chapter 20 vlan configuration

Maipu Confidential & Proprietary Information of 17

VLAN Configuration

Maipu Communication Technology Co., Ltd No. 16, Jiuxing Avenue Hi-tech Park Chengdu, Sichuan Province People’s Republic of China - 610041 Tel: (86) 28-85148850, 85148041 Fax: (86) 28-85148948, 85148139 URL: http:// www.maipu.com Email: [email protected]

http://www.maipu.com/

mailto:[email protected]

VLAN Configuration


All rights reserved. Printed in the People’s Republic of China. No part of this document may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into any language or computer language, in any form or by any means, electronic, mechanical, magnetic, optical, chemical, manual or otherwise without the prior written consent of Maipu Communication Technology Co., Ltd. Maipu makes no representations or warranties with respect to this document contents and specifically disclaims any implied warranties of merchantability or fitness for any specific purpose. Further, Maipu reserves the right to revise this document and to make changes from time to time in its content without being obligated to notify any person of such revisions or changes. Maipu values and appreciates comments you may have concerning our products or this document. Please address comments to: Maipu Communication Technology Co., Ltd No. 16, Jiuxing Avenue Hi-tech Park Chengdu, Sichuan Province People’s Republic of China - 610041 Tel: (86) 28-85148850, 85148041 Fax: (86) 28-85148948, 85148139 URL: http:// www.maipu.com Email: [email protected] All other products or services mentioned herein may be registered trademarks, trademarks, or service marks of their respective manufacturers, companies, or organizations.

http://www.maipu.com/


VLAN Configuration


Maipu Feedback Form Your opinion helps us improve the quality of our product documentation

and offer better services. Please fax your comments and suggestions to

(86) 28-85148948, 85148139 or email to [email protected].

Document Title

VLAN CONFIGURATION

Product Version

Document Revision Number

1.0

Evaluate this document

Presentation:

(Introductions, procedures, illustrations, completeness, arrangement, appearance)

Good Fair Average Poor

Accessibility:

(Contents, index, headings, numbering)


Editorial:

(Language, vocabulary, readability, clarity, technical accuracy, content)


Your suggestions to improve the document

Please check suggestions to improve this document:

Improve introduction Make more concise

Improve Contents Add more step-by-step procedures/tutorials

Improve arrangement Add more technical information

Include images Make it less technical

Add more detail Improve index

If you wish to be contacted, complete the following:

Name Company

Postcode Address

Telephone E-mail


VLAN Configuration


Contents

Configure VLAN ......................................................................................... 5

Introduction to VLAN ............................................................................................... 5

Configure Port-based VLAN ................................................................................................... 6

MAC-Based VLAN ................................................................................................... 7

IP-Subnet-Based VLAN ........................................................................................... 7

Basic Commands .................................................................................................... 7

Application Instances ............................................................................................ 14

Port-based VLAN Instance ................................................................................................... 14

MAC-Based VLAN Instance .................................................................................................. 15

Debugging & Monitoring ........................................................................................ 16

Monitoring Commands ........................................................................................................ 16

Monitoring Command Instance ............................................................................................ 16

VLAN Configuration


Configure VLAN

This chapter mainly describes the VLAN function and the configuration of

the router switching port.

The contents are as follows:

Introduction to VLAN function

Application instance

Debugging and monitoring

Introduction to VLAN Virtual Local Area Network (VLAN) is to divide physical networks into

logical networks. Dividing VLAN is not restricted by the physical location.

The hosts of different physical locations can belong to one VLAN. VLAN

restricts the broadcast domain. L2 unicast, broadcast and multicast frames

can be forwarded and diffused only in the VLAN and cannot enter into

other VLANs directly. The L2 packets of different VLANs are separated with

each other, that is, the users of different VLANs cannot communicate with

each other directly.

VLAN supports IEEE801.Q standard. The value range of VLAN ID is 1-4094.

VLAN 1 is the default value and cannot be deleted.

1. Different VLAN types support different VLAN division modes. RM1800-

31-AC, RM1800-31W-AC, and RM1800-31W-DC48 support Port-based

VLAN and MAC-address-based VLAN. The other RM1800 models only

support port-based VLAN.

VLAN Configuration


Configure Port-based VLAN Port-based VLAN is to take a port as a member of the VLAN and add it into

the VLAN. The port can forward packets of the VLAN to which the port

belongs.

Mode Types of Ports Port modes are divided into three types according to different processing

modes for Tag labels of packets when the port transmits packets.

1. Access Type

The port can belong to only one VLAN, and the default VLAN ID of the port

is the same as the VLAN ID to which it belongs. The port usually connects

with user devices. The default type of a port is the Access type.

