VLAN /ping question

VLAN /ping question

Post by Kot » Sat, 24 May 2003 21:32:24



Hello -

I have a setup as follows

1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
Switch Port 8.
2. Port1 and Port 2 of the L2 switch connect to Router Interface
upstream.

3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
Router Interface is configure for these to route between these.

4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
6. Both the ports on the Router give the same MAC addresses to Port 1
and Port 2
of the L2 switch.(virtual MACs)

When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
works (ie. no request timeout).

My intial observation on the ARL Table on L2 switch showed that as the
Router was giving same MAC addresses on Port 1  and Port 2 ,only one
entry is present in the ARL Table. Hence the flapping of the Pings .

Is this the expceted begaviour, or is there any work around to this ?
Any comments /observations ont this would be welcome
Thanks
Kott

 
 
 

VLAN /ping question

Post by Manfred Kwiatkows » Sun, 25 May 2003 02:48:29




>I have a setup as follows

>1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
>Switch Port 8.
>2. Port1 and Port 2 of the L2 switch connect to Router Interface
>upstream.

>3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
>Router Interface is configure for these to route between these.

>4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
>5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
>6. Both the ports on the Router give the same MAC addresses to Port 1
>and Port 2
>of the L2 switch.(virtual MACs)

>When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
>works (ie. no request timeout).

>My intial observation on the ARL Table on L2 switch showed that as the
>Router was giving same MAC addresses on Port 1  and Port 2 ,only one
>entry is present in the ARL Table. Hence the flapping of the Pings .

>Is this the expceted begaviour, or is there any work around to this ?

This is an example of the Shared/Independent VLAN Learning (SVL/IVL)
dilemma depicted in Annex B of IEEE 802.1Q.

There are 3 possible workarounds:

a) use an IVL based L2 switch
b) assign unique MACs to the router interfaces.
c) trunk both uplinks to one port.
   (this will eventually halve the available bandwidth and
    requires an VLAN capable router)

--


 
 
 

VLAN /ping question

Post by Anoop Ghanwa » Sun, 25 May 2003 03:59:10


If the router is using the same MAC address on its interfaces
into both subnets, then you would need to use the independent VLAN
learning (IVL) mode of operation.  If you use the shared VLAN
learning (SVL) mode, then the address can get learnt only in one
port, regardless of which VLAN it was learnt on.  In the IVL case,
it is possible for the switch to learn the same address on different
ports depending on VLAN.

If your switch does not support IVL, one possibility is to
have only a single tagged port go the router and make sure that
the router is enabled for tagging.  (That assumes that the
router is able to perform/understand tagged frames.)

-Anoop


> Hello -

> I have a setup as follows

> 1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
> Switch Port 8.
> 2. Port1 and Port 2 of the L2 switch connect to Router Interface
> upstream.

> 3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
> Router Interface is configure for these to route between these.

> 4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
> 5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
> 6. Both the ports on the Router give the same MAC addresses to Port 1
> and Port 2
> of the L2 switch.(virtual MACs)

> When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
> works (ie. no request timeout).

> My intial observation on the ARL Table on L2 switch showed that as the
> Router was giving same MAC addresses on Port 1  and Port 2 ,only one
> entry is present in the ARL Table. Hence the flapping of the Pings .

> Is this the expceted begaviour, or is there any work around to this ?
> Any comments /observations ont this would be welcome
> Thanks
> Kott

 
 
 

VLAN /ping question

Post by Kot » Tue, 03 Jun 2003 18:16:41


Hello -
thnaks for the responses. As a work around,To have a router enabled
for tagging, does that mean that the Router will give out two
different MAC Addresses on the UT PPorts  to avoid the loop ?

Another option I want to try , is to disable MAC learning on L2
switch.To do this the MAC learning table is filled up with dummy
entries, so that when a packet comes in , as MAC Table is filled up
the L2 switch  forwards the packet based on the VLAN filters on the L2
switch. My current VLAN  confg is
Port 7 and Port 2 are in 1 VLAN group, and Port 8 and Port 1.So when
packet comes in for Port 7 , and if MAC table is filled up, it
forwards to Port 2 anyway.

