CA2276206C - Port based default virtual local area network - Google Patents
Port based default virtual local area network Download PDFInfo
- Publication number
- CA2276206C CA2276206C CA002276206A CA2276206A CA2276206C CA 2276206 C CA2276206 C CA 2276206C CA 002276206 A CA002276206 A CA 002276206A CA 2276206 A CA2276206 A CA 2276206A CA 2276206 C CA2276206 C CA 2276206C
- Authority
- CA
- Canada
- Prior art keywords
- ports
- switch
- default vlan
- vlan
- data packet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Lifetime
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
- H04L12/46—Interconnection of networks
- H04L12/4641—Virtual LANs, VLANs, e.g. virtual private networks [VPN]
- H04L12/467—Arrangements for supporting untagged frames, e.g. port-based VLANs
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L49/00—Packet switching elements
- H04L49/35—Switches specially adapted for specific applications
- H04L49/354—Switches specially adapted for specific applications for supporting virtual local area networks [VLAN]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/02—Details
- H04L12/16—Arrangements for providing special services to substations
- H04L12/18—Arrangements for providing special services to substations for broadcast or conference, e.g. multicast
Abstract
A data transmission network having a port-based default VLAN that limits flooding to other VLANs. The default VLAN receives a data packet, ascertains the destination address of the packet, and then determines if the destination port is one of the default VLAN ports. The data packet is transmitted to the destination port if it is one of the default VLAN ports, or to each of the default VLAN ports if the destination port is not one of the default VLAN
ports. The data packet is not transmitted to any other non-default VLAN port.
ports. The data packet is not transmitted to any other non-default VLAN port.
Description
, , PORT BASED DEFAULT VIRTUAL LOCAL, AREA NETWORK
Field of the Inventiy This invention generally relates to data transmission networks and, more particularly, to virtual local area networks.
Back round of the Invention A data network typically includes several nodes connected together by a data transport medium. One common method of transmitting data between the nodes is to 1o break the data up into discrete "packets" of data. ~ Packets can be transported over the medium by any one of a variety of transport techniques. In applications utilizing packetized data, data to be transported fizst is broken up into discrete packets of data, then transmitted through the network medium, and finally reassembled at a destination node. In accordance with current packet protocol, each packet generally comprises a header and an information field. The header contains the information used to transport the cell from one node to the next while the packet data is contained in the information field. Among other information in the header is the destination address of the data packet.
A local area network (i.e., "LAN") is a type of local data network commonly 2o used in a single office or building. LANs are an efficient mechanism for maximizing use of network resources by members of the LAN. Simple LANs typically include two or more nodes (e.g., a server, computer, printer, or other resource) that are interconnected by a common physical connection such as, for example, a hub.
Data switches also may be connected to the hub for directing data traffic and for connecting the LAN to other data networks.
LANs can be inconvenient and expensive; to maintain. For example, moving a user to another location within a relatively large office building often requires that the LAN be rewired and reconfigured. This can be cumbersome and expensive. The art has responded to this problem by developing virtual local area networks (i.e., "VLANs").
For example, "V irtual LANS' Get Real", Data Communications vol ~ 24 no. 3, pp.
87-99, describes the general characteristics and considerations that should be taken AMENDED SHEET
-l~~Gt when building a VLAN. As described in "Virtual ;LANs Get Real", a VLAN is ' generally defined as a group of nodes interconnected by software to form a single logical broadcast domain. VLANs may be connected to nodes that are members of any .
number of physical LAN segments. Among many advantages, VLANs enable network administrators to create logical groupings of users and network resources, thereby allowing AMENDED SHEET
. .. _ .
Field of the Inventiy This invention generally relates to data transmission networks and, more particularly, to virtual local area networks.
Back round of the Invention A data network typically includes several nodes connected together by a data transport medium. One common method of transmitting data between the nodes is to 1o break the data up into discrete "packets" of data. ~ Packets can be transported over the medium by any one of a variety of transport techniques. In applications utilizing packetized data, data to be transported fizst is broken up into discrete packets of data, then transmitted through the network medium, and finally reassembled at a destination node. In accordance with current packet protocol, each packet generally comprises a header and an information field. The header contains the information used to transport the cell from one node to the next while the packet data is contained in the information field. Among other information in the header is the destination address of the data packet.
A local area network (i.e., "LAN") is a type of local data network commonly 2o used in a single office or building. LANs are an efficient mechanism for maximizing use of network resources by members of the LAN. Simple LANs typically include two or more nodes (e.g., a server, computer, printer, or other resource) that are interconnected by a common physical connection such as, for example, a hub.
