H3C Switch series of Super VLAN

Source: Internet
Author: User


First, the generation of Super VLAN background

Isolate-user-vlan successfully solved the problem of reducing the number of VLANs, and also realized the sharing of three-layer gateways to some extent. But it also has a problem with MAC address duplication that consumes MAC address table entries, and the technology itself belongs to a two layer VLAN technology.

In a typical three-layer switch, the communication between broadcast domains is usually implemented in a VLAN corresponding to a three-layer interface , which in some cases leads to a large waste of IP addresses.

That is, the IP address of a VLAN-corresponding three-layer VLAN interface is divided by the subnet mask.

650) this.width=650; "src=" Http://s5.51cto.com/wyfs02/M01/7A/E2/wKiom1bBeZey1gmlAAJE-pudRjs803.jpg "title=" Super1.jpg "alt=" Wkiom1bbezey1gmlaaje-pudrjs803.jpg "/> as shown, VLAN 21 is expected to have 10 hosts in the future, so it assigns a mask length of 28 subnet---1.1.1.0/28. Where the network address, gateway address, broadcast address are not as host address, the remaining address can be used by the host a total of 13. This way, although VLAN 21 requires only 10 addresses to satisfy the requirements, it is divided into 13 addresses according to the subnetting.

In the same way, VLAN 22 and VLAN 23, this three VLAN total need 10+5+1=16 address, according to the ordinary VLAN addressing mode, the immediate optimization of the scheme also need to occupy 28 from Hi, the address wasted nearly half.

Moreover, if VLAN 21 later did not grow to 10 hosts, and only grew to 3 hosts, originally a mask length of 29 subnet is enough, but before it was a subnet mask long 28 subnet to it, the more out of the address is no longer used by other VLANs are wasted.

At the same time, this division also brings a great inconvenience to the subsequent network upgrade. It is assumed that VLAN 23 customers will need to add 2 hosts after a period of time and are unwilling to change the assigned IP address. In the case where the address after 1.1.1.24 has been assigned to someone else, there is no way to assign him another 29-bit mask subnet and a new VLAN to him. So VLAN23 customer only 3 host, but was forced to allocate two subnets, not the same VLAN, resulting in a great deal of inconvenience to management.

Thus we can see that the number of IP addresses consumed by the subnet number, subnet directed broadcast address, subnet default gateway address is considerable. At the same time, the inherent constraints of address allocation also severely reduce the flexibility of addressing, so that many idle addresses are wasted.

In order to solve this problem, Super VLAN was born.


Second, Super VLAN Basic Introduction

The Super VLAN and Sub VLAN concepts are introduced

The Super VLAN differs from the usual VLAN in that it only establishes a three-tier interface and does not contain a physical port. As a result, it can be thought of as a logical three-layer concept-a collection of sub-VLANs and a three-layer forwarding for sub VLANs. Unlike a VLAN that typically does not have a physical port, the up state of its interface does not depend on the up of its own physical port, but rather on the physical port in the Sub VLAN it contains that exists in the up state.

The Sub VLAN contains only physical ports, but cannot establish a three-tier VLAN interface. It is implemented by a super VLAN interface with an external three-layer exchange.

We can see this: every ordinary VLAN has a three-layer logical interface and several physical ports. The Super VLAN separates the two parts: Sub-vlan maps only a few physical ports, is responsible for preserving their own separate broadcast domains, and uses a Super-vlan to implement all Sub-vlan sharing the same three-tier interface, so that hosts in different Sub-vlan can be shared The same Super-vlan gateway, in the Super-vlan corresponding subnet distribution address, and then through the establishment of the mapping between Super-vlan and Sub-vlan, the three-layer logical interface and the physical port of the two parts of the organic combination, and ARP Proxy to achieve S The three-level exchange of visits between Ub-vlan to achieve the purpose of saving the IP address while realizing the function of ordinary VLAN.


Three, Super VLAN implementation

is still illustrated in the previous example. The user needs are the same. VLAN 21 is still expected to have 10 hosts, VLAN 22 is expected to have 5, and VLAN 23 is expected to 1. According to the Super VLAN implementation, make VLAN 2 super VLAN, allocate subnet 1.1.1.0/24, subnet default gateway address 1.1.1.1, subnet directed broadcast address 1.1.1.255, then Sub-vlan--vlan 21, VLAN 22, The address of VLAN 23 is divided as shown in

650) this.width=650; "src=" Http://s1.51cto.com/wyfs02/M00/7A/ED/wKiom1bBq-2x8MJGAAEwWdVVhHA399.jpg "title=" Super3.jpg "alt=" wkiom1bbq-2x8mjgaaewwdvvhha399.jpg "/> We can see that VLAN 21, VLAN 22, VLAN 23 share the same subnet number 1.1.1.0, subnet default gateway address 1.1.1.1 and Subnet-directed broadcast address 1.1.1.255. In this way, the network address, gateway address, and broadcast address used in common VLAN implementations can all be used as host IP addresses.

In the implementation of the Super VLAN, the lines between sub-VLANs are no longer the former subnet lines, and they can flexibly divide the address range within the Super VLAN subnet according to the number of their respective host requirements.

In this way, 3 VLANs need 16 addresses altogether, and in fact they are allocated 16 addresses in this subnet. These 16 host address plus subnet number, subnet default gateway, subnet directed broadcast address, a total of 19 IP addresses, the network segment still remaining 237 of the address can be any sub-vlan within the host use.


Iv. Communication of Super VLANs

Super VLAN, while implementing the same subnet segment address among different VLANs, also poses a problem for the three-layer forwarding between sub-vlan. Originally on the three-layer switch, the VLAN can be separated by the different upstream gateway for three-tier forwarding, but the Super VLAN hosts use a network segment address, share the same uplink gateway, real-time is a different sub VLAN host, because its address belongs to a subnet, The device will think that they are two layers of interoperability, will do two-layer forwarding, and will not send the gateway three-layer forwarding. In fact, Sub-VLANs are isolated from each other at Layer two, which results in the inability to communicate between Sub-vlan.

The solution is to use ARP Proxy to achieve interoperability between SUB-VLANs.


V. Proxy ARP

This article is from the "Immortal word" blog, please be sure to keep this source http://buxiuzi.blog.51cto.com/11124867/1742281

H3C Switch series of Super VLAN

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.