ydlin/course/cn/exp/Exp_NBL/stp/stp_manual.pdf • http://guiderworld.blogspot.com/2009/03/layer-2-switch.html • http://www.cs.nthu.edu.tw/~nfhuang/chap16.htm • http://blog.xuite.net/jackytseng7028/WikiLife/26523148 • http://en.wikipedia.org/wiki/IGMP_snooping • 柯開維教授上課投影片

  27. Q&A Thanks for your attention!

More Related