1、IEEE 802.1Q,Media Access Control Bridges and Virtual Bridged Local Area NetworksPatricia Thaler, Norman Finn, Don Fedyk, Glenn Parsons, Eric Gray,IEEE802.org/1,March 10, 2013,Authors,IEEE 802.1Q,2,Presentation Objective,Give an overview of the capabilities of todays 802.1Q It is much more than spann
2、ing tree protocol and 4K VLANs A lot of topics covered at a high level Overall capabilities are discussed but details are not coveredTodays networks often involve a mixture of L3 routing and L2 bridging sometimes even in the same box Understanding of todays L2 would be useful,IEEE 802.1Q,3,Contents,
3、IEEE 802.1 Overview Bridge architecture Data plane Provider Bridges (PB) /Q-in-Q/ Provider Backbone Bridges (PBB) /MAC-in-MAC/ Edge Virtual Bridging (EVB) Control plane Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP) Multiple Registration Protocol (MRP) Shortest Path Brid
4、ging (SPB) Software Defined Networking (SDN) aspects Enhancements to bridging of 802.11 Operation, Administration, and Maintenance (OAM): Connectivity Fault Management (CFM) Protection switching Management Quality of Service (QoS) Enhanced transmission selection (ETS) Priority-based flow control (PF
5、C) Congestion Notification (CN) Stream Reservation Protocol (SRP) Credit based shaper Preemption and time scheduled queuing Policing Other 802.1 standards not covered by this tutorial Link Aggregation Link Layer Discovery Protocol (LLDP) Time synchronization Audio video bridging systems Bridge port
6、extension Security Summary References Abbreviations,IEEE 802.1Q,4,IEEE 802.1 Overview,March 10, 2013,IEEE 802.1Q,5,IEEE 802.1Q,6,IEEE 802 is here: a standards committee formed by the Computer Society,aka NesCom,aka RevCom,25 IEEE Societies & Councils,IEEE Standards Organization,IEEE 802 Organization
7、,IEEE 802.1Q,7,802.3 Ethernet David Law,802.16 BWA Roger Marks,802.11 WLAN Bruce Kraemer,Working Group/TAG Chairs,1st VICE CHAIR Pat Thaler,RECORDING SECY John DAmbrosia,TREASURER Bob Grow,EXECUTIVE SECY Jon Rosdahl,Appointed Officers,CHAIR Paul Nikolich,EXECUTIVE COMMITTEE (EC),802.15 WPAN Bob Heil
8、e,802.18 TAG Radio Regulatory Mike Lynch,802.19 Coexistence Steve Shellhammer,2nd VICE CHAIR James Gilb,802.21 Media indep. handover Subir Das,802.22 WRAN Apurva Mody,MEETING MGR MEMBER EMERITUS Buzz Rigsbee,MEMBER EMERITUS Geoff Thompson,Hibernating WG Chairs (non voting),802.17 Resilent Packet Rin
9、g John Lemon,802.20 MBWA Radhakrishna Canchi,Appointed Officers (non voting),802.24 Smart Grid TAG James Gilb,OmniRAN EC Study Group Max Riegel,IEEE 802 is an open organization,IEEE 802.1 Task Groups,Interworking (IWK, Stephen Haddock) Internetworking among 802 LANs, MANs and other wide area network
10、s Time-Sensitive Networking (TSN, Michael David Johas Teener) Formerly called Audio Video Bridging (AVB) Task Group Time-synchronized low latency streaming services through IEEE 802 networks Data Center Bridging (DCB, Patricia Thaler) Enhancements to existing 802.1 bridge specifications to satisfy t
11、he requirements of protocols and applications in the data center, e.g. Security (Mick Seaman) Maintenance (Glenn Parsons),IEEE 802.1Q,8,IEEE 802.1 Standards,The ones with capital letters, e.g. 802.1Q or 802.1AX are independent standards Amendments to these standards are identified by lower case lett
12、ers e.g. 802.1ah, 802.1Qbg or 802.1AEbn Periodically the amendments get merged into a revision of the main standard, e.g. 802.1ah and 802.1Qay are now part of 802.1Q-2011 802.1Q can be considered as many individual standards (RFCs) integrated into a single document Clauses 6 through 9 give a general
13、 overview of the 802.1Q bridge architecture To get oriented on an additional area, its best to read the Clause titled the “Principles of ” Once oriented, references in the subclause of Clause 5 Conformance for the relevant device can be helpful,IEEE 802.1Q,9,Before We Start,Bridge forwarding is base
