Network Technology Basics

Foreword


Network technologies are the basis for the interconnection of all
platforms and services. What exactly is a network? What are the
basic principles of network communication? And what are the
common network technologies? This course will answer these
questions and more.

3 Huawei Confidential
 Objectives


Upon completion of this course, you will be able to:

Understand the classification and subnetting of IP addresses.

Understand the basic principles of network communication.

Be familiar with the operating principles of switches and routers.

Understand the technical principles and basic configuration methods of
VLAN.

4 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
4. Routing Basics

5 Huawei Confidential
What Is an IP Address?

An IP address is a unique logical address used to identify a device that sends or receives data packets on
a network.

The functions of an IP address are to:

Identify a host or network device (identifying its network interface and indicating its location on the network).

Implement network addressing

Destination
IP Address
IP address: IP 1 IP 5
IP 5 An IP address is like a real-
IP 4
world address. It identifies a
IP 2
node on a network, and is
used to find the destination.
IP 3

Data

6 Huawei Confidential
IP Address Format

An IPv4 address has 32 bits.

An IPv4 address is usually represented in dotted decimal notation.

Decimal digit 192 168 10 1 4 bytes

Dotted decimal
notation Binary digit 11000000 10101000 00001010 00000001 32 bits

27 26 25 24 23 22 21 20
Power
Decimal-to- 128 64 32 16 8 4 2 1
binary
conversion Bit 1 1 0 0 0 0 0 0

= 128 + 64 =
192

IPv4 address range: 0.0.0.0–255.255.255.255

7 Huawei Confidential
IP Address Structure

Network portion: identifies a network segment.

Host portion: uniquely identifies a host on a network segment.
Host
Network portion
portion

• Subnet mask: specifies which portion of an address refers to the subnet and which portion
refers to the host.
192 168 10 1

192.168.10.1 1 1 0 0 0 0 0 0 1 0 1 0 1 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1 IP address

255.255.255.0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 Subnet mask

Network Host portion

Forma
portion
t 192.168.10.1 255.255.255.0 =
192.168.10.1/24

8 Huawei Confidential
IP Address Classes (Classified Addressing)

IP addresses are classified into five classes to facilitate IP address management and
networking. 0.0.0.0–
Class A 0NNNNNNN NNNNNNNN NNNNNNNN NNNNNNNN
127.255.255.255
128.0.0.0– Assigned to
Class B 10NNNNNN NNNNNNNN NNNNNNNN NNNNNNNN
191.255.255.255 hosts
192.0.0.0–
Class C 110NNNNN NNNNNNNN NNNNNNNN NNNNNNNN
223.255.255.255
224.0.0.0– Used for
Class D 1110NNNN NNNNNNNN NNNNNNNN NNNNNNNN
239.255.255.255 multicast
240.0.0.0– Used for
Class E 1111NNNN NNNNNNNN NNNNNNNN NNNNNNNN
255.255.255.255 research

• Default subnet masks:

▫ Class A: 8 bits, 0.0.0.0–127.255.255.255/8
Network portion
▫ Class B: 16 bits, 128.0.0.0–191.255.255.255/16
Host portion
▫ Class C: 24 bits, 192.0.0.0–223.255.255.255/24

9 Huawei Confidential
Public and Private IP Addresses

Public IP address

Public IP addresses are assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) to ensure
that each IP address is unique on the Internet. Public IP addresses can be used for accessing the Internet.


Private IP address

Some networks do not need to connect to the Internet, for example, a network in a closed lab of a university.
However, the IP addresses of network devices in the lab network still need to be unique to avoid conflicts. Some IP
addresses of classes A, B, and C are reserved for this kind of situation. These IP addresses are called private IP
addresses.
192.168.1.0/24

Class A: 10.0.0.0–10.255.255.255
10.0.0.0/8

Class B: 172.16.0.0–172.31.255.255

Class C: 192.168.0.0–192.168.255.255 Internet NAT

10.0.0.0/8 192.168.1.0/24

NAT is used to connect a

private network to the Internet
10 Huawei Confidential
Special IP Addresses

There are some special IP addresses that have special meanings and functions.

Special IP Address IP Address Range Function

Packets that use this address as the destination
Limited broadcast address will be sent to all hosts on the same network
255.255.255.255
address segment.
(The destination range is limited by the gateway.)
This address is the network address of any network,
Any address 0.0.0.0
or the IP address of an interface on a network.
This address is used to test the software system of a
Loopback address 127.0.0.0/8
device.
When a host fails to obtain an IP address
Link-local address 169.254.0.0/24 automatically, the host can use a link-local address
for temporary communication.

11 Huawei Confidential
Subnet Mask and Available Host Address

Generally, the network range defined by a network ID is called a network segment.

