< Home

Configuring Protocol-based VLAN Assignment

Context

IP subnet-based assignment and protocol-based VLAN assignment are types of network layer-based VLAN assignment. They reduce manual VLAN configuration workload and allow users to easily join a VLAN, transfer from one VLAN to another, and exit from a VLAN. A switch that has protocol-based VLAN assignment enabled processes only untagged frames, and treats tagged frames in the same manner as interface-based VLAN assignment.

When receiving an untagged frame from an interface, the switch identifies the protocol profile of the frame and then determines the VLAN that the frame belongs to.

  • If protocol-based VLANs are configured on the interface and the protocol profile of the frame matches a protocol-based VLAN, the switch adds the VLAN tag to the frame.

  • If protocol-based VLANs are configured on the interface and the protocol profile of the frame matches no protocol-based VLAN, the switch adds the PVID of the interface to the frame.

Procedure

  1. Run system-view

    The system view is displayed.

  2. Run vlan vlan-id

    A VLAN is created and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.

    The VLAN ID is in the range from 1 to 4094. If VLANs need to be created in a batch, run the vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10> command. Then run the vlan vlan-id command to enter the view of a specified VLAN.

    The vlan configuration command completes the VLAN configurations before the VLAN is created. The vlan configuration command only enters the VLAN configuration view. Neither the corresponding VLAN nor configurations in the VLAN take effect. To make configurations in the VLAN take effect, create the VLAN using the vlan command.

  3. Run protocol-vlan [ protocol-index ] { at | ipv4 | ipv6 | ipx { ethernetii | llc | raw | snap } | mode { ethernetii-etype etype-id1 | llc dsap dsap-id ssap ssap-id | snap-etype etype-id2 } }

    Protocols are associated with VLANs and a protocol profile is specified.

    • protocol-index specifies the index of a protocol profile.

      A protocol profile depends on protocol types and encapsulation formats. A VLAN associated with a protocol can be defined in a protocol profile.

    • When specifying the source and destination service access points, pay attention to the following points:

      • dsap-id and ssap-id cannot be both set to 0xaa.

      • dsap-id and ssap-id cannot be both set to 0xe0. 0xe0 indicates llc, an encapsulation format of IPX packets.

      • dsap-id and ssap-id cannot be both set to 0xff. 0xff indicates raw, an encapsulation format of IPX packets.

  4. Configure attributes for the Ethernet interface.

    1. Run interface interface-type interface-number

      The view of the interface that allows the protocol-based VLAN is displayed.

    2. Run port link-type hybrid

      The interface is configured as a hybrid interface.

      On access and trunk interfaces, protocol-based VLAN assignment can be used only when the protocol-based VLAN is the same as the PVID. It is recommended that protocol-based VLAN assignment be configured on hybrid interfaces.

    3. Run port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }

      The hybrid interface is configured to allow the protocol-based VLAN.

    4. Run protocol-vlan vlan vlan-id { all | protocol-index1 [ to protocol-index2 ] } [ priority priority ]

      The interface is associated with a protocol-based VLAN.

      • vlan-id must be the ID of a protocol-based VLAN.

      • priority specifies the 802.1p priority of a protocol-based VLAN. The value is in the range from 0 to 7. A larger value indicates a higher priority. The default value is 0. After the 802.1p priority of a protocol-based VLAN is specified, the switch forwards high-priority frames first during network congestion.

    Protocol-based VLAN assignment is invalid for packets with the VLAN ID of 0 on the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S.

Configuration Example

In Figure 1, users in VLAN 10 use IPv4 to communicate with remote users, and users in VLAN 20 use IPv6 to communicate with remote servers. To implement this, you need to use protocol-based VLAN assignment.

Figure 1 Networking of protocol-based VLAN assignment
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10 20
[Switch] vlan 10
[Switch-vlan10] protocol-vlan ipv4
[Switch-vlan10] quit
[Switch] vlan 20
[Switch-vlan20] protocol-vlan ipv6
[Switch-vlan20] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] protocol-vlan vlan 10 all priority 5
[Switch-GigabitEthernet0/0/2] port link-type hybrid
[Switch-GigabitEthernet0/0/2] port hybrid untagged vlan 10
[Switch-GigabitEthernet0/0/2] quit
[Switch] interface gigabitethernet 0/0/3
[Switch-GigabitEthernet0/0/3] protocol-vlan vlan 20 all priority 6
[Switch-GigabitEthernet0/0/3] port link-type hybrid
[Switch-GigabitEthernet0/0/3] port hybrid untagged vlan 20
[Switch-GigabitEthernet0/0/3] quit
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 20
[Switch-GigabitEthernet0/0/1] quit

Verifying the Configuration

  • Run the display protocol-vlan vlan { all | vlan-id1 [ to vlan-id2 ] } command in any view to check the types and indexes of the protocols associated with VLANs.
  • Run the display protocol-vlan interface { all | interface-type interface-number } command in any view to check the protocol-based VLAN configuration on a specified interface or all interfaces.
  • Run the display vlan command in any view to check information about VLANs.
Parent Topic: Assigning VLANs
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >