Do you know how to use VLAN division using network layer protocol?

VLAN (Virtual Local Area Network) is a data exchange technology that divides LAN devices into segments logically to achieve virtual workgroups. This technology logically divides the physical network by defining extended fields on LAN data frames, thereby limiting the forwarding range of LAN data frames and reducing the broadcast domain.

[[262324]]

VLAN implementation methods can be roughly divided into six categories:

• Port-based VLAN
• VLAN division based on MAC address
• VLAN division based on network layer protocol
• Divide VLANs based on IP multicast
• Divide VLAN by policy
• Divide VLAN by user definition and non-user authorization

I believe that many people use port-based partitioning, and it is also commonly used and common in production environments. So how do we partition based on network layer protocols?

Experimental topology

Configuration Roadmap

• Create VLANs and determine the VLAN to which each service belongs.
• Associate IP subnets and VLANs to determine VLANs based on the source IP address or specified network segment in the message.
• Configure the interface to join the VLAN so that the VLAN based on the IP subnet can pass through the current interface.
• Enable IP subnet-based VLAN division.

Procedure

Create a VLAN:

# Create VLAN 10, VLAN 20, and VLAN 30 on the Switch.

 < HUAWEI > system-view
 [Huawei]sysname Switch
 [Switch]vlan batch 10 20 30

Configure the interface:

# On the Switch, configure GE0/0/1, GE0/0/2, and GE0/0/3 as hybrid interfaces, and add them to VLAN 10, VLAN 20, and VLAN 30 in untagged mode. Enable IP subnet-based VLAN division.

 [Switch] interface gigabitethernet 0/0/1
 [Switch-GigabitEthernet0/0/1] port link-type hybrid
 [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10
 [Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable
 [Switch-GigabitEthernet0/0/1] quit
 [Switch] interface gigabitethernet 0/0/2
 [Switch-GigabitEthernet0/0/2] port link-type hybrid
 [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 20
 [Switch-GigabitEthernet0/0/2] ip-subnet-vlan enable
 [Switch-GigabitEthernet0/0/2] quit
 [Switch] interface gigabitethernet 0/0/3
 [Switch-GigabitEthernet0/0/3] port link-type hybrid
 [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 30
 [Switch-GigabitEthernet0/0/3] ip-subnet-vlan enable
 [Switch-GigabitEthernet0/0/3] quit

Configure VLAN division based on IP subnet:

On the Switch, associate VLAN 10 with IP address 192.168.1.2/24 and set the priority to 2.

 [Switch] vlan 10
 [Switch-vlan10] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2
 [Switch-vlan10] quit

On the Switch, associate VLAN 00 with IP address 192.168.2.2/24 and set the priority to 3.

 [Switch] vlan 20
 [Switch-vlan20] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3
 [Switch-vlan20] quit

On the Switch, associate VLAN 30 with IP address 192.168.3.2/24 and set the priority to 4.

 [Switch] vlan 30
 [Switch-vlan30] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4
 [Switch-vlan30] quit

Verify the configuration

 [Switch]display ip-subnet-vlan vlan all
 ------------------------------------------------------------------------
 Vlan Index IpAddress SubnetMask Priority
 ------------------------------------------------------------------------
 10 1 192.168.1.2 255.255.255.0 2
 20 1 192.168.2.2 255.255.255.0 3
 30 1 192.168.3.2 255.255.255.0 4
 ------------------------------------------------------------------------
 ip-subnet-vlan count: 3 total count: 3