LAN SWITCHING

TECHNOLOGY OVERVIEW

AGENDA First session

> Conectivity GbE y 10 GbE.

> High Availability
Resilient Links
Spanning Tree
Rapid Spanning Tree
Link Aggregation 802.3ad/LACP

Hardware Redundancy
Virtual Routing Redundancy Protocol VRRP
eXpandable Resilient Networking XRN

3Com
Confidential

AGENDA Second session

> Vlan Technology.

Port vlans, protocol vlans
Vlan tag: 802.1Q, 802.1p.

> Multicast Technology

L2 Multicast (IGMP)
L3 Multicast (DVMRP, PIM-DM/PIM-SM)

> L3 Routing Technology

Routing model and Static routing
RIP v1 y RIP v2

3Com
Confidential

AGENDA Third session

> L3 Routing Technology

OSPF

> Access Control List

Parameters to create ACLs.
Application

> QoS Quality of Service

Importance
Models of QoS
802.1p

DiffServ (DSCP)
Congestion advoidance

3Com
Confidential

GigabitEthernet and 10GbE

A Technology Overview

3Com
Confidential

Why Gigabit Ethernet

The Next
Step
in the
Ethernet
Bandwidth
Hierarchy

3Com
Confidential

Scalable
Bandwidth for
Widespread
Switch
Deployment
End-to-End
Ethernet
Simplicity and
Management
End-to-End
Leverage of the
Ethernet
Industry Cost
Curve

GbE delivers very

high bandwidth and
is compatible with
10/100 Ethernet.
Ethernet is the most
widely understood and
deployed LAN
technology.

GbE provides the

best price /
performance.

The Ethernet Standard: Gigabit Ethernet is

Ethernet
> Ethernet is a standardized, switched, packet-based network that
supports 10, 100, and 1000 Mbps
line speeds.
IEEE 802.3 10BASE-T Ethernet over UTP

IEEE 802.3u 100BASE-T Fast Ethernet over UTP

or fiber-optic cable
IEEE 802.3ab 1000BASE-TX Gigabit Ethernet over Category 5
UTP cable

IEEE 802.3z Gigabit Ethernet 1000BASE-SX and

LX over multi- and single-mode fiber

1000BASE-

> All three Ethernet speeds use the same IEEE 802.3 frame format, fullduplex operation and flow
control methods.

only faster!
3Com
Confidential

The Functional Elements Of Gigabit

Ethernet
Media Access Control (MAC)

Gigabit Media Independent Interface (GMII)

(Optional)

802.3z

802.3ab
1000BASE-X PHY
8B/10B-Auto Negotiation

PHY
(Physical
Layer)
3Com
Confidential

1000BASE-LX
Fiber Optic
Xcvr

Single-Mode
or Multimode
Fiber

1000BASE-T
PCS

1000BASE-SX
Fiber Optic
Xcvr

1000BASECX Copper
Xcvr

1000BASE-T
PMA

Multimode
Fiber

Shielded
Copper
Cable

Unshielded
Twisted Pair

Ethernet Distance Limitations:

Comparisons... And Caveats
Gigabit
Ethernet

Fast
Ethernet

Ethernet

Data Rate

1000 Mbps

100 Mbps

10 Mbps

Cat 5 UTP

100 m

100 m

100 m

Single Mode Fiber

10 km

20 km

25 km

220-550 m

412 m (hd)
2 km (fd)

2 km

Multimode Fiber
Source: 3Com

Gigabit Ethernet (GbE) is designed to run on existing copper and

fiber infrastructures, but be careful as the distance, crosstalk and
dB loss tolerance are much narrower when deploying GbE.
3Com
Confidential

Gigabit Ethernet Over Copper

10/100 on Cat-5
> Cat-5e is recommended for
new installations.
Cat-6 is available as an
alternative to Cat-5e
from some vendors,
Any link that currently
uses 100BASE-TX
should easily run
1000BASE-T.
Users planning to use
existing Cat-5 cabling for
1000BASE-T should test
each link for quality.

Uses only two

wire pair:
one to
transmit and
one to
receive

10 Mbps
T

Gigabit on Cat-5e and 6

250 Mbps

Uses all four

wire pair:
250Mbps per
pair to
transmit and
receive

T/R

T/R
250 Mbps
T/ R

T/R
250 Mbps

T/R

T/R
250 Mbps
T/R

3Com
Confidential

T/R
10

Fiber Versus Copper Gigabit

1000BASE-LX
Fiber

1000BASE-SX
Fiber

1000BASE-T
Copper

1000BASE-CX
Copper

APPLICATION
3Com
Confidential

9u Single mode
50u Multimode
62.5u Multimode

50u Multimode

62.5u Multimode

4 pr CAT 5 UTP

Balanced
Shielded Cable

25m

100m

Data
Center

Wiring
Closet

Source: Gigabit Ethernet Alliance

220m
275m

550m

Building
Backbone
s

10km

Campus
Backbone
11

GbE Over Fiber Link: Distance

Limitations
Transceiver

Fiber

Diameter
(micron)

1000BASE-SX

MM
MM
MM
MM

62.5
62.5
50
50

160
200
400
500

2-220
2-275
2-500
2-550

1000BASE-LX

MM
MM
MM
SM

62.5
50
50
9

500
400
500
NA

2-550
2-550
2-550
2-10000

3Com
Confidential

Bandwidth Minimum
(MHz*km) Range (m)

12

10 Gigabit Ethernet Is Here!

> Ratified 17 Jun 2002

> Uses the 802.3 MAC protocol, frame format and
minimum and maximum frame size
> Functions over optical fiber and operates in fullduplex mode only
> Two physical interfaces defined
LAN PHY and WAN PHY
> 8B/10B transmission coding similar to Gigabit
Ethernet
Ensures a high level of signal integrity

3Com
Confidential

13

10 Gigabit Ethernet Terminology

Specification

PMD (Optical
Transceiver)

Fiber

Distance

Application

10GBASE-SR

850 nm serial

Multi Mode

65m

LAN

10GBASE-LX4

1310 nm WWDM

Multi Mode

300m

LAN

10GBASE-LX4

1310 nm WWDM

Single Mode

10km

LAN/MAN

10GBASE-LR

1310 nm serial

Single Mode

10km

LAN/MAN

10GBASE-ER

1550 nm serial

Single Mode

40km

WAN

PMD - Physical Media Dependent

WWDM - Wide Wave Division Multiplexing
3Com
Confidential

14

Why 10 Gigabit Ethernet for High-speed

Networks
> Easy migration to higher performance levels without
disruption
> Lower cost of ownership vs. current alternative
technologies
> Familiar management tools and common skills base
> Ability to support new applications and
data types
> Flexibility in network design
> Multiple vendor sourcing and proven interoperability

3Com
Confidential

15

HIGH AVAILABILITY
TECHNICAL OVERVIEW

3Com
Confidential

16

Highly Availability Defined

>Technologies and features that protect against
environmental failure in any one part of the network
such as:
Resiliency
Spanning Tree Protocols
Link Aggregation

Hardware redundancy
Virtual Router Redundancy Protocol
XRN technology

3Com
Confidential

17

Resilient Links Support

>Simple, easy-to-implement, fast-link
redundancy offered as an alternative
to Spanning Tree
>Each switch has primary and
standby link
If primary link fails, resilient link
activates
Operates at physical layer

>No Spanning Tree

domains or reconfiguration to
administer

3Com
Confidential

Resilient Links Operation

Primary Link Active
Normal operation;
defined by
initial configuration

Primary Link Fails

Switch detects loss

of Primary Link,
initiates failover to
Standby Link

Resilient Link Active

3Com
Confidential

When original Primary

Link comes up again,
it can become the
Resilient Link

Primary Link

Standby Link
Primary Link

X
Active Link
Resilient Link
(old Primary Link)

Primary Link
19

Spanning Tree Protocol IEEE 802.1D

>Gives you a way to configure redundant paths, yet
maintain only one active path between two devices
>STP monitors the status of all paths
If an active path goes down, STP activates a
redundant path
It then reconfigures the network
topology accordingly
>STP operations are fully described in the IEEE 802.1D
MAC Bridges standard

3Com
Confidential

20

Purpose of Spanning Tree Protocol

(STP)
What happens if there are
two paths to a destination
or a loop in the network?
Path 1
Path 2
Loop

3Com
Confidential

21

Purpose of STP (continued)

STP
What
recalculates
happens
a link
fails?
STP
calculatesif the
most
spanning-tree
topology
and
efficient loop-free
path,
activates
standbypaths
path.
forcing the
redundant
into a standby state.