Data switches also may be connected to the hub for directing data traffic and for connecting the LAN to other data networks.
LANs can be inconvenient and expensive; to maintain. For example, moving a user to another location within a relatively large office building often requires that the LAN be rewired and reconfigured. This can be cumbersome and expensive. The art has responded to this problem by developing virtual local area networks (i.e., "VLANs").
For example, "V irtual LANS' Get Real", Data Communications vol ~ 24 no. 3, pp.
87-99, describes the general characteristics and considerations that should be taken AMENDED SHEET
-l~~Gt when building a VLAN. As described in "Virtual ;LANs Get Real", a VLAN is ' generally defined as a group of nodes interconnected by software to form a single logical broadcast domain. VLANs may be connected to nodes that are members of any .
number of physical LAN segments. Among many advantages, VLANs enable network administrators to create logical groupings of users and network resources, thereby allowing AMENDED SHEET
. .. _ .
-2-remote users and resources to appear as if they are members of a single LAN.
This enables companies and other organizations to build dynamic, flexible, and distributed LANs, thus simplifying physical moves of a user in a network. By way of background, for example, a description of how a VLAN ma5~ be used to facilitate communication within a company may be found in "Virtual LANs Take Network to Next Level", Computer Technology Review, Vol. 16, no. 9, September 1996, page 12-14.
Background information regarding VLANs ma:y additionally be found in "VLANs"
Can Layer 3 Save the Day?", Business Communications Review, Vol. 26, no. 12, December 1996, pages 47-50 and "Virtual LANs Come of Age", Telecommunications Vol. 30, no.
l0 6, June 1996, pages 48-5?.
Examples of virtual LAN networks are described in "Building Virtual LANs on a real-World Budget Lanart's Segway Works with Ethernet Switches to Deliver Virtual LANs Powers at a Low Cost", Data Communications, Vol. 24, no 13 , pp. 39-40.
The Segway system, described in Data Communications Vol. 24, no. 13, provides a twenty-~ 5 four port module for coupling workstations to a LAN switch. Up to five of the modules may be interconnected to provide a virtual LAI'f of 120 network connections.
As described in the above references, V'.LANs may be formed by defining logical groups of users within the VLAN. One such VLAN, known as a "port-based"
VLAN, defines the VLAN as a collection of switch ports on one or more switches 2o across a hub. Users connected to those defined switch ports therefore are members of the defined VLAN. Broadcast messages directed to that VLAN may be transmitted through the defined switch ports only. Known ~~ort-based VLANs typically are implemented on a switch to include a default V'LAN, in addition to other VLANs that may be formed on the switch. During manufacl:ure, the default VLAN is defined as 25 every port on a single switch. The number of s'Nitch ports defining the default VLAN
decreases, however, as ports on the switch are used for defining other VLANs.
Accordingly, on an exemplary eight-port switch having a first VLAN defined by ports one and two, the default VLAN will be defined by remaining ports three through eight.
However, port-based default VLANs may have data leakage problems that can 3o compromise the security of data transmitted across the network.
Specifically, port-' based default VLANs transmit a data packet to ~wery switch port when that packet is received by the default VLAN and is destined for a port that is not in the default VLAN.
AMENDED SHEET
, ;
,....._ "' ',.
0.
Continuing with the above e:cample, a data packet received on a port defining the default VLAN (i.e., one of ports three through eight) and destined for another port also on the default VLAN will be transmitted ~to the destination port only. In the event that the data packet was destined for a port on the first 'VLAN (i.e., port one or two), however, the packet would be transmitted to all of the ports on the switch, thus creating the above mentioned security problem.
Accordingly, it would be desirable to provide a port-based default VLAN that prevents such leakage problems between VLANs. It is among the general objects of this invention to provide such a device and method..
1o Summary of The Invention In accordance with the principles. of the invention, a port-based default VLAUI is provided that prevents leakage problems across VLANs. To that end, the default VLt~~1 includes means for transmitting data received by the default VLAN to ports ~ 5 defining the !MENDED SHEET
This enables companies and other organizations to build dynamic, flexible, and distributed LANs, thus simplifying physical moves of a user in a network. By way of background, for example, a description of how a VLAN ma5~ be used to facilitate communication within a company may be found in "Virtual LANs Take Network to Next Level", Computer Technology Review, Vol. 16, no. 9, September 1996, page 12-14.
