茫茫網海中的冷日

茫茫網海中的冷日發生過的事，不可能遺忘，只是想不起來而已！
	恭喜您是本站第 1671792 位訪客! 登入 \| 註冊

主選單

首頁站長日誌資訊中心電子相簿檔案下載網站連結即時新聞招喚冷日

Google 自訂搜尋

Goole 廣告

隨機相片

授權條款

Creative Commons License

本著作由冷日製作，以創用CC 姓名標示-非商業性-相同方式分享 3.0 台灣授權條款釋出。

本站發文說明與規範

使用者登入

忘了密碼?

現在就註冊!

一網情深 : [分享]L2與L3 Switch的差別

討論區主頁 - 主題一覽 > 一網情深 > [分享]L2與L3 Switch的差別

發表新主題

討論串 | 最新的先

前一個主題 | 下一個主題 | 頁尾

主題一覽的上方

發表者	討論內容
冷日 (冷日)	發表時間：2007/5/31 2:04
Webmaster 註冊日: 2008/2/19 來自: 發表數: 15771	[分享]L2與L3 Switch的差別一般常用的交換器 Switch 是屬於第二層交換器 Layer 2 Switch，這種交換器是利用 OSI 第二層 MAC 位址的資訊來進行資料交換，它可以記憶學習第一個 Port 連接的 MAC 位址，透過 MAC 位址及封包目的的位址的辨別，L2 Switch 會將該封包直接傳送至連接目的地的 Port，而不會將該封包傳送到其他的 Port。若並無此目的地 IP 的資訊時，則 L2 Switch 會廣播至所有的連接埠上，待目的 IP 回應時，將新的連接埠對應學習起來，那麼下次就不用廣播而直接傳送。如果再把路由表的功能加入 L2 Switch，那麼它就會變成 L3 Switch，可以為 VLAN 建立適當的路由表，讓效能更加提昇。L3 的交換器又稱為 IP Switch 或 Switch Router，透過專屬的 ASIC 晶片來解析第三層表頭（如 IP Header）以達到傳送目的，因此通常可以提高到每秒百萬封包的效能以及數十個高速乙太網路連接埠之容量。L3 Switch 的路由表可以對 VLAN 做更有效的管制，讓廣播封包不會無限制的傳送。
回覆

