No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

eSight V300R010C00 Operation Guide 07

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
VLAN Management

VLAN Management

eSight supports VLAN monitoring and management, including network-wide VLAN management, device VLAN management, and VLAN topology management.

Operation Procedure

This section describes all VLAN management operations. You can perform related operations based on the site requirements.

Operation Procedure

After completing network planning based on site situation, you can create subnets or groups on eSight to add network devices the subnets or groups through SNMP, facilitating unified device management and maintenance.

Table 12-10 Operation procedure of VLAN management

Step

Operation

Description

1

Set protocol parameters on the device: SNMP

SNMP parameters: They are used to add devices to eSight.

For details about how to configure the SNMP protocol on the device, see Configuring the SNMP Protocol on Devices.

2

Add devices to eSight.

Select a proper device addition mode based on the site requirements.

For details about how to add devices to eSight, see Adding Devices to eSight.

3

Create a single VLAN.

Create a single VLAN and apply it to multiple devices.

4

Create VLANs in a batch.

Create VLANs in a batch and apply them to multiple devices.

5

Configure port VLANs in a batch.

Modify the type and attributes of port VLANs for one or more devices in a batch.

6

Create device VLANs.

Create VLANs for a single device and view all the VLANs as well as the list of ports on which the VLANs are configured.

7

Configure port VLANs.

Modify the type and attributes of one or more port VLANs in a batch for a single device.

8

Create VLANIF interfaces.

Create VLANIF interfaces for a single device.

9

Configure the voice VLAN.

Configure the voice VLAN for a single device.

10

Manage VLANs in the topology.

VLANs on the entire network and involved devices and links are uniformly displayed in a topology view. You can view and modify network-wide VLANs in the topology view.

Creating a VLAN
  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Resource from the navigation tree on the left. The list of VLANs on the entire network is displayed.
  3. Choose Create > Create Single VLAN.

  4. On the page for adding a VLAN, enter the VLAN ID and VLAN Description.
  5. Click Select Device. On the page that is displayed, filter out the desired device by specifying parameters such as the subnet, running status, device name, IP address, and device type, select one or more devices, and click OK.
  6. Click OK. The operation result is displayed.
Creating VLANs in Batches
  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Resource from the navigation tree on the left. The list of VLANs on the entire network is displayed.
  3. Choose Create > Create Multiple VLAN.

  4. On the page for adding multiple VLANs, enter the VLAN IDs.
    NOTE:

    In batch VLAN creation, the system generates the VLAN description by default.

  5. Click Select Device. On the page that is displayed, filter out the desired device by specifying parameters such as the subnet, running status, device name, IP address, and device type, select one or more devices, and click OK.
  6. Click OK. The operation result is displayed.
Configuring Port VLANs in Batches
  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Device from the navigation tree on the left. The list of devices supporting VLAN and their VLAN information are displayed.

  3. Select one or more devices and click Configure Port VLAN.

  4. Set port VLAN parameters: Select a port type from the Type drop-down list box. The other parameters vary depending on the port type.
  5. Click Select Port. On the page that is displayed, specify the parameters to filter out the desired ports and click OK.
    NOTE:
    • To deselect all the ports that have been selected, click Clear All.
    • To deselect a port, clear the check box of this port. After that, the VLAN configuration of this port will not be delivered to the device.
    • To add more ports, click Select Interface.
  6. Click Yes. The progress bar for batch configuration is displayed in the lower part of the page, and the operating status is displayed in the Operation Result column of the device list.
NOTE:

For a port whose VLAN configuration fails to be delivered, verify the device configuration and deliver the port VLAN configuration again.

Creating Device VLANs
  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Device from the navigation tree on the left. The list of devices supporting VLAN and their VLAN information are displayed.
  3. Click next to a target device and access the resource management page of the device.

    NOTE:

    You can also access the resource management page of a device by accessing the following path and clicking the corresponding NE name: Choose Resource > Network > Equipment > Network Device from the main menu.

