No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - IP Service

AR500, AR510, AR531, AR550, AR1500, and AR2500 V200R010

This document describes the concepts and configuration procedures of IP Service features on the device, and provides the configuration examples.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring Intra-VLAN Proxy ARP

Example for Configuring Intra-VLAN Proxy ARP

Networking Requirements

As shown in Figure 2-14, hosts of the accounting department are located in a VLAN. Hosts of the accounting department are attacked by viruses when they access the Internet. The attacked hosts send a large number of broadcast packets, causing broadcast storms in the VLAN. Even hosts cannot communicate. The company requires that broadcast storms be prevented to ensure communication between hosts and information security.

Figure 2-14  Networking diagram for configuring intra-VLAN proxy ARP

Configuration Roadmap

The configuration roadmap is as follows:

  1. Configure interface isolation on the downstream interface of the switch to forbid Layer 2 communication and remove broadcast storms.

  2. Enable intra-VLAN proxy ARP on the VLANIF interface to prevent broadcast storms and implement Layer 3 communication between hosts in the accounting department.

Procedure

  1. Add Etherent2/0/0 to VLAN10.

    # Create VLAN10.

    <Huawei> system-view
    [Huawei] sysname Router
    [Router] vlan 10
    [Router-vlan10] quit

    # Add Etherent2/0/0 to VLAN10.

    [Router] interface ethernet 2/0/0
    [Router-Ethernet2/0/0] port hybrid tagged vlan 10
    [Router-Ethernet2/0/0] port hybrid pvid vlan 10

    # Configure an IP address for VLANIF10.

    [Router] interface vlanif 10
    [Router-Vlanif10] ip address 10.1.1.12 255.255.255.0
    [Router-Vlanif10] quit

  2. Configure the switch.

    Create VLAN10 on the the switch and add all interfaces to VLAN10. Configure isolation for downstream interfaces connected to users. The configuration details are not mentioned here.

  3. Configure IP addresses for PCs.

    # Configure an IP address for each PC. Ensure that the IP addresses of PCs and the IP address of VLANIF10 are on the same network segment.The configuration details are not mentioned here.

    # After the configuration is complete, each PC and the router can ping each other. PCs, however, cannot ping each other.

  4. Enable intra-VLAN proxy ARP on VLANIF10.

    [Router] interface vlanif 10
    [Router-Vlanif10] arp-proxy inner-sub-vlan-proxy enable
    [Router-Vlanif10] quit

  5. Verify the configuration.

    # Ping PC A and PC B. They can ping each other.

    C:\Documents and Settings\Administrator> ping 10.1.1.100
     PING 10.1.1.100: 56  data bytes, press CTRL_C to break                       
        Reply from 10.1.1.100: bytes=56 Sequence=1 ttl=255 time=10 ms              
        Reply from 10.1.1.100: bytes=56 Sequence=2 ttl=255 time=10 ms              
        Reply from 10.1.1.100: bytes=56 Sequence=3 ttl=255 time=10 ms              
        Reply from 10.1.1.100: bytes=56 Sequence=4 ttl=255 time=10 ms              
        Reply from 10.1.1.100: bytes=56 Sequence=5 ttl=255 time=10 ms              
                                                                                    
      --- 10.1.1.100 ping statistics ---                                           
        5 packet(s) transmitted                                                     
        5 packet(s) received                                                        
        0.00% packet loss                                                           
        round-trip min/avg/max = 10/10/10 ms  

Configuration Files

Configuration file of the router

#
 sysname Router
#
vlan batch 10
#
interface Vlanif10
 ip address 10.1.1.12 255.255.255.0
 arp-proxy inner-sub-vlan-proxy enable
#
interface Ethernet2/0/0
 port hybrid pvid vlan 10
 port hybrid tagged vlan 10
#
return
Translation
Download
Updated: 2019-05-20

Document ID: EDOC1100034231

Views: 88576

Downloads: 57

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next