2. Trunk Type

The port permits multiple VLANs to pass, and it can receive or send

multiple VLAN packets. Only the packets of the default VLAN can be sent

without Tag labels. The port is usually used to inter-connect network

devices.

3. Hybrid Type

The port can be added into multiple VLANs, and it can receive or send

multiple VLAN packets. The packets of multiple VLANs can be sent without

Tag label. The port also can be used to connect user devices or inter-

connect network devices

Defaul t VLAN of Ports According to the default VLAN of the port, assign the packets without Tag

label received by the port to the default VLAN. The default VLAN of the

port is 1. Users can configure the default VLAN of the port as desired.

The default VLAN of the Access port is the one it belongs to, and

cannot be configured.

The Trunk port and the Hybrid port can belong to multiple VLANs, and

their default VLANs can be configured.

VLAN Configuration


MAC-Based VLAN The MAC-based VLAN is to assign the VLAN ID to packets according to the

source MAC addresses of the packets received by ports. RM1800-31-AC,

RM1800-31W-AC, and RM1800-31W-DC48 support MACVLAN function.

After configuring and enabling the MACVLAN rule, the packets received by

ports are processed as follows.

1. If the source MAC and the MAC address of MAC-based VLAN are

consistent, and the ingress port of the packets is allocated to the VLAN

of the corresponding VLAN ID, the packet is allocated to the VLAN ID

corresponding to the MAC VLAN.

2. If the packet doesn’t match the MAC configured by the MAC VLAN, the

packet is assigned to the default VLAN ID of the port.

IP-Subnet-Based VLAN IP-subnet-based VLAN is to assign VLAN IDs to packets according to the

source IP addresses of the Untagged packets received by ports

The packets received by ports are processed as follows:

1. If the source IP address is in the network segment of IP subnet-based

VLAN, and the In port of the packets is allocated to the VLAN of the

corresponding VLAN ID, the packet is allocated to the VLAN ID

corresponding to the network segment.

2. If the packet doesn’t match the network segment configured by the IP

subnet VLAN, the packet is assigned to the default VLAN ID of the port.

Basic Commands Command Description Config Mode

vlan vlanId Create VLAN config

config-vlanxx

description description Configure description information

of VLAN config-vlanxx

port accept frame-type {all | tag }

Configure the receivable frames of the port

config-port-xxx

config-link-aggregation-

x

VLAN Configuration


port mode {access | trunk | hybrid}

*Configure port mode

config-port-xxx


x

port access vlan vlanId *Configure Access port to be added to VLAN

config-port-xxx


x

port trunk allowed vlan { vlanlist|all }

*Configure Trunk port allow VLAN to pass

config-port-xxx


x

port hybrid {tagged | untagged} vlan vlanlist

*Configure Hybrid port to be added to VLAN

config-port-xxx


x

port trunk pvid vlan vlanId *Configure the default VLAN of Trunk port

config-port-xxx


x

port hybrid pvid vlan vlanId *Configure the default VLAN of Hybrid port

config-port-xxx


x

vlan dot1q tag pvid *Configure the default VLAN packets of Trunk port are sent with Tag

config-port-xxx


x

mac-vlan mac-address

mac-address vlan vlanId *Configure MAC VLAN items config

mac-vlan enable *Configure MAC VLAN is enabled on the port

config-port-xxx


x

Note

The * symbol before the command description means that there is

configuration instance to describe the command.

vlan

This command is used to create the corresponding VLAN of the vlanid. The

no format of the command is used to delete the VLAN.

vlan vlanId

no vlan vlanlist Syntax Description

vlanId The value range of vlanid is 1-4094.

Vlanlist The value range is 2-4094. It can be "x1-x2", "x1,

x2, x3…" or the combination.

Default status: VLAN 1, which is created automatically by the system

Note

1. VLAN 1 is the default value of the system and cannot be deleted.

VLAN Configuration


2. When other function depends on one VLAN, the VLAN cannot be

deleted and the system provides prompt information, such as Vlan

2 is being used by other module.

Caution

After one VLAN is deleted, the relation between the port and the VLAN in

the port-based VLAN is deleted.

description

This command is sued to add the description information of the VLAN. The

no format of the command is used to delete the description information

and recover it to the default value.

description description

no description

Syntax Description

description The VLAN description information, with a length

of up to 32 bytes printable character string

Default status: The default description information of VLAN 1 is DEFAULT

and the description information of other VLANs is vlanId.

port accept frame-type {all | tag }

This command is used to configure the receivable frames of the port. The

frames that do not meet the requirements are discarded.

Syntax Description

all The port receives all Tag packets and Untag

packets.

tag The port only receives the Tag frames and the

Untag frames are not forwarded and are

discarded.