3Com
Confidential

22

STP Root and Designated

Bridges and Ports
>Configuration Bridge Protocol Data Units (CBPDUs)
>Root Bridge
>Root Port

>Path Cost
>Designated Bridge
>Designated Port

3Com
Confidential

23

Basic Spanning Tree protocol

functionality
LAN Segment 1

Bridge B

Bridge A
LAN Segment 2

Bridge C
LAN Segment 3

3Com
Confidential

24

Spanning Tree Configuration

LAN Segment 1
(B) PC=100

(D) PC=19
(RB)

Bridge B

Bridge A

(DB) for LAN

(D) PC=4
(R) PC=19
LAN Segment 2
Segments 1and 3
(D) PC=19
Bridge C

(DB) for LAN

Segment 2

(R) PC=19
LAN Segment 3
(RB) Root Bridge
(DB) Designated Bridge
(PC) Path Cost
3Com
Confidential

(R) Root port

(D) Designated bridge port
(B) Backup port
25

Five Spanning Tree States

Initialization
Blocking
Listening

Disabled

Learning
Forwarding
3Com
Confidential

26

Configurable Spanning Tree Parameters

>Max Age
>Hello Time
>Forward Delay

>Priority
>Path Cost
>Bridge Identifier

3Com
Confidential

27

Rapid Spanning Tree Protocol (IEEE

802.1w)
>Gives you a way to configure redundant paths, yet
maintain only one active path between two devices
>RSTP monitors the status of all paths
If an active path goes down, RSTP activates a
redundant path
It then reconfigures the network
topology accordingly
>Rapid Spanning Tree Protocol (RSTP) is an enhanced
Spanning Tree Protocol feature

3Com
Confidential

28

Purpose of Rapid Spanning Tree

Protocol (RSTP)
>Decrease convergence time in the event of a link failure
From 30-60 seconds to milliseconds
>Support larger networks

2048 connections or 4096 inter-linked switch ports

as opposed to 256 linked ports with legacy STP
>Compatibility with legacy STP

3Com
Confidential

29

How Does RSTP Recrease

Convergence Time?
>Rapid transitions to forwarding state
Eliminates forwarding delay times on edge ports and
point-to-point links
>Faster topology change proposal/agreement sequence
Changes to edge ports are ignored
Initiator of topology change floods information
throughout the network, not the root switch

3Com
Confidential

30

Enhanced BPDU Format

Topology change
Proposal

Port Role

Topology Ack
Agreement

Forwarding
Learning

>Encodes the role and state of the port originating the

BPDU
>Handles proposal/agreement mechanism
3Com
Confidential

31

RSTP Port States

Power Up

Discarding

Learning

Forwarding

> Discarding - receives and examines BPDUs, but

does not learn MAC addresses
> Learning learns MAC addresses and transitions
without forwarding delay time

> Forwarding forwarding/receiving frames

3Com
Confidential

32

How Does RSTP Work?

Root
BPDU with
request to put
port in forwarding

3Com
Confidential

33

How Does RSTP Work? (continued)

Root
BPDU with
authorization to put
port in forwarding
A

3Com
Confidential

34

How Does RSTP Work? (continued)

Root

DP
RP
A

BPDU with
request to put
port in forwarding
B

3Com
Confidential

35

How Does RSTP Work? (continued)

Root

DP
RP

BPDU with
authorization to put
port in forwarding

A
RP

3Com
Confidential

36

Resiliency Comparisons

Resilient Links

Spanning Tree

Rapid Spanning Tree

User configures each

switch separately

User enables/disables
STP on each bridge

User disables RSTP on

each bridge

Manual Configuration

Automatic Configuration

Automatic Configuration

Within 5 seconds restores Up to 30 second delay on

an active connection from a link failure
a standby link

3Com
Confidential

Within 5 seconds restores

a network connection

37

What is Link Aggregation or Trunking?

Switch-to-switch

Switch-to-station

1 Gbps x 4 =
14Gbps
Gbps

Station-to-station
3Com
Confidential

38

Benefits of Aggregated links

>Allows you to create high-speed, point-to-point, or

multipoint connections without changing or replacing
existing hardware or cabling
>Provides incremental bandwidth and redundancy
between devices

>An aggregate link is treated the same as a singlecable link when configuring spanning tree, VLANs,
routing, and SNMP management

3Com
Confidential

39

Advantages of 802.3ad over Proprietary

Schemes
>Operates in multi-vendor environment
>Backwards compatibility with
devices

aggregation-unaware

>Automatic configuration through the use of a Link

Aggregation Control Protocol (LACP)
>Rapid configuration and reconfiguration

3Com
Confidential

40

Important Deployment Considerations

>The following are not supported by 802.3ad:
Multipoint Aggregations
Dissimilar MACs

Half duplex operation

Operation across multiple data rates

3Com
Confidential

41

How Does LCAP Work?

3Com
Confidential

System B, Low Priority

Active
Standby

Link Priority

Link Priority

System A, High Priority

42

How Does LCAP Work? (continued)

3Com
Confidential

System B, Low Priority

Active
Standby

Link Priority

Link Priority

System A, High Priority

43

How Does LCAP Work? (continued)

3Com
Confidential

System B, Low Priority

Active
Standby

Link Priority

Link Priority

System A, High Priority

44

Switch Architecture Redundant Processor Activo-Activo

Twin active / active loadsharing fabrics provide
redundancy with 360Gbps
switching capacity each

IPv6
Module

IPv4
Module

IPv4
Module

MPLS
Module

Fabric

Up to 12 I/O modules
each with distributed
L2/L3/L4 switching
MPLS
Module

Fabric

Each I/O module has twin

30Gbps connections to
fabrics => 720 Gbps
Auxiliary connections in
backplane double capacity
to 1.4 Tbps with enhanced
modules & fabrics

IPv4
Module

3Com
Confidential

30 Gbps
Auxiliary 30 Gbps

IPv4
Module
IPv6
Module

Future modules to
support IPv6 or MPLS and
interoperate with IPv4
modules
45

Load-Balancing Redundant processor

>Each fabric has a data channel to every module

>Each fabric has a management channel to every module

>There is a management channel between the fabrics
>Management and data channels are independent

3Com
Confidential

Fabric

Fabric

Interface
Module

Interface
Module
46

Redundant Switching Architecture Activo-HotStandby

Second Fabric for Sub 1
Second Failover

Uses
Existing
Modules

3Com
Confidential

Local Switching
Engine

16Gbps

Local Switching
Engine

16Gbps

Local Switching
Engine

16Gbps

Local Switching
Engine

16Gbps

Local Switching
Engine

16Gbps

Local Switching
Engine

16Gbps

Secondary
Switch
Fabric

Primary
Switch
Fabric

47

Forwarding Architecture

>Local & Distributed Layer2 forwarding

I/O
>Central Layer3 Forwarding

I/O

I/O
Fabric

CPU..?
I/O
>Proxy Based Management

I/O
I/O

CPU..!
3Com
Confidential

48

Power Redundancy

>In addition to the AC main

power connection, equipment
is connected to the
Redundant Power Supply unit
>If the internal power supply
fails, the Advanced
Redundant Power supply is
enabled

3Com
Confidential

49

Switch 5500 Power Redundancy

Additional Redundancy
> Approved Powerware DC RPS system
Compact 3 RU and 6RU units providing up to
9000W
Up to 6 hot-swappable rectifiers
Supports up to 8 separately fused DC outputs

> Built-in supervisor management

Offers Ethernet RJ-45 connector and serial
support
Full SNMP management with MIB II support

> Fully compatible with IEEE 802.3af

Offers safe supplemental power for PoE
switches

> Uninterruptible Power Support

Direct connection and control to batteries

0V
-48V
3Com
Confidential

50

VRRP VIRTUAL ROUTING

REDUNDANCY PROTOCOL

3Com
Confidential

51

What is VRRP
>Virtual Router Redundancy Protocol
The industry standard for routing resiliency
Similar functionality to Ciscos HSRP
>Dynamic fail-over mechanism
Eliminates single-point of failure

Higher availability redundant path

>Frequently used when end stations are
configured to use specific default gateways

>Predefined MAC address

(00-00-5E-00-01-{VRID})
VRRP multicast address (224.0.0.18)
3Com
Confidential

52

What is VRRP Cont

> VRRP provides a virtual router as backup
on a LAN segment
> A virtual router is actually two or more physical
routers on a single LAN segment, with one router
acting as the Master router, and the other(s) acting
as Backup router(s) for a given set of IP subnets
> Particularly useful for devices configured with a
Static Default Gateway
> One Router configured as the Primary (expected to
be initial Master), others configured as Backup

> Master/Backup status determined by userconfigured Priority of 1 to 255, with 255 signifying
the VRRP Primary router
3Com
Confidential

53

What is VRRP Cont

> Only one router may be designated as Primary router
(Priority = 255) for a given virtual router
> Multiple backup routers may be configured at the
same, or different, priority level (1 to 254) for a given
virtual router
> A router may be configured as a member of several
virtual routers

> The same physical router may be primary for one

virtual router and backup for another virtual router
> Multiple virtual routers may exist on the same
LAN segment
3Com
Confidential

54

Virtual Router ID (VRID)

> A virtual router is assigned a Virtual Router ID
(VRID) - a value from 1 to 255
> Each router belonging to a given virtual router is
configured with the same VRID

> The IANA has assigned a specific set of MAC

addresses for VRRP:
00-00-5E-00-01-00 to 00-00-5E-00-01-FF
byte
1-3
4-5
6
value
00-00-5E
00-01
nn
meaning
IANA
VRRP
VRID
OUI
protocol
Byte six is the virtual routers ID (VRID)
3Com
Confidential

55

Master/Backup Communication

3Com
Confidential

> When VRRP is running:

The VRRP Mac is used as the routers layer 2 source address,
not the routers actual MAC
> The IANA has assigned an IP Multicast address for VRRP:
224.0.0.18
> The master VRRP router sends periodic hello frames to IP multicast
address 224.0.0.18
Frame Headers contain:
Eth DA = 01-00-5E-00-00-12
Eth SA = 00-00-5E-00-01-34 (VRID = 52)
IP DA = 224.0.0.8
IP SA = routers IP Interface address
Frame Data contains:
VRRP Priority
Virtual Router ID = 52 (x34)
list of IP Addresses to be backed-up
(note: reference RFC2338 for full list of data items in VRRP hello
frame)
56

Master/Backup Communication Cont

>
>
>
>

3Com
Confidential

Only the current master sends hello packets

Initially, only the primary sends hello packets
Backups are passive (listen only) when enabled
When a backup VRRP router fails to receive hellos for
a specified amount of time, it switches over to become
the master
The new master will now:
o Receive/accept frames with VRRP MAC
as the destination
o Receive/accept frames addressed to the
primarys IP Address(s)

57

VRRP Basic Operation

Real IP / Mac Address
10.1.1.254 / 00-3c-00-5b-4f-0a
Master

VRRP Multicast Hello

every n second

Layer 2 Bridge
1

PC 10.1.1.1
GW 10.1.1.254

VRRP IP / Mac Address

10.1.1.254 / 00-00-5e-00-01-01
2
Real IP / MAC Address
10.1.1.252 / 00-3c-00-7d-9f-07

VRRP master transmits VRRP multicast

advertisements every n second configurable
timer using the virtual Mac Address as the
source.

If the backup VRRP router misses 3 VRRP

advertisements it will assume the role of master
by responding to ARP requests for the Virtual IP
Address and will start sending VRRP
Advertisements and forward any traffic destined
3Com
Confidentialfor the Virtual MAC

PC 10.1.1.2
GW 10.1.1.254
PCs will ARP for their default
gateway, master responds with
10.1.1.254 Mac 00-00-5e-00-10-01

58

VRRP and Dynamic Routing

158.101.49.254
1

Real IP/Mac Address

10.1.1.251 00-3c-00-5b-4f-0a
Master

Layer 2
Bridge
1

PC1 10.1.1.1
GW 10.1.1.254

VRRP IP/Mac Address

10.1.1.254 00-00-5e-00-01-01
2

PC2 10.1.1.2
GW 10.1.1.254

Backup
Real IP/Mac Address
158.101.49.253 10.1.1.252 00-3c-00-7d-9f-07

PC3 158.101.49.1
GW 158.101.49.254

3Com
Confidential

If a link failure occurs on CB-1 and Dynamic Routing is Not

enabled, traffic destined for network 10.1.1.0 through CB-1 would
be dropped. Without Dynamic Routing CB-1 does not have a path
to network 10.1.1.0
OSPF is recommended due to its quick convergence time. RIP can
be used, but fail-over time could be as high as 30 seconds. Failover times with OSPF are usually under 5 seconds.
59

Most Common VRRP Configuration

Sequence
>Create a Protocol-based/IP VLAN
>Create IP Interface(s) on top of the IP VLAN
>Enable routing on the switch

>Configure routing for the IP Interface

>Create a VRRP router on top of the IP VLAN
>Enable VRRP
When a VRRP router is created, it is disabled
by default

3Com
Confidential

60

VRRP Address Mode

>Multiple IP addresses may be attached to a VLAN
>User may selectively configure that only some, or all,
attached IP Addresses are backed-up by VRRP
IP-address allows users to select from list of IP
addresses attached to VLAN 2
Auto-learnallows all IP Addresses attached to
VLAN 2 to be backed-up and selected
Addresses will be advertised in VRRP hello Frames

3Com
Confidential

61

VRRP Authentication Type

> VRRP supports Simple Clear Text Passwords
> Authentication is a configurable option:
Password is included in Hello frame from Master

If the Password in the frame doesnt match the

configured Password of a Backup router, the
frame is dropped by the Backup router. If the
Master goes down, the Backup will not switch to
Master

3Com
Confidential

62

VRRP Preempt Mode

> Preempt Mode is a configurable option for backup virtual
routers
Enter virtual router preempt mode (no,yes) [yes]:
Indicates whether or not a higher priority backup can
preempt a lower priority master

Router-1
Primary
Priority = 255

Router-2
Backup
Priority = 150

Router-3
Backup
Priority = 100

Router-1 and Router-2 are down. Router-3 is running as Master

Router-2 comes back up. Receives Hello Frame from Router-3
If Preempt Mode is off, Router-2 will not attempt to become Master
3Com
Confidential

63

VRRP a Layer 2 Protocol

> VRRP is a Layer 2, not a Layer 3 protocol
> It is not a Routing protocol
> VRRP does not interact with configured routing
protocols (RIP, OSPF, etc). VRRP does not update
routing tables
> Each physical router comprising a virtual router must
be configured on the same network/subnet(s)

Router-1
Primary
IP = 22.2.2.10

Router-2
Backup
IP = 22.2.2.11

Network 22.2.2.0/24, (255.255.255.0)

3Com
Confidential

64

Basic VRRP Configuration

PC-A

ROUTER
A

PC-B

IP = 55..5.5.5
GW = 55.5.5.1

LAN

IP = 44.4.4.1

IP = 44.4.4.2

55.5.5.1

55.5.5.2

Primary Virtual Router

vrrp priority = 255
Virtual Router ID = 52
Virtual Router IP =
44.4.4.1
Primary for subnets:
44.4.4 and 55.5.5
Virtual Router
MAC Addr =
00-00-5E-00-01-34