  4. Choose Device VLAN > Device VLAN.
  5. Click Create and set VLAN ID and VLAN Description.
  6. Click Confirm.
Configuring Port VLANs

Creating VLANs based on the port is the easiest method. VLAN members are defined by device ports. After specified ports are added to specified VLANs, the ports can forward packets from specified VLANs.

  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Device from the navigation tree on the left. The list of devices supporting VLAN and their VLAN information are displayed.
  3. Click next to a target device and access the resource management page of the device.

    NOTE:

    You can also access the resource management page of a device by accessing the following path and clicking the corresponding NE name: Choose Resource > Network > Equipment > Network Device from the main menu.

  4. Choose Device VLAN > Port VLAN.

  5. Select one or more devices and click Modify.

  6. Select a port type. Other VLAN parameters vary depending on the port type.
  7. Click Confirm.
Creating VLANIF Interfaces

Operations in this section are applicable only to devices added to eSight through IPv4 addresses.

Currently, the VLANIF interface supports only IPv4 addresses. If a device is added to eSight through an IPv6 address, you cannot configure VLANIF for the device through eSight.

A VLANIF interface is a logical layer-3 interface that enables the communication among VLANs.

  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Device from the navigation tree on the left. The list of devices supporting VLAN and their VLAN information are displayed.
  3. Click next to a target device and access the resource management page of the device.

    NOTE:

    You can also access the resource management page of a device by accessing the following path and clicking the corresponding NE name: Choose Resource > Network > Equipment > Network Device from the main menu.

  4. Choose Device VLAN > VLANIF Interface. VLANIF information about the device is displayed.

  5. Click Create.

  6. Set VLAN ID, Interface IP address, and Interface IP subnet mask.
  7. Click Confirm.
Configuring the Voice VLAN

Voice data requires a higher priority than non-voice data during transmission. To mitigate delay and packet loss during transmission and ensure high-quality voice services, you can configure the voice VLAN to prioritize the transmission of voice data.

  1. Choose Resource > Network > Business > VLAN Management from the main menu.

  2. Choose Resource Management > VLAN Device from the navigation tree on the left. The list of devices supporting VLAN and their VLAN information are displayed.
  3. Click next to a target device and access the resource management page of the device.

    NOTE:

    You can also access the resource management page of a device by accessing the following path and clicking the corresponding NE name: Choose Resource > Network > Equipment > Network Device from the main menu.

  4. Choose Device VLAN > Voice VLAN from the navigation tree on the left. The voice VLAN information configured for this VLAN is displayed.

  5. Add an OUI address: Click Create. On the page that is displayed, set MAC Address, MAC Mask, and Description.

    NOTE:

    The value of MAC Address cannot be an all-0 address, multicast address, or broadcast address. An all-F value for MAC Address indicates a broadcast address. The method for determining a multicast address is as follows: Perform a logical And operation on the first two bits of MAC Address and 0x01. If the value obtained is 1, MAC Address is a multicast address.

  6. Add a port:
    1. Click Create. On the page that is displayed.

      NOTE:
      • Only one VLAN for a port can be set as the voice VLAN at a time.
      • The automatic mode (Work Mode being Auto) applies to the network for both voice and data access (that is, the port transmits voice data and non-voice data at the same time). The manual mode (Work Mode being Manual) applies to the network only for voice access (that is, the port transmits only voice data).
      • In automatic mode, a device with voice VLAN enabled learns the source MAC address carried in the voice packets sent by an audio device, and automatically adds the port that connects the audio device to the voice VLAN. In manual node, after voice VLAN is enabled, you must manually add the port that connects the audio device to the voice VLAN. For a port of the Access type, only manual mode is available.
      • Network devices send voice VLAN information to IP phones using LLDP packets. If an IP phone does not support LLDP but uses a proprietary protocol, set LAGACY Disabled to Enabled to support this proprietary protocol.
      • The security mode (Security Mode being Security) prevents the voice VLAN from being attacked by malicious data, but checking for malicious data occupies certain system resources.
      • For devices supporting advanced settings, the Work Mode parameter must be set to Manual and Security Mode must be set to Common.
    2. Set advanced parameters: Click Advanced. Set Untagged VLAN Allowed and Priority.
    NOTE:
    • Huawei devices support advanced settings only when the platform version is VRPV5R13 or later.
    • Untagged VLAN Allowed specifies whether to add a voice VLAN ID to untagged packets.
    • In automatic mode, a device with voice VLAN enabled learns the source MAC address carried in the voice packets sent by an audio device, and automatically adds the port that connects the audio device to the voice VLAN. In manual node, after voice VLAN is enabled, you must manually add the port that connects the audio device to the voice VLAN. For a port of the Access type, only manual mode is available.
  7. Click OK.
Managing VLANs in the Topology

