Do you know how to use VLAN division using network layer protocol?

Do you know how to use VLAN division using network layer protocol?

VLAN (Virtual Local Area Network) is a data exchange technology that divides LAN devices into segments logically to achieve virtual workgroups. This technology logically divides the physical network by defining extended fields on LAN data frames, thereby limiting the forwarding range of LAN data frames and reducing the broadcast domain.

[[262324]]

VLAN implementation methods can be roughly divided into six categories:

  • Port-based VLAN
  • VLAN division based on MAC address
  • VLAN division based on network layer protocol
  • Divide VLANs based on IP multicast
  • Divide VLAN by policy
  • Divide VLAN by user definition and non-user authorization

I believe that many people use port-based partitioning, and it is also commonly used and common in production environments. So how do we partition based on network layer protocols?

Experimental topology

Configuration Roadmap

  • Create VLANs and determine the VLAN to which each service belongs.
  • Associate IP subnets and VLANs to determine VLANs based on the source IP address or specified network segment in the message.
  • Configure the interface to join the VLAN so that the VLAN based on the IP subnet can pass through the current interface.
  • Enable IP subnet-based VLAN division.

Procedure

Create a VLAN:

# Create VLAN 10, VLAN 20, and VLAN 30 on the Switch.

  1.  < HUAWEI > system-view
  2.  [Huawei]sysname Switch
  3.  [Switch]vlan batch 10 20 30

Configure the interface:

# On the Switch, configure GE0/0/1, GE0/0/2, and GE0/0/3 as hybrid interfaces, and add them to VLAN 10, VLAN 20, and VLAN 30 in untagged mode. Enable IP subnet-based VLAN division.

  1.  [Switch] interface gigabitethernet 0/0/1
  2.  [Switch-GigabitEthernet0/0/1] port link-type hybrid
  3.  [Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 10
  4.  [Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable
  5.  [Switch-GigabitEthernet0/0/1] quit
  6.  [Switch] interface gigabitethernet 0/0/2
  7.  [Switch-GigabitEthernet0/0/2] port link-type hybrid
  8.  [Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 20
  9.  [Switch-GigabitEthernet0/0/2] ip-subnet-vlan enable
  10.  [Switch-GigabitEthernet0/0/2] quit
  11.  [Switch] interface gigabitethernet 0/0/3
  12.  [Switch-GigabitEthernet0/0/3] port link-type hybrid
  13.  [Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 30
  14.  [Switch-GigabitEthernet0/0/3] ip-subnet-vlan enable
  15.  [Switch-GigabitEthernet0/0/3] quit

Configure VLAN division based on IP subnet:

On the Switch, associate VLAN 10 with IP address 192.168.1.2/24 and set the priority to 2.

  1.  [Switch] vlan 10
  2.  [Switch-vlan10] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2
  3.  [Switch-vlan10] quit

On the Switch, associate VLAN 00 with IP address 192.168.2.2/24 and set the priority to 3.

  1.  [Switch] vlan 20
  2.  [Switch-vlan20] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3
  3.  [Switch-vlan20] quit

On the Switch, associate VLAN 30 with IP address 192.168.3.2/24 and set the priority to 4.

  1.  [Switch] vlan 30
  2.  [Switch-vlan30] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4
  3.  [Switch-vlan30] quit

Verify the configuration

  1.  [Switch]display ip-subnet-vlan vlan all
  2.  ------------------------------------------------------------------------
  3.  Vlan Index IpAddress SubnetMask Priority
  4.  ------------------------------------------------------------------------
  5.  10 1 192.168.1.2 255.255.255.0 2
  6.  20 1 192.168.2.2 255.255.255.0 3
  7.  30 1 192.168.3.2 255.255.255.0 4
  8.  ------------------------------------------------------------------------
  9.  ip-subnet-vlan count: 3 total count: 3

<<:  IPv6 Security Thinking: Risk Analysis of Recursive DNS in IPv6 Networks

>>:  When you "ping", do you know the logic behind it?

Recommend

Reshaping Wi-Fi Infrastructure for the Future of IoT

As the digital age continues to evolve, a major c...

New "skills" and "higher salaries" - Ruijie launches new service certification products

Recently, Ruijie Networks released two new servic...

AI and 5G synergy: Unleashing the full potential of the digital age

In the evolving technology landscape, two breakth...

Differences between fat AP and thin AP, advantages and disadvantages of networking

1. What is AP? How to distinguish fat and thin AP...

[Black Friday] Zgovps: $12.9/year-1GB/20GB/2TB/Japan IIJ/Germany/Los Angeles AS4837, etc.

Zgovps also released a promotion during this year...

Case sharing | Application and construction of Ruishu dynamic security hyper-convergence platform in the financial industry

The process of financial digitalization is accele...

ShockHosting 50% off all VPS, 2G memory package starts at $5/month, optional large hard drive

ShockHosting is a foreign hosting company founded...

How to troubleshoot 502 issues? Have you learned how to do it?

When I first started working, one time, the guy w...

Standard Interconnection Lightweight Cloud Promotion, Hong Kong CN2 Yearly Payment Starting from 268 Yuan

Pesyun (Standard Interconnect) has released the l...

Friendhosting 14th Anniversary 30% off all VPS, 11 data centers to choose from, unlimited traffic VPS

Friendhosting has released a promotional offer fo...

Essential for IoT experts: Network protocol stack LwIP (I)

need: In IoT devices, the TCP/IP network protocol...

404 Not Found? It crashed again...

The dreaded "404 Page Not Found" error ...

Foreign netizens are discussing: China's 6G technology is coming out soon, but we are still eager for 4G

China's 5G technology has reached the world&#...

Comprehensive understanding of TCP/IP knowledge system structure summary

1. TCP Knowledge System We analyze the TCP knowle...

How to choose NB-IoT, Cat.1, and Cat.M for IoT device communication?

1. What is NB-IoT NB-IoT (Narrow Band Internet of...