No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

ME60 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access 01

This is ME60 V800R010C10SPC500 Configuration Guide - LAN Access and MAN Access
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring IP Services on a VLAN Tag Termination Sub-Interface

Configuring IP Services on a VLAN Tag Termination Sub-Interface

IP services include proxy Address Resolution Protocol (ARP), Virtual Router Redundancy Protocol (VRRP), and Dynamic Host Configuration Protocol (DHCP) services. You can deploy IP services on VLAN tag termination sub-interfaces so that users in different VLANs can communicate. This ensures non-stop and reliable connections between the users and the network.

Applicable Environment

Table 9-6 shows the applications of VLAN tag termination sub-interfaces transmitting IP services.

Table 9-6 Application of VLAN tag termination sub-interfaces transmitting IP services

IP service

Application

Proxy ARP

A range of VLANs can connect to a network segment using VLAN tag termination sub-interfaces. However, if users on the same network segment belong to different VLANs, these users cannot communicate at Layer 2, and rely on IP forwarding at Layer 3 to communicate with each other. You can configure VLAN tag termination sub-interfaces to support proxy ARP so that users from different VLANs can communicate.

DHCP

  • If the DHCP client and DHCP server belong to different sub-nets, you need to deploy a DHCP relay agent to forward DHCP request packets from the client to the server so that the client can dynamically obtain IP addresses from the DHCP server.

    DHCP Relay can be configured on the VLAN tag termination sub-interface to insert tag information into Option82. The tag information provides a reference for the DHCP server in IP address allocation.

VRRP

Users may require communication with certain networks at any time. Running VRRP on the VLAN tag termination sub-interfaces ensures reliable communication and provides an active/standby mechanism for dot1q or QinQ users.

NOTE:

Proxy ARP, DHCP, and VRRP are different types of IP services. Deploy the desired service on the VLAN tag termination sub-interface.

Pre-configuration Task

Before you configure the VLAN tag termination sub-interface to provide IP access, plan user VLANs so that packets received by VLAN tag termination sub-interfaces carry one or two VLAN tags.

Configuration Procedures

Figure 9-8 Flowchart for configuring VLAN tag termination sub-interfaces to transmit IP services

Configuring a VLAN Tag Termination Sub-interface

A virtual local area network (VLAN) tag termination sub-interface can be a sub-interface for dot1q VLAN tag termination or a sub-interface for QinQ VLAN tag termination. In dot1q/QinQ termination, a device identifies whether a packet has one tag or two tags. The device then forwards the packet after stripping one or both tags or discards the packet.

Context

Applications of VLAN tag termination
  • Inter-VLAN communication

    The VLAN technology is widely used because it allows Layer 2 packets of different users to be transmitted separately. With the VLAN technology, a physical LAN is divided into multiple logical broadcast domains (VLANs). Hosts in the same VLAN can communicate with each other at Layer 2, but hosts in different VLANs cannot. The Layer 3 routing technology is required for communication between hosts in different VLANs. The following interfaces can be used to implement inter-VLAN communication:
    • VLANIF interfaces on Layer 3 switches
    • Layer 3 Ethernet interfaces on routers

      Conventional Layer 3 Ethernet interfaces do not identify VLAN packets. After receiving VLAN packets, they consider the packets invalid and discard them. To implement inter-VLAN communication, create Ethernet sub-interfaces on an Ethernet interface and configure the sub-interfaces to remove tags from VLAN packets.

  • Communication between devices in the LAN and WAN

    Most LAN packets carry VLAN tags. Certain wide area network (WAN) protocols, such as Point-to-Point Protocol (PPP), cannot identify VLAN packets. Before forwarding VLAN packets from a LAN to a WAN, a device needs to record the VLAN information carried in the VLAN packets and then remove the VLAN tags.

    When a device receives packets, it adds the locally stored VLAN information to the packets and forwards them to VLAN users.

Procedure

  • Configure the sub-interface for dot1q VLAN tag termination.

    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number.subinterface-number

      The view of an Ethernet sub-interface at the user-side of a PE is displayed.

    3. (Optional) Create a user VLAN group.

      1. Run vlan-group group-id

        A user VLAN group is created.

      2. Run group mode { single | multiple }

        The working mode of the VLAN group is configured.

        • single: A VLAN group is considered as a user. This means that you cannot collect statistics about QinQ packets or deploy quality of service (QoS) policies based on a VLAN or a VLAN range.
        • multiple: VLANs and VLAN ranges in a VLAN group are considered as different users. This means that you can collect statistics about QinQ packets or deploy QoS policies based on a VLAN or VLAN range to implement refined management.
      3. Run quit

        Return to the view of the Ethernet sub-interface at the user-side of the PE.

      NOTE:

      Configuring a VLAN group allows you to achieve the following purposes:

      • Deploy QoS policies based on services or users so that higher priority service traffic is preferentially forwarded, improving user experience.
      • View statistics about QinQ packets to check whether a device is functioning properly.
    4. Run control-vid vid dot1q-termination [ rt-protocol ] or encapsulation dot1q-termination [ rt-protocol ]

      The encapsulation type for a VLAN tag termination sub-interface is configured to be dot1q.

      Specify rt-protocol so that the sub-interface for dot1q VLAN tag termination supports routing protocols.

    5. Run either of the following commands:
      • To configure a sub-interface for dot1q VLAN tag termination, run the dot1q termination vid low-pe-vid [ to high-pe-vid ] [ vlan-group group-id ] command.
      • To configure a sub-interface for dot1q VLAN tag termination and a matching policy for the sub-interface, run the dot1q termination vid low-pe-vid [ to high-pe-vid ] { 8021p { 8021p-value1 [ to 8021p-value2 ] } &<1-8> | dscp { dscp-value1 [ to dscp-value2 ] } &<1-10> | eth-type pppoe | default } [ vlan-group group-id ] command.

      NOTE:
      • If you do not configure a matching policy, the sub-interface for dot1q VLAN tag termination terminates the VLAN tags of packets carrying the specified VLAN ID. If you configure a matching policy, the sub-interface for dot1q VLAN tag termination terminates the VLAN tags of packets carrying the specified VLAN ID+802.1p value/DSCP value/EthType.

      • After the dot1q termination vid low-pe-vid [ to high-pe-vid ] [ vlan-group group-id ] command is run in the Ethernet sub-interface view, the specified VLAN range belongs to the sub-interface, and any VLAN ID in the VLAN range cannot be configured together with the 802.1p value/DSCP value/EthType on other sub-interfaces.

    6. Run commit

      The configuration is committed.

  • Configure the sub-interface for QinQ VLAN tag termination.

    1. Run system-view

      The system view is displayed.

    2. Run interface interface-type interface-number.subinterface-number

      The view of an Ethernet sub-interface at the user-side of a PE is displayed.

    3. (Optional) Create a user VLAN group.

      1. Run vlan-group group-id

        A user VLAN group is created.

      2. Run group mode { single | multiple }

        The working mode of the VLAN group is configured.

        • single: A VLAN group is considered as a user. This means that you cannot collect statistics about QinQ packets or deploy quality of service (QoS) policies based on a VLAN or a VLAN range.
        • multiple: VLANs and VLAN ranges in a VLAN group are considered as different users. This means that you can collect statistics about QinQ packets or deploy QoS policies based on a VLAN or VLAN range to implement refined management.
      3. Run quit

        Return to the view of the Ethernet sub-interface at the user-side of the PE.

      NOTE:

      Configuring a VLAN group allows you to achieve the following purposes:

      • Deploy QoS policies based on services or users so that higher priority service traffic is preferentially forwarded, improving user experience.
      • View statistics about QinQ packets to check whether a device is functioning properly.
    4. Run control-vid vid qinq-termination [ local-switch | rt-protocol ] or encapsulation qinq-termination [ local-switch | rt-protocol ]

      The encapsulation type for a VLAN tag termination sub-interface is configured to be QinQ.

