rfc2643.txt

著名的RFC文档,其中有一些文档是已经翻译成中文的的.

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


2.1 Features

   Within a connection-oriented switching network, user traffic is
   routed through the switch fabric based on the source and destination
   address (SA/DA) pair found in the arriving packet. For each SA/DA
   pair encountered by a switch, a "connection" is programmed into the
   switch hardware.  This connection maps the SA/DA pair and the port on
   which the packet was received to a specific outport over which the
   packet is to be forwarded.  Thus, once a connection has been
   established, all packets with a particular SA/DA pair arriving on a
   particular inport are automatically forwarded by the switch hardware
   out the specified outport.

   A distributed switching environment requires that each switch be
   capable of processing all aspects of the call processing and
   switching functionality.  Thus, each switch must synchronize its
   various databases with all other switches in the fabric or be capable
   of querying other switches for information it does not have locally.

   SFVLAN accomplishes the above objectives by providing the following
   features:

   -  A virtual directory of the entire switch fabric.

   -  Call processing for IP, IPX and MAC protocols.

   -  Automatic call connection, based on VLAN policy.

   -  Automatic call rerouting around failed switches and links.

   In addition, SFVLAN optimizes traffic flow across the switch fabric
   by providing the following features:

   -  Broadcast interception and address resolution at the ingress port.

   -  Broadcast scoping, restricting the flooding of broadcast packets
      to only those ports that belong to the same VLAN as the packet
      source.

   -  A single loop-free path (spanning tree) used for the flooding of
      undirected interswitch control messages.  Only switches running
      the SFVLAN switching protocol are included in this spanning tree
      calculation -- that is, traditional bridges or routers configured
      for bridging are not included.

   -  Interception of both service and route advertisements with
      readvertisement sourced from the MAC address of the original
      advertiser.



Ruffen, et al.               Informational                      [Page 7]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


2.2 VLAN Principles

   Each SFVLAN switch port, along with its attached endstations, belongs
   to one or more virtual LANs (VLANs).  A VLAN is a logical grouping of
   ports and endstations such that all ports and endstations in the VLAN
   appear to be on the same physical (or extended) LAN segment even
   though they may be geographically separated.

   VLAN assignments are used to determine the validity of call
   connection requests and to scope the broadcast of certain flooded
   messages.

2.2.1 Default, Base and Inherited VLANs

   Each port is explicitly assigned to a default VLAN.  At start-up, the
   default VLAN to which all ports are assigned is the base VLAN -- a
   permanent, non-deletable VLAN to which all ports belong at all times.

   The network administrator can change the default VLAN of a port from
   the base VLAN to any other unique VLAN by using a management
   application known here as the VLAN Manager.  A port's default VLAN is
   persistent -- that is, it is preserved across a switch reset.

   When an endstation attaches to a port for the first time, it inherits
   the default VLAN of the port.  Using the VLAN Manager, the network
   administrator can reassign an endstation to another VLAN.

      Note:

         When all ports and all endstations belong to the base VLAN, the
         switch fabric behaves like an 802.1D bridging system.

2.2.2 VLAN Configuration Modes

   For both ports and endstations, there are a variety of VLAN
   configuration types, or modes.

2.2.2.1 Endstations

   For endstations, there are two VLAN configuration modes: inherited
   and static.

   -  Inherited

      An inherited endstation becomes a member of its port's default
      VLAN.





Ruffen, et al.               Informational                      [Page 8]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


   -  Static

      A static port becomes a member of the VLAN to which it has been
      assigned by the VLAN Manager.

   The default configuration mode for an endstation is inherited.

2.2.2.2 Ports

   For ports, there are two VLAN configuration modes:  normal and
   locked.

   -  Normal

      All inherited endstations on a normal port become members of the
      port's default VLAN.  All static endstations are members of the
      VLAN to which they were mapped by the VLAN Manager.

      If the VLAN Manager reassigns the default VLAN of a normal port,
      the VLAN(s) for the attached endstations may or may not change,
      depending on the VLAN configuration mode of each endstation.  All
      inherited endstations will become members of the new default VLAN.
      All others will retain membership in their previously mapped
      VLANs.

   -  Locked

      All endstations attached to a locked port can be members only of
      the port's default VLAN.

      If the VLAN Manager reconfigures a normal port to be a locked
      port, all endstations attached to the port become members of the
      port's default VLAN, regardless of any previous VLAN membership.

   The default configuration mode for ports is normal.

2.2.2.3 Order of Precedence

   On a normal port, static VLAN membership prevails over inherited
   membership.

   On a locked port, default VLAN membership prevails over any static
   VLAN membership.

   If a statically assigned endstation moves from a locked port back to
   a normal port, the endstation's static VLAN membership must be
   preserved.




Ruffen, et al.               Informational                      [Page 9]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


2.2.3 Ports with Multiple VLAN Membership

   A port can belong to multiple VLANs, based on the VLAN membership of
   its attached endstations.

   For example, consider a port with three endstations, a default VLAN
   of "blue" and the following endstation VLAN assignments:

   -  One of the endstations is statically assigned to VLAN "red."
   -  Another endstation is statically assigned to VLAN "green."
   -  The third endstation inherits the default VLAN of "blue."

