Normal Ethernet II frame
--------------------------------------------------------------------------------------------------
| DA = 6 octets | SA = 6 octets | Type = 2 octets | DATA = 46-1500 Octets | FCS = 4 octets |
--------------------------------------------------------------------------------------------------
802.1q tagged frame
----------------------------------------------------------------------------------------------------------------
| DA | SA | TY = 0x8100 | 802.1q info = 2 bytes | Original TYPE | DATA = 46-1500 Octets | FCS = 4 octets |
----------------------------------------------------------------------------------------------------------------
The 802.1q info is
-----------------------------------------------------
| prio = 3bits | 0 | vlan number = 12 bits (0-4095) |
-----------------------------------------------------
3 bits priority (can be used for QOS)
1 bit CFI (canonical format indicator 0 usually)
12 bits vlan number (0-4095)
A normal switch/bridge port that talks to a normal workstation is called an access port and only accepts normal Ethernet II frames. The switch will have been programmed to assign a vlan ID to all frames that come in from a access port. It will only send frames that are tagged with the vlan ID out the port, though it will remove all vlan information. This allows each VLAN to be a separate broadcast domain, IE a separate network at layer 3.
Trucked ports are used between switches and each frame contains all the 802.1q tag information. So as a frame travels between switches it maintains all vlan information. A truck port can carry all vlans or only a subset of available vlans, as needed.
Hosts (usually routers) can also be connected to trucked ports. They would present each vlan as a separate Ethernet interface (or sub interface).
Some switches will also maintain separate spanning tree instances on each vlan, but some switches only maintain one spanning tree instance for all vlans. If the switch only maintains one spanning tree instance for all vlans you need to make sure all switches participating in spanning tree will trunk all vlans between them.
Ethernet bridges and Ethernet switches are mostly the same device. The term bridge is older. It originally meant a device with two ports, linking two Ethernet segments (or collision domains). Modern switches can be thought of as multi-port bridges.
Learning bridges and switches will listen on the Ethernet segments they are attached to and note (from the source MAC addresses) which stations are on which ports. Then when traffic comes in destined (again, we are talking Ethernet MAC addresses here, layer 2, not layer 3 ip addresses) to a station, the switch will only send the frame out to the port that the destination station has been seen on.
Of course if a destination address is not in the switches table (IE it has not learned it) then the frame is usually flooded out all ports (other then the one it came in on). Also, all broadcast/multicast traffic is flooded out all ports other than the port it came in on. Both of these behaviors are dependent on the manufacturer of the switch, but those are the most common.
At times it would be nice to connect two Ethernet segments with more than one switch, and have systems graciously use one link if the other was down. Or link two switches together with two links in case one failed. But if we did this you would form loops in the network, as frames would be forwarded back and forth. Broadcast or frames with destinations not learned yet would be especially problematic.
This is where spanning tree protocol comes in. Defined in IEEE 802.1d, it is a protocol designed to insure that if multiple bridged paths exist between Ethernet segments, only one is active.
When a 802.1d bridge starts up it does not immediately begin learning and forwarding frames. Instead it listens for and transmits Bridge Protocol Data Units (BPDU's) that lets other bridges see that this new bridge will be joining the network.
BPDUs contain the following information.
A 64 bit bridge ID (16 bit priority + 48 bit MAC address of the bridge.) Whom the sender believes to be the root bridge for this network. (root bridge id) What the cost to the root will be through the advertising port (Root cost) What port this information is being sent out. (port ID)The root bridge is chosen from all the bridges in the network as the one with the lowest numerical ID. Since the priority is the first 16 bits of the ID, you can use the priority to force some specific bridge to be the root. If all bridges have the same priority then the lowest MAC address bridge will be the root bridge.
All ports on a bridge can be in one of 5 states.
* Blocking - All ports start in this state and do not forward traffic or pay attention
to incoming traffic - except it listens for BPDUs for any neighboring switches
* Listening - All ports start in this state and do not forward traffic or pay attention
to incoming traffic - The switch may send BPDU's out its ports to
alert neighbors that it is participating the the spanning tree.
The switch will use STP and either put the port into blocking state
or advance to learning state.
* Learning - If STP says the bridge should use this port, it will start listening
to learn mac destination addresses to populate the forwarding database.
* Forwarding - It forwards traffic according to the forwarding database
* Disabled - The port has been administratively shut down.
After the bridge has exchanged any BPDU's with neighbors and run the spanning tree algorithm it may choose a set of ports to move to the blocking state to insure only one path to the root bridge. It will use costs associated with the ports (usually based on link capacity) to choose the lowest cost path to the root bridge. All loops will now have been eliminated, and the bridge enter the learning state and shortly after that the forwarding state.
Virtual Router Redundancy Protocol is specified in RFC 3768. It was designed to attempt to solve the "default router" problem.
Every end station need to have some entries in its routing table to allow it to talk to hosts on other IP networks. A end station can run a routing protocol (like ospf) or use a router discovery protocol (like IRDP) the most common way is for end stations to have a static default route assigned via DHCP or some other method.
The problem with a static default route is that if the first hop router that is specified is down, the end host will have no connectivity outside of its network. Even if there are other available routers to connect to.
With VRRP a group of two or more routers can share a single IP address (and a single Ethernet MAC address). Through the use of multicast packets sent out by the current "master" (IE owner) of the virtual IP, other routers know the Master is functioning. If the Master fails, then the next highest priority router will begin responding to both the virtual mac and virtual IP address. The "heartbeat" packets sent by the highest priority virtual router go out once a second, and if the second highest doesn't see the heartbeat for 4 seconds the secondary assumes the virtual IP and virtual Ethernet address.
The MAC address used by VRRP starts with 00:00:5E:00:01:VRID. ID is the VRRP group ID (in decimal 1-255, in hex 1-0xff)in hex 1-0xff)
To configure VRRP on a cisco you work in the interface section. Each interface has its normal address, but you add a second "virtual" IP address as well and specify a priority. The highest priority between any set of VRRP speaking routers on a IP network will assume the virtual IP. As an example, assume you have two routers connected to network 192.168.1.0/24. One (R1) is using 192.168.1.2/24, the other (R2) is using 192.168.1.3/24, and they will both function as 192.168.1.1/24. R1 will have a higher priority than R2. On cisco IOS this would look like:
R1 interface Ethernet0 ip address 192.168.1.2 255.255.255.0 vrrp 1 ip 192.168.1.1 vrrp 1 priority 200 R2 interface Ethernet0 ip address 192.168.1.3 255.255.255.0 vrrp 1 ip 192.168.1.1 vrrp 1 priority 100The syntax is: vrrp VRID ip VIRTUALIP.
VRID is a number between 1-255, which is shared between all the participants in the virtual router. VirtualIP is the IP address of the virtual router.