No relevant resource is found in the selected language.
Enterprise
Worldwide
Search
Support Documentation
CloudEngine 12800 and 12800E V200R019C10 Configuration Guide - Ethernet Switching

This document describes the configuration of Ethernet services, including configuring MAC address table, link aggregation, M-LAG, VLAN, QinQ, VLAN mapping, GVRP, STP/RSTP, MSTP, VBST, ERPS (G.8032), LBDT, and Layer 2 protocol transparent transmission.

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Example for Assigning VLANs Based on MAC Addresses

Example for Assigning VLANs Based on MAC Addresses

Networking Requirements

On a company network, the network administrator adds users in a department to the same VLAN. To improve information security, only users is this department are allowed to access the intranet.

In Figure 5-23, User1, User2, and User3 connect to the key department demanding high security. It is required that only the three users be allowed to access the intranet through Switch.

To improve information security of the key department, you can configure MAC address-based VLAN assignment and bind MAC addresses of User1, User2, and User3 to a VLAN.

Figure 5-23 Networking diagram for assigning VLANs based on MAC addresses

Configuration Roadmap

  1. Create VLANs and determine which VLAN the users of employees belong to.

  2. Add Ethernet interfaces to VLANs so that packets from the VLANs can pass through the interfaces.

  3. Associate MAC addresses of User1, User2, and User3 with the specified VLAN so that the VLAN of the packet can be determined based on the source MAC address.

Procedure

  1. Configure the Switch.

    # Create VLANs.

    <HUAWEI> system-view
[~HUAWEI] sysname Switch
[*HUAWEI] commit
[~Switch] vlan batch 10
[*Switch] commit

    # Add interfaces to the VLANs. The configuration of 10GE1/0/3 and 10GE1/0/4 is the same as that of 10GE1/0/2.

    [~Switch] interface 10ge 1/0/1
[~Switch-10GE1/0/1] port link-type hybrid
[*Switch-10GE1/0/1] port hybrid tagged vlan 10
[*Switch-10GE1/0/1] quit
[*Switch] interface 10ge 1/0/2
[*Switch-10GE1/0/2] port link-type hybrid
[*Switch-10GE1/0/2] port hybrid untagged vlan 10
[*Switch-10GE1/0/2] quit
[*Switch] commit

    # Associate MAC addresses of User1, User2, and User3 with VLAN 10.

    [~Switch] vlan 10
[~Switch-vlan10] mac-vlan mac-address 22-22-22
[*Switch-vlan10] mac-vlan mac-address 33-33-33
[*Switch-vlan10] mac-vlan mac-address 44-44-44
[*Switch-vlan10] quit
[*Switch] commit

    # Enable MAC address-based VLAN assignment on 10GE1/0/2. The configuration of 10GE1/0/3 and 10GE1/0/4 is the same as that of 10GE1/0/2.

    [~Switch] interface 10ge 1/0/2
[~Switch-10GE1/0/2] mac-vlan enable
[*Switch-10GE1/0/2] quit
[*Switch] commit

  2. Verify the configuration.

    User1, User2, and User3 can access the intranet, whereas other users cannot access the intranet.

Configuration Files

Configuration file of the Switch

#
sysname Switch
#
vlan batch 10
#
vlan 10
 mac-vlan mac-address 0022-0022-0022
 mac-vlan mac-address 0033-0033-0033
 mac-vlan mac-address 0044-0044-0044
#
interface 10GE1/0/1
 port link-type hybrid
 port hybrid tagged vlan 10
#
interface 10GE1/0/2
 port link-type hybrid
 port hybrid untagged vlan 10
 mac-vlan enable
#
interface 10GE1/0/3
 port link-type hybrid
 port hybrid untagged vlan 10
 mac-vlan enable
#
interface 10GE1/0/4
 port link-type hybrid
 port hybrid untagged vlan 10
 mac-vlan enable
#
return
Translation
简体中文
Download
Updated: 2021-04-01

Document ID: EDOC1100138135

Views: 240546

Downloads: 159

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next

Copyright © 2023 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :