3.6. Configuring VLAN

Overview

Function Introduction

VLAN (Virtual Local Area Network) is a switched network that is logically segmented the network into different broadcast domain so that packets are only switched between ports that are designated for the same VLAN. Each VLAN is considered as a logical network, and packets send to stations that do not belong to the same VLAN must be forwarded through a router.

Reference to standard: IEEE 802.1Q

Principle Description

Following is a brief description of terms and concepts used to describe the VLAN:

  • VID: VLAN identifier

  • LAN: Local Area Network

  • VLAN: Virtual LAN

  • PVID: Port VID, the untagged or priority-tagged frames will be assigned with this VID

Tagged Frame: Tagged Frame is inserted with 4 Bytes VLAN Tag, show in the picture below:

image

Trunk Link: Both tagged and untagged frames can be transmitted on this link. Trunk link allow for multiple VLANs to cross this link, show in the picture below:

image

Fig. 3.6 Trunk link

Access Link: Only untagged frames can be transmitted on this link. Access link is at the edge of the network, where end stations attach, show in the picture below:

image

Fig. 3.7 Access link

Configuration

Configuring Access Port

image

Fig. 3.8 Access link

Access port only receives untagged or priority-tagged frames, and transmits untagged frames.

step 1 Enter the configure mode

Switch# configure terminal

step 2 Enter the vlan configure mode and create vlan

Switch(config)# vlan database
Switch(config-vlan)# vlan 2
Switch(config-vlan)# exit

step 3 Enter the interface configure mode, set the switch port mode and bind to the vlan

Switch(config)# interface eth-0-1
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 2

step 4 Exit the configure mode

Switch(config-if)# end

step 5 Validation

Use the following command to display the information of the switch port interface:

Switch# show interface switchport interface eth-0-1
Interface name : eth-0-1
Switchport mode : access
Ingress filter : enable
Acceptable frame types : vlan-untagged only
Default Vlan : 2
Configured Vlans : 2

Use the following command to display the vlan brief information:

Switch# show vlan brief
VLAN ID Name State STP ID Member ports
(u)-Untagged, (t)-Tagged
======= ================ ======= ======= ========================
1 default ACTIVE 0 eth-0-2(u) eth-0-3(u)
eth-0-4(u) eth-0-5(u)
eth-0-6(u) eth-0-7(u)
eth-0-8(u) eth-0-9(u)
eth-0-10(u) eth-0-11(u)
eth-0-12(u) eth-0-13(u)
eth-0-14(u) eth-0-15(u)
eth-0-16(u) eth-0-17(u)
eth-0-18(u) eth-0-19(u)
eth-0-20(u) eth-0-21(u)
eth-0-22(u) eth-0-23(u)
2 VLAN0002 ACTIVE 0 eth-0-1(u)

Configuring Trunk Port

Trunk port receives tagged, untagged, and priority-tagged frames, and transmits both untagged and tagged frames. If trunk port receives an untagged frame, this frame will be assigned to the VLAN of the trunk port’s PVID; if a frame send out from the trunk port and the frame’s VID is equal to the trunk port’s PVID, this frame will be send out without VLAN tag.

image

Fig. 3.9 Trunk link

Network topology is shown in the picture above. The following configuration steps are same for Switch1 and Switch2.

step 1 Enter the configure mode

Switch# configure terminal

step 2 Enter the vlan configure mode and create vlan

Switch(config)# vlan database
Switch(config-vlan)# vlan 10,20
Switch(config-vlan)# exit

step 3 Enter the interface configure mode, set the switch port mode and bind to the vlan

Set eth-0-1’s switch port mode as trunk, set native vlan as 10, and allow all VLANs on this interface:

Switch(config)# interface eth-0-1
Switch(config-if)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan all
Switch(config-if)# switchport trunk native vlan 10
Switch(config-if)# exit

Set eth-0-2’s switch port mode as access, and bind to vlan 10:

Switch(config)# interface eth-0-2
Switch(config-if)# switchport mode access
Switch(config-if)# switchport access vlan 10
Switch(config-if)# exit

step 4 Exit the configure mode

Switch(config-if)# end

step 5 Validation

Use the following command to display the information of the switch port interface:

Switch# show interface switchport
Interface name : eth-0-1
Switchport mode : trunk
Ingress filter : enable
Acceptable frame types : all
Default Vlan : 10
Configured Vlans : 1 10 20
Interface name : eth-0-2
Switchport mode : access
Ingress filter : enable
Acceptable frame types : vlan-untagged only
Default Vlan : 10
Configured Vlans : 10

Use the following command to display the vlan brief information:

Switch# show vlan brief
VLAN ID Name State STP ID Member ports
(u)-Untagged, (t)-Tagged
========================================
1 default ACTIVE 0 eth-0-1(t) eth-0-3(u)
eth-0-4(u) eth-0-5(u)
eth-0-6(u) eth-0-7(u)
eth-0-8(u) eth-0-9(u)
eth-0-10(u) eth-0-11(u)
eth-0-12(u) eth-0-13(u)
eth-0-14(u) eth-0-15(u)
eth-0-16(u) eth-0-17(u)
eth-0-18(u) eth-0-19(u)
eth-0-20(u) eth-0-21(u)
eth-0-22(u) eth-0-23(u)
10 VLAN0010 ACTIVE 0 eth-0-1(t) eth-0-2(u)
20 VLAN0020 ACTIVE 0 eth-0-1(t)

Application cases

N/A