Do you know how to use VLAN division using network layer protocol?

Do you know how to use VLAN division using network layer protocol?

VLAN (Virtual Local Area Network) is a data exchange technology that divides LAN devices into segments logically to achieve virtual workgroups. This technology logically divides the physical network by defining extended fields on LAN data frames, thereby limiting the forwarding range of LAN data frames and reducing the broadcast domain.

[[262324]]

VLAN implementation methods can be roughly divided into six categories:

  • Port-based VLAN
  • VLAN division based on MAC address
  • VLAN division based on network layer protocol
  • Divide VLANs based on IP multicast
  • Divide VLAN by policy
  • Divide VLAN by user definition and non-user authorization

I believe that many people use port-based partitioning, and it is also commonly used and common in production environments. So how do we partition based on network layer protocols?

Experimental topology

Configuration Roadmap

  • Create VLANs and determine the VLAN to which each service belongs.
  • Associate IP subnets and VLANs to determine VLANs based on the source IP address or specified network segment in the message.
  • Configure the interface to join the VLAN so that the VLAN based on the IP subnet can pass through the current interface.
  • Enable IP subnet-based VLAN division.

Procedure

Create a VLAN:

# Create VLAN 10, VLAN 20, and VLAN 30 on the Switch.

  1.  < HUAWEI > system-view
  2.  [Huawei]sysname Switch
  3.  [Switch]vlan batch 10 20 30

Configure the interface:

# On the Switch, configure GE0/0/1, GE0/0/2, and GE0/0/3 as hybrid interfaces, and add them to VLAN 10, VLAN 20, and VLAN 30 in untagged mode. Enable IP subnet-based VLAN division.

  1.  [Switch] interface gigabitethernet 0/0/1
  2.  [Switch-GigabitEthernet0/0/1] port link-type hybrid
  3.  [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10
  4.  [Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable
  5.  [Switch-GigabitEthernet0/0/1] quit
  6.  [Switch] interface gigabitethernet 0/0/2
  7.  [Switch-GigabitEthernet0/0/2] port link-type hybrid
  8.  [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 20
  9.  [Switch-GigabitEthernet0/0/2] ip-subnet-vlan enable
  10.  [Switch-GigabitEthernet0/0/2] quit
  11.  [Switch] interface gigabitethernet 0/0/3
  12.  [Switch-GigabitEthernet0/0/3] port link-type hybrid
  13.  [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 30
  14.  [Switch-GigabitEthernet0/0/3] ip-subnet-vlan enable
  15.  [Switch-GigabitEthernet0/0/3] quit

Configure VLAN division based on IP subnet:

On the Switch, associate VLAN 10 with IP address 192.168.1.2/24 and set the priority to 2.

  1.  [Switch] vlan 10
  2.  [Switch-vlan10] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2
  3.  [Switch-vlan10] quit

On the Switch, associate VLAN 00 with IP address 192.168.2.2/24 and set the priority to 3.

  1.  [Switch] vlan 20
  2.  [Switch-vlan20] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3
  3.  [Switch-vlan20] quit

On the Switch, associate VLAN 30 with IP address 192.168.3.2/24 and set the priority to 4.

  1.  [Switch] vlan 30
  2.  [Switch-vlan30] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4
  3.  [Switch-vlan30] quit

Verify the configuration

  1.  [Switch]display ip-subnet-vlan vlan all
  2.  ------------------------------------------------------------------------
  3.  Vlan Index IpAddress SubnetMask Priority
  4.  ------------------------------------------------------------------------
  5.  10 1 192.168.1.2 255.255.255.0 2
  6.  20 1 192.168.2.2 255.255.255.0 3
  7.  30 1 192.168.3.2 255.255.255.0 4
  8.  ------------------------------------------------------------------------
  9.  ip-subnet-vlan count: 3 total count: 3

<<:  IPv6 Security Thinking: Risk Analysis of Recursive DNS in IPv6 Networks

>>:  When you "ping", do you know the logic behind it?

Recommend

HostXen offers 50 yuan for new user registration, 20 yuan for 100 yuan for recharge, starting from 70 yuan for 6G memory in the United States/Singapore/Japan/Hong Kong

HostXen has launched its regular promotional acti...

Recommended DNS public servers

114 Public DNS Universal high-speed version: DNS ...

With another 600,000 base stations added, do you plan to upgrade to a 5G package?

As we all know, my country's operators have b...

HTTP 3: Past, Present, and Early Adoption

HTTP/3 has reached another milestone: Recently, C...

ONE VPS 50% off for the first month, 1G unlimited traffic 9 data center VPS starting from $2 for the first month

The last time I shared information about ONEVPS w...

Who will be the Internet of Things "giant"? 2017 World Internet of Things Expo closed

【51CTO.com original article】 On September 13, 201...

Report: Global 5G mobile data traffic is growing explosively

Mobile network operators promise their users that...

Large-scale commercial use is imminent! What will be the future development of 5G messaging?

At present, more than 100 operators around the wo...

Huawei launches star products and industry cooperation plans for the F5G era in the enterprise sector

On August 5, the "F5G Era Huawei Enterprise ...

AkkoCloud: San Jose CN2 GIA/Germany CN2 GIA, starting at 299 yuan per year, 300-500Mbps bandwidth

AkkoCloud is a Chinese hosting company founded in...

Ministry of Industry and Information Technology: Interim Measures for the Management of Number Portability Services have been drafted

The State Council Information Office held a press...

RackNerd latest promotion starts at $11.38/year, San Jose/Seattle and other data centers

RackNerd has launched a new promotion for the US ...

Aeraki Series: How to set local rate limiting rules

Aeraki can help you manage any Layer 7 protocol i...

Share | Basic knowledge of 5G wireless network

Wireless networks have improved dramatically over...

Will wireless networks kill wired networks?

While wireless networks grab all the headlines, w...