冷日 (冷日)	發表時間：2007/5/31 2:10
Webmaster 註冊日: 2008/2/19 來自: 發表數: 15771	[分享]Hub和Switch Hub（L2）的差別「順附CSMA/CD」 > > hub在多人連結時上網頻寬是平均分配的 > > 但switch hub是看誰有需要才給他頻寬 > > 也就是hub很像是廣撥方式傳遞訊息 > > 而switch hub是直接傳到想要的那台主機 > > 一般 HUB 與 Switch HUB，都是廣播的呀，要不然.. > 網路芳鄰怎麼看得到，DHCP如何使用呢？ > > 當然，supported VLAN 產品例外囉.. > > 一般 HUB 與 Switch HUB 差別，說明一下，如有錯誤， > 還望高人指點指點.. :P > > Hub 僅屬於 Layer 1 product. > Switch Hub 則屬於 Layer 2 product. > > Switch Hub 比一般 Hub 多的功能，最少它要聰明地學習 > 每個 Port 對應的 Mac address。 > > 假設 Switch Hub port 1 學到的 Mac address 為 00:10:B5:30:30:A9 > port 2 學到的 Mac address 為 00:10:C1:D3:E2:A2 > port 3 學到的 Mac address 為 00:10:B3:E3:A1:07 > > Port 1 底下接的是 Linux， > Port 2 底下接的是 Win98， > Port 3 底下接的是 Router。 > > 今天，假設您要從 Linux 透過 Router 連接上 Internet，那麼首先送出 > ARP packages 問到 Router IP 所對應的 Mac address，然後 Linux 就 > 連接到 Router 所對應的 Mac address (00:10:B3:E3:A1:07) 做溝通。 > > 其中，Switch HUB 已經得知 Linux 與 Router 的 Mac address，當 Linux > 與 Router 做資料傳輸時，並不會將資料丟到 port 2 給 win98。假如您 > 想要在 Win98 上裝 sniffer 之類的軟體聽取封包，那麼您則聽不到 Linux > 與 Router 之間傳送的封包。 > > 這就是 Switch HUB 聰明的地方。 > 但是如果是 HUB，無論是這個線段網路上的任何資料，每個 Port 都收得到。 > > 結論，Switch HUB，比 HUB 更有安全性，減少封包碰撞，傳輸更有效率。 > > 歡迎大家不吝指教。 > 我喜歡看到這樣的答案﹐也喜歡和這樣的朋友討論。我們這裡談到的 switch 相信都是指 level 2 上面的吧﹐那麼我們要知道 OSI level 2 layer 上面有什麼標準才好理解。其中的 IEEE802.x 是應用最廣的標準﹐而我們最常見的 ethernet 則是使用 IEEE802.3 這個 MAC sublayer 標準﹐其上的 DLC sublayer 802.2 就交給寫 programing 的朋友幫忙解釋一下吧。我們這裡看看 IEEE802.3 是怎麼運作的﹐其特性有哪些﹖ IEEE802.3 在 ethernet 上使用的傳輸技術﹐最普遍被採用的是 CSMA/CD﹐其實可以拆開三個部份來了解﹕ 1) CS (Carrier Sense) 傳送設備要將信號送至傳輸媒體之前﹐首先要探測媒體是否已經存在 carrier﹐如果有﹐則表示有其它設備在使用這個媒體進行其它的傳送。然則﹐傳送設備就不能向這個媒體送出信號﹐而必須等到下次探測沒有 carrier 的時候才能傳送。這比較好理解﹐也就是先搶先贏嘛﹐好比在課堂上發言﹐誰先舉手說誰先說﹐如果已經有人在說了﹐那就等。 2) MA (Mutiple Access) 在同一時間內﹐允許多個設備使用共享媒體(當然不能離開 CS 和 CD 的制約)。在 CSMA/CD 技術中﹐當發送設備順利通過 CS 檢測之後向媒體送出信號而沒有發生 Collision 的話﹐所有分享著同一媒體的設備﹐都能收到這個信號。每一個設備都有一個唯一的位址標識﹐我們通常稱之為 MAC 位址﹔而信號在傳送媒體中則是以 frame 的形式傳送﹐每個 frame 都有一個 source 和一個 destination 位址欄。傳送設備將 frame 送至媒體上之後﹐只有被標識為 destination 的的設備﹐才會將信號 copy 下來﹐再往上層程式遞送 (decapsulate)﹐而那些設備發現 destination 不是自己的話﹐就單純的不處理這個 frame (除非在 promiscuous 模式之下)。不同的協定﹐對 MA 使用的不同﹐也會影響整體效率的運作﹐例如廣播封包﹐那些以 FF:FF:FF:FF:FF:FF 為 MAC 位址的封包﹐switch 還是會送到所有機器上面的﹐因為使用這個廣播位址的 frame﹐每個接收設備都會將之 copy 下來進行 decapsulate 處理。例如 Microsoft Network 的協定家族﹐其使用廣播封包的比率是非常高的﹐就算使用 L2 switch 對這樣的廣播也束手無策。只有利用 subnet 和 router 或更高 level 的 switch 才有效﹐但設定的複雜性和額外增加的交通﹐也是要另行評估的﹐ 恐怕就超出目前的討論範圍了。 3) CD (Collision Detection) 前面的 CS 過程中﹐在理想的情況之下﹐所有分享著共同媒體的設備﹐都應該有機會取得傳送的機會。只是﹐電子設備的運作速度﹐遠非我們人類所能感應的﹐這些運作﹐每一秒鐘可能有上萬甚至百萬次之多﹐例如 CAT 5 種類的網線﹐就能處理 350Mhz 或更高的傳送頻率。假如﹐當兩個設備剛好在這百萬分之一秒之內﹐同時做 CS 的動作﹐而又同時探測到媒體上沒有 carrier﹐那這種情形之下﹐這兩個設備可能會同時對這媒體傳送信號﹐這就是我們常說的 Collision (碰撞)了。如果當一個碰撞發生了﹐就會在媒體上產生frequecy ripple 現象。當一個在線的設備偵測到 ripple ﹐它就會發出一個高頻信號去清除所有其它信號。換句話說﹐這個信號同時告訴所有設備﹐碰撞已經發生。這時候﹐每一個設備都會隨機的等待一段時間再重新進行 CS﹐如果連續的(非間斷的)還是遇到 collision﹐那就按一定比例延遲隨機等待時候﹐總共可以進行16次嘗試大家才會最終放棄。所以不難看出﹐如果在同一個 segment 上面﹐在線的設備越多﹐其發生 collision 的機會也越大。事實上﹐除了 CSMA/CD 外﹐還有一個 CSMA/CA (CA = Collision Avoidance) 的技術我們可以使用﹕發送端先向接收端送出 RTS(Request To Send) 封包﹐等收到 CTS (Clear To Send) 回應後﹐才向媒體送出信號。AppleTalk 協定就是使用這種技術。 CA 和 CD 的分別﹐可以用過獨木橋來比喻﹕用 CD 的時候﹐要過就過﹐過不了再來﹔ 用 CA 的時候﹐會先派一個小廝探路﹐如果他通過了﹐然後您才施然而過。好了﹐當您了解 CSMA/CD 這個協定之後﹐那再來看看 HUB 和 Switch 的分別吧﹕ HUB 單純的是一個 repeater﹐當它從一個 port (和 TCP 協定的 port 不一樣﹐這裡是指插網路線的接孔)接收信號進來之後﹐會將這個信號原原本本的送到所有其它 port 上﹐不管哪些 port 是接到哪一台機器。而 switch 呢﹖它自己有一份 table﹐記錄著哪個 port 接到哪些 MAC 位址設備上。當信號從一個 port 進來之後﹐會檢查這個 frame 的 destination 是哪個 MAC﹐然後按 table 找到這個 MAC 對應的 port ﹐而僅將信號往這個 port 送﹐其它的 port 就不送了。這樣有什麼好處﹖ 先看看 CS 吧﹐當用 hub 的時候﹐所有 port 所連接到的設備都探測到 carrier﹐然後就要等﹔而用 switch 呢﹖那些不是 destination 的設備﹐並沒有探測到 carrier﹐也就無需再等﹐可以直接向媒體送出信號。當信號到達 switch 的時候﹐switch 會先利用 cache 接收這個信號﹐然後進行 table 的比對﹐再向 destination 送出。如果 switch 的 cache 越大﹐CPU 處理能力越強﹐其效率也越高﹐當然價錢也越貴。再看 CD﹐因為大部份由設備送出的信號﹐都會先被 switch cache 起來﹐然後再經過 table 判斷送出﹐那麼 collision 的機會也大為的減少﹐由此﹐因 CD 而中斷的傳送也就大為減少﹐相對的﹐所有設備的使用效率也大為提高。至於 MA﹐相信不用多解釋了吧﹖使用 swtich 還有一個好處﹕提高網路的安全性。如果我們用 hub 來連接設備﹐因為 frame 會抵達所有機器﹐如果某人在其設備上裝上一個封包抓取軟體﹐同時將網路卡的 promiscuous mode 打開﹐那就可以看到所有的封包了﹔但如果用 switch 呢﹖只有被送到這台機器上的封包﹐才能被抓到。通常在網路安全上面﹐安全性對於效能及便利性是成反比的﹕要增加安全性﹐就要犧牲效能和便利性﹔要增加效能和便利性﹐就要犧牲安全性。而 switch﹐似乎是唯一打破這個樊籬的網路設備了。剛纔我還看到有人將 Bridge 和 Switch 混為一談了﹐我不知道該仁兄對 bridge 的理解是怎樣的﹖在下認為﹐bridge 的功能只有兩個﹕filtering 和 forwarding﹔後者是根據前者判斷後才能發生。使用 bridge 的時候﹐基本上將物理的連線切為兩個 segment (或多個﹐視 bridge 界面而定)﹐然後﹐bridge 也會建立起自己的 table﹐分別將不同的 MAC 劃分到不同的 segment 去。然後當 frame 抵達 bridge 的時候﹐bridge 會檢查其 source 和 destination﹐如果發現這兩個 MAC 都在同一個 segment 之上﹐那就不處理這個 frame (發揮 filter 的功能)﹔但如果發現 soure 和 destination 不在同一個 segment 上呢﹐就起用 forward 功能﹐將 frame 送到 destination 那個 segment 上﹐或是單純的向所有‘非 source’到 segment(s) 遞送(視 bridge 的能力)。這樣看來﹐bridge 對 CS 和 CD 也起到改善的作用﹐但其對 frame 的處理﹐畢竟和 switch 是不一樣的﹕bridge 以 segment 為依據﹐而 switch 則以個別設備為單位﹐ 所以在執行效率上還是有分別的。當然﹐如果您將每一 port 所連接的設備看為單一的 segment﹐然後將 switch 看為 learning bridge﹐那或許可以將它們看為極為近似的兩個設備吧。至於於 10Base 和 100Base 的轉換﹐那只是 switch 中一項非常簡單的功能而已﹐並非是 switch 真正加分的因素。以上純為個人認知﹐如有錯誤﹐懇請指正﹐以免誤導觀眾。
回覆
冷日 (冷日)	發表時間：2007/5/31 2:12
Webmaster 註冊日: 2008/2/19 來自: 發表數: 15771	[分享]修正上一篇，Bridge 和 Switch 是否為同樣的東西 > 這一段你可以把IEEE 802.3裏面關於jam的敘述再看一看，你的說法與實際情況有 > 出入。多謝提點﹗ 學習的過程中﹐真是來不得半點懶惰﹐想偷懶蒙混﹐實在不容易過關。為免誤導大家﹐將文件查詢結果茲列如下﹕ 4.1.2.2 Access interference and recovery In half duplex mode,if multiple stations attempt to transmit at the same time,it is possible for them to interfere with each other ’s transmissions,in spite of their attempts to a oid this by deferring.When transmissions from two stations o erlap,the resulting contention is called a collision.Collisions occur only in half duplex mode,where a collision indicates that there is more than one station attempting to use the shared physical medium.In full duplex mode,two stations may transmit to each other simultaneously without causing interference.The Physical Layer may generate a collision indication,but this is ignored by the full duplex MAC. A gi en station can experience a collision during the initial part of its transmission (the collision window) before its transmitted signal has had time to propagate to all stations on the CSMA/CD medium.Once the collision window has passed,a transmitting station is said to ha e acquired the medium;subsequent collisions are a oided since all other (properly functioning)stations can be assumed to ha e noticed the signal and to be deferring to it.The time to acquire the medium is thus based on the round-trip propagation time of the Physical Layer whose elements include the PLS,PMA,and physical medium. In the e ent of a collision,the transmitting station ’s Physical Layer initially notices the interference on the medium and then turns on the collision detect signal.In half duplex mode,this is noticed in turn by the Transmit Media Access Management component of the MAC sublayer,and collision handling begins.First, Transmit Media Access Management enforces the collision by transmitting a bit sequence called jam.In 4.4, implementations that use this enforcement procedure are provided.This ensures that the duration of the collision is suf ?cient to be noticed by the other transmitting station(s)in olved in the collision.After the jam is sent,Transmit Media Access Management terminates the transmission and schedules another transmission attempt after a randomly selected time interval.Retransmission is attempted again in the face of repeated collisions.Since repeated collisions indicate a busy medium,howe er,Transmit Media Access Management attempts to adjust to the medium load by backing off (voluntarily delaying its own retransmissions to reduce its load on the medium).This is accomplished by expanding the interval from which the random retransmission time is selected on each successi e transmit attempt.Eventually,either the transmission succeeds,or the attempt is abandoned on the assumption that the medium has failed or has become o erloaded. In full duplex mode,a station ignores any collision detect signal generated by the Physical Layer.Transmit Media Access Management in a full duplex station will always be able to transmit its frames without contention,so there is ne er any need to jam or reschedule transmissions. At the receiving end,the bits resulting from a collision are recei ed and decoded by the PLS just as are the bits of a alid frame.Fragmentary frames recei ed during collisions are distinguished from alid transmissions by the MAC sublayer ’s Recei e Media Access Management component. 4.2.3.2.3 Collision handling (half duplex mode only) Once a CSMA/CD sublayer has ?nished deferring and has started transmission,it is still possible for it to experience contention for the medium.Collisions can occur until acquisition of the network has been accomplished through the deference of all other stations ’ CSMA/CD sublayers. The dynamics of collision handling are largely determined by a single parameter called the slot time.This single parameter describes three important aspects of collision handling: a)It is an upper bound on the acquisition time of the medium. b)It is an upper bound on the length of a frame fragment generated by a collision. c)It is the scheduling quantum for retransmission. To ful ?ll all three functions,the slot time shall be larger than the sum of the Physical Layer roundtrip propagation time and the Media Access Layer maximum jam time.The slot time is determined by the parameters of the implementation,see 4.4. 4.2.3.2.4 Collision detection and enforcement (half duplex mode only) Collisions are detected by monitoring the collisionDetect signal provided by the Physical Layer.When a collision is detected during a frame transmission,the transmission is not terminated immediately.Instead,the transmission continues until additional bits speci ?ed by jamSize ha e been transmitted (counting from the time collisionDetect went on).This collision enforcement or jam guarantees that the duration of the collision is suf ?cient to ensure its detection by all transmitting stations on the network.The content of the jam is unspeci ?ed;it may be any ?xed or ariable pattern con enient to the Media Access implementation,however,the implementation shall not be intentionally designed to be the 32-bit CRC alue corresponding to the (partial)frame transmitted prior to the jam. 4.2.3.2.5 Collision backoff and retransmission (half duplex mode only) When a transmission attempt has terminated due to a collision,it is retried by the transmitting CSMA/CD sublayer until either it is successful or a maximum number of attempts (attemptLimit)ha e been made and all ha e terminated due to collisions.Note that all attempts to transmit a gi en frame are completed before any subsequent outgoing frames are transmitted.The scheduling of the retransmissions is determined by a controlled randomization process called “truncated binary exponential backoff.”At the end of enforcing a collision (jamming),the CSMA/CD sublayer delays before attempting to retransmit the frame.The delay is an integer multiple of slotTime.The number of slot times to delay before the nth retransmission attempt is chosen as a uniformly distributed random integer r in the range: 0 r <2 k where k =min (n,10) If all attemptLimit attempts fail,this e ent is reported as an error.Algorithms used to generate the integer r should be designed to minimize the correlation between the numbers generated by any two stations at any given time. Note that the alues gi en abo e de ?ne the most aggressi e behavior that a station may exhibit in attempting to retransmit after a collision.In the course of implementing the retransmission scheduling procedure,a station may introduce extra delays that will degrade its own throughput,but in no case may a station ’s retransmission scheduling result in a lower a erage delay between retransmission attempts than the procedure defined above. 4.2.4.2.2 Collision Filtering In the absence of a collision,the shortest alid transmission in half duplex mode must be at least one slot-Time in length.Within a burst of frames,the ?rst frame of a burst must be at least slotTime bits in length in order to be accepted by the recei er,while subsequent frames within a burst must be at least minFrameSize in length.Anything less is presumed to be a fragment resulting from a collision,and is discarded by the recei er.In half duplex mode,occasional collisions are a normal part of the Media Access management procedure.The discarding of such a fragment by a MAC is not reported as an error. The shortest alid transmission in full duplex mode must be at least minFrameSize in length.While collisions do not occur in full duplex mode MACs,a full duplex MAC ne ertheless discards recei ed frames containing less than minFrameSize bits.The discarding of such a frame by a MAC is not reported as an error. > 誰說的? > 請把IEEE 802.3標準中對switch和bridge的定義拿來看看吧。 > 另外，IEEE 802.1D的標題正是 MAC bridge。 > 剛纔查了一下 IEEE 的文件﹐的確發現他們將 switch 和 bridge 定義在一起了。那就不能怪當初在校時的筆記﹐而應該怪自己沒仔細看文件囉~~~ 不過﹐讀 IEEE 或 RFC 之類的文件﹐的確是非常乏味的﹐如果不想從頭看起﹐下面是我‘斷章取義’下來的引文﹐希望對那些有興趣看看的朋友有些幫助吧。 ****************************************** IEEE Std 802.3, 2000 Edition Part 3:Carrier sense multiple access with collision detection (CSMA/CD) access method and physical layer specifications 1.4 Definitions 1.4.53 bridge:A layer 2 interconnection device that does not form part of a CSMA/CD collision domain but conforms to the ISO/IEC 15802-3:1998 [ANSI/IEEE 802.1D,1998 Edition ]International Standard.A bridge does not form part of a CSMA/CD collision domain but,rather appears as a Media Access Control (MAC)to the collision domain.(See also IEEE Std 100-1996.) 1.4.264 switch:A layer 2 interconnection device that conforms to the ISO/IEC 10038 [ANSI/IEEE 802.1D- 1990 ] International Standard..Syn:bridge. 4.1.1 Overview The most common configuration envisioned for full duplex operation consists of a central bridge (also known as a switch)with a dedicated LAN connecting each bridge port to a single device. 12.4.3.2.7 Collision presence startup When a hub starts generating CP (as speci ?ed in 12.4.3.2.2 through 12.4.3.2.5)it shall synchronize the startup to a half or whole bit-cell boundary of any immediately preceding signal.If it was sending IDL immediately before the CP,no synchronization or preamble is required. A hub may start transmission of CP at any point in the sequence that does not result in periods of more than one bit time without a transition during the switch from passing on data to sending CP.Depending on the preceding signal,it may start with L010H,010HL,10HL0,0HL01,or HL010.Because startup may be synchronized to any half-bit-cell boundary,a hub may also transmit the shifted ersion of CP starting with 1LH10,LH101,H101L,101LH,or 01LH1. **************************************** ANSI/IEEE Std 802.1D, 1998 Edition Part 3: Media Access Control (MAC) Bridges 6. Support of the MAC Service MAC Bridges interconnect the separate IEEE 802 LANs that comprise a Bridged LAN by relaying and filtering frames between the separate MACs of the Bridged LAN.The position of the bridging function within the MAC Sublayer is shown in Figure 6-1. Figure 6-1—Internal organization of the MAC Sublayer This clause discusses the following aspects of service provision in Bridged LANs: a) Provision of the MAC Service to end stations; b) Preservation of the MAC Service; c) Maintenance of Quality of Service; d) Provision of the internal sublayer service within the MAC Bridge; e) Support of the Internal Sublayer Service by specific MAC procedures; f) Filtering services. 6.5.1 Support by IEEE Std 802.3 (CSMA/CD) The CSMA/CD access method is specified in IEEE Std 802.3. Clause 3 of that standard specifies the MAC frame structure, and Clause 4 specifies the MAC method. On receipt of an M_UNITDATA.request primitive, the local MAC Entity performs Transmit Data Encapsulation, assembling a frame using the parameters supplied as specified below. It prepends a preamble and a Start Frame Delimiter before handing the frame to the Transmit Media Access Management Component in the MAC Sublayer for transmission (IEEE Std 802.3, 4.2.3). On receipt of a MAC frame by Receive Media Access Management, the MAC frame is passed to Receive Data Decapsulation, which validates the FCS and disassembles the frame, as specified below, into the parameters that are supplied with an M_UNITDATA.indication primitive (IEEE Std 802.3, 4.2.4). The frame_type parameter takes only the value user_data_frame and is not explicitly encoded in MAC frames. The mac_action parameter takes only the value request_with_no_response and is not explicitly encoded in MAC frames. The destination_address parameter is encoded in the destination address field of the MAC frame (IEEE Std 802.3, 3.2.3). The source_address parameter is encoded in the source address field of the MAC frame (IEEE Std 802.3, 3.2.3). The number of octets in the mac_service_data_unit parameter is encoded in the length field of the MAC frame (IEEE Std 802.3, 3.2.6), and the octets of data are encoded in the data field (IEEE Std 802.3, 3.2.7). The user_priority parameter provided in a data request primitive is not encoded in MAC frames. The user_priority parameter provided in a data indication primitive takes the value of the Default User Priority parameter for the Port through which the MAC frame was received (see 6.4). The frame_check_sequence parameter is encoded in the FCS field of the MAC frame (IEEE Std 802.3, 3.2.8). The FCS is computed as a function of the destination address, source address, length, data, and PAD fields. If an M_UNITDATA.request primitive is not accompanied by this parameter, it is calculated in accordance with IEEE Std 802.3, 3.2.8. NOTE 1—Since the PAD field, if present, contributes to the FCS, this parameter needs to include at least the contribution of the PAD field to the FCS in order for the original FCS to be preserved (See Annex G). No special action, above that specified for the support of use of the MAC Service by LLC, is required for the support of the MAC Internal Sublayer Service by the CSMA/CD access method. NOTE 2—The support by IEEE Std 802.3 is described only in terms of the operation of a Bridge when relaying frames that result from the use of LLC services over an 802.3 MAC. ISO/IEC 11802-5 defines the recommended practice for bridging Ethernet V2.0 frames. NOTE 3—IEEE Std 802.3, 1998 Edition, describes the use of either a Length or an Ethernet protocol type in its frame format; however, the text of this subclause has yet to be revised to describe the use of Ethernet protocol types. 6.6 Filtering services in Bridged LANs MAC Bridges provide filtering services in Bridged LANs that support some aspects of the maintenance of Quality of Service; in particular, transit delay, priority, and throughput. In addition, these services provide for a degree of administrative control over the propagation of particular MAC Addresses in the Bridged LAN. The services described are services in the most general sense; i.e., they are descriptions of the functionality that are made available to the MAC Service user or an administrator in order to control and access filtering capabilities in Bridged LANs. The description of each service makes no assumptions in terms of how the service might be realized. There are at least the following possibilities: a) Use of existing protocols and mechanisms, defined in IEEE 802 standards and elsewhere; b) Use of management functionality, either locally defined or implemented via remote management protocols; c) Other means, standardized or otherwise. 6.6.1 Purpose(s) of filtering service provision Filtering services are provided in Bridged LANs for the purposes described in the following subclauses. 