Inter-VLAN Communication

S12700 V200R010C00 Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring link aggregation, VLANs, Voice VLAN, VLAN mapping, QinQ, GVRP, MAC table, STP/RSTP/MSTP, SEP, and so on.

About This Document
Ethernet Switching Overview
- Introduction to Ethernet Switching
- Basic Concepts of Ethernet
- Switching on the Ethernet
  - Layer 2 Switching
  - Layer 3 Switching
- Application Environment
  - Building an Enterprise Network
MAC Address Table Configuration
- Introduction to the MAC Address
- Principles
- Application
- Configuration Task Summary
- Licensing Requirements and Limitations for MAC Address Tables
- Default Configuration
- Configuring a MAC Address Table
- Configuring MAC Address Flapping Prevention
  - Configuring a MAC Address Learning Priority for an Interface
  - Preventing MAC Address Flapping Between Interfaces with the Same Priority
- Configuring MAC Address Flapping Detection
- Configuring the Switch to Discard Packets with an All-0 MAC Address
- Configuring the Switch to Discard Packets That Do Not Match Any MAC Address Entry
- Enabling MAC Address-Triggered ARP Entry Update
- Enabling Port Bridge
- Configuring Re-marking of Destination MAC Addresses
- Maintaining the MAC Address Table
- Configuration Examples
- Common Misconfigurations
  - MAC Address Entries Failed to Be Learned on an Interface
- FAQs
Link Aggregation Configuration
- Introduction to Link Aggregation
- Principles
- Applications
- Configuration Task Summary
- Licensing Requirements and Limitations for Link Aggregation
- Default Settings
- Configuring Link Aggregation in Manual Mode
- Configuring Link Aggregation in LACP Mode
- Configuring Preferential Forwarding of Local Traffic in a CSS
- Creating an Eth-Trunk Sub-interface
- Configuring an E-Trunk
- Maintaining Link Aggregation
- Configuration Examples
- Common Configuration Errors
  - Traffic Is Unevenly Load Balanced Among Eth-Trunk Member Interfaces Because the Load Balancing Mode Is Incorrect
  - Eth-Trunk at Both Ends Cannot Be Up Because the Lower Threshold for the Number of Active Interfaces Is Incorrect
- FAQ
VLAN Configuration
- VLAN Overview
- Principles
- Applications
- Configuration Task Summary
- Licensing Requirements and Limitations for VLANs
- Default Configuration
- Configuring VLAN Technology
- Maintaining VLANs
- Configuration Examples
- Common Misconfigurations
- FAQ
VLAN Aggregation Configuration
- Introduction to VLAN Aggregation
- Principles
- Application Scenario
- Licensing Requirements and Limitations for VLAN Aggregation
- Default Configuration
- Configuring VLAN Aggregation
- Configuration Examples
  - Example for Configuring VLAN Aggregation
- FAQ
  - How Do I Implement Communication Between Specific Sub-VLANs in a Super-VLAN
  - How Should a Traffic Policy Be Configured in a Super-VLAN or Sub-VLAN to Make the Traffic Policy Take Effect
VLAN Switch Configuration
- Introduction to VLAN Switch
- Application Scenario
- Licensing Requirements and Limitations for VLAN Switch
- Default Configuration
- Configuring VLAN Switch
- Maintaining VLAN Switch
- Configuration Examples
  - Example for Implementing Inter-VLAN Communication Using VLAN Switch
MUX VLAN Configuration
- Introduction to MUX VLAN
- Licensing Requirements and Limitations for MUX VLANs
- Default Configuration
- Configuring the MUX VLAN
- Configuration Examples
  - Example for Configuring MUX VLAN on the Access Device
  - Example for Configuring MUX VLAN on the Aggregation Device
VLAN Termination Configuration
- Introduction to VLAN Termination
- Application Scenario
- Configuration Task Summary
- Licensing Requirements and Limitations for VLAN Termination
- Default Configuration
- Using a Dot1q Termination Sub-interface to Implement Inter-VLAN Communication
- Configuring a Dot1q Termination Sub-interface and Connecting It to an L2VPN
- Configuring a Dot1q Termination Sub-interface and Connecting It to an L3VPN
- Configuring a QinQ Termination Sub-interface and Connecting It to an L2VPN
- Configuring a QinQ Termination Sub-interface and Connecting It to an L3VPN
- Configuration Examples
Voice VLAN Configuration
- Introduction to Voice VLAN
- Typical Networking
- Principles
- Applicable Scenario
- Licensing Requirements and Limitations for Voice VLAN
- Default Configuration
- Configuring a MAC Address-based Voice VLAN
- Configuring a VLAN ID-based Voice VLAN
- Configuration Examples
  - Example for Configuring a MAC Address-based Voice VLAN (IP Phones Send Untagged Voice Packets)
  - Example for Configuring a VLAN ID-based Voice VLAN (IP Phones Send Tagged Voice Packets)
QinQ Configuration
- Introduction to QinQ
- Principles
- Applications
  - Public User Services on a Metro Ethernet Network
  - Enterprise Network Connection Through Private Lines
- Configuration Task Summary
- Licensing Requirements and Limitations for QinQ
- Configuring Basic QinQ
- Configuring Selective QinQ
- Configuring the TPID Value in an Outer VLAN Tag
- Configuring the Device to Add Double VLAN Tags to Untagged Packets
- Configuring QinQ Mapping
  - Configuring 1-to-1 QinQ Mapping
  - Configuring 2-to-1 QinQ Mapping
- Maintaining QinQ
  - Displaying VLAN Translation Resource Usage
- Configuration Examples
- Common Misconfigurations
  - QinQ Traffic Forwarding Fails Because the Outer VLAN Is Not Created