Subnet mask: Used to calculate the network ID (network address) and host ID (host address) in an IP
address.
Example: 192.168.10.0/24

192 168 10 00000000

Note

Broadcast address: Used as a special destination
• Network addresses and broadcast
address to send data to all hosts on the network.
addresses cannot be used as the address
Example: 192.168.10.255/24 of nodes or network devices.
192 168 10 11111111 • The number of available IP addresses on
a network segment is 2ⁿ - 2 (n is the

Available address: Assigned to a node or an
number of host bits).
interface of a device on a network.
Example: 192.168.10.1/24

192 168 10 00000001

12 Huawei Confidential
IP Address Calculation

Calculate the network address, broadcast address, and number of available addresses of the
class B address 172.16.10.1/16.
172 16 00001010 00000001

IP address 1 0 1 0 1 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 1 0 1 0 0 0 0 0 0 0 0 1

Subnet mask 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
Change all host bits to
0, and the network
address is obtained.
Network
address
1 0 1 0 1 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0172.16.0.0
Change all host bits to
1, and the broadcast
Broadcast
address
1 0 1 0 1 1 0 0 0 0 0 1 0 0 0 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1address is obtained.
172.16.255.255

Number of IP
addresses 216=65536 Extra Practice
Number of Calculate the network address,
available IP 216-2=65534 broadcast address, and number of
addresses available addresses of the class A
Range of available
IP addresses 172.16.0.1-172.16.255.254 address 10.128.20.10/8.

13 Huawei Confidential
Subnetting

Why do we need subnetting?

The variable length subnet mask (VLSM) technology is used in subnetting.

VLSM allows an organization to divide a network into multiple subnets based on the
network scale for different departments to use.

For example, a company is assigned a class C IP address 201.222.5.0. Assume that 20
subnets are required and each subnet contains five hosts. How should we divide the subnets?

Subnet Address Available Host Addresses

201.222.5.8/29 201.222.5.9-201.222.5.14
201.222.5.16/29 201.222.5.17-201.222.5.22
... ...
201.222.5.232/29 201.222.5.233-201.222.5.238
201.222.5.240/29 201.222.5.241-201.222.5.246

14 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
 Network Basics
 Common Network Devices
 Introduction to Common Protocols

3. Switching Basics
4. Routing Basics

15 Huawei Confidential
Concept of Network Communication

Communication refers to the information transfer and exchange between people, between people and
things, and between things through a certain medium and action.

Network communication refers to communication between terminal devices through a computer network.

Examples of network communication:
Data
Router

A. Files are transferred between two computers

(terminals) through a network cable. Data

...
Data
B. Files are transferred among multiple
computers (terminals) through a router.

C. A computer (terminal)
downloads files through the
Internet.
16 Huawei Confidential
Information Transfer Process

Virtual information transfer is similar to real object transfer.

Item Package Distribution center Sky Distribution center Package Item

Packet Packet
Data Data Data Data

Computer Gateway router Internet Gateway router Computer

17 Huawei Confidential
What Is a Gateway?

• Default next hop of

the host
192.168.1.X/24 192.168.2.X/24

PC1 PC2

Gateway: 192.168.1.1 Gateway: 192.168.2.1

19 Huawei Confidential
Basic Architecture of a Communication Network
Internet


Communication network Core equipment
room
Log system
A communication network Controller
NMS
consists of routers, switches, Application
server
firewalls, PCs, network
printers, servers, and more.

Function
The basic function of a
communication network is to
implement data ...
... ...
communication.
Office area Office area Office area
1 2 3
20 Huawei Confidential
Network Device - Switch

As the device closest to end users, a switch connects end users to a network and
forwards data frames. A switch can:

Connect terminals (such as PCs and servers) to the network.

Isolate collision domains.

Broadcast unknown packets.
Switch

Learn MAC addresses and maintain the MAC address table.

Forward packets based on the MAC address table.

Broadcast domain

21 Huawei Confidential
Network Device - Router

Working at the network layer, a router forwards data packets on the Internet. Based on the
destination address in a received packet, a router selects a path to send the packet to the
next router or destination. The last router on the path is responsible for sending the packet to
the destination host. A router can:

Implement communication between networks of the

same type or different types.


Isolate broadcast domains.
Router

Maintain the routing table and run routing protocols.

Select routes and forward IP packets.

Implement WAN access and network address translation (NAT).

Connect Layer 2 networks built through switches.

Broadcast domain A Broadcast domain B

22 Huawei Confidential
Discussion

What are the differences between a Layer 2 switch and a router that are both used
for network connection?

What are their application scenarios?
?

