[HCIA] 10. Communication between VLANs

Language 2023-07-18 17:36:58 views: null

The solution to the communication between VLANs

Use the router's physical interface

  • The Layer 3 interface of the router acts as a gateway, forwarding traffic from this network segment to other network segments.
  • The Layer 3 interface of the router cannot process data frames carrying VLAN tags, so the interface connected to the router on the switch needs to be configured as Access.
  • A physical interface of a router is used as a gateway of a VLAN, so a VLAN needs to occupy a physical interface of a router.
  • As a Layer 3 forwarding device, the router has a small number of interfaces, and the scalability of the solution is too poor.

Using router subinterfaces (one-arm routing)

  • R1 uses a physical interface (GE0/0/1) to interface with switch SW1, and creates two sub-interfaces based on the physical interface: GE0/0/1.10 and GE0/0/1.20, and use these two sub-interfaces as VLAN 10 and VLAN respectively 20 for the default gateway.
  • Because the Layer 3 sub-interface does not support VLAN packets, when it receives VLAN packets, it will discard the VLAN packets as illegal packets. Therefore, the VLAN Tag needs to be stripped from the sub-interface, that is, VLAN Termination is required.
[Huawei]int g0/0/0.10 
[Huawei-GigabitEthernet0/0/0.10]dot1q termination vid 10 
[Huawei-GigabitEthernet0/0/0.10]arp broadcast enable 
[Huawei-GigabitEthernet0/0/0.10]ip add gateway address mask[Huawei]int g0/0/0.10
[Huawei-GigabitEthernet0/0/0.10]dot1q termination vid 10
[Huawei-GigabitEthernet0/0/0.10]arp broadcast enable 
[Huawei-GigabitEthernet0/0/0.10]ip add 网关地址 掩码
  • Use the interface interface-typeinterface-number.sub-interface number command to create a sub-interface. The sub-interface number represents the logical interface channel in the physical interface. Generally, for easy memory, the sub-interface ID is the same as the VLAN ID to be terminated.
  • Use the dot1q termination vid command to configure the single-layer VLAN ID for Dot1q termination on a sub-interface. By default, no single-layer VLAN ID for dot1q termination is configured on a sub-interface. Use the arp broadcast enable command to enable the ARP broadcast function on the termination sub-interface. By default, the ARP broadcast function is not enabled on the termination sub-interface. Terminating sub-interfaces cannot forward broadcast packets, and they discard the broadcast packets directly after receiving them. To allow the termination sub-interface to forward broadcast packets, you can execute this command on the sub-interface.
  • The essence of subinterface-terminated VLAN includes two aspects:
    • After the packet is received by the interface, the VLAN tag is stripped and then Layer 3 forwarding or other processing is performed.
    • For the packets sent by the interface, add the corresponding VLAN tag to the packets before sending them.

Using VLANIF Technology to Realize Inter-VLAN Communication

  • A Layer 2 switch refers to a switch that only has Layer 2 switching functions.
  • A Layer 3 switch (Layer 3 Switch) not only has the functions of a Layer 2 switch, but also supports routing and forwarding through a Layer 3 interface (such as a VLANIF interface).
  • A VLANIF interface is a layer-3 logical interface that supports stripping and adding of VLAN Tags, so the communication between VLANs can be realized through the VLANIF interface.
  • The VLANIF interface number is the same as the corresponding VLAN ID, for example, VLAN 10 corresponds to VLANIF 10.

VLANIF forwarding process

  1. Assume that corresponding ARP or MAC entries already exist on the PC and the Layer 3 switch.
  2. The communication process between PC1 and PC2 is as follows:
  3. PC1 calculates through the local IP address, local mask, and peer IP address, and finds that the destination device PC2 is not in the same network segment as itself, judges that the communication is Layer 3 communication, and sends the traffic destined for PC2 to the gateway. Data frame sent by PC1: source MAC = MAC1, destination MAC = MAC2.
  4. The switch receives the message sent by PC1 and is destined for PC2. After decapsulating, it finds that the destination MAC is the MAC address of the VLANIF10 interface, so the switch sends the message to the routing module for further processing.
  5. The routing module analyzes and finds that the destination IP is 192.168.20.2, which is not the IP address of the local interface, so the packet needs to be forwarded at Layer 3. After searching the routing table, match the direct route generated by VLANIF20.
  6. Because the matched route is a direct connection, it means that the last hop has been reached, so the switch searches for 192.168.20.2 in the ARP table, obtains the MAC address of 192.168.20.2, and re-encapsulates it into a data frame by the switching module.
  7. The switching module searches the MAC address table to determine the outgoing interface of the packet and whether it needs to carry the VLAN Tag. The data frame sent by the final switching module: source MAC = MAC2, destination MAC = MAC3, VLAN Tag = None.

Comparison of Layer 2 and Layer 3 Interfaces

Inter-VLAN Communication Experiment

  • PC1 -SW1 vlanif10 third floor, remove 10, find PC2 20 network segment, need to go 12, mark 12 to go to SW2, SW2 go to vlanif 12, remove 12 mark. Find vlan 20, then mark it with vlanif20, go to the second floor and bring the 20 mark

Guess you like

Origin blog.csdn.net/weixin_45988710/article/details/131728448
Recommended
The United States plans to restrict the export of large AI models to China and Russia
Apple to reach agreement with OpenAI to bring ChatGPT to iPhone
Ranking
whisper-webui installation tutorial is silky and easy to use
[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations
Import torchvision error problem solving DLL: module not found
observer & watch & notify = pub & sub
A small turntable program [HTML + CSS + JS]
CorelDRAW 2018 shortcuts Daquan
Supervise el botón de menú para lograr un gatillo de presión prolongada
JS将时间秒转换成天小时分钟秒的字符串
RIP basic configuration
[Deleted] solution to a problem a few questions (Noip1994)
Daily
More
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)

Code World

© 2018 codetd.com