This much-needed update to the bestselling guide on the extensive changes to the local area networks (LAN) switching technologies explains why LAN switching technologies are critical to network design. This in-depth guide covers the capabilities, application, and design of LAN switches and switched internetworks and examines the significant changes that have taken place since the publication of the first edition seven years ago. Youre sure to appreciate the witty writing style and easy-to-follow format on such an often-complicated subject matter.
Preface xxiii
Introduction xxv
Part One Foundations of LAN Switches
Chapter 1 Laying the Foundation 3
Network Architecture 4
Physical Layer 5
Data Link Layer 6
Network Layer 7
Transport Layer 7
Session Layer 8
Presentation Layer 8
Application Layer 9
Layering Makes a Good Servant but a Bad Master 9
Inside the Data Link Layer 12
Modes of Operation 12
Data Link Sublayering 15
Logical Link Control 16
Addressing 19
Local and Global Uniqueness 19
LAN Data Link Addresses 20
Unicast and Multicast Addresses 21
Globally Unique and Locally Unique MAC Addresses 23
How LAN Addresses Are Assigned 24
Written Address Conventions 26
LAN Technology Review 27
Ethernet 27
Ethernet Medium Access Control 28
Ethernet Physical Layer Options and Nomenclature 31
Ethernet Frame Formats 33
Bit-Ordering 38
Token Ring 38
Token Ring Medium Access Control 39
Token Ring Physical Layer Options 41
Token Ring Frame Formats 41
Bit-Ordering on Token Ring LANs 43
Fiber Distributed Data Interface 43
FDDI Operation 43
FDDI Physical Signaling 45
FDDI Frame Format 45
Other LAN Technologies 46
IEEE LAN Standards 48
IEEE 802 Organization 49
IEEE 802 Naming Conventions, or Mind Your Ps and Qs 50
Ieee 802.1 51
Ieee 802.3 53
Ieee 802.5 54
Other Standards Organizations 54
Terminology 55
Applications, Clients, and Service Providers 56
Encapsulation 57
Stations and Interconnections 59
Chapter 2 Transparent Bridges 63
Principles of Operation 63
Unicast Operation 65
Unknown and Multicast Destinations 66
Generating the Address Table 68
Address Table Aging 69
Process Model of Table Operation 70
Custom Filtering and Forwarding 72
Multiple Bridge Topologies 73
Transparent Bridge Architecture 74
Maintaining the Link Invariants 76
The Hard Invariants Are Hard Indeed 78
Soft Invariants 80
Implementing the Bridge Address Table 84
Table Operations 85
Search Algorithms 85
Hash Tables 85
Binary Search 88
Content-Addressable Memories 90
How Deep Is Your Table? 92
Aging Entries from the Table 93
Bridge Performance 95
What Does It Take to Be the Best? 95
If Youre Not the Best, How Good Are You? 97
The IEEE 802.1D Standard 98
Operating Parameters and Requirements 99
Aging Time 99
Bridge Transit Delay 99
Additional Operating Requirements 101
Bridge Address Assignment 102
Reserved Addresses 103
Chapter 3 Bridging Between Technologies 105
Bridging the LAN Gap 106
LAN Operational Mechanisms 107
Frame Format Translation 108
MAC-Specific Fields 109
User Data Encapsulation 110
Translating Versus Encapsulating Bridges 115
Issues in Bridging Dissimilar LANs 117
Maximum Transmission Unit (MTU) 117
Frame Check Protection 124
Bit-Ordering 126
Functional Groups Versus True Multicast Addressing 131
LAN-Specific Features 133
Thoughts on Bridging Dissimilar LANs 137
Bridging Between Local and Wide Area Networks 137
Applications of Remote Bridges 138
Technologies for Remote Bridges 139
Encapsulation 141
Issues in Remote Bridges 143
Error Rate 143
LAN Bandwidth and Delay 144
IEEE 802.1G Not! 145
Chapter 4 Principles of LAN Switches 147
A Switch Is a Bridge Is a Switch 147
Switched LAN Concepts 148
Separate Access Domains 149
Segmentation and Microsegmentation 150
Extended Distance Limitations 152
Increased Aggregate Capacity 152
Data Rate Flexibility 153
Cut-Through Versus Store-and-Forward Operation 153
MultiLayer Switching 158
Layer 3 Switching 159
A Router by Any Other Name Would Still Forward Packets 160
Layer 3 Switch Operation 162
Layer 4 Switching 173
A Switch Is a Switch Is a Switch Except When 176
Four Generations of Switch Integration 177
Switch Configurations 182
Bounded Systems 183
Stackable Switches 184
Stacking the Deck 184
A Block in the Ointment 185
United, We Are One 185
Chassis Switches 187
Switch Application Environments 188
Desktop Level 190
Workgroup Level 190
Campus Level 191
Enterprise Level 191
The Needs Change with the Level 192
Numbers of Ports 192
Layer 2 Versus Layer 3 Switching (Bridging Versus Routing) 195
Table sizes 196
Link Technologies 198
Port Data Rates and Aggregate Capacity 198
Media Support 199
Chapter 5 Loop Resolution 201
Diary of a Loopy LAN 201
Getting Yourself in the Loop 203
Getting out of the Loop 204
The Spanning Tree Protocol 205
History of the Spanning Tree Protocol 205
Spanning Tree Protocol Operation 206
Spanning Tree Protocol Concepts 207
Calculating and Maintaining the Spanning Tree 213
Bridge Protocol Data Units 217
Port States 220
Topology Changes 222
Protocol Timers 224
Issues in STP Implementation 226
Queuing of BPDUs Relative to Data 227
Save a Receive Buffer for Me! 227
Spanning Tree Protocol Performance 228
Rapid Spanning Tree Protocol 229
RSTP State of the Port Address 229
Discarding 230
Learning 230
Forwarding 231
Port Roles 231
The Root Port 231
The Designated Port 232
The Alternate Port 232
The Backup Port 232
Forwarding State Rapid Transition 234
Edge Port 234
Link Type 234
BPDUs (Bip-A-Doo-Two) 234
BPDU The Final Frontier .er uh The New Format 234
How It Is Now Handled 235
Multiple Spanning Tree Protocol 236
RSTP, MSTP, and STP (Cant we all just get along?) 236
Loops in a Remotely Bridged (WAN) Catenet 237
Theres More Than a One-Letter Difference 238
Spanning Tree on a WAN 238
Link Utilization 239
Delay 239
Using a Single Path for All Traffic 239
Proprietary Loop Resolution Algorithms 241
Routing Versus Bridging on the WAN 242
An Example of Loop Resolution 242
Behavior of a Spanning Tree Catenet 245
Maintaining the Link Invariants 246
Data Flow on the Spanning Tree 246
Traffic Congregation at the Root 248
Topology Changes and Disruption 248
Configuring the Spanning Tree 248
Well All Be Planning That Root . 249
Assigning Link Costs 250
Setting Protocol Timers 250
Managing the Extent of the Catenet 251
UpaTreeWithoutaProtocol? 252
Why Would Anyone Do This? 252
Interoperability 253
What to Do, What to Do? 253
Chapter 6 Source Routing 255
Overview of Source Routing Operation 256
Eine Kleine Sourceroutinggeschichte 257
Source Routing Concepts 259
Nontransparency, or Peek-a-Boo I See You! 260
Whos the Boss? 260
Connection Orientation 261
Be All That You Can Be (Without Joining the Army) 263
Even Token Rings Need to Get Out of the Loop Sometimes 263
Ring and Bridge Numbering 264
Route Discovery 266
Maximum Transmission Unit Discovery 266
Source-Routed Frames 267
Differentiating Source-Routed and Non-SourceRouted Frames 267
Non-SourceRouted Frames 269
Source-Routed Frame Format 269
Routing Control Fields 269
Route Descriptors 273
Source Routing Operation 274
Route Discovery 275
Route Discovery Algorithms 275
Route Discovery Frames 277
Route Selection 279
Issues in Route Discovery 280
Station Operation 282
