Shulou(Shulou.com)06/02 Report--

one,

Definition of VLAN:

VLAN (Virtual LAN): virtual local area network

-is a logical group of users connected to a physical device that are not limited by physical location.

Why VLAN technology was introduced:

(1) the switch divides the collision domain, but not the broadcast domain.

(2) with the increase of the number of ports in the switch, various broadcasts follow, thus reducing the efficiency of the network.

(3) in order to segment the broadcast domain, VLAN technology is introduced.

The role of VLAN:

(1) effective control of broadcasting

(2) it is relatively safe and efficient.

(3) the effective utilization of bandwidth is saved.

(4) delay

Types of VLAN:

(1) static VLAN based on port partition

(2) dynamic VLAN based on MAC address partition

PVID: indicates the VLN to which the port belongs. By default, the PVID for all ports on the switch is 1.

VLAN configuration step: create a VLAN, add the port to the corresponding VLAN, and verify.

How to create a VLAN: (created in system view mode)

Create VLAN [huawei] vlan 10

Batch creation of VLAN [huawei] vlan batch20 20 30 / vlan batch 10 to 30

How to delete VLAN: (create in system view mode)

Delete VLAN: [huawei] undo vlan 10

Batch deletion: [huawei] VLANundo vlan vlan batch20 20 30

Batch deletion: [huawei] VLANundo vlan batch 10 to 30

Add the port to VLAN: change it to access in port mode and then join VLAN

[huawei] interface ethernet0/0/1

[huawei-ethernet0/0/1] port link-type access

[huawei-ethernet0/0/1] port default vlan 1

Add ports to VLAN in batches: add ports to port groups, and then add port groups to VLAN

[huawei] port-group1

[huawei-port-group-1] group-member ethernet0/0/1 ethernet0/0/2

[huawei-port-group-1] group-member ethernet0/0/1 to ethernet0/0/2

[huawei-port-group-1] port link-type access

[huawei-port-group-1] port default vlan 2

Verify the configuration of VLAN:

[huawei] display vlan

[huawei] display vlan vlan-id

VLAN

The same VLAN can communicate with each other.

Different VLAN cannot communicate with each other.

Member hosts of the same VLAN can be in different physical locations (different switching devices)

Second, Trunk:

It is generally used to link "switch" devices.

In order to be able to transmit data from multiple VLAN simultaneously on the same link, the mode of the link must be configured to trunk mode.

Data on this type of link needs to carry a vlan tag:

There are two ways in which the link tags data.

1. ISL: inter-switch link, the link protocol between switches.

Cisco's proprietary protocol; many switches no longer support it.

The total length of the label is 30 bytes, of which the ISL header is 26 bytes and the ISL tail is 4 bytes

2. 802.1q: it is a public standard, and devices of any manufacturer can use this protocol to tag layer 2 data.

The label length is 4 bytes.

Access: generally used to connect "non-switch" devices!

This type of link, at a time, can only belong to one VLAN; the data transmitted is untagged.

Configure Trunk links: (Huawei)

1. Configure the link type of the port

Interface gi0/0/24

Port link-type trunk

2. Set the VLAN allowed on the Trunk link

Interface gi0/0/24

Port trunk allow-pass vlan all

3. Verify, test, save

Display port vlan

Configure Trunk links: (Cisco)

1. Configure the trunk encapsulation protocol for the link (ISL or 802.1q) [optional]

Interface fas0/24

Switchport trunk encapsulation dot1q | isl

2. Configure the link mode as trunk

Interface fas0/24

Switchport mode trunk

3. Verification, testing and preservation

Show interface trunk / / View trunk links on Cisco switch

The process of Huawei switch processing data frames:

1. When the switch receives a data frame, it will label the data frame:

Display port vlan

It depends on the PVID parameter under the corresponding port in the display result

2. When the switch forwards a data frame, it looks at the following corresponding table:

Display vlan

In the corresponding VLAN (that is, the VLAN represented by the PVID of the ingress port of the data frame)

Subsequent member ports (these ports represent the egress port of the data frame)

At the same time, pay attention to whether these ports carry labels when sending out data

Sign (TG/UT)

Trunk: trunk link / trunk link

Interconnection between switches: the same link requires multiple VLAN traffic to be carried at the same time.

How to distinguish the traffic of different VLAN-marking

1. ISL:inter-switch link, privately owned by Cisco

ISL head + L2+L3+L4+Data+FCS+ISL tail

2. 802.1q: public protocol

DMAC + SMAC + Tag + Type 4Byte

Where vlan-id is represented by 12bit

Third, Hybird configuration process:

1. Create VLAN 10

[sw] vlan 10

2. Configure the link type of the link PC as hybrid

[sw] interface gi0/0/1

[sw-gi0/0/1] port link-type hybrid

3. Configure the PVID on each port to be 10

[sw] interface gi0/0/1

[sw-gi0/0/1] port hybrid pvid vlan 10 [how to use the default value, whether it works]

4. Configure VLAN without encapsulating tags on each port

[sw] interface gi0/0/1

[sw-gi0/0/1] port hybrid untagged vlan 10

5. Configure the IP address of PC: 192.168.10.x/24

6. Verify, test, save

Display port vlan / / check gi0/0/1 | whether the PVID of 2 is 10

Display vlan / / check whether the vlan corresponds to gi0/0/1. | 2

Ping 192.168.10.2

Save

Hybrid: promiscuous port

This type of port exists only on Huawei devices and is the default mode for each port

The port in this mode can simulate the function of both access and trunk links.

When forwarding data frames, the processing of labels in data frames is very flexible.

How the port of the switch handles labels:

1. Incoming data

# if the data received is not labeled, use the VLAN number represented by the PVID of the port to label the data

Command: display port vlan

# if the data received carries a label, it will be received directly without any processing on the label, leaving the original appearance.

2. Outgoing data

# first of all, determine the port from which the current data frame should go out:

Command: display vlan

% check the VLAN corresponding to the tags carried by the data:

& untagged: if sent on this type of port, the label will be killed.

& tagged: if it is sent on this type of port, it will carry a label.

Note:

In a switched network, it is necessary to ensure that the VLAN information on all switches is exactly the same. Otherwise, it will cause the switching network to fail!

Four, GVRP

GVRP: generic attribute Registration Protocol

The role of GVRP: (public agreement) [in Cisco, the same function is achieved by VTP]

Automatic synchronization of VLAN information between different switches

VLAN learned through GVRP is called dynamic VLAN

For dynamic VLAN

# access ports cannot be added directly

Access ports can only be added to static VLAN (manually created locally)

# trunk ports are added automatically

Configure GVRP:

1. Start the GVRP function globally:

[SW] gvrp

2. Start GVRP on the trunk link

[sw] interface gi0/0/24

[sw-gi0/0/24] gvrp

3. Verify GVRP

Display gvrp status

Display vlan-- > you will see the type dynamic in the display result

Vlan

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.