Scribd Logo
Upload

Welcome to Scribd!

  • 232 views

    Chapter 20 VLAN Configuration

    Uploaded by

    CuthbertChong
    This document provides instructions for configuring VLANs on Maipu network devices. It begins with an introduction to VLANs, including the types of VLANs supported. It then provides examples of configuring port-based VLANs, MAC-based VLANs, and IP subnet-based VLANs. The document also lists basic VLAN configuration commands and provides an example of configuring a port-based VLAN instance and MAC-based VLAN instance. It concludes with instructions for debugging and monitoring VLAN configurations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd

    Chapter 20 VLAN Configuration

    Uploaded by

    CuthbertChong
    232 views17 pages
    This document provides instructions for configuring VLANs on Maipu network devices. It begins with an introduction to VLANs, including the types of VLANs supported. It then provides examples of configuring port-based VLANs, MAC-based VLANs, and IP subnet-based VLANs. The document also lists basic VLAN configuration commands and provides an example of configuring a port-based VLAN instance and MAC-based VLAN instance. It concludes with instructions for debugging and monitoring VLAN configurations.

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    This document provides instructions for configuring VLANs on Maipu network devices. It begins with an introduction to VLANs, including the types of VLANs supported. It then provides examples of configuring port-based VLANs, MAC-based VLANs, and IP subnet-based VLANs. The document also lists basic VLAN configuration commands and provides an example of configuring a port-based VLAN instance and MAC-based VLAN instance. It concludes with instructions for debugging and monitoring VLAN configurations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    232 views17 pages

    Chapter 20 VLAN Configuration

    Uploaded by

    CuthbertChong
    This document provides instructions for configuring VLANs on Maipu network devices. It begins with an introduction to VLANs, including the types of VLANs supported. It then provides examples of configuring port-based VLANs, MAC-based VLANs, and IP subnet-based VLANs. The document also lists basic VLAN configuration commands and provides an example of configuring a port-based VLAN instance and MAC-based VLAN instance. It concludes with instructions for debugging and monitoring VLAN configurations.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 17

    VLAN Configuration

    Maipu Communication Technology Co., Ltd


    No. 16, Jiuxing Avenue Hi-tech Park Chengdu, Sichuan Province Peoples Republic of China - 610041 Tel: (86) 28-85148850, 85148041 Fax: (86) 28-85148948, 85148139 URL: http:// www.maipu.com Email: [email protected]

    Maipu Confidential & Proprietary Information

    Page 1 of 17

    VLAN Configuration

    All rights reserved. Printed in the Peoples Republic of China. No part of this document may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherwise without the prior written consent of Maipu Communication Technology Co., Ltd. Maipu makes no representations or warranties with respect to this document contents and specifically disclaims any implied warranties of merchantability or fitness for any specific purpose. Further, Maipu reserves the right to revise this document and to make changes from time to time in its content without being obligated to notify any person of such revisions or changes. Maipu values and appreciates comments you may have concerning our products or this document. Please address comments to:

    Maipu Communication Technology Co., Ltd


    No. 16, Jiuxing Avenue Hi-tech Park Chengdu, Sichuan Province Peoples Republic of China - 610041 Tel: (86) 28-85148850, 85148041 Fax: (86) 28-85148948, 85148139 URL: http:// www.maipu.com Email: [email protected]

    All other products or services mentioned herein may be registered trademarks, trademarks, or service marks of their respective manufacturers, companies, or organizations.

    Maipu Confidential & Proprietary Information

    Page 2 of 17

    VLAN Configuration

    Maipu Feedback Form


    Your opinion helps us improve the quality of our product documentation and offer better services. Please fax your comments and suggestions to (86) 28-85148948, 85148139 or email to [email protected].
    Document Title Product Version Evaluate this document VLAN CONFIGURATION Document Revision Number 1.0

    Presentation: (Introductions, procedures, illustrations, completeness, arrangement, appearance) Good Fair Average Poor Accessibility: (Contents, index, headings, numbering) Good Fair Average Poor Editorial: (Language, vocabulary, readability, clarity, technical accuracy, content) Good Fair Average Poor

    Your suggestions to improve the document

    Please check suggestions to improve this document: Improve introduction Make more concise Improve Contents Add more step-by-step procedures/tutorials Improve arrangement Add more technical information Include images Make it less technical Add more detail Improve index

    If you wish to be contacted, complete the following: Name Postcode Telephone Company Address E-mail

    Maipu Confidential & Proprietary Information

    Page 3 of 17

    VLAN Configuration

    Contents
    Configure VLAN.........................................................................................5
    Introduction to VLAN............................................................................................... 5
    Configure Port-based VLAN ................................................................................................... 6

    MAC-Based VLAN ................................................................................................... 7 IP-Subnet-Based VLAN ........................................................................................... 7 Basic Commands .................................................................................................... 7 Application Instances ............................................................................................ 14
    Port-based VLAN Instance ................................................................................................... 14 MAC-Based VLAN Instance .................................................................................................. 15

    Debugging & Monitoring ........................................................................................ 16


    Monitoring Commands ........................................................................................................ 16 Monitoring Command Instance ............................................................................................ 16

    Maipu Confidential & Proprietary Information

    Page 4 of 17

    VLAN Configuration

    Configure VLAN
    This chapter mainly describes the VLAN function and the configuration of the router switching port.

    The contents are as follows: Introduction to VLAN function Application instance Debugging and monitoring

    Introduction to VLAN
    Virtual Local Area Network (VLAN) is to divide physical networks into logical networks. Dividing VLAN is not restricted by the physical location. The hosts of different physical locations can belong to one VLAN. VLAN restricts the broadcast domain. L2 unicast, broadcast and multicast frames can be forwarded and diffused only in the VLAN and cannot enter into other VLANs directly. The L2 packets of different VLANs are separated with each other, that is, the users of different VLANs cannot communicate with each other directly.

    VLAN supports IEEE801.Q standard. The value range of VLAN ID is 1-4094. VLAN 1 is the default value and cannot be deleted.

    1.

    Different VLAN types support different VLAN division modes. RM180031-AC, RM1800-31W-AC, and RM1800-31W-DC48 support Port-based VLAN and MAC-address-based VLAN. The other RM1800 models only support port-based VLAN.

    Maipu Confidential & Proprietary Information

    Page 5 of 17

    VLAN Configuration

    Configure Port-based VLAN


    Port-based VLAN is to take a port as a member of the VLAN and add it into the VLAN. The port can forward packets of the VLAN to which the port belongs.

    M ode Types of Por ts


    Port modes are divided into three types according to different processing modes for Tag labels of packets when the port transmits packets.

    1.

    Access Type

    The port can belong to only one VLAN, and the default VLAN ID of the port is the same as the VLAN ID to which it belongs. The port usually connects with user devices. The default type of a port is the Access type.

    2.

    Trunk Type

    The port permits multiple VLANs to pass, and it can receive or send multiple VLAN packets. Only the packets of the default VLAN can be sent without Tag labels. The port is usually used to inter-connect network devices.

    3.

    Hybrid Type

    The port can be added into multiple VLANs, and it can receive or send multiple VLAN packets. The packets of multiple VLANs can be sent without Tag label. The port also can be used to connect user devices or interconnect network devices

    D efaul t VL AN of Po rts
    According to the default VLAN of the port, assign the packets without Tag label received by the port to the default VLAN. The default VLAN of the port is 1. Users can configure the default VLAN of the port as desired. The default VLAN of the Access port is the one it belongs to, and cannot be configured. The Trunk port and the Hybrid port can belong to multiple VLANs, and their default VLANs can be configured.

    Maipu Confidential & Proprietary Information

    Page 6 of 17

    VLAN Configuration

    MAC-Based VLAN
    The MAC-based VLAN is to assign the VLAN ID to packets according to the source MAC addresses of the packets received by ports. RM1800-31-AC, RM1800-31W-AC, and RM1800-31W-DC48 support MACVLAN function.