   In this instance, the port is explicitly a member of VLAN "blue." But
   note that it is also implicitly a member of VLAN "red" and VLAN
   "green."  Any tag-based flooding (Section 4.8) directed to any one of
   the three VLANs ("red," "green," or "blue") will be forwarded out the
   port.

2.3 Tag/Length/Value Method of Addressing

   Within most computer networks, the concept of "address" is somewhat
   elusive because different protocols can (and do) use different
   addressing schemes and formats.  For example, Ethernet (physical
   layer) addresses are six octets long, while IP (network layer)
   addresses are only four octets long.

   To distinguish between the various protocol-specific forms of
   addressing, many software modules within the SFVLAN product specify
   addresses in a format known as Tag/Length/Value (TLV). This format
   uses a variable-length construct as shown below:

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |                              Tag                              |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | Value length  |                                               |
   +-+-+-+-+-+-+-+-+                                               +
   |                          Address value                        |
   :                                                               :
   |                                                               |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

   Tag

      This 4-octet field specifies the type of address contained in the
      structure.  The following address types are currently supported:




Ruffen, et al.               Informational                     [Page 10]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


         Tag name        Value    Address type

         aoMacDx         1        DX ethernet dst/src/type
         aoIpxSap        2        Sap
         aoIpxRIP        3        RIP
         aoInstYP        4        YP (YP name and version)
         aoInstUDP       5        UDP (Port #)
         aoIpxIpx        6        Ipx
         aoInetIP        7        IP (Net address)
         aoInetRPC       8        RPC (Program #)
         aoInetRIP       9        INET RIP
         aoMacDXMcast    10       Multicast unknown type
         aoAtDDP         11       AppleTalk DDP
         aoEmpty         12       (no address type specified)
         aoVlan          13       VLAN identifier
         aoHostName      14       Host name
         aoNetBiosName   15       NetBIOS name
         aoNBT           16       NetBIOS on TCP name
         aoInetIPMask    17       IP Subnet Mask
         aoIpxSap8022    18       Sap 8022 type service
         aoIpxSapSnap    19       Sap Snap type service
         aoIpxSapEnet    20       Sap Enet type service
         aoDHCPXID       21       DHCP Transaction ID
         aoIpMcastRx     22       IP class D receiver
         aoIpMcastTx     23       IP class D sender
         aoIpxRip8022    24       Ipx Rip 8022 type service
         aoIpxRipSnap    25       Ipx Rip type service
         aoIpxRipEnet    26       Ipx Rip Enet service
         aoATM           27       ATM
         aoATMELAN       28       ATM LAN Emulation Name

   Value length

      This 1-octet field contains the length of the value of the
      address.  The value here depends on the address type and actual
      value.

   Address value

      This variable-length field contains the value of the address. The
      length of this field is stored in the Value length field.

2.4 Architectural Overview

   The SFVLAN software executes in the switch CPU and consists of the
   following elements as shown in Figure 1:





Ruffen, et al.               Informational                     [Page 11]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999


   -  The SFVLAN base services that handles traffic intercepted by the
      switch hardware.  The base services are described in Section 3.

   +------------------------------------------------------+
   |                                              +-----+ |
   |                         +------------+       |  I  | |
   |                         |  CALL TAP  <--(8)-->  N  | |
   |                         +------------+       |  T  | |
   |                                              |  E  | |
   |      +-----------+      +------------+       |  R  | |
   |      |   PATH    |      |  TOPOLOGY  |       |  S  | |
   |      |           |      |            |       |  W  | |
   |      | Lnk state <------>  Lnk state <--(3)-->  I  | | Flood path
   |      |           |      |            |       |  T  <----(5,7,8)-->
   |      | Span tree <------>  Span tree <--(4)-->  C  | |
   |      +--^--------+      |            |       |  H  | |
   |         |               |  Discovery <--(2)-->     | |
   |         |               +------------+       |  M  | |
   |         |                                    |  E  | |
   |  +------^--+            +--------+           |  S  | |
   |  | CONNECT >---------+--> FILTER |           |  S  | |
   |  +--^------+         |  +--------+           |  A  | |  specific
   |     |                |                       |  G  | | netwrk lnks
   |     |       +--------^-+     +-------+       |  E  <----(2,3,4)-->
   |     +-------<  POLICY  |     | FLOOD >--(7)-->     | |
   |             +------^---+     +-^-----+       |  P  | |
   |                    |           |             |  R  | |
   | +-----------+    +-^-----------V-+           |  O  | |
   | | DIRECTORY <---->    RESOLVE    <------(5)-->  T  | |
   | +-----^-----+    +---^-----------+           |  O  | |
   |       |              |                       |  C  | |
   |       |    +---------^-----------+           |  O  | |
   |       +----<    Base Services    |           |  L  | |
   |            +-----^---------------+           +-----+ |
   +------------------|-----------------------------------+
    Switch CPU        |
                      | Host control port
                +-----O----------------+
                |     ^ no cnx         |
      Layer 2   |     |                |
     ---------->O-----+--------------->O----------->
      SA/DA pr  |          known cnx   |
                +----------------------+
                 Switch hardware


                   Figure 1:  SFVLAN Architectural Overview




Ruffen, et al.               Informational                     [Page 12]

RFC 2643     Cabletron's SecureFast VLAN Operational Model   August 1999