No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Ethernet Switching

S7700 and S9700 V200R012C00

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, VLANs, VLAN aggregation, MUX VLAN, VLAN termination, Voice VLAN, VLAN mapping, QinQ, GVRP, VCMP, STP/RSTP/MSTP, VBST, SEP, RRPP, ERPS, LBDT, HVRP, and Layer 2 protocol transparent transmission.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Overview of MUX VLANs

Overview of MUX VLANs

Background

The Multiplex VLAN (MUX VLAN) feature is used to control network resources based on VLANs.

For example, an enterprise allows both its employees and customers to access the servers on its network. However, the enterprise allows only its employees to communicate with each other and prevents customers from communicating with each other.

To allow all users to access the enterprise servers, inter-VLAN communication must be configured. Different VLANs must be assigned to the users who the enterprise wants to restrict communication. If there are many users, this configuration wastes VLAN IDs and significantly increases the network configuration and maintenance workload.

MUX VLAN provides Layer 2 isolation to allow enterprise employees to communicate while isolating customers.

Basic Concepts

A MUX VLAN consists of principal VLANs and subordinate VLANs. Subordinate VLANs are classified into separate VLANs and group VLANs. See Table 7-1 for a description of these roles.

Table 7-1  Roles in MUX VLAN

MUX VLAN

VLAN Type

Associated Port

Access Authority

Principal VLAN

-

Principal port

A principal port can communicate with all ports in a MUX VLAN.

Subordinate VLAN

Separate VLAN

Separate port

A separate port can communicate only with a principal port and is isolated from other types of ports.

Each separate VLAN must be bound to a principal VLAN.

Group VLAN

Group port

A group port can communicate with a principal port and the other ports in the same group, but cannot communicate with ports in other groups or a separate port.

Each group VLAN must be bound to a principal VLAN.

Communication in the MUX VLAN

As shown in Figure 7-1, the principal port connects to the enterprise servers, the separate port connects to enterprise customers, and the group port connects to enterprise employees. This allows both enterprise customers and employees to access the enterprise servers. Enterprise employees can communicate with each other whereas enterprise customers cannot. In addition, enterprise customers and employees cannot communicate with each other.

Figure 7-1  MUX VLAN at the access layer

On an aggregation device, you can create a VLANIF interface for the principal VLAN. The IP address of the VLANIF interface can be used as the gateway address for servers or user hosts. As shown in Figure 7-2, MUX VLAN is configured on the aggregation device Switch1 to implement user isolation or interworking.
Figure 7-2  MUX VLAN at the aggregation layer
Translation
Download
Updated: 2019-01-18

Document ID: EDOC1100038843

Views: 102263

Downloads: 69

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next