  - QinQ Traffic Forwarding Fails Because the Interface Does Not Transparently Transmit the Outer VLAN ID
- FAQ
VLAN Mapping Configuration
- Introduction to VLAN Mapping
- Principles
- Applications
- Licensing Requirements and Limitations for VLAN Mapping
- Configuring VLAN ID-based VLAN Mapping
- Configuring 802.1p Priority-based VLAN Mapping
- Configuring MQC-based VLAN Mapping
- Maintaining VLAN Mapping
  - Displaying VLAN Translation Resource Usage
- Configuration Examples
- Common Configuration Errors
  - Communication Failure After VLAN Mapping Configuration
GVRP Configuration
- Introduction to GVRP
- Principles
- Applications
- Licensing Requirements and Limitations for GVRP
- Default Configuration
- Configuring GVRP
- Maintaining GVRP
  - Clearing GVRP Statistics
- Configuration Examples
  - Example for Configuring GVRP
- FAQ
  - Why Is the CPU Usage High When VLANs Are Created or Deleted Through GVRP in Default Configuration?
VCMP Configuration
- Introduction to VCMP
- Principles
  - VCMP Concepts
  - Implementation
- Applicable Scenario
- Licensing Requirements and Limitations for VCMP
- Default Configuration
- Configuring VCMP
- Maintaining VCMP
  - Displaying VCMP Running Information
  - Clearing VCMP Running Information
- Configuration Examples
  - Example for Configuring VCMP to Implement Centralized VLAN Management
STP/RSTP Configuration
- Introduction to STP/RSTP
- Principles
- Applications
- Configuration Task Summary
- Licensing Requirements and Limitations for STP/RSTP
- Default Configuration
- Configuring Basic STP/RSTP Functions
- Setting STP Parameters that Affect STP Convergence
- Setting RSTP Parameters that Affect RSTP Convergence
- Configuring RSTP Protection Functions
- Setting Parameters for Interoperation Between Huawei and Non-Huawei Devices
- Maintaining STP/RSTP
  - Clearing STP/RSTP Statistics
  - Monitoring STP/RSTP Topology Change Statistics
- Configuration Examples
  - Example for Configuring Basic STP Functions
  - Example for Configuring Basic RSTP Functions
- FAQ
MSTP Configuration
- Introduction to MSTP
- MSTP Principles
- Application Environment
- Configuration Task Summary
- Licensing Requirements and Limitations for MSTP
- Default Configuration
- Configuring Basic MSTP Functions
- Configuring MSTP Multi-Process
- Configuring MSTP Parameters on an Interface
- Configuring MSTP Protection Functions
- Configuring MSTP Interoperability Between Huawei and Non-Huawei Devices
- Maintaining MSTP
  - Clearing MSTP Statistics
  - Monitoring the Statistics on MSTP Topology Changes
- Configuration Examples
- FAQ
VBST Configuration
- Introduction to VBST
- Principles
- Applicable Scenario
- Configuration Task Summary
- Licensing Requirements and Limitations for VBST
- Default Configuration
- Configuring Basic VBST Functions
- Setting VBST Parameters That Affect VBST Convergence
- Configuring Protection Functions of VBST
- Setting Parameters for Interworking Between a Huawei Datacom Device and a Non-Huawei Device
- Maintaining VBST
  - Displaying VBST Running Information and Statistics
  - Clearing VBST Statistics
- Configuration Examples
  - Example for Configuring VBST
SEP Configuration
- Introduction to SEP
- Principles
- Applications
- Configuration Task Summary
- Licensing Requirements and Limitations for SEP
- Configuring Basic SEP Functions
- Specifying an Interface to Block
- Configuring SEP Multi-Instance
- Configuring the Topology Change Notification Function
- Maintaining SEP
  - Clearing SEP Statistics
- Configuration Examples
RRPP Configuration
- Introduction to RRPP
- Principles
- Application Scenarios
- Configuration Task Summary
- Licensing Requirements and Limitations for RRPP
- Default Configuration
- Configuring RRPP
- Configuring RRPP Snooping
- Maintaining RRPP
  - Clearing RRPP Statistics
- Configuration Examples
- Common Configuration Errors
  - A Loop Occurs After the RRPP Configuration is Complete
  - After the Primary Port of a Transit Node on an RRPP Ring Network Becomes Down and Then Recovers, the Transit Node and Other Transit Nodes Cannot Register With the Master Node
- FAQ
ERPS (G.8032) Configuration
- Introduction to ERPS
- Principles
- Applicable Scenario
- Configuration Task Summary
- Licensing Requirements and Limitations for ERPS
- Default Settings
- Configuring ERPSv1
- Configuring ERPSv2
- Maintaining ERPS
  - Clearing ERPS Statistics
- Configuration Examples
  - Example for Configuring ERPS Multi-instance
  - Example for Configuring Intersecting ERPS Rings
- Common Configuration Errors
  - Traffic Forwarding Fails in an ERPS Ring
LDT and LBDT Configuration
- Introduction to LBDT and LDT
- Principles
- Applicable Scenario
- Licensing Requirements and Limitations for LDT and LBDT
- Default Configuration
- Configuring LDT to Detect Loops
- Configuring Automatic LBDT
- Configuring Manual LBDT
- Configuration Examples
Layer 2 Protocol Transparent Transmission Configuration
- Introduction to Layer 2 Protocol Transparent Transmission
- Principles
- Application Environment
- Configuration Task Summary
- Licensing Requirements and Limitations for Layer 2 Protocol Transparent Transmission
- Configuring Interface-based Layer 2 Protocol Transparent Transmission
- Configuring VLAN-based Layer 2 Protocol Transparent Transmission
- Configuring QinQ-based Layer 2 Protocol Transparent Transmission
- Configuration Examples
- FAQ

