VLANs – Network Implementation – ANS-C01 Study Guide

VLANs

Virtual local area networks (VLANs) are widely implemented in all types of data networks. A VLAN is defined as being a logical overlay network on a LAN that has IEEE 802.1Q addressing to group, a subset of devices, sharing a physical LAN with other devices, isolating the traffic for each VLAN.

VLANs are used in most AWS network offerings including the DX interconnections where they are used to stamp individual packets traversing between devices to identify which layer 2 networks they belong to. VLANs range in identifiers from 1 to 4,095, which are numbers that identify which network, or VLAN, a frame belongs to as it passes from one piece of networking equipment to another, as shown in Figure 6.5.

FIGURE 6.5 802.1Q VLAN identifiers

VLANs are defined in the IEEE 802.1Q standard, which is often shortened to “dot1q” in conversations. 802.1Q adds a VLAN header in the frame so that a single network interface can support thousands of different networks over the same media. In addition to the VLAN membership identifier, there is also a priority field to identify the quality-of-service requirements of the frame.

VLANs define the virtual interfaces (VIFs) in a Direct Connect facility.

Link Aggregation

The concept of bundling two or more interfaces into one single, faster channel is referred to as link aggregation. Some vendors call the links link aggregation groups, while others refer to them as port aggregation or port channels. LAGs are the actual grouping of interfaces, and LACP is the protocol used to create the groups. This may be a bit confusing, but just remember that there are LAG groups that get created using the Link Aggregation Control Protocol (LACP). LACP is defined in the IEEE 802.3ad standard as a method to control the bundling of two or more physical network links together to form a logical channel for increased bandwidth and redundancy purposes.

Bundling several physical links into a single logical link is used between switches in a DX facility to achieve higher speeds than a single interface could support and to provide link redundancy in the case of a physical link failure. Up to eight links can be aggregated into a LAG to create a single virtual link. LAGs are also used for resiliency. For example, if there are eight links in a group and two are lost, the other six will still be available to pass traffic. However, the total bandwidth will be less. You must use link aggregation to connect multiple ports between devices. Without using link aggregation, the spanning tree would shut down all but one link to prevent loops, defeating the purpose of creating the group.

Link aggregation can also be used between larger servers or blade chassis, network switches, and routers. LAG groups combine multiple links into a single logical link that is treated as a single logical connection. When configuring the LAG interface, the configuration applies to all interfaces in the bundle. As a rule, LAG groups are allowed only between switch-to-switch connections and not allowed to be split across multiple switches. There are exceptions and special architectures that support split LAG connections but are beyond the scope of the AWS Advanced Networking exam.

When traffic flows across the LAG, the packets for each flow will traverse only one of the active links. This implies that the frames do not get split up and are load balanced across all the interfaces in the group. This is done for several reasons, including the latency required to dissemble and reassemble the frames at each end, and if the load balancing is at the packet level, there is a possibility that the frames could arrive out of order at the receiving device. There are multiple methods to distribute the flows across the interfaces that are based on hashing the source/destination MAC or IP addresses, or a combination of the two and then assigning the flow to a specific physical interface. This implies that the maximum rate per flow is the rate of each individual interface and not the sum of the links in the LAG.

When configuring an LAG, make sure that all interfaces have the same settings before adding them to the group. Use the same link speeds, duplex settings, allowed VLANs (if it is layer 2), and the native VLAN. If there is a mismatch, the group may not form, or it may form and have issues. None of the ports in the channel should be manually shut down.