3Com
Confidential

IP = 44.4.4.4
GW =
44.4.4.1

The Primary Virtual Router sends periodic VRRP

Advertisement messages. These are layer 3 IP Multicast
frames, using the VRRP Mac addr at layer 2, not the
Routers Mac addr
Frame Headers contain:
Eth DA = 01-00-5E-00-00-12
Eth SA = 00-00-5E-00-01-34 (x34 = 52)
Eth prot type = x0800 (IP)
IP DA = 224.0.0.8 IP SA = 44.4.4.1
IP prot type = x70 (vrrp)
Frame Data contains:
Vrrp Priority (255)
Virtual Router ID: 52 (x34)
Router IP addrs: 44.4.4.1
55.5.5.1
(note: reference RFC2338 for full list of data items
in frame)

ROUTER
B
Backup Virtual Router
vrrp priority = 100
Virtual Router ID = 52
Virtual Router IP =
44.4.4.2
Backup for subnets:
44.4.4 and 55.5.5

All IP addresses are

subnetted to a Class
C addr with a mask
of 255.255.255.0
65

Distributed Link Aggregation

IEEE 802.3ad and LACP
> What is LACP?
Protocol specified in IEEE 802.3ad, Link Aggregation Control Protocol, LACP
> What Does LACP Do?
Automatically enables and configures Aggregated Links between switches
that support it

Configurable per port and across Fabric ports using port ranges and DDM,
disabled by default
LACP will form as many aggregations as the hardware resources allow.
Any number of ports can join a LACP trunk, but only 8 ports will be active,
other ports blocked
LACP trunks can also be configured by manually selecting the Partner IDs at
either end (Partner ID = MAC address)
Supplements legacy manual/legacy Aggregated Links

3Com
Confidential

66

Distributed Link Aggregation

LACP Considerations
> LACP is an important component of DLA because:
It protects against Interconnect failure or Fabric split by allowing the edge to
reconfigure two separate trunks
It enhances XRNs ease of use and simplicity
> LACP and VLAN interaction is very important because:

A LACP trunk will assume the VLAN membership of the first port in the trunk
that becomes active
Ensuring appropriate VLAN membership across LACP trunks will ensure
connectivity and protect the L3 infrastructure against Interconnect failure

> Best LACP practices

Prior to enabling LACP on the Fabric ensure that ports that will be in the trunk
are configured with identical VLAN membership (tagged or untagged)

3Com
Confidential

67

DLA at the Server Farm

> Multi-home Servers using 10/100/1000 Server NICs at the server farm (NIC
Teaming)
> Supported on Intel Server Adapters implementing Adaptive Load Balancing
> Can also use 802.3ad for load balancing across multiple NICs

8Gbps using XRN Interconnect kit

3Com
Confidential

68

Virtual LANs Overview

3Com
Confidential

69

Traditional Bridged LANs

Backbone

BRIDGE

BRIDGE

BRIDGE

Single Layer 2 broadcast domain

70

Bridged Virtual LANs

Backbone

VLAN
Switch

VLAN
1

VLAN
Switch

VLAN
Switch

VLAN
2

VLAN 3

Broadcast
domains
VLAN 5

VLAN
4

Broadcast
domains

A VLAN is a logically-defined Layer 2 broadcast domain

71

Benefits of VLANs

>Improve performance:
Broadcast domain control

Broadcast storm prevention

Scalability
>Improve manageability:
Reduce cycle time for changes
>Improve security:

Access control

72

VLAN Components
>Membership:
Defines how members are selected
>Identification:

Defines how frames and VLANs are associated

>Members of a VLAN are organized into two
types of VLANs:
Port-based
Protocol-based

73

Port-Based VLANs

> A port-based VLAN contains a group of bridge ports

with unspecified protocol type
> The default VLAN (VID 1) that is included in the
standard configuration for each switch is port-based
> Two or more port-based VLANs can overlap,
provided that 802.1Q tagging is used
Each port may be an untagged member of just
one VLAN
If you do not remove (or modify) the original
default VLAN (VID 1), all ports in additional portbased VLANs must be tagged

74

Protocol-Based VLANs
> A protocol-based VLAN contains a group of bridge ports with one
or more protocol types defined
for the port group
The following protocols are currently supported:
> IP
> IPX
> DECnet
> AppleTalk
> SNA
> VINES
> X.25
> NetBIOS

> A protocol-based VLAN excludes any frame that does not match
the protocol type definition
> Protocol-based VLANs of the same protocol type
cannot overlap
75

Protocol-Based VLAN Example

VLAN Switch

Default
IPX Net 2

IPX Net 1

Subnet 1 Subnet 2 Subnet 3

1

Default VLAN

VLANs

IPX VLANs

Default
IPX Net 1
IPX Net 2
IP Subnet 1
IP Subnet 2
IP Subnet 3

IP VLANs

Port
number

16
56
14
12
34
56

Port numbers

IPX Net 1 broadcast

76

Network-Based VLANs

> A network-based VLAN contains a protocol-subnet

group of ports
> A network-based VLAN excludes any frame that
does not have a destination address on the specified
subnet

> Network-based VLANs can be overlapped provided

that they do not specify the same subnet address

77

VLAN Components
Identification In Frames
MAC Header

IP Header

Data...

> Implicit identification:

Uses information
embedded in the
frame

Example: Protocol type

> Explicit identification:

MAC Header Tag IP Header

Data...

Example: Standard 802.1 Q tag

3Com
Confidential

Information added to
the frame

VLAN Implicit Tagging

No added TAG

MAC Header

IP Header Data...

Downlink

802.1Q
enabled

Downlink

802.1Q
enabled

802.1Q
enabled

VLAN VLAN
1
2

VLAN 1
MAC Header

VLAN
2

IP Header Data

Example: IP protocol

79

VLAN Explicit Tagging

MAC Header

VLAN A

IP Header

Data...

Downlink supporting VLANs A and B

TAG
added

802.1Q
enabled

802.1Q
enabled

2
VLAN VLAN
A
B

VLAN B

4
TAG
removed

VLAN A

MAC Header IP Header Data...

MAC Header

IP Header Data...

80

802.1Q Frame Tagging

Normal Ethernet Frame

SA: 6 Type/
Length: 2

Preamble: SFD: 1 DA: 6

7

Data: 48 to 1500

CRC: 4

Inserted fields

802.1Q Tagged Frame

Preamble: SFD: 1
7

User
Priority
3 bits

CFI
1 bit

DA: 6

SA: 6

2
2 Type/
TPI TAG Length: 2 Data: 48 to 1500

CRC: 4

Bits of VLAN ID (VID) to identify 4,096 possible VLANs

12 bits
81

Related Standard: IEEE 802.1p

> Standard for traffic class and dynamic multicast filtering

services in bridged LANs:

Addresses the issue of separate queuing for

time-critical frames
Provides for CoS definitions within Layer 2 frames

Allows means of dynamic configuration and

distribution mechanisms

802.1p
DA SA Prot. ID. P

New frame format

CFI

VLAN ID

Data

802.1Q
TAG
82

Multicast Technology
Overview

3Com
Confidential

83

What Is IP Multicasting

> Enables simultaneous delivery of information to

many receivers in the most efficient, logical way
> Reduces load on source, because it does not have to
produce multiple copies of the same data
> Makes efficient use of network bandwidth and scales
well as number of participants expands
> Works in concert with QoS and RSVP to support
real-time multimedia

3Com
Confidential

84

Switch Without Multicast Function

Forward multicast packet to all ports except received port

3Com
Confidential

85

Multicast in L2 Switch

Check table

Forwarding Table

3 4

MAC address Interface

01-02-03

3Com
Confidential

125

86

IP Multicast Operation
Multicast Source
> Hosts join/leave multicast
groups
> Switches form multicast
delivery trees
> Switches forward multicasts
toward receivers

Switch

Hosts

Hosts

Group membership protocol

3Com
Confidential

Multicast routing protocol

87

Internet Group Management Protocol

(IGMP)
>Used to establish and maintain multicast membership
among IP hosts and their directly connected
neighboring routers
>RFC1112 defines IGMP V1
>RFC2236 defines IGMP V2 (widely supported)
>RFC3376 defines IGMP V3 (few supported)