Default status: By default, the port receives all frames, that is, all Tag

packets and Untag packets.

port mode {access | trunk | hybrid}

This command is used to configure the port type.

Syntax Description

access The port type is Access.

trunk The port type is Trunk.

hybrid The port type is Hybrid.

VLAN Configuration


Default status: The default type of the port is Access.

Note

1. The port type cannot switch from Hybrid to Trunk directly. It should

first switch to Access and then to Trunk.

2. The port type cannot switch from Trunk to Hybrid directly. It should

first switch to Access and then to Hybrid.

3. After the port type is switched, the original VLAN configuration of the

port is deleted and VLAN configuration of the port recovers to the

default value of the new port type.

port access vlan

This command is used to add Access port to VLAN. The no format of the

command is used to add the port to the default VLAN 1.

port access vlan vlanId

no port access vlan

Syntax Description

vlanId The value range of VLAN ID is 1-4094.

Default status: By default, the port is added to VLAN 1.

Note

1. The configuration command must be consistent with the port type.

Otherwise, the system prompts error information, such as “port 0/1

current mode is not access”.

2. When the Access port is added to VLAN and if the VLAN does not exist,

the VLAN is created automatically.

3. Because of the switch chip limitation, RM1800-21-AC, RM1800-22-AC,

and RM1800-23-AC only support 16 VLANs. Therefore, it is not

permitted to add the ports on the devices to some VLANs and the

system prompts error. If one vlan m already has ports or is permitted

by trunk port, vlan m±16×n (n is an integer) cannot configure adding

ports any more. The limitation is also suitable for the binding of the

VLAN and the virtual interacting interface. Here, if m is 1, only VLAN1

can be used.

Caution

When the VLAN to which the Access port is added is deleted, the port exits

from the deleted VLAN and is added to the default VLAN 1.

port trunk allowed vlan

VLAN Configuration


This command is used to configure the Trunk port to allow VLAN. The no

format of the command is used to delete the VLAN configuration allowed

by the Trunk port.

port trunk allowed vlan { vlanlist }

no port trunk allowed vlan { vlanlist } Syntax Description

vlanlist Set the allowed VLAN. The format of vlanlist is a

single vlanId, or vlanId1-vlanId2, ，

vlanId1,vlanId2,…vlanIdn, the value range of vlanId

is 1-4094.

Default status: By default, VLAN 1 is allowed to pass.

Note


Otherwise, the system prompts error information, such as port 0/1

current mode is not trunk.

2. The port type cannot switch from Hybrid to Trunk directly. It should

first switch to Access and then to Trunk.








can be used.

Caution

When Trunk port is configured to allow VLAN to pass:

1. If VLAN exists, the port is added to the VLAN;

2. If VLAN does not exist, the VLAN is not created automatically and the

port is not added to VLAN; after the allowed VLAN is created, the port

is automatically added to the VLAN.

port hybrid {tagged|untagged} vlan

This command is used to configure Hybrid port to be added to VLAN and

select the mode of being added to the LAN (Tag/Untag). The no format of

the command is used to make the port exit the VLAN and select to mode

of exiting the corresponding VLAN.

port hybrid {tagged|untagged} vlan vlanlist

no port hybrid {tagged|untagged} vlan vlanlist Syntax Description

VLAN Configuration


Vlanlist The format of vlanlist is a single vlanId, or vlanId1-

vlanId2, vlanId1,vlanId2,…vlanIdn. The value range

of vlanId is 1-4094.

tagged The port is added to VLAN in Tag mode and

becomes the Tag member of the VLAN.

untagged The port is added to VLAN in Untag mode and

becomes the Untag member of the VLAN.

Default status: By default, the port is added to VLAN 1 in Untag mode.

Note


Otherwise, the system prompts error information, such as port 0/1

current mode is not hybrid.

2. The port type cannot switch from Trunk to Hybrid directly. It should

first switch to Access and then to Hybrid.

3. When Hybrid port is added to VLAN and if the VLAN does not exist, the

VLAN is automatically created.








can be used.

port trunk pvid vlan

This command is used to configure the default VLAN (pvid) of Trunk port.

The no format of the command is used to delete the configured default

VLAN (pvid) of the port and the default VLAN of the port recovers to 1.

port trunk pvid vlan vlanId

no port trunk pvid vlan

Syntax Description


Default status: The default VLAN (pvid) of the port is 1.

Note

The configuration mode must be consistent with the port type. Otherwise,

the system prompts error information, such as port 0/1 current mode is

not trunk.

port hybrid pvid vlan vlanId

VLAN Configuration


This command is used to configure the default VLAN (pvid) of Hybrid port.

