of 18
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
1/18
3Com Strategic Directions
3Com Transcend VLANsLeveraging Virtual LAN Technology
to Make Networking Easier
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
2/18
1 Strategic Directions
3C om Transcend VLA NsLeveraging Virtual LAN Technology to Make Networking Easier
ContentsExecutive Summary 2
The Transcend VLANs Architecture 2
Building VLANS: Four Critical Issues 3
VLAN Membership 4
VLAN Membership Communication 4
VLAN Configuration 5
Inter-VLAN Communication 5
Transcend VLANs Solutions 6
Reducing the Cost of Administering Moves and Changes 6
More Cost-Effective Broadcast Containment Than Routers 7
Supporting Multimedia Applications and Efficient Multicast Control 7
Enhancing Security 8
Automation of Network Administration and Management 9
Reduced Need for Routing 10
More Effective Network Monitoring Through dRMON and RMON2 10
Transcend VLANs Delivery Roadmap 10
Phase 1: Port-Based VLANs with Graphical Management 11
Phase 2: Autoconfigured VLANs 11Phase 3: Desktop-Configured VLANs 12
Conclusion 13
Copyright 1996 3Com Corporation. All rights reserved; reproduction in whole or in part without permission is pro-hibited. The information and opinions within are based on the best information available, but completeness and accuracycannot be guaranteed. In no event will 3Com be liable for any damages whatsoever arising out of the use or inability touse this publication even if advised of the possibility of such damages.
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
3/18
3ComTranscend VLANs
Leveraging Virtual LAN Technology to MakeNetworking Easier
The Transcend VLANs ArchitectureIn 1995, the computer networking industryshifted gears. A range of new and excitingLAN technologies began to be deployed. Thetechnologies that have garnered the mostattention have been those based on switching,particularly switched Ethernet, Fast Ethernet,and ATM. One of the most heralded benefitsof these technologies is virtual LANs(VLANs). But successful deployment of VLANs in todays networks will require anevolutionary, rather than revolutionary,approach.
Based on the Transcend Networkingpremise that networking has to be easier,
3Com has developed Transcend VLANs, anarchitecture specifically designed to providecustomers with cost savings and performancebenefits immediately, not two years down theroad. At each phase of an organizationsnetwork evolution, Transcend VLANs focuseson reducing the amount of administrative timenecessary to maintain the network infra-structure by maximizing automation.Automated network administration givesnetwork managers more time to develop anddeploy network applications that increase pro-ductivity and introduce innovative ways of doing business.
In the final phase of the migration toVLANs, the Transcend VLANs architectureenables the organization to reach an extremelyhigh level of automation in the administrationof the network. By leveraging the increasingintelligence of the desktop, Transcend VLANs
2Strategic Directions
This paper i ntroduces Transcend VLANs,3Coms virtual LAN architecture, and thestrategic vision behind it. The goal of theTranscend VLANs architecture i s to make net -w orking easier so that netw ork administratorscan focus on delivering applications andservices. The Transcend VLANs archit ecturehelps organizations dramatically reduce thehigh cost of moves and changes in the network.It also enhances the management of broadcastand multicast traffi c, improves networksecurity, automates many aspects of networkmanagement, and reduces the need for routersin the LAN. Ultimately, the Transcend VLANsarchitecture enables the organization to reachan extremely high level of automation in the
administration of the netw ork.The Transcend VLANs architecture com-prehensively addresses each of the four keyareas of VLAN implementation: how VLANmembership is defined, how VLAN membershipinformation is communicated across multipleswit ches, the degree to w hich VLAN configu-ration is automated, and how traffic i s trans-ported betw een different VLANs.
3Com i s delivering Transcend VLANs inthree phases. Phase 1 of Transcend VLANs sim-plifies network moves and changes andimproves server access. Unlike other vendors
solutions, this functionality is available on evenour lowest-priced switches, and most Phase 1functionality is shipping today.
Phase 2 of Transcend VLANs w ill enablecustomers to reduce the use of LAN routers,simplify switch configuration, and introducestandards-based multi vendor interoper-abilit y. Together w ith t echnologies such asPACE, Transcend VLANs ena bles 3Com todeliver superior mult imedia solut ions. Phase2 functionality will be delivered during 1996and 1997.
In Phase 3, the netw ork becomessomewhat analogous to a tw o-way, high-speedcable TV network or subscription service. Byfully leveraging the intelligence available at thedesktop, VLANs and VLAN membership are nolonger static or semi-static designations, butare dynamic, w ith the virtual structure of thenetw ork responding in accordance w ith t heusers demand f or services. Phase 3 func-tionality w ill begin shipping in 1997.
This paper is intended for networkmanagers. It assumes an understanding of t hetechnical aspects of networking and somefamiliarity with VLAN technology. For a generalintroduction t o VLANs, refer t o theVirtual LAN Technology Report,by Decisys, Inc. (3Com lit-erature number 200374-001).