Background information regarding VLANs ma:y additionally be found in "VLANs"
Can Layer 3 Save the Day?", Business Communications Review, Vol. 26, no. 12, December 1996, pages 47-50 and "Virtual LANs Come of Age", Telecommunications Vol. 30, no.
l0 6, June 1996, pages 48-5?.
Examples of virtual LAN networks are described in "Building Virtual LANs on a real-World Budget Lanart's Segway Works with Ethernet Switches to Deliver Virtual LANs Powers at a Low Cost", Data Communications, Vol. 24, no 13 , pp. 39-40.
The Segway system, described in Data Communications Vol. 24, no. 13, provides a twenty-~ 5 four port module for coupling workstations to a LAN switch. Up to five of the modules may be interconnected to provide a virtual LAI'f of 120 network connections.
As described in the above references, V'.LANs may be formed by defining logical groups of users within the VLAN. One such VLAN, known as a "port-based"
VLAN, defines the VLAN as a collection of switch ports on one or more switches 2o across a hub. Users connected to those defined switch ports therefore are members of the defined VLAN. Broadcast messages directed to that VLAN may be transmitted through the defined switch ports only. Known ~~ort-based VLANs typically are implemented on a switch to include a default V'LAN, in addition to other VLANs that may be formed on the switch. During manufacl:ure, the default VLAN is defined as 25 every port on a single switch. The number of s'Nitch ports defining the default VLAN
decreases, however, as ports on the switch are used for defining other VLANs.
Accordingly, on an exemplary eight-port switch having a first VLAN defined by ports one and two, the default VLAN will be defined by remaining ports three through eight.
However, port-based default VLANs may have data leakage problems that can 3o compromise the security of data transmitted across the network.
Specifically, port-' based default VLANs transmit a data packet to ~wery switch port when that packet is received by the default VLAN and is destined for a port that is not in the default VLAN.
AMENDED SHEET
, ;
,....._ "' ',.
0.
Continuing with the above e:cample, a data packet received on a port defining the default VLAN (i.e., one of ports three through eight) and destined for another port also on the default VLAN will be transmitted ~to the destination port only. In the event that the data packet was destined for a port on the first 'VLAN (i.e., port one or two), however, the packet would be transmitted to all of the ports on the switch, thus creating the above mentioned security problem.
Accordingly, it would be desirable to provide a port-based default VLAN that prevents such leakage problems between VLANs. It is among the general objects of this invention to provide such a device and method..
1o Summary of The Invention In accordance with the principles. of the invention, a port-based default VLAUI is provided that prevents leakage problems across VLANs. To that end, the default VLt~~1 includes means for transmitting data received by the default VLAN to ports ~ 5 defining the !MENDED SHEET
-3-default VLAN only. No other ports on the switch will receive a data packet that was received on a port defining the default VLAN.
In accordance with another aspect of the invention, each of the ports on a plurality of switches connected to a hub are configured, during manufacture, to define a default VLAN
spanning the plurality of switches. To that end, the default VLAN includes a bus in the hub, an enable switch for electrically connecting each of switches to the bus, and means for defining each of the switch ports as the default VLAN.
It is among the objects of the invention to provide port-based default VLAN
and method that prevents leakage across the ports of a switch.
It is another object of the invention to provide a port-based default VLAN
that, is configured, during manufacture, to span a plurality of swatches connected to a hub.
Brief Descr~tion Of The Drawings The above and further advantages of the invention may be better understood by referring to the following description in conjunction with the accompanying drawings and which:
Figure 1 is a block schematic diagram of a partial data network assembly for implementation of the invention;
Figure 2 is a block schematic diagram of a switch that forms a port-based, default VLAN;
Figure 3 is a schematic diagram of a data packet; and Figure 4 is a flow chart that specifies the method 'used for preventing leakage from the default VLAN.
Detailed Description Of A Preferred Embodiment Figure 1 shows a partial data network assembly 10 for implementation of the invention, comprising a hub 12 having hub ports 14, and switches 16 connected to the hub ports 14. The hub 12 may be a DEChub Multiswitch 900, available from Digital Equipment Corporation of Maynard, Massachusetts. Each of the switches 16 has a plurality of switch ports 18 (e.g., eight) connecting various network resources, such as servers, computers, and
In accordance with another aspect of the invention, each of the ports on a plurality of switches connected to a hub are configured, during manufacture, to define a default VLAN
spanning the plurality of switches. To that end, the default VLAN includes a bus in the hub, an enable switch for electrically connecting each of switches to the bus, and means for defining each of the switch ports as the default VLAN.