    After configuring and enabling the MACVLAN rule, the packets received by ports are processed as follows. 1. If the source MAC and the MAC address of MAC-based VLAN are consistent, and the ingress port of the packets is allocated to the VLAN of the corresponding VLAN ID, the packet is allocated to the VLAN ID corresponding to the MAC VLAN. If the packet doesnt match the MAC configured by the MAC VLAN, the packet is assigned to the default VLAN ID of the port.

    2.

    IP-Subnet-Based VLAN
    IP-subnet-based VLAN is to assign VLAN IDs to packets according to the source IP addresses of the Untagged packets received by ports

    The packets received by ports are processed as follows: 1. If the source IP address is in the network segment of IP subnet-based VLAN, and the In port of the packets is allocated to the VLAN of the corresponding VLAN ID, the packet is allocated to the VLAN ID corresponding to the network segment. If the packet doesnt match the network segment configured by the IP subnet VLAN, the packet is assigned to the default VLAN ID of the port.

    2.

    Basic Commands
    Command vlan vlanId description description port accept frame-type {all | tag } Description Create VLAN Configure description information of VLAN Configure the receivable frames of the port Config Mode config config-vlanxx config-vlanxx config-port-xxx config-link-aggregationx

    Maipu Confidential & Proprietary Information

    Page 7 of 17

    VLAN Configuration

    port mode {access | trunk | hybrid} port access vlan vlanId port trunk allowed vlan { vlanlist|all } port hybrid {tagged untagged} vlan vlanlist port trunk pvid vlan vlanId |

    *Configure port mode *Configure Access port to be added to VLAN *Configure Trunk port allow VLAN to pass *Configure Hybrid port to be added to VLAN *Configure the default VLAN of Trunk port *Configure the default VLAN of Hybrid port *Configure the default VLAN packets of Trunk port are sent with Tag *Configure MAC VLAN items *Configure MAC VLAN is enabled on the port

    port hybrid pvid vlan vlanId

    vlan dot1q tag pvid mac-vlan mac-address

    config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config-port-xxx config-link-aggregationx config config-port-xxx config-link-aggregationx

    mac-address vlan vlanId


    mac-vlan enable

    Note The * symbol before the command description means that there is configuration instance to describe the command.

    vlan

    This command is used to create the corresponding VLAN of the vlanid. The no format of the command is used to delete the VLAN. vlan
    Syntax

    vlanId
    Description The value range of vlanid is 1-4094. The value range is 2-4094. It can be "x1-x2", "x1, x2, x3" or the combination.

    no vlan vlanlist
    vlanId Vlanlist

    Default status: VLAN 1, which is created automatically by the system Note 1. VLAN 1 is the default value of the system and cannot be deleted.

    Maipu Confidential & Proprietary Information

    Page 8 of 17

    VLAN Configuration

    2.

    When other function depends on one VLAN, the VLAN cannot be deleted and the system provides prompt information, such as Vlan 2 is being used by other module.

    Caution After one VLAN is deleted, the relation between the port and the VLAN in the port-based VLAN is deleted.

    description

    This command is sued to add the description information of the VLAN. The no format of the command is used to delete the description information and recover it to the default value. description description no description
    Syntax description Description The VLAN description information, with a length of up to 32 bytes printable character string

    Default status: The default description information of VLAN 1 is DEFAULT and the description information of other VLANs is vlanId.

    port accept frame-type {all | tag }

    This command is used to configure the receivable frames of the port. The frames that do not meet the requirements are discarded.
    Syntax all tag Description The port receives all Tag packets and Untag packets. The port only receives the Tag frames and the Untag frames are not forwarded and are discarded.

    Default status: By default, the port receives all frames, that is, all Tag packets and Untag packets.

    port mode {access | trunk | hybrid}

    This command is used to configure the port type.