Architectural Model of Source Routing 282
End Station Transmit Behavior 282
End Station Receive Behavior 284
Bridge Operation 285
Bridge Behavior for Specifically Routed Frames 286
Bridge Behavior for Explorer Frames (Both ARE and STE) 286
Interconnecting the Source-Routed and Transparently Bridged Universes 289
Dont Bridge Route! 294
The Source Routing-to-Transparent Bridge 295
The Source Routing/Transparent Bridge 298
IEEE Standards and Source Routing 301
The Future of Source Routing 301
Part Two Advanced LAN Switch Concepts
Chapter 7 Full Duplex Operation 305
Why a MAC? 305
Full Duplex Enablers 307
Dedicated Media 307
Dedicated LAN 310
Full Duplex Ethernet 311
Ethernet Is CSMA/CD 312
Full Duplex Ethernet Operating Environment 313
Subset of Half Duplex Operation 314
Transmitter Operation 315
Receiver Operation 315
Ethernet Minimum Frame Size Constraint 316
Dedicated Token Ring 317
Implications of Full Duplex Operation 319
Eliminating the Link Length Restriction of Half Duplex Ethernet 319
Increasing the Link Capacity 320
Increasing Switch Load 322
Full Duplex Application Environments 323
Switch-to-Switch Connections 323
Server and Router Connections 324
Long-Distance Connections 325
Chapter 8 LAN and Switch Flow Control 327
The Need for Flow Control 327
Default Switch Behavior 330
The Effect of Frame Loss 330
End-to-End Flow Control 332
Cost-Performance Tradeoffs 332
Controlling Flow in Half Duplex Networks 333
Backpressure 333
Aggressive Transmission Policies 337
MAC Control 341
MAC Control Architecture 341
MAC Control Frame Format 343
PAUSE Function 344
Overview of PAUSE Operation 346
PAUSE Frame Semantics 347
Configuration of Flow Control Capabilities 349
IEEE 802.3x Flow Control Implementation Issues 350
Design Implications of PAUSE Function 351
Inserting PAUSE Frames in the Transmit Queue 351
Parsing Received PAUSE Frames 352
PAUSE Timing 353
Buffering Requirements 354
Flow Control Policies and Use 356
Buffer Thresholds 356
Selection of PAUSE Times 357
Dealing with Unreliable Delivery 358
Flow Control Symmetry 358
Symmetric Flow Control 359
Asymmetric Flow Control 359
Chapter 9 Link Aggregation 361
Link Aggregation Benefits 362
Application of Link Aggregation 364
Switch-to-Switch Connections 365
Switch-to-Station (Server or Router) Connections 365
Station-to-Station Connections 367
Aggregate or Upgrade? 367
Issues in Link Aggregation 368
Addressing 368
Distributing Traffic Across an Aggregation 371
Maintaining Link Invariants in an Aggregated Environment 372
Separating Traffic Flows 374
Conversation Determination Aids the Realization of Aggregation 375
Mapping the Distribution Function to the Physical Link 377
Conversations Above the Data Link Layer 377
Summary of Distribution Functions 380
Changing the Distribution 381
Performance 384
Technology Constraints (a.k.a. Link Aggravation) 384
Mixing LAN Technologies in a Single Aggregation 384
Mixing Data Rates in a Single Aggregation 385
Aggregation and Shared LANs 385
Configuration Control 385
IEEE 802.3ad Link Aggregation Standard 388
Scope of the Standard 388
Features and Benefits of the Standard 390
Link Aggregation Architectural Model 392
Binding Physical Ports to Aggregators 394
Binding, Distribution, and Collection 397
Addressing 397
Marker Protocol Operation 398
Link Aggregation Control Protocol 401
LACP Concepts 401
LACP Frame Format 406
Split Up the Trunk 410
Chapter 10 Multicast Pruning 413
Multicast Usage 413
Who Assigns Multicast Addresses? 414
Application Use of Multicast 417
Implications of Default Behavior 419
Trimming the (Spanning) Tree 420
