Dividing a LAN into VLANs Based on IP Subnets
Context
The switch enabled with IP subnet-based VLAN assignment cannot process protocol packets sent to the CPU, and it is recommended that IP subnet-based VLAN assignment be used in Layer 2 transparent transmission scenarios.
IP subnet-based assignment allows users to easily join a VLAN, transfer from one VLAN to another, and exit from a VLAN. IP subnet-based VLAN assignment is applicable to networks that have traveling users and require simple management.
The switch enabled with IP subnet-based VLAN assignment processes only untagged frames. After receiving untagged frames, the switch determines the VLANs to which the frames belong based on their source IP addresses and network segment addresses before sending them to corresponding VLANs.
Procedure
- Run system-view
The system view is displayed.
- (Optional) Run vlan assign global { vlan-id1 [ to vlan-id2 ] } &<1-5>
VLANs that can be globally assigned are specified.
After VLANs are assigned, the VLANs created using the vlan vlan-id command must be within the assignable VLAN range.
- (Optional) Run vlan reserved vlan-id
A reserved VLAN is configured.
By default, the reserved VLAN ID ranges from 4064 to 4094. After vlan-id is specified, the VLAN specified by vlan-id to the VLAN specified by vlan-id plus 30 are configured as reserved VLANs.CE12800E that has the ED-E/EG-E/EGA-E series cards installed does not support this step.
- Run vlan vlan-id
A VLAN is created, and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.
The VLAN ID ranges from 1 to 4094 (excluding reserved VLANs). If VLANs need to be created in batches, run the vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10> command to create VLANs in batches, and then run the vlan vlan-id command to enter the view of a specified VLAN.
If VLANs are created in a batch, you are advised to create at most 400 VLANs at one time.
If the switch is configured with multiple VLANs, configuring names for these VLANs is recommended:
Run the name vlan-name command in the VLAN view. After a VLAN name is configured, you can run the vlan vlan-name vlan-name command in the system view to enter the corresponding VLAN view.
- Run ip-subnet-vlan [ ip-subnet-index ] ip ip-address { mask | mask-length }
An IP subnet is associated with the VLAN.
ip-subnet-index specifies the IP subnet index. The subnet index can be specified by a user or automatically generated by the system.
ip-address specifies the source IP address or network address based on which a VLAN is configured. The value is in dotted decimal notation.
CE12800E that has the ED-E/EG-E/EGA-E series cards installed supports 256 subnets, CE12800E that has the FD-X series cards installed and CE12800 series switches support 16 subnets. The IP subnet or the IP address associated with a VLAN cannot be a multicast network segment or multicast address.
- Run quit
The system view is displayed.
- Configure attributes for Ethernet interfaces.
- Run the interface interface-type interface-number command to enter the view of the Ethernet interface configured with IP subnet-based VLAN assignment.
Run the port link-type hybrid command to set the link type of the interface to hybrid.
IP subnet-based VLAN assignment must be configured on the hybrid interface.
By default, the link type is access.
Run the port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all } command to add the hybrid interface to the IP subnet-based VLAN.
(Optional) Run the port hybrid pvid vlan vlan-id command to configure the PVID of the interface as the IP subnet-based VLAN ID.
By default, the PVID of all interfaces is VLAN 1.
PVID of an interface must be the same as an IP subnet-based VLAN ID when the IP subnet-based VLAN is used for Layer 3 forwarding.
- Run ip-subnet-vlan enable
IP subnet-based VLAN assignment is enabled.
By default, IP subnet-based VLAN assignment is disabled.
- Run commit
The configuration is committed.