6.6.7.1 Dynamic registration and de-registration services These services allow MAC Service users dynamic control over the set of destination Group MAC Addresses that they will receive from the MAC Service provider, by a) Registering/de-registering membership of specific Groups associated with those addresses; b) Registering/de-registering their service requirements with regard to the overall forwarding/filtering behavior for Groups. Provision of these services is achieved by means of GMRP and its associated procedures, as described in Clause 10. NOTE—The intent of these services is to provide the MAC Service user with dynamic control over access to multicast data streams, for example, multiple video channels made available by a server using a different group MAC Address for each channel. The ability to both register and de-register Group membership, coupled with the filtering action associated with the Group membership, limits the impact of such services on the bandwidth available in the Bridged LAN. These services can be used to control the reception of other categories of multicast traffic, for similar reasons. REGISTER_GROUP_MEMBER (MAC_ADDRESS) Indicates to the MAC Service provider that the MAC Service user wishes to receive frames containing the group MAC Address indicated in the MAC_ADDRESS parameter as the destination address. The MAC Addresses that can be carried by this parameter do not include a) Any individual address; b) Any of the Reserved Addresses identified in Table 7-9; c) Any of the GARP Application addresses, as defined in Table 12-1. DEREGISTER_GROUP_MEMBER (MAC_ADDRESS) Indicates to the MAC Service provider that the end station no longer wishes to receive frames containing the group MAC Address indicated in the MAC_ADDRESS parameter as the destination address. REGISTER_SERVICE_REQUIREMENT (REQUIREMENT_SPECIFICATION) Indicates to the MAC Service provider that the MAC Service user has a requirement for any devices that support Extended Filtering Services to forward frames in the direction of the Mac Service User in accordance with the definition of the service requirement defined by the REQUIREMENT_SPECIFICATION parameter. The values that can be carried by this parameter are a) Forward All Groups; b) Forward Unregistered Groups. DEREGISTER_SERVICE_REQUIREMENT (REQUIREMENT_SPECIFICATION) Indicates to the MAC Service provider that the MAC Service user no longer has a requirement for any devices that support Extended Filtering Services to forward frames in the direction of the Mac Service User in accordance with the definition of the service requirement defined by the REQUIREMENT_SPECIFICATION parameter. The values that can be carried by this parameter are a) Forward All Groups; b) Forward Unregistered Groups. The use of these services can result in the propagation of group MAC Address and service requirement information across the Spanning Tree, affecting the contents of Group Registration Entries (7.9.3) in Bridges and end stations in the Bridged LAN, and thereby affecting the frame forwarding behavior of the Bridges and end stations with regard to multicast frames. 7.1 Bridge operation The principal elements of Bridge operation are a) Relay and filtering of frames. b) Maintenance of the information required to make frame filtering and relaying decisions. c) Management of the above. 7.1.1 Relay A MAC Bridge relays individual MAC user data frames between the separate MACs of the Bridged LANs connected to its Ports. The order of frames shall be preserved as defined in 7.7.3. The functions that support the relaying of frames and maintain the Quality of Service supported by the Bridge are a) Frame reception. b) Discard on received frame in error (6.3.2). c) Frame discard if the frame_type is not user_data_frame, or if its mac_action parameter is not request_with_no_response (6.4). d) Regeneration of user priority, if required (6.4). e) Frame discard following the application of filtering information. f) Frame discard on transmittable service data unit size exceeded (6.3.8). g) Forwarding of received frames to other Bridge Ports. h) Selection of traffic class, following the application of filtering information. i) Queuing of frames by traffic class. j) Frame discard to ensure that a maximum bridge transit delay is not exceeded (6.3.6). k) Selection of queued frames for transmission. l) Selection of outbound access priority (6.3.9). m) Mapping of service data units and recalculation of Frame Check Sequence, if required (6.3.7, 7.7.6). n) Frame transmission. 7.1.2 Filtering and relaying information A Bridge filters frames, i.e., does not relay frames received by a Bridge Port to other Ports on that Bridge, in order to prevent the duplication of frames (6.3.4). The function that supports the use and maintenance of information for this purpose is a) Calculation and configuration of Bridged LAN topology. A Bridge also filters frames in order to reduce traffic in parts of the Bridged LAN that do not lie in the path between the source and destination of that traffic. The functions that support the use and maintenance of information for this purpose are: b) Permanent configuration of reserved addresses. c) Explicit configuration of static filtering information. d) Automatic learning of dynamic filtering information for unicast destination addresses through observation of source addresses of Bridged LAN traffic. e) Ageing out of dynamic filtering information that has been learned. f) Automatic addition and removal of dynamic filtering information as a result of GMRP protocol exchanges. A Bridge classifies frames into traffic classes in order to expedite transmission of frames generated by critical or time-sensitive services. The function that supports the use and maintenance of information for this purpose is g) Explicit configuration of traffic class information associated with the Ports of the Bridge. 7.1.3 Bridge Management The functions that support Bridge Management control and monitor the provision of the above functions. They are specified in Clause 14. 7.2 Bridge architecture 7.2.1 Architectural model of a Bridge Figure 7-1 gives an example of the physical topology of a Bridged LAN. The component LANs are interconnected by means of MAC Bridges; each Port of a MAC Bridge connects to a single LAN. Figure 7-2 illustrates a Bridge with two Ports, and Figure 7-3 illustrates the architecture of such a Bridge. A Bridge is modeled as consisting of a) A MAC Relay Entity that interconnects the Bridge’s Ports; b) At least two Ports; c) Higher layer entities, including at least a Bridge Protocol Entity. 7.2.2 MAC Relay Entity The MAC Relay Entity handles the MAC method independent functions of relaying frames between Bridge Ports, filtering frames, and learning filtering information. It uses the Internal Sublayer Service provided by the separate MAC Entities for each Port. (The Internal Sublayer Service and its support are described in 6.4 and 6.5.) Frames are relayed between Ports attached to different LANs. 7.2.3 Ports Each Bridge Port transmits and receives frames to and from the LAN to which it is attached. An individual MAC Entity permanently associated with the Port provides the Internal Sublayer Service used for frame transmission and reception. The MAC Entity handles all the MAC method dependent functions (MAC protocol and procedures) as specified in the relevant standard for that IEEE 802 LAN MAC technology. 7.5 Frame reception The individual MAC Entity associated with each Bridge Port examines all frames transmitted on the LAN to which it is attached. All error-free received frames give rise to M_UNITDATA indication primitives, which shall be handled as follows. NOTE—A frame that is in error, as defined by the relevant MAC specification, is discarded by the MAC Entity without giving rise to any M_UNITDATA indication; see 6.4. Frames with M_UNITDATA.indication primitive frame_type and mac_action parameter values of user_data_frame and request_with_no_response, respectively (6.4), shall be submitted to the Learning and Forwarding Processes. Frames with other values of frame_type and mac_action parameters (e.g., request_with_response and response frames), shall not be submitted to the Forwarding Process. They may be submitted to the Learning Process. Frames with a frame_type of user_data_frame and addressed to the Bridge Port as an end station shall be submitted to LLC. Such frames carry either the individual MAC Address of the Port or a group address associated with the Port (7.12) in the destination address field. Frames submitted to LLC can also be submitted to the Learning and Forwarding Processes, as specified above. Frames addressed to a Bridge Port as an end station, and relayed to that Bridge Port from other Bridge Ports in the same Bridge by the Forwarding Process, shall also be submitted to LLC. No other frames shall be submitted to LLC. 7.6 Frame transmission The individual MAC Entity associated with each Bridge Port transmits frames submitted to it by the MAC Relay Entity. Relayed frames are submitted for transmission by the Forwarding Process. The M_UNITDATA.request primitive associated with such frames conveys the values of the source and destination address fields received in the corresponding M_UNITDATA.indication primitive. LLC Protocol Data Units are submitted by LLC as a user of the MAC Service provided by the Bridge Port. Frames transmitted to convey such Protocol Data Units carry the individual MAC Address of the Port in the source address field. Each frame is transmitted subject to the MAC procedures to be observed for that specific IEEE 802 LAN technology. The values of the frame_type and mac_action parameters of the corresponding M_UNITDATA. request primitive shall be user_data_frame and request_with_no_response, respectively (6.5). Frames transmitted following a request by the LLC user of the MAC Service provided by the Bridge Port shall also be submitted to the MAC Relay Entity. 