    Syntax access trunk hybrid Description The port type is Access. The port type is Trunk. The port type is Hybrid.

    Maipu Confidential & Proprietary Information

    Page 9 of 17

    VLAN Configuration

    Default status: The default type of the port is Access. Note 1. 2. 3. The port type cannot switch from Hybrid to Trunk directly. It should first switch to Access and then to Trunk. The port type cannot switch from Trunk to Hybrid directly. It should first switch to Access and then to Hybrid. After the port type is switched, the original VLAN configuration of the port is deleted and VLAN configuration of the port recovers to the default value of the new port type.

    port access vlan

    This command is used to add Access port to VLAN. The no format of the command is used to add the port to the default VLAN 1. port access vlan vlanId no port access vlan
    Syntax Description The value range of VLAN ID is 1-4094.

    vlanId

    Default status: By default, the port is added to VLAN 1. Note 1. The configuration command must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not access. When the Access port is added to VLAN and if the VLAN does not exist, the VLAN is created automatically. Because of the switch chip limitation, RM1800-21-AC, RM1800-22-AC, and RM1800-23-AC only support 16 VLANs. Therefore, it is not permitted to add the ports on the devices to some VLANs and the system prompts error. If one vlan m already has ports or is permitted by trunk port, vlan m16n (n is an integer) cannot configure adding ports any more. The limitation is also suitable for the binding of the VLAN and the virtual interacting interface. Here, if m is 1, only VLAN1 can be used.

    2. 3.

    Caution When the VLAN to which the Access port is added is deleted, the port exits from the deleted VLAN and is added to the default VLAN 1.

    port trunk allowed vlan

    Maipu Confidential & Proprietary Information

    Page 10 of 17

    VLAN Configuration

    This command is used to configure the Trunk port to allow VLAN. The no format of the command is used to delete the VLAN configuration allowed by the Trunk port.

    port trunk allowed vlan { vlanlist } no port trunk allowed vlan { vlanlist }
    Syntax vlanlist Description Set the allowed VLAN. The format of vlanlist is a single vlanId, or vlanId1-vlanId2, vlanId1,vlanId2,vlanIdn, the value range of vlanId is 1-4094.

    Default status: By default, VLAN 1 is allowed to pass. Note 1. The configuration command must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not trunk. The port type cannot switch from Hybrid to Trunk directly. It should first switch to Access and then to Trunk. Because of the switch chip limitation, RM1800-21-AC, RM1800-22-AC, and RM1800-23-AC only support 16 VLANs. Therefore, it is not permitted to add the ports on the devices to some VLANs and the system prompts error. If one vlan m already has ports or is permitted by trunk port, vlan m16n (n is an integer) cannot configure adding ports any more. The limitation is also suitable for the binding of the VLAN and the virtual interacting interface. Here, if m is 1, only VLAN1 can be used.

    2. 3.

    Caution When Trunk port is configured to allow VLAN to pass: 1. 2. If VLAN exists, the port is added to the VLAN; If VLAN does not exist, the VLAN is not created automatically and the port is not added to VLAN; after the allowed VLAN is created, the port is automatically added to the VLAN.

    port hybrid {tagged|untagged} vlan

    This command is used to configure Hybrid port to be added to VLAN and select the mode of being added to the LAN (Tag/Untag). The no format of the command is used to make the port exit the VLAN and select to mode of exiting the corresponding VLAN.

    port hybrid {tagged|untagged} vlan vlanlist no port hybrid {tagged|untagged} vlan vlanlist
    Syntax Description

    Maipu Confidential & Proprietary Information

    Page 11 of 17

    VLAN Configuration

    Vlanlist

    The format of vlanlist is a single vlanId, or vlanId1vlanId2, vlanId1,vlanId2,vlanIdn. The value range of vlanId is 1-4094. The port is added to VLAN in Tag mode and becomes the Tag member of the VLAN. The port is added to VLAN in Untag mode and becomes the Untag member of the VLAN.