23 Huawei Confidential
Network Device - Firewall

As a network security device, a firewall is used to ensure secure communication between
two networks. It monitors, restricts, and modifies data flows passing through it to shield the
information, structure, and running status of internal networks from the public network. A
firewall can: Untrust zone

Isolate networks of different security levels. Internet

Implement access control (using security policies) between
DMZ
networks of different security levels. Firewall

Perform user identity authentication.

Implement remote access. Trust zone

Encrypt data and provide virtual private network (VPN) services.

Implement NAT.

Provide other security functions.

24 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
 Network Basics
 Network Reference Model and Data Encapsulation
 Introduction to Common Protocols

3. Switching Basics
4. Routing Basics

25 Huawei Confidential
OSI Reference Model

To achieve compatibility between networks and help vendors produce compatible network
devices, the International Organization for Standardization (ISO) launched the Open Systems
Interconnection (OSI) reference model in 1984. It was quickly adopted as the basic model for
computer network communication.
7. Application layer Provides interfaces for applications.

Converts data formats to ensure the application layer of one system can identify and
6. Presentation layer understand the data generated by the application layer of another system.

5. Session layer Establishes, manages, and terminates sessions between two parties.

Establishes, maintains, and cancels one-time end-to-end data transmission processes,

4. Transport layer controls transmission speeds, and adjusts data sequencing.

3. Network layer Defines logical addresses and transfers data from sources to destinations.

Encapsulates packets into frames, transmits frames in P2P or P2MP mode, and
2. Data link layer implements error checking.

Transmits bit streams over transmission media and defines electrical and physical
1. Physical layer specifications.
26 Huawei Confidential
TCP/IP Reference Model

The TCP/IP reference model has become the mainstream reference model of the
Internet because the TCP and IP protocols are widely used and the OSI model is too
complex.
Application layer

Application layer Presentation Application layer

layer
Session layer
Transport layer Transport layer
Transport layer
Network layer Network layer
Network layer
Data link layer
Data link layer Data link layer
Physical layer
Physical layer
Standard TCP/IP model OSI model Equivalent TCP/IP model

27 Huawei Confidential
Data Encapsulation on the Sender

Data Application Data

www.huawei.com
layer

TCP header Data Transport layer Segment

Network layer Packet

IP header Payload

Ethernet header Payload FCS Data link layer Frame

... Physical layer Bit

0 1 1 0 0 1 0 1 0 1 ... Transmission
Transmission medium
medium
29 Huawei Confidential
Data Transmission on the Intermediate Network

Encapsulated data is transmitted on the network.

Data

Data

Application Application
layer layer
Transport layer Transport layer
Network layer
Network layer Network layer
Data link layer Data link layer
Data link layer Data link layer
Physical layer Physical layer
Physical layer Physical layer

30 Huawei Confidential
Data Decapsulation on the Receiver

Application Data Data

Web server
layer

Transport layer Data Segment

e a de r
TCP h

Network layer Payload Packet

r
IP h ea d e

Data link layer eader

Payload FCS Frame
n e t h
E the r

Physical layer ... Bit

Transmission 0 1 1 0 0 1 0 1 0 1 ...
medium

31 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
 Network Basics
 Network Reference Model and Data Encapsulation
 Introduction to Common Protocols

3. Switching Basics
4. Routing Basics

32 Huawei Confidential
Common TCP/IP Protocols

The TCP/IP protocol stack defines a set of standard protocols.

Telnet FTP TFTP SNMP

Application layer
HTTP SMTP DNS DHCP

Transport layer TCP UDP

ICMP IGMP
Network layer
IP
PPPoE
Data link layer
Ethernet PPP
Physical layer ...

33 Huawei Confidential
TCP

TCP provides connection-oriented and reliable services for applications.

Reliability of TCP

Connection-oriented transmission

Maximum segment size (MSS)

Transmission acknowledgment mechanism

Checksum of the header and data Source port (16) Destination port (16)
Sequence number (32)

Flow control Acknowledgment number (32) TCP
Header Reserve Control Window header
length d (6) bits (6) (16) 20 bytes
(4)
Checksum (16) Urgent (16)
Options
Data (varies)
35 Huawei Confidential
UDP

UDP provides connectionless services for applications. Before data transmission, no

connection is established between the source and destination ends.


UDP does not maintain connection states or sending and receiving states. Therefore,

a server can transmit the same message to multiple clients at the same time.


UDP applies to applications that require high transmission efficiency.

Source port (16) Destination port (16)

UDP header
Length (16) Checksum (16) 8 bytes
Data (if any)

36 Huawei Confidential
TCP vs. UDP

TCP UDP
• Connectionless
• Connection-oriented
• Unreliable transmission, with
• Reliable transmission with flow
packet reliability guaranteed
and congestion control
by upper-layer applications
• Header length: 20–60 bytes
• Short header length of 8 bytes
• Applies to applications that
• Applies to real-time
require reliable transmission,
applications, such as video
such as file transfer
conferencing

37 Huawei Confidential
Telnet

Telnet provides remote login services on data networks. It allows users to remotely
log in to a device from a local PC. Telnet data is transmitted in plaintext.