It is among the objects of the invention to provide port-based default VLAN
and method that prevents leakage across the ports of a switch.
It is another object of the invention to provide a port-based default VLAN
that, is configured, during manufacture, to span a plurality of swatches connected to a hub.
Brief Descr~tion Of The Drawings The above and further advantages of the invention may be better understood by referring to the following description in conjunction with the accompanying drawings and which:
Figure 1 is a block schematic diagram of a partial data network assembly for implementation of the invention;
Figure 2 is a block schematic diagram of a switch that forms a port-based, default VLAN;
Figure 3 is a schematic diagram of a data packet; and Figure 4 is a flow chart that specifies the method 'used for preventing leakage from the default VLAN.
Detailed Description Of A Preferred Embodiment Figure 1 shows a partial data network assembly 10 for implementation of the invention, comprising a hub 12 having hub ports 14, and switches 16 connected to the hub ports 14. The hub 12 may be a DEChub Multiswitch 900, available from Digital Equipment Corporation of Maynard, Massachusetts. Each of the switches 16 has a plurality of switch ports 18 (e.g., eight) connecting various network resources, such as servers, computers, and
-4-printers, to the network. A bus 20 spanning each of the hub ports 14 may be enabled by an enable switch 24 to interconnect each of the switches 16. This consequently interconnects each of the switch ports 18 across each of the interconnected switches 16. In the preferred embodiment, the bus 20 is enabled during manufacture, thus defining the default VLAN as all of the ports of the interconnected switches 16. The enable switch 24 may be implemented as firmware within the hub 12, or as a manually actuated switch on the hub 12.
New port-based VLANs may be formed across one or more of the switches 16 by selecting combinations of interconnected switch ports 18. Selected switch ports 18 for new VLANs consequently are removed from the default VLAN definition, thus reducing the size of the default VLAN. No data packets received on any one of the default VLAN
ports may be transmitted to the ports that define other VLANs.
Figure 2 shows an exemplary eight port switch 16 forming a default VLAN, VLAN
2, and VLAN 3. Ports one and two define the default VLAN, ports three to five define VLAN
2, and ports six to eight define VLAN 3. Data packets received on switch ports one or two may be transmitted to either or both of those switch ports 18 only, thus preventing leakage to VLAN 2 and VLAN 3. For example, a data packet received on port two having a destination address of port four will be transmitted to both ports one and two only.
Similarly, a data packet received on port two having a destination address of port one will be transmitted to port one only. VLAN 2 and VLAN 3 limit leakage in like fashion.
Figure 3 shows a data packet 26, comprising a header 28 and an information field 30.
The destination address of the data packet 26 is stored in the header 28 of the data packet 26.
The switch port 18 associated with the destination address is ascertained by conventional means within the switch 16 receiving the data packet 26. This information is used by the method shown in figure 4.
Figure 4 shows a flow chart that specifies the method used for preventing leakage from the default VLAN. More particularly, the destination port address is ascertained from the header 28 of a data packet received on one of the default VLAN ports {step 400). At step 402, it is determined if the destination port is one of the default VLAN
ports. If the destination port is one of the default VLAN ports, that data packet is transmitted to the destination port only (step 404). If the destination port is not one of the default VLAN ports, the data packet is transmitted to all of the default VLAN ports only (step 406). The data packet is transmitted to no other switch ports 18.
WO 98!29985 PCT/LTS97/24180
New port-based VLANs may be formed across one or more of the switches 16 by selecting combinations of interconnected switch ports 18. Selected switch ports 18 for new VLANs consequently are removed from the default VLAN definition, thus reducing the size of the default VLAN. No data packets received on any one of the default VLAN
ports may be transmitted to the ports that define other VLANs.
Figure 2 shows an exemplary eight port switch 16 forming a default VLAN, VLAN
2, and VLAN 3. Ports one and two define the default VLAN, ports three to five define VLAN
2, and ports six to eight define VLAN 3. Data packets received on switch ports one or two may be transmitted to either or both of those switch ports 18 only, thus preventing leakage to VLAN 2 and VLAN 3. For example, a data packet received on port two having a destination address of port four will be transmitted to both ports one and two only.
Similarly, a data packet received on port two having a destination address of port one will be transmitted to port one only. VLAN 2 and VLAN 3 limit leakage in like fashion.
Figure 3 shows a data packet 26, comprising a header 28 and an information field 30.