7.7 The Forwarding Process Frames submitted to the Forwarding Process after being received at any given Bridge Port (7.5) shall be forwarded through the other Bridge Ports subject to the constituent functions of the Forwarding Process. These functions enforce topology restrictions (7.7.1), use filtering database information to filter frames (7.7.2), queue frames (7.7.3), select queued frames for transmission (7.7.4), map priorities (7.7.5), and recalculate FCS if required (7.7.6). The Forwarding Process functions are described in 7.7.1–7.7.6 in terms of the action taken for a given frame received on a given Port (termed “the reception Port”). The frame can be forwarded for transmission on some Ports (termed “transmission Ports”), and is discarded without being transmitted at the other Ports. NOTE—The model of operation of the Forwarding Process described in this standard is limited to the operation of the relay function of the MAC Bridge, and does not take into consideration what may occur in real implementations once frames are passed to the MAC for transmission. In some MAC implementations, and under some traffic conditions, a degree of indeterminacy may be introduced between the modeled description of the process of passing selected frames to the MAC for transmission and the actual sequence of frames as visible on the LAN medium itself. Examples can be found in the handling of access_priority in Token-Passing Bus MACs, or in the effect of different values for Token Holding Time in FDDI LANs. Such indeterminacy could result in apparent violation of the queuing/de-queueing and prioritiation rules described for the Forwarding Process, when observing traffic on the medium. As a consequence, in some implementations of this standard, it may prove to be impossible to test conformance to the standard simply by relating observed LAN traffic to the described model of the Forwarding Process; conformance tests would have to allow for the (permissible) behavior of the MAC implementations as well. Figure 7-4 illustrates the operation of the Forwarding Process in a single instance of frame relay between the Ports of a Bridge with two Ports. Figure 7-8 illustrates the detailed operation of the Forwarding Process. 7.8 The Learning Process The Learning Process observes the source addresses of frames received on each Port and updates the Filtering Database conditionally on the state of the receiving Port. Frames are submitted to the Learning Process by the individual MAC Entities associated with each Bridge Port as specified in 7.5. The Learning Process may deduce the path through the Bridged LAN to particular end stations by inspection of the source address field of received frames. It shall create or update a Dynamic Filtering Entry (7.9, 7.9.2) in the Filtering Database, associating the Port on which the frame was received with the MAC Address in the source address field of the frame, if and only if a) The Port on which the frame was received is in a state that allows learning (8.4), and b) The source address field of the frame denotes a specific end station, i.e., is not a group address, and c) No Static Filtering Entry (7.9, 7.9.1) for the associated MAC Address exists in which the Port Map specifies Forwarding or Filtering for that Port, and d) The resulting number of entries would not exceed the capacity of the Filtering Database. If the Filtering Database is already filled up to its capacity, but a new entry would otherwise be made, then an existing entry may be removed to make room for the new entry. Figure 7-5 illustrates the operation of the Learning Process in the inclusion of station location information carried by a single frame, received on one of the Ports of a Bridge, in the Filtering Database. 7.9 The Filtering Database The Filtering Database supports queries by the Forwarding Process as to whether frames received by the Forwarding Process from a given reception Port, and with given values of destination MAC Address parameter, are to be forwarded through a given potential transmission Port (7.7.1, 7.7.2). It contains filtering information in the form of filtering entries that are either a) Static, and explicitly configured by management action; or b) Dynamic, and automatically entered into the Filtering Database by the normal operation of the bridge and the protocols it supports. A single entry type, the Static Filtering Entry, represents all static information in the Filtering Database, for individual and for group MAC Addresses. It allows administrative control of c) Forwarding of frames with particular destination addresses; and d) The inclusion in the Filtering Database of dynamic filtering information associated with Extended Filtering Services, and use of this information. The Filtering Database shall contain entries of the Static Filtering Entry type. Static filtering information is added to, modified, and removed from the Filtering Database only under explicit management control. It shall not be automatically removed by any ageing mechanism. Management of static filtering information may be carried out by use of the remote management capability provided by Bridge Management (7.11) using the operations specified in Clause 14. Two entry types are used to represent dynamic filtering information. Dynamic Filtering Entries are used to specify the ports on which individual addresses have been learned. They are created and updated by the Learning Process (7.8), and are subject to ageing and removal by the Filtering Database. Group Registration Entries support the registration of group MAC Addresses. They are created, updated, and removed by the GMRP protocol in support of Extended Filtering Services (6.6.5, 7.9.3, and Clause 10). Dynamic filtering information may be read by use of the remote management capability provided by Bridge Management (7.11) using the operations specified in Clause 14. Both static and dynamic entries comprise e) A MAC Address specification; f) A Port Map, with a control element for each outbound Port to specify filtering for the MAC Address specification. The Filtering Services supported by a Bridge (Basic and Extended Filtering Services) determine the default behavior of the Bridge with respect to the forwarding of frames destined for group MAC Addresses. In Bridges that support Extended Filtering Services, the default forwarding behavior of each Port for group MAC Addresses can be configured both statically and dynamically by means of Static Filtering Entries and/ or Group Registration Entries that can carry the following MAC Address specifications: g) All Group Addresses, for which no more specific Static Filtering Entry exists; h) All Unregistered Group Addresses (i.e., all group MAC Addresses for which no Group Registration Entry exists), for which no more specific Static Filtering Entry exists. NOTE—The All Group Addresses specification (item g above), when used in a Static Filtering Entry with an appropriate control specification, provides the ability to configure a Bridge that supports Extended Filtering Services to behave as a Bridge that supports only Basic Filtering Services on some or all of its Ports. This might be done for the following reasons: — The Ports concerned serve “legacy” devices that wish to receive multicast traffic, but are unable to register Group membership; — The Ports concerned serve devices that need to receive all multicast traffic, such as routers or diagnostic devices. The Filtering Database shall support the creation, updating, and removal of Dynamic Filtering Entries by the Learning Process (7.8). In Bridges that support Extended Filtering Services, the Filtering Database shall support the creation, updating, and removal of Group Registration Entries by GMRP (Clause 10). Figure 7-4 illustrates the use of the Filtering Database by the Forwarding Process in a single instance of frame relay between the Ports of a Bridge with two Ports. Figure 7-5 illustrates the creation or update of a dynamic entry in the Filtering Database by the Learning Process. Figure 7-6 illustrates the operation of the Bridge Protocol Entity (7.10), which operates the Spanning Tree Algorithm and Protocol, and its notification of the Filtering Database of changes in active topology signaled by that protocol. 7.12.1 End stations Frames transmitted between end stations using the MAC Service provided by a Bridged LAN carry the MAC Address of the source and destination peer end stations in the source and destination address fields of the frames, respectively. The address, or other means of identification, of a Bridge is not carried in frames transmitted between peer users for the purpose of frame relay in the Bridged LAN. The broadcast address and other group MAC Addresses apply to the use of the MAC Service provided by a Bridged LAN as a whole. In the absence of explicit filters configured via management as Static Filtering Entries, or via GMRP as Group Registration Entries (Clause 14, Clause 10, 7.9), frames with such destination addresses are relayed throughout the Bridged LAN. 7.12.2 Bridge Ports The individual MAC Entity associated with each Bridge Port shall have a separate individual MAC Address. This address is used for any MAC procedures required by the particular MAC method employed. Frames that are received from the LAN to which a Port is attached and that carry a MAC Address for the Port in the destination address field are submitted to the MAC Service User (LLC) exactly as for an end station. **************************************************** 有許多人﹐如弟﹐不是很喜歡看文件﹐但就算看得懂文件﹐如何整理出來﹐向大家說明白﹐看來比起看文件更難﹗
回覆

冷日 (冷日)	發表時間：2007/5/31 2:15
Webmaster 註冊日: 2008/2/19 來自: 發表數: 15771	[分享]uplink 與 Trunking > > VLAN 要能通，是 Layer 3 的 Switch, 你用的哪牌子 Layer 2 Switch > > 上切 VLAN 是可以互通的? > 之所以切 VLAN 不就是要讓 VLAN 彼此之間分開... > 你互通的定義是什麼可以說清楚一點嗎? > 我手上就有一台 VLAN 正常運作的 switch hub L3 Switch 會有﹕outing Module，互通應該就是指透過 L3 Swtich 上的 Routing Module，而不需要從每個 VLan 上找一個 Port uplink 到上層的 Switch 或是直接接到 Router 上，以達到 VLan 互通吧！ > > 不過現在是 Layer 2 的 Switch > > 不會有這種 Module > > 所以 VLAN 本來就不能互通... > > 這也是 VLAN 設計的目的啊 > 小弟不懂..?? 做 VLAN 用 Layer 3 就可以 route 互通 > 小弟在一般企業公司當中，見到的也都是用 Layer 3 Switch > 把各 VLAN 使用 route 方式互通。 VLAN 是在 L2 Switch 上就有了，L3 是後來有　　需要而且當時 Router 太貴了（想想看那時候　　Cisco 股價有多高！錢從那兒生出來的就知道　　囉！）而發展出來的，所以 VLAN 的目的就是　　把某些 Ports 跟其他 Ports “劃清界限”！　　分成不同的 collision domain 呀！但是不同　　的 VLAN 之間真的可以“老死不相往來”嗎？　　抱託！同公司、學校、團體………耶！所以要　　通的時候，就在 Layer 3 上做！最“標準”的　　做法當然是在 Router 上“轉送”，但是因為　　$$ 同時技術進步了，所以 Switch 愈來愈強，　　就“順便”把這個工作也做囉～～～這就是　　Layer 3 Switch 了！ > > 不過還是可以把每個 VLAN 的 uplink > ^^^^^^^^^^^^^^^^^^^^ > 不懂這樣的說法.. 　　若你的 Switch 只有 Layer 2 的話，不 uplink 你的 VLAN 之間要怎麼通？ > > 設在同一個 port 就可以了.. > 看起來你說的很像是 port trunking 的方式　　Trunking 是 Trunking，跟 VLAN 沒關係！外行人道聽塗說，有錯請高手指正囉！ > > 不懂這樣的說法.. > 　　若你的 Switch 只有 Layer 2 的話，不 uplink > 你的 VLAN 之間要怎麼通？ > > 看起來你說的很像是 port trunking 的方式 > 　　Trunking 是 Trunking，跟 VLAN 沒關係！ > 外行人道聽塗說，有錯請高手指正囉！這邊siklo說的沒錯有關trunking這個字眼，你該如何去定義？在Cisco這一派裡，Trunking指的就是vlan port trunking 同一台switch內切割了數個VLAN，而只有一條實體連結至另一台也切割了數個 VLAN的switch，這兩台switch中間只有一條實體連結，我們就要在這個port上設定VLAN Trunk 加上802.1q or ISL 的封裝，才能讓這兩台的vlan information 可以互相溝通，不同switch的同一個VLAN才能通如VLAN1@SW1 <-> VLAN1@SW2, VLAN2@SW1 <-> VLAN2@SW2 以上是Cisco的"trunking" 而一般我們講trunking可能是指Cisco的EtherChannel 也就是介於兩switch間數條實體電路合併頻寬及做redudant的技術跟上面所述是完全不一樣的東西，說明清楚可能會比較好 : 嗯～～～受教了！ : 沒錯！我所“認為”的 trunking 是說合併頻寬的那一種！ : Cisco 的 VLAN Trunking 當初也有聽過，不過沒看過有人 : 在用，所以……… port trunk(EtherChannel) 和 VLAN trunk 是兩碼子事 VLAN trunk 在 MAN 上面用的很多, 有興趣的可以去查查其它廠商(eg. Extreme) 的 solution, Cisco 在 switch 方面並不是特別強. : 覺得上那個把多台 Switch△馴式圻穈_來”，猶如一台虛 : 擬的 Switch 是嗎？基本上要讓 VLAN 延展到一台以上的設備, 就需要 VLAN trunk 還有一種可能性就是要讓多個 VLAN 透過 router 互通, 也可以用 VLAN trunk : 我想要這麼做的原因，應該是有一台 L3 Switch 做為是 : backbone Switch，其下再接數台 L2 的 Switch，這樣子 : 比較有意義吧！right? 現在的趨勢是把 L2/L3 整合在一台上面, 這樣做的話 VLAN 之間的互通不會有瓶頸, 而且難度不高. > > 　　若你的 Switch 只有 Layer 2 的話，不 uplink > > 你的 VLAN 之間要怎麼通？ > > 　　Trunking 是 Trunking，跟 VLAN 沒關係！ Trunking和VLAN有很大的關係喔.... 不同的網路設備廠商對於trunk有不同的詮釋 Intel的trunk為將數個port聚集成一個group，如果是4個port做trunk，那麼兩台switch之間的頻寬為400MB full-duplex，同樣的技術Extreme 稱之為link aggregation，Cisco稱之為Fast EtherChannel。 Cisco的trunk是一條link上可以攜帶數個VLAN的traffic，假設switch1有三個VLAN，switch2也有三個VLAN，vlan1@switch1想和vlan1@switch2溝通時，最簡單的方法，就是三條連線分別連接兩台switch相對應的三個vlan，但這種方法太浪費port，解決方法就是兩台switch各選一個port設定為trunk port，然後連起來，這一條trunk link就可以攜帶三個vlan的traffic(set trunk 1 on 1-3)，馬上就省下兩個port。但這僅止於相同vlan之間的溝通。如果vlan1想和vlan2溝通的話，就必須要靠router或者是multilayer switch來進行routing的功能。如果是Extreme switch的話，一行指令ip forwarding就搞定，如果是cisco switch 的話，就必須加買route switching module。雖然cisco的switch不是頂好，但是如果向市場主流看齊的話，那麼trunk和vlan 之間密不可分的關係就不可不知。 by the way，CCNP中的BCMSN一科就考了相當多的trunk and vlan的觀念。
回覆
冷日 (冷日)	發表時間：2007/5/31 2:17
Webmaster 註冊日: 2008/2/19 來自: 發表數: 15771	[分享]最後，回歸Hub與Switch Hub效率討論 : 謝謝你嚕~@@"... : 我查過上篇都沒有說...>"< 快速的說法是, Switch Hub 比一般 Hub 還要有效率, 更加的高級就是了! 很多人用簡單的除法說什麼 5 ports/10Mbps 的一般Hub, 每一個電腦只能分到 10/5=2Mbpe, 那是錯誤的! 說什麼 Switch Hub 可以使每台電腦都接收/傳送 10Mbps的頻寬, 也錯誤! 正確的說, 是 Switch Hub 如果是 5 Ports, 假設是 a b c d e 好了, 那其中要是 a 剛好只跟 b討資料, c 剛好只跟 d 討資料, e 電腦沒人用, 那麼頻寬的分配是 a=10Mbps b=10Mbps c=10Mbps d=10Mbps 那如果 b, c, d, e 都同時向 a 討資料, 那麼頻寬就變成10Mbps/4=2.5Mbps Mbps=Million bit per second (百萬 bit 每秒) 所以變化也滿多的, 假設 a, b 同時跟 c 討資料, c 又跟 d 討資料, e又跟 a 討資料. 那就會變成 : a--->e d--->c c--->a c--->b 由此看來, 其中 c 最受歡迎, c 的資料就有二個人要. b和 e 最可憐, 硬碟裡可能什麼都沒有, 所以沒人要他的資料. d 最獨立, 沒有向其他 4 台電腦索取資料, 還提供資料給 c電腦, 所以d可能是 Server. 那麼頻寬就變成, a=10/4=2.5Mbps b=10/4=2.5Mbps c=10/4=2.5Mbps d=10/4=2.5Mpbs e=10/4=2.5Mpbs 所以就算是 Switch Hub, 遇到牽扯一堆的時候, 也是跟普通 Hub一樣. 每個都一樣了, 即使 d看起來跟別人牽扯的最少, 但就是因為 d給c資料. 問題就出在 c, c 牽扯最多, 導致 5 台電腦的分享頻寬都一樣了, 都要分掉. 如果今天其中二個都只跟對方相互取資料, 那麼就可以享有 10Mbps的全速. 也就是互相深愛對方, 各自都沒有在跟別人牽扯, 這樣就可達到 Switch 的功能. 這樣最好的情況就是有 4 ports 可以享受各自獨立的 10Mbps, 其中一 port 必須不動作. 應該是如此, 講錯的話請指教. 所以買 Switch Hub 應該買偶數的 ports 數目, 5, 7, 9 這些都不要買. 買4, 6, 8, 16, 偶數的 Switch Hub. 推薦 3Com 和 SMC的 Hub. > > > 基本上來說，meeds兄的解釋並沒有錯。 > > > 在討論這個問題時，除了Ethernet的存取方式外，還需注意switch硬體的function， > > > switch再處理traffic時基本上有兩種模式，store-and-forward和cut-through， > > 沒有錯嗎? 