|
|
The VlanDirector software is an application in the CWSI Campus suite of network management applications. The CWSI Campus package allows you to configure, monitor, and manage a switched internetwork. The CWSI Campus package includes the following applications:
This guide describes the VlanDirector application, which provides virtual LAN management for Catalyst LAN and LightStream ATM switches.
The following sections provide information about the VlanDirector application and its functionality:
The VlanDirector application is a graphical user interface (GUI) that allows you to configure and modify virtual LANs (VLANs) on Ethernet, ATM, and Token Ring networks.
Although you can create VLANs using the command line interface (CLI) on your switch or using CiscoView, the VlanDirector application simplifies the creation and management of VLANs. Using the VlanDirector application, you can create, modify, and delete VLANs across your network from one central point, and you can display the VLANs on your devices on a topology map.
The VlanDirector application provides the following features:
To understand the purpose of the VlanDirector application, you must also understand the advantage of VLANs.
A traditional LAN is configured according to the physical infrastructure it is connecting. Users are grouped based on their location in relation to the hub they are connected to and how the cable is run to the wiring closet. Segmentation is typically provided by the routers that connect each shared hub.
These sections provide you with additional detail about VLANs:
VLANs typically consist of the following components:
VLANs provide the following features:
Adds, moves, and changes are some of the greatest expenses in managing a network. Many moves require recabling and almost all moves require new station addressing and hub and router reconfiguration.
VLANs simplify adds, moves, and changes. VLAN users can share the same network address space regardless of their location. If a group of VLAN users move but remain in the same VLAN connected to a switch port, their network addresses do not change. If a user moves from one location to another but stays in the same VLAN, the router configuration does not need to be modified.
Broadcast traffic occurs in every network. If incorrectly managed, broadcasts can seriously degrade network performance or even bring down an entire network. Broadcast traffic in one VLAN is not transmitted outside that VLAN, which substantially reduces overall broadcast traffic, frees bandwidth for real user traffic, and lowers the vulnerability of the network to broadcast storms.
You can control the size of broadcast domains by regulating the size of their associated VLANs and by restricting both the number of switch ports in a VLAN and the number of people using these ports.
You can also assign VLANs based on the application type and the amount of application broadcasts. You can place users sharing a broadcast-intensive application in the same VLAN group and distribute the application across the campus.
You can use VLANs to provide security firewalls, restrict individual user access, flag any unwanted intrusion to the network, and control the size and composition of the broadcast domain.
You can increase security by segmenting the network into distinct broadcast groups. This capability has the following advantages:
The VlanDirector application supports three types of VLANs:
An Ethernet VLAN is the typical VLAN design, which consists of a logical group of end stations, independent of physical location on an Ethernet network. Catalyst switches support a port-centric, or static, VLAN configuration. All end-stations connected to ports belonging to the same VLAN are assigned to the same Ethernet VLAN.
Ethernet VLANs are the most common or typical type of VLAN. Therefore, some general concepts that will assist you in configuring Ethernet VLANs also apply to Token Ring and ATM VLANs:
In order to implement VLANs in your network, you need to turn on VLAN Trunk Protocol (VTP) on all switches that will participate in the VLAN-segmented network. Using VTP, each switch in server mode advertises its management domain on its trunk ports, its configuration revision number, and its known VLANs and their specific parameters. A VTP domain is made up of one or more interconnected devices that share the same VTP domain name. A switch can be configured to be in only one VTP domain.
VTP servers and clients maintain all VLANs everywhere within the VTP domain. A VTP domain defines the boundary of the specified VLAN. Servers also transmit information through trunks to other attached switches and receive updates from those trunks.
Spanning-Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations.
Multiple active paths between stations cause loops in the network. If a loop exists in the network topology, the potential exists for duplicate messages. When loops occur, some switches detect stations appearing on both sides of the switch. This condition confuses the forwarding algorithm and allows duplicate frames to be forwarded.
