One-arm routing (router-on-a-stick) refers to configuring sub-interfaces (or "logical interfaces" without real physical interfaces) on an interface of a router to realize different VLANs (virtual interfaces) that were originally isolated from each other. LAN) interconnection between.
Subinterface for one-arm routing
A router's physical interface can be divided into multiple logical interfaces, and these divided logical interfaces are vividly called sub-interfaces. It should be noted that these logical sub-interfaces cannot be enabled or disabled independently, that is, when a physical interface is enabled or disabled, all sub-interfaces of the interface are also enabled or disabled.
Advantages and disadvantages
VLAN can effectively divide the local area network and realize the access control between various network areas. But in reality, it is often necessary to configure the interconnection between certain VLANs. For example, your company is divided into leadership , sales department, finance department, human resources department, technology department, and audit department, and different VLANs are configured for different departments. The departments cannot communicate with each other, effectively ensuring the information security of each department. . However, it often happens that the leadership needs to access other departments across VLANs, and this function is realized by single-arm routing.
Advantages: Realize communication between different vlans, help to understand and learn VLAN principles and sub-interface concepts.
Disadvantages: It is easy to become a single point of failure in the network, the configuration is slightly complicated, and the practical significance is not great.
Experimental case
PC1:
IP地址:192.168.1.1
子网掩码:255.255.255.0
网关:192.168.1.254
PC2:
IP地址:192.168.1.2
子网掩码:255.255.255.0
网关:192.168.1.254
PC3:
IP地址:192.168.2.1
子网掩码:255.255.255.0
网关:192.168.2.254
PC4:
IP地址:192.168.2.2
子网掩码:255.255.255.0
网关:192.168.2.254SW1:
<Huawei>system-view
[Huawei]undo info-center enable
[Huawei]sysname SW1
[SW1]vlan batch 10 20
[SW1]int e0/0/1
[SW1-Ethernet0/0/1]port link-type access
[SW1-Ethernet0/0/1]port default vlan 10
[SW1-Ethernet0/0/1]int e0/0/2
[SW1-Ethernet0/0/2]port link-type access
[SW1-Ethernet0/0/2]port default vlan 10
[SW1-Ethernet0/0/2]int e0/0/3
[SW1-Ethernet0/0/3]port link-type access
[SW1-Ethernet0/0/3]port default vlan 20
[SW1-Ethernet0/0/3]int e0/0/4
[SW1-Ethernet0/0/4]port link-type access
[SW1-Ethernet0/0/4]port default vlan 20
[SW1-Ethernet0/0/4]int e0/0/5
[SW1-Ethernet0/0/5]port link-type trunk
[SW1-Ethernet0/0/5]port trunk allow-pass vlan all
[SW1-Ethernet0/0/5]quit
[SW1]quit
<SW1>saveR1:
<Huawei>system-view
[Huawei]undo info-center enable
[Huawei]sysname R1
[R1]int e0/0/0.1
[R1-Ethernet0/0/0.1]dot1q termination vid 10
[R1-Ethernet0/0/0.1]ip add 192.168.1.254 24
[R1-Ethernet0/0/0.1]arp broadcast enable
[R1-Ethernet0/0/0.1]int e0/0/0.2
[R1-Ethernet0/0/0.2]dot1q termination vid 20
[R1-Ethernet0/0/0.2]ip add 192.168.2.254 24
[R1-Ethernet0/0/0.2]arp broadcast enable
[R1-Ethernet0/0/0.2]quit
[R1]quit
<R1>save