The destination address of the data packet 26 is stored in the header 28 of the data packet 26.
The switch port 18 associated with the destination address is ascertained by conventional means within the switch 16 receiving the data packet 26. This information is used by the method shown in figure 4.
Figure 4 shows a flow chart that specifies the method used for preventing leakage from the default VLAN. More particularly, the destination port address is ascertained from the header 28 of a data packet received on one of the default VLAN ports {step 400). At step 402, it is determined if the destination port is one of the default VLAN
ports. If the destination port is one of the default VLAN ports, that data packet is transmitted to the destination port only (step 404). If the destination port is not one of the default VLAN ports, the data packet is transmitted to all of the default VLAN ports only (step 406). The data packet is transmitted to no other switch ports 18.
WO 98!29985 PCT/LTS97/24180
-5-The default VLAN may be assigned a default VLAN tag that is assigned to a data packet when it enters through one of the default VLAN ports. The switch 16 then may be configured to prevent transmission of any data packet, having an associated default VLAN
tag, through any of the other, non-default VLAN ports.
The invention may be implemented by means of a programmable logic chip within the one or more switches 16 used for the invention. The invention may also be implemented as firmware stored within those switches 16. Both implementations may be programmed by conventional methods.
In an alternative embodiment, the invention may be implemented as a computer program product for use with a computer system. Such implementation may include a series of computer instructions fixed either on a tangible mediunn, such as a computer readable media (e.g. diskette, CD-ROM, ROM, or fixed disk) or transmittable to a computer system, via a modem or other interface device, such as communications adapter connected to the network over a medium. The medium may be either a tangible medium (e.g., optical or analog communications lines) or a medium implemented with wireless techniques (e.g., microwave, infrared or other transmission techniques). The series of computer instructions embodies all or part of the functionality previously described herein with respect to the invention. Those skilled in the art should appreciate that such computer instructions can be written in a number of programming languages for use wi h many computer architectures or operating systems. Furthermore, such instructions may be; stored in any memory device, such as semiconductor, magnetic, optical or other memory deviices, and may be transmitted using any communications technology, such as optical, infrared., microwave, or other transmission technologies. It is expected that such a computer program product may be distributed as a removable media with accompanying printed or electronic; documentation (e.g., shrink wrapped software), preloaded with a computer system (e.g., on system ROM or fixed disk), or distributed from a server or electronic bulletin board over a network (e.
g., the Internet or World Wide Web).
The inventive default VLAN thus prevents leakage to other VLANs by transmitting received data packets to default VLAN ports only. Security thus is ensured for data packets transmitted to the default VLAN. Furthermore, the initial size and scope of the default VLAN is increased by enabling the enable switch 24, during manufacture, to interconnect each of the switches 16 connected to the hub 12.
.. ~ ..
- ~~~ ; , ., . . . . . . .
tag, through any of the other, non-default VLAN ports.
The invention may be implemented by means of a programmable logic chip within the one or more switches 16 used for the invention. The invention may also be implemented as firmware stored within those switches 16. Both implementations may be programmed by conventional methods.
In an alternative embodiment, the invention may be implemented as a computer program product for use with a computer system. Such implementation may include a series of computer instructions fixed either on a tangible mediunn, such as a computer readable media (e.g. diskette, CD-ROM, ROM, or fixed disk) or transmittable to a computer system, via a modem or other interface device, such as communications adapter connected to the network over a medium. The medium may be either a tangible medium (e.g., optical or analog communications lines) or a medium implemented with wireless techniques (e.g., microwave, infrared or other transmission techniques). The series of computer instructions embodies all or part of the functionality previously described herein with respect to the invention. Those skilled in the art should appreciate that such computer instructions can be written in a number of programming languages for use wi h many computer architectures or operating systems. Furthermore, such instructions may be; stored in any memory device, such as semiconductor, magnetic, optical or other memory deviices, and may be transmitted using any communications technology, such as optical, infrared., microwave, or other transmission technologies. It is expected that such a computer program product may be distributed as a removable media with accompanying printed or electronic; documentation (e.g., shrink wrapped software), preloaded with a computer system (e.g., on system ROM or fixed disk), or distributed from a server or electronic bulletin board over a network (e.
g., the Internet or World Wide Web).
The inventive default VLAN thus prevents leakage to other VLANs by transmitting received data packets to default VLAN ports only. Security thus is ensured for data packets transmitted to the default VLAN. Furthermore, the initial size and scope of the default VLAN is increased by enabling the enable switch 24, during manufacture, to interconnect each of the switches 16 connected to the hub 12.