VLANs on the entire network and involved devices and links are uniformly displayed in a topology view. You can view and modify network-wide VLANs in the topology view.

  1. Navigation path:
    1. Choose Resource > Network > Business > VLAN Management from the main menu.

    2. Choose VLAN Topology from the navigation tree on the left.
    3. On the VLAN topology page, click a VLAN in the VLAN list on the right.

  2. VLAN attribute display:
    • Hover the cursor over a device icon. The device name and device VLAN information are displayed.
    • Hover the cursor over a link. The NE name, port name, link type, PVID, and allowed VLAN for the NE at each end of the link are displayed.
  3. VLAN path display:
    • In the VLAN topology, a device icon in green indicates that the device is online and is a member device under the selected VLAN. If the device icon is gray, the device is a member device under the selected VLAN but is offline. If the device icon is yellow, the device is not a member device under the selected VLAN and you cannot know whether it is online or not.
    • A green link indicates a functional link and packets carrying the ID of the selected VLAN can be transmitted over this link. A gray link indicates that packets carrying the ID of the selected VLAN can be transmitted over this link but this link is unavailable. If the link is yellow, packets carrying the ID of the selected VLAN cannot be transmitted over this link and you cannot know whether this link is functional.
    • Blocking points on a loop for a certain VLAN are displayed according to the MSTP-based calculation result.
    • A subnet icon in green indicates that all member devices under the selected VLAN within this subnet are online and the links are functional. If the icon is gray, some or all of the member devices under the selected VLAN within this subnet are offline. If the icon is yellow, no device in this subnet belongs to the selected VLAN.
  4. VLAN topology operations:
  • Click a VLAN in the VLAN list on the right. The topology automatically filters out the devices and subnets belonging to this VLAN. Device icons being green and links green together indicate a functional network.
  • Right-click a device icon in the VLAN topology and choose Add to VLAN or Delete from VLAN from the shortcut menu to add the device to or delete the device from the VLAN.
  • Right-click a device icon in the VLAN topology and choose VLAN Management from the shortcut menu. The resource management page for the device is displayed. On this page, you can modify VLAN resources for this device.
  • Right-click a device icon in the VLAN topology and choose Synchronize Device VLAN from the shortcut menu. This operation synchronizes VLAN resources on a device and eSight.

Typical Configuration Examples

This topic describes typical configuration examples, helping you learn about VLAN functions and operations.

Deploying VLANs in Batches

This topic describes how to quickly deploy VLANs to devices and ports in batches during network deployment.

Scenario

The switch in a company connects many users and users with the same service requests access the network using different devices. To ensure communication security and avoid broadcast storms, the administrator wants to enable mutual access for users with the same service requests and to disable mutual access for users with different service requests. The administrator can create VLANs based on ports and assign ports for users with the same service requests to the same VLAN. In this case, users that belong to different VLANs cannot communicate with each other while users from the same VLAN can communicate with each other.

Networking Diagram

Figure 12-7 shows the networking diagram.

