Configuration of Ethernet single-arm routing and Layer 3 VLAN interface configuration

2.8.4 Ethernet VLAN (one-arm router and VlanIF interface of a Layer 3 switch)

By default, all VLANs cannot communicate with each other.

If the entire network is in the same segment, it is isolated by different VLANs.

• Some VLANs need to be able to communicate, and the encapsulation and decapsulation of VLAN tags can be realized through the flexible matching of Access, Trunk, and Hybrid port types, so as to realize communication in the same segment of the network.

• If it is a different segment of the network, and it is still a different VLAN, using the above method to decapsulate can not achieve communication (because different network segments need to use routing)

Layer 3 switch VlanIF interface

交换机上配置VlanIf接口：
（1）先创建VLAN：vlan 10
（2）创建VlanIf接口：interface vlan 10
（3）配置接口地址：
int vlan 10
 ip add 192.168.1.254 24

case:

[LSW4]vlan 10
[LSW4-vlan10]vlan 20

[LSW4-vlan20]int vl 10
[LSW4-Vlanif10]ip add 192.168.1.25 24

[LSW4-Vlanif10]int vl 20
[LSW4-Vlanif20]ip add 192.168.2.254 24

[LSW4-Vlanif20]q
[LSW4]int g0/0/1
[LSW4-GigabitEthernet0/0/1]port link-type access
[LSW4-GigabitEthernet0/0/1]port default vlan 10

[LSW4-GigabitEthernet0/0/1]int g0/0/2
[LSW4-GigabitEthernet0/0/2]port link-type access
[LSW4-GigabitEthernet0/0/2]port default vlan 20

one-arm routing

接口带宽有限，子接口越多，每个子接口能使用的带宽就越少当用户流量大的时候就容易出现卡顿与丢包。

（1）二层交换机连接路由器的接口需要进行放行VLAN的操作，让VLAN能够访问到路由器。
（2）路由器配置子接口：
	1)int g0/0/0.10				# 接口后面加上 .子接口号，即可创建子接口（1~4094）
	2)dot1q termination vid 10	# 指定子接口负责的VLAN数据
	3)arp broadcast enable		# 开启ARP广播功能
	如果不开启，该子接口将不会主动发送ARP请求，获取到对应的主机MAC地址（最终无法实现通信）

注：
（1）路由子接口的MAC地址与其父接口是一样的，如g0/0/0.10的MAC地址就是g0/0/0的MAC地址。
（2）arp broadcast enable在华为真机中是默认开启的。在ENSP中默认子接口设备没有开启该功能的，
这会导致子接口需要访问目标主机时，无法通过ARP请求到目标的MAC地址，从而导致无法实现通信。
>>>现象就是：PC6能访问到网关、PC7能访问到网关，但PC6、PC7之间就是无法通信。

case:

#路由器配置
[AR1]int g0/0/0.10
[AR1-GigabitEthernet0/0/0.10]dot1q termination vid 10
[AR1-GigabitEthernet0/0/0.10]arp broadcast enable
[AR1-GigabitEthernet0/0/0.10]ip add 192.168.1.254 24

[AR1-GigabitEthernet0/0/0.10]int g0/0/0.20
[AR1-GigabitEthernet0/0/0.20]dot1q termination vid 20
[AR1-GigabitEthernet0/0/0.20]arp broadcast enable
[AR1-GigabitEthernet0/0/0.20]ip add 192.168.2.254 24

#交换机配置
[LSW5]vlan 10
[LSW5-vlan10]vlan 20
[LSW5-vlan20]int e0/0/1
[LSW5-Ethernet0/0/1]port link-type access
[LSW5-Ethernet0/0/1]port default vlan 10

[LSW5-Ethernet0/0/1]int e0/0/2
[LSW5-Ethernet0/0/2]port link-type access
[LSW5-Ethernet0/0/2]port default vlan 20

[LSW5-Ethernet0/0/2]int e0/0/3
[LSW5-Ethernet0/0/3]port link-type trunk
[LSW5-Ethernet0/0/3]port trunk allow-pass vlan all