VLAN (Virtual LAN) technology is an important technical measure to ensure the safe and stable operation of large networks. with the active participation of many vendors and the widespread acceptance of end users, it has been widely used in actual network construction. The reason why VLAN technology is attractive is that it has enhanced its network management functions in three aspects, this simplifies the workload caused by changes to workstations and equipment, effectively controls network data traffic, and provides security assurance at the workgroup level and network level.
Therefore, implementing VLAN Technology in a timely and effective manner not only can fully meet users' requirements on network flexibility and scalability, it also provides an effective technical means to isolate network faults and efficiently allocate network backbone bandwidth.
From a technical perspective, VLANs can be implemented in both switched Ethernet and ATM backbone networks. In comparison, VLAN configuration in an ATM environment is far more difficult than the former. This undoubtedly puts forward higher requirements for professional network technicians, so that they not only need to understand the working principle of atm lan simulation of atm lane), but also need to be familiar with various network equipment, such as ATM switches, LAN switches, and routers. Even so, the ATM technology brings bandwidth from 25 Mbps to 155Mbps and even 622Mbps, and can meet the requirements of desktop users for voice, data and image processing. Therefore, many enterprises still adopt the ATM network.
Next, we will focus on the division and configuration of atm vlan based on the practical experience of building an ATM man in Wuhan Power Supply Bureau.
I. VLAN division design
According to the design requirements of the ATM man Phase I of Wuhan Power Supply Bureau, the first batch of four grass-roots production units must be connected to the ATM Backbone Network, these are respectively Hankou line branch, Hanyang line branch, Wuchang line branch, Qingshan line branch, plus the Bureau building, a total of five, and then Hankou substation Branch), distributed in three towns in Wuhan.
Based on the principle that 70% of network traffic flows inside a VLAN and 30% of the traffic flows between VLANs, VLAN logic can be divided by workflow, functional department, or geographical location. The division technology can be implemented based on switch ports, Nic MAC physical addresses, and layer-3 network protocol layer. In these three division technologies, in particular, the implementation method based on switch ports is the most flexible and easy to maintain. Therefore, it has been widely used in VLAN design.
Although the VLAN technology can effectively control network data traffic and save the network bandwidth of the backbone network, it is necessary to rationally implement VLAN division for the Metropolitan Area Network. In addition, the key to improving VLAN operation efficiency is to make the network traffic in a VLAN as much as possible to be digested within it, reducing access traffic between VLANs, this requires the designers to understand the working methods, workflows, and network-based applications of various user groups in the network. Only in this way can they design efficient VLANs.
According to the requirement analysis, most production management application systems of grass-roots units are concentrated in the local LAN. Only a small amount of data needs to be collected from different regions to the Bureau Information Center, this provides a reliable basis for effective VLAN division.
Through repeated comparisons and trade-offs, we decided to use the geographical location as the basis for division, and divided the parts by functional departments. The specific implementation is shown in the appendix.
VLAN division in the Appendix
It can be seen from the table that each VLAN corresponds to an independent IP network segment, so that the IP broadcast group and the VLAN collision domain can be combined one by one. In this way, on the one hand, it is conducive to the Dynamic Allocation of IP addresses by the DHCP Server, on the other hand, it also makes the network structure clear and easy to understand, facilitating the maintenance and management of network administrators.
Ii. Network Environment
The first phase of the Wuhan Power Supply Bureau Metro is a backbone of ATM, with local authorities as the center, with four backbone nodes: Hankou line branch, Hanyang line branch, Wuchang line branch, and Qingshan line branch, connect them to a man that covers three towns in Wuhan using the OC3 155Mbps optical fiber trunk. See figure 1.
All network devices use Cisco Systems. Among them, the core switch of the ATM uses Lightstream 1010, And the edge device of the ATM uses the Catalyst LAN switch series products. They are connected to Lightstream 1010 through a long-distance single-mode optical fiber, and the Cisco 7507 high-end router is used as the inter-network route.
Windows NT is used for network operating systems, and TCP/IP is used for network protocols.
Iii. atm lane Configuration
To allow VLAN communication across the ATM Backbone Network, you must first configure the LAN Emulation and LANE Simulation for the ATM Backbone Network.