3Com
Confidential

88

Internet Group Management Protocol

(IGMP)
> Internet standard RFC 1112
> Required for all multicast systems

> Executes between hosts and

local router or switch
> Allows router or switch to learn the
multicast groups on each interface

> Protocol operation

Router/switch transmits
query messages

Hosts respond with

report messages (join or leave
multicast group)

3Com
Confidential

89

IGMP Comparison

IGMPv1

IGMPv2

IGMPv3

Querier election

Based on routing
protocol

elected by
himself

elected by
himself

Leaving method

Leave silently

Actively send
leave message

Actively send
leave message

Group-Specific
Query

None

Yes

Yes

Group and SourceSpecific Query

None

None

Yes

3Com
Confidential

90

IGMP Snooping

IGMP report

CPU
forwarding table
MAC address interface
01-02-03
0135

IGMP query

3Com
Confidential

91

IGMP Actions

membership report

general query
join group
leave group
group-specific query

3Com
Confidential

92

Multicast Forwarding
>Reverse Path Forwarding (RPF)
Based on source IP address
If RPF check is successful, packet is forwarded

If RPF check fails, packet is discarded

3Com
Confidential

93

Example: RPF Check

Source
192.18.0.32

RPF check fails, the

packets come from an
error interface
Multicast Packet

Multicast packets come from

an error interface
3Com
Confidential

94

Multicast Routing Protocol Overview

>DVMRP (RFC 1075)
>PIM-DM (RFC 3973)
>PIM-SM(RFC 2362)

>MOSPF(RFC 1584)
>Others (Core-based trees multicast routing protocol,
CBTv2, RFC2189, etc. )

3Com
Confidential

95

IP Multicast Addressing

> Class D addresses: Reserved for multicast

> Range: 224.0.0.0 239.255.255.255
> Reserved addresses
All host addresses on this subnet: 224.0.0.1

All router/switch addresses on this subnet: 224.0.0.2

Network time protocol: 224.0.1.1
RIP-2: 224.0.0.9
OSPF: 224.0.0.5/224.0.0.6

1 1 1 0
4 bits
3Com
Confidential

Group address
28 bits
96

Mapping IP Multicast to MAC Multicast

>The 5 bits are not used, so total 32 multicast ip addresses are

mapped to the same one MAC multicast address

Multicast IP Address

1110
0000000100000000010111100

3Com
Confidential

The last 23 bits for mapping MAC accress

Multicast MAC Address

97

IP Multicast Support in a Typical

Switched Environment
Internet Group Management Protocol (IGMP)
Multicast Routing Protocol (DVMRP)
Multicast Traffic

1
M0
bp
0
s

Nonintelligent routers/switches propagate

multicasts to all ports
R

Video broadcast
sender

Link pruned through DVMRP

Prune
message

Graft
message
R

1
M0 1
bp
0 M0
1
s bp
0 M0
1
s bp
0 M0
1
s bp
0 M0
1
s bp
0 M0
1
s bp
0 M0
s bp
0
s

Nonmembers
3Com
Confidential

SW

1
M0
bp
0
s

Member
of
group

SW

1
M0
bp
0
s

Member
of
group

1
0
1 M
0
0 bp
1 M
s
bp
0
M
1 0 s
0
0 bp
1 M
s
bp
0
M
1 0 s
0
M
0 bp
bp
0 s
s

SW
No group members

IGMP join message causes multicast to

be delivered to all ports in the switch.
Nonmembers
98

Distance-Vector Multicast
Routing Protocol (DVMRP)
Source station

> Independent of unicast routing protocol

on routers/switches

> Truncated broadcast tree

Shortest-path, source-rooted delivery
tree

First packet traverses entire tree

Subsequent
prune messages
Supports
graft messages

> Supports tunnel

across Internet

Router

Active branch

Subnet

Prune message

Subnet with group member

3Com
Confidential

G
99

PIM
>Independent of unicast routing protocol
>Dependant on unicast routing protocol
>UDP port number: 103

>PIM router group address: 224.0.0.13

>PIM protocol is divided into
PIM-DM (Protocol Independent Multicast - Dense
Mode)
PIM-SM (Protocol Independent Multicast - Sparse
Mode)

3Com
Confidential

100

PIM-DM
>Used when there are many users who need the data
flow
>It assumes all the users need the data flow
>It establishes the forwarding entry in interval

3Com
Confidential

101

PIM-DM Forwarding

Receiver
Source
192.18.0.32

Multicast dataflow

3Com
Confidential

102

PIM-DM Pruning

Receiver
Source
192.18.0.32

Multicast dataflow
Prune message
Stop sending multicast dataflow

3Com
Confidential

103

PIM-DM Grafting

Receiver
Source
192.18.0.32

Multicast dataflow
Join message
Graft message
Graft response
3Com
Confidential

104

PIM-DM Maintenance

Receiver
Source
192.18.0.32

Multicast dataflow

3Com
Confidential

105

PIM-SM
>Used when there are few users who need the data flow
>It assumes all the users do not need the data flow

3Com
Confidential

106

PIM-SM Forwarding

RP/DR

DR
Receiver

Source
192.18.0.32

Multicast dataflow

Join message
IGMP join

3Com
Confidential

107

PIM-SM Pruning

RP/DR

DR
Receiver

Source
192.18.0.32

Multicast dataflow stopped

Prune message
IGMP leave message

3Com
Confidential

108

PIM-SM Maintenance

DR

RP

DR
Receiver

Source
192.18.0.32

Multicast dataflow

Join message
IGMP join

3Com
Confidential

109

PIM-SM Registration
Registration

DR

RP

DR
receiver

source
Registration
stop

Multicast dataflow
Unicast registration message
Unicast registration stop message

3Com
Confidential

110

Layer 3 IP Routing RIP & OSPF

Technology Overview

3Com
Confidential

111

Standard IP Routing Model

Layer 3 Switch

> Forwarding decisions are based

solely on Network ID (IP
address plus subnet mask)
> Subnets can help control
network traffic

158.101.112.0
(255.255.255.0)

> This type of routing is

internetwork routing

158.101.145.0
(255.255.255.0)

3Com
Confidential

112

IP Routing Model

158.101.32.0 158.101.48.0
Router
158.101.112.0

Bridge

> Placing a bridge engine between

the router and the subnet allows
multiple connections to
the subnet

> A router forwards based

on IP address
> A bridge forwards based on
MAC address

158.101.112.0 (255.255.255.0)

VLAN
3Com
Confidential

113

Intra-Network routing

Router engine

Router
interfaces
Bridge
engine

IP
VLAN 1

IP VLAN 2

Enet
MAC

Enet Enet Enet

MAC MAC MAC

158.101.100.0
IP VLAN 1
3Com
Confidential

Assigning ports to
routes logically
segments the
bridging engine

158.101.20.0
IP VLAN 2

IP VLAN 3

Enet
MAC

Enet
MAC

158.101.30.0
IP VLAN 3

IP subnets
can span
multiple ports
Traffic within
a subnet
is switched
Traffic between
different subnets
is routed
114

RIP 1 Operations

N1direct Update period: 30 sec

N2direct
Max path: 15 hops
N31 hop 16 hops: unreachable
N41 hop
Timeout: 180 sec
N5direct
Routing table (A)

Router A

N11 hop
N21 hop
N3direct
N4direct
N5direct
Routing table (B)

RIP update RIP update

Router B

Network 5
Network 1

Network 2
3Com
Confidential

Router C

Network 3

Network 4
115

RIP-1 versus RIP-2

FEATURE
Convergence
Transmission
Metric type
Distance limitation

Update interval
Bandwidth usage
Complexity
Routing path

Slow

RIP-2
Faster than RIP-1

Broadcast address

Multicast address

Hop count

Hop count

15 hops

*15 hops

Updates (30 sec)

Whole table

updates (30 sec)