      • Specify local-switch so that the sub-interface for QinQ VLAN tag termination supports local switching.

      • Specify rt-protocol so that the sub-interface for QinQ VLAN tag termination supports routing protocols.

    5. Run qinq termination pe-vid pe-vid [ to high-pe-vid ] ce-vid ce-vid [ to high-ce-vid ] [ vlan-group group-id ]

      The VLAN tag termination function is configured for the sub-interface for QinQ VLAN tag termination.

      After you specify rt-protocol, the sub-interface terminates double-tagged packets, and both inner and outer tags must be specific VLAN IDs.

    6. Run commit

      The configuration is committed.

Configuring IP Services

After a VLAN tag termination sub-interface is configured, you need to configure IP services so that users can access IP services using the VLAN tag termination sub-interface.

Context

Sub-interfaces for VLAN tag termination cannot forward broadcast packets. They automatically discard broadcast packets they receive. To allow VLAN tag termination sub-interfaces to forward broadcast packets, run the arp broadcast enable command on the sub-interfaces to enable the ARP broadcast function.

When an IP packet is sent on a VLAN tag termination sub-interface without a corresponding ARP entry, the following may occur:
  • If the access device supports automatic forwarding of ARP packets, the packets are forwarded even if the ARP broadcast function is disabled on the VLAN tag termination sub-interface.

  • If the access device does not support automatic forwarding of ARP packets:

    • The system discards the IP packet if the arp broadcast enable command is not configured on the VLAN tag termination sub-interface. In this case, the route with the VLAN tag termination sub-interface as the outbound interface is considered a black hole route.

    • If the arp broadcast enable command is configured on the VLAN tag termination sub-interface, the system originates a tagged ARP broadcast packet and forwards it through the VLAN tag termination sub-interface.

When you enable or disable the ARP broadcast function on a VLAN tag termination sub-interface, the routing status of the sub-interface goes Down and then Up. This may result in route flapping on the entire network.

  • Configure proxy ARP

    Configure proxy ARP on the device. For detailed configuration, see the chapter "ARP Configuration" in the HUAWEI ME60 Configuration Guide - IP Services.

  • Configure DHCP

    Configure DHCP on the device. For detailed configuration, see the chapter "DHCP Configuration" in the HUAWEI ME60 Configuration Guide - IP Services.

    On a large-scale network, if clients are connected to a server through other devices instead of being directly connected to the server through Ethernet interfaces, a DHCP server based on a global address pool needs to be configured so that the clients can dynamically obtain IP addresses from the router.

    DHCP Relay can be configured on the VLAN tag termination sub-interface to insert tag information into Option82. The tag information provides a reference for the DHCP server in IP address allocation.

  • Configure VRRP

    Configure VRRP on the device. For detailed configuration information, see the chapter "VRRP Configuration" in the HUAWEI ME60 Configuration Guide - Reliability.

    When you configure a VRRP backup group on VLAN tag termination sub-interfaces, configure the sub-interfaces to add both inner and outer VLAN tags to VRRP packets to ensure that VRRP packets can be transmitted over VLANs. The master and backup devices can then negotiate with each other using VRRP packets. After you enable VRRP on a VLAN tag termination sub-interface, the sub-interface encapsulates or strips the VLAN tags of VRRP packets so that packets can be transmitted in VLANs.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run interface interface-type interface-number.subinterface-number

    The view of the VLAN tag termination sub-interface is displayed.

  3. Configure a VLAN tag termination sub-interface to transmit IP services, as shown in Table 9-7.

    Table 9-7 VLAN tag termination sub-interfaces transmitting IP services

    Service Type

    Sub-interface for VLAN tag termination

    Description

    Proxy ARP

    Run arp-proxy enable

    Proxy ARP is enabled on the sub-interface.

    -

    DHCP Relay

    1. Run ip address ip-address { mask | mask-length }

      An IP address is configured for the interface.