A user connects to a Telnet server Telnet server

through a Telnet client program. The

Telnet connection
commands entered on the Telnet client AP Router

are executed on the server, as if the

LAN
commands were entered on the console Switch Firewall
Telnet client
of the server. ...

Server

38 Huawei Confidential
SSH

SSH is a network security protocol that employs encryption and authentication
mechanisms to implement services such as secure remote access and file transfer.


SSH was developed to resolve security SSH server
issues that Telnet may bring, ensuring
secure remote access to network SSH connection
AP Router
devices.
Network

SSH uses the client/server architecture
Switch Firewall
SSH client
and involves three layers: transport ...

layer, authentication layer, and Server

connection layer.

39 Huawei Confidential
Telnet vs. SSH
Telnet SSH
• Data is transmitted in ciphertext.
• User authentication information is transmitted in
ciphertext.
• Data is transmitted in plaintext.
• In addition to password authentication, SSH
• Weak authentication mechanism: User
servers support multiple user authentication
authentication information is transmitted in
modes, such as public key authentication that has
plaintext.
higher security.
• Only traditional password authentication is
• Encryption and decryption keys are dynamically
available.
generated for communication between the client
• A client cannot truly identify a server.
and server.
• Provides the server authentication function for
clients.

40 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
 Ethernet Switching Basics
 VLAN Basics
 VLAN Basic Configuration

4. Routing Basics

41 Huawei Confidential
Ethernet Protocol

Ethernet is the most common communication protocol standard used by existing
local area networks (LANs). It defines the cable types and signal processing
methods that are used on a LAN.

Host A Host B Switch A

Switch B

Host A Host B

Host C Host D
Host C Host D

Early Ethernet Switch networking

42 Huawei Confidential
Layer 2 Ethernet Switch

Layer 2 Ethernet switches forward data
Interne Interne
through Ethernet interfaces. t t

Specifically, a switch performs

addressing and forwards data only
based on the MAC address in the Layer
2 header of an Ethernet data frame.

Layer 2
Ethernet switch

43 Huawei Confidential
MAC Address Table

Each switch has a MAC address table that stores the mappings between MAC
addresses and switch interfaces.

3
0/
0/
Host 1 Host 2

GE
GE0/0/1 GE0/0/2

IP 1 Switch IP 2
MAC 1 MAC 2

MAC
Port
Address
MAC 1 GE0/0/1

MAC 2 GE0/0/2
... ...

44 Huawei Confidential
Working Principles of Switches

3
0/
0/
Host 1 Host 2

GE
GE0/0/1 GE0/0/2

Switch
IP1: 192.168.1.1 IP2: 192.168.1.2
MAC1: 0050-5600-0001 MAC2: 0050-5600-0002

Frame sent by Host

1 After receiving a data frame, the switch learns the
Source MAC: Destination MAC:
MAC1 MAC2 source MAC address of the frame, searches the
MAC address table for the destination MAC
Source IP: IP1 Destination IP: IP2
address (MAC2: 0050-5600-0002 in this example)
Payload of the frame, and forwards the frame through the
corresponding interface.

45 Huawei Confidential
Three Frame Processing Behaviors of a Switch

A switch processes the frames entering an interface over a transmission
medium in three ways:
Switc
h
Flooding
Port 1 Port 2 Port 3 Port 4

Switc
h
Forwarding
Port 1 Port 2 Port 3 Port 4

Forwarding path
inside a switch
Switc Outgoing frame
h Discarding Incoming frame
Port 1 Port 2 Port 3 Port 4
Data frame

46 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
 Ethernet Switching Basics
 VLAN Basics
 VLAN Basic Configuration

4. Routing Basics

47 Huawei Confidential
Why Do We Need VLANs?

Broadcast packets have a wide-ranging impact on a network. However, Ethernet has
no method for forwarding control.

A B C

User: Administrator:
I don't want to receive I want to stop B from
broadcast packets from C. accessing A.

48 Huawei Confidential
Objectives of the VLAN Technology

The Virtual Local Area Network (VLAN) technology divides users into multiple logical groups
(networks). Intra-group communication is allowed, whereas inter-group communication is
prohibited. Layer 2 unicast, multicast, and broadcast packets can be forwarded only within a
group. In addition, group members can be easily added or deleted.

A B C

Group 2 Group 1

49 Huawei Confidential
What Is VLAN?

The VLAN technology logically divides a physical LAN into multiple VLANs (broadcast
domains).