To provide path redundancy, Spanning-Tree Protocol defines a tree that spans all switches in an extended network. Spanning-Tree Protocol forces certain redundant data paths into a standby (blocked) state. If one network segment in the Spanning-Tree Protocol becomes unreachable, or if Spanning-Tree Protocol costs change, the spanning-tree algorithm reconfigures the spanning-tree topology and reestablishes the link by activating the standby path.
Spanning-Tree Protocol operation is transparent to end stations, which are unaware whether they are connected to a single LAN segment or a switched LAN of multiple segments.
Because LANE connectivity is defined at the MAC layer, upper protocol layer functions of LAN applications can continue unchanged when the devices join ATM VLANs.
An ATM network can support multiple independent ATM VLANs. End-system membership in any of the ATM VLANs is independent of the physical location of the end system, which simplifies hardware moves and changes. In addition, the end systems can move easily from one ATM VLAN to another, whether or not the hardware moves. Figure 1-1 shows an ATM LANE configuration.
The VlanDirector application allows you to configure VLANs with LAN Emulation (LANE) Services enabled (see "Creating ATM VLANs and Configuring LANE Services" in Chapter 4, "Creating and Modifying VLANs").
LANE services are commonly required when you need to provide Ethernet connectivity across ATM backbones. LANE emulates the layer-2 logical services of Ethernet networks across ATM devices, such as the Lightstream 1010 ATM switches and the LANE modules in the Catalyst 5000 series switches. Specifically, LANE provides the broadcast and multicast functions of Ethernet networks across these ATM backbones.
The following LANE components must be configured for LANE services to be fully functional:
These LANE components and the methods for creating them are further described in Table 1-1.
| Component | Description | Requirements | Configure Using |
|---|---|---|---|
Contains the database that determines to which ATM VLAN an client belongs. Each client consults the configuration server when it joins an ATM VLAN to determine which ATM VLAN it should join. The configuration server returns the ATM address of the LE server for that ATM VLAN, and also maintains the LE server redundancy information. | Cisco recommends having one master configuration server per ATM fabric. CWSI Campus does not support more than one master configuration server, but you can have additional backup configuration servers. | VlanDirector | |
LE Server1 | Acts as the control center. Provides joining, address resolution, and address registration services to the LE clients in that ATM VLAN. Clients can register destination unicast and multicast MAC addresses with the LE server. The LE server also handles LANE ARP (LE ARP) requests and responses. | Cisco recommends having one active master combined LE server and broadcast server per ATM VLAN. You can have additional backup LE servers. | VlanDirector |
Broadcast Server1 | Sequences and distributes multicast and broadcast packets and handles unicast flooding. | Cisco recommends having one active master combined LE server and broadcast server per ATM VLAN. You can have additional backup LE servers. | VlanDirector |
Emulates a LAN interface to higher-layer protocols and applications. Forwards data to other LANE clients and performs LANE address-resolution functions. | Can be a member of only one ATM VLAN. An ATM device can have several LE clients---one client for each ATM VLAN of which it is a member. | VTP or the device CLI |
| 1In Cisco's implementation of LANE, the LE server and broadcast server are one entity. In this document, references to an LE server include the broadcast server. |
As shown in Figure 1-2, multiple trCRFs can be interconnected using a single Token Ring Bridge Relay Function (trBRF).
Some key concepts about Token RingVLANs that will assist you in configuring Token Ring VLANs with the VlanDirector application include the following:
A trCRF is a logical grouping of ports. Each trCRF is contained in only one trBRF, which is referred to as its parent. When a port is assigned to the trCRF, only ports on that switch can belong to that trCRF.
You can create several types of trCRFs:
A trBRF is a logical grouping of trCRFs. The trBRF is used to join different trCRFs. In addition, the trBRF can be extended across a network of switches through high-speed uplinks between the switches to join trCRFs contained in different switches.
You can use the following bridging modes to configure Token Ring VLANs using the VlanDirector application:
Posted: Thu Sep 30 12:08:02 PDT 1999
Copyright 1989-1999©Cisco Systems Inc.