No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Common Operation Guide

CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the super VLAN

Configuring the super VLAN

Networking Requirements

An enterprise has many departments on the same network segment. To improve service security, the enterprise adds users in different departments to different VLANs. Users in different departments need to communicate due to service requirements.

In Figure 18-6, VLAN 2 and VLAN 3 are assigned to different departments, and users in VLAN 2 and VLAN 3 need to communicate with each other.

Figure 18-6  Networking of VLAN aggregation

Configuration Roadmap

You can configure VLAN aggregation on SwitchB and add VLANs of different departments to a super-VLAN so that users in different departments can access the Internet using the super-VLAN. Proxy ARP can be configured in the super-VLAN so that users in different departments can communicate. The configuration roadmap is as follows:

  1. Configure VLANs and interfaces on SwitchA and SwitchB, add users of different departments to different VLANs, and configure interfaces to transparently transmit packets from VLANs to SwitchB.

  2. Configure a super-VLAN, a VLANIF interface, and a static route on SwitchB so that users in different departments can access the Internet.

  3. Configure proxy ARP in the super-VLAN on SwitchB so that users in different departments can communicate at Layer 3.

Procedure

  1. Configure VLANs and interfaces on SwitchA and SwitchB, add users of different departments to different VLANs, and configure interfaces to transparently transmit packets from VLANs to SwitchB.
    1. Configure SwitchA.

      # Configure 10GE1/0/1 as an access interface. The configurations of 10GE1/0/2, 10GE1/0/3, and 10GE1/0/4 are similar to the configuration of 10GE1/0/1, and are not mentioned here.

      <HUAWEI> system-view
      [~HUAWEI] sysname SwitchA
      [*HUAWEI] commit
      [~SwitchA] interface 10ge 1/0/1
      [~SwitchA-10GE1/0/1] port link-type access
      [*SwitchA-10GE1/0/1] quit
      [*SwitchA] commit
      

      # Create VLAN 2 and VLAN 3, add 10GE1/0/1 and 10GE1/0/2 to VLAN 2, and add 10GE1/0/3 and 10GE1/0/4 to VLAN 3.

      [~SwitchA] vlan batch 2 3
      [*SwitchA] vlan 2
      [*SwitchA-vlan2] port 10ge 1/0/1 1/0/2
      [*SwitchA-vlan2] quit
      [*SwitchA] vlan 3
      [*SwitchA-vlan3] port 10ge 1/0/3 1/0/4
      [*SwitchA-vlan3] quit
      [*SwitchA] commit
      

      # Configure the interface of SwitchA connected to SwitchB to transparently transmit packets from VLAN 2 and VLAN 3 to SwitchB.

      [~SwitchA] interface 10ge 1/0/5
      [~SwitchA-10GE1/0/5] port link-type trunk
      [*SwitchA-10GE1/0/5] port trunk allow-pass vlan 2 3
      [*SwitchA-10GE1/0/5] quit
      [*SwitchA] commit

    2. Configure SwitchB.

      # Create VLAN 2, VLAN 3, VLAN 4, and VLAN 10, and configure the interfaces of SwitchB connected to SwitchA to transparently transmit packets from VLAN 2 and VLAN 3 to SwitchB.

      <HUAWEI> system-view
      [~HUAWEI] sysname SwitchB
      [*HUAWEI] commit
      [~SwitchB] vlan batch 2 3 4 10
      [*SwitchB] interface 10ge 1/0/5
      [*SwitchB-10GE1/0/5] port link-type trunk
      [*SwitchB-10GE1/0/5] port trunk allow-pass vlan 2 3
      [*SwitchB-10GE1/0/5] quit
      [*SwitchB] commit
      

  2. Configure a super-VLAN and a VLANIF interface corresponding to the super-VLAN.

    # Configure super-VLAN 4 on SwitchB and add VLAN 2 and VLAN 3 to super-VLAN 4 as sub-VLANs.

    [~SwitchB] vlan 4
    [~SwitchB-vlan4] aggregate-vlan
    [*SwitchB-vlan4] access-vlan 2 to 3
    [*SwitchB-vlan4] quit
    [*SwitchB] commit

    # Create and configure VLANIF 4 so that users in different departments can access the Internet using super-VLAN 4.

    [~SwitchB] interface vlanif 4
    [*SwitchB-Vlanif4] ip address 10.1.1.1 24
    [*SwitchB-Vlanif4] quit
    [*SwitchB] commit

  3. Configure a static route.

    # Configure the uplink interface 10GE1/0/1 on SwitchB to transparently transmit packets from the VLAN that SwitchB and router belong to.

    [~SwitchB] interface 10ge 1/0/1
    [~SwitchB-10GE1/0/1] port link-type trunk
    [*SwitchB-10GE1/0/1] port trunk allow-pass vlan 10
    [*SwitchB-10GE1/0/1] quit
    [*SwitchB] commit
    

    # Create and configure VLANIF 10 and specify the IP address of VLANIF 10 as the IP address for connecting SwitchB and the router.

    [~SwitchB] interface vlanif 10
    [*SwitchB-Vlanif10] ip address 10.10.1.1 24
    [*SwitchB-Vlanif10] quit
    [*SwitchB] commit
    

    # Configure a static route to the router on SwitchB so that users can access the Internet.

    [~SwitchB] ip route-static 0.0.0.0 0.0.0.0 10.10.1.2
    [*SwitchB] commit
    NOTE:

    Configure the router interface connected to SwitchB and assign the IP address of 10.10.1.2 to the router interface. See the router configuration manual.

  4. Assign IP addresses to users.

    Configure an IP address for each user and ensure that the users are located on the same network segment as VLAN 4.

    After the configuration is complete, users in each department can access the Internet, and users in VLAN 2 and VLAN 3 cannot ping each other. Proxy ARP needs to be configured on SwitchB.

  5. Configure proxy ARP.

    # Configure proxy ARP in super-VLAN 4 on SwitchB so that users in different departments can communicate at Layer 3.

    [~SwitchB] interface vlanif 4 
    [~SwitchB-Vlanif4] arp proxy inter-vlan enable
    [*SwitchB-Vlanif4] quit
    [*SwitchB] commit
    

  6. Verify the configuration.

    After the configuration is complete, users in VLAN 2 and VLAN 3 can ping each other and access the Internet.

Translation
Download
Updated: 2018-10-08

Document ID: EDOC1000102369

Views: 144851

Downloads: 3160

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next