Key points: Cross-switch Vlan configuration and management

For small enterprises, multiple VLANs can be implemented on one vswitch to meet users' security and performance requirements. However, for medium-sized enterprises, a switch cannot meet users' daily work needs. As shown in, you may need to build VLANs on multiple switches. This will involve a complicated problem. That is, how to exchange data with the same Vlan on different switches. In this article, I will discuss the key points of cross-switch Vlan configuration and management.

I. Key Role of frame tags in cross-switch Vlan

When talking about deploying VLANs across vswitches, we must talk about frame labeling. In this case, if there is no frame tag, data cannot be forwarded between different switches even if they are in the same Vlan. When frame traversing switches and VLANs, there is a need for each switch to track all users and frames. In a cross-switch Vlan deployment environment, this method is implemented by frame labeling. The frame tag uniquely assigns a user-defined ID to each frame.

When a switch receives a frame, it usually needs to first check the frame mark of the data frame to determine which Vlan the frame belongs. The switch system will view the information in the filter table to determine how to process these frames. If the switch of the received frame has a relay link, the frame may be forwarded from the relay link. Once a frame arrives at the egress of the access link or relay link determined by the forwarding filter table and matches the frame's frame tag, the switch deletes the Vlan ID. In this case, the access port can receive the data frame (note that the data packet will be discarded if the access port is identified by a Vlan ).

These content is more theoretical, and I just want to focus on it. However, this is the basis for understanding the management points of subsequent configuration and maintenance. For this reason, I suggest you read a few more articles if you do not understand them. It is necessary to clarify the role of frame markers in cross-switch Vlan. Only in this way can you have a deeper understanding of the following content. To put it simply, the switch determines the Vlan of the received frame based on the frame tag. Is the other Vlan of the same vswitch or the same Vlan of another vswitch. Then, take the correct forwarding action based on the judgment result.

2. Identify VLANs and transmit information using vswitch links

As shown in, how do I forward data between VLANs of different vswitches? In this case, the required technology is the inter-switch link (ISL. To put it simply, the inter-switch link is a way to mark Vlan information displayed on an Ethernet frame. ISL mainly uses an external encapsulation method. This tag information allows Vlan to be reused in the relay link mountain, so that the switch can identify the Vlan member relationship of frames on the relay link. It can be seen that the main function of a vswitch link is to determine the Vlan to which the data frame belongs and forward it to the corresponding Vlan (the destination switch port.

If the network administrator runs the link technology between switches, multiple switches can be connected. When data streams are transmitted over the relay link between switches, important Vlan information remains unchanged. As shown in, this means that A port running from vswitch A sends data to the port B of another vswitch. The difference is that Vlan information is maintained during the forwarding process. In this case, switch B can determine the Vlan in which the received data belongs. Then, the data is forwarded to the port corresponding to the vswitch.

For the inter-switch link technology, the author believes that the Administrator must master at least the following two points in actual work. First, pay attention to the areas where the links between switches work. Generally, the inter-vswitch link is mainly used in Layer 3 and encapsulates data frames with new header and Cyclic Redundancy verification. This will play a major role in subsequent performance optimization and network monitoring. Second, pay attention to the limitations of Inter-vswitch links. The Inter-switch link is a method dedicated to Cisco switches. It is only suitable for use with Fast Ethernet and gibit Ethernet links. It is not applicable in other environments. Note that the link between vswitches is not only applicable to the connection between vswitches, but also to the connection between vswitch ports and vro ports, vswitch ports, and server interface cards. I would like to remind you not to be fooled by this name.

3. Allocate vswitch ports to VLANs

If so, A port of vswitch A is Vlan3 or no Vlan is specified. Now, how do I configure the vswitch port to be allocated to Vlan2? In this part, I will introduce the relevant configurations in detail.

The basic configuration principle is that you can configure a port to a Vlan and add the Vlan Number of the port by assigning the traffic type membership mode of the specific port. In actual work, the command we use is Switchport. You can use this command to configure each port of the vswitch to the specified Vlan.

To assign a port to a specific Vlan, we need to first configure the port. Then, use the following command to configure.

Switchport access vlan2

As we all know, the vswitch port belongs to the second layer. Therefore, you can use the swithport access command to allocate a port to a Vlan. However, if you use this command for configuration, you can only add ports one by one. From the above command, we can see that there is no specified port information. That is to say, if three ports on vswitch A need to be added to Vlan2, the network administrator can only enter the specific interface mode one by one, and then repeat the preceding command for configuration. However, it is clear that the workload for doing so will be relatively large. To add multiple interfaces to a Vlan at the same time, you must use the interface range Command to configure multiple ports at the same time.

If the devices are inserted into the configured Vlan, they can only communicate with other devices in the same Vlan. As shown in, if vswitch A has two interfaces, 1 and 2, and they do not belong to the same Vlan, devices connected to the two interfaces will not be able to communicate. For another example, if the vswitch A and vswitch B have their own interface A and interface B. If these two interfaces belong to the same Vlan, they can still communicate with devices connected to these interfaces even if they belong to different vswitches.

4. configure a relay port for communication between switches in the same Vlan

As shown in, if interfaces A and B belong to different vswitches, but they belong to the same Vlan. They can communicate normally, but they need to rely on the help of the relay port. In this part, I will talk about how to configure the relay port to implement the relay link. Specifically, I think you only need to master the following commands.

The first command is switchport mode access. This command makes the access port of the switch a permanent non-relay mode, and changes the link to a non-relay link through negotiation. Note that this is mandatory. That is to say, the following conflicts may occur after such configuration. Either end of the link is a relay interface, and the other is a non-relay interface. This will lead to communication barriers.

The second command is switchport mode dynamic auto. This command can be used to convert a link to a relay link. This is the default working mode of the Next Generation switch. After this configuration, if the interface of the neighbor switch is set to relay or the required mode, the interface will also become a relay interface. Compared with the preceding command, this command provides an automatic negotiation mechanism to avoid conflicts caused by inconsistent interface types at both ends of the link. Note that the relay port and access port of the vswitch are not compatible. If there is a conflict between them, the most direct consequence is the interruption of communication.

In general, deploying VLANs across vswitches is more complicated because many technologies are required.