No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
S12700 V200R010C00 Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring link aggregation, VLANs, Voice VLAN, VLAN mapping, QinQ, GVRP, MAC table, STP/RSTP/MSTP, SEP, and so on.

Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Introduction to MUX VLAN

Introduction to MUX VLAN

Background

The Multiple VXLAN (MUX VLAN) function is used to control network resources based on VLANs.

For example, both enterprise employees and customers can access the servers on an enterprise network. The enterprise allows employees to communicate with each other but prevents customers from communicating with each other.

To allow all users to access the enterprise servers, inter-VLAN communication must be configured. If there are a large number of users in an enterprise, VLANs need to be assigned to the users that the enterprise wishes to restrict communication. This wastes VLAN IDs and adds significant workload to network configuration and maintenance.

MUX VLAN provides Layer 2 isolation to allow enterprise employees to communicate and isolate customers.

Basic Concepts

A MUX VLAN consists of principal VLANs and subordinate VLANs; subordinate VLANs are classified into separate VLANs and group VLANs. See Table 7-1 for a description of these roles.

Table 7-1  Roles in MUX VLAN

MUX VLAN

VLAN Type

Associated Interface

Access Authority

Principal VLAN

-

Principal interface

A principal interface can communicate with all interfaces in a MUX VLAN.

Subordinate VLAN

Separate VLAN

Separate interface

A separate interface can communicate only with a principal interface and is isolated from other types of interfaces.

Each separate VLAN must be bound to a principal VLAN.

Group VLAN

Group interface

A group interface can communicate with a principal interface and the other interfaces in the same group, but cannot communicate with interfaces in other groups or a separate interface.

Each group VLAN must be bound to a principal VLAN.

Communication in the MUX VLAN

As shown in Figure 7-1, the principal port connects to the enterprise server; the separate port connects to enterprise customers; the group port connects to enterprise employees. Accordingly, both enterprise customers and employees can access the enterprise server, enterprise employees can communicate with each other, enterprise customers cannot communicate with each other, and enterprise customers and employees cannot communicate with each other.

Figure 7-1  MUX VLAN at the access layer

On an aggregation device, you can create a VLANIF interface for the principal VLAN. The IP address of the VLANIF interface can be used as the gateway address for servers or user hosts. As shown in Figure 7-2, MUX VLAN is configured on the aggregation device Switch1 to implement user isolation or interworking.
Figure 7-2  MUX VLAN at the aggregation layer
Translation
简体中文
Download
Updated: 2022-05-23

Document ID: EDOC1000142081

Views: 1065333

Downloads: 901

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Digital Signature File

Digital Signature Authentication Mode
Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :