Ingress checking, Broadcast storm control and vlans – Intel ZT8101 User Manual

ZT8101 User’s Manual

33

Switch Management and Operating Concepts

A global flag controls the switch’s ability to participate in dynamically configured VLANs. If the
GVRP flag is enabled, ports can dynamically register to be a member of a VLAN. If the flag is
disabled, only statically configured ports can be members of VLANs.

The default value is disabled.

Ingress Checking

An ingress port is a port on a switch where packets are flowing into the switch and VLAN
forwarding decisions must be made. Packets are forwarded according to the following rules:

•

If ingress checking is disabled on a port, the switch forwards all incoming tagged frames, even
when the receiving port is not a member of the destination VLAN of the frame.

•

If ingress checking is enabled on a port, the switch examines the VLAN information in the
packet header (if present) and decides whether to forward the packet.

When ingress checking is enabled, the switch uses different rules based on whether the incoming
packet is tagged. If the packet is tagged with VLAN information, the ingress port uses the
following rules to determine whether to forward the packet.

•

It determines if the ingress port itself is a member of the tagged VLAN. If it is not, the packet
is dropped.

•

If the ingress port is a member of the 802.1Q VLAN, the switch determines if the destination
port is a member of the 802.1Q VLAN. If it is not, the packet is dropped.

•

If the destination port is a member of the 802.1Q VLAN, the packet is forwarded, and the
destination port transmits it to its attached network segment.

If the packet is not tagged with VLAN information, the ingress port tags the packet with its own
PVID as a VID (if the port is a tagging port). It then uses the following rules to determine whether
to forward the packet:

•

If the destination port is a member of the same VLAN (has the same VID) as the ingress port,
the packet is forwarded, and the destination port transmits it on its attached network segment.

•

If it is not a member of the same VLAN, the packet is dropped.

This process is used to conserve bandwidth within the switch by dropping packets that are not on
the same VLAN as the ingress port at the point of reception. This eliminates the subsequent
processing of packets that will just be dropped by the destination port.

Broadcast Storm Control and VLANs

The ZT8101 switch has broadcast sensors and filters built into each port to control broadcast
storms, but VLANs can also be used to segment broadcast domains. They do this by forwarding
packets only to ports that are members of the same VLAN. Other parts of the network are
effectively shielded. Thus, the smaller the broadcast domain, the smaller effect a broadcast storm
will have. Because VLANs are implemented at each switch port, they can be quite effective in
limiting the scope of broadcast storms.