There are many differences between the traditional Ethernet working mechanism and the ATM network technology. To use ATM as the backbone network in a man to connect local networks distributed in different regions, there must be a solution to achieve interconnection between the two, so the atm lane technology came into being. By using LANE, the ATM network can simulate the work of the LAN, so that multiple LAN can be connected to the ATM network without any modification. ATM is responsible for bridging, which is completely transparent and seamless for users. It seems to work in a pure Ethernet environment, as shown in figure 2.
The configuration process of LANE is complicated, and the following four services must be started for normal operations of LANE:
1. LECS (LANE Configuration Server). a lecs must exist in a LANE environment.
2. For a Broadcast and Unknown Server, an ELAN must have a BUS.
3. LES (LANE Server), an ELAN must have a LES.
4. LEC (LANE Client), one ELAN can have multiple LEC.
To build a LANE environment, you must configure the Cisco 7507 router, LS1010 ATM switch, and the Catalyst 5000, 3200, 2924, and 2828 LAN switches equipped with the ATM module.
1. Configure the ATM module on the Cisco 7507 vro to act as LECS in the entire LANE environment and act as each ELAN. The number of ELAN must be the same as that of VLAN. For example, you need to create LES, BUS, and LEC among 10 Elans in this network. The configuration command is as follows:
!!! Show lane default-atm-address ! Obtain the ATM address of the atm lane. This address is used as the ATM address of LECS, It is stored in the Lightstream 1010 ATM switch. Config t Lane database database_name; Specify a database for LANE Name elan_name server-atm-address [index number] ! Repeat this command to create multiple ELAN environments and use yourself as the LES of each ELAN. ! In the local network, the setting process is as follows: ! Name default server-atm-address 47.009181000000001011be3401.0050d1070081.01 !...... ! Name vlan0050 server-atm-address 47.009181000000001011be3401.0050d1070081.32 Interface atmslot/module/port; enter the ATM port setting mode Atm pvc 1 0 5 qsaal; Set PVC Signaling Atm pvc 2 0 16 ilmi; set communication between PVC and Local Management Mode Lane config database database_name; configure the LANE database Interface atmslot/module/port. subinterface multipoint ; Indicates the sub-port and enters the sub-port setting mode. Ip address ip_address netmask; specify an ip address for the sub-Port Lane server-bus ethernet elan_name; Set the LES/BUS service for ELAN and simulate Ethernet. Lane client ethernet elan_name; Add yourself as LEC to the ELAN ! In this network, the process of setting Cisco 7507 as the BUS and LEC of the preceding multiple Elans is as follows: ! Inter atm4/0/0.1 multipoint ! Ip address 12.240.16.31 ! Lane server-bus ethernet default ! Lane client ethernet default ! Exit !...... ! Inter atm4/0/0.50 multipoint ! Ip address 12.240.0000254 ! Lane server-bus ethernet vlan0050 ! Lane client ethernet vlan0050 ! Exit End Copy running-config startup-config !!! |
Note that the number of Elans to be created must be the same as the number of previously planned VLANs so that they can maintain a one-to-one correspondence, it is recommended that the names of ELAN and VLAN be the same. In this network, the ELAN/VLAN names are default and vlan0002 ...... Vlan0040 and vlan0050 for ease of management.
2. Configure the Lightstream1010 ATM Switch
The configuration command is as follows:
!!! Atm lecs-address-default atm_address ! The atm_address is in the Cisco 7507 configuration, The atm obtained by show lane default-ATM-address ! Address. !!! |
Because the LANE 1.0 standard does not take into account the failure of the LANE due to a single point of failure (spof) of the device, Cisco proposes a Simple Server Redundancy Protocol (SSRP) to eliminate this potential fault risk. By configuring the Processor ATM Switch Processor and ASP on the LS1010 ATM Switch, you can back up LECS, LES, BUS, and LEC.
The LANE backup configuration process of LS1010 ATM switch is basically the same as that of the Cisco 7507 router.
3. ATM module configuration on the Catalyst 5000 LAN switch
1) configure the ATM module on the Catalyst 5000 to the LEC mode. The procedure is as follows.
!!! Session 5; start the ATM module in Catalyst 5000 slot 5 Interface atm5; set the ATM Master Port Atm pvc 1 0 5 qsaal Atm pvc 2 0 16 ilmi Lane config auto-config-atm-address Interface atmslot/module/port. subinterface multipoint Lane client [ethernet elan-name] ! In this network, the process of setting Catalyst 5000 as the LEC of each ELAN is as follows: ! Inter atm 5/0/0.1 multipoint; Enter the sub-port named default ELAN ! Lane client ethernet default; declared as the LEC of the ELAN named default ! Exit !...... ! Inter atm 5/0/0.50 multipoint; Enter the sub-port named vlan0050 ! Lane client ethernet vlan0050; Declaration as LEC of ELAN named vlan0050 ! Exit End Copy running-config startup-config !!! |
2) perform the LEC configuration of each elan on the 2924 and 2828 LAN switches with an ATM module. The configuration process is exactly the same as that on the Catalyst 5000. The ATM configuration method of Catalyst 3200 is based on the menu selection mode, which is very intuitive and easy to understand.
So far, all the atm lane configuration processes have been completed.
Note the following two points when configuring an atm lane.
1. subport Subinterface) Concept
Generally, the ATM module equipped with network devices only provides one ATM port, while one ATM port can only correspond to one ELAN environment, to add an ATM device to multiple ELAN environments, or ELAN cannot communicate with each other, a logical concept such as sub-port is introduced. With it, you can Virtualize an ATM physical port into multiple ATM logical ports. Each logical port corresponds to an ELAN environment, therefore, an ATM device must be added to multiple ELAN environments.
2. Comparison between VLAN and ELAN
In the atm lane environment, the ELAN and VLAN correspond one to one, and the number of VLANs corresponds to the number of Elans. The two use the LANE simulation interface located on the second layer, establishes ing transparently.
ELAN only exists in an ATM network environment. It takes an ATM switch as the center and a LAN switch equipped with an ATM module as the boundary. a vlan not only contains the corresponding ELAN, it also includes Ethernet ports, workstations, and servers belonging to this VLAN. That is, ELAN is a subset of VLAN, and VLAN is a superset of ELAN.
Like VLAN, ELAN is also a broadcast domain. The broadcast in an ELAN does not spread to other Elans. The communication between ELAN is achieved through the router that belongs to their LEC at the same time.
Iv. VLAN settings and Division
1. VLAN settings can be performed on Catalyst 5000. The procedure is as follows.
!!! Set vtp domain domain_name mode server; Define VLAN work domains and work modes Set vlan vlan_number name vlan_name; Define VLAN numbers and VLAN names ! In the local network, the setting process is as follows: ! Set vlan 1 name default; defines the vlan of the bureau Building !...... ! Set vlan 50 name vlan0050; define VLAN of Qingshan Branch 2. The process of Dividing Ethernet ports into VLANs on Catalyst 5000 is as follows. !!! Set vlan vlan_number module/port | port_rage ! Divide Ethernet ports on Catalyst 5000 into VLANs ! In the local network, the setting process is as follows: ! Set vlan 2 4/1 ~ 24 ! Will be located in the Ethernet module of the Catalyst 5000 slot 4 1 ~ Port 24 is switched to VLAN 2 !...... Exit Copy running-config startup-config !!! |
3. Map the ELAN and VLAN on the Catalyst 5000 to match them one by one.
!!! Inter atm5 Inter ATM 5.1 multipoint Lane client ethernet 1 default; Map a VLAN numbered 1 with an ELAN named default !...... Inter ATM 5.50 multipoint Lane client ethernet 50 vlan0050; Map a VLAN numbered 50 with an ELAN named vlan0050 !
|
It is worth noting that in Cisco IOS, VLAN recognition is uniquely identified by VLAN numbers, while ELAN recognition is uniquely identified by the ELAN name.
4. VLAN ports on other LAN switches of the Catalyst are divided into VLAN ports of Catalyst 3200 and 1924 Based on the menu-driven mode, you do not need to enter a command in CLI mode as in Catalyst 5000. Therefore, they are simple and intuitive to configure.
The Catalyst 2828 and 2924 are even more advanced. They not only support CLI mode, but also support Web-Based Management. VLAN division can be implemented for ports through browsers ), dynamic ports can be divided into multiple VLANs at the same time) also provides good support, which makes their configuration process more intuitive and more operable.
So far, the VLAN environment based on the ATM Backbone Network has been fully established to achieve communication between VLANs across the ATM trunk.