This chapter describes the required and optional tasks for configuring routing between VLANs with IEEE 802.10 encapsulation. For a complete description of VLAN commands used in this chapter, refer to the "Cisco IOS Switching Commands" chapter in the Cisco IOS Switching Services Command Reference. For documentation of other commands that appear in this chapter, you can use the command reference master index or search online.
The IEEE 802.10 standard provides a method for secure bridging of data across a shared backbone. It defines a single frame type known as the Secure Data Exchange (SDE), a MAC-layer frame with an IEEE 802.10 header inserted between the MAC header and the frame data. A well-known Logical Link Control Service Access Point notifies the switch of an incoming IEEE 802.10 frame. The VLAN ID is carried in the 4-byte Security Association Identifier (SAID) field.
HDLC Serial links can be used as VLAN trunks in IEEE 802.10 virtual LANs to extend a virtual topology beyond a LAN backbone.
AppleTalk can be routed over virtual LAN (VLAN) subinterfaces using the ISL or IEEE 802.10 VLAN encapsulation protocols. The AppleTalk Routing over IEEE 802.10 Virtual LANs feature provides full-feature Cisco IOS software AppleTalk support on a per-VLAN basis, allowing standard AppleTalk capabilities to be configured on VLANs.
AppleTalk users can now configure consolidated VLAN routing over a single VLAN trunking interface. Prior to introduction of this feature, AppleTalk could be routed only on the main interface on a LAN port. If AppleTalk routing was disabled on the main interface or if the main interface was shut down, the entire physical interface would stop routing any AppleTalk packets. With this feature enabled, AppleTalk routing on subinterfaces will be unaffected by changes in the main interface with the main interface in the "no-shut" state.
To route AppleTalk over IEEE 802.10 between VLANs, you need to create the environment in which it will be used by customizing the subinterface. Perform these tasks in the order in which they appear:
To enable AppleTalk routing on IEEE 802.10 interfaces, use the following command in global configuration mode:
Enable AppleTalk routing globally.
After you enable AppleTalk globally and define the encapsulation format, you need to enable it on the subinterface by specifying the cable range and naming the AppleTalk zone for each interface. To enable the AppleTalk protocol on the subinterface, use the following commands in interface configuration mode:
Assign the AppleTalk cable range and zone for the subinterface.
Assign the AppleTalk zone for the subinterface.
To define the VLAN encapsulation format as either ISL or 802.10, use the following commands in interface configuration mode:
Specify the subinterface the VLAN will use.
Define the encapsulation format as IEEE 802.10 (sde) and specify the VLAN identifier or security association identifier, respectively.
The configuration example illustrated in Figure 28 shows AppleTalk being routed between different ISL and IEEE 802.10 VLAN encapsulating subinterfaces.
As shown in Figure 28, AppleTalk traffic is routed to and from switched VLAN domains 3, 4, 100, and 200 to any other AppleTalk routing interface. This example shows a sample configuration file for the Cisco 7500 series router with the commands entered to configure the network shown in Figure 28.
! interface Fddi 1/0.100 encapsulation sde 100 appletalk cable-range 100-100 100.2 appletalk zone 100 ! interface Fddi 1/0.200 encapsulation sde 200 appletalk cable-range 200-200 200.2 appletalk zone 200 ! interface FastEthernet 2/0.3 encapsulation isl 3 appletalk cable-range 3-3 3.2 appletalk zone 3 ! interface FastEthernet 2/0.4 encapsulation isl 4 appletalk cable-range 4-4 4.2 appletalk zone 4 !