[go: nahoru, domu]
Jump to content

IEEE 802.1Q

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by 75.57.175.145 (talk) at 14:57, 4 July 2010 (→‎Frame format). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

IEEE 802.1Q, or VLAN Tagging, is a networking standard written by the IEEE 802.1 workgroup allowing multiple bridged networks to transparently share the same physical network link without leakage of information between networks. IEEE 802.1Q — along with its shortened form dot1q — is commonly used to refer to the encapsulation protocol used to implement this mechanism over Ethernet networks.

IEEE 802.1Q defines the meaning of a Virtual LAN (VLAN) with respect to the specific conceptual model underpinning bridging at the MAC layer and to the IEEE 802.1D spanning tree protocol. This protocol allows for individual VLANs to communicate with one another with the use of a switch with layer-3 capabilities, or a router.

Example use

As an illustration of the utility of VLANs, consider a company whose IT department wishes to provide separate logical networks for each department in the company while using only one physical corporate network. The IT department assigns a unique VLAN per department. Edge switches on the corporate network are configured to insert an appropriate VLAN tag into all data frames arriving from equipment in a given department. After the frames are switched through the corporate network, the VLAN tag is stripped before the frame is sent back to the department's equipment, possibly at a different geographical location. In this way, traffic from one department cannot be leaked to or snooped from another department.

Frame format

Insertion of 802.1Q Tag in Ethernet-II frame

802.1Q does not actually encapsulate the original frame. Instead, for Ethernet II frames, it adds a 32-bit field between the source MAC address and the EtherType/Length fields of the original frame. The VLAN tag field has the following format:

16 bits 3 bits 1 bit 12 bits
TPID PCP CFI VID
  • Tag Protocol Identifier (TPID): a 16-bit field set to a value of 0x8100 in order to identify the frame as an IEEE 802.1Q-tagged frame. This field is located at the same position as the EtherType/Size field in untagged frames, and is thus used to distinguish the frame from untagged frames.
  • Priority Code Point (PCP): a 3-bit field which refers to the IEEE 802.1p priority. It indicates the frame priority level from 0 (lowest) to 7 (highest), which can be used to prioritize different classes of traffic (voice, video, data, etc).
  • Canonical Format Indicator (CFI): a 1-bit field. If the value of this field is 1, the MAC address is in non-canonical format. If the value is 0, the MAC address is in canonical format. It is always set to zero for Ethernet switches. CFI is used for compatibility between Ethernet and Token Ring networks. If a frame received at an Ethernet port has a CFI set to 1, then that frame should not be bridged to an untagged port.
  • VLAN Identifier (VID): a 12-bit field specifying the VLAN to which the frame belongs. A value of 0 means that the frame doesn't belong to any VLAN; in this case the 802.1Q tag specifies only a priority and is referred to as a priority tag. The hexadecimal value of 0xFFF is reserved. All other values may be used as VLAN identifiers, allowing up to 4094 VLANs. On bridges, VLAN 1 is often reserved for management. The 12-bit field can be partitioned into two 6-bit fields to extend the Destination and Source 48-bit addressing. With Triple-tagging 18 bits are added to the 48 resulting in 66 bits of addressing.

For frames using IEEE 802.2/SNAP encapsulation with an OUI field of 00-00-00 (so that the protocol ID field in the SNAP header is an EtherType), as would be the case on LANs other than Ethernet, the EtherType value in the SNAP header is set to 0x8100 and the aforementioned extra 4 bytes are appended after the SNAP header.[citation needed]

Because inserting the VLAN tag changes the frame, 802.1Q encapsulation forces a recalculation of the original FCS field in the Ethernet trailer. It also increases the maximum frame size by 4 bytes.

Double-tagging(QinQ) can be useful for Internet Service Providers, allowing them to use VLANs internally while mixing traffic from clients that are already VLAN-tagged. The outer (next to Source MAC and representing ISP VLAN) tag comes first, followed by the inner tag. In such cases, an alternate TPID such as hex 9100, or even 9200 or 9300, sometimes may be used for the outer tag; however this is being deprecated by 802.1ad, which specifies 88a8 for service-provider outer tags.

Insertion of 802.1ad DoubleTag in Ethernet-II frame

Triple-tagging is also possible. The 12-bit VID fields extend the 48-bit Destination and Source addressing to 66 bits. The middle 3-bit PCP field is used as a TTL or Hop-Count to ensure packets do not circulate forever. The last 3-bit PCP field is used for Content Rating - 000 NR to 111 XXX. The three CFI bits are combined to encode the Next Header (or Protocol) found in the Payload Section. Only two of the CFI bits can be used, resulting in four protocols. [NOP,ICMP,ENCAP,UDP] The NOP (No Protocol) is a tiny Payload Section mostly for IP byte/pipe streams. ICMP provides control. UDP adds Ports and a semi-redundant length from IP. The ENCAP protocol or Payload Type allows all of the above to be ENCAPsulated.

Trunk Ports and the Native VLAN

Clause 9 of the 1998 802.1Q standard defines the encapsulation protocol used to multiplex VLANs over a single link, by adding VLAN tags. However, it is possible to send frames either tagged or untagged, so to help explain which frames will be sent with or without tags, some vendors (most notably Cisco) use the concepts of a) Trunk Ports and b) the Native VLAN for that trunk.

The concept of a Trunk Port is that once a port is designated as a Trunk Port, it will forward and receive tagged frames.

Frames belonging to the Native VLAN do NOT carry VLAN tags when sent over the trunk. Conversely, if an untagged frame is received on a trunk port, the frame is associated with the Native VLAN for this port.

For example, if an 802.1Q port has VLANs 2, 3 and 4 assigned to it with VLAN 2 being the Native VLAN, frames on VLAN 2 that egress (exit) the aforementioned port are not given an 802.1Q header (ie., they are plain Ethernet frames). Frames which ingress (enter) this port and have no 802.1Q header are put into VLAN 2. Behaviour of traffic relating to VLANs 3 & 4 is as to be expected - frames arriving for VLANs 3 & 4 are expected to be carrying tags that identify them so, and frames leaving the port for VLANs 3 & 4 will carry their respective VLAN tag.

Not all vendors use the concept of Trunk Ports and Native VLANS. Annex D to the 1998 802.1Q standard uses the concept of Trunk Links, but the current (IEEE Std 802.1D- 2004) standard does not use the terms Trunk or Native.

Multiple VLAN Registration Protocol

In addition, IEEE 802.1Q defines Multiple VLAN Registration Protocol (MVRP), an application of the Multiple Registration Protocol, allowing bridges to negotiate the set of VLANs to be used over a specific link.

MVRP replaced the slower GARP VLAN Registration Protocol (GVRP) in 2007 with the IEEE 802.1ak-2007 amendment.

Multiple spanning-tree protocol

The 2003 revision of the standard also rolled in the Multiple Spanning Tree Protocol (MSTP) originally defined in IEEE 802.1s.

See also

References

  • IEEE Std. 802.1Q-2005, Virtual Bridged Local Area Networks (PDF). ISBN 0-7381-3662-X.
  • ISL & 802.1q Frame Formats
Retrieved from "https://en.wikipedia.org/w/index.php?title=IEEE_802.1Q&oldid=371707530"