.. ~ ..
- ~~~ ; , ., . . . . . . .
-6-While the invention has been shown and described above with respect to various preferred embodiments, it will be apparent that the foregoing and other changes of the form and detail may be made therein by one skilled in the art without departing from the scope of the invention. These and other obvious modifications are intended to be covered by the following claims. ' What is claimed is:
A~AENDED SHEET
A~AENDED SHEET
Claims (6)
- A system to implement a port-based default VLAN formed on one or more interconnected networking switches (16), each switch (16) having one or more switch ports (18), all of the switch ports collectively being a plurality of switch ports, the default VLAN being defined by a first subset comprising one or more of the plurality of switch ports, the defined subset of the one or more of the plurality of switch ports being default VLAN ports, at least one of the plurality of switch ports not in the first subset of switch ports defining a second VLAN, the system comprising:
means for receiving a data packet (26) through one of the default VLAN
ports (1,2);
means for ascertaining a destination port from the received data packet, the destination port being one of.the plurality of switch ports;
means for determining whether the destination port is one of the default VLAN ports;
first means, responsive to the determining means, for transmitting the data packet to the destination port when the determining means determines that the destination port is one of the default VLAN ports; and second means, responsive to the determining means, for transmitting the data packet only to each of the other default VLAN ports when the determining means determines that the destination port is not one of the default VLAN
ports, wherein the at least one switch port defining the second VLAN is free from receiving the data packet. - 2. The system as defined by claim 1 wherein the data packet (26) includes a header (28) and the ascertaining means ascertains the destination port from the packet header.
- 3. The system as defined in claim 1 further including means for tagging the data packet as being in the default VLAN.
- 4. A method of limiting broadcast messages from a port-based default VLAN, the default VLAN formed on one or more interconnected networking switches (16), each switch having one or more switch ports (18), all of the switch ports collectively being a plurality of switch ports, the default VLAN being defined by a first subset comprising one or more of the plurality of switch ports, the defined first subset of one air more of tha plurality of switch ports being default VLAN ports, at least one of the plurality of switch ports not in the first subset of switch ports defining a second VLAN, the method comprising:
receiving a data packet through one of the default VLAN ports;
ascertaining (400) a destination port from the data packet, the destination port being one of the plurality of switch ports;
determining (402) whether the ascertained destination port is one of the default VLAN ports;
transmitting (404) the data packet to the destination port when the destination port is one of the default VLAN ports; and only transmitting (406) the data packet to each of the other default VLAN
ports when the destination port is not one of the default VLAN ports. - 5. The method as defined by claim 4 further including:
tagging tht data packet as being in the default VLAN. - 6. A data network assembly (10) comprising:
a hub (12) having at least two networking switches (16) connected thereto, each switch having one or more switch ports (18);
a bus (20) in the hub;
an enable switch (24) to electrically connect each of the switch ports to the bus;
means for defining a subset of the switch ports as a default VLAN; and means for transmitting packets received an one of the switch ports of the defined subset only to the other switch ports of the defined subset so as to prevent transmission to switch ports that are not in the default VLAN.
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US08/774,541 US6128665A (en) | 1996-12-30 | 1996-12-30 | System for broadcasting messages to each of default VLAN ports in subset of ports defined as VLAN ports |
US08/774,541 | 1996-12-30 | ||
PCT/US1997/024180 WO1998029985A1 (en) | 1996-12-30 | 1997-12-30 | Port based default virtual local area network |
Publications (2)
Publication Number | Publication Date |
---|---|
CA2276206A1 CA2276206A1 (en) | 1998-07-09 |