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).

Inter-VLAN Communication

After VLANs are assigned, broadcast packets are only forwarded in the same VLAN. This means that hosts in different VLANs cannot communicate at Layer 2. In real-world scenarios, hosts in different VLANs often need to communicate, so inter-VLAN communication needs to be implemented to resolve this.

Similar to intra-VLAN communication described in Intra-VLAN Communication, inter-VLAN communication goes through three phases: packet transmission from the source host, Ethernet switching in a switch, and adding and removing VLAN tags during the exchange between devices. According to the Ethernet switching principle, broadcast packets are only forwarded in the same VLAN and hosts in different VLANs cannot directly communicate at Layer 2. Layer 3 routing or VLAN translation technology is required to implement inter-VLAN communication.

Inter-VLAN Communication Technologies

Huawei provides a variety of technologies to implement inter-VLAN communication. The following two technologies are commonly used:

VLANIF interface

A VLANIF interface is a Layer 3 logical interface that can be used to implement inter-VLAN Layer 3 connectivity.

It is simple to configure a VLANIF interface, so VLANIF interfaces are the most commonly used for inter-VLAN communication. However, a VLANIF interface needs to be configured for each VLAN and each VLANIF interface requires an IP address. As a result, this technology wastes IP addresses.
Dot1q termination sub-interface

A sub-interface is also a Layer 3 logical interface that can be used to implement inter-VLAN Layer 3 connectivity.

A Dot1q termination sub-interface applies to scenarios where a Layer 3 Ethernet interface connects to multiple VLANs. In such a scenario, data flows from different VLANs preempt bandwidth of the primary Ethernet interface; therefore, the primary Ethernet interface may become a bottleneck when the network is busy.

For details about the Dot1q termination sub-interface, see VLAN Termination Configuration.

VLANIF interfaces and Dot1q termination sub-interfaces require that users in VLANs be located on different network segments. When hosts are located on the same network segment, the source host encapsulates the packets with the destination host' MAC address. The device determines that the packets should be forwarded at Layer 2 but Layer 2 switching can only be performed for devices in the same VLAN. Therefore, the device cannot obtain destination hosts' MAC addresses or forward the packets to the destination host. VLAN aggregation can be used to allow hosts on the same network segment in different VLANs to communicate.

VLAN aggregation

VLAN aggregation associates a super-VLAN with a super-VLAN. The sub-VLANs share the IP address of the super-VLAN, which acts as the gateway IP address, to implement Layer 3 connectivity with an external network. Proxy ARP can be enabled between sub-VLANs to implement Layer 3 connectivity between sub-VLANs. VLAN aggregation conserves IP addresses.

VLAN aggregation applies to scenarios where multiple VLANs share a gateway.

For details about VLAN aggregation, see VLAN Aggregation Configuration.
VLAN Switch switch-vlan

VLAN Switch switch-vlan requires a pre-configured static forwarding path along switching nodes on a network. When a switching node receives VLAN-tagged frames matching VLAN Switch entries, it directly forwards the frames to corresponding interfaces according to the static forwarding path, thus implementing Layer 2 communication.

Switch-VLAN does not require lookup of the MAC address table, so the forwarding efficiency and security are enhanced. If a switching node connects to many user devices, the network administrator needs to configure each user device in advance to establish a static forwarding path. This increases the manual configuration workload and makes network management inconvenient. Switch-VLAN applies to small-scale networks.

For details about VLAN Switch switch-vlan, see VLAN Switch Configuration.

Inter-VLAN Communication Through the Same Switch

In Figure 4-14, Host_1 (source host) and Host_2 (destination host) connect to the same Layer 3 switch, are located on different network segments, and belong to VLAN 2 and VLAN 3, respectively. After VLANIF 2 and VLANIF 3 are created on the switch and allocated IP addresses, the default gateway addresses of the hosts are set to IP addresses of the VLANIF interfaces.

Figure 4-14 Using VLANIF interfaces to implement inter-VLAN communication through the same switch

When Host_1 sends a packet to Host_2, the packet is transmitted as follows (assuming that no forwarding entry exists on the switch):

Host_1 determines that the destination IP address is on a different network segment from its own IP address, and therefore sends an ARP Request packet to request the gateway MAC address. The ARP Request packet carries the destination IP address of 10.1.1.1 (gateway's IP address) and all-F destination MAC address.
When the ARP Request packet reaches IF_1 on the Switch, the Switch tags the packet with VLAN 2 (PVID of IF_1). The Switch then adds the mapping between the source MAC address, VLAN ID, and interface (1-1-1, 2, IF_1) in its MAC address table.
The Switch detects that the packet is an ARP Request packet and the destination IP address is the IP address of VLANIF 2. The Switch then encapsulates VLANIF 2's MAC address of 3-3-3 into the ARP Reply packet before sending it from IF_1. In addition, the Switch adds the binding of the IP address and MAC address of Host_1 in its ARP table.
After receiving the ARP Reply packet from the Switch, Host_1 adds the binding of the IP address and MAC address of VLANIF 2 on the Switch in its ARP table and sends a packet to the Switch. The packet carries the destination MAC address of 3-3-3 and destination IP address of 10.2.2.2 (Host_2's IP address).
After the packet reaches IF_1 on the Switch, the Switch tags the packet with VLAN 2.
The Switch updates its MAC address table based on the source MAC address, VLAN ID, and inbound interface of the packet, and compares the destination MAC address of the packet with the MAC address of VLANIF 2. If they are the same, the Switch determines that the packet should be forwarded at Layer 3 and searches for a Layer 3 forwarding entry based on the destination IP address. If no entry is found, the Switch sends the packet to the CPU. The CPU then searches for a routing entry to forward the packet.
The CPU looks up the routing table based on the destination IP address of the packet and detects that the destination IP address matches a directly connected network segment (network segment of VLANIF 3). The CPU continues to look up its ARP table but finds no matching ARP entry. Therefore, the Switch broadcasts an ARP Request packet with the destination address of 10.2.2.2 to all interfaces in VLAN 3. The ARP Request packet will be send from IF_2.
After receiving the ARP Request packet, Host_2 detects that the IP address is its own IP address and sends an ARP Reply packet with its own. Additionally, Host_2 adds the mapping between the MAC address and IP address of VLANIF 3 to its ARP table.
After IF_2 on the Switch receives the ARP Reply packet, IF_2 tags the packet with VLAN 3 to the packet and adds the binding of the MAC address and IP address of Host_2 in its ARP table. Before forwarding the packet from Host_1 to Host_2, the Switch removes the tag with VLAN 3 from the packet. The Switch also adds the binding of Host_2's IP address, MAC address, VLAN ID, and outbound interface in its Layer 3 forwarding table.