Now the question is filling up MAC tTable, will it cause any other

that no new addresses will be learnt.

your comments on this is welcomes
thanks
kott


> If the router is using the same MAC address on its interfaces
> into both subnets, then you would need to use the independent VLAN
> learning (IVL) mode of operation.  If you use the shared VLAN
> learning (SVL) mode, then the address can get learnt only in one
> port, regardless of which VLAN it was learnt on.  In the IVL case,
> it is possible for the switch to learn the same address on different
> ports depending on VLAN.

> If your switch does not support IVL, one possibility is to
> have only a single tagged port go the router and make sure that
> the router is enabled for tagging.  (That assumes that the
> router is able to perform/understand tagged frames.)

> -Anoop


> > Hello -

> > I have a setup as follows

> > 1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
> > Switch Port 8.
> > 2. Port1 and Port 2 of the L2 switch connect to Router Interface
> > upstream.

> > 3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
> > Router Interface is configure for these to route between these.

> > 4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
> > 5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
> > 6. Both the ports on the Router give the same MAC addresses to Port 1
> > and Port 2
> > of the L2 switch.(virtual MACs)

> > When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
> > works (ie. no request timeout).

> > My intial observation on the ARL Table on L2 switch showed that as the
> > Router was giving same MAC addresses on Port 1  and Port 2 ,only one
> > entry is present in the ARL Table. Hence the flapping of the Pings .

> > Is this the expceted begaviour, or is there any work around to this ?
> > Any comments /observations ont this would be welcome
> > Thanks
> > Kott

 
 
 

VLAN /ping question

Post by Anoop Ghanwa » Wed, 04 Jun 2003 00:45:10



> Hello -
> thnaks for the responses. As a work around,To have a router enabled
> for tagging, does that mean that the Router will give out two
> different MAC Addresses on the UT PPorts  to avoid the loop ?

Enabling tagging on the switch will not (or at least should not)
automatically change the behavior of the router to use different
MAC addresses.  So along with enabling tagging on the router,
you would have to Connect the router to the switch using only one
port that is configured as tagged and is in both VLANs.

> Another option I want to try , is to disable MAC learning on L2
> switch.To do this the MAC learning table is filled up with dummy
> entries, so that when a packet comes in , as MAC Table is filled up
> the L2 switch  forwards the packet based on the VLAN filters on the L2
> switch. My current VLAN  confg is
> Port 7 and Port 2 are in 1 VLAN group, and Port 8 and Port 1.So when
> packet comes in for Port 7 , and if MAC table is filled up, it
> forwards to Port 2 anyway.

> Now the question is filling up MAC tTable, will it cause any other

> that no new addresses will be learnt.

This is an interesting proposal.  If you needed more than 2 ports
in any VLAN, then it wouldn't be efficient, but otherwise what
you suggest should actually work.  Also, there might actually be an
option to disable addresses learning on the switch (this would
be most efficient, since it wouldn't bother to send frames for
address learning).  

With your proposed configuration, every frame would be treated as one
with an unknown SA and an unknown DA, and would be sent for learning and
to be broadcast (on the VLAN).  Depending on the architecture and
implementation, they may very well be a performance impact.  It's
hard to say how much its performance would degrade, though.  I think
you'd just have to test it and see what it does.

-Anoop

> your comments on this is welcomes
> thanks
> kott

> > If the router is using the same MAC address on its interfaces
> > into both subnets, then you would need to use the independent VLAN
> > learning (IVL) mode of operation.  If you use the shared VLAN
> > learning (SVL) mode, then the address can get learnt only in one
> > port, regardless of which VLAN it was learnt on.  In the IVL case,
> > it is possible for the switch to learn the same address on different
> > ports depending on VLAN.

> > If your switch does not support IVL, one possibility is to
> > have only a single tagged port go the router and make sure that
> > the router is enabled for tagging.  (That assumes that the
> > router is able to perform/understand tagged frames.)

> > -Anoop


> > > Hello -

> > > I have a setup as follows

> > > 1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
> > > Switch Port 8.
> > > 2. Port1 and Port 2 of the L2 switch connect to Router Interface
> > > upstream.

> > > 3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
> > > Router Interface is configure for these to route between these.

> > > 4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
> > > 5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
> > > 6. Both the ports on the Router give the same MAC addresses to Port 1
> > > and Port 2
> > > of the L2 switch.(virtual MACs)

> > > When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
> > > works (ie. no request timeout).