    2. Run ip relay address ip-address

      The IP address of the DHCP server is associated with a DHCP option.

    3. Run dhcp select relay

      DHCP Relay is enabled.

    -

    VRRP

    • Run dot1q vrrp

      VRRP is enabled on the sub-interface for dot1q VLAN tag termination.

    • Run qinq vrrp

      VRRP is enabled on the sub-interface for QinQ VLAN tag termination.

    When you configure VRRP and static ARP on the sub-interface for dot1q VLAN tag termination, the sub-interface for QinQ VLAN tag termination, or the VLANIF interface, note the following:

    • Do not configure the IP address that matches the static ARP entry on the interface as the VRRP virtual address.

    • Do not configure the virtual address of the VRRP backup group where the interface resides as the IP address matching the static ARP entry on the interface.

    Otherwise, incorrect host routes are generated. This affects packet forwarding between devices.

  4. (Optional) Run arp broadcast enable

    ARP broadcast is enabled on the VLAN tag termination sub-interface.

  5. Run commit

    The configuration is committed.

Verifying the IP Service Configuration on the VLAN Tag Termination Sub-Interface

After configuring IP services on the VLAN tag termination sub-interface, verify the configuration.

Prerequisites

The configurations of the VLAN tag termination sub-interface to transmit IP services are complete.

Procedure

  • Run the display dot1q information termination [ interface interface-type interface-number [ .subinterface-number ] ] command to check information about the sub-interface for dot1q VLAN tag termination.
  • Run the display qinq information termination [ interface interface-type interface-number [ .subinterface-number ] ] command to check information about the sub-interface for QinQ VLAN tag termination.
  • Run the display vrrp command to check information about the VRRP backup group.
  • Run the display dhcp relay address all command to check the DHCP configuration on the interface that has DHCP relay enabled.

Example

Run the display dot1q information termination command on a PE to view information about the sub-interface for dot1q VLAN tag termination.
[~PE] display dot1q information termination interface gigabitethernet 1/0/1.2
  GigabitEthernet 1/0/1.2
    Total QinQ Num: 2
      dot1q termination vid 10
      dot1q termination vid 20 to 50 vlan-group 3
    Total vlan-group Num: 1
      vlan-group 3
    encapsulation dot1q-termination
Run the display qinq information termination command on a PE to view information about the sub-interface for QinQ VLAN tag termination.
[~PE] display qinq information termination interface gigabitethernet 1/0/1.1
  GigabitEthernet 1/0/1.1
    Total QinQ Num: 2
      qinq termination pe-vid 10 ce-vid 10
      qinq termination pe-vid 20 to 30 ce-vid 40 to 50 vlan-group 2
    Total vlan-group Num: 1
      vlan-group 2
    encapsulation qinq-termination
After a VRRP backup group is configured, run the display vrrp command on a PE to view information about the VRRP backup group.
[~PE] display vrrp
GigabitEthernet1/0/1.1 | Virtual Router 1
State          : Master
Virtual IP     : 10.1.1.111
Master IP      : 10.1.1.1
PriorityRun    : 120
PriorityConfig : 120
MasterPriority : 120
Preempt        : YES   Delay Time : 20s
TimerRun       : 1s
TimerConfig    : 1s
Auth Type      : NONE
Virtual MAC    : 0000-5e00-0101
Check TTL      : YES
Config Type    : normal-vrrp
Create Time       : 2012-07-18 09:53:03
Last Change Time  : 2012-07-18 09:54:17

After DHCP relay is configured, run the display dhcp relay address all command on the DHCP relay agent to view the DHCP configuration on the interface that has DHCP relay enabled.

[~DHCP-Relay] display dhcp relay address all
** GigabitEthernet1/0/1.1 DHCP Relay Address  **
 Dhcp Option          Relay Agent IP       Server IP     
 *                    -                    10.1.3.1
Translation
Download
Updated: 2019-01-04

Document ID: EDOC1100059440

Views: 26965

Downloads: 18

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next