The principle of Super VLAN aggregation, which is no longer difficult to understand, is also mainly used in the network of service providers to solve the shortage of IPv4 address resources. A Super VLAN is also known as VLAN Aggregation. The principle is to set a Super VLAN and multiple Sub VLANs (subvlans) association (similar to the Isolate-user-VLAN mentioned above). However, physical ports cannot be added to the Super VLAN, but corresponding VLAN interfaces can be created, IP addresses can be configured under this VLAN Interface (this is special because at least one active port is required in common VLANs to activate VLANs). Sub VLANs can be added to physical ports, however, the corresponding VLAN interface cannot be created. All ports in the Sub VLAN share the VLAN interface IP address of the Super VLAN as the default gateway, thus saving IP Address resources; different Sub VLANs are still isolated from each other using Layer 2, just like common VLANs. Not all H3C switches support Isolate-user-VLAN, mainly H3C S5500 and S7500. As mentioned above, the Super VLAN is VLAN Aggregation (VLAN Aggregation) technology, it allows hosts in different VLANs connected to the same vswitch and in the same IP segment to use the same default gateway for layer-3 communication. We know that in a common VLAN, even if all VLANs are in the same IP segment, a VLAN interface IP address must be configured for each VLAN as the default gateway for this VLAN. Of course, common VLAN applications mainly involve a VLAN that corresponds to a subnet (as shown in Figure 20-5). In the same way, a large number of VLANs exist in the network, which wastes a lot of IP Address resources. Www.2cto.com
Figure 20-5 IP addresses in common VLANs are allocated in the example in Figure 2-5. VLAN 2 is expected to have 10 host addresses in the future, assign a subnet 1.1.1.0/28 with a mask length of 28. 1.1.1.0 indicates the subnet number and 1.1.1.15 indicates the subnet-oriented broadcast address. Neither of these addresses can be used as the host address, in addition, 1.1.1.1 cannot be used as the default subnet gateway address as the host address, and the remaining range is from 1.1.1.2 ~ 1.1.1.14 addresses can be used by hosts, with a total of 13 addresses. In this way, although VLAN2 only needs 10 addresses, it is allocated 13 addresses by subnet. Similarly, VLAN 3 is expected to have five host addresses in the future. At least one subnet 1.1.1.16/29 with a mask length of 29 must be allocated. VLAN 4 is expected to have only one host in the future, and a subnet 1.1.1.24/30 with a mask length of 30 will be allocated. See Table 20-6. Table 20-6 common VLAN Host IP Address Allocation example VLAN corresponds to subnet corresponding gateway address number of available hosts actual demand 21.1.1.0/281.1.1.114131031.1.1.16/291.1.1.176 www.2cto.com 5541.1.1.24/301.1.1.25211 the above three VLANs need 10 + 5 + 1 = 16 addresses, however, according to the addressing method of common VLANs, even the optimal solution requires 16 + 8 + 4 = 28 addresses, which wastes nearly half of the addresses. In addition, if VLAN2 does not have 10 hosts, but actually only has 3 hosts, the extra addresses will be wasted because they cannot be used by other VLANs. At the same time, this Division also brings great inconvenience to subsequent network upgrades and extensions. Assume that VLAN 4 needs to add two more hosts in the future, but it does not want to change the allocated IP address. In addition, if the address after 1.1.1.24 has been assigned to other users, only new users of VLAN 4 can be assigned a 29-bit subnet mask and a new VLAN. In this way, although customers in VLAN4 only have three hosts, they are allocated in two subnets and are not in the same VLAN, which is not conducive to network management. As shown in the preceding figure, many IP addresses, such as the subnet ID, subnet-oriented broadcast address, and subnet default gateway address, are consumed and cannot be used for host addresses in VLANs. At the same time, this address allocation constraint also reduces the flexibility of addressing, so that many idle addresses are also wasted. To solve this problem, VLAN aggregation (just like port aggregation) emerged. The main advantage of VLAN aggregation is to save IP addresses. It usually divides multiple different VLANs into the same IP subnet, rather than occupying one subnet for each VLAN, then, the whole IP subnet is mapped into a VLAN aggregation (Super VLAN), which contains all VLANs (Sub VLAN) in the whole IP subnet ). In this way, different Sub VLANs still have their own independent broadcast domains, and one or more Sub VLANs belong to the same Super VLAN, the interface address of the Super VLAN is the default gateway IP address. When hosts in different Sub VLANs need to communicate with each other in three layers, ARP proxy must be enabled on the Super VLAN. ARP Proxy transmits ARP packets between the Super VLAN and the internal Sub VLAN host. It is used to map the network layer addresses of each host to the data link layer addresses of the corresponding host. Www.2cto.com
Super VLAN introduces the concept of Super VLAN and Sub VLAN. A Super VLAN can contain one or more Sub VLANs that maintain different broadcast domains. In the same Super VLAN, no matter which Sub VLAN the host belongs to, its IP addresses are in the subnet CIDR Block corresponding to the Super VLAN. Each Sub VLAN no longer occupies an independent subnet CIDR block. In this way, Sub VLANs share the same layer-3 interface, which reduces the consumption of some subnet numbers, subnet Default Gateway addresses, and subnet-oriented broadcast addresses, in addition, different broadcast domains use the same subnet segment address, which increases the flexibility of addressing and reduces the waste of idle addresses. This ensures that each Sub VLAN is isolated from each other as an independent broadcast domain, while saving the IP addresses that were previously wasted using common VLANs. The example shown in Figure 20-5 is still used. User requirements remain unchanged. VLAN 2 is expected to have 10 host addresses in the future, and VLAN 3 is expected to have 5 host addresses in the future, VLAN 4 is expected to have one host address in the future. According to the implementation of VLAN aggregation, create a VLAN 10 and configure it as a Super VLAN. assign it a subnet 1.1.1.0/24 with a mask length of 24, wherein 1.1.1.0 is the subnet number, 1.1.1.1 is the subnet gateway address. Address Allocation for the three Sub VLANs (VLAN2, VLAN3, and VLAN4) is shown in table 20-7. Figure 20-5 is changed to Figure 20-6. Table 20-7 VLAN Aggregation host address division example VLAN corresponds to subnet corresponding gateway address number of available addresses number of available hosts actual demand 2 www.2cto.com 1.1.1.0/241.1.1.1101.1.1.2 ~ 1.1.1.1110321.1.1.12 ~ 1.1.1.165411.1.1.171
Figure 20-6 the host address allocation example after the VLAN aggregation scheme is adopted. From the above, we can see that in the VLAN aggregation scheme, the boundary between Sub VLANs is no longer the previous subnet boundary, they can flexibly divide the IP address ranges in the subnet corresponding to the Super VLAN based on the number of required hosts. As shown in Table 20-7, VLAN2, VLAN3, and VLAN4 share the same subnet (1.1.1.0/24), default subnet gateway address (1.1.1.1), and dedicated subnet broadcast address (1.1.1.255 ). In this way, other subnet numbers (1.1.1.16, 1.1.1.24) and default subnet gateways (1.1.1.17, 1.1.1.25) and subnet-oriented broadcast addresses (1.1.1.15, 1.1.1.23, 1.1.1.27) are used in common VLAN implementation) can be used as the host IP address. In this way, a total of 10 + 5 + 1 = 16 addresses are required for the three VLANs. In fact, 16 addresses are allocated in this subnet (1.1.1.2 ~ 1.1.1.17 ). These 16 host addresses are added with a subnet number (1.1.1.0), a subnet Default Gateway (1.1.1.1), and a subnet targeted broadcast address (1.1.1.255). A total of 19 IP addresses are used, the remaining 255-19 = 236 addresses in the CIDR block can be used by hosts in any Sub VLAN. In contrast, the VLAN aggregation solution saves a lot of IP Address resources. From Cisco/H3C Switch configuration and management full manual (version 2nd) Wang da