Онлайн-демонстрация
Связаться с нами
3.8. Configuring VLAN Classification
Overview
Function Introduction
VLAN classification is used to define specific rules for directing packets to selected VLANs based on protocol or subnet criteria. Sets of rules can be grouped (one group per interface).
VLAN classification rules have 3 types: mac based, ip based and protocol based. MAC based vlan classification rule will classify packets to specified VLAN according to the source MAC address of incoming packets; IP based vlan classification rule will classify packets according to the source IP address of incoming packets; And protocol based vlan classification rule will classify packets according to the layer3 type of incoming packets. The following layer3 types can be supported: ARP, IP(v4), MPLS, Mcast MPLS, PPPoE, RARP.
Different types of vlan classification rules can be added to same vlan classification group. VLAN classification group can only be applied on switchport. Only one type of vlan classification rules can take effect on one switchport.
Principle Description
N/A
Configuration
In this configuration example, three VLAN classifier rules are created:
Rule 1 is mac based rule, it will classify the packets with MACSA 2222.2222.2222 to vlan 5;
Rule 2 is ip based rule, it will classify the packets sourced from IP adress 1.1.1.1/24 to vlan 5;
Rule 3 is protocol based rule, it will classify all arp packets to vlan 5.
Add rule 1, rule2, rule3 to group 31. Then apply group 31 to 3 interfaces: eth-0-1, eth-0-2, eth-0-3. These 3 interfaces have different vlan classification type. eth-0-1 is configured to ip based vlan class, this means only ip based rules can take effect on this interface. eth-0-2 is configured to mac based vlan class, this means only mac based rules can take effect on this interface. eth-0-3 is configured to protocol based vlan class, this means only protocol based rules can take effect on this interface.
step 1 Enter the configure mode
Switch# configure terminal
step 2 Enter the vlan configure mode and create vlan
Switch(config)# vlan database
Switch(config-vlan)# vlan 5
Switch(config-vlan)# vlan 6
Switch(config-vlan)# exit
step 3 Create vlan classifier rule and add the rules to the group
Switch(config)# vlan classifier rule 1 mac 2222.2222.2222 vlan 5
Switch(config)# vlan classifier rule 2 ip 1.1.1.1 vlan 5
Switch(config)# vlan classifier rule 3 protocol arp vlan 5
Switch(config)# vlan classifier group 31 add rule 1
Switch(config)# vlan classifier group 31 add rule 2
Switch(config)# vlan classifier group 31 add rule 3
Switch(config)# arp as-layer-3 enable
step 4 Apply the vlan classifier group on the interface
interface eth-0-1:
Switch(config)# interface eth-0-1
Switch(config-if)# switchport access vlan 6
Switch(config-if)# switchport access allowed vlan add 5
Switch(config-if)# vlan classifier activate 31 based ip
Switch(config-if)# exit
interface eth-0-2:
Switch(config)# interface eth-0-2
Switch(config-if)# switchport access vlan 6
Switch(config-if)# switchport access allowed vlan add 5
Switch(config-if)# vlan classifier activate 31 based mac
Switch(config-if)# exit
interface eth-0-3:
Switch(config)# interface eth-0-3
Switch(config-if)# switchport access vlan 6
Switch(config-if)# switchport access allowed vlan add 5
Switch(config-if)# vlan classifier activate 31 based protocol
Switch(config-if)# exit
interface eth-0-6:
Switch(config)# interface eth-0-6
Switch(config)# switchport mode trunk
Switch(config-if)# switchport trunk allowed vlan add 5
Switch(config-if)# exit
step 5 Exit the configure mode
Switch(config)# end
step 6 Validation
Verify the VLAN classifier rules:
Switch# show vlan classifier rule
vlan classifier rule 1 mac 2222.2222.2222 vlan 5
vlan classifier rule 2 ip 1.1.1.1 vlan 5
vlan classifier rule 3 protocol arp vlan 5
Verify the VLAN classifier group:
Switch# show vlan classifier group
vlan classifier group 31 add rule 1
vlan classifier group 31 add rule 2
vlan classifier group 31 add rule 3
Verify the VLAN classifier interface:
Switch# show vlan classifier interface grou
vlan classifier group 31 on interface eth-0-2, based mac
vlan classifier group 31 on interface eth-0-1, based ip
vlan classifier group 31 on interface eth-0-3, based protocol
Application cases
N/A