Router

Switch A Switch B Switch C

VLAN
1
VLAN
2
VLAN
3

50 Huawei Confidential
VLAN Frame Format

6B 6B 2B 64–1500 B 4B

DA SA TYPE DATA FCS Untagged frame

6B 6B 4B 2B 64–1500 B 4B

DA SA TAG TYPE DATA FCS Tagged frame

2B 2B

0x8100 PRI CFI VLAN ID (12 b)

TPID TCI

51 Huawei Confidential
VLAN Assignment Methods

How are VLANs assigned on a network?

SW1

VLAN
Assignment VLAN 10 VLAN 20
1

G
0/

Method
E0
/2

GE
/
E0

/0
/0

0/

/4
G

GE0

0/ 3
Interface- GE0/0/1,
GE0/0/2, GE0/0/4
based GE0/0/3
MAC address–
MAC 1, MAC 3 MAC 2, MAC 4
based
IP subnet–
10.0.1.* 10.0.2.*
Host 1 Host 2 Host 3 Host 4
based
10.0.1. 10.0.2. 10.0.1. 10.0.2. Protocol-based IP IPv6
1 1 2 2
MAC 1 MAC 2 MAC 3 MAC 4 10.0.1.* + 10.0.2.* + GE0/0/2
Policy-based
GE0/0/1+ MAC 1 + MAC 2

52 Huawei Confidential
Interface-based VLAN Assignment

Interface-based VLAN assignment

10 • Principles
SW1 SW2
PVID 1 PVID 1
▫ VLANs are assigned based on interfaces.
▫ A network administrator preconfigures a PVID
PVID PVID 10 PVID PVID 20 for each switch interface to assign each
10 20
interface to the VLAN corresponding to the PVID.
▫ After an interface receives an untagged frame,
the switch adds a tag carrying the PVID of the
interface to the frame. The frame is then
transmitted in the specified VLAN.
Host 1 Host 2 Host 3 Host 4
VLAN VLAN • PVID (Port VLAN ID)
10 20
▫ Default VLAN ID of an interface
The network administrator must
reconfigure VLANs when hosts move. ▫ Value range: 1–4094

54 Huawei Confidential
VLAN Interface Types
Interface type

• Access interface
An access interface is used to connect a switch to a terminal,
such as a PC or server. In general, the NICs on such terminals
receive and send only untagged frames. An access interface
can be added to only one VLAN.

• Trunk interface
A trunk interface is used to connect a switch to another switch
or a sub-interface on a device such as a router or firewall. This
type of interface allows frames that belong to multiple VLANs to
pass through and differentiates the frames using the 802.1Q
tag.

• Hybrid interface
Similar to a trunk interface, a hybrid interface also allows
VLAN 10 VLAN 20 VLAN 10 VLAN 20 frames that belong to multiple VLANs to pass through and
differentiates the frames using the 802.1Q tag. You can
determine whether to allow a hybrid interface to send frames
Access interface Trunk interface that belong to one or multiple VLANs VLAN-tagged.

55 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
 Ethernet Switching Basics
 VLAN Basics
 VLAN Basic Configuration

4. Routing Basics

56 Huawei Confidential
Basic VLAN Configuration Commands

Create VLANs.

[Huawei] vlan vlan-id


Create a VLAN and enter the VLAN view, or enter the view of an existing VLAN.

The value of vlan-id is an integer that ranges from 1 to 4094.

[Huawei] vlan batch { vlan-id1 [ to vlan-id2 ] }

Create VLANs in a batch.


batch: creates VLANs in a batch.

vlan-id1: specifies the start VLAN ID.

vlan-id2: specifies the end VLAN ID.

57 Huawei Confidential
Basic Access Interface Configuration Commands

Set the interface type.

[Huawei-GigabitEthernet0/0/1] port link-type access


In the interface view, set the link type of the interface to access.


Configure the default VLAN of the access interface.

[Huawei-GigabitEthernet0/0/1] port default vlan vlan-id


In the interface view, configure the default VLAN of the interface and add the interface to the
VLAN.

vlan-id: specifies the default VLAN ID. The value is an integer that ranges from 1 to 4094.

58 Huawei Confidential
Basic Trunk Interface Configuration Commands

Set the interface type.
[Huawei-GigabitEthernet0/0/1] port link-type trunk


In the interface view, set the link type of the interface to trunk.


Add the trunk interface to specified VLANs.
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] } | all }


In the interface view, add the trunk interface to specified VLANs.


(Optional) Configure the default VLAN of the trunk interface.
[Huawei-GigabitEthernet0/0/1] port trunk pvid vlan vlan-id


In the interface view, configure the default VLAN of the trunk interface.

59 Huawei Confidential
Basic Hybrid Interface Configuration Commands

Set the interface type.
[Huawei-GigabitEthernet0/0/1] port link-type hybrid

In the interface view, set the link type of the interface to hybrid.