你的乙太網路設備 Switch 哪一款式能夠讓 b,c,d,e 同時去存取 a 啊? > > > 不論何種模式，當b,c,d,e同時存取a時，一開始b,c,d,e都可以充分利用10mbps的頻寬， > > 這就是笑話了, 誰都知道在乙太網路裡面 b,c,d,e 是不可能同時存取 a 的 > > 你居然還能充分利用 10Mbps 的頻寬你的 Switch 超猛的 @_@ > 可能是我表達的不夠清楚，所謂bcde同時存取a，指的是在initializing的時候， > bcde同時丟traffic給a，traffic當然是先到switch，再由switch forward給a， > 當然switch不可能把bcde的packet同時丟給a，一定是packet-by-packet > (以process-switching為準，先不予考慮fast-switching的情況)。 > > 連接到下面這段, 居然掰出 b,c,d,e 一共灌了 40Mbps 給 a 的笑話~~ > 請容許我說明白一點，所謂bcde灌了40mbps給a的意思是，bcde總共有40mbps的 > traffic進到switch backplane fabric，然而port A的bandwidth只有10mbps， > 當然無法消化switch backplane內的40mbps traffic，所以剩下的traffic就 > 存在port A的output queue裡面，當output queue的buffer滿了(oversubscription)， > packet開始被drop。 > > > b,c,d,e一共40mbps的traffic流到a port的buffer處理，但實際上a port的頻寬 > > > 也只有10mbps，所以a port的buffer滿了，data開始被drop，同時因為a port的loading > > > 超出負荷，switch也會在b,c,d,e port發出notification，使得b,c,d,e四台機器 > > > 減緩資料送出的速度，因此當b,c,d,e同時存取a時，意味著b,c,d,e共同share a的10mbps > > > 以長期看來，b,c,d,e確實只能使用2.5mbps。 > > 上面這一段是你掰的吧~~ 笑痛我了.. > 這一段本人的詮釋並不嚴謹，在此說聲抱歉。但我可沒亂掰！！！ > 所謂的port B,C,D,E會發出notification，指的是IEEE 802.3Z flow control on > gigabit ethernet port，cisco catalyst 6000 switch支援， > 請參考： > http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000 > /sw5_1/cnfigide/ether.htm#xtocid1934811 > 就算今天我們的switch沒有flow control好了，沒關係，我們還有TCP， > TCP總算有error control和flow control了吧，a必須將b的packet處理完後， > 回應給b一個ack，b才會繼續傳資料給a，從一個微觀的角度來看，第一秒處理b, > 第二秒處理c，第三秒處理d，第四秒處理e，第五秒才能再處理b，從b的角度來看， > 四秒內只有一秒能傳資料(a給b一個ack，b才會繼續傳)，相對來說，頻寬只用了1/4。 > TCP/IP的運作邏輯請參考： > http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/ip.htm#xtocid2236316 > > > > 但這並不代表剩下的7.5mbps平白無故消失，7.5mbps還是可以運用在 > > > 其他的traffic pattern，譬如上internet或是存取另外一個f。 > > 哇 @_@ 更猛! 以上的笑話已經夠爆笑了, 居然還可以掰出被 drop 的資料還有其他 > > 運用咧~~ > > 哪來半路跑來這亂掰講笑話的? 大家看看笑笑就好哈我笑痛了.. > 請容許我說的更明白一點， > 這裡所說的被drop的資料指的是b傳給a的資料， > 當port A 的output queue overflow之後被drop的，而B->A的traffic flow > 只用到2.5mbps的utilization，port B的bandwidth有10mbps，但由於port A > 的滿載，使得B->A只能用2.5mbps，那剩下的7.5mbps當然可以用於其他的 > traffic pattern，說的再詳細一點，就是一秒傳資料給a，三秒傳資料到internet > (假設沒人跟他搶internet)，如此便可將port B的utilization達到100%。 > 因此，在Design Network時，通常會採取hierarchical design，access layer > 採用10或100，distribution lay採用100或1000，如此作為access layer流量 > 聚集點的distribution layer方能有效率的處理四面八方匯聚來的traffic。 > > 如果你還是不能認同我的說法，或許你可以參考參考Cisco出版的 > CCNP/CCDP--Building Cisco Multilayer Switched Networks(P.56-59) > 天瓏書局有。 > > > 基本上來說，meeds兄的解釋並沒有錯。 > > > 在討論這個問題時，除了Ethernet的存取方式外，還需注意switch硬體的function， > > > switch再處理traffic時基本上有兩種模式，store-and-forward和cut-through， > > 沒有錯嗎? 你的乙太網路設備 Switch 哪一款式能夠讓 b,c,d,e 同時去存取 a 啊? > > > 不論何種模式，當b,c,d,e同時存取a時，一開始b,c,d,e都可以充分利用10mbps的頻寬， > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > 這就是笑話了, 誰都知道在乙太網路裡面 b,c,d,e 是不可能同時存取 a 的 > > 你居然還能充分利用 10Mbps 的頻寬你的 Switch 超猛的 @_@ > > 連接到下面這段, 居然掰出 b,c,d,e 一共灌了 40Mbps 給 a 的笑話~~ > > airbone兄講的沒錯 > 你所說的乙太網路是指之前的 coaxial cable (10base2,10base5) > 那類的shared LAN, 所以主機使用單一channel去進行communication. > 所以在MAC層是採取CSMA/CD的方式.換句話說,同時間只有 > 單一主機能使用網路.否則會有collision. 可是自從有了switch 及 UTP 後,單一 > shared medium的限制也被移除,(使用UTP有四對線,10baseT和100baseTX是使用其中兩條 > TX/RX)也開始有了全雙工的名詞 > full-duplex 是移除三項早期ethernet的特性 > 1.carrier sense: full-duplex 下,主機不需要偵測carrier 訊號 > 2.multiple access: 因為Host跟switch之間可以分別用TX/RX互相傳資料 > 3.collision detection: 同上,因為分別用TX/RX傳資料也就沒有collision的情況發生 > > 換句話講,在ful-duplex之下,已經沒有CSMA/CD > 所以b,c,d,e如果要傳資料給a 時,理論上可以到達極速(只有在剛開始那微小的時間點內) > 所以data 都在放在output queue裡(假設是使用store-and-forward方式),switch為了防止 > buffer overflow,它可以開始drop packets,如果b,c,d,e上層是使用TCP等有flow control > 的protocol, 上層的protocol會因為packet loss而調整packet送到data link的速度. > 或者switch也可以送出 PAUSE Frame(full-duplex裡,屬於MAC層),請sending host降低傳送 > 速度. > > > > b,c,d,e一共40mbps的traffic流到a port的buffer處理，但實際上a port的頻寬 > > > 也只有10mbps，所以a port的buffer滿了，data開始被drop，同時因為a port的loading > > > 超出負荷，switch也會在b,c,d,e port發出notification，使得b,c,d,e四台機器 > > > 減緩資料送出的速度，因此當b,c,d,e同時存取a時，意味著b,c,d,e共同share a的10mbps > > > 以長期看來，b,c,d,e確實只能使用2.5mbps。 > > 上面這一段是你掰的吧~~ 笑痛我了.. > > > 但這並不代表剩下的7.5mbps平白無故消失，7.5mbps還是可以運用在 > > > 其他的traffic pattern，譬如上internet或是存取另外一個f。 > > 哇 @_@ 更猛! 以上的笑話已經夠爆笑了, 居然還可以掰出被 drop 的資料還有其他 > > 運用咧~~ > > ----------- > > 哪來半路跑來這亂掰講笑話的? 大家看看笑笑就好哈我笑痛了.. > airbone 兄說的沒錯 > 如果 a 跟 b互傳,在100base-TX, full-duplex下總頻寬可以達到200Mbps.