Figure 12-7 Network planning of an enterprise
Data Plan
Table 12-11 VLAN data plan

Device Name

Home Device

Port

Allowed VLAN ID

Ge1/1/1

SW1

Trunk

2, 3

Ge1/1/2

SW1

Trunk

2, 3

Ge1/1/3

SW2

Trunk

2, 3

Ge1/1/4

SW2

Trunk

2, 3

Ge1/1/5

SW3

Trunk

2, 3

Ge1/1/6

SW4

Trunk

2, 3

Ge1/1/7

SW3

Access

2

Ge1/1/8

SW3

Access

3

Ge1/1/9

SW4

Access

2

Ge1/1/10

SW4

Access

3

Ge1/1/11

SW4

Hybrid

2

Prerequisites
  • Devices have been added to eSight.
  • SNMP and Telnet parameters have been set as planned on devices and eSight.
Configuration Roadmap
  1. Create global VLANs in batches.
  2. Deliver VLANs to ports in batches: Set the ports of aggregation devices to the trunk type, upstream ports of access devices to the trunk type, downstream ports of access devices (connecting to computers) to the access type, and downstream ports of access devices (connecting to unknown devices) to the hybrid type.
Procedure
  1. Create global VLANs in batches.

    1. Choose Resource > Network > Business > VLAN Management from the main menu.
    2. Choose Resource Management > VLAN Resource. Network-wide VLAN information is displayed.
    3. Choose Create > Bulk Create VLANs.
    4. Set VLAN ID to 2,3.
    5. Click Select Device. On the page that is displayed, select SW1, SW2, SW3, and SW4, and click Confirm.
    6. Click Confirm.

  2. Deliver VLANs to ports in batches.

    • Configure the ports of aggregation devices SW1 and SW2 as well as upstream ports of access devices.
      1. Choose Resource Management > VLAN Device. The network-wide device list and VLAN information are displayed on the page.
      2. Select SW1, SW2, SW3, and SW4, and click Configure Port VLAN.
      3. Set port VLAN parameters: Set Type to Trunk, use the default value for PVID, and set Allowed VLAN to 2,3.
      4. Click Select Interface. On the page that is displayed, select Ge1/1/1, Ge1/1/2, Ge1/1/3, Ge1/1/4, Ge1/1/5, and Ge1/1/6, and click Confirm. Do not close the current page.
    • Configure downstream ports of access devices SW3 and SW4 (connecting to computers).
      1. Set port VLAN parameters: Set Type to Access and PVID to 2.
      2. Click Select Interface. On the page that is displayed, select Ge1/1/7 and Ge1/1/9, and click Confirm.
      3. Set port VLAN parameters: Set Type to Access and PVID to 3.
      4. Click Select Interface. On the page that is displayed, select Ge1/1/8 and Ge1/1/10, and click Confirm.
    • Configure downstream ports of access device SW4 (connecting to unknown devices).
      1. Set port VLAN parameters: Set Type to Hybrid, PVID to 2, and Untagged VLAN to 2.
      2. Click Select Interface. On the page that is displayed, select Ge1/1/11 and click Confirm.

Deploying Enterprise Voice VLANs

Two data flows, including voice data and non-voice data, exist on the network. Voice data has higher priority than non-voice data during transmission, which reduces the delay and packet loss phenomena that may arise from the transmission. This topic describes how to quickly deploy voice VLANs.

Scenario

A company has purchased IP phones. To ensure communication quality for office calls and telephone conferences, voice data is transmitted through VLAN 7 and non-voice data is transmitted through VLAN 8. The MAC address and mask for one IP phone are 60-30-40-50-60-70 and E0-00-00-00-00-00 respectively.

Networking Diagram

Figure 12-8 shows the networking diagram.

Figure 12-8 Network planning of an enterprise

Prerequisites
  • Devices have been added to eSight.
  • SNMP and Telnet parameters have been set as planned on devices and eSight.
Configuration Roadmap
  1. Create global VLANs in batches.
  2. Configure the downstream port type and the default VLAN for the switch.
  3. Enable the voice VLAN function of the downstream port and set the mode to automatic. When the source MAC address in a packet sent by a voice device matches the OUI, the system automatically adds the port connecting to the voice device to the voice VLAN.
Procedure
  1. Create global VLANs in batches.

