Homework#4 Due June 15, 2006
Upcoming SlideShare
Loading in...5
×
 

Homework#4 Due June 15, 2006

on

  • 439 views

 

Statistics

Views

Total Views
439
Views on SlideShare
439
Embed Views
0

Actions

Likes
0
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft Word

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Homework#4 Due June 15, 2006 Homework#4 Due June 15, 2006 Document Transcript

  • Homework#4 Due June 15, 2006 9456507 陳軒昀 1. Try to do web search and find out 3 VLAN products from different vendors. You have to describe the detailed protocols of these products. A. IEEE 802.1Q The IEEE 802.1Q specification establishes a standard method for tagging Ethernet frames with VLAN membership information. The IEEE 802.1Q standard defines the operation of VLAN Bridges that permit the definition, operation and administration of Virtual LAN topologies within a Bridged LAN infrastructure. The 802.1Q standard is intended to address the problem of how to break large networks into smaller parts so broadcast and multicast traffic would not grab more bandwidth than necessary. The standard also helps provide a higher level of security between segments of internal networks. The key for the IEEE 802.1Q to perform the above functions is in its tags. 802.1Q-compliant switch ports can be configured to transmit tagged or untagged frames. A tag field containing VLAN (and/or 802.1p priority) information can be inserted into an Ethernet frame. If a port has an 802.1Q-compliant device attached (such as another switch), these tagged frames can carry VLAN membership information between switches, thus letting a VLAN span multiple switches. However, it is important to ensure ports with non-802.1Q-compliant devices attached are configured to transmit untagged frames. Many NICs for PCs and printers are not 802.1Q-compliant. If they receive a tagged frame, they will not understand the VLAN tag and will drop the frame. Also, the maximum legal Ethernet frame size for tagged frames was increased in 802.1Q (and its companion, 802.3ac) from 1,518 to 1,522 bytes. This could cause network interface cards and older switches to drop tagged frames as "oversized." Protocol Structure - VLAN: Virtual Local Area Network and the IEEE 802.1QIEEE 802.1Q Tagged Frame for Ethernet: 7 1 6 6 2 2 2 42-1496 4 Preamble SFD DA SA TPID TCI Type Length Data CRC
  • • Preamble (PRE)- 7 bytes. The PRE is an alternating pattern of ones and zeros that tells receiving stations that a frame is coming, and that provides a means to synchronize the frame-reception portions of receiving physical layers with the incoming bit stream. • Start-of-frame delimiter (SFD)- 1 byte. The SOF is an alternating pattern of ones and zeros, ending with two consecutive 1-bits indicating that the next bit is the left-most bit in the left-most byte of the destination address. • Destination address (DA)- 6 bytes. The DA field identifies which station(s) should receive the frame. • Source addresses (SA)- 6 bytes. The SA field identifies the sending station. • TPID- defined value of 8100 in hex. When a frame has the EtherType equal to 8100, this frame carries the tag IEEE 802.1Q / 802.1P. • TCI - Tag Control Information field including user priority, Canonical format indicator and VLAN ID. 3bits 1bit 12bits User Priority CFI Bits of VLAN ID (VIDI) to identify possible VLANs • User Priority- Defines user priority, giving eight (2^3) priority levels. IEEE 802.1P defines the operation for these 3 user priority bits. • CFI- Canonical Format Indicator is always set to zero for Ethernet switches. CFI is used for compatibility reason between Ethernet type network and Token Ring type network. If a frame received at an Ethernet port has a CFI set to 1, then that frame should not be forwarded as it is to an untagged port. • VID- VLAN ID is the identification of the VLAN, which is basically used by the standard 802.1Q. It has 12 bits and allow the identification of 4096 (2^12) VLANs. Of the 4096 possible VIDs, a VID of 0 is used to identify priority frames and value 4095 (FFF) is reserved, so the maximum possible VLAN configurations are 4,094. • Length/Type- 2 bytes. This field indicates either the number of MAC- client data bytes that are contained in the data field of the frame, or the frame type ID if the frame is assembled using an optional format.
  • • Data- Is a sequence of nbytes (42=< n =<1496) of any value. The total frame minimum is 64bytes. • Frame check sequence (FCS)- 4 bytes. This sequence contains a 32-bit cyclic redundancy check (CRC) value, which is created by the sending MAC and is recalculated by the receiving MAC to check for damaged frames. B. Cisco ISL (Inter-Switch Link) & DISL (Dynamic Inter-Switch Link) Inter-Switch Link. Protocol (ISL), a Cisco-proprietary protocol, maintains VLAN information as traffic flows between switches and routers. Inter-Switch Link (ISL) tagging accomplishes the same task as 802.1Q trunking but uses a different frame format. ISL trunks are Cisco proprietary and define only a point-to-point connection between two devices, typically switches. The name Inter-Switch Link hints at this design. ISL frame tagging uses a low-latency mechanism for multiplexing traffic from multiple VLANs on a single physical path. ISL has been implemented for connections among switches, routers, and network interface cards (NICs) used on nodes such as servers. To support the ISL feature, each connecting device must be ISL- configured. A router that is ISL-configured can allow inter-VLAN communications. A non-ISL device that receives ISL-encapsulated Ethernet frames will most likely consider them protocol errors because of the format and size of the frames. ISL functions at Layer 2 of the OSI model like 802.1Q, but it differs by encapsulating the entire Layer 2 Ethernet frame inside an ISL header and trailer. Because ISL encapsulates the entire frame, it is protocol-independent and can carry any type of Layer 2 frame or upper-layer protocol between the switches. The encapsulated frames may be token-ring or Fast Ethernet, and are carried unchanged from transmitter to receiver. ISL has the following characteristics: • Performed with application-specific integrated circuits (ASIC) • Not intrusive to client stations; client does not see the ISL header
  • • Effective between switches, routers and switches, and switches and servers with ISL NICs Dynamic Inter-Switch Link Protocol (DISL), also a Cisco protocol, simplifies the creation of an ISL trunk from two interconnected Fast Ethernet devices. Fast EtherChannel technology enables aggregation of two full-duplex Fast Ethernet links for high-capacity backbone connections. DISL minimizes VLAN trunk configuration procedures because only one end of a link needs to be configured as a trunk. Protocol Structure - ISL & DISL: Inter-Switch Link and Dynamic ISL Protocol ISL header structure: 40 4 4 48 16 8 24 15 1 16 16bit DA Type User SA Len AAA03 HSA VLAN BP DU Index Resv • DA - 40-bit multicast destination address. • Type - 4-bit descriptor of the encapsulated frame types - Ethernet (0000), Token Ring (0001), FDDI (0010), and ATM (0011). • User - 4-bit descriptor used as the type field extension or to define Ethernet priorities. This is a binary value from 0, the lowest priority, to 3, the highest priority. • SA - 48-bit source MAC address of the transmitting Catalyst switch. • LEN - 16-bit frame-length descriptor minus DA type, user, SA, LEN, and CRC. • AAAA03 - Standard SNAP 802.2 LLC header. • HSA - First 3 bytes of SA (manufacturer's ID or organizational unique ID). • VLAN - 15-bit VLAN ID. Only the lower 10 bits are used for 1024 VLANs. • BPDU - 1-bit descriptor identifying whether the frame is a Spanning Tree bridge protocol data unit (BPDU). Also set if the encapsulated frame is a Cisco Discovery Protocol (CDP) frame. • INDEX - 16-bit descriptor that identifies the transmitting port ID. Used for diagnostics.
  • • RES - 16-bit reserved field used for additional information, such as Token Ring and Fiber Distributed Data Interface (FDDI) frame Frame Check (FC) field. C. 3Com VLT (Virtual LAN Trunk) 3Com VLT 是由 3Com 提出的 VLAN protocol,只有在 3Com 的產品上 被支援,自從 IEEE 802.1Q 出來後,已經有越來越多人放棄使用 VLT,轉而改用 802.1Q,因此現在也不太容易找到相關的文件。 2. Try to do web search to find 3 different WLAN security protocols which has been deployed in the commercial products. You should address 3 different products from different vendors for your description. A. Protocols i. WEP (Wired Equivalent Privacy) ii. WPA (WiFi Protected Access) iii. 802.1X B. Products i. ASUS WL-106gM Cardbus • 240 MIMO: Advanced MIMO technology, double speed than 108 MIMO, Data Rate: 240Mbps, Actual throughput: 100Mbps • Faster than wire Ethernet: Boost wireless transfer speed up to 100Mbps • Boost coverage area of 802.11g standard by 8X • WMM (Wi-Fi Multimedia) - Enhance wireless transfers of audio/video content
  • • Data Security - WPA2, WPA-PSK, TKIP, WEP • Support 802.11e ii. Buffalo Model # Buffalo Notebook Card Wireless LAN (802.11g, 802.11b) Standards Compliance 802.11g (Wireless LAN standard) 802.11b (Wireless LAN Standard) Frequency Range 2,412 - 2,462GHz Transmission Mode 802.11g: 6, 9, 12, 18, 24, 36, 48, 54Mbps 802.11b: 1, 2, 5.5, 11Mbps Security WPA, AES, 802.1x and up to 128-bit WEP Access Mode Infrastructure Mode / AdHoc Mode Antenna Diversity Antenna (Internal) External Antenna Connector MC Output Power 15dBm (32mW) Interface 32-bit CardBus Communication Protocol Direct Sequence Spread Spectrum (DSSS), Half-Duplex, OFDM Dimensions W2.1 x H4.3 x D.25in (W54 x H110 x D6mm) Weight 1.6 oz (45g) Operating Environment 0-55° C, 20-80% humidity (non-condensing) Power Consumption TX peak: 550mA@3.3VDC RX peak: 350mA@3.3VDC Idle: 225mA@3.3VDC radio disable:<10mA@3.3VDC iii. D-link DWL-G650 > High Speed 2.4GHz (802.11g) Wireless 108Mbps1 Cardbus Adapter Product Features: • Up to 108Mbps* • Works with 802.11b Devices • Great for Video Streaming • 802.11g, 802.11b Compatible • Increased Security with 802.1X and WPA