    tagged untagged

    Default status: By default, the port is added to VLAN 1 in Untag mode. Note 1. The configuration command must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not hybrid. The port type cannot switch from Trunk to Hybrid directly. It should first switch to Access and then to Hybrid. When Hybrid port is added to VLAN and if the VLAN does not exist, the VLAN is automatically created. Because of the switch chip limitation, RM1800-21-AC, RM1800-22-AC, and RM1800-23-AC only support 16 VLANs. Therefore, it is not permitted to add the ports on the devices to some VLANs and the system prompts error. If one vlan m already has ports or is permitted by trunk port, vlan m16n (n is an integer) cannot configure adding ports any more. The limitation is also suitable for the binding of the VLAN and the virtual interacting interface. Here, if m is 1, only VLAN1 can be used.

    2. 3. 4.

    port trunk pvid vlan

    This command is used to configure the default VLAN (pvid) of Trunk port. The no format of the command is used to delete the configured default VLAN (pvid) of the port and the default VLAN of the port recovers to 1. port trunk pvid vlan vlanId no port trunk pvid vlan

    Syntax vlanId

    Description The value range of VLAN ID is 1-4094.

    Default status: The default VLAN (pvid) of the port is 1. Note The configuration mode must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not trunk.

    port hybrid pvid vlan vlanId

    Maipu Confidential & Proprietary Information

    Page 12 of 17

    VLAN Configuration

    This command is used to configure the default VLAN (pvid) of Hybrid port. The no format of the command is used to delete the configured default VLAN (pvid) of the port and the default VLAN of the port recovers to 1. port hybrid pvid vlan vlanId no port hybrid pvid vlan
    Syntax Description The value range of VLAN ID is 1-4094.

    vlanId

    Default status: The default VLAN (pvid) of the port is 1. Note The configuration mode must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not hybrid.

    vlan dot1q tag pvid

    This command is used to configure the default VLAN packets of the Trunk port to be sent with Tag. The no format of the command is used to delete the port configuration and recover the default configuration, that is, the default VLAN packets of Trunk port are sent without Tag. vlan dot1q tag pvid no vlan dot1q tag pvid Default status: The port does not have vlan dot1q tag pvid configuration. Note The configuration command must be consistent with the port type. Otherwise, the system prompts error information, such as port 0/1 current mode is not trunk.

    mac-vlan mac-address

    This command is used to configure MAC VLAN items globally and distribute the corresponding VLAN ID as per the MAC address. The no format of the command is used to delete the MAC VLAN items.

    mac-vlan mac-address mac-address vlan vlanId [pri priId] no mac-vlan mac-address mac-address vlan
    Syntax Description MAC address Distribute corresponding VLAN ID as per the MAC address; the value range of VLAN ID is 1-4094.

    mac-address vlanId

    Default status: By default, there are no MAC VLAN items. Note


    Maipu Confidential & Proprietary Information Page 13 of 17

    VLAN Configuration

    1. 2. 3.

    MAC address cannot be broadcast address or multicast address. If the illegal MAC address is input, the system prompts error information. MAC VLAN items are valid globally, that is, valid for the whole device. Only RM1800-31-AC, RM1800-31W-AC, support MACVLAN function. and RM1800-31W-DC48

    mac-vlan enable

    This command is used to enable MAC VLAN function on the port. The no format of the command is used to disable the MAC VLAN function of the port. mac-vlan enable no mac-vlan enable Default status: By default, MAC VLAN function is disabled on the port. Note MAC VLAN can take effect only when the MAC VLAN function is enabled on the port and there are MAC VLAN items.

