Do you know how to use VLAN division using network layer protocol?

Do you know how to use VLAN division using network layer protocol?

VLAN (Virtual Local Area Network) is a data exchange technology that divides LAN devices into segments logically to achieve virtual workgroups. This technology logically divides the physical network by defining extended fields on LAN data frames, thereby limiting the forwarding range of LAN data frames and reducing the broadcast domain.

[[262324]]

VLAN implementation methods can be roughly divided into six categories:

  • Port-based VLAN
  • VLAN division based on MAC address
  • VLAN division based on network layer protocol
  • Divide VLANs based on IP multicast
  • Divide VLAN by policy
  • Divide VLAN by user definition and non-user authorization

I believe that many people use port-based partitioning, and it is also commonly used and common in production environments. So how do we partition based on network layer protocols?

Experimental topology

Configuration Roadmap

  • Create VLANs and determine the VLAN to which each service belongs.
  • Associate IP subnets and VLANs to determine VLANs based on the source IP address or specified network segment in the message.
  • Configure the interface to join the VLAN so that the VLAN based on the IP subnet can pass through the current interface.
  • Enable IP subnet-based VLAN division.

Procedure

Create a VLAN:

# Create VLAN 10, VLAN 20, and VLAN 30 on the Switch.

  1.  < HUAWEI > system-view
  2.  [Huawei]sysname Switch
  3.  [Switch]vlan batch 10 20 30

Configure the interface:

# On the Switch, configure GE0/0/1, GE0/0/2, and GE0/0/3 as hybrid interfaces, and add them to VLAN 10, VLAN 20, and VLAN 30 in untagged mode. Enable IP subnet-based VLAN division.

  1.  [Switch] interface gigabitethernet 0/0/1
  2.  [Switch-GigabitEthernet0/0/1] port link-type hybrid
  3.  [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10
  4.  [Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable
  5.  [Switch-GigabitEthernet0/0/1] quit
  6.  [Switch] interface gigabitethernet 0/0/2
  7.  [Switch-GigabitEthernet0/0/2] port link-type hybrid
  8.  [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 20
  9.  [Switch-GigabitEthernet0/0/2] ip-subnet-vlan enable
  10.  [Switch-GigabitEthernet0/0/2] quit
  11.  [Switch] interface gigabitethernet 0/0/3
  12.  [Switch-GigabitEthernet0/0/3] port link-type hybrid
  13.  [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 30
  14.  [Switch-GigabitEthernet0/0/3] ip-subnet-vlan enable
  15.  [Switch-GigabitEthernet0/0/3] quit

Configure VLAN division based on IP subnet:

On the Switch, associate VLAN 10 with IP address 192.168.1.2/24 and set the priority to 2.

  1.  [Switch] vlan 10
  2.  [Switch-vlan10] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2
  3.  [Switch-vlan10] quit

On the Switch, associate VLAN 00 with IP address 192.168.2.2/24 and set the priority to 3.

  1.  [Switch] vlan 20
  2.  [Switch-vlan20] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3
  3.  [Switch-vlan20] quit

On the Switch, associate VLAN 30 with IP address 192.168.3.2/24 and set the priority to 4.

  1.  [Switch] vlan 30
  2.  [Switch-vlan30] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4
  3.  [Switch-vlan30] quit

Verify the configuration

  1.  [Switch]display ip-subnet-vlan vlan all
  2.  ------------------------------------------------------------------------
  3.  Vlan Index IpAddress SubnetMask Priority
  4.  ------------------------------------------------------------------------
  5.  10 1 192.168.1.2 255.255.255.0 2
  6.  20 1 192.168.2.2 255.255.255.0 3
  7.  30 1 192.168.3.2 255.255.255.0 4
  8.  ------------------------------------------------------------------------
  9.  ip-subnet-vlan count: 3 total count: 3

<<:  IPv6 Security Thinking: Risk Analysis of Recursive DNS in IPv6 Networks

>>:  When you "ping", do you know the logic behind it?

Recommend

Analysis of SpringCloud Gateway routing configuration and positioning principles

[[409660]] Environment: springcloud Hoxton.SR11 T...

Digital-vm 50% off all VPS, US/Japan/Singapore 1-10Gbps unlimited traffic starting from $3/month

Digital-vm sent a reminder email, saying that the...

Review of the year when 5G “set sail”: The wind is right and the sails are full

From the initial standard to its implementation, ...

What are the advantages of using wireless mesh networks in enterprises?

In the traditional wireless network usage environ...

New infrastructure is included in the government work report, and "5G+" becomes the future focus

The development of the industry cannot be separat...

Network Basics: TCP/IP protocol responsibilities and three common models

1. The main responsibilities of TCP/IP protocol ●...

Do we really need a cloud-native edge to support 5G?

[51CTO.com Quick Translation] Convergence has bee...

Why is C-band spectrum important for 5G?

1. Introduction Synchronization is one of the mos...

China Mobile actively promotes the accelerated implementation of 5G innovative applications

On September 20, China Mobile held the 5G+ Innova...

Three reasons to build a converged Wi-Fi and IoT network

In the near future, collaboration between humans ...

Operators dig into the Internet of Things: IoT strategic transformation in four steps

Driven by both technology and the market, the IoT...

Why can Wi-Fi 6 be used by multiple people without being crowded? Intel's popular science is here

At the end of 2018, the Wi-Fi Alliance announced ...

Apple and Qualcomm reached a settlement, Intel was eliminated, what is the difficulty in Huawei's must-win 5G baseband chip?

A week ago, Qualcomm and Apple, which had once &q...

197 Fortune 500 companies choose Huawei to achieve win-win in the new ICT era

At the 2017 Huawei Connect Conference HUAWEI CONN...

What happens when you enter a URL in the browser (Part 2): TCP module encapsulation and transmission mechanism

This series of articles will start with an introd...