< Home

Configuring Interface-based VLAN Assignment (Statically Configured Interface Type)

Context

Interface-based VLAN assignment is the simplest and most effective method for assigning VLANs. With interface-based VLAN assignment, an interface is added to a VLAN, after which the interface can forward packets from the VLAN. Interface-based VLAN assignment allows hosts in the same VLAN to communicate at Layer 2 and prevents hosts in different VLANs from communicating, limiting broadcast packets to within a VLAN.

Ethernet interfaces are classified into access, trunk, and hybrid interfaces. The type of interface determines the objects that can connect to the Ethernet interface and number of VLANs from which untagged frames are permitted (for more details, see Interface Types). If the device connected to an Ethernet interface can send and receive only untagged frames, you need to configure a default VLAN on the interface to add VLAN tags to untagged frames on the interface.

On the S2720-EI, S5720I-SI, S5720-LI, S5735-L, S5735S-L, S5735S-L-M, S5720S-LI, S5720S-SI, S5720-SI, S5735-S, S5735S-S, S5735-S-I, S5730S-EI, S5730-SI, S6720-LI, S6720S-LI, S6720S-SI, and S6720-SI, the type of an interface is negotiation-auto by default. On other models, the type of an interface is negotiation-desirable by default.

Procedure

  • Configuring the default VLAN for an access interface

    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      A VLAN is created, and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.

    3. Run quit

      Return to the system view.

    4. Run interface interface-type interface-number

      The view of the Ethernet interface to be added to the VLAN is displayed.

    5. Run port link-type access

      The Ethernet interface is configured as an access interface.

    6. Run port default vlan vlan-id

      The default VLAN is configured for the interface and the interface is added to the specified VLAN.

    7. (Optional) Run port discard tagged-packet

      The interface is configured to discard incoming tagged packets.

  • Configuring the default VLAN for a trunk interface

    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      A VLAN is created, and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.

    3. Run quit

      Return to the system view.

    4. Run interface interface-type interface-number

      The view of the Ethernet interface to be added to the VLAN is displayed.

    5. Run port link-type trunk

      The Ethernet interface is configured as a trunk interface.

    6. Run port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }

      The interface is added to the specified VLAN.

    7. (Optional) Run port trunk pvid vlan vlan-id

      The default VLAN is configured for the trunk interface.

    If the VLAN allowed by an interface is the default VLAN of the interface, packets from the VLAN are forwarded as untagged.

  • Configuring the default VLAN for a hybrid interface

    1. Run system-view

      The system view is displayed.

    2. Run vlan vlan-id

      A VLAN is created, and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.

    3. Run quit

      Return to the system view.

    4. Run interface interface-type interface-number

      The view of the Ethernet interface to be added to the VLAN is displayed.

    5. Run port link-type hybrid

      The Ethernet interface is configured as a hybrid interface.

    6. Run the following commands as required.

      • Run port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }

        The hybrid interface is added to the VLAN in untagged mode.

      • Run port hybrid tagged vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }

        The hybrid interface is added to the VLAN in tagged mode.

    7. (Optional) Run port hybrid pvid vlan vlan-id

      The default VLAN is configured for the hybrid interface.

Configuration Example

In Figure 1, interfaces connecting to PC1 and PC3 are assigned to VLAN 10, and the interface connecting to PC2 is assigned to VLAN 20. PC2 cannot directly communicate with PC1 and PC3 at Layer 2, but PC1 and PC3 can directly communicate with each other.

Figure 1 Networking of interface-based VLAN assignment
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10 20
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type access
[Switch-GigabitEthernet0/0/1] port default vlan 10
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 20
[Switch-GigabitEthernet0/0/2] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] port link-type access
[Switch-GigabitEthernet0/0/3] port default vlan 10
[Switch-GigabitEthernet0/0/3] quit
[Switch] interface gigabitethernet 0/0/4
[Switch-GigabitEthernet0/0/4] port link-type hybrid
[Switch-GigabitEthernet0/0/4] port hybrid tagged vlan 10 20

Add PC1 and PC3 to the same IP address segment, for example, 192.168.100.0/24; add PC2 to another IP address segment, for example, 192.168.200.0/24. PC1 and PC3 can ping each other but cannot ping PC2.

Configuration Tips

Configuring a name for a VLAN

When multiple VLANs are created on the device, you can configure names for the VLANs to facilitate management. After a name is configured for a VLAN, you can directly enter the VLAN view using the name.

# Set the name of VLAN 10 to huawei.

<HUAWEI> system-view
[HUAWEI] vlan 10
[HUAWEI-vlan10] name huawei
[HUAWEI-vlan10] quit

# After a name is configured for a VLAN, you can directly enter the VLAN view using the name.

[HUAWEI] vlan vlan-name huawei
[HUAWEI-vlan10] quit

Adding interfaces to a VLAN in a batch

Use a port group to perform the same VLAN configuration for multiple Ethernet interfaces. To add access interfaces to a VLAN in a batch, you can also run the port interface-type { interface-number1 [ to interface-number2 ] }&<1-10> command in the VLAN view. The following uses the access interface as an example.

# Add interfaces to a VLAN in a batch using a port group.

<HUAWEI> system-view
[HUAWEI] port-group pg1
[HUAWEI-port-group-pg1] group-member gigabitethernet0/0/1 to gigabitethernet0/0/5
[HUAWEI-port-group-pg1] port link-type access
[HUAWEI-port-group-pg1] port default vlan 10

# Add interfaces to a VLAN in a batch in the VLAN view.

<HUAWEI> system-view
[HUAWEI] vlan 10
[HUAWEI-vlan10] port gigabitethernet 0/0/1 to 0/0/5

Restoring the default VLAN configuration of an interface

If the VLAN planning of an interface is changed, you need to delete the original VLAN configuration of the interface. If many non-contiguous VLANs are configured on the interface, you need to perform the delete operation multiple times. To reduce the workload, you can restore the default VLAN configuration of the interface. For details, see Restoring the Default VLAN Configuration of an Interface.

Changing the interface type

When the interface planning changes or the current interface type is different from the configured one, the interface type needs to be changed. For details, see How Do I Change the Link Type of an Interface?.

Deleting a VLAN

If a VLAN is not in use, you are advised to delete it to save VLAN resources and reduce packets on a network. For details, see Deleting a VLAN.

Verifying the Configuration

  • Run the display port vlan [ interface-type interface-number | active ] * command in any view to check information about interfaces of the VLAN.
  • Run the display vlan command in any view to check information about VLANs.
Parent Topic: Assigning VLANs
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >