Today we will cover:
• TCP/IP Model
• VLANs & Trunking
• See diagram on board
• The U.S. Department of Defense (DoD)
created the TCP/IP reference model
because it wanted a network that could
survive anything, like a nuclear war
• We’ve been over TCP…
• Internet Protocol (IP)
Internet Protocol Definition
• IP is a layer 3 protocol that offers a
connectionless service that provides besteffort delivery across a network
– Ex: post office
• IP looks for a way to move the packets to
• IP is packet-based networking
– Layer 3 = packets
TCP/IP Model Layers In Depth
– Handles high-level protocols, encoding, and
– Ex: Telnet, FTP, LPD, SNMP, TFTP, SMTP,
NFS, X Window
• Transport (Host-to-Host)
– Reliability, flow control, and error correction.
– Ex: TCP, UDP
TCP/IP Layers (cont.)
• Internetwork (Internet)
– Defines logical addressing and routing.
– Ex: ICMP, ARP, RARP, IP
• Network Interface (Network access)
– Defines the protocols and hardware required
to deliver data across some physical network.
– EX: Ethernet, Token Ring, FDDI
• “Switching” is a generic term that can be
applied to Layer 2, Layer3, Layer 4, or any
• To switch is to filter or forward data
• A switch is a network device that filters,
forwards, and floods frames based on the
destination address of each frame.
• A Layer 2 LAN switch, like a bridge, performs
switching & filtering based on the MAC address
– Bridge = software-based
– Switch = hardware-based
• All the ports on a bridge or a Layer 2 switch
belong to the same Layer 3 network (i.e., the
same IP network), so a broadcast by one station
is forwarded by all the Layer 2 switches or
bridges to all other stations.
• A Layer 3 switch acts on a packet in the same
way that a traditional router does.
• Layer 3 switches are basically a cross between
a LAN switch and a router.
– Each port on the switch is a separate LAN port
– But, the forwarding engine, the ASIC (application
specific integrated circuit), calculates and stores
routes based on Layer 3 addresses (IP addresses),
NOT MAC addresses
• A Layer 3 switch is a switch that performs
hardware-based routing using Layer 3
– Routers = software-based
• A Layer 3 switch is a cost effective
alternative to the traditional router.
• Layer 4 switching is Layer 3 hardwarebased routing that uses Layer 4 info
• Forwarding based on:
– MAC addresses (Layer 2)
– Source/destination IP addresses (Layer 3)
– TCP/UDP (Layer 4) application port numbers
• More to come on different layer switching
VLAN Concepts & Basics
• Think of a LAN and a broadcast domain
as being basically the same thing.
– Simple collision/broadcast model (p. 246, 247
• Without VLANs, a switch treats all
interfaces on the switch as being in the
same broadcast domain – all connected
devices are in the same LAN.
VLAN Basics (cont.):
• With VLANs, a switch can put some
interfaces (ports) into one broadcast
domain and some into another.
• Essentially, the switch creates multiple
broadcast domains – the individual
broadcast domains are called virtual
– Example: see board (p. 264 INTRO)
Motivations for using VLANs:
• To group users by department, or by
groups that work together, instead of by
• To reduce overhead by limiting the size of
each broadcast domain
• To enforce better security
• Two methods:
– Port-based (done with cables)
– MAC-based (high admin overhead at first)
– Network address (logical or IP address)
• Dynamic vs. static
– Dynamic: done with VLAN Management Policy Server
(VMPS) database – maps MAC addresses to VLANs
• Created by administrator
• We will cover VLAN switch commands in a
Trunking w/ ISL & 802.1q
• Trunking – a method to support multiple
VLANs that have members on more than
• Example: see board (p. 265 INTRO)
• Cisco switches support two different
– Cisco Inter-Switch Link (ISL)
– IEEE 802.1Q
Cisco Inter-Switch Link (ISL)
• Cisco created ISL before the IEEE
standardized a trunking protocol
• ISL is Cisco proprietary; it can only be
used between two Cisco switches
• ISL encapsulates each frame in an ISL
header & trailer
• The ISL header includes several fields, but most
important, the ISL header VLAN field provides a
place to encode the VLAN number.
• By tagging a frame with the correct VLAN
number inside the header, the sending switch
can ensure that the receiving switch knows
which VLAN the encapsulated frame belongs to
– This is called Frame Tagging
ISL Header (cont.)
• Also, the source and destination
addresses in the ISL header use MAC
addresses of the sending and receiving
switch, not the node device that originally
sent the frame.
• Years after Cisco created ISL, IEEE created the
• 802.1Q uses a different style of header than
does ISL for tagging frames with a VLAN
• 802.1Q does not encapsulate – it adds an extra
4-byte header to the middle of the original
– Called Frame Tagging as well
• 802.1Q forces a recalculation of FCS
– See frame example
ISL & 802.1Q Compared:
• Both support a separate instance of
spanning-tree for each VLAN.
– What is purpose of STP?
Passing Traffic Between VLANs
• Layer 2 switching refers to the typical switchprocessing logic found at the DLL
• When VLANs are used, an L2 switch uses the
same logic, but per VLAN.
• There is a MAC address table for each VLAN.
– Unicasts – sent inside one VLAN cannot be forwarded
out ports in another VLAN.
– Broadcasts – cannot traverse VLANs (need a router
Traffic Between VLANs (cont.):
• Layer 3 Forwrding Using a Router:
– Switches do not forward frames between different
– A router does this!!!
• Forwarding Using a Layer 3 Switch:
– The term Layer-3 switch refers to a switch that also
has routing features
– The router internal to the switch performs the same
routing function as a router.
– L3 switches use
• Software used to run other processes, like routing protocols
VLAN Traffic (cont.)
• Layer 4 switching
– The key to understanding Layer 4 switching is
to remember the function of TCP and UDP
port numbers (see p. 155 INTRO for
– With Cisco switches you can enable a feature
called NetFlow switching, which performs
accounting based on Layer 4 information (like
port numbers) while forwarding traffic like a
Layer 3 switch.
VLAN Traffic (cont.):
• Layer 5-7 Switching:
– Also called
• Layer 7 Switching
• Application Layer Switching (named for TCP/IP Model)
– Looks past the Layer 4 header, into application layer
headers, to make switching decisions
– A feature Cisco calls Content Delivery Networks
VLAN Traffic (cont.)
• Multilayer Switching:
– A switch that concurrently performs switching
based on multiple layers.
– For instance, most L3 switches also perform
L2 switching inside a VLAN and L3 switching
for traffic between VLANs.
Comparison of Switching Layers:
• L2 Switching
– (no VLAN to another)
• L3 Switch
• L4 Switch
• L5-L7 Switch
• Forwards based on MAC
• Based on destination IP
address for traffic to
• Typically based on port
• Based on Application
Layer (TCP/IP Model)
• Concurrent switching on
• L2 switching is the only option in the table
that does not allow forwarding from one
VLAN to another.
• External router, connected to L2 switch –
router forwards like always, based on
destination IP address.