No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

AR500, AR510, and AR530 V200R007 CLI-based Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring transparent bridge, MAC table, link aggregation, VLANs, STP/RSTP/MSTP, and so on.The document provides the configuration procedures and configuration examples to illustrate the service configuration methods and application scenario.
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Principles

Principles

Implementation

VLAN aggregation defines the super-VLAN and sub-VLAN. A sub-VLAN, as an independent broadcast domain, contains only physical interfaces; a super-VLAN contains no physical interface, and is used for creating a Layer 3 VLANIF interface. Through the mapping between a super VLAN and sub-VLANs, VLAN aggregation associates the Layer 3 VLANIF interface with physical interfaces so that all sub-VLANs share one gateway to communicate with an external network. In addition, Proxy ARP is used to implement Layer 3 connectivity between sub-VLANs. This technology isolates broadcast domains and saves IP addresses.

  • Sub-VLAN: contains only physical interfaces, and is used to isolate broadcast domains. A sub-VLAN cannot be used for creating a Layer 3 VLANIF interface. Hosts in each sub-VLAN use the VLANIF interface of the associated super-VLAN to communicate with external devices at Layer 3.
  • Super-VLAN: is only used for creating a Layer 3 VLANIF interface and contains no physical interface. It corresponds to the subnet gateway. Unlike a VLANIF interface that is Up as long as a physical interface in a common VLAN is Up, a VLANIF interface in a super-VLAN is Up as long as a physical interface in any associated sub-VLAN is Up.

A super-VLAN can contain one or more sub-VLANs. A sub-VLAN does not occupy an independent subnet. IP addresses of hosts in any sub-VLAN of a super-VLAN belong to the subnet corresponding to the sub-VLAN.

That is, sub-VLANs share the same gateway. VLAN aggregation reduces subnet IDs, subnet default gateway addresses, and directed broadcast IP addresses, allows different broadcast domains to use the same subnet address, implements flexible addressing, and conserves IP addresses.

The network topology used in Introduction to VLAN Aggregation is used as an example. Configure VLAN 10 as the super-VLAN, assign the subnet address 10.1.1.0/24 to VLAN 10, and configure VLAN 2, VLAN 3, and VLAN 4 as sub-VLANs of super-VLAN 10, as shown in Figure 4-2.

Figure 4-2  Networking of VLAN aggregation

Sub-VLAN 2, sub-VLAN 3, and sub-VLAN 4 share a subnet (10.1.1.1/24). The subnet ID (10.1.1.0), default gateway address (10.1.1.1), and directed broadcast address of the subnet (10.1.1.255) cannot be used as host IP addresses. VLAN aggregation allows the device to assign IP addresses to hosts in sub-VLANs according to the actual number of hosts. For example, when sub-VLAN 2 requires 10 addresses, 10.1.1.2-10.1.1.11 are assigned to sub-VLAN 2.

Communications Between Sub-VLANs

VLAN aggregation allows different sub-VLANs to use IP addresses on the same network segment, but cannot implement Layer 3 forwarding between sub-VLANs. Hosts in different common VLANs can communicate with each other at Layer 3 through their respective gateways. In a super-VLAN, hosts in all sub-VLANs use IP addresses on the same network segment and share the gateway address, so the hosts in different sub-VLANs implement only Layer 2 forwarding but not Layer 3 forwarding through a gateway. In practice, hosts in different sub-VLANs are isolated at Layer 2. As a result, sub-VLANs are unable to communicate with each other.

To address this issue, configure proxy ARP.

NOTE:

For details about proxy ARP, see Proxy ARP in Huawei AR Series IOT Gateway Configuration Guide - IP Services.

The networking in Figure 4-2 is used as an example. Assuming that Host_1 in sub-VLAN 2 needs to communicate with Host_2 in sub-VLAN 3, enable proxy ARP on the VLANIF interface of super-VLAN 10, as shown in Figure 4-3.

Figure 4-3  Using proxy ARP to implement Layer 3 communication between sub-VLANs

Host_1 in sub-VLAN 2 communicates with Host_2 in sub-VLAN 3 as follows (assume that the ARP table of Host_1 in sub-VLAN 2 has no entry of Host_2 in sub-VLAN 3):

  1. Host_1 in sub-VLAN 2 compares the IP address of Host_2 in sub-VLAN 3 with its IP address, and finds that both IP addresses are on the same network segment 10.1.1.0/24. However, the ARP table of Host_1 in sub-VLAN 2 has no entry of Host_2 in sub-VLAN 3.
  2. Host_1 in sub-VLAN 2 broadcasts an ARP Request packet with the destination IP address of 10.1.1.12 to request the MAC address of Host_2 in sub-VLAN 3.
  3. The Router (gateway) is enabled with proxy ARP between sub-VLANs. After receiving the ARP Request packet from Host_1 in sub-VLAN 2, the Router searches its routing table for the destination IP address in the ARP Request packet. The Router finds a matched route in which the next hop address is the directly connected network segment (10.1.1.0/24 of VLANIF 10), and broadcasts an ARP Request packet to all sub-VLANs in super-VLAN 10, requesting the MAC address of Host_2 in sub-VLAN 3.
  4. After receiving the ARP Request packet, Host_2 in sub-VLAN 3 sends an ARP Reply packet.
  5. After receiving the ARP Reply packet, the Router encapsulates its MAC address into the ARP Reply packet and sends it to Host_1 in sub-VLAN 2.
  6. Subsequent packets sent by Host_1 in sub-VLAN 2 to Host_2 in sub-VLAN 3 are first sent to the gateway. The gateway then performs Layer 3 forwarding.

