Tag: Process packet function its profile efault receive world Undo
The previous article wrote to the three layer switch implementation of multiple VLANs to communicate with each other, a friend asked how to configure, there can be case analysis. In fact, the day I was writing also had a simulation, but later did not save. Re-simulate today and attach detailed configuration commands, hoping to help everyone.
First recall the meaning of the three port modes of data transmission between VLANs:
A port of type Access can only belong to 1 VLANs, typically used to connect to a computer's port, or to connect switches and switches.
Trunk type port can allow multiple VLANs through, can receive and send multiple VLAN messages, trunk port is generally used to connect two switches, so that only one trunk connection to achieve the expansion of multiple VLANs. For packets sent out of the trunk port, only the message of the default VLAN does not have a VLAN ID, and the other VLAN packets have VLAN ID (otherwise, the switch to the end does not know which VLAN the packet belongs to, cannot be processed, and the VLAN can not be extended across the switch). In short, the trunk port is designed to extend across switches with a single connection for multiple VLANs.
Ports of type Hybrid can achieve more functionality than trunk ports, and trunk ports are true subsets of Hybrid ports. Can allow multiple VLANs through, can receive and send multiple VLANs of the message, can be used to connect between switches, can also be used to connect the user's computer. The hybrid port can be joined to multiple VLANs and can be set to send packets over that port with VLAN ID (trunk port cannot be set, only the default VLAN messages are sent without VLAN ID).
The following experiments are simulated on the ENSP simulator with each port mode:
One, trunk+access link port Mixed mode case
Because the access link type port is a single VLAN and connected to the computer, the trunk link type port is merged into one case, saving everyone's learning time.
Through the configuration so that all in the vlan2 PC1 and PC2 interoperability, with VLAN3 PC3 and PC4 interoperability.
SwitchA configuration command:
[Huawei]sysname SwitchA
[Switcha]vlan Batch 2 3//Bulk VLAN creation or two-time VLAN 2 VLAN 3
[Switcha]int vlanif 2
[Switcha-vlanif2]ip address 192.168.100.1 255.255.255.0
[Switcha-vlanif2]quit
[Switcha]int vlanif 3
[Switcha-vlanif3]ip address 192.168.200.1 255.255.255.0
[Switcha-vlanif3]quit
[SwitchA] int G0/0/1
[Switcha-gigabitethernet0/0/1]port link-type Access//Port link type with connection PC1 set to access
[Switcha-gigabitethernet0/0/1]port Default VLAN 2//Add port G0/0/1 to VLAN 2
[Switcha-gigabitethernet0/0/1]int G0/0/2//can jump directly into G0/0/2, Novice can quit to System view first
[SWITCHA-GIGABITETHERNET0/0/2] Port Link-type Access//Connect with PC2 Port link type set to access
[SWITCHA-GIGABITETHERNET0/0/2] Port default VLAN 3//Ports GE1/0/2 join VLAN3
[SwitchA] int G0/0/3
[SWITCHA-GIGABITETHERNET0/0/3] Port Link-type trunk//Because there are vlan2 vlan3 two VLANs, set the port link type of the switch interconnect to trunk
[SWITCHA-GIGABITETHERNET1/0/3] Port trunk allow-pass VLAN 2 3//Add port G0/0/3 to Vlan2 and VLAN 3
SwitchB and SwitchA configuration is similar, everyone refer to SwitchA configuration file.
The PC1 and PC2 are configured in a network segment, such as 192.168.100.2/24 and 192.168.100.3/24, with gateways of 192.168.100.1;
The PC3 and PC4 are configured in a network segment, such as 192.168.200.2/24 and 192.168.200.3/24, with gateways of 192.168.200.1;
Test Result: PC1 can with pc2ping Pass, PC3 can with pc4ping pass.
PC1 Ping Tong PC2
PC3 Ping Tong PC4
Second, hybrid link type port case
Last article has friends mentioned hybrid link type port mode function is very powerful and very complex, this afternoon review, indeed in many aspects of its advanced.
Use the hybrid link type configuration to make PC3 and PC1, PC2 interoperability, PC1 and PC2 not pass.
LSW1 configuration command:
[Huawei]sysname LSW1
[Lsw1]vlan Batch 2 3 99
[Lsw1]int G0/0/1
[Lsw1-gigabitethernet0/0/1]undo Port Hybrid VLAN 1
[Lsw1-gigabitethernet0/0/1]port Hybrid Tagged VLAN 99
[Lsw1-gigabitethernet0/0/1]port hybird untagged VLAN 2 3
[Lsw1-gigabitethernet0/0/1]int G0/0/2
[Lsw1-gigabitethernet0/0/2]undo Port Hybrid VLAN 1
[Lsw1-gigabitethernet0/0/2]port hybrid Pvid VLAN 2
[Lsw1-gigabitethernet0/0/2]port Hybird untagged VLAN 2 99
[Lsw1-gigabitethernet0/0/2]int G0/0/3
[Lsw1-gigabitethernet0/0/3]undo Port Hybrid VLAN 1
[Lsw1-gigabitethernet0/0/3]port hybrid Pvid VLAN 3
[Lsw1-gigabitethernet0/0/3]port Hybird untagged VLAN 3 99
[Lsw1-gigabitethernet0/0/3]quit
SwitchB and SwitchA configuration, we refer to SwitchA configuration, again no longer cumbersome.
The IP addresses of PC1, PC2, and PC3 are respectively set to 192.168.1.1/24, 192.168.1.2/24, 192.168.1.3/24, and the gateway is not filled.
The test results are:
It is necessary to explain the hybrid principle here:
1, Pvid This property only for access to the port! There's no label! It's normal! The data packet is valid, the function is the non-label ordinary packet hits the Pvid in the configuration tag number;
2, the hybrid attribute, the tag is for the port of the receiving direction (incoming traffic from the port allows the passage of these VLAN tags), UNTAG is the direction of the port to send (from the port traffic to remove these VLAN tags);
Hybird Instance Configuration analysis (very necessary explanation):
1, in order to let us more concise understanding of the properties of the Hydrid, first removed on all ports vlan1 this default VLAN, assuming that all ports initially do not belong to any VLAN, can not communicate with each other;
2, Pvid is when the normal host data frame into the switch port after the Vlan-tag properties, on the way can be seen PC1, PC2, PC3 traffic in the switch will be played on the vlan2, VLAN3, vlan99 VLAN tag;
3, untag behind the VLAN is the port belongs to the VLAN, it is not difficult to see LSW1 g0/0/1 belong to Vlan2, 3,G0/0/2 belongs to Vlan2, 99,G0/0/3 belongs to Vlan3, 99, and Untag action is in the flow out of the port to the host when the Vlan-tag all removed, then it is not difficult to see LSW1 G0/0/1 will remove vlan2, 3 of the label, G0/0/2 Remove Vlan2, 1099 of the label, G0/0/3 remove Vlan3, 99 of the label (revert to normal frame).
The G0/0/1 belonging to the LSW2 belongs to the VLAN99,G0/0/2 vlan99, which removes the Vlan99 label when the traffic is out of the port (reverts to normal frame).
Communication analysis between PC1 and PC2: When PC1 sends ARP to request PC2 's MAC address, PC1 will send the packet broadcast to LSW1 G0/0/2 interface, LSW1 received after the discovery is a normal non-tagged data frame, So according to the interface Pvid to the frame vlan2 tag, and then to vlan2 in flooding, helpless G0/0/3 port only belongs to VLAN3, 99 so can not receive the flooding in vlan2, so PC1 and PC2 communication failure.
PC1 and PC3 Communication analysis: PC1 the frame to LSW1 after the G0/0/2 to play Pvid vlan2 tag, forwarding out from G0/0/1, while untag off the frame vlan2 the label, LSW2 from g0/0/ 1 received the normal frame after playing vlan99 tag from G0/0/2 to PC3 (remove vlan99 tag after forwarding to PC3), PC3 back to the PC1 process: PC3 the frame to LSW2 after G0/0/2 was pvid hit vlan99 tag, LSW2 forwards frames from the G0/0/1 port according to the MAC table and VLAN information! Because there is no UNTAG attribute, the forwarded frame does not remove any VLANs, but forwards it from G0/0/1 to the vlan99 frame! (G0/0/1 configured Tag VLAN 99 is to allow this port to forward the Vlan99 data frame) when LSW1 get LSW2 the data frame with the vlan99 tag, according to the G0/0/1 configuration of the tag vlan99 properties, release vlan99 data frame, Then, according to the MAC table and VLAN information, the frame is dropped to G0/0/2, the G0/0/2 port will vlan99 the tag removed and forwarded to PC1, complete the PC1 and PC3 the entire communication process.
The communication process between PC2 and PC3 is PC1 and PC3.
Hybrid is a bit complicated, but it's very powerful, it gathers the advantages of access and trunk, and it can be suitable for the configuration of Gateway, MAC address division, IP subnet partition based on aggregation layer device. Welcome to the bottom of the message to ask questions, see where you don't know?
Configure hybrid, trunk, and access three link type ports with Huawei ENSP Simulator