Executive Summary
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
4/18
will enable the network to dynamically self-configure. This self-configuration is based onpolicies (parameters) set by the network administrator, and on the particular appli-cations and/or network services that areaccessed by each user at a given time. In thistype of network environment, users can beseen as subscribing to network services andapplications in a way that is similar to cus-tomers subscribing to cable TV channels.
While the self-configuring, two-way cableTVlike network is the long-term goal of theTranscend VLANs architecture, the implemen-tation of VLANs must solve the pressing needsof network administrators today. Rather thanoffering VLANs as a futuristic panacea,Transcend VLANs delivers solutions to very
real problems network administrators face rightnow, saving organizationssubstantial amounts of money in reduced network administration costs.
The goal of theTranscend VLANs archi-tecture is to enable network administrators to focus ondelivering applications and
services. Network adminis-trators spend as much as 75percent of their time maintaining the network infrastructure, ensuring optimal traffic flow,and handling moves and changes.Administering moves and changes is a partic-ularly time-consuming and nonproductiveexercise. Normally, when a user moves to adifferent physical location in the network, asubstantial amount of administrative labor isrequired to reconfigure the network and, often,that users workstation. In some particularlydynamic network environments, such as thosefound in the securities/banking industry, thisrepetitive and labor-intensive aspect of network administration can comprise as muchas 16 percent of an entire IT budget (includinghardware, software, and labor). In some of these dynamic environments, as many as 10percent of network users move per month, andseveral administrative personnel must be ded-icated solely to handling moves and changes.
Since the high cost of moves and changesin the network is a pressing and immediateproblem for most organizations, 3Com hasgiven the reduction of these administrativecosts the highest priority among the benefits of Transcend VLANs. Of course, TranscendVLANs also delivers the other primarybenefits of VLAN deployment: broadcast andmulticast traffic control, enhanced network security, automation of network management,and reduced need for routers in the LAN.
While many vendors VLAN solutionsare targeted at solving a large number of problems, and/or creating solutions toproblems that do not exist, Transcend VLANs,from the moment the first VLANs are con-figured, is focused on delivering substantial
cost savings that have apositive impact on thebottom line of the IT orga-nization. Yet, far frombeing a short-term solution,Transcend VLANsprovides for an eleganttransition to a network infrastructure that shieldsboth the user and thenetwork administrator from
complexity, yet furnishesthe performance necessaryfor the delivery of increasingly demandingapplications.
Building VLANs: Four Critical IssuesFour major issues must be considered inimplementing VLANs: How should VLANs be defined in the
network? What method is best for communicating
VLAN membership information across
multiple switches? To what degree should VLAN configuration
be automated? How is traffic transported between different
VLANs?How these issues are resolved
determines the effectiveness of a particularVLAN implementation in meeting the needsof both users and network administrators(Figure 1 on page 4).
3 Strategic Directions
The goal of TranscendVLANs is toenab le ne tw ork adminis t ra tors
to f o c us o ndelivering appli-ca t ions andservices .
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
5/18
VLAN Membership How should VLANs be defined in thenetwork? There are four basic ways in whichVLANs are defined: By switch port group By MAC address By network layer information (including by
protocol type and/or IP address) By multicast group
Each method of defining VLAN mem-bership has advantages and disadvantages.These are discussed in some detail in theVirtual LAN Technology Report. Each methodis appropriate for meeting different user needsand in different network environments, andthere are even situations where it is advan-tageous to utilize multiple methods within asingle network environment. Therefore, it isimperative that a vendors VLAN solutionfeature a considerable degree of flexibility.
Transcend VLANs delivers this flexibility,enabling network managers to define VLANsby all four methods.
VLAN Membership Communication What method is best for communicatingVLAN membership information acrossmultiple switches? What implications willthe chosen method have on network traffic asthe network grows? There are two generalways in which VLAN membership infor-
mation is communicated across multipleswitches: Implicit communication Explicit communication
Implicit communication can refer toport-defined VLANs within a single switch.This would be found in smaller networks ornetworks with large numbers of users oneach switch segment. More commonly,however, implicit communication refers toVLANs defined at layer 3the informationidentifying VLAN membership is found inthe packet header.
Explicit communication of VLAN infor-mation can be accomplished in three ways,two of which are industry standards. The firststandardized method is via an ATMbackbone and implementation of the ATMForums LAN Emulation standard (LANE).LANE is supported in all of 3Coms ATM
switching products. The second standardmethod of explicit communication of VLANinformation is presently being formulatedunder the IEEE 802.1Q VLAN standard.3Com has been a primary force in the ratifi-cation of this standard by the committee. Thethird method is proprietary frame tagging orencapsulation. In order to give customers awide range of options and flexibility in theirVLAN solutions, 3Com will support its ownVirtual LAN Trunking (VLT) frame-tagging
4Strategic Directions
Acronyms andAbbreviations
ATM Asynchronous Transfer M ode
LAN mulated LAN
DDI iber Distributed Data Interface
GMP nternet Group M anagement rotocol
P nternet Protocol
ANE AN Emulation
MAC M edia access control
NIC Network interface card
RMON2 Remote Moni toring version 2
CP/IP ransmission Control rotocol/Internet Protocol
VLAN Virtual LAN
VLT Virtual LAN Trunking
Port User(MAC)
Multicastgroup Protocol
Port-defined Layer 3 Implicit
LANE IEEE 802.1Q 3Com VLT Explicit
Manual Semi-automated Automatic AutoCast
Edge routingInternal rounting
One-armedrouter
(external)
Route server/route client
Desktop-enabled
(no explicit routing)
VLAN view
VLAN membership
VLAN communication
VLAN configuration
Inter-VLANcommunication
Admin
Figure 1. Elements of a VLAN Implementation
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
6/18
method in many of its products until the802.1Q standard is finalized.
VLAN Configuration To what degree should VLAN configurationbe automated? How much control should beleft to the network administrator? VLANautomation can be described in three levels: Manual Semi-automated Fully automated
In general, these levels represent varyingdegrees of trade-off between the reduction of administrative effort through automated con-figuration and the enhancement of adminis-trative control. In each network environment,the equilibrium between these two poles is dif-
ferent. Therefore, as with VLAN definition,the level of automation in configuring VLANsdepends on the particular network environmentand specific business needs of each customer.Because of the range of customer needs in thisarea, 3Coms Transcend VLANs architecturesupports all three levels of automation forVLAN configuration.
Inter-VLAN Communication How is traffic transportedbetween different VLANs?The short answer to thisquestion is by routing.However, routing solutionsvary considerably, eachhaving its own set of prosand cons, as well as its ownimpact on the overallstructure of the network.Furthermore, routing is notthe only method for inter-VLAN communication. As is the case with the
other critical issues involved in choosing aVLAN solution, the technique used for inter-VLAN communication depends on the organi-zations specific needs and overall network environment. Here again, flexibility is essential.
There are multiple contending models forwhere to locate routing functionality in thenetwork: Edge routing The one-armed router
The route server/route client Desktop-enabled zero-hop routing
These models have become significantpoints of differentiation between the majorLAN vendors. (A more detailed discussion of the advantages and disadvantages of eachrouting model can be found in the Virtual LAN Technology Report. ) 3Com again plans tosupport multiple models, because each canhave a place, depending on the customersoverall network environment.
3Com is presently delivering a solutionbased on the edge-routing model, integratingthe routing function into its LANplex High-Function switches. Integrated routingoptimizes access to network resources utilizedby members of multiple VLANs (for example,
e-mail servers, centralized database servers,and so on), because inter-VLAN traffic doesnot need to be forwarded to an external routerfor processing. Such traffic is routed by theLANplex switch, providing wire-speed accessto these centralized resources.
While routing will be the primary methodfor inter-VLAN communication for some time,it is not the only method. Transcend VLANs
also enables end-stations(usually servers) to be
members of more than oneVLAN, effectively pro-viding an application-layergateway between VLANs.
As the TranscendVLANs solution movesforward, membership in agiven VLAN will becomeless a static designation andmore a dynamic one. This
membership can be governed either by theswitch or, eventually, by the desktop/ NICdriver. As VLANs become more dynamic, theneed for routing inter-VLAN traffic will dis-appear; if an application calls for two or moreend-stations to communicate for a period of time, they are simply placed in the sameVLAN (the switch-governed model), or theyjoin the same VLAN (the desktop/NICdriver-governed model) for the required periodof time.
5 Strategic Directions
A s t h eTranscendVLA Ns solut ionmoves fo rward ,mem bership in agiven VLA N w illbecom e less astatic desig-nat ion and morea dynamic one .
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
7/18
Transcend VLANs SolutionsAfter considering the issues outlined aboveand determining how VLANs should bedeployed in their network, customers need toselect a VLAN solution that will cost-effec-tively deliver the benefits that VLANs canprovide. Transcend VLANs offers an array of benefits which, unlike many vendors VLANsolutions, are delivered without sacrificing theperformance enhancement upon which thedeployment of switching is largely based. (Ithas repeatedly been demonstrated in the net-working industry that customers generally donot accept a two steps forward, one stepback improvement.) Transcend VLANsdelivers value to the customer in seven keyareas:
Reduction of the cost of administering moves andchanges
More cost-effectivebroadcast containmentthan routers
Support for multimediaapplications and efficientmulticast control
Enhanced security Automation of network
administration and man-agement Reduced need for routing More effective network
monitoring
Reducing the Cost of Administering Movesand Changes Deployment of Transcend VLANs will savecustomers significant amounts of money byreducing the resources required for adminis-tration of moves and changes in the network.
Even when using what might seem to be themost labor-intensive method of VLAN defi-nitionVLANs defined by port groupadministrators can use 3Coms TranscendVLAN Manager application (discussed later inthis paper) to update a users VLAN mem-bership by a simple drag-and-drop process.Thus, Transcend VLAN Manager givesnetwork administrators a superior capacity tomanage virtual connectivity separate from
physical connectivity and to map back andforth between the two. It is this mappingability that so many customers have declared arequirement before they will deploy VLANs intheir networks. 3Com has successfullydelivered this capability at prices as low as$200 per switch port in its SuperStack
workgroup switches.For customers with large numbers of IP
users, 3Coms LANplex High-Functionswitches support VLANs defined by IPaddress. Relative to other protocols, it is IPthat causes much of the time-consuminghassle of administering moves and changes.Normally, IP requires the network adminis-trator to physically go to the users work-station and reconfigure that users IP address
after a move. By definingVLANs by IP address, auser who moves from onephysical location to anothercould remain in his or herVLAN (in the case of IP,the term virtual subnet issometimes used in place of virtual LAN) withouthaving to update the work-stations IP address.