Add the hybrid interface to specified VLANs.
[Huawei-GigabitEthernet0/0/1] port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] } | all }

In the interface view, add the hybrid interface to specified VLANs. Frames that belong to these
VLANs then pass through the hybrid interface in untagged mode.
[Huawei-GigabitEthernet0/0/1] port hybrid tagged vlan { { vlan-id1 [ to vlan-id2 ] } | all }

In the interface view, add the hybrid interface to specified VLANs. Frames that belong to these
VLANs then pass through the hybrid interface in tagged mode.

(Optional) Configure the default VLAN of the hybrid interface.
[Huawei-GigabitEthernet0/0/1] port hybrid pvid vlan vlan-id

In the interface view, configure the default VLAN of the hybrid interface.
60 Huawei Confidential
Configuration Example: Configuring Interface-based VLAN
Assignment

Networking requirements

There are many users connected to an enterprise's switches. Currently, users of the same service access the
enterprise network through different switches. To ensure communication security, the enterprise requires that users
with the same service can directly communicate only with each other.

To meet this requirement, configure interface-based VLAN assignment on the switches and add interfaces connecting
users with the same service to the same VLAN. In this way, users in the same VLAN can directly communicate only
with each other at Layer 2.

SW1 GE0/0/3 GE0/0/3 SW2

PVID 1 PVID 1

GE0/0/1 GE0/0/2
GE0/0/2 GE0/0/1
PVID 10 PVID 20
PVID 20 PVID 10

Host Host Host Host

1
VLAN 2
VLAN 3
VLAN 4
VLAN
10 20 10 20
Access Trunk interface
interface
61 Huawei Confidential
Creating VLANs

SW1 SW2
GE0/0/3 GE0/0/3
PVID 1 PVID 1

GE0/0/1 GE0/0/2 GE0/0/1 GE0/0/2

Create VLANs: PVID 10 PVID 20 PVID 10 PVID 20

[SW1] vlan 10
[SW1-vlan10] quit
[SW1] vlan 20
[SW1-vlan20] quit Host 1 Host 2 Host 3 Host 4
VLAN 10 VLAN 20 VLAN 10 VLAN 20
[SW2] vlan batch 10 20

Access interface
Trunk interface

62 Huawei Confidential
Configuring Access and Trunk Interfaces
Configure access interfaces and add the interfaces
to corresponding VLANs.
[SW1] interface GigabitEthernet 0/0/1
SW1 SW2
[SW1-GigabitEthernet0/0/1] port link-type access GE0/0/3 GE0/0/3
PVID 1 PVID 1
[SW1-GigabitEthernet0/0/1] port default vlan 10
GE0/0/1 GE0/0/2 GE0/0/1 GE0/0/2
[SW1] interface GigabitEthernet 0/0/2 PVID 10 PVID 20 PVID 10 PVID 20
[SW1-GigabitEthernet0/0/2] port link-type access
[SW1] vlan 20
[SW1-vlan20] port GigabitEthernet0/0/2
[SW1-vlan20] quit

Configure a trunk interface and configure

Host 1 Host 2 Host 3 Host 4
allowed VLANs for the interface.
VLAN 10 VLAN 20 VLAN 10 VLAN 20
[SW1] interface GigabitEthernet 0/0/3
[SW1-GigabitEthernet0/0/3] port link-type trunk
[SW1-GigabitEthernet0/0/3] port trunk pvid vlan 1 Access interface
[SW1-GigabitEthernet0/0/3] port trunk allow-pass vlan Trunk interface
10 20 Note: The configuration on SW2 is similar to that on
SW1.
63 Huawei Confidential
Verifying the Configuration

[SW1]display vlan SW1 SW2

GE0/0/3 GE0/0/3
The total number of vlans is: 3 PVID 1 PVID 1
-------------------------------------------------------------------------------
U: Up; D: Down; TG: Tagged; UT: GE0/0/1 GE0/0/2 GE0/0/1 GE0/0/2
PVID 10 PVID 20 PVID 10 PVID 20
Untagged;
MP: Vlan-mapping; ST: Vlan-stacking;
#: ProtocolTransparent-vlan; *: Management-vlan;
-------------------------------------------------------------------------------
VID Type Ports
------------------------------------------------------------------------------- Host 1 Host 2 Host 3 Host 4
1 common UT:GE0/0/3(U) ... VLAN 10 VLAN 20 VLAN 10 VLAN 20
10 common UT:GE0/0/1(U)
TG:GE0/0/3(U)

Access interface
20 common UT:GE0/0/2(U)
Trunk interface
TG:GE0/0/3(U)

64 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
4. Routing Basics
 Basic Routing Principles
 Static and Default Routes

65 Huawei Confidential
Routes

Routes are the path information that is used to guide packet forwarding.