The packets sent by Host_2 in sub-VLAN 3 to Host_1 in sub-VLAN 2 are processed in the same way as the packets sent by Host_1 in sub-VLAN 2 to Host_2 in sub-VLAN 3.

Layer 3 Communication Between Hosts in Sub-VLANs and on an External Network

The networking in Figure 4-4 is used as an example to describe the communication between hosts in Sub-VLANs and on an external network.

As shown in Figure 4-4, user hosts and servers are on different network segments, sub-VLANs 2 to 4 and VLAN 10 are configured on Router_1, and VLAN 10 and VLAN 20 are configured on Router_2.

Figure 4-4  Layer 3 communication between hosts in sub-VLANs and on an external network

When Host_1 in sub-VLAN 2 wants to communicate with the server connected to Router_2, the packet forwarding process is as follows (assume that a route to 10.1.2.0/24 has been configured on Router_1, a route to 10.1.1.0/24 has been configured on Router_2, and no Layer 3 forwarding entry exists on the two devices):
  1. Host_1 compares the server's IP address (10.1.2.2) with its network segment 10.1.1.0/24 and finds that they are on different network segments. Host_1 then sends an ARP Request packet to its gateway to request the gateway's MAC address. The ARP Request packet carries an all-F destination MAC address and destination IP address 10.1.1.1.
  2. After receiving the ARP Request packet, Router_1 searches the mapping between the super-VLAN and sub-VLANs. Router_1 then sends an ARP Reply packet with the MAC address of VLANIF 4 (corresponding to super-VLAN 4) from an interface of sub-VLAN 2 to Host_1.
  3. After learning the gateway's MAC address, Host_1 sends a packet with the destination MAC address as the MAC address of VLANIF 4 (corresponding to super-VLAN 4) and destination IP address of 10.1.2.2.
  4. After receiving the packet from Host_1, Router_1 determines that the packet should be forwarded at Layer 3 according to the mapping between the super-VLAN and sub-VLANs and destination MAC address. Router_1 searcher its Layer 3 forwarding table for a matching entry, but no entry is found. Router_1 sends the packet to the CPU, and the CPU searches its routing table and obtains the next hop address of 10.1.10.2 and the outbound interface of VLANIF 10. Router_1 determines the outbound interface according to the ARP entry and MAC address entry, and sends the packet to Router_2.
  5. Router_2 sends the packet to server according to the Layer 3 forwarding process.
After receiving the packet from Host_1, the server sends a response packet with the destination IP address of 10.1.1.2 and destination MAC address as the MAC address of VLANIF 20 on the Router_2. The process is as follows:
  1. The response packet reaches Router_1 according to the Layer 3 forwarding process. When the response packet reaches Router_1, the destination MAC address is changed to the MAC address of VLANIF 10 on Router_1.
  2. After receiving the packet, Router_1 determines that the packet should be forwarded at Layer 3 according to the destination MAC address. Router_1 searcher its Layer 3 forwarding table for a matching entry, but no entry is found. Router_1 sends the packet to the CPU, and the CPU searches its routing table and obtains the next hop address of 10.1.1.2 and the outbound interface of VLANIF 4. Router_1 searches the mapping between the super-VLAN and sub-VLANs and determines that the packet should be sent to Host_1 from an interface in sub-VLAN 2 according to the ARP entry and MAC address entry.
  3. The response packet reaches Host_1.

Layer 2 Communication Between Hosts in Sub-VLANs and Other Devices

The networking in Figure 4-5 is used as example to describe Layer 2 communication between hosts in sub-VLANs and other devices. Sub-VLAN 2, sub-VLAN 3, and super-VLAN 4 are configured on Router_1; IF_1 and IF_2 on Router_1 are access interfaces; IF_3 is a trunk interface that allows VLAN 2 and VLAN 3; the interface of Router_2 connected to Router_1 is a trunk interface and allows VLAN 2 and VLAN 3.

Figure 4-5  Layer 2 communication between hosts in sub-VLANs and on an external network

The tag with VLAN 2 is added to packets sent from Host_1 to Router_1. Although sub-VLAN 2 belongs to super-VLAN 4, Router_1 does not change the tag with VLAN 2 to the tag with VLAN 4 in packets. That is, packets sent from IF_3 of Router_1 still carry VLAN 2.

Router_1 itself does not send packets from VLAN 4. When another device sends packets from VLAN 4 to Router_1, Router_1 discards the packets because there is no physical interface corresponding to super-VLAN 4 on Router_1. Actually, IF_3 on Router_1 does not allow packets from super-VLAN 4. For other devices, only sub-VLAN 2 and sub-VLAN 3 are valid, and all packets are exchanged in the VLANs.

The communication between Router_1 configured with VLAN aggregation and other devices is similar to normal Layer 2 communication without using the super-VLAN, and is not described here.

Translation
Download
Updated: 2019-05-25

Document ID: EDOC1000097279

Views: 9448

Downloads: 62

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next