Table of contents
Get to know the terminology first
2. Use a router to realize inter-VLAN communication
3. Use VLANIF technology to realize inter-VLAN communication (commonly used)
▼More network worker resource packs, continuously updated, welcome to like and follow ▼
Get to know the terminology first
Sub-Interface - sub-interface
dot1q
termination-termination
broadcast - broadcast
vlanif Layer 3 logical interface
1. Technical Background
In actual network deployment, different IP address segments are generally divided into different VLANs.
PCs in the same VLAN and on the same network segment can communicate directly without using Layer 3 forwarding equipment. This communication method is called Layer 2 communication.
Layer 3 communication is required between VLANs to achieve mutual visits, and Layer 3 communication requires the use of Layer 3 devices.
Common layer-3 devices: routers, layer-3 switches, firewalls, etc.
2. Use a router to realize inter-VLAN communication
use router physical interface
The Layer 3 interface of the router acts as a gateway, forwarding traffic from this network segment to other network segments. The Layer 3 interface of the router cannot process data frames carrying VLAN tags, so the interface connected to the router on the switch needs to be configured as Access
Limitation: A physical interface of the router is used as a gateway of a VLAN, so a VLAN needs to occupy a physical interface of the router. As a Layer 3 forwarding device, the router has a small number of interfaces, and the scalability of the solution is too poor.
Use router subinterfaces
A sub-interface is a logical interface created based on a router's Ethernet interface, and is identified by a physical interface ID + a sub-interface ID. Like a physical interface, a sub-interface can perform Layer 3 forwarding. Sub-interfaces are different from physical interfaces and can terminate data frames carrying VLAN Tags
The essence of subinterface-terminated VLAN includes two aspects:
After the packet is received by the interface, the VLAN tag is stripped and then Layer 3 forwarding or other processing is performed.
For the packets sent by the interface, add the corresponding VLAN tag to the packets before sending them.
Configuration:
interface interface-type interface-number.sub-interface number command is used to create a sub-interface
The dot1q termination vid command is used to configure the single-layer VLAN ID for the sub-interface Dot1q termination
The arp broadcast enable command is used to enable the ARP broadcast function of the termination sub-interface
3. Use VLANIF technology to realize inter-VLAN communication (commonly used)
Layer 3 switch and VLANIF interface
In addition to the functions of a layer 2 switch, a layer 3 switch also supports routing and forwarding through a layer 3 interface (such as a VLANIF interface)
The VLANIF interface is a three-layer logical interface that supports the stripping and adding of VLAN Tags, so the communication between VLANs can be realized through the VLANIF interface
Note: The VLANIF interface number is the same as the corresponding VLAN ID, for example, VLAN 10 corresponds to VLANIF 10
VLANIF forwarding process
Assuming that corresponding ARP or MAC entries already exist on the PC and the Layer 3 switch, the communication process between PC1 and PC2 is as follows:
(1) PC1 calculates through the local IP address, local mask, and peer IP address, and finds that the destination device PC2 is not in the same network segment as itself, judges that the communication is Layer 3 communication, and sends the traffic destined for PC2 to the gateway. Data frame sent by PC1: source MAC = MAC1, destination MAC = MAC2.
(2) The switch receives the message sent by PC1 and is destined for PC2. After decapsulating, it finds that the destination MAC is the MAC address of the VLANIF10 interface, so the switch sends the message to the routing module for further processing.
(3) The routing module analyzes and finds that the destination IP is 192.168.20.2, which is not the IP address of the local interface, so the packet needs to be forwarded in three layers. After searching the routing table, match the direct route generated by VLANIF20.
VLANIF Configuration Example
Configuration requirements: Two PCs belong to VLAN 10 and VLAN 20 respectively. The mutual communication between the two PCs is completed through the three-layer switch.
1) Basic configuration
2) configure vlanif
[SW1]interface Vlanif 10
[SW1-Vlanif10]ip address 192.168.10.254 24
[SW1]interface Vlanif 20
[SW1-Vlanif20]ip address 192.168.20.254 24
3) Experimental debugging