    1. Choose Resource > Network > Business > VLAN Management from the main menu.
    2. Choose Resource Management > VLAN Resource. Network-wide VLAN information is displayed.
    3. Choose Create > Bulk Create VLANs.
    4. Set VLAN ID to 7,8.
    5. Click Select Interface. On the page that is displayed, select SW1 and click Confirm.
    6. Click Confirm.

  2. Configure the downstream port type and the default VLAN for the switch.

    1. Choose Resource Management > VLAN Device. The network-wide device list and VLAN information are displayed on the page.
    2. Select SW1 and click Configure Port VLAN.
    3. Set port VLAN parameters: Set Type to Hybrid and PVID to 8.
    4. Click Select Interface. On the page that is displayed, select Ge1/1/1 and click Confirm.
    5. Click Confirm.

  3. Configure the voice VLAN for the switch.

    1. Choose Resource Management > VLAN Device. The network-wide device list is displayed.
    2. Click in the Operation column of SW1. The resource management page for the device is displayed.
    3. Choose Device VLAN > Voice VLAN from the navigation tree on the left.
    4. Add the OUI address: Click Create. On the page that is displayed, set MAC Address to 60-30-40-50-60-70 and MAC Mask to E0-00-00-00-00-00.
    5. Add the port: Click Create. On the page that is displayed, set Port Name to Ge1/1/1, VLAN ID to 7, and Working mode to Automatic. Use the default values for other parameters.
      NOTE:

      The Working mode parameter can be set to Automatic only for some devices that do not support advanced settings.

    6. Click Confirm.

Locating VLAN Path Faults Using the Terminal Access Component and VLAN Topology

It consumes time and energy to manually locate network connectivity faults arising from VLAN deployment errors. This topic describes how to quickly locate faults arising from VLAN deployment errors.

Scenario

In a data center, server Device2 whose MAC address is 00-15-5D-3A-DF-08 is disconnected from the network. Maintenance personnel search for terminal access records based on the server MAC address and find out the switch and port connected to the server. Maintenance personnel check devices and links along the VLAN path and quickly locate the fault.

Networking Diagram

Figure 12-9 shows the networking diagram.

Figure 12-9 Network planning of an enterprise
Prerequisites
  • Devices have been added to eSight.
  • SNMP and Telnet parameters have been set as planned on devices and eSight.
Configuration Roadmap
  1. Search for terminal access records based on the server MAC address and find out the switch and port connected to the server. Click Locate in Panel to verify VLAN information on the port.
  2. Open the VLAN topology, enter the user VLAN, check devices and links along the VLAN path, and quickly locate the fault.
  3. Rectify VLAN configurations on the VLAN device management page.
Procedure
  1. Search for terminal access records based on the server MAC address and find out the switch and port connected to the server.

    1. Choose Resource > Network > Equipment > Terminal Resources from the main menu.
    2. Choose Resource Management > Terminal Access Record. Check the terminal access information on the page that is displayed.
    3. Set Terminal MAC to 00-15-5D-3A-DF-08 and search for the target server.
    4. Click in the Operation column of the server, click Locate in Panel, and check the port of access device SW1. The access port is selected.
    5. Ensure that VLAN configuration displayed as tips of port Ge1/1/8 is the same as the VLAN configuration of Device2.

      If the configurations are different, right-click the port, choose Modify VLAN from the shortcut menu, and rectify VLAN configurations.

