Supporting Multiple VLANs on a Single Trunk
ISL trunking protocol

Inter Switch Link (ISL) is a Cisco proprietary protocol option for configuring Layer 2 trunk links. It is the original standard for trunking between switches and pre-dates IEEE trunking standards. ISL takes original Layer 2 frames and encapsulates them with a new header and trailer before placing them on the trunk link.

Because an entirely new header is appended to the original frame, the header offers some features not found in 802.1Q, an alternate trunking protocol.

The following are some benefits of the ISL protocol:

  • It supports multiple Layer 2 protocols (Ethernet, Token Ring, FDDI and ATM).
  • It supports Per VLAN Spanning Tree Protocol
  • Encapsulation process leaves original frames unmodified, less prone to error and more secure.
  • It has a large installation base.

The ISL Encapsulation Process
When a switch port is configured as an ISL trunk port, the entire original Layer 2 frame, including header and FCS trailer, will be encapsulated before it traverses the trunk link. Encapsulation is the process of placing an additional header in the front and a trailer at the end of the original Layer 2 frame. The ISL header will contain the VLAN ID of the VLAN where the frame originated. At the receiving end, the VLAN ID is read, the header and trailer are removed and the original frame is forwarded as any regular Layer 2 frame on that VLAN.

Only ISL trunk ports can properly receive ISL encapsulated frames. A non-ISL port receiving an ISL frame may consider the frame size to be invalid or not recognize the fields in the header. The frame will likely be dropped and counted as a transmission error when received by a non-ISL port.

ISL Header
The ISL header contains various fields with values that define attributes of the original Layer 2 data within the encapsulated frame. This information is used for forwarding, media identification, and VLAN identification. The population of the fields within the ISL header varies based on the type of VLAN and the media of the link. The ASIC on an Ethernet port encapsulates the frames with a 26-byte ISL header and a 4-byte FCS. This 30-byte ISL encapsulation overhead is consistent among the Layer 2 protocols supported on Catalyst switches, but the overall size of the frame will vary and be limited by the MTU of the original Layer 2 protocol.

The ISL Ethernet frame header contains these information fields:

  • DA (destination address) – 40-bit destination address. This is a multicast address and is set at 0x01-00-0C-00-00 or 0x03-00-0c-00-00. The first 40 bits of the DA field signal the receiver that the packet is in ISL format.
  • TYPE – Four-bit descriptor of the encapsulated frame types: Ethernet (0000), Token Ring (0001), FDDI (0010), and ATM (0011).
  • USER – Four-bit descriptor used as the TYPE field extension or to define Ethernet priorities; it is a binary value from 0, the lowest priority, to 3, the highest priority. The default USER field value is "0000." For Ethernet frames, the USER field bits "0" and "1" indicate the priority of the packet as it passes through the switch.
  • SA (source address) – 48-bit source MAC address of the transmitting Catalyst switch port.
  • LEN (length) – 16-bit frame-length descriptor minus DA, TYPE, USER, SA, LEN, and CRC.
  • AAAA03 – Standard Subnetwork Access Protocol (SNAP) 802.2 logical link control (LLC) header.
  • HSA (high bits of source address) – First three bytes of the SA (manufacturer or unique organizational ID).
  • VLAN ID – 15-bit VID. Only the lower 10 bits are used for 1024 VLANs.
  • BPDU (bridge protocol data unit) – One-bit descriptor identifying whether the frame is a spanning tree BPDU. It also identifies if the encapsulated frame is a CDP or VTP frame and indicates if the frame should be sent to the control plane of the switch.
  • INDX (index) – Indicates the port index of the source of the packet as it exits the switch. It is used for diagnostic purposes only and may be set to any value by other devices. It is a 16-bit value and is ignored in received packets.
  • ENCAP FRAME – Encapsulated data packet, including its own CRC value, completely unmodified. The internal frame must have a CRC value that is valid when the ISL encapsulation fields are removed. A receiving switch may strip off the ISL encapsulation fields and use this ENCAP FRAME field as the frame is received (associating the appropriate VLAN and other values with the received frame as indicated for switching purposes).

ISL Trailer
The trailer portion of the ISL encapsulation is an FCS, which carries a CRC value calculated on the original frame plus the ISL header as the ISL frame was placed onto the trunk link. The receiving ISL port recalculates this value. If the CRC values do not match, the frame is discarded. If the values match, the switch discards the FCS as a part of removing the ISL encapsulation so that the original frame can be processed. The ISL Trailer consists of these fields:

  • FCS (frame check sequence) – Consists of four bytes. This sequence contains a 32-bit CRC value, which is created by the sending MAC and is recalculated by the receiving MAC to check for damaged frames. The FCS is generated over the DA, SA, LEN, TYPE, and Data fields. When an ISL header is attached, a new FCS is calculated for the entire ISL packet and added to the end of the frame.
  • RES (reserved) – 16-bit reserved field used for additional information, such as the FDDI frame control field.

Web Links