VLANs defined by IPaddress also eliminate thenotoriously difficult processof reconfiguring routertables. For further flexi-
bility, 3Com allows multiple virtual IPsubnets to coexist on a single physicalsegment, a technique called multinetting.Multinetting enables administrators tomaintain logical groups of users without theconstraint of physical location.
For customers who are moving rapidly toa pure private LAN switching architecture(that is, one user per switch port), the limi-tations of VLANs defined by MAC-layeraddress in a shared media network envi-ronment (for example, multiple broadcastsover the same physical segment) becomemoot. Indeed, for many of these customers,deploying VLANs defined by MAC-layeraddress becomes a particularly attractivesolution.
6Strategic Directions
TranscendVLANs archi-
tec ture w illsupport a l llevels of auto-mated conf igu-rat ion and cana llo w n e t w o r k adminis t ra tors
to set po lic ie sgoverning how
the netw o rk reconfiguresit se lf w hen ause r moves .
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
8/18
With VLANs defined by MAC-layeraddress, VLAN membership stays with theuser no matter where he or she moves on thenetwork, since the MAC address is hard-wiredinto the NIC. In this way, initial configuration,as well as moves and changes, can beautomated. Transcend VLAN Manager alsoenables the network administrator to manuallychange a users VLAN membership when nec-essary, such as when an employee transfersfrom one department to another.
As the customers need for automation of moves and changes increases, 3Com deliversthe functionality to meet that need. As men-tioned before, Transcend VLANs will supportall levels of automated configuration and canallow network administrators to set policies
governing how the network reconfigures itself when a user moves.
More Cost-Effective BroadcastContainment Than Routers One of the major reasons for deployingVLANs is to reduce an organizations relianceon routers for broadcast containment. Whilerouting will still retain important roles in thenetwork, broadcast containment is handledmuch more cost effectively by VLANsswitches are simply much less expensive thanrouters on a per-port basis. Furthermore,router-based solutions tend to be far morecomplex and time consuming to configure.Network administrators will find that 3ComsTranscend VLAN Manager application is aneasier way to define VLANs than using routersto define broadcast domains.
Many customers may wish to replicate themultiprotocol broadcast domains of theirexisting router-based infrastructures. For thispurpose, LANplex High-Function switches
also support defining VLANs by protocol(such as IPX , DECnet , NetBIOS, etc.). Thisability can prove particularly useful for largermultiprotocol environments implementing amore gradual migration toward VLANs.Defining VLANs by protocol also allows alogical end-station to be a member of morethan one VLAN (the same MAC addressresides in two different network protocolVLANs). Multiple VLAN membership is an
effective way to deploy centralized network sources (such as e-mail or internal Webservers) without resorting to routing in order toconnect them to all of the VLANs in thenetwork. In this way, these centralizedresources can truly support all users equallythroughout the campus environment.
Supporting Multimedia Applicationsand Efficient Multicast Control Customers are increasingly interested indeploying multimedia applications that featurepoint-to-multipoint communication, such asvideo conferencing, video-based training, andnews video feeds. These applications relyheavily on multicast (as opposed to unicast orbroadcast) transmissions, particularly IP mul-
ticast. Without an effective mechanism forcontrolling this multicast traffic, increaseddeployment and utilization of these appli-cations will flood switched networks andseverely degrade overall performance(Figure 2).
In order to prevent a network meltdown,organizations might be forced to dedicate onlycertain workstations to these applications,forcing manual switch configuration whenthese dedicated workstations change and gen-erally preventing these applications from beingfreely accessed across the network. Anothersolution to the multicast support problementails distributing routing functionality toevery workgroup switch in the network. This isan unnecessary and expensive deployment of
7 Strategic Directions
Figure 2. M ulticast Traffic Floods Switched Netw orks
High-speedbackbone
10 Mbps
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
9/18
routing functionality and defeats one of thebenefits of implementing VLANs: reducingthe amount of routing in the network.
Transcend VLANs takes a differentandsuperiorapproach to the problem of mul-ticast control. The 3Com solution offers twomethods for distributed control of multicastswithout heavy reliance on routing. The firstmethod enables the switch itself to defineAutoCast VLANs based on multicastgroups. The technique used in switch-basedAutoCast VLANs is called Internet GroupManagement Protocol (IGMP) snooping. Itoperates by having the switch observe user-ini-tiated requests to belong to a particular IP mul-ticast group (for example, a video-basedtraining session). The switch then dynamically
defines IP multicast groups based on thoserequests, forwarding the multicast traffic onlyto those ports with participating users andblocking it on all other ports.