  2. Check the VLAN path in the VLAN topology and locate the fault.

    1. Choose Resource > Network > Business > VLAN Management from the main menu.
    2. Choose Resource Management > VLAN Device.
    3. Set Device name to SW1 and search for the device.
    4. Click in the Operation column of SW1 to locate the device in the topology.
    5. Click VLAN 2 in the VLAN list on the right to display VLAN member devices and allowed paths in the topology. Two devices with green icons are member devices of VLAN 2. However, the link between the two devices is yellow, indicating that VLAN 2 is not allowed to pass through.
    6. Move the cursor to the link and check the tips: SW2's port Ge1/1/5 is Access and VLAN 2 is not allowed to pass through. The configurations are incorrect.

  3. Rectify the configurations.

    1. Right-click the device in the VLAN topology and choose VLAN Management.
    2. On the VLAN device management page that is displayed, click Configure Port VLAN.
    3. Set port VLAN parameters: Set Type to Trunk and Allowed VLAN to 2.
    4. Click Select Interface and select Ge1/1/5.
    5. Click Confirm.

Monitoring and Fine-Tuning VLANs in the Topology During Organizational Capacity Expansion and Adjustment

During organizational capacity expansion and adjustment, VLAN deployment and adjustment are performed in batches, which likely results in few deployment errors. This topic describes how to quickly locate VLAN deployment errors.

Scenario

A company has adjusted its organizational structure to meet service growth requirements. Figure 12-10 shows the networking diagram after the adjustment. Network administrator Wally monitors VLAN deployment in the VLAN topology in advance, detects deployment errors in a timely manner, and fine-tunes VLANs in the topology.

Networking Diagram
Figure 12-10 Network planning of an enterprise
Prerequisites
  • Devices have been added to eSight.
  • SNMP and Telnet parameters have been set as planned on devices and eSight.
Configuration Roadmap
  1. Open the VLAN topology, enter the user VLAN, check devices and links along the VLAN path, and quickly locate the fault.
  2. Fine-tune VLANs in the topology.
Procedure
  1. Check the VLAN 2 path in the VLAN topology and locate the fault.

    1. Choose Resource > Network > Business > VLAN Management from the main menu.
    2. Choose VLAN Topology > VLAN Topology.
    3. Click VLAN 2 in the VLAN list on the right to display VLAN member devices and allowed paths in the topology. SW1 has a blue icon and SW3 has a yellow icon. SW3 is not a member device of VLAN 2.
    4. The link between SW1 and SW3 is yellow. Move the cursor to the link and check the tips: SW3's upstream port Ge1/1/5 is Hybrid and VLAN 2 is not allowed to pass through. SW1's downstream port Ge1/1/1 is Hybrid and VLAN 2 is allowed to pass through.

  2. The configurations are incorrect. Rectify the configurations by adding ports connecting SW1 and SW3 to VLAN 2.

    1. Right-click SW3 in the VLAN topology and choose Add to VLAN. The device icon is changed to blue.
    2. Right-click the link connecting SW1 and SW3 in the VLAN topology and choose Add to VLAN. The link icon is changed to blue. The recovery is completed.

      You can perform the Add to VLAN operation only when the VLAN types on the two sides of the port are the same.

  3. Check the VLAN 3 path in the VLAN topology and locate the fault.

    1. Click VLAN 3 in the VLAN list on the right to display VLAN member devices and allowed paths in the topology. SW2 and SW4 have blue icons. The two devices are member devices of VLAN 3.
    2. The link between SW2 and SW4 is yellow. Move the cursor to the link and check the tips: SW4's upstream port Ge1/1/6 is Access and the PVID is VLAN 3. SW2's downstream port Ge1/1/4 is Trunk and VLAN 3 is allowed to pass through.

  4. The configurations are incorrect. Rectify the configurations by changing SW4's upstream port to Trunk.

    1. Right-click SW4 in the VLAN topology and choose VLAN Management.
    2. On the VLAN device management page that is displayed, click Configure Port VLAN.
    3. Set port VLAN parameters: Set Type to Trunk and Allowed VLAN to 3.
    4. Click Select Interface and select Ge1/1/6.
    5. Click Confirm.

Translation
Download
Updated: 2019-06-30

Document ID: EDOC1100044378

Views: 58441

Downloads: 268

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next