CA2276206C true CA2276206C (en) | 2002-12-24 |
Family
ID=25101556
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CA002276206A Expired - Lifetime CA2276206C (en) | 1996-12-30 | 1997-12-30 | Port based default virtual local area network |
Country Status (6)
Country | Link |
---|---|
US (1) | US6128665A (en) |
EP (1) | EP0948853B1 (en) |
AU (1) | AU715953B2 (en) |
CA (1) | CA2276206C (en) |
DE (1) | DE69730447T2 (en) |
WO (1) | WO1998029985A1 (en) |
Families Citing this family (35)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5684800A (en) * | 1995-11-15 | 1997-11-04 | Cabletron Systems, Inc. | Method for establishing restricted broadcast groups in a switched network |
US6469987B1 (en) * | 1998-01-13 | 2002-10-22 | Enterasys Networks, Inc. | Virtual local area network with trunk stations |
US6301224B1 (en) * | 1998-01-13 | 2001-10-09 | Enterasys Networks, Inc. | Network switch with panic mode |
BR9909650A (en) * | 1998-03-13 | 2002-03-05 | Omnes | Computer network and process for providing network services through a common interface |
US6609153B1 (en) | 1998-12-24 | 2003-08-19 | Redback Networks Inc. | Domain isolation through virtual network machines |
US6996612B1 (en) * | 1999-12-30 | 2006-02-07 | Vignette Corporation | Method of providing information related to activity of a user and a data processing system program product |
US6865574B1 (en) * | 2000-06-02 | 2005-03-08 | Vignette Corporation | Method for client-side personalization |
US7860969B2 (en) * | 2000-06-02 | 2010-12-28 | Vignette Software Llc | Method for continuous, frame-specific click-stream recording |
US7251687B1 (en) | 2000-06-02 | 2007-07-31 | Vignette Corporation | Method for click-stream analysis using web directory reverse categorization |
US7155506B1 (en) * | 2000-06-02 | 2006-12-26 | Vignette Corporation | Method for continous, frame-specific click-stream recording |
US7660869B1 (en) * | 2000-08-21 | 2010-02-09 | Vignette Software, LLC | Network real estate analysis |
US7194506B1 (en) | 2000-12-21 | 2007-03-20 | Vignette Corporation | Method and system for cache management of locale-sensitive content |
US6892377B1 (en) | 2000-12-21 | 2005-05-10 | Vignette Corporation | Method and system for platform-independent file system interaction |
US7203768B2 (en) * | 2000-12-22 | 2007-04-10 | Intel Corporation | Managing network traffic using hashing functions |
US20020165755A1 (en) * | 2001-03-29 | 2002-11-07 | Kitts Brendan J. | Method of predicting behavior of a customer at a future date and a data processing system readable medium |
US20040213254A1 (en) * | 2001-06-29 | 2004-10-28 | Yu-Lin Hwang | Method for servicing subscribers by utilizing virtual LAN on ATU-R of ADSL |
US7197474B1 (en) | 2001-07-12 | 2007-03-27 | Vignette Corporation | Method of modeling product demand subject to a large number of interactions |
US8307045B1 (en) | 2001-08-22 | 2012-11-06 | Open Text S.A. | System and method for creating target-specific data conversion templates using a master style template |
US7389359B2 (en) * | 2001-10-19 | 2008-06-17 | Foundry Networks, Inc. | Method and system for intelligently forwarding multicast packets |
US7411948B2 (en) * | 2001-10-29 | 2008-08-12 | General Electric Company | Ethernet switch |
US7194003B2 (en) * | 2001-10-29 | 2007-03-20 | General Electric Company | Ethernet switch and system |
US7657619B1 (en) * | 2001-11-13 | 2010-02-02 | Extreme Networks, Inc. | Method and system for maintaining a loop-free topology across multiple spanning trees in a virtual local area network |
US7877483B1 (en) * | 2002-10-28 | 2011-01-25 | Cisco Technology, Inc. | Virtual local area network pruning protocol |
US6930878B2 (en) * | 2002-11-26 | 2005-08-16 | Ge Medical Systems Information Technologies, Inc. | Computer-equipped mobility device |
DE10319323B3 (en) * | 2003-04-29 | 2004-12-16 | Siemens Ag | Method for automatic configuration of a communication device |
CN100471106C (en) * | 2003-04-29 | 2009-03-18 | 华为技术有限公司 | Method for isolating network according to port aggregations |
US7761589B1 (en) | 2003-10-23 | 2010-07-20 | Foundry Networks, Inc. | Flow control for multi-hop networks |
US7639608B1 (en) | 2003-10-23 | 2009-12-29 | Foundry Networks, Inc. | Priority aware MAC flow control |
US7581249B2 (en) * | 2003-11-14 | 2009-08-25 | Enterasys Networks, Inc. | Distributed intrusion response system |
US7379443B2 (en) * | 2004-07-16 | 2008-05-27 | Motorola, Inc. | Method of dynamic management of a virtual local area network (VLAN) in a wireless ad hoc network |
