No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

S9300, S9300E, and S9300X V200R012C00 Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, VLAN aggregation, MUX VLAN, VLAN termination, Voice VLAN, VLAN mapping, QinQ, GVRP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, HVRP, and Layer 2 protocol transparent transmission.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Configuring MAC Address-based VLAN Assignment (the Switch Connects to Downstream Layer 2 Switching Devices)

Example for Configuring MAC Address-based VLAN Assignment (the Switch Connects to Downstream Layer 2 Switching Devices)

Networking Requirements

On an enterprise network, the network administrator assigns different VLANs to different departments. PCs of each department connect to the enterprise network through a Layer 2 switch. To improve information security, the enterprise allows only employees from the same department to communicate with each other.

In Figure 4-25, PC1 and PC2 belong to the same department, can access the enterprise network, and communicate with each other through VLAN 10. PC3 and PC4 belong to a different department, can access the enterprise network, and communicate with each other through VLAN 20. Employees in the two departments are not allowed to communicate with each other even if their PCs are moved to the same area.

Figure 4-25  Networking of MAC address-based VLAN assignment

Configuration Roadmap

  1. Create VLANs and determine the VLANs to which the PCs belong.

  2. Associate PCs' MAC addresses with VLANs so that VLANs are assigned based on the source MAC addresses in packets.

  3. Add interfaces to VLANs to implement Layer 2 forwarding.

Procedure

  1. Configure Switch1.

    # Create VLANs.

    <Quidway> system-view
    [Quidway] sysname Switch1
    [Switch1] vlan batch 10 20
    

    # Associate MAC addresses of PC1 and PC2 with VLAN 10 and MAC addresses of PC3 and PC4 with VLAN 20.

    [Switch1] vlan 10
    [Switch1-vlan10] mac-vlan mac-address 11-11-11
    [Switch1-vlan10] mac-vlan mac-address 22-22-22
    [Switch1-vlan10] quit
    [Switch1] vlan 20
    [Switch1-vlan20] mac-vlan mac-address 33-33-33
    [Switch1-vlan20] mac-vlan mac-address 44-44-44
    [Switch1-vlan20] quit
    

    # Enable MAC address-based VLAN assignment.

    [Switch1] interface gigabitethernet 1/0/1
    [Switch1-GigabitEthernet1/0/1] mac-vlan enable
    [Switch1-GigabitEthernet1/0/1] quit
    

    # Configure GE1/0/1 on the Layer 2 switch as a hybrid interface and add it to the VLANs associated with MAC addresses in untagged mode.

    [Switch1] interface gigabitethernet 1/0/1
    [Switch1-GigabitEthernet1/0/1] port hybrid untagged vlan 10 20
    [Switch1-GigabitEthernet1/0/1] quit
    

    # Configure GE1/0/2 connected to the enterprise network to transparently transmit packets from the VLANs associated with MAC addresses.

    [Switch1] interface gigabitethernet 1/0/2
    [Switch1-GigabitEthernet1/0/2] port link-type trunk
    [Switch1-GigabitEthernet1/0/2] port trunk allow-pass vlan 10 20
    [Switch1-GigabitEthernet1/0/2] quit
    

  2. Verify the configuration.

    • PC1 and PC2 access the enterprise network through VLAN 10, and PC3 and PC4 access the enterprise network through VLAN 20.
    • PCs that are not on these VLANs cannot access the enterprise network.

Configuration Files

Switch1 configuration file

#
sysname Switch1
#
vlan batch 10 20
#
vlan 10
 mac-vlan mac-address 0011-0011-0011 priority 0
 mac-vlan mac-address 0022-0022-0022 priority 0
vlan 20
 mac-vlan mac-address 0033-0033-0033 priority 0
 mac-vlan mac-address 0044-0044-0044 priority 0
#
interface GigabitEthernet1/0/1
 port hybrid untagged vlan 10 20
 mac-vlan enable
#
interface GigabitEthernet1/0/2
 port link-type trunk                                                           
 port trunk allow-pass vlan 10 20
#
return
Translation
Download
Updated: 2019-01-18

Document ID: EDOC1100038290

Views: 104911

Downloads: 24

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next