VLAN Configuration
Table of Contents
Table of Contents
Chapter 1 VLAN Configuration........................................................................................................... 1
1.1 VLAN Introduction................................................................................................................. 1
1.2 VLAN Configuration Task List............................................................................................... 1
1.3 VLAN Configuration Task ..................................................................................................... 2
1.3.1 Adding/Deleting VLAN................................................................................................ 2
1.3.2 Configuring Switch Port.............................................................................................. 2
1.3.3 Creating/Deleting VLAN Interface .............................................................................. 3
1.3.4 Configuring Super VLAN Interface............................................................................. 3
1.3.5 Monitoring Configuration and State of VLAN ............................................................. 4
1.4 Configuration Examples........................................................................................................ 4
-I-
VLAN Configuration
Chapter 1 VLAN Configuration
1.1
VLAN Introduction
Virtual LAN (VLAN) refers to a group of logically networked devices on one or
more LANs that are configured so that they can communicate as if they were
attached to the same wire, when in fact they are located on a number of different
LAN segments. In 1999 IEEE established IEEE 802.1Q Protocol Standard Draft
used to standardize VLAN realization project. Because VLANs are based on
logical instead of physical connections, it is very flexible for user/host
management, bandwidth allocation and resource optimization.
There are the following types of Virtual LANs:
z
Port-Based VLAN: each physical switch port is configured with an access
list specifying membership in a set of VLANs.
z
802.1Q trunk mode is supported on the interface.
z
Access mode interface is supported.
Port-Based Vlan is to ascribe port to one subset of vlan that the switch
supports. If this vlan subset has only one vlan, then this port is access port.
If this vlan subset has multiple vlan, then this port is trunk port. There is one
default vlan among the multiple vlan, and the vlan id is the port vlan id
(PVID).
z
Vlan-allowed range is supported on the interface.
Vlan-allowed parameter is used to control vlan range that the port belongs.
Vlan-untagged parameter is used to configure port to send packets without vlan
tag to the corresponding vlan.
1.2
VLAN Configuration Task List
z
Adding/Deleting VLAN
z
Configuring switch port
z
Creating/Deleting VLAN interface
z
Configuring superVLAN interface
z
Monitoring configuration and state of VLAN
-1-
VLAN Configuration
1.3
VLAN Configuration Task
1.3.1
Adding/Deleting VLAN
A virtual LAN, commonly known as a VLAN, is a group of hosts with a common
set of requirements that communicate as if they were attached to the same wire,
regardless of their physical location. A VLAN has the same attributes as a
physical LAN, but it allows for end stations to be grouped together even if they are
not located on the same LAN segment. A VLAN may have multiple ports and all
unicast, multicast and broadcast message can only be forwarded from the same
VLAN to the terminal. Each VLAN is a logistical network. If the data wants to
reach another VLAN, it must be forwarded by router or bridge.
Run the following command to configure VLAN
Run…
To…
vlan vlan-id
Enter the VLAN configuration mode.
name str
Name in the vlan configuration mode.
Exit
Exit vlan configuration mode, and establish vlan.
vlan vlan-range
Establish multiple VLANs at the same time.
no vlan vlan-id | vlan-range
Delete one or multiple VLANs.
Vlan can perform dynamic addtion and deletion via vlan management protocol
GVRP.
1.3.2
Configuring Switch Port
The switch port supports the following modes: access mode, trunk mode and
dot1q-tunnel mode.
z
The access mode indicates that this port is only subordinate to one vlan
and only sends and receives untagged ethernet frame.
z
The trunk mode indicates that this port is connected to other switches and
can send and receive tagged ethernet frame.
z
The dot1q-tunnel mode takes uncontionally the received packets as the
ones without tag. The switch chip automatically adds pvid of the port as the
new tag, therefore allowing switch to ignore the different vlan partitions that
connected to the network. Then the packet will be delivered unchangedly to
the other port in the other subnetwork of the same customer. The
transparent transmission is realized in this way.
Each port has one default vlan and pvid,and all the data without vlan tag received
on the port belong to the data packets of the vlan.
Trunk mode can ascribe port to multiple vlan and also can configure which kind of
packet to forward and the number of vlan that belongs, that is, the packet sent on
the port is tagged or untagged, and the vlan list that the port belongs.
Run the following command to configure the switch port:
Run…
To…
-2-
VLAN Configuration
switchport pvid vlan-id
Configure pvid of switch port.
switchport mode access|trunk|dot1q-tunnel
Configure port mode of the switch.
switchport trunk vlan-allowed …
Configure vlan-allowed range of switch port.
switchport trunk vlan-untagged …
Configure vlan-untagged range of switch
port.
Note: Not all switches support dot1q-tunnel feature. Some switches only support
globally enabling/disabling this feature, and cannot configure different strategies
for different ports.
The command to globally enable dot1q-tunnel is as follows:
Command
Description
double-tagging
Globally enables double-tagging feature of
the switch.
The capability for switches of various models to support dot1q-tunnel is shown as
follows:
Model
Capability to suppor dot1q-tunnel
2116 / 2224 / 2224M / 2226 / 2448B / 3224 /
3224M / 3424 / 6508
Not support
2224D
Global
2448 / 2516 / 2524 / 3448 / 3512
Interface
For those models not listed in the table or the latest models, please consult our
technicians or download the latest instructions from our website.
1.3.3
Creating/Deleting VLAN Interface
Vlan interface can be established to realize network management or layer 3
routing feature. The vlan interface can be used to specify ip address and mask.
Run the following command to configure vlan interface:
Run…
To…
[no] interface vlan vlan-id
1.3.4
Create/Delete a VLAN interface.
Configuring Super VLAN Interface
The Super VLAN technology provides a mechanism: Hosts in different VLANs that
run the same switch can be allocated in the same Ipv4 subnet; lots of IP
addresses are, therefore, saved. The Super VLAN technology classifies different
VLANs into a group. The VLANs in this group uses the same management
interface. Hosts in the group use the same IPv4 network section and gateway.
VLAN belonging to Super VLAN is called as SubVLAN. No SubVLAN can
possess the management interface by configuring IP address.
You can configure a Super VLAN interface through the command line. The
procedure of configuring a Super VLAN interface is shown as follows:
Command
[no]
interface
Description
Enters the interface configuration mode . If the specified Super VLAN
-3-
VLAN Configuration
supervlan index
interface does not exists, the system will create a Super VLAN interface.
index is the index of Super VLAN interface. Its effective value ranges from 1
to 32.
no means deleting Super VLAN interface.
[no] subvlan [setstr]
[add addstr] [remove
remstr]
Configures SubVlan in Super VLAN. The added Sub VLAN cannot possess
the management interface. In original state, Super VLAN does not include
Sub VLAN. Only one sub command can be used every time.
setstr means to set the Sub VLAN list. For example, List 2,4-6 indicate
VLAN 2, 4, 5 and 6.
add means to add VLAN list in the original SubVLAN list. addstr means the
character string whose format is the same as the above.
remove means to delete VLAN list in the original SubVLAN list. remstr is the
list’s character string whose format is the same as the above.
no means to delete all SubVLANs in SuperVLAN. The no command cannot
be used with other sub commands.
After you configure the Super VLAN interface, you can configure the IP address
for the Super VLAN interface. The Super VLAN interface is also a routing port,
which can be configured as other ports are.
1.3.5
Monitoring Configuration and State of VLAN
Run the following commands in EXEC mode to monitor configuration and state of
VLAN:
Run…
1.4
To…
show vlan [ id x | interface intf ]
Display configuration and state of VLAN.
show interface {vlan | supervlan} x
Display the states of vlan/supervlan ports.
Configuration Examples
Users PC1~PC6 connect the switch through ports 1~6. The IP addresses of these
PCs belong to the network section 192.168.1.0/24. Though group PC1~PC3 and
group PC4~PC6 are located at different layer-2 broadcast domains, PC1~PC6
can ping each other and manage the switch through the IP address
192.168.1.100. To do this, you need to configure port 1~3 to VLAN1 and port 4~6
to VLAN. Then you need to add VLAN 1 and 2 to a SuperVlan as its SubVLANs.
You need to perform the following configuration on the switch:
-4-
VLAN Configuration
interface fastethernet 0/4
switchport pvid 2
!
interface fastethernet 0/5
switchport pvid 2
!
interface fastethernet 0/6
switchport pvid 2
!
interface supervlan 1
subvlan 1,2
ip address 192.168.1.100 255.255.255.0
ip proxy-arp subvlan
!
-5-
Download PDF