The Weekend Networkers Guide to Tree Pruning 421
Receiver Declaration 421
Registration of the Declaration 422
Propagation of the Registration 423
Source Pruning 424
IEEE 802.1p 424
GARP Multicast Registration Protocol 424
Generic Attribute Registration Protocol 426
GMRP Use of GARP 430
Chapter 11 Virtual LANs: Applications and Concepts 433
Applications of VLANs 434
The Software Patch Panel 434
LAN Security 437
User Mobility 439
Bandwidth Preservation 442
VLAN Concepts 443
Playing Tag on Your LAN 445
Implicit Tags 445
Explicit Tags 446
VLAN Awareness and Tag Awareness 448
VLAN Awareness 448
What It Means to Be VLAN-Aware 449
VLAN-Aware Switches 449
VLAN-Aware End Stations 454
He Looks Around, Around, He Sees VLANs in the Architecture, Spinning in Infinity 456
Shared Media and VLAN Awareness 458
NonVLAN-Aware Switches and End Stations 458
VLAN Association Rules (Mapping Frames to VLANs) 459
Port-Based VLAN Mapping 460
MAC Address-Based VLAN Mapping 461
Protocol-Based VLAN Mapping 462
IP Subnet-Based VLAN Mapping 465
A VLAN Phenomenon: The One-Armed Router 466
Application-Based VLAN Mapping 469
The Rules Follow the Application 471
Frame Forwarding 472
Chapter 12 Virtual LANs: The IEEE Standard 475
Overview and Scope of the Standard 477
Elements of the Standard 478
Tag and Frame Formats 480
VLAN Protocol Identifier 481
Tag Control Information Field 482
Embedded Routing Information Field 485
Route Control Portion 486
Route Descriptor Portion 487
Tagged Ethernet Frames 488
Flash! Ethernet MTU Increases by 4 Bytes! 492
Tagged Token Ring Frames 495
Tagged FDDI Frames 495
VLAN Tags on Other LAN Technologies 496
A Word on Bit and Byte Order 496
IEEE 802.1Q Switch Operation 497
Ingress Process 499
Acceptable Frame Filter 499
Ingress Rules 499
Ingress Filter 500
Progress Process 500
Forwarding in a VLAN-Aware Switch 500
Maintaining the Filtering Database 501
Egress Process 502
Egress Rules 502
Egress Filter 504
System-Level Switch Constraints 506
GARP VLAN Registration Protocol 506
GVRP Use of GARP 507
Multicast Registration and VLAN Context 508
VLANs and the Spanning Tree 508
The Multiple Spanning Tree Protocol 511
So Exactly What Are They Trying to Accomplish Here? 511
What the Heck Does This All Mean? 512
Tha-tha-tha-tha-tha .Thats Right Folks! 512
Multiple Spanning Tree Instance 513
MST Regions 514
Chapter 13 Priority Operation 517
Why Priority? 517
LAN Priority Mechanisms 519
Token Ring Priority Mechanisms 520
FDDI Priority Mechanisms 521
Ethernet Priority Mechanisms 522
VLAN and Priority Tagging 525
Getting into the Priority Business 526
Priority Operation in Switches 529
The Ordering Invariant Redux 530
IEEE 802.1p 530
Switch Process Flow for Priority Operation 532
Determining Frame Priority on Input 533
Tag, Youre It! 533
LAN-Specific User Priority Indication 533
Implicit Priority Determination, or Whose Clues Do You Use? 534
Priority Regeneration 535
Mapping Input Priority to Class-of-Service 536
Class of Service Versus Quality of Service 536
How Many Queues Do You Chueues? 538
Default Priority Mappings 540
Output Scheduling 541
Scheduling Algorithms 541
Indicating the Priority in Transmitted Frames 544
Mapping User Priority to Access Priority at the Output Port 545
Chapter 14 LAN Security 547
NetworkSecurityOverview 548
Hackers, Crackers, Viruses, and Those Confounded Worms 549
Hac and Crac, the Ker Brothers. 549
Malware 550
Physical Security 551
Proactive Measures 552
Virus Containment 553
Firewalls 553
End User Checks and Balances 555
LAN Security 555
Security Concerns at Layer 2 555
Man in the Middle 557
MAC Address Table Flooding 557
