Browse Prior Art Database

Forwarding Domains Across Multiple Virtual LANs

IP.com Disclosure Number: IPCOM000123485D
Original Publication Date: 1998-Dec-01
Included in the Prior Art Database: 2005-Apr-04
Document File: 3 page(s) / 121K

Publishing Venue

IBM

Related People

Tippens, M: AUTHOR [+4]

Abstract

Disclosed is a method to allow forwarding domains across multiple Virtual LANs.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

Forwarding Domains Across Multiple Virtual LANs

   Disclosed is a method to allow forwarding domains across
multiple Virtual LANs.

   Virtual LANS (VLANS) are used to limit unnecessary traffic
from being forwarded on ports that do not use a particular protocol.
Implementations allow VLANS to be created based on protocols  such as
IP, IPX, NetBIOS, and IP Multicast.  When a frame is received on a
port that matches a defined VLAN, then that port becomes a member of
the forwarding domain for that VLAN.  Broadcast, multicast, and
unicast frames on SuperELANs for a particular VLAN are forwarded only
on ports in the forwarding domain of that VLAN.

   Problems arise when non-protocol VLANs are added to a
users configuration.  These non-protocol VLANS can be  based on the
MAC address of a device, a user-defined or sliding window VLAN, or a
VLAN based on port numbers.  However, when multiple protocol and
non-protocol VLANS are configured creating multiple VLAN environments
where membership in a VLAN may overlap, the VLAN function must decide
how to classify an incoming frame, and rules on how to allow a port
to join multiple VLANS.  Without this method to handle VLAN
membership when scenarios such as this are configured, the user may
see inconsistent or wrong VLAN membership.

   Users want to set-up VLANs to allow various configuration
and connectivity scenarios on their networks.  Without the ability
and flexibility to properly configure and control the various cases
of VLAN membership, the user would be limited in the configurations
that could be used.  This would result in a lose of connectivity on
the networks for certain configurations, or worse, would allow
unwanted devices on segments to inadvertently join restricted VLANS,
thus causing security concerns.

   There is no current standard defining a way to handle
multiple VLAN membership.  However, the issue of handling VLANS in
the future is being addressed by the 802.1 group of the IEEE.

   In the case of protocol VLANS, when a frame is received on
a port and that frame matches a protocol VLAN, that port is said to
have joined that VLAN, and thus will be included in the forwarding
domain of other ports on that VLAN.  (Note that a frame cannot match
and join multiple protocol VLANS).  With the addition of non-protocol
VLANS, ports can be found to match a single protocol VLAN, but can
also be found to match one or more non-protocol VLANS.

   This method allows configurations that allow a frame to be
classified to a single...