14、d on MAC addresses and virtual networks, i.e. Virtual LANs (VLAN) Context determines VLANs/MACs/Tags in the standard: Customer: C-MAC, C-VLAN, C-tag Service: S-VLAN, S-tag Backbone: B-MAC, B-VLAN, B-tag It is possible to construct a hierarchy out of the virtual networks,IEEE 802.1Q,10,Bridge Archite
15、cture,March 10, 2013,IEEE 802.1Q,11,Basic Principles,MAC addresses are “identifier” addresses, not “location” addresses This is a major Layer 2 value, not a defect! Bridge forwarding is based on Destination MAC VLAN ID (VID) Frame filtering for only forwarding to proper outbound ports(s) Frame is fo
16、rwarded to every port (except for reception port) within the frames VLAN if it is not known where to send it Filter (unnecessary) ports if it is known where to send the frame (e.g. frame is only forwarded towards the destination) Quality of Service (QoS) is implemented after the forwarding decision
17、based on Priority Drop Eligibility Time,IEEE 802.1Q,12,Control Plane Separated from Data Plane,Control protocols are implemented as Higher Layer Entities External Agent may provide control instead of the distributed protocolsThe data plane is comprised of A MAC Relay and At least two ports,IEEE 802.
18、1Q,13,Control Plane,External Agent,MAC Bridge,Higher Layer Entities,Simplified “baggy pants” model,LAN,Media Access Method Specific Functions IEEE 802.n e.g. 802.3 Ethernet,802.1 Bridging,LAN,see Figure 8-2 “VLAN-aware Bridge architecture” of 802.1Q for more details,Bridge Components,Used as a descr
19、iption language in the specs Specify the operation in distinct steps Different Component types for the different L2 virtual networks Ports have their own distinct type based on their role within a Component Key observation When the outermost Ethertype of the frame is not the same as the bridge compo
20、nent type, then the frame is assigned a VLAN by the reception port Implementations are often based on a single MAC relay a port may implement several functions Invented for humans to be able to talk about it, not for making it complex,IEEE 802.1Q,14,B Component,A Component,Bridge (specification),X P
21、ort,Y Port,Z Port,W Port,A type frame,B type frame,Data Plane,March 10, 2013,IEEE 802.1Q,15,Data Plane Today,802.1Q today is 802.Q-2011 (Revision 2013 is ongoing) Note that if the year is not given in the name of the standard, then it refers to the latest revision, e.g. today 802.1Q = 802.1Q-2011 an
22、d 802.1D = 802.1D-2004 802.1Q already involves Q-in-Q = Provider Bridges (PB) IEEE 802.1ad-2005 MAC-in-MAC = Provider Backbone Bridges (PBB) IEEE 802.1ah-2008 802.1Qbg-2012 Edge Virtual Bridging (EVB) is also part of todays 802.1Q data plane (802.1Qbg not yet amended to 802.1Q)802.1Q is not only abo
23、ut 12-bit C-VLANs any more,IEEE 802.1Q,16,Data Plane Actions,Ingress Port (Action Set1) Filtering (drop), (un)tagging, VID translation, de/en-capsulation Relay (Action Set2) Forwarding, filtering Egress Port (Action Set3) Filtering, (un)tagging, VID translation, de/en-capsulation, metering, queuing,
24、 transmission selection,IEEE 802.1Q,17,Data Plane,Frame out,Frame in,Relay,Ingress Port (Action Set1),Egress Port (Action Set3),MAC Bridge,Ingress Port (Action Set1) (Table1),Relay (Action Set2) (Table2),Frame in,Frame out,MAC Bridge,Egress Port (Action Set3) (Table3),redrawn,(“baggy pants” is simpl
25、e),Network Overlays Example,IEEE 802.1Q,18,Customer MAC,Customer MAC,Backbone MAC,Very rough analogy of IETF concept to 802.1 concept: P device BCB; PE device BEB; CE device C-MAC bridge,BEB,BEB,BCB,Network Virtualization Is Based on the Data Plane,Data plane evolution up to 802.1Q-2011 it is not co