DHCP Attacks 559
Spanning Tree Attacks 560
Private VLAN Attack 561
VLAN Migration (Hopping) Attack 561
ARP Spoofing Attack 563
Wrap Up 563
Chapter 15 Switch Management 565
The Simple Network Management Protocol 566
SNMP Concepts 568
Manager/Agent Architecture 568
Management Information Base 569
The Simple Network Management Protocol 573
The Simple Network Management Protocol Version 2 575
The Simple Network Management Protocol Version 3 576
Network Monitoring Tools 577
Protocol Analysis in a Switched LAN 580
Mirror, Mirror on the Switch, Which Is the Port Thats Got the Glitch? 581
Switch Mirroring 583
Look Within Yourself for the Truth 585
RMON Capabilities and MIBs 586
Ethernet Statistics Group 586
Ethernet History Group 589
Alarm Group 590
Host Group 591
HostTopN Group 594
Matrix Group 594
Filter Group 596
Packet Capture Group 597
Event Group 597
RMON Support for Virtual LANs 598
Levels of RMON Support 598
Internal Switch Management Platforms 598
Non-SNMP Management 601
Internal Web Servers 602
Out-of-Band Management 602
Management by Telnet 604
Management by Secure Shell 605
Reach Out and Ping Someone 607
Chapter 16 Network Troubleshooting Strategies 609
The Trouble with Troubleshooting 610
Housekeeping 611
Running the Network Baseline 611
Proactive Troubleshooting 613
Troubleshooting Tools 614
Troubleshooting Utilities 615
ping 615
trace route 617
netstat 617
route 618
Arp 620
More Advanced Tools of the Trade 620
Network Analyzers (or whatever they are calling them today) 621
Other Testing Equipment 622
and if all else fails 623
A Systematic Approach 624
Defining the Problem 624
Sharing the Known 625
Determining the Issue 625
Developing a Solution 626
Resolving and Taking Action! 627
Monitoring the Results 627
The Final Step Have a Beer! 627
Some Strategies for Layer 2 Troubleshooting 628
Performing a Health Check 628
Software, Hardware, and Configuration 629
Issues Relating to Software 629
Issues Relating to Hardware 630
Issues Relating to Configuration 632
Common Layer 2 Issues 632
Vlans 632
Duplex Mismatches 633
Spanning Tree 636
Wrap Up 637
Chapter 17 Make the Switch! 641
Keeping House 644
Housekeeping Functions 645
Implementation and Performance (or, Its Tough to Find a Good Housekeeper) 647
Switch Data Receive Path Functions 647
Port Interfaces (Receive) 647
Receive Flow Control 649
Link Aggregation Collector 650
Classification Engine 650
Local Sinking of Reserved Multicast Addresses 651
VLAN Ingress Rules 651
Priority Assessment 653
Do It Once and Save the Results 653
Implementation of the Classification Engine 655
VLAN Filters 657
Lookup Engine 658
Generating the Output Vector 659
Maintaining the Filtering Database 662
Lookup Implementation 662
Switch Fabrics 665
Shared Memory 665
Shared Memory Fabric Operation 665
Multicasting in a Shared Memory Architecture 667
Buffer Organization 668
Memory Bandwidth Limitations 671
Increasing the Memory Bandwidth 672
Shared Bus 674
Crosspoint Matrix 677
Multicasting in a Crosspoint Matrix Fabric 677
Crosspoint Matrix Implementation 679
The Head-of-Line Blocking Problem 680
Solving the Head-of-Line Blocking Problem 682
Priority Levels in the Switch Fabric 690
Input Versus Output Queues 690
Input Queues and Shared Memory Switch Fabrics 691
Input Queues, Output Queues, and Flow Control 691
Switch Data Transmit Path Functions 692
Output Filters 692
Output Queues and Priority Handling 695
Link Aggregation Distributor 696
Transmit Flow Control 696
Hey, Kids! What Time Is It? 697
Port Interfaces (Transmit) 697
Appendix: Protocol Parsing 699
References 703
Glossary 711
Index 753