No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Common Operation Guide

CloudEngine 12800, 12800E, 8800, 7800, 6800, and 5800 Series Switches

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Interface-based VLAN Assignment

Configuring Interface-based VLAN Assignment

Networking Requirements

In Figure 18-1, many users connect to switches in the data center and users with the same services access the network through different devices.

To ensure communication security and prevent broadcast storms, administrators require that only users with the same services can communicate with each other.

To meet this requirement, VLANs can be assigned based on interfaces of switches and interfaces connected to users with the same services can be added to the same VLAN. In this situation, users in the same VLAN can communicate with each other, but users in different VLANs cannot communicate at Layer 2.

Figure 18-1  Interface-based VLAN assignment

Configuration Roadmap

The configuration roadmap is as follows:

  1. Create VLANs and add interfaces connected to users to the VLANs to isolate Layer 2 traffic between users with different services.
  2. Set the link type and allowed VLANs for interfaces between SwitchA and SwitchB to allow users with the same services to communicate through SwitchA and SwitchB.

Procedure

  1. Create VLAN 2 and VLAN 3 on SwitchA and add interfaces connected to users to the VLANs. The configuration of SwitchB is similar to that of SwitchA, and is not mentioned here.

    <HUAWEI> system-view
    [~HUAWEI] sysname SwitchA
    [*HUAWEI] commit
    [~SwitchA] vlan batch 2 3
    [*SwitchA] interface 10ge 1/0/1
    [*SwitchA-10GE1/0/1] port default vlan 2
    [*SwitchA-10GE1/0/1] quit
    [*SwitchA] interface 10ge 1/0/2
    [*SwitchA-10GE1/0/2] port default vlan 3
    [*SwitchA-10GE1/0/2] quit
    [*SwitchA] commit
  2. Set the link type and allowed VLANs for the interface connecting SwitchA to SwitchB. The configuration of SwitchB is similar to that of SwitchA, and is not mentioned here.

    [~SwitchA] interface 10ge 1/0/3
    [~SwitchA-10GE1/0/3] port link-type trunk
    [*SwitchA-10GE1/0/3] port trunk allow-pass vlan 2 3
    [*SwitchA-10GE1/0/3] commit
  3. Verify the configuration.

    Configure User1 and User2 on the same network segment, for example, 192.168.100.0/24, and configure User3 and User4 on the same network segment, for example, 192.168.200.0/24.

    User1 and User2 can ping each other successfully but they cannot ping User3 and User4. User3 and User4 can ping each other successfully but they cannot ping User1 and User2.

Translation
Download
Updated: 2018-10-08

Document ID: EDOC1000102369

Views: 140594

Downloads: 3153

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next