The second methodgoes one step further in dis-tributing the intelligencenecessary for multicastcontrol by allowing theNIC driver in the usersworkstation to control the
multicast filters of theswitch port to which it isattached. The driver simplyinitiates a message from theNIC to the switch, tellingthe switch whether or not toforward a particular mul-ticast on that port. Thismethod has advantagesover IGMP snooping in thatit supports all multicast traffic (not just IPmulticasts), and it leverages the processingpower in the workstation CPU, enablingdeployment of simple workgroup switches.However, this method is optimized for anarchitecture based on a single user per switchport and requires upgraded NIC drivers. 3Comwill offer both methods of multicast control inorder to best meet diverse customer needs.
One of the benefits of 3Coms way of sup-porting multicasts is that the routing func-tionality needed to handle multicast traffic (for
example, calculation of multicast route deliverypaths and multicast packet forwarding) can beleft in LAN backbone devices. This eliminatesthe complex and expensive deployment of routing at the workgroup level.
Either method of supporting VLANsdefined by multicast groups enables VLANs tobe configured dynamically to support mul-timedia applications for an arbitrary number of users over a specific time framefor example,the duration of a video conference. An addedbenefit of this dynamic autoconfiguration of VLANs is that it requires no intervention onthe part of the network administrator, makingmore time available for the delivery of newnetwork applications.
Enhancing Security One of the critically important but often over-looked benefits of VLANs is enhanced net-work security. 3Com realizes the increasingimportance of security considerations, partic-
ularly as corporate Internetconnectivity and intranetapplications become morewidespread. The TranscendVLANs architecture enablesan organization to enhancenetwork security withoutresorting to separatephysical connectivity orextensive use of morecomplex, more expensive,router-based firewallingtechniques. By definingaccess to network servicesusing Transcend VLANs,network administrators canexert a high level of security
control while maintaining a common network
infrastructure.In order to allow administrators to define
even stricter access to servers containing par-ticularly sensitive information such as financialor personnel information, Transcend VLANscan be defined by port or MAC-layer address.When used in combination with architecturesfeaturing a single user per switch port, thisability becomes an especially powerfuldeterrent to unauthorized access. In this con-
8Strategic Directions
The rout ing f unc t io na lit y necessa ry tohandle mul-
t ic as t t ra f f iccan be lef t inL A N b a c k b o n edevices , e l im i-nat ing thecomplex andexpensivedep loyment o f rout ing a t the
w o rk gro uplevel.
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
10/18
figuration, unauthorized users have no physicalway of listening to traffic belonging toVLANs of which they are not a member,because that traffic never traverses theirsegment.
In addition, Transcend VLANs enablesnetwork administrators to cordon off devel-opment groups running sen-sitive, experimental, and/orrisky applications that couldnegatively affect per-formance for other users inthe same subnet. At thesame time, these appli-cations can share the samebackbone with other users,leveraging the customers
investment in network infra-structure.
As organizations movetoward fully automated,policy-based VLANstructures, network administrators will be ableto define access to services with an extremelyhigh degree of precision, establishing specificcriteria to be set all the way down to the indi-vidual user level or even time of day. This typeof VLAN structure has the added benefit of
enabling accurate, automatic tracking of billing/chargeback for network services.
Automation of Network Administrationand Management A concern of many network administratorswhen implementing VLANs is the trade-off between greater ease in administering movesand changes and more complexity in otherareas of network management and configu-ration. This problem is due to several issuesthat arise when implementing VLANs:
An additional layer of virtual connectivityon top of physical connectivity makestroubleshooting more difficult.
Maintaining VLAN information acrossnumerous switches in an ever-changingenvironment can become burdensome andtime consuming.
VLANs can complicate traffic analysis forthe optimization of server placement andoverall network performance.
Because the potential benefits of VLANsmay be reduced by these problems, powerful,easy-to-use, and flexible VLAN managementsoftware is essential for deploying VLANs inenterprise networks.
3Com has developed an intuitive, graphicalVLAN management platform, Transcend
VLAN Manager, that elim-inates the potential pitfalls of managing VLANs.Transcend VLAN Managerenables the network admin-istrator to easily view virtualas well as physical connec-tivity at multiple levels. Inaddition, Transcend VLANManager includes both ATM
and non-ATM attacheddevices, consolidating man-agement of VLANs andemulated LANs (ELANs).This is an essential feature
for any customer deploying VLANs in con- junction with an ATM backbone.
With Transcend VLAN Manager, controlof VLAN membership for all users in thenetwork resides at a single console. VLANmembership can be manually established by
simply dragging and dropping users work-station icons into the desired VLAN. Of course, as mentioned earlier, TranscendVLAN Manager supports various methods of automated VLAN configuration as well.
In order to facilitate ongoing network optimization in growing environments,Transcend Traf fix Manager correlates thenetwork traffic data across the switches partici-pating in a given VLAN. This enables network administrators to view detailed network trafficstatistics, including a breakdown of inter- andintra-VLAN packets as well as a breakdown of packets by application. This level of infor-mation is extremely useful for determiningoptimal placement of routing and frequentlyaccessed servers. The network managementfeatures in Transcend VLANs actually makeoverall network management easier, less timeconsuming, and more effective than instandard networks governed by physical con-nectivity alone.
9 Strategic Directions
As organizationsmove tow ard
f ully aut om ated,policy-basedVLAN struc-
ture s, netw o rk administrators
w ill be able todef ine acc ess to
services w ith anextremely highdegree of pre-cision.
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
11/18
Reduced Need for Routing Since much of the functionality of LANrouters, especially broadcast and multicastcontainment, can be more effectivelyhandled by VLANs, the overall need forrouting in the network is reduced bydeploying Transcend VLANs. As mentionedearlier, reducing routing in the network becomes particularly important in enablingubiquitous access to centralized network resources such as e-mail servers, internalWeb servers, and centralized databaseservers. By configuring these servers asmembers of multipleVLANs, routing is nolonger necessary toprovide connectivity
between these resourcesand most or all usersthroughout the network. Inthis way, the LAN routeror one-armed ATM-attached router is nolonger the bottleneck in anotherwise high-per-formance network.
Transcend VLANssupports multiple VLANson a network server inseveral ways. In envi-ronments that havedeployed ATM backbones,Transcend VLANs leverages LANEscapacity to support multiple emulated LANs,and thus multiple VLANs, on a single ATMNIC (similar multiple VLAN capability willbe available in 1997 for Fast Ethernetattached servers). By enabling multipleVLAN access to an ATM-attached server viaLANE, Transcend VLANs allows thecustomer to purchase simpler, lower-costedge switches. 3Coms high-performance,low-cost SuperStack switches are ideal inthis role of providing ATM access toEthernet LANs.
As mentioned previously, TranscendVLANs supports IP multicast groups asVLANs, eliminating the need to deploycomplex routing to every switch port just toprovide efficient control of multicast traffic.
More Effective Network MonitoringThrough dRMON and RMON2 In order to fully enable the network man-agement features detailed above and toexpand those features in the future, aVLAN/switching solution must provide foran efficient and cost-effective mechanismfor collecting and reporting network trafficstatistics. In a network moving toward asingle user per switch port, centralizingRMON agents at the switch becomes aninefficient and costly method of collectingnetwork traffic data. 3Coms solution to theproblem of traffic data collection in a private
switched LAN envi-ronment is to distributethis functionality to the
workstation using dis-tributed RMON, ordRMON. Once again, thisleverages the processingpower at the workstationand enables workgroupswitches to delivermaximum performance atlower cost.
Network adapters in aprivate switched LAN envi-ronment can easily collectRMON statistics regardingtraffic in their segments, aseach is the only attached
device in that segment. SmartAgent intel-ligent agents periodically collect this infor-mation and Transcend Enterprise Managerand Transcend Traf fix Manager tools cor-relate it for analysis. With the emergence of RMON2, much richer, application-relatedtraffic information can also be collected,analyzed, and viewed, enabling optimal con-
figuration of Transcend VLANs.
Transcend VLANs Delivery Roadmap3Com is delivering Transcend VLANs inthree broad phases. While these phases aredescribed here as separate and discrete, therewill be overlap in the delivery of some of these capabilities across 3Coms switchingproduct family.
10Strategic Directions
The ne twork
m a n a g e m e n t f ea ture s inTranscendVLANs actual ly mak e overa lln e tw o r k m a n -agement easier,less t ime-con-suming, andm o r e e f f e c t iv e
than in s t andardn e t w o r k sgoverned by phys ica l c on-nect ivi ty a lone.
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
12/18
Phase 1: Port-Based VLANs withGraphical Management Phase 1 of Transcend VLANs simplifiesnetwork moves and changes and improvesserver access. Unlike other vendors solutions,this functionality is available on even ourlowest-priced switches. Most of the func-tionality delivered under Phase 1 is alreadyshipping today; complete support will bedelivered by the end of 1996.
Multiple VLANs within a single switch.From the outset, Transcend VLANs allowsthe network administratorto configure multipleVLANs in a singleswitch, on any 3Com
switching platform.
VLANs across multipleswitches. TranscendVLANs supports threeways of communicatingVLAN membership infor-mation across multipleswitches (these methodswere described in Building VLANs: FourCritical Issues, earlier in this paper): Via the ATM Forums LAN Emulation
standard for environments with ATMbackbones
Via 3Coms Virtual LAN Trunking (VLT)frame-tagging technique
Implicitly via the network-layer address orprotocol information across LANplexHigh-Function switchesPhase 2 will add support for the 802.1Q
tagging standard to these techniques.
Multiple VLAN support in server NICs. In
order to facilitate the deployment of appli-cations that can be accessed by all users onthe network while avoiding router bottle-necks, Transcend VLANs provides theability to make servers members of morethan one VLAN. This can be done for ATM-attached servers by configuring multipleLAN Emulation clients on a single NIC. Itcan be done for FDDI- or Fast Ethernetattached servers using TCP/IP for those
server operating systems that support multi-nettingthe ability to support multipleTCP/IP subnets on a single physical LANinterface. It can be done for Fast Ethernetattached servers via VLT support in the3Com server NIC and driver. For FastEthernetattached servers, Phase 2 will addsupport for the 802.1Q tagging standard tothese techniques.
Graphical VLAN management application.Transcend VLAN Manager enables the
network administrator tomanage the virtual as wellas the physical connec-tivity in the network forboth ATM- and non-
ATM-attached devicesfrom a single man-agement console. Movesand changes are accom-plished by dragging anddropping icons within aneasy-to-use graphicalinterface.
Graphical traffic monitoring and analysisapplication. Transcend Traf fix Manager
provides customers with the necessary toolsfor optimizing network configuration andtraffic flow in a VLAN environment. Theseare the industrys first RMON2-basedVLAN monitoring tools; they provideservice views of the network with trafficflows to graphically depict the inter- andintra-VLAN traffic.
Phase 2: Autoconfigured VLANs Phase 2 of Transcend VLANs will enable cus-tomers to reduce the use of LAN routers,
simplify switch configuration, and introducestandards-based multivendor interoperability.Together with technologies such as PACE,Transcend VLANs enables 3Com to deliversuperior multimedia solutions. Phase 2 func-tionality will be delivered during 1996 and1997.
User-based VLANs. User-based or MAC-address-based VLANs enable VLANs to be
11 Strategic Directions
3C oms so lut ion to the pro b le mof t r aff i c da ta
co l lect ion in aprivateswi tched LANenvironm ent is
to dis t ributeRMON func -
t io nalit y to the w o rk sta t io n.
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
13/18
defined based on administrator-defined col-lections of users, rather than only by groupsof switch ports. This enables a high degreeof independence and flexibility for users,while at the same time enhancing thenetwork administrators ability to controland manage the network.
Automatic VLAN configuration. Phase 2 of Transcend VLANs delivery will feature agreater degree of automation of VLAN con-figuration. As user moves and changes aremade in the network, VLAN membershipmoves automatically with the user, whetherinitial VLAN membership was based on theswitch port the user was attached to, or wasset up by an administrator-defined, user-
based VLAN. VLAN membership can befully automated via IP address or protocolinformation.
AutoCast VLANs. Another major element of this greater level of automation is theAutoCast VLAN capability. DefiningVLANs by IP multicast group throughIGMP snooping allows the deployment of multimedia/video applications, withoutrequiring routing or layer 3 switching to
be enabled and configured on every switchport in the network. AutoCast VLANs aredynamic and fully automatic, and provideefficient multicast control without the bur-densome configuration complexity of routing.
Support for the 802.1Q VLAN standard.Once the 802.1Q VLAN standard isfinalized in late 1996 or early 1997, 3Comswitching and adapter products will supportthis standard, as well as its own VLTmechanism. This will allow 3Com switchesto communicate VLAN membership infor-mation in a multivendor environment. It willalso allow multiple VLAN support in serverNICs via standard 802.1Q tagging.
Phase 3: Desktop-Configured VLANs Phase 3 is where the network becomessomewhat analogous to a two-way, high-speedcable TV network or subscription service. By
fully leveraging the processing power at thedesktop, VLANs and VLAN membership areno longer static or semi-static designations, butare dynamic, with the virtual structure of thenetwork responding in accordance with theusers demand for services. As VLANsbecome completely dynamic designations,external LAN routing between VLANs ulti-mately becomes unnecessary. Phase 3 func-tionality will begin shipping in 1997.
802.1p supportVLANs defined by mul-ticast group through the NIC driver. Thismethod of dynamically configuring mul-ticast VLANs will provide several powerfulbenefits: Multicast VLANs are no longer limited to
just IP. The aggregate processing power of the
desktop is leveraged. Multicast VLANs can be supported on
simpler, lower-cost switches.
Desktop-configured, cut-through VLANs.Phase 3 will deliver the ability forusers/desktops to dynamically join and leaveVLANs. Further, the ability to performzero-hop routing will allow desktops that
reside on different subnets to communicatewith the same efficiency and performance asif they were both part of the same subnet.Administrative control, however, will bemaintained as if they were connected to dif-ferent subnets. This ability eliminates thenecessity for external routing betweendiscrete VLANs and allows stations tosimply cut through and communicateacross VLANs at will, while still usinglower-cost, relatively simple edge switches.
Policy-based VLANs. While much of theintelligence necessary for dynamic VLANconfiguration becomes distributed underPhase 3, network administrators actuallyexert a greater degree of automated controlby being able to set policies governingaccess to network resources. Policy-basedVLANs not only allow the implementationof very specific parameters controllingnetwork access and quality of service, but
12Strategic Directions
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
14/18
also further reduce the time required toenforce proper network security.
It is in this third phase of migration thatwe see the complete fulfillment of theTranscend VLANs mission: a top-down, appli-cation-driven solution, enabling the transparentdelivery of services to the user on demand(Figure 3). Transcend VLANs ultimately elim-inates the use of LAN routers, while providingfull scalability and full configuration flexi-bility. 3Com is in a unique position to leveragethe power of the desktop for maximum per-formance, scaling, and ease.
ConclusionVLANs represent an extraordinary techno-logical step toward eliminating many of theburdens of maintaining the network infra-
structure and providing a substantial boost inthe ability to deliver network applications andservices. However, due to the impact that fullVLAN implementation will have on theenterpriseboth in terms of network archi-tecture and managerial organization, and insome cases even the business modelasmooth, well-constructed migration path iscritical. On the other hand, even the initialmigration steps toward full implementation of virtual LANs, if deployed properly, can bringsubstantial benefits without additional costs orcompromises in performance or manageability.Transcend VLANs satisfies these demands andrepresents the solution of choice for customersimplementing VLANs.
13 Strategic Directions
Figure 3. Application-Driven VLANs
A T M o r LA N
c o r e b a c k b
o n e
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
15/18
14Strategic Directions
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
16/18
15 Strategic Directions
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
17/18
8/12/2019 3Com Transcend VLANs Leveraging Virtual LAN Technology to Make Networking Easier
18/18
1996 3Com Corporation. All rights reserved. 3Com is a publicly ownedcorporation (NADAQ>COMS). 3Com, LANplex, and Transcend are regis-tered trademarks of 3Com Corporation. PACE, SmartAgent, andSuperStack are trademarks of 3Com Corporation. Other brand and prod-uct names may be trademarks or registered trademarks of their respec-tive owners.
All specifications are subject to change without notice.
Printed in U.S.A. 600206-001 Printed on Recycled Paper
E
3Com CorporationP.O. Box 581455400 Bayfront PlazaSanta Clara, CA 95052-8145Phone: 800-NET-3Comor 408-764-5000
3Com ANZAANZAEast Phone: 61 2 9937 5000Fax: 61 2 9956 6247
ANZAWest Phone: 61 3 9653 9515Fax: 61 3 9653 9505
3Com Asia LimitedBeijing Phone: 8610 849 2568Fax: 8610 849 2789
Shanghai Phone: 86 21 3740220Fax: 86 21 3552079
Hong Kong Phone: 852 2501 1111Fax: 852 2537 1149
Indonesia Phone: 6221 523 9181Fax: 6221 523 9156
Korea Phone: 822 319 4711Fax: 822 319 4710
Malaysia Phone: 60 3 233 6162Fax: 60 3 233 6174
Singapore
Phone: 86 21 6374 0220Fax: 86 21 6355 2079
Taiwan Phone: 886 2 377 5850Fax: 886 2 377 5860
3Com BelgiumPhone: 32 2 7164880Fax: 32 2 7164780
3Com Benelux B.V.Netherlands Phone: 31 30 6029700Fax: 31 30 6029777
3Com Canada Inc.Phone: 416-498-3266Fax: 416-498-1262
3Com European HQPhone: 44 1628 897000Fax: 44 1628 897041
3Com FrancePhone: 33 1 69 86 68 00Fax: 33 1 69 07 11 54
3Com GmbH (Germany)Phone: 49 89 627320Fax: 49 89 62732233
Poland Phone: 48 22 645 1351Fax: 48 22 645 1352
Switzerland
Phone: 41 31 9984555Fax: 41 31 9984550
3ComIrelandPhone: 353 1 820 7077Fax: 353 1 820 7107
3Com J apanPhone: 81 3 3345 7251Fax: 81 3 3345 7261
3Com Latin AmericaU.S. Headquarters Phone: 408-764-6075Fax: 408-764-5730
Argentina Phone: 541 815 7164Fax: 541 815 7165
Brazil
Phone: 55 11 546 0869Fax: 55 11 246 6813
Chile Phone: 562 633 9242Fax: 562 633 8935
Columbia Phone: 571 218 3933Fax: 571 226 9770
Mexico Phone: 525 520 7841Fax: 525 520 7837
Northern Latin America Phone: 305-261-3266Fax: 305-261-4901
Venezuela Phone: 582 261 0710Fax: 582 261 5257
3Com LtdScotland Phone: 0131 220 8228Fax: 0131 226 1410
3Com MediterraneoMilano, Italy Phone: 39 2 253 011Fax: 39 2 273 04244
Rome, Italy Phone: 39 6 5917756Fax: 39 6 5918969
Spain Phone: 34 1 3831700Fax: 34 1 3831703
3Com Middle East United Arab Emirates Phone: 971 4 349049Fax: 971 4 349803
New Delhi, India Phone: 91 11 683 5070Fax: 91 11 683 4662
3Com Nordic ABPhone: 46 8 632 91 00Fax: 46 8 632 09 05
3Com South AfricaPhone: 27 11 807 4397Fax: 27 11 803 7405
3Com UK Ltd.Buckinghamshire Phone: 44 1628 897000Fax: 44 1628 897003
Manchester Phone: 44 161 873 7717Fax: 44 161 873 8053
Edinburgh, Scotland Phone: 01 31 220 8228Fax: 01 31 226 1410