可是並不是說 > a --> b = 200Mbps 或 b --> a = 200Mbps 或 a -> b + b -> a = 200Mbps > 而是指 a->b 最多 100Mbps, b->a 最多 100Mbps, 同時間總和 200Mbps > > 總而言之, 在full-duplex下,Any host 的 outgoing 或 incoming data 是不受彼此干擾 > 最主要的原因是不採用CSMA/CD的存取方式. 只switch夠powerful, incoming/outgoing都 > 可以在同一時間達到極速,而不受到跟幾台主機同時連線的限制 > > For more information, the following book is a great reference. > The Switch Book: The Complete Guide to LAN Switching Technology > by Rich Seifert > John Wiley & Sons > ISBN: 0471345865 > > : 對不起插個花請教一下.. > > : 全雙工是不是指 "同時間可以上下傳一起動作" ? > > : A port 還是有可能 " 同時接收 " 到 B.C port 送給 A port 的資料. > > : (如果不受 CSMA/CD 限制) > > : 可以再說明一下為何使用 ful-duplex之下,已經沒有CSMA/CD ? > > 還是有collision 啦，不信用 Sniffer 自已看看 > > 對相同電腦作存取 > > 這樣不就知了嗎？ > > full-duplex是用於end-to-end，即switch-to-switch or switch-to-pc， > 中間沒有hub，上傳和下傳走不同對的線，可以同時進行， > 由於是end-to-end，switch的port是dedicate給client，所以該client在上下傳時 > 根本沒人跟他搶。若是多人存取同一台server，只要server和switch之間是full-deplex > 就像是一條雙線道，上傳有上傳的路，下傳有下傳的路。 > 基於full-duplex上下傳可同時進行及end-to-end(沒有其他人在競爭media access) > 的特性，full-duplex不會有collision也不需要CSMA/CD。 > : full-duplex是用於end-to-end，即switch-to-switch or switch-to-pc， > : 中間沒有hub，上傳和下傳走不同對的線，可以同時進行， > > 上傳和下傳走不同對的線並非full duplex的必要條件。 > 1000BASE-T的上傳和下傳在full duplex下還是走同一對線(它四對線全用到)， > 當然代價就是複雜的信號處理電路來把這兩種信號分出來。 > > : 由於是end-to-end，switch的port是dedicate給client，所以該client在上下傳時 > : 根本沒人跟他搶。若是多人存取同一台server，只要server和switch之間是full-deplex > : 就像是一條雙線道，上傳有上傳的路，下傳有下傳的路。 > : 基於full-duplex上下傳可同時進行及end-to-end(沒有其他人在競爭media access) > : 的特性，full-duplex不會有collision也不需要CSMA/CD。 > > 在使用UTP的情形下，對transmitter而言，collision就是在它傳送封包時， > 發現同時有別的封包的信號進來。這時候它會送出jam並重新安排下一次的傳送。 > 在full duplex下，MAC不會理會physical layer電路所產生的collision detect， > 因此就不會有jam及重新傳送。所以嚴格來說，應該說MAC會忽略collision。 > > 我互通的意思是指可以 route 的互通，所以小弟認為 VLAN 要互通需要 > > Layer 3 Switch.　各個 Virtual LAN 可以由 Layer 3 Switch 而達到 > > 互通. > > 您用的 Layer 2 應該是直接做 port trunking (例如 CISCO 的 InterLink) > > 這樣吧? > > 對了...吵了半天，沒有人知道這才是正確答案嗎？？ > L2 Switch 能切 VLAN 是基本的軟體功能～～ > 每個 VLAN 之間沒有透過 Routing Module 的 Work 會通才怪 .. > 所以，這位 Siklo 兄說的是對的 .. > 事實上，以 Cisco implementation 而言，1顆 26XX的小 Router > 加上隨便一款小 Switch 就可以做 InterVLAN Routing 了 .. > 總之，VLAN 要互通本來就要透過 Layer 3 Function。 > > 至於什麼是 L3 Switch ，你們真的有用過嗎？沒用過就不用吵了 ... > 因為光讀書上的東東是沒有用的 ... > 不要跟我說 L3 Switch 可以跑 L2 Switching + L3 Routing ... > 這是大錯特錯 ...... > 有人聽過 L3 Switching 這東西嗎？ L3 Switch 就是用來做這個 Function 的 .. > 什麼是 L3 Switching 呢？「Hardware-Base Routing」是也～～ > 降子懂了吧！？拿 Cisco來說（因為我只熟 Cisco :p），只要能支援 MLSP 的 > Switch，都叫 L3 Switch，即使沒有內建 RSM或RSFC，都還是.... > 請大家先仔細想好，「[1;33mHardware-Base[m [1;37mRouting[m」的定義好嗎？？ > 再來討論什麼是 L3 Switch？ > > 還有，透過 ISL 做 Trunk 並不是讓不同的 VLANs 互通，而是讓「不同」 > Switch 上擁有「相同」的「VLAN ID」的 VLAN 相通。 HUB是所有PORT共用一個頻寬，SWITCH則各PORT獨立一個頻寬。假如以100Mbits為例，則HUB 之各個PORT是如何分享頻寬，假設各PORT均在使用中，則各PORT分享到多少頻寬，可否舉例說明？以上述為例，則SWITCH各PORT享受到多少頻寬？嗯﹐概念上不大正確。 HUB 和 SWITCH 的分別﹐不在頻寬的‘切割’﹐而在於對頻寬的‘使用時機’﹐其中最大分別是﹕在 HUB 上面﹐同一時間內﹐只能有一個 port 進行傳送﹐而在 switch 則允許所有 port 同時傳送。如果今天﹐連接 5 台機器在 switch 上面﹐如果 abcd 都同時向 e 傳送數據﹐那 abcd 送出的數據﹐都會先被 queue 起來﹐然後 switch 會用自己的 CPU 進行處理﹐ 將 queue 中的數據處理掉﹔而換成 hub﹐那麼﹐a 在送的話﹐bcd 都要等﹐如果 b 在送的話﹐acd 都要等.... 小弟對於這段話很感興趣連接 5 台機器在 switch 上面﹐如果 abcd 都同時向 e 傳送數據﹐那 abcd 送出的數據﹐都會先被 queue 起來﹐然後 switch 會用自己的 CPU 進行處理﹐將 queue 中的數據處理掉. 請教的是.不管switch 如何處理.始終要送出資料給 abcd.這時跟hub 的傳送有分別嗎 ? switch 送給a的同時.b or c or d 還能同時間接收 e 的封包嗎 ? 如果不能. 以上面的例子.小弟看不出跟 hub 在這段時間內.跟switch 有何分別. 請指教. 有啊﹐就是改善了 carry sensce 的等待啊(請重新參考 CSMA/CD 這個技術)﹐這樣說好了﹐如果 abcd 同時給 e 送數據﹐而且 a 又同時向 b 送﹐而 f 和 g 也嘗試在送數據。這時候﹐a 只要將給 e 的數據往 switch 丟之後﹐那就可以繼續向 b 丟下一個了﹐而同時 bcd 也可以向 e 送﹐以及 f 也可以向 g 丟數據。如果換成 hub 呢﹐當 a 向 e 送的時候﹐那麼 b 要等﹐然後輪到 c 和 d﹐而 a 向 b 送的﹐也要等 d 送完﹐連 f 到 g 的也要等就是了。不知道能看到它們的分別嗎﹖假如以每 1 秒為一個運算週期來看﹐我們可以發現﹕ 用 switch 的(理想)情形如下面﹕ 第一秒﹕abcd->e,f->g 第二秒﹕a->b (完成) 而用 hub 呢﹕ 第一秒﹕a->e 第二秒﹕b->e 第三秒﹕c->e 第四秒﹕d->e 第五秒﹕f->g 第六秒﹕a->b (完成) 不過﹐請留意﹐以上是假設的理想狀態﹐而且單純針對 carry sensce (也就是 node 到 switch)的部份﹐至於 collision detect﹐還有 switch 處理完 queue 之後將數據送給 nodes 的部份尚未考慮進來。我不敢確定﹐但我猜 e 自己的接收還是受到接收順序限制的﹐就算如此﹐以比較 switch port 送至 nodes 的時間﹐最長的佇列只是 switch 到 e 的時間﹐而在它完成之前﹐其它的 queue 已經清空了(我想這要看 switch 的處理能力而定吧)﹔但換成 hub 的話﹐其它 queue 就沒同時處理的可能﹐也只能是 FIFO 處理。假如各主機﹐同時又開了一堆連線分別和不同主機連線﹐就更複雜了﹐但我可以肯定一點是﹐連線越多﹐switch 越有發揮的價值﹐用 hub 則只能更慘。如果您一定要強調從 e 送封包出來給 abcd (而不是 abcd 同時向 e 送)﹐那光就 CS 來說﹐的確沒什麼分別﹐但只這單純是 local 端送出封包的順序限制而已﹐似乎不應該扯上 switch 和 hub。還有﹐以上說的全是在 haff-duplex 的情形下發生﹐而在 full-duplex 下面則不是這樣的﹐不過﹐就不能用 hub 了。
回覆

主題一覽的下方

前一個主題 | 下一個主題 | 頁首 |

| |

發表新主題

| Powered by XOOPS 2.0 © 2001-2008 The XOOPS Project|