26、mplicated may think of tag stacking Provider Bridges (PB, Q-in-Q) Scalability Overlaying virtual networks 4K VLAN problem solved Provider Backbone Bridges (PBB, MAC-in-MAC) Scalability 24-bit I-SID as a single virtual network ID Forget about the 4K VLAN problem Separation MAC address space separatio
27、n (C-MAC vs. B-MAC) Service layer is separated from transport layer (I-SID vs. B-VID) Overall Uniform forwarding kept: based on Destination MAC (DA) and VID L2 data plane provides powerful virtualization There may be several levels of tagging or encapsulation,IEEE 802.1Q,19,Virtual Networks and Over
28、lays,Virtual network names do not bound their application! A lot of flexibility is provided, two examples shown here Using all L2 virtual network overlaysCan be used in data center and campus networks too, not only in provider environment IP is a native overlay on Ethernet IP payload can be e.g. rig
29、ht after I-tag Host can be a Virtual Machine PBB can be the core of a data center,IEEE 802.1Q,20,20,It Is All About Mapping of Virtual Networks to Each Other at Edges,An External Entity needs to perform the mapping on the edges All the rest can be done automatically by the distributed control plane,
30、 unless the External Entity maintains full control, see next section Intelligence is at the edges, Core Bridges are relatively dumb,IEEE 802.1Q,21,S-VID: Service VLAN ID I-SID: Backbone Service Instance Identifier B-VID: Backbone VLAN ID BEB: Backbone Edge Bridge CB: Core Bridge,S-VID I-SID B-VID ma
31、ny-to-one mappings,Edge Virtual Bridging 802.1Qbg,IEEE 802.1Q,22,Edge Virtual Bridge - a bridge incorporated into an end node (often in the network interface hardware, hypervisor or both). Virtual Edge Bridge (VEB), or Relays traffic between VMs like an external Bridge Not required to support learni
32、ng since VM addresses may be configured Not required to support any spanning tree protocol as it is always at the bridged network edge Virtual Edge Port Aggregator (VEPA) Sends all traffic from VMs to the adjacent bridge Reflective relay in external Bridge returns any frames destined to local VMs Ma
33、kes VM to VM traffic visible to adjacent bridge Policies do not have to be distributed to the VEPA,VEB,VEPA,S-Channels also 802.1Qbg,IEEE 802.1Q,23,S-Channels are virtual links between the end system and the adjacent Bridge Traffic carries an SVLAN-Tag (from Provider Bridging) to identify it with an
34、 S-Channel Each S-Channel can have a single VM, a VEB or VEPA attached Normally, even with a single VM there will be a 2-port VEB to handle VLAN Tag insertion, removal and tagging,S-Channels,Control Plane,March 10, 2013,IEEE 802.1Q,24,Topology Layers (Contexts),IEEE 802.1Q,25,Physical Network Topolo
35、gy,Active Topology,Station Location (MAC address topology),VLAN Topology,Subset (real or non-real),see Figure 7-1 “VLAN Bridging overview” of 802.1Q for more details,The Distributed Protocols for Control of the Active Topology,IEEE 802.1Q,26,RSTP: a single spanning tree shared by all traffic MSTP: d
36、ifferent VLANs may share different spanning trees SPB: each node has its own Shortest Path Tree (SPT) We are not limited to shared spanning trees any more,RSTP: a single spanning tree shared by all traffic MSTP: different VLANs may share different spanning trees,RSTP Rapid Spanning Tree Protocol,MST
37、P Multiple Spanning Tree Protocol,SPB Shortest Path Bridging,Note: the Spanning Tree Protocol (STP) is historical, it has been replaced by RSTP,Multiple Registration Protocol (MRP),Flooding protocol (not unlike IS-IS or OSPF) that registers, on every bridge port, ones neighbors ability to transmit a
38、nd/or need to receive various kinds of data: Multiple VLAN Registration Protocol (MVRP): Frames flooded to particular VLANs, e.g. broadcasts or unknown unicasts. Multiple MAC Registration Protocol (MMRP): Multicast MAC addresses or VLAN, MAC pairs. Not necessarily IP multicast. Multiple Stream Reser
