carries traffic for multiple VLANs, each frame
must be “marked” with a VID so that it is differentiated from
frames coming from other VLANs. This marking or frame
identification is accomplished through a trunking protocol.
Frame identification uniquely assigns an ID, referred to as a
VID, to each frame. Each receiving switch examines this VID to
determine the destination VLAN of the frame. VIDs are only
associated with frames traversing a trunk link. When a frame
enters or exits the switch on an access link, no VID is
present. The ASIC on the switch port assigns the VID to a frame
as it is placed on a trunk link, and also strips off the VID if
the frame exits an access switch port. Trunk links should be
managed so that they carry only traffic for intended VLANs.
This practice keeps unwanted VLAN data traffic from traversing
links unnecessarily. Trunk links are used between the access
and distribution layers of the campus switch block. These are
the trunk protocols used to carry multiple VLANs over a single
link : - Inter-Switch Link (ISL): Cisco ISL
- 802.1Q: IEEE standard trunking protocol
Depending on the trunking protocol, data frames sent across a
trunk link are either encapsulated or tagged. The purpose of
encapsulating or tagging frames is to provide the receiving
switch with a VID to identify the VLAN from which the frame
originated. The trunking protocol ISL, a Cisco proprietary
protocol, encapsulates frames, while IEEE 802.1Q inserts a tag
into the original Layer 2 data frame. 802.1Q is not proprietary
and can be deployed in any Ethernet standards-based Layer 2
device. It is specific to a single Layer 2 protocol (Ethernet)
because it modifies the Layer 2 Ethernet frame by inserting a
tag between two specific fields of the frame and therefore must
be aware of the frame header details. ISL is Layer 2–protocol
independent. Because the original Layer 2 frame is fully
encapsulated and not altered, ISL can transport data frames
from various Layer 2 media types.
Content
2.3 Implementing Trunks 2.3.2
Describing ISL Trunking ISL is a Cisco proprietary
protocol option for configuring Layer 2 trunk links. It is the
original standard for trunking between switches and predates
IEEE trunking standards. ISL takes original Layer 2 frames and
encapsulates them with a new ISL header and trailer. Because
an entirely new header is appended to the original frame, the
header offers some features not found in 802.1Q, an alternative
trunking protocol. The following are some features of the ISL
protocol: - Supports multiple Layer 2 protocols
(Ethernet, Token Ring, FDDI, and ATM).
- Supports
PVST.
- Does not use a native VLAN, so it encapsulates
every frame.
- Encapsulation process leaves original
frames unmodified.
ISL Encapsulation Process
When a switch port is configured as an ISL trunk port, the
entire original Layer 2 frame, including the header and FCS
trailer, is encapsulated before it traverses the trunk link.
Encapsulation places an additional header in the front and a
trailer at the end of the original Layer 2 frame. The ISL
header contains the VID of the VLAN where the frame originated.
At the receiving end, the VID is read, the header and trailer
are removed, and the original frame is forwarded like any
regular Layer 2 frame on that VLAN. Only ISL trunk ports can
properly receive ISL encapsulated frames. A non-ISL port
receiving an ISL frame may consider the frame size to be
invalid or may not recognize the fields in the header. The
frame is usually dropped and counted as a transmission error
when received by a non-ISL port. ISL Header The ISL
header contains various fields with values that define
attributes of the original Layer 2 data within the encapsulated
frame. This information is used for forwarding, media
identification, and VLAN identification. The population of the
fields within the ISL header varies, based on the type of VLAN
and the media of the link. The ASIC on an Ethernet port
encapsulates the frames with a 26-byte ISL header and a 4-byte
FCS. This 30-byte ISL encapsulation overhead is consistent
among the Layer 2 protocols supported on Cisco Catalyst
switches, but the overall size of the frame varies and is
limited by the maximum transmission unit (MTU) of the original
Layer 2 protocol. The ISL Ethernet frame header contains these
information fields: - DA (destination address):
40-bit destination address. This is a multicast address and
is set at 0x01-00-0C-00-00 or 0x03-00-0c-00-00. The first 40
bits of the DA field signal to the receiver that the packet is
in ISL format.
- Type: 4-bit descriptor of the
encapsulated frame types: Ethernet (0000), Token Ring (0001),
FDDI (0010), and ATM (0011).
- User: 4-bit
descriptor used as the Type field extension or to define
Ethernet priorities. It is a binary value from 0, the lowest
priority, to 3, the highest priority. The default User field
value is 0000. For Ethernet frames, the User field bits 0 and 1
indicate the priority of the packet as it passes through the
switch.
- SA (source address): 48-bit source MAC
address of the transmitting Cisco Catalyst switch port.
- LEN (length): 16-bit frame-length descriptor minus
DA, Type, User, SA, LEN, and CRC.
- AAAA03:
Standard Subnetwork Access Protocol (SNAP) 802.2 logical link
control (LLC) header.
- HS (high bits of source
address): First 3 bytes of the SA (manufacturer or unique
organizational ID).
- VID: 15-bit VID. Only the
lower 10 bits are used for 1024 VLANs.
- BPDU (bridge
protocol data unit): 1-bit descriptor identifying whether
the frame is a spanning tree BPDU. It also identifies if the
encapsulated frame is a Cisco Discovery Protocol (CDP) or VLAN
Trunk Protocol (VTP) frame and indicates if the frame should be
sent to the control plane of the switch.
- INDX
(index): 16 bits to indicate the port index of the source
of the packet as it exits the switch. It is used for diagnostic
purposes only and may be set to any value by other devices. It
is a 16-bit value and is ignored in received packets.
- RES: 16 bits reserved for Token Ring and FDDI
frames.
- Encapsulated Ethernet Frame:
Encapsulated data packet, including its own CRC value,
completely unmodified. The internal frame must have a CRC value
that is valid when the ISL encapsulation fields are removed. A
receiving switch may strip off the ISL encapsulation fields and
use this ENCAP FRAME field as the frame is received
(associating the appropriate VLAN and other values with the
received frame as indicated for switching purposes).
ISL Trailer The trailer portion of the ISL
encapsulation is an FCS that carries a CRC value calculated on
the original frame plus the ISL header as the ISL frame was
placed onto the trunk link. The receiving ISL port recalculates
this value. If the CRC values do not match, the frame is
discarded. If the values match, the switch discards the FCS as
a part of removing the ISL encapsulation so that the original
frame can be processed. The ISL trailer consists of the 4-byte
FCS field: This sequence contains a 32-bit CRC value, which is
created by the sending MAC and is recalculated by the receiving
MAC to check for damaged frames. The FCS is generated over the
DA, SA, LEN, Type, and Data fields. When an ISL header is
attached, a new FCS is calculated for the entire ISL packet and
added to the end of the frame.
Content 2.3
Implementing Trunks 2.3.3 Describing 802.1Q
Trunking Like ISL, 802.1Q is a protocol that allows a
single physical link to carry traffic for multiple VLANs. It is
the IEEE standard VLAN trunking protocol. Rather than
encapsulating the original Layer 2 frame in its entirety,
802.1Q inserts a tag into the original Ethernet header, then
recalculates and updates the FCS in the original frame and
transmits the frame over the trunk link. The 802.1Q protocol,
often referred to as “dot-1Q,” offers the clear benefit of