Whole table

Low Single packet Low single-packet type

Single path routing

Single path routing

Area Support

NO

NO

VLSM support

NO

YES

Limited

Better

Scalability
3Com
Confidential

RIP-1

116

OSPF Operation

Net 1

Router 1

Router 5

Net 2
Router 1

Router 2

10

10

Router 3

Router 1

10

Router 2
Router 5

Router 4

Router 2

Net 3

Net 3

Router 4

Links
states

1. Link-state
advertisements
3Com
Confidential

10

Router 4

Router 5

10

10

10

Net 1

Net 4

Net 4

Router 3

Router 3

2. Link-state database

10

10

Net 2

10

Net 5

Net 5

3. Topology map

4. Shortest path tree

NETWORK

NEXT HOP ROUTER

METRIC

Network 1

Router 5

20

Network 2

Direct

Network 3

Direct

Network 4

Router 2

20

Network 5

Router 4

20

5. Routing table
117

OSPF Designated Router (DR) and Backup Designated

Router (BDR)

Router

Router

Router

3Com
Confidential

BDR
DR

Router

Multiaccess
networks

DR

Router

BDR

> DR speaks for the

other routers of
his network
> BDR replaces the DR
when DR fails
> One DR and one
BDR per
multi-access network
> Election:
DR: Router with
highest router
priority.
If the priority is the
same, it defaults to
the Router ID
118

OSPF: Adjacencies

Router

Router

BDR

Router

BDR
Full

Two way
Full
DR

Two-way state

Full
DR

Full adjacency state

Two way
The router has seen itself in the Hello packets of a neighbor
Full
Adjacency between any router and the DR and the BDR
3Com
Confidential

119

OSPF: Intra-area Routing

>Single area:
Autonomous system
Area 0.0.0.0
3Com

3Com

3Com

3Com

Area ID: 0.0.0.0

>All the routers belong
to that unique area

>LSA flooded and

restricted to the area:
Router LSA

Network LSA
3Com

3Com

>One shortest path tree

per router
>Area 0.0.0.0 is the
default configuration

3Com
Confidential

120

OSPF: Inter-area Routing

Autonomous system
Area 10.0.0.0
3Com

Area 0.0.0.0
(Backbone)
Area 30.0.0.0

ABR
ABR

3Com

Area 40.0.0.0
Area 20.0.0.0
3Com

ABR
ABR

3Com

> Dividing into areas

enables the creation of
larger networks
> All areas are required to be
connected to Area 0.0.0.0
with an Area Border
Router (ABR)
> Area 0.0.0.0 = backbone
area (default)

> One link-state database

per area
> One shortest-path tree
per router

3Com
Confidential

121

OSPF: Area Types

Transit area
Traffic destined to
another area can go
through it
Stub area
Traffic destined to
another area can
not go through it
Backbone
All areas need to be
connected to the
backbone area

3Com
Confidential

Transit area and

backbone area
Area 10.0.0.0
3Com

Area 0.0.0.0
(Backbone)

ABR

Area 30.0.0.0

ABR

3Com

Stub area
Stub area
Area 40.0.0.0
Area 20.0.0.0

ABR
Stub area
Stub area

ABR

3Com

3Com

Stub area

122

RIP-1 and RIP-2 vs OSPF

RIP-1

FEATURE
Convergence speed

Slow

Distance limitation
Update interval

Faster than RIP-1

Fast
Multicast address

Hop count

Hop count

Path cost (link speed)

15 hops

128 hops

Unlimited hops

Periodic updates (30 sec) Periodic updates (30 sec)

Bandwidth usage

OSPF

Multicast address

Transmission method Broadcast address

Metric type

RIP-2

Whole table

Whole table

Triggered updates
Changes only

Protocol complexity Low single-packet type Low single-packet type

High multiple types

Routing path

Multi-path routing

Single path routing

Single path routing

Multiple area support

NO

NO

YES

VLSM support

NO

YES

YES

Better

Excellent

Scalability
3Com
Confidential

Limited

123

UDP Helper

BootP/DHCP/DNS Server
(IP address=10.1.1.1)

2
Router

Router

Router

Router

Router

IP unicast
(10.1.1.1)
IP

IP

UDP

UDP

UDP Helper = 10.1.1.1

Switch Router

BootP request

BootP request

IP broadcast
(255.255.255.255)
3Com
Confidential

BootP/DHCP/DNS
clients
(IP address=?)

124

Using ACLs

3Com
Confidential

125

Review of ACLs
>ACL's are used to classify packets as they enter an interface
Ingress / in-bound
Before the routing/switching decision
>Rules determine how to match packets, and what action to take
> Deny results in matching packets being filtered (discarded)
> Permit allows matching packets to be forwarded
> At the end of every access list is an implied permit all traffic
statement
>The obvious use for ACL's is packet filtering

>ACL's can be used in combination with other commands

Many QoS commands use ACL's to select traffic

3Com
Confidential

126

Review of ACL's (continued)

> ACL's can be activated directly on hardware

For example
> Filtering and forwarding
> QoS functions
The order in which rules are applied is determined by hardware
> ACL's can be referenced by software
For example
> Routing policies

> Controlling logon access

The match order in which rules are applied can be either
> User-defined
Applied in the same order as entered by the user
> Depth-first by the switch
The rule with the most specific match is applied first
3Com
Confidential

127

Type of ACLs
> The Switch supports 3 types of ACL's
Layer 2
> Rules can specify source and destination MAC addresses, VLAN
ID, and Ethernet protocol type
Layer 3 (basic)
> Rules can specify only the IP source address
Layer 3 (advanced)
> Rules can specify several different Layer 3 & Layer 4 fields
> ACL's are referenced by number
Advanced

3Com
Confidential

Basic

Layer 2

128

Configuring ACLs

3Com
Confidential

129

Configuring an ACL
>ACL configuration tasks include:
Configure a time range (optional)
Define the ACL
> By number
Number Range determines the Type
> Match order (optional, mostly irrelevant)
Create the rules for the ACL
> Rules depend on the ACL type

Finally the ACL is applied to an interface

> In a packet-filter command
> In a QoS command
3Com
Confidential

130

Defining the ACL

>Define an ACL by following the steps below:
Enter the corresponding ACL view
Add a rule to the ACL
> Multiple rules may be defined for an ACL
>Numbered ACL ranges:

2000 - 2999 to specify a basic acl

3000 - 3999 to specify an advanced acl
4000 - 4999 to specify an Ethernet frame header acl

>The default matching-order of ACL is config

i.e. following the order in which they are configured by the
user
3Com
Confidential

131

Define an Advanced ACL

>Advanced ACL's define classification rules and
process packets according to the source and
destination IP addresses, TCP/UDP ports & packet
priority
>Advanced ACL's support three types of priority
scheme:

ToS (type of service) priority

IP precedence

DSCP priority

3Com
Confidential

132

Controlling User access by ACL

>ACLs can be used to control access to the switch by:
Telnet users
SNMP management stations

HTTP users
>This first level of security controls user connections
The second level is the user password authentication

>Two steps are required:

Define a numbered ACL in the range 2000 - 3999
Import the ACL

3Com
Confidential

133

Quality of Service QoS

Technical Overview

3Com
Confidential

134

Quality of Service for Ethernet Networks

> Ethernet cannot inherently distinguish between
different types of traffic (voice, video, data) or different
applications
> When the network is congested, bandwidth-intensive
applications can receive poor Quality of
Service (QoS)
> Ethernet provides higher-level services for these
applications by leveraging other technologies
and standards
These QoS techniques address the different
needs of time-sensitive applications, and enable
users to prioritize business-critical information over
non-critical information
802.1p, 802.1Q, RSVP & DiffServ are examples
3Com
Confidential

135

Making Sense of Ethernet CoS/QoS

Standards
802.1D
Media Access Control (MAC) Bridges

802.1p
Traffic Class Expediting and Dynamic Multicast Filtering

GARP

GMRP

L2 transport mechanism to

Dynamic multicast
filtering using GARP

propagate information

802.1Q
Virtual Bridged Local Area Networks

GVRP
Defines dynamic registration of
VLANs using the IEEE 802.1Q tag
(VLAN ID)