A routing device is one that forwards packets to a destination network segment based on routes. The
most common routing device is a router.

A routing device maintains an IP routing table that stores routing information.

Route-based packet forwarding path

Router R4

Data R1 R2 R3

N M

Gateway Gateway

Destination-based forwarding

66 Huawei Confidential
Routing Information

A route contains the following information:

Destination network: identifies a destination 1.1.1.2
10.1.1.0/24
network segment.

Mask: identifies a network segment together GE0/0/0
1.1.1.3
with a destination IP address.

Outbound interface: indicates the interface
through which a data packet is sent out of the
IP routing table
local router.
Outbound
Destination/Mask Next Hop
Interface

Next hop: indicates the next-hop address used
10.1.1.0/24 GE0/0/0 1.1.1.2
by the router to forward the data packet to the
destination network segment.

The information identifies the destination
network segment and specifies the path for
forwarding data packets.
67 Huawei Confidential
Routing Table
• A router discovers routes using Outboun
Destination/
multiple methods. Next Hop d
14.0.0.0/8 Mask
Interface
• A router selects the optimal route R4
11.0.0.0/8 2.2.2.2 GE0/0
and installs it in its IP routing 1.1.1.2/3
13.0.0.0/8 3.3.3.2 GE0/1
0
table. 14.0.0.0/8 1.1.1.2 GE0/2
GE0/2
• A router forwards IP packets based ...
1.1.1.1/3
on routes in the IP routing table. 0 1.1.1.0/30 1.1.1.1 GE0/2
GE0/0 GE0/1
2.2.2.1/3 3.3.3.1/3 1.1.1.1/32 127.0.0.1 GE0/2
• Routers manage path information R2
0 0
by managing their IP routing
2.2.2.2/3
tables. 3.3.3.2/3
0 0
R1 R3

11.0.0.0/8 13.0.0.0/8

68 Huawei Confidential
Checking the IP Routing Table

<Huawei> display ip routing-table

Route Flags: R - relay, D - download to fib
-----------------------------------------------------------------------------------------------
Routing Tables: Public
Destinations: 6 Routes: 6

Destination/Mask Proto Pre Cost Flags NextHop

Interface

1.1.1.1/32 Static 60 0 D 0.0.0.0 NULL0

2.2.2.2/32 Static 60 0 D 100.0.0.2
Vlanif100
100.0.0.0/24 Direct 0 0 D 100.0.0.1
Vlanif100
100.0.0.1/32 Direct 0 0 D 127.0.0.1
Vlanif100
127.0.0.0/8
Destination Direct
Protocol 0 0 FlagD Next-hop
127.0.0.1IP Outbound
InLoopBack0
network type address interface
127.0.0.1/32
address/Mask Direct Route
0 0Cost D 127.0.0.1
InLoopBack0 preference(metric)

69 Huawei Confidential
Route-based Forwarding Process
Destination/ Outbound
Next Hop
Mask Interface
Destinati 20.0.1.0/24 20.0.1.2 GE0/0
on IP
address: 30.0.1.0/24 30.0.1.1 GE0/1
40.0.1.2 10.0.1.0/24 20.0.1.1 GE0/0
40.0.1.0/24 30.0.1.2 GE0/1
R2's IP routing
Data table
Gateway Gatewa
GE0/1 GE0/0 20.0.1.0/24 GE0/0 GE0/1 GE0/0 y GE0/1 40.0.1.0/24
10.0.1.0/24 30.0.1.0/24
10.0.1.1 20.0.1.1 20.0.1. 30.0.1. 30.0.1. 40.0.1.
R1 2 R2 1 2 R3 1

R1's IP routing R3's IP routing

table table
Outbound Destination/Mask Next Hop Outbound Interface
Destination/Mask Next Hop
Interface
40.0.1.0/24 40.0.1.1 GE0/1
10.0.1.0/24 10.0.1.1 GE0/1
30.0.1.0/24 30.0.1.2 GE0/0
20.0.1.0/24 20.0.1.1 GE0/0
10.0.1.0/24 30.0.1.1 GE0/0
30.0.1.0/24 20.0.1.2 GE0/0
20.0.1.0/24 30.0.1.1 GE0/0
40.0.1.0/24 20.0.1.2 GE0/0

70 Huawei Confidential
 Contents

1. IP Address Basics
2. Introduction to Network Technologies
3. Switching Basics
4. Routing Basics
 Basic Routing Principles
 Static and Default Routes

