Detailed configuration steps for single-arm routing

1. Overview of single-arm routing

Router-on-a-stick refers to configuring a sub-interface (or "logical interface", there is no real physical interface) on an interface of the router to realize different VLANs (virtual interfaces) that are originally isolated from each other. LAN) interconnection.

1.1 Single-arm routing realizes communication between different VLANs

1.1.1 Link type

The port connecting the switch to the host is an access link
The port connecting the switch to the router is a Trunk link

1.1.2 Sub-interface

A router's physical interface can be divided into multiple logical interfaces
Each sub-interface corresponds to the gateway of a VLAN network segment

1.1.3 The router re-encapsulates the MAC address and converts the VLAN tag

2. Configuration of single-arm routing

Configure link type
Configure the encapsulation structure of VLAN tags
Configure sub-interface address

2.1 Experimental content:

Switch SW1 is connected to two hosts PC1 and PC2. PC1 and PC2 belong to different VLANs. Now it is required to configure a single-arm routing to enable PC1 and PC2 to communicate with each other.

2.2 Experimental topology:

2.3 Experimental steps:

(1) Set the IP addresses and subnet masks of the two hosts.

PC1：192.168.10.10/24。

PC2：192.168.20.20/24。

(2) Create a VLAN in the switch and add the port to the corresponding VLAN.

Create vlan10 and vlan20;

Interface e0/0/1 is set to access mode and added to vlan10;

Interface e0/0/2 is set to access mode and added to vlan20;

Interface e0/0/3 is set to trunk mode, allowing all vlans to pass through this interface.

The switch configuration commands are as follows:

csharp

Copy code

Please press enter to start cmd line! <Huawei>sys //切换至系统试图 Enter system view, return user view with Ctrl+Z. [Huawei]undo info en //关闭信息中心 Info: Information center is disabled. [Huawei]vlan batch 10 20 //批量创建vlan10和vlan20 Info: This operation may take a few seconds. Please wait for a moment...done. [Huawei]int e0/0/1 //进入接口e0/0/1 [Huawei-Ethernet0/0/1]port link-type access //设置接口模式为access模式 [Huawei-Ethernet0/0/1]port default vlan 10 //将该接口加入vlan10 [Huawei-Ethernet0/0/1]undo shutdown //开启接口 Info: Interface Ethernet0/0/1 is not shutdown. [Huawei-Ethernet0/0/1]int e0/0/2 //进入接口e0/0/2 [Huawei-Ethernet0/0/2]port link-type access //设置接口模式为access模式 [Huawei-Ethernet0/0/2]port default vlan 20 //将该接口加入vlan20 [Huawei-Ethernet0/0/2]undo shutdown //开启接口 Info: Interface Ethernet0/0/2 is not shutdown. [Huawei-Ethernet0/0/2]int e0/0/3 //进入接口e0/0/2 [Huawei-Ethernet0/0/3]port link-type trunk //设置接口模式为trunk模式 [Huawei-Ethernet0/0/3]port trunk allow-pass vlan all //允许所有vlan通过该接口 [Huawei-Ethernet0/0/3]dis this //显示接口信息 # interface Ethernet0/0/3 # return [Huawei-Ethernet0/0/3]

(3) Configure the encapsulation structure and sub-interface address of the VLAN tag in the router.

Divide interface g0/0/0 into two sub-interfaces: g0/0/0.10 and g0/0/0.20. It is recommended to be consistent with vlan;

Configure the encapsulation structure of the VLAN tag and the sub-interface address for the two sub-interfaces respectively.

The router configuration commands are as follows:

csharp

Copy code

The device is running! <Huawei>sys //切换至系统试图 Enter system view, return user view with Ctrl+Z. [Huawei]int g0/0/0.10 //划分子接口，直接进入子接口0/0/0.10，建议与vlan一致 [Huawei-GigabitEthernet0/0/0.10]dot1q termination vid 10 //配置vlan封装结构（dot1q为IEEE802.1q协议，该子接口属于vlan10） [Huawei-GigabitEthernet0/0/0.10]ip add 192.168.10.1 24 //设置子接口的IP地址（即vlan10下面所属主机的网关地址） [Huawei-GigabitEthernet0/0/0.10]arp broadcast enable //开启向下arp广播请求功能 [Huawei-GigabitEthernet0/0/0.10]undo shutdown //开启接口 Info: Interface GigabitEthernet0/0/0.10 is not shutdown. [Huawei-GigabitEthernet0/0/0.10]int g0/0/0.20 //进入子接口0/0/0.20，建议与vlan一致 [Huawei-GigabitEthernet0/0/0.20]dot1q termination vid 20 //配置vlan封装结构，该子接口属于vlan20 [Huawei-GigabitEthernet0/0/0.20]ip add 192.168.20.1 24 //设置子接口的IP地址（即vlan20下面所属主机的网关地址） [Huawei-GigabitEthernet0/0/0.20]arp broadcast enable //开启向下arp广播请求功能 [Huawei-GigabitEthernet0/0/0.20]undo shutdown //开启接口 Info: Interface GigabitEthernet0/0/0.20 is not shutdown. [Huawei-GigabitEthernet0/0/0.20]dis interface brief //显示接口信息 PHY: Physical *down: administratively down (l): loopback (s): spoofing (b): BFD down ^down: standby (e): ETHOAM down (d): Dampening Suppressed InUti/OutUti: input utility/output utility Interface PHY Protocol InUti OutUti inErrors outErrors GigabitEthernet0/0/0 up down 0% 0% 0 0 GigabitEthernet0/0/0.10 up up 0% 0% 0 0 GigabitEthernet0/0/0.20 up up 0% 0% 0 0 GigabitEthernet0/0/1 down down 0% 0% 0 0 GigabitEthernet0/0/2 down down 0% 0% 0 0 NULL0 up up(s) 0% 0% 0 0 [Huawei-GigabitEthernet0/0/0.20]

(4) Verify the experimental results and check whether the two hosts can communicate with each other.

Use PC2 to ping PC1 and find that communication can be carried out. The experiment was successful.

WeChat picture_20220115141840.png

2.4 Analysis of error-prone points

1 The properties of the port connected to the switch and router must be set to Trunk and all vlans must be allowed to pass;
2 The router's interface must be divided into sub-interfaces first, and then the encapsulation structure of the VLAN tag can be configured;
3 Remember to enable arp broadcast requests on the sub-interface of the router;
4 The host IP and sub-interface IP address (corresponding gateway address) cannot be repeated.

3. Defects of single-arm routing

The "single arm" is the backbone link of the network, which can easily form a network bottleneck.
Sub-interfaces still rely on physical interfaces and are inflexible in application.
Forwarding between VLANs requires checking the routing table, which is a serious waste of device resources.

Author: Neruda's Postman
Link: https://juejin.cn/post/7053337881078661134
Source: Rare Earth Nuggets
Copyright belongs to the author. For commercial reprinting, please contact the author for authorization. For non-commercial reprinting, please indicate the source.