    Application Instances
    Port-based VLAN Instance
    Instance of Configuring VLAN of Access Port
    Command router#configure terminal Description Users enter the global configuration mode from the privilege user mode . Enter port 0/1 configuration status Configure the type of a port as Access (The default type is Access) Add the port into VLAN 10.

    router(config)#port 0/1 router(config-port-0/1)#port mode access

    router(config-port-0/1)#port access vlan 10

    Instance of Configuring VLAN of a Trunk Port


    Command router#configure terminal Description Users enter the global configuration mode from the

    Maipu Confidential & Proprietary Information

    Page 14 of 17

    VLAN Configuration

    privilege user mode router(config)#port 0/1 router(config-port-0/1)#port mode trunk router(config-port-0/1)#port trunk allowed vlan 10-20 router(config-port-0/1)#port trunk pvid vlan 30 router(config-port-0/1)#vlan dot1q tag pvid Enter port 0/1 configuration status Configure the type of the port as Trunk The port permits VLAN 1020 to pass Configure the default VLAN of the port Configure the default VLAN packets of a Trunk port to be sent with Tag

    Instance of Configuring VLAN of Hyrbid Port


    Command router#configure terminal Description Users enter the global configuration mode from the privilege user mode Enter port 0/1 configuration status Configure the type of the port as Hybrid. The port is added to VLAN 10. The VLAN packets are sent without tag The port is added to VLAN30. The VLAN packets are sent with tag.

    router(config)#port 0/1 router(config-port-0/1)#port mode hybrid

    router(config-port-0/1)# port hybrid untagged vlan 10 router(config-port-0/1)#port hybrid tagged vlan 30

    MAC-Based VLAN Instance


    Command router#configure terminal Description Users enter the global configuration mode from the privilege user mode Configure the items in the MAC VLAN table; to assign the Untagged of the corresponding MAC into the VLAN. Enter port 0/1 configuration status Configure the port to enable the MAC VLAN function

    router(config)# mac-vlan mac-address 1.1.1 vlan 10

    router(config)#port 0/1 router(config-port-0/1)# mac-vlan enable

    Maipu Confidential & Proprietary Information

    Page 15 of 17

    VLAN Configuration

    Debugging & Monitoring


    Monitoring Commands
    Command show vlan [vlanId] show mac-vlan Description To view port-based VLAN information To view the information about the MAC VLAN items

    Monitoring Command Instance


    router#show vlan Displayed result:
    ---- ---- -------------------------------- -----------------------------------------NO. VID VLAN-Name Owner mode Port-Name ---- ---- -------------------------------- -----------------------------------------1 1 DEFAULT static Untagged port 0/1 port 0/2 port 0/3 port 0/4 port 0/5 port 0/6 port 0/7 port 0/8 port 0/9 port 0/10 port 0/11 port 0/12 port 0/13 port 0/14 port 0/15 port 0/16 port 0/17 port 0/18 port 0/19 port 0/20 port 0/21 port 0/22 port 0/23 2 3 3 VLAN0003 static Untagged static Tagged port 0/0

    4 VLAN0004

    port 0/1

    Description & analysis: NO. : display serial number VID: VLAN ID VLAN-Name: VLAN description information Owner: the label of the VLAN creator, static (created manually) or dynamic (created by GVRP protocol) Mode: how the port joins the VLAN: tagged or untagged Port-Name: port name The displayed result indicates the existing VLAN of the system, VLAN description information, VLAN member ports and the Tag/Untag attributes.

    Maipu Confidential & Proprietary Information

    Page 16 of 17

    VLAN Configuration

    router#show mac-vlan Displayed result:

    total 4096, used 1, left 4095 ---- --------------- ---------MAC-VLAN-------------------------------------------------------NO. MAC address dynamicvlan staticvlan currentpri staticpri ---- --------------- -------------------------------------------------------------------------

    0002.0003.0004 0

    Description & analysis: NO.: display serial number MAC address: MAC address Dynamicvlan: The VLAN ID assigned by matched MAC address packets. It is created by dot1X protocol staticvlan: The VLAN ID assigned by matched MAC address packets. It is created by the user currentpri: The current valid priority staticpri: The shell configured priority

    The displayed result indicates the existing MAC VLAN items of the system and the included details.

    Maipu Confidential & Proprietary Information

    Page 17 of 17

    You might also like