71 Huawei Confidential
Introduction to Static Routes
• Static routes are manually configured by Static route
network administrators, have low system
requirements, and apply to simple, stable, and
small networks. Destined for
20.1.1.0/24 GE0/0/0 GE0/0/1
• However, static routes cannot automatically 10.0.0.2/24 20.1.1.3/2
4
adapt to network topology changes and so GE0/0/0 GE0/0/1
RTA 10.0.0.1/2 RT 20.1.1.2/ RT
require manual intervention. 4 24
B C
• Packets destined for 20.1.1.0/24 do not match
the direct route in RTA's IP routing table. In this Destinati
Sourc Next
case, a static route needs to be manually on
e Hop
configured so that the packets sent from RTA to Network

20.1.1.0/24 can be forwarded to the next hop 20.1.1.0 Static 10.0.0.2

10.0.0.2. 10.0.0.0 Direct 10.0.0.1

72 Huawei Confidential
Configuration Example

GE0/0/0 S1/0/0
10.0.0.2/24 20.1.1.3/24
Configure RTA.
GE0/0/0 S1/0/0
RTA 10.0.0.1/24 RTB 20.1.1.2/24 RTC [RTA] ip route-static 20.1.1.0 255.255.255.0
10.0.0.2
Destined for Destined for Configure RTC.
20.1.1.0/24 10.1.1.0/24
[RTC] ip route-static 10.0.0.0 255.255.255.0
S1/0/0


Configure static routes on RTA and RTC for communication between 10.0.0.0/24 and
20.1.1.0/24.

Packets are forwarded hop by hop. Therefore, all the routers along the path from the source
to the destination must have routes destined for the destination.

Data communication is bidirectional. Therefore, both forward and return routes must be
available.
73 Huawei Confidential
Default Route
• Default routes are used only when packets to be forwarded do not match any routing entry in
an IP routing table.

• In an IP routing table, a default route is the route to network 0.0.0.0 (with the mask 0.0.0.0),
namely, 0.0.0.0/0.
RTA needs to forward packets to a
network segment that is not directly
connected to it and forwards the packets
to 10.0.0.2.

192.168.1.0/24
RTA RTB 192.168.2.0/24
GE0/0/0 GE0/0/0
10.0.0.0/24 192.168.3.0/24
10.0.0.1 .
10.0.0.2 .
192.168.254.0/24

[RTA] ip route-static 0.0.0.0 0

10.0.0.2
74 Huawei Confidential
Application Scenarios of Default Routes

Default routes are typically used at the egress of an enterprise network. For
example, you can configure a default route on an egress device so that the device
forwards IP packets destined for any address on the Internet.

Enterprise
network
RTA
1.2.3.0/24 Internet
GE0/0/1 GE0/0/0 1.2.3.254
PC 192.168.1.254 1.2.3.4
192.168.1.100
Gateway: 192.168.1.254

[RTA] ip route-static 0.0.0.0 0

1.2.3.254

75 Huawei Confidential
 Summary


In this course, we have learned the composition of IP addresses,
subnetting, basic principles of network communication, and basic
operations and application scenarios of common network protocols.
In the following course, we will learn operating system basics. Stay
tuned.

76 Huawei Confidential
 Quiz

1. Which of the following are functions of firewalls?

A. Isolating networks of different security levels
B. Authenticating user identities
C. Implementing NAT
D. Performing route calculation
2. Default routes are typically used at the egress of an enterprise network. For
example, you can configure a default route on an egress device so that the device
forwards IP packets destined for any address on the Internet.
A. True
B. False

77 Huawei Confidential
Recommendations


Huawei Learning

https://e.huawei.com/en/talent/portal/#/

Huawei Support Knowledge Base

https://support.huawei.com/enterprise/en/knowledge?lang=en

78 Huawei Confidential
Acronyms and Abbreviations

ARP: Address Resolution Protocol

DNS: Domain Name Service

FTP: File Transfer Protocol

HTTP: Hypertext Transfer Protocol

ICMP: Internet Control Message Protocol

IGMP: Internet Group Management Protocol

IP: Internet Protocol

LAN: Local Area Network

TCP: Transmission Control Protocol

UDP: User Datagram Protocol

VLAN: Virtual Local Area Network

VLSM: Variable Length Subnet Mask

79 Huawei Confidential
Thank you. 把数字世界带入每个人、每个家庭、
每个组织，构建万物互联的智能世界。
Bring digital to every person, home, and
organization for a fully connected,
intelligent world.

Copyright©2022 Huawei Technologies Co., Ltd.

All Rights Reserved.

The information in this document may contain predictive

statements including, without limitation, statements regarding
the future financial and operating results, future product
portfolio, new technology, etc. There are a number of factors that
could cause actual results and developments to differ materially
from those expressed or implied in the predictive statements.
Therefore, such information is provided for reference purpose
only and constitutes neither an offer nor an acceptance. Huawei
may change the information at any time without notice.