3Com
Confidential

Quality of Service (QoS)

>

>

3Com
Confidential

QoS addresses bandwidth delay, loss, and

jitter control
Gives you control over network traffic by
enabling the assignment of various
grades of network service to different
types of traffic such as multimedia, video
or protocol specific (i.e. Web, Lotus
Notes, FTP, etc.)
Some of the benefits of Quality
of Service:
Controlling network traffic
> Classifying based on packet attributes
> Assigning priorities to network traffic
> Applying security policies through
traffic filtering
Providing predictable throughput by
minimizing delay and jitter
Improve performance and
bandwidth scalability
Manage network congestion

Servers
NBX
Network
Critical

High
Priority

Best
Effort

137

Quality of Service (QoS)

IP Networks Today: Simple but not efficient

Smart end
stations

Traditional
Network

Smart end
stations

End-to-End IP solutions use smart end stations a with traditional

network core
A Traditional core can only provide a best effort service.
This has many limitations:
Unpredictable delays
Data loss of Business Critical information
Can not ensure timely delivery
Can not guarantee the data throughput level
3Com
Confidential

Quality of Service (QoS)

Is Bandwidth the Answer:
Increased bandwidth alone does not solve the problem
The problem is more than a simple capacity issue
The network application requirements are changing

Web
Email - SMTP
FTP
Telnet
3Com
Confidential

Applications
Are
Evolving

IP-Telephony
Audio Streaming
Video Streaming
IP-Television

Quality of Service (QoS)

The Changing Needs of the Network

Smart end
stations

Intelligent
Network

Smart end
stations

Networks Exist for Applications!

When applications evolve - The Network has to follow
The IP network has to become Intelligent to keep up

3Com
Confidential

Quality of Service (QoS)

Why the Intelligence?

Video / Audio streaming demands high data

throughput capacity with low latency requirements
Public and Private IP networks are now being used
increasingly for mission-critical information
New breed of applications cannot tolerate
unpredictable losses

By 2000, 20% of all enterprise

networks mission critical
applications will experience
severe performance problems

3Com
Confidential

Quality of Service (QoS)

The Answer: QoS
QoS is about providing a consistent, predictable data delivery service
It does NOT create extra bandwidth
QoS manages bandwidth according to what the applications require
QoS requires the support of every network element from end-to-end,
since QoS is only as good as the weakest link in the chain

Core Switch
Edge Switch

QoS Aware
3Com
Confidential

Edge Switch

QoS Aware

QoS Aware

Quality of Service (QoS) - The Benefits

What are the benefits to web applications?
The Internet is increasingly relied upon
for doing business
The expectation for quality assurances
are the same as for that of a private
controlled network
QoS provides the tools for IT managers
to deliver mission critical business over
the public network with
Decreased latency
Predictable performance

ERP

ERM

CRM

e-Commerce

3Com
Confidential

Rich content can be

delivered through the web
on time

QoS can ensure

appropriate assurance
levels for e-business
transactions

Quality of Service (QoS) - The Benefits

What are the benefits to the Enterprise?
Mission critical applications require
quality, reliability, and
timeless assurance
QoS technology allow IT
managers to:
Manage jitter sensitive
applications, such as audio and
video playbacks
Manage delay-sensitive traffic,
such as real-time voice
Control the loss of business-critical
data when the network suffers from
a traffic congestion / bursts
3Com
Confidential

SAP

Multi-Media

Mission critical applications

can be controlled in order to
preserve integrity

Voice

Video

Video & Voice streaming

can be carefully controlled

Quality of Service (QoS) - The Benefits

What are the benefits to service providers?
Outsourcing network services to xSP is
becoming common place
QoS allows xSPs to offer quality
assurances for end-to-end
business traffic
xSPs will be able to offer
more services:
Real-time traffic support
Specified Bandwidth allocations
Service Level Agreement portfolios
Creates enhanced revenue for xSP

3Com
Confidential

Enhanced
service
Real-time
traffic
support

Real-time traffic support for

voice and video streaming

Bandwidth
Allocations

SLA
portfolio

Enhanced services:
Bandwidth Allocation

QoS - Architectural Models

The two basic QoS types (shown below) are not competitive
or mutually exclusive, but designed to be complementary

Resource Reservation (Integrated Services)

IntServ is intended to make the Internet a robust infrastructure
Network resources are apportioned according to the applications QoS request
RSVP (Resource Reservation Setup Protocol) provides the mechanism for this

Prioritisation (Differentiated Services)

Simple / Coarse method for providing differentiated classes of service
A small 6-bit pattern within each packet is used to mark a packet
The packet is classified and apportioned network resources
DiffServ provides this service
3Com
Confidential

QoS - Characterization
The two QoS types can be characterized
Per Flow: (IntServ - RSVP)
Individual, unidirectional data stream between two points
Uniquely identified by a 5-tuple (transport protocol, source address,
source port number, destination address, destination port number)
Does not scale because each device stores per flow information
Per Aggregate: (DiffServ)
An aggregate is simple two or more flows
Typically the flows have something in common
I.e. any one or more of the 5-tuple parameters or deep packet analysis
Scales very easily

3Com
Confidential

QoS - Protocols
Applications and Network Topology dictate which type of QoS is
most appropriate for individual flows of aggregates
To accommodate this, there are a number of different QoS
protocols:
ReSerVation Protocol
(RSVP)

Provides the signaling to enable network

resource reservation
Typically used on a Per Flow basis

Differentiated Services
(DiffServ)

Provides a coarse and simple way to categorize

and prioritize network traffic
Typically used for prioritizing flow aggregates

Multi Protocol Labeling Provides bandwidth management for aggregates

Switching (MPLS)
via network control according to labels in packet
headers

Layer 2 QoS
3Com
Confidential

Enabled categorization and prioritization at Layer 2

on shared and switched IEEE 802 networks
802.1p/Q

IEEE 802.1p (CoS)

> 802.1p prioritisation works at the Datalink Layer (L2)
> 802.1p has two main components

Packet Marking
> Packets are classified as they enter the network
Some end-stations can send traffic already marked, but most
do not
Switches can classify packets and mark them according to
class
> Three bits of the 802.1Q tag are used to mark the priority
Queue Scheduling
> When a packet is received, the switch allocates it to an output
queue, according to the priority value
> Queue scheduling ensures different priorities for each class of
traffic

3Com
Confidential

> The correct prioritisation is thus applied to each packet at each

switch
149

802.1p priority levels

High-Priority
7 Network Control
6 Voice - Delay sensitive, 10 ms
5 Video - Delay sensitive, 100 ms

4 Delay sensitive
2, 3 Reserved

0 Default: best effort

1 Background
3Com
Confidential

Low-Priority
150

Differentiated Services (DiffServ)

>DiffServ has two main components
Packet Marking
> Packets are classified as they enter the network
> Six bits of the IP header (the DiffServ Code Point, or
DSCP) are used to mark the packets
Per Hop Behaviors
> For each class, a particular forwarding behaviour is
configured on every router
concerning jitter, prioritisation, bandwidth, etc
> Each router uses the DSCP of a packet to determine its
class
> The correct forwarding behaviour is applied to each packet
at each hop
3Com
Confidential

151

IP header with DiffServ

IP Datagram
IP HEADER

TCP HEADER

Data

IP Header
VERSION

IHL

TOS
DS

TOTAL LENGTH

4 bits

4 bits

8 bits

16 bits

DS Field
DSCP

6 bits

CU

26 = 64 Codepoints

2 bits

DSCP = Differentiated Services Codepoint

CU = Currently Unused
3Com
Confidential

etc
.

specify queuing or
scheduling behavior
(known as a per-hop
behavior or PHB)
152

DiffServ Packet Marking

>At the ingress node
Traffic classified and marked with the appropriate
DSCP value
>At all other nodes
Traffic can be classified simply by reading the
DSCP value
Traffic can be reclassified and remarked if
necessary

>Six bits (the DSCP) are used to classify packets

Up to sixty four (26) classes can be supported
3Com
Confidential

153

Four Main PHBs

> Default
Indicates best effort service
> Class-selector
Used for backward compatibility with Type of Service
(TOS) and IP Precedence schemes
> Expedited Forwarding (EF)

Suitable for delay-sensitive applications such as voice

and video
> Assured Forwarding (AF)

Recommended for mission-critical applications

3Com
Confidential

DiffServ Configuration Strategy

>For true QoS, DiffServ must be end-to-end
>Before configuration, you need a strategy
There may be a formal Service Level Agreement
If not, define your own strategy
> Keep it simple
> Decide how to classify traffic on ingress
Protocol, source and destination address, interface, other
> Decide the relative importance of types of traffic
For each type, consider bandwidth and drop precedence

>The hardest part of QoS is not configuring the switches, its

defining the strategy
3Com
Confidential

155

QoS - DiffServ (Prioritization)

3Com
Confidential

Differentiated Services (DiffServ) is a multiple

service model that can satisfy different QoS
requirements
Implemented on network boundaries at routers
and on new generation switches in the LAN
DiffServ tries to deliver a particular kind of
service based on the QoS specified by each
packet
DiffServ can be used for mission-critical
applications providing end-to-end QoS
Used for aggregate flows due to its coarse level
of classification

QoS - How DiffServ Works

DiffServ Architecture
Classifier

Conditioner

Marker
Two types of
Classifiers:
Behavior Aggregate
(BA)
Uses only DSCP value
Multi-field (MF)
Uses other header info
(src addr, protocol, port
numbers)

3Com
Confidential

Markers are used

to:
Add DSCP when
none exists
Change DSCP
as local policy
dictates

SLA = Service Level Agreement

Counter
Accumulates
statistics
Counts drop
traffic
What has been
re-marked?
How many
packets in the
queue

Conditioning
essentially involves
applying the PHB
This includes
policing, queue
selection, shaping
traffic, authentication
or admission control
Conditions traffic in
order to conform to
the SLA

PHB = Per Hop Behavior

QoS - DiffServ DS Field

DiffServ mechanism uses a bit pattern called the DS-byte

Supersedes the existing definitions for IPv4 TOS octet (RFC
791) & Traffic Class Octet IPv6
IPv4 = TOS (Type of Service) octet
6-bits are used as the DSCP to select a Per Hop Behavior (PHB)
at each interface
The CU 2 bit field is reserved for explicit congestion
notification (ECN)
Bits: 0 1 2 3 4 5 6 7

DS-Field

DSCP

Class Selector
CodePoints

3Com
Confidential

RFC 2474

CU

Currently
Unused

QoS - DiffServ PHB

The PHB defines how the behavior of how the

packets are forwarded at the Diffserv node
The PHB refers to the packet scheduling, queuing,
policing, or shaping behavior of the node
The four main per hop behaviors (PHBs) are:
Default PHB (RFC 2474)
Packet marked with DSCP value of 000000 receives
traditional Best Effort service

Class-Selector (RFC 2474)

Used for backward compatibility with IP-Precedence
scheme
111 has more priority than 110
DSCP values use xxx000, where x is either 0 or 1
Values are also called Class-Selector Code Points
For example - (DSCP) 110000 = 110 (IP-Precedence)

3Com
Confidential

QoS - DiffServ PHB

Assured Forwarding (AF - RFC 2597)
Defines 4 classes and 3 classes of drop precedence
Defines the bandwidth levels for use with different applications
Should be used for mission critical data applications
3 Levels of Drop Precedence
High drop precedence = Packet is more likely to get dropped in periods of
congestion
Specific applications assign the level of drop precedence to each packet
Drop Precedence

3Com
Confidential

Class 1

Class 2

Class 3

Class 4

Low Drop precedence 001010

010010

011010

100010

Medium Drop
precedence

001100

010100

011100

100100

High Drop precedence 001110

010110

011110

100110

QoS - DiffServ PHB

Expedited Forwarding (EF - RFC 2598)
Has a single Code-point
Recommended DSCP value : 101110 / 46
Supplies a robust service by providing
Low Loss
Low Latency
Low Jitter
EF PHB is ideally suited for real-time applications such
as video, VoIP or network gaming

3Com
Confidential

QoS - DiffServ Values

PHB

Description

Traffic Type

DSCP Value DSCP Value (BIN)

(DEC)

EF

Expedited Forwarding

Voice

46

101110

AF11

High Priority
Low Drop Precedence

TACACS, SAP,
Orcale

10

001010

AF21

Medium Priority
Low Drop Precedence

Lotus Notes
(security)

18

010010

AF22

Medium Priority
Lotus Notes
Medium Drop Precedence (normal email)

20

010100

AF23

Medium Priority
High Drop Precedence

Lotus Notes
(replication)

22

010110

AF31

Low Priority
Low Drop Precedence

HTTP

26

011000

3Com
Confidential

QoS - DiffServ PHB

Benefits of using Differentiated Services
Easily scales as the network grows
Allows customers to keep any existing Layer 3 ToS
prioritization scheme that might be in use
Allows customers to mismatch Diffserv-compliant devices
with any existing ToS-enabled equipment

Alleviates bottlenecks through efficient management of

current corporate network resources
Same mechanism works across the LAN and the WAN
End to End QoS
3Com
Confidential

QoS - Layer 2 QoS

Prioritization in the LAN - 802.1D
IEEE retro-fitted Ethernet to allow for QoS support
IEEE 802.1p standard defines how Ethernet switches classify frames.
802.1p uses a 3-bit value
Part of an 802.1Q header so entire network has to implement VLANs
Represents 8 priority values
802.1p is not scalable outside the LAN

3Com
Confidential

Priority 0

Default: Best Effort

Priority 1

Reserved: less-than Best Effort

Priority 2-3

Reserved

Priority 4

Delay Sensitive, no bound

Priority 5

Delay Sensitive, 100ms bound

Priority 6

Delay Sensitive, 10ms bound

Priority 7

Network Control

QoS - The e2e QoS solution

End-to-End QoS Solution for Legacy Networks
The QoS chain from top-to-bottom is an important consideration in 2 aspects:
Each OSI layer from application down must support QoS

Local Area Network (LAN) must be QoS enabled for end-to-end QoS to work
A mapping needs to exist between L2 and L3 QoS protocols

LAN

Router

Router

LAN

Internet

Map to 802.1p
3Com
Confidential IETF

Diffserv

Map to 802.1p

ISSLL: Internet Engineering Task Force Integrated Services over Specific Link Layer

QoS - The e2e solution

End-to-End QoS Solution for new networks
The QoS chain from top-to-bottom is an important consideration in 2 aspects:
Each OSI layer from application down must support QoS

Local Area Network (LAN) must be QoS enabled for end-to-end QoS to work.
Next generation switches can use Diffserv in the LAN and the WAN
More scalable and does not require the use of VLANs
Router

Router
Internet

LAN
3Com
Confidential IETF

Diffserv - End to End

ISSLL: Internet Engineering Task Force Integrated Services over Specific Link Layer

LAN

Queuing Techniques
>First In, First Out (FIFO) Queuing
Packets are simply forwarded in the order they
arrive
>Strict Priority (SP) Queuing
A packet is taken from a queue ONLY if all higherpriority queues are empty

Mission-critical applications are guaranteed

bandwidth
Lower priority applications may be completely
starved
3Com
Confidential

167

Queuing Techniques
> Weighted Round Robin (WRR) Queuing

Each queue is configured with a weight

> The weight is the number of packets that may be forwarded
The scheduler services each queue in turn (round robin)

> The scheduler services each queue until the weight limit is
reached, or the queue is empty (whichever happens first), then
moves on to the next queue
> Weighted Fair Queuing (WFQ)
Each queue is configured with a weight
> The weight is the guaranteed bandwidth available to the queue
> Specified in Kbps
The scheduler services each queue in turn
3Com
Confidential

168

Thank You