> > > My intial observation on the ARL Table on L2 switch showed that as the
> > > Router was giving same MAC addresses on Port 1  and Port 2 ,only one
> > > entry is present in the ARL Table. Hence the flapping of the Pings .

> > > Is this the expceted begaviour, or is there any work around to this ?
> > > Any comments /observations ont this would be welcome
> > > Thanks
> > > Kott

 
 
 

VLAN /ping question

Post by Kot » Sun, 08 Jun 2003 23:22:30


Hello -
The option to fill up the MAC Table with dummy entries actually works.
Also the data throughput test using Smartbits also shows  no data
loss.Although some tests are pending but so far it looks ok.

Thanks
Kott



> > Hello -
> > thnaks for the responses. As a work around,To have a router enabled
> > for tagging, does that mean that the Router will give out two
> > different MAC Addresses on the UT PPorts  to avoid the loop ?

> Enabling tagging on the switch will not (or at least should not)
> automatically change the behavior of the router to use different
> MAC addresses.  So along with enabling tagging on the router,
> you would have to Connect the router to the switch using only one
> port that is configured as tagged and is in both VLANs.

> > Another option I want to try , is to disable MAC learning on L2
> > switch.To do this the MAC learning table is filled up with dummy
> > entries, so that when a packet comes in , as MAC Table is filled up
> > the L2 switch  forwards the packet based on the VLAN filters on the L2
> > switch. My current VLAN  confg is
> > Port 7 and Port 2 are in 1 VLAN group, and Port 8 and Port 1.So when
> > packet comes in for Port 7 , and if MAC table is filled up, it
> > forwards to Port 2 anyway.

> > Now the question is filling up MAC tTable, will it cause any other

> > that no new addresses will be learnt.

> This is an interesting proposal.  If you needed more than 2 ports
> in any VLAN, then it wouldn't be efficient, but otherwise what
> you suggest should actually work.  Also, there might actually be an
> option to disable addresses learning on the switch (this would
> be most efficient, since it wouldn't bother to send frames for
> address learning).  

> With your proposed configuration, every frame would be treated as one
> with an unknown SA and an unknown DA, and would be sent for learning and
> to be broadcast (on the VLAN).  Depending on the architecture and
> implementation, they may very well be a performance impact.  It's
> hard to say how much its performance would degrade, though.  I think
> you'd just have to test it and see what it does.

> -Anoop

> > your comments on this is welcomes
> > thanks
> > kott

> > > If the router is using the same MAC address on its interfaces
> > > into both subnets, then you would need to use the independent VLAN
> > > learning (IVL) mode of operation.  If you use the shared VLAN
> > > learning (SVL) mode, then the address can get learnt only in one
> > > port, regardless of which VLAN it was learnt on.  In the IVL case,
> > > it is possible for the switch to learn the same address on different
> > > ports depending on VLAN.

> > > If your switch does not support IVL, one possibility is to
> > > have only a single tagged port go the router and make sure that
> > > the router is enabled for tagging.  (That assumes that the
> > > router is able to perform/understand tagged frames.)

> > > -Anoop


> > > > Hello -

> > > > I have a setup as follows

> > > > 1. PC1 is connected to L2Switch  Port 7, and PC2 is connected to L2
> > > > Switch Port 8.
> > > > 2. Port1 and Port 2 of the L2 switch connect to Router Interface
> > > > upstream.

> > > > 3.PC1 is on 192.168.1.208 IP address and PC2 is on 70.70.70.5. The
> > > > Router Interface is configure for these to route between these.

> > > > 4. Port 7 and Port 2 are in one Port based VLAN on the L2 switch
> > > > 5.Port 8 and Port 1 are in another Port based VLAN on the L2 switch.
> > > > 6. Both the ports on the Router give the same MAC addresses to Port 1
> > > > and Port 2
> > > > of the L2 switch.(virtual MACs)

> > > > When I ping Pc2 from PC1, and ping PC1 from PC2,only one way ping
> > > > works (ie. no request timeout).

> > > > My intial observation on the ARL Table on L2 switch showed that as the
> > > > Router was giving same MAC addresses on Port 1  and Port 2 ,only one
> > > > entry is present in the ARL Table. Hence the flapping of the Pings .

> > > > Is this the expceted begaviour, or is there any work around to this ?
> > > > Any comments /observations ont this would be welcome
> > > > Thanks
> > > > Kott