Example for Configuring Interface-based VLAN Assignment (Aggregation Device Used as the Gateway)
Overview
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols, and policies (MAC addresses, IP addresses, and interfaces). Interface-based VLAN assignment is the simplest and commonly used.
Interface-based VLAN assignment indicates that VLANs are assigned based on interfaces. A network administrator preconfigures a PVID for each interface on a switch. When an untagged frame arrives at an interface, the switch adds the PVID of the interface to the frame. Then the frame is transmitted in a specified VLAN.
In typical hierarchical networking, when the access switch is a Layer 2 switch, the aggregation switch can be used as the gateway of PCs. The configuration of the access switch is simplified, and PCs access the external network through one outbound interface, thereby facilitating maintenance and management.
Networking Requirements
In Figure 1, PC1 and PC2 belong to VLAN 2 and VLAN 3, respectively. PC1 and PC2 connect to the aggregation switch SW1 through the access switch SW2. PC3 belongs to VLAN 4 and connects to SW1 through SW3. No configuration is performed on SW3, and SW3 functions as the hub and is plug-and-play. SW1 functions as the gateway of PC1, PC2, and PC3 so that PCs can communicate with each other and can be connected to the router.
Configuration Roadmap
The configuration roadmap is as follows:
- Configure interface-based assignment on the access switch to implement Layer 2 interworking.
- Configure the aggregation switch as the gateway of PCs to implement Layer 3 interworking between PCs on different network segments.
- Configure the interface connecting the aggregation switch and router.
Procedure
- Configure SW2.
# Create VLANs.
<HUAWEI> system-view [HUAWEI] sysname SW2 //Change the device name to SW2 for easy identification. [SW2] vlan batch 2 3 //Create VLAN 2 and VLAN 3 in a batch.
# Add interfaces to VLANs.
[SW2] interface gigabitethernet 1/0/23 [SW2-GigabitEthernet1/0/23] port link-type access //Configure the interface connected to the PC as the access interface. [SW2-GigabitEthernet1/0/23] port default vlan 2 //Add PC1 to VLAN 2. [SW2-GigabitEthernet1/0/23] quit [SW2] interface gigabitethernet 1/0/24 [SW2-GigabitEthernet1/0/24] port link-type access [SW2-GigabitEthernet1/0/24] port default vlan 3 //Add PC2 to VLAN 3. [SW2-GigabitEthernet1/0/24] quit [SW2] interface gigabitethernet 1/0/1 [SW2-GigabitEthernet1/0/1] port link-type trunk //Configure the interface connected to the aggregation switch as the trunk interface. [SW2-GigabitEthernet1/0/1] port trunk allow-pass vlan 2 3 //Add the interface to VLAN 2 and VLAN 3. [SW2-GigabitEthernet1/0/1] quit
- Configure SW1.
# Create VLANs.
<HUAWEI> system-view [HUAWEI] sysname SW1 //Change the device name to SW1. [SW1] vlan batch 2 to 5 //Create VLANs 2 to 5.
# Add interfaces connected to PCs to VLANs.
[SW1] interface gigabitethernet 1/0/2 [SW1-GigabitEthernet1/0/2] port link-type trunk //Configure the interface connected to SW1 as the trunk interface. [SW1-GigabitEthernet1/0/2] port trunk allow-pass vlan 2 3 //Add the interface to VLAN 2 and VLAN 3. [SW1-GigabitEthernet1/0/2] quit [SW1] interface gigabitethernet 1/0/3 [SW1-GigabitEthernet1/0/3] port link-type access //Configure the interface connected to PC3 as the access interface. [SW1-GigabitEthernet1/0/3] port default vlan 4 //Add PC3 to VLAN 4. [SW1-GigabitEthernet1/0/3] quit
# Configure VLANIF interfaces and configure IP addresses for VLANIF interfaces as gateway addresses of PCs.
[SW1] interface vlanif 2 //Create VLANIF 2. [SW1-Vlanif2] ip address 192.168.2.1 24 //Configure an IP address for VLANIF 2. The IP address is the gateway address of PC1. [SW1-Vlanif2] quit [SW1] interface vlanif 3 //Create VLANIF 3. [SW1-Vlanif3] ip address 192.168.3.1 24 //Configure an IP address for VLANIF 3. The IP address is the gateway address of PC2. [SW1-Vlanif3] quit [SW1] interface vlanif 4 //Create VLANIF 4. [SW1-Vlanif4] ip address 192.168.4.1 24 //Configure an IP address for VLANIF 4. The IP address is the gateway address of PC3. [SW1-Vlanif4] quit
# Add interfaces connected to routers to VLANs.
[SW1] interface gigabitethernet 1/0/1 [SW1-GigabitEthernet1/0/1] port link-type access //Configure the interface connected to the router as the access interface. The interface communicates with the router in untagged mode. [SW1-GigabitEthernet1/0/1] port default vlan 5 //Add the router to VLAN 5. [SW1-GigabitEthernet1/0/1] quit
# Configure VLANIF interfaces so that PCs can connect to the router.
[SW1] interface vlanif 5 //Create VLANIF 5. [SW1-Vlanif5] ip address 192.168.5.1 24 //Configure an IP address for VLANIF 5. The IP address is used for interoperation with the router. [SW1-Vlanif5] quit
- Verify the configuration.
PC1, PC2, and PC3 can access each other, and they can communicate with the router.
Configuration Files
SW1 configuration file
# sysname SW1 # vlan batch 2 to 5 # interface Vlanif2 ip address 192.168.2.1 255.255.255.0 # interface Vlanif3 ip address 192.168.3.1 255.255.255.0 # interface Vlanif4 ip address 192.168.4.1 255.255.255.0 # interface Vlanif5 ip address 192.168.5.1 255.255.255.0 # interface GigabitEthernet1/0/1 port link-type access port default vlan 5 # interface GigabitEthernet1/0/2 port link-type trunk port trunk allow-pass vlan 2 to 3 # interface GigabitEthernet1/0/3 port link-type access port default vlan 4 # return
SW2 configuration file
# sysname SW2 # vlan batch 2 to 3 # interface GigabitEthernet1/0/1 port link-type trunk port trunk allow-pass vlan 2 to 3 # interface GigabitEthernet1/0/23 port link-type access port default vlan 2 # interface GigabitEthernet1/0/24 port link-type access port default vlan 3 # return