US7477844B2 (en) * | 2004-12-17 | 2009-01-13 | Fujitsu Limited | Method and system for utilizing virtual local access network addressing in optical networks |
US7804832B2 (en) * | 2006-02-13 | 2010-09-28 | Cisco Technology, Inc. | Method and system for simplified network wide traffic and/or flow monitoring in a data network |
US8490161B2 (en) | 2008-01-07 | 2013-07-16 | Commscope Inc., Of North Carolina | Methods, systems and computer program products for provisioning VLAN services in a network |
US7978607B1 (en) * | 2008-08-29 | 2011-07-12 | Brocade Communications Systems, Inc. | Source-based congestion detection and control |
CN110401606A (en) * | 2018-04-24 | 2019-11-01 | 北京码牛科技有限公司 | Network depth message processing method and device |
Family Cites Families (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US4823338B1 (en) * | 1987-08-03 | 1998-11-10 | At & T Information Systems Inc | Virtual local area network |
US5394402A (en) * | 1993-06-17 | 1995-02-28 | Ascom Timeplex Trading Ag | Hub for segmented virtual local area network with shared media access |
US5613069A (en) * | 1994-12-16 | 1997-03-18 | Tony Walker | Non-blocking packet switching network with dynamic routing codes having incoming packets diverted and temporarily stored in processor inputs when network ouput is not available |
US5734865A (en) * | 1995-06-07 | 1998-03-31 | Bull Hn Information Systems Inc. | Virtual local area network well-known port routing mechanism for mult--emulators in an open system environment |
US5752003A (en) * | 1995-07-14 | 1998-05-12 | 3 Com Corporation | Architecture for managing traffic in a virtual LAN environment |
US5684800A (en) * | 1995-11-15 | 1997-11-04 | Cabletron Systems, Inc. | Method for establishing restricted broadcast groups in a switched network |
US5740171A (en) * | 1996-03-28 | 1998-04-14 | Cisco Systems, Inc. | Address translation mechanism for a high-performance network switch |
US5742604A (en) * | 1996-03-28 | 1998-04-21 | Cisco Systems, Inc. | Interswitch link mechanism for connecting high-performance network switches |
-
1996
- 1996-12-30 US US08/774,541 patent/US6128665A/en not_active Expired - Lifetime
-
1997
- 1997-12-30 CA CA002276206A patent/CA2276206C/en not_active Expired - Lifetime
- 1997-12-30 EP EP97953551A patent/EP0948853B1/en not_active Expired - Lifetime
- 1997-12-30 DE DE69730447T patent/DE69730447T2/en not_active Expired - Lifetime
- 1997-12-30 WO PCT/US1997/024180 patent/WO1998029985A1/en active IP Right Grant
- 1997-12-30 AU AU57276/98A patent/AU715953B2/en not_active Expired
Also Published As
Publication number | Publication date |
---|---|
CA2276206A1 (en) | 1998-07-09 |
AU5727698A (en) | 1998-07-31 |
AU715953B2 (en) | 2000-02-10 |
EP0948853B1 (en) | 2004-08-25 |
DE69730447D1 (en) | 2004-09-30 |
US6128665A (en) | 2000-10-03 |
DE69730447T2 (en) | 2005-09-01 |
WO1998029985A1 (en) | 1998-07-09 |
EP0948853A1 (en) | 1999-10-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CA2276206C (en) | Port based default virtual local area network | |
EP1408656B1 (en) | Method and device for transparent LAN services | |
RU2373655C2 (en) | Devices, provided for transportation, oriented for path setting in communication network with packets switching | |
AU674300B2 (en) | System of extending network resources to remote networks | |
US8767749B2 (en) | Method and system for transparent LAN services in a packet network | |
US6639917B1 (en) | Converged service for interconnected local area networks | |
EP1408655A2 (en) | Method and device for double tagging of data packets | |
US20110228786A1 (en) | System and method for registering and un-registering membership in virtual local area networks | |
JP4381639B2 (en) | Apparatus and method in a switched telecommunications system | |
CN100518128C (en) | Multi-point to multi-point VPN interconnecting method, system and device in PBT network | |
CN101453401A (en) | Ethernet bridge equipment, MAC address learning method and data packet transmission method | |
CN102932228A (en) | Communication method, device and system for TRILL (Transparent Interconnection of Lots of Links) network | |
Cisco | Virtual LANs | |
Cisco | Virtual LANs | |
Cisco | ||
Cisco | ||
Cisco | ||
Cisco | ||
Cisco | ||
Cisco | ||
Cisco | ||
Cisco | Configuring VLANs | |
Cisco | Configuring VLANs | |
Cisco | Configuring VLANs | |
Cisco | Configuring VLANs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
EEER | Examination request | ||
MKEX | Expiry |
Effective date: 20180102 |