39、vation Protocol (MSRP or SRP): Talkers wanting to send or Listeners wanting to receive data flows with bandwidth, latency, and congestion loss requirements. In some cases MRP is being supplanted by IS-IS.,IEEE 802.1Q,27,Control Plane Overview,IEEE 802.1Q,28,Frame out,Frame in,Control Plane,External
40、Agent,MAC Bridge,Higher Layer Entities,A VLAN is assigned to a control mode Multiple control modes may co-exist in the same network Hybrid control by distributed protocols and an External Agent, e.g. and SDN controller for TE paths External control can be a non-802.1 protocol: PCE, GMPLSSummary of c
41、ontrol options,software defined VLANs,shortest path VLANs,External Agent,Shortest Path Bridging,VLAN space:,Control:,spanning tree VLANs,Multiple Spanning Tree Protocol,Software Defined Networking Aspects,Software Defined Networking (SDN) principles are supported by 802.1Q Separation of the control
42、plane from the data plane The bridge architecture separates the control plane from the data plane (see page 13) The External Agent is geographically separated Separate topologies per VLAN Any given VLAN can be assigned to MSTP, SPB, External Agent, or any other standard- or user-defined control meth
43、odology Centralized controller having a view of the network The External Agent can be a centralized SDN Controller The bridges may run the Link Layer Discovery Protocol (LLDP) 802.1AB for retrieval by controller The bridges can run IS-IS to distribute topology, whether any VLANs are assigned to cont
44、rol by SPB or not Programmability of the network Well defined objects and functionality for programming the bridges,IEEE 802.1Q,29,Shortest Path Bridging (SPB),SPB applies a link state control protocol to MAC Bridging Based on the ISO Intermediate System to Intermediate System (IS-IS) intra-domain r
45、outing information exchange protocol ISIS-SPB Leverages the automation features of link state, e.g. auto-discovery Preserves the MAC Service model, e.g. delivery in-order ISIS-SPB operation Link state data base Identical replica at each bridge Topology information Properties of the bridges Service i
46、nformation Computation instead of signaling or registration protocols Leverage Moores law and technology trends ISIS-SPB specifications IEEE 802.1aq specifies operation and backwards compatibility provisions ISIS extensions for SPB (new TLVs) also documented in IETF RFC 6329,IEEE 802.1Q,30,SPB Opera
47、tion Modes,IEEE 802.1Q,31,A bridge only uses its own SPT for frame forwarding Destination MAC + VID based forwarding allows two options to realize the SPTs,ISIS-SPB,SPT Bridge,SPT A SPT C,SPB has two operation modes The implementation of the same principles to forwarding is different,SPBM: SPB MAC B
48、ackbone MAC identified SPTs Designed to leverage the scalability provided by PBB /“MAC-in-MAC”/ No B-MAC flooding/learning Managed environments,SPBV: SPB VID VID identified SPTs Applicable to all types of VLANs Flooding and learning Plug&play,Load Spreading,IEEE 802.1Q,32,Using the shortest path aut
49、omatically spreads traffic load to some extentFurther load-spreading by exploiting equal cost paths to create multiple SPT Sets Up to 16 standard tie-breaking variations to produce diverse SPTsProvisioned load spreading A VLAN is assigned to an SPT Set,An SPT Set,SPT options for Bridge A,A Use Case:
50、 A Data Center with SPB and SDN Control,SPB and SDN fit together and complement each other Virtual Network (VN) 1 is supported by SPBM SDN Controller instantiates the connectivity service to be provided for VN1 at the Edge Bridges (EB) SPBM establishes the connectivity service thorough the Data Center Network (DCN) VN2 is supported by SDN SDN Controller establishes the connectivity service to be provided for VN2 thorough the entire DCN,