The packet sent from Host_1 then reaches Host_2. The packet transmission process from Host_2 to Host_1 is similar. Subsequent packets between Host_1 and Host_2 are first sent to the gateway (Switch), and the Switch forwards the packets at Layer 3 based on its Layer 3 forwarding table.

Inter-VLAN Communication Through Multiple Switches

When hosts in different VLANs connect to multiple Layer 3 switches, you need to configure static routes or a dynamic routing protocol in addition to VLANIF interface addresses. This is because IP addresses of VLANIF interfaces can only be used to generate direct routes.

In Figure 4-15, Host_1 (source host) and Host_2 (destination host) are located on different network segments, connect to Layer 3 switches Switch_1 and Switch_2, and belong to VLAN 2 and VLAN 3, respectively. On Switch_1, VLANIF 2 and VLANIF 4 are created and allocated IP addresses of 10.1.1.1 and 10.1.4.1. On Switch_2, VLANIF 3 and VLANIF 4 are created and allocated IP addresses of 10.1.2.1 and 10.1.4.2. Static routes are configured on Switch_1 and Switch_2. On Switch_1, the destination network segment in the static route is 10.1.2.0/24 and the next hop address is 10.1.4.2. On Switch_2, the destination network segment in the static route is 10.1.1.0/24 and the next hop address is 10.1.4.1.

Figure 4-15 Using VLANIF interfaces to implement inter-VLAN communication through multiple switches

When Host_1 sends a packet to Host_2, the packet is transmitted as follows (assuming that no forwarding entry exists on Switch_1 and Switch_2):

The first six steps are similar to steps 1 to 6 in inter-VLAN communication when hosts connect to the same switch. After the steps are complete, Switch_1 sends the packet to its CPU and the CPU looks up the routing table.
The CPU of Switch_1 searches for the routing table based on the destination IP address of 10.1.2.2 and finds a static route. In the static route, the destination network segment is 10.1.2.0/24 and the next hop address is 10.1.4.2. The CPU continues to look up its ARP table but finds no matching ARP entry. Therefore, Switch_1 broadcasts an ARP Request packet with the destination address of 10.1.4.2 to all interfaces in VLAN 4. IF_2 on Switch_1 transparently transmits the ARP Request packet to IF_2 on Switch_2 without removing the tag from the packet.
After the ARP Request packet reaches Switch_2, Switch_2 finds that the destination IP address of the ARP Request packet is the IP address of VLANIF 4. Switch_2 then sends an ARP Reply packet with the MAC address of VLANIF 4 to Switch_1.
IF_2 on Switch_2 transparently transmits the ARP Reply packet to Switch_1. After Switch_1 receives the ARP Reply packet, it adds the binding of the MAC address and IP address of VLANIF4 in its ARP table.
Before forwarding the packet of Host_1 to Switch_2, Switch_1 changes the destination MAC address of the packet to the MAC address of VLANIF 4 on Switch_2 and the source MAC address to the MAC address of VLANIF 4 on itself. In addition, Switch_1 records the forwarding entry (10.1.2.0/24, next hop IP address, VLAN, and outbound interface) in its Layer 3 forwarding table. Similarly, the packet is transparently transmitted to IF_2 on Switch_2.
After Switch_2 receives packets of Host_1 forwarded by Switch_1, the steps similar to steps 6 to 9 in inter-VLAN communication when hosts connect to the same switch are performed. In addition, Switch_2 records the forwarding entry (Host_2's IP address, MAC address, VLAN, and outbound interface) in its Layer 3 forwarding table.

Inter-VLAN Communication Technologies
Inter-VLAN Communication Through the Same Switch
Inter-VLAN Communication Through Multiple Switches

Translation

简体中文

Download

Updated: 2022-05-23

Document ID: EDOC1000142081

Downloads: 896

Average rating:

This Document Applies to these Products

Related Version

Digital Signature File

Digital Signature Authentication Mode

Enterprise

Huawei Cloud

Carrier

Consumer

Corporate