Table of contents
VLAN: virtual local area network
Interface Assignment Link Type
Communication across network segments
VLAN : virtual local area network
LAN: local area network
MAN: Metropolitan Area Network
WAN: wide area network
1. A VLAN is equivalent to a broadcast domain
VLAN: After routers and switches work together, a broadcast domain is logically decapsulated into multiple virtual broadcast domains.
View VLAN: [SW1] display v lan
2. Configuration
Create VLANs:
VID-VLANID is used to distinguish and identify different VLANs ( distinguish and identify different broadcast domains )
Binary composition, 12-bit binary composition 4096, which can be created is 1-4094, of which 0 and 4095 are generally reserved and configuration is not allowed.
IEEE developed the 802.1Q standard
[SW1]vlan ?
INTEGER<1-4094> VLAN ID
batch Batch process batch batch creation (batch 6 to 100 create 6~100)
[SW1] undo vlan batch 6 to 100 batch delete VLAN
Divide the interface into the corresponding VLAN
VLAN types:
1) Dividing the interface into the corresponding VLAN is equivalent to establishing a mapping relationship between the interface and the VLAN (binding with the interface) , thereby realizing the division of the VLAN ( one layer of VLAN/ physical VLAN ).
2) Bind VLAN and MAC address to realize VLAN division ( Layer 2 VLAN ).
3) Because there is a type field in the Ethernet frame. Therefore, according to different IP traffic ( IPV4/IPV6 ) , the corresponding VLAN can be mapped to realize the division of VLAN ( three-layer VLAN )
IEEE 802.1Q frame format:
Data frame carrying a label : Because the original Ethernet frame structure does not have a place to insert the VID, IEEE developed a new frame structure (802.1Q), which inserts a 4-byte field between the source MAC and type fields. This field Contains (VID), we call this frame structure carrying the VLAN tag a TAG frame (802.1Q frame)
Interface Assignment Link Type
[SW1-GigabitEthernet0/0/1]port link-type access - specifies that the link of Access type transmits traffic without labels
The interface connected to the switch and the PC is Access
[SW1-GigabitEthernet0/0/2]port link-type ?
access Access port does not carry label traffic
dot1q-tunnel QinQ port
hybrid Hybrid port
Trunk Trunk port The traffic going out from this interface carries labels
Interface division VLAN
[SW1-GigabitEthernet0/0/1]port default vlan 2
As shown in the figure, the VLAN2 of the switch on the left and the VLAN2 on the right are the same virtual broadcast domain
The configuration command enables the link between the switches to allow the commands of VLAN1 and VLAN2 to pass through
[SW1-GigabitEthernet0/0/5]port link-type trunk
[SW1-GigabitEthernet0/0/5]port trunk allow-pass vlan 2 3
Communication across network segments
Communication across network segments: routing is required
The link type between the switch and the router is configured as Trunk (if this link carries traffic of multiple VLANs )
[r1]interface GigabitEthernet /0/0/0.1
Because a physical interface cannot serve multiple broadcast domains at the same time, a virtual interface-sub-interface is designed
[Huawei-GigabitEthernet0/0/ 0.1 ] dot1q termination vid 2 allows the sub-interface of the router to serve a certain VLAN
[r1-GigabitEthernet0/0/0.1] arp broadcast enable - open the ARP broadcast function
