Do you know how to use VLAN division using network layer protocol?

Do you know how to use VLAN division using network layer protocol?

VLAN (Virtual Local Area Network) is a data exchange technology that divides LAN devices into segments logically to achieve virtual workgroups. This technology logically divides the physical network by defining extended fields on LAN data frames, thereby limiting the forwarding range of LAN data frames and reducing the broadcast domain.

[[262324]]

VLAN implementation methods can be roughly divided into six categories:

  • Port-based VLAN
  • VLAN division based on MAC address
  • VLAN division based on network layer protocol
  • Divide VLANs based on IP multicast
  • Divide VLAN by policy
  • Divide VLAN by user definition and non-user authorization

I believe that many people use port-based partitioning, and it is also commonly used and common in production environments. So how do we partition based on network layer protocols?

Experimental topology

Configuration Roadmap

  • Create VLANs and determine the VLAN to which each service belongs.
  • Associate IP subnets and VLANs to determine VLANs based on the source IP address or specified network segment in the message.
  • Configure the interface to join the VLAN so that the VLAN based on the IP subnet can pass through the current interface.
  • Enable IP subnet-based VLAN division.

Procedure

Create a VLAN:

# Create VLAN 10, VLAN 20, and VLAN 30 on the Switch.

  1.  < HUAWEI > system-view
  2.  [Huawei]sysname Switch
  3.  [Switch]vlan batch 10 20 30

Configure the interface:

# On the Switch, configure GE0/0/1, GE0/0/2, and GE0/0/3 as hybrid interfaces, and add them to VLAN 10, VLAN 20, and VLAN 30 in untagged mode. Enable IP subnet-based VLAN division.

  1.  [Switch] interface gigabitethernet 0/0/1
  2.  [Switch-GigabitEthernet0/0/1] port link-type hybrid
  3.  [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10
  4.  [Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable
  5.  [Switch-GigabitEthernet0/0/1] quit
  6.  [Switch] interface gigabitethernet 0/0/2
  7.  [Switch-GigabitEthernet0/0/2] port link-type hybrid
  8.  [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 20
  9.  [Switch-GigabitEthernet0/0/2] ip-subnet-vlan enable
  10.  [Switch-GigabitEthernet0/0/2] quit
  11.  [Switch] interface gigabitethernet 0/0/3
  12.  [Switch-GigabitEthernet0/0/3] port link-type hybrid
  13.  [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 30
  14.  [Switch-GigabitEthernet0/0/3] ip-subnet-vlan enable
  15.  [Switch-GigabitEthernet0/0/3] quit

Configure VLAN division based on IP subnet:

On the Switch, associate VLAN 10 with IP address 192.168.1.2/24 and set the priority to 2.

  1.  [Switch] vlan 10
  2.  [Switch-vlan10] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2
  3.  [Switch-vlan10] quit

On the Switch, associate VLAN 00 with IP address 192.168.2.2/24 and set the priority to 3.

  1.  [Switch] vlan 20
  2.  [Switch-vlan20] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3
  3.  [Switch-vlan20] quit

On the Switch, associate VLAN 30 with IP address 192.168.3.2/24 and set the priority to 4.

  1.  [Switch] vlan 30
  2.  [Switch-vlan30] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4
  3.  [Switch-vlan30] quit

Verify the configuration

  1.  [Switch]display ip-subnet-vlan vlan all
  2.  ------------------------------------------------------------------------
  3.  Vlan Index IpAddress SubnetMask Priority
  4.  ------------------------------------------------------------------------
  5.  10 1 192.168.1.2 255.255.255.0 2
  6.  20 1 192.168.2.2 255.255.255.0 3
  7.  30 1 192.168.3.2 255.255.255.0 4
  8.  ------------------------------------------------------------------------
  9.  ip-subnet-vlan count: 3 total count: 3

<<:  IPv6 Security Thinking: Risk Analysis of Recursive DNS in IPv6 Networks

>>:  When you "ping", do you know the logic behind it?

Recommend

Why does the wireless router need to be restarted? You will know after reading this

Wireless routers have become an indispensable net...

SDN helps unify wired and wireless campus networks

IT professionals are faced with the challenge of ...

AlphaVPS: 1TB large hard drive VPS monthly payment starts from 5 euros, AMD EYPC+NVMe series monthly payment starts from 3.99 euros

AlphaVPS is a foreign hosting company founded in ...

Selection of the most influential events in the communications industry in 2020

Looking back at the year 2020, there are many eve...

Wi-Fi is getting harder to hack: How to keep your new router secure

With the development of WiFi technology, WiFi has...

In order to promote 5G packages, operators are also trying their best

Whether on the Internet or in the real world, the...

Six IT trends to watch in 2023

Businesses and society at large continue to turn ...

Weak current people must understand standard PoE power supply! Otherwise, if you don't understand the IPC power supply power and line sequence, how can you do a good project?

What is Standard PoE? PoE, or Power over Ethernet...

Byte side: TCP three-way handshake, very detailed questions!

Hello everyone, I am Xiaolin. A reader was asked ...

When to use 5G and when to use Wi-Fi 6

[[357301]] 5G is a cellular service, and Wi-Fi 6 ...

Weibu Online was shortlisted for CDM 2021 Black Unicorn Awards

On August 3, 2021, CyberDefense Magazine, a world...

How 5G will change engineering design

The past decade has seen unprecedented technologi...

Ministry of Industry and Information Technology: The information and communication industry is operating smoothly, with 5G users accounting for more than 30%

On November 21, the Ministry of Industry and Info...

Linux will support new network technology based on Li-Fi

According to phoronix, Li-Fi technology supplier ...

Maxthon Hosting 20% ​​off: Los Angeles CN2 GIA monthly payment starts from 54 yuan, Hong Kong CN2 line VPS monthly payment starts from 56 yuan

Maxthon Hosting is a provider of high-quality ove...