The no format of the command is used to delete the configured default

VLAN (pvid) of the port and the default VLAN of the port recovers to 1.

port hybrid pvid vlan vlanId

no port hybrid pvid vlan

Syntax Description


Default status: The default VLAN (pvid) of the port is 1.

Note

The configuration mode must be consistent with the port type. Otherwise,

the system prompts error information, such as port 0/1 current mode is

not hybrid.

vlan dot1q tag pvid

This command is used to configure the default VLAN packets of the Trunk

port to be sent with Tag. The no format of the command is used to delete

the port configuration and recover the default configuration, that is, the

default VLAN packets of Trunk port are sent without Tag.

vlan dot1q tag pvid

no vlan dot1q tag pvid

Default status: The port does not have vlan dot1q tag pvid configuration.

Note

The configuration command must be consistent with the port type.

Otherwise, the system prompts error information, such as port 0/1 current

mode is not trunk.

mac-vlan mac-address

This command is used to configure MAC VLAN items globally and distribute

the corresponding VLAN ID as per the MAC address. The no format of the

command is used to delete the MAC VLAN items.

mac-vlan mac-address mac-address vlan vlanId [pri priId]

no mac-vlan mac-address mac-address vlan

Syntax Description

mac-address MAC address

vlanId Distribute corresponding VLAN ID as per the MAC

address; the value range of VLAN ID is 1-4094.

Default status: By default, there are no MAC VLAN items.

Note

VLAN Configuration


1. MAC address cannot be broadcast address or multicast address. If the

illegal MAC address is input, the system prompts error information.

2. MAC VLAN items are valid globally, that is, valid for the whole device.

3. Only RM1800-31-AC, RM1800-31W-AC, and RM1800-31W-DC48

support MACVLAN function.

mac-vlan enable

This command is used to enable MAC VLAN function on the port. The no

format of the command is used to disable the MAC VLAN function of the

port.

mac-vlan enable

no mac-vlan enable

Default status: By default, MAC VLAN function is disabled on the port.

Note

MAC VLAN can take effect only when the MAC VLAN function is enabled on

the port and there are MAC VLAN items.

Application Instances

Port-based VLAN Instance Instance of Configuring VLAN of Access Port

Command Description

router#configure terminal Users enter the global configuration mode from the privilege user mode .

router(config)#port 0/1 Enter port 0/1 configuration status

router(config-port-0/1)#port mode access Configure the type of a port as

Access

(The default type is Access)

router(config-port-0/1)#port access vlan 10 Add the port into VLAN 10.

Instance of Configuring VLAN of a Trunk Port

Command Description

router#configure terminal Users enter the global configuration mode from the

VLAN Configuration


privilege user mode


router(config-port-0/1)#port mode trunk Configure the type of the port as Trunk

router(config-port-0/1)#port trunk allowed vlan

10-20

The port permits VLAN 10–20 to pass

router(config-port-0/1)#port trunk pvid vlan 30 Configure the default VLAN of the port

router(config-port-0/1)#vlan dot1q tag pvid Configure the default VLAN packets of a Trunk port to be sent with Tag

Instance of Configuring VLAN of Hyrbid Port

Command Description

router#configure terminal Users enter the global configuration mode from the privilege user mode


router(config-port-0/1)#port mode hybrid Configure the type of the port as Hybrid.

router(config-port-0/1)# port hybrid untagged vlan 10 The port is added to VLAN 10. The VLAN packets are sent without tag

router(config-port-0/1)#port hybrid tagged vlan 30 The port is added to VLAN30. The

VLAN packets are sent with tag.

MAC-Based VLAN Instance Command Description

router#configure terminal Users enter the global configuration mode from the privilege user mode

router(config)# mac-vlan mac-address 1.1.1 vlan 10 Configure the items in the MAC VLAN table; to assign the Untagged of the corresponding MAC into the VLAN.


router(config-port-0/1)# mac-vlan enable Configure the port to enable the MAC VLAN function

VLAN Configuration


Debugging & Monitoring

Monitoring Commands Command Description

show vlan [vlanId] To view port-based VLAN information

show mac-vlan To view the information about the MAC VLAN

items

Monitoring Command Instance router#show vlan

Displayed result:

---- ---- -------------------------------- ------------------------------------------

NO. VID VLAN-Name Owner mode Port-Name

---- ---- -------------------------------- ------------------------------------------

1 1 DEFAULT static Untagged port 0/1 port 0/2 port 0/3

port 0/4 port 0/5 port 0/6






port 0/22 port 0/23

2 3 VLAN0003 static Untagged port 0/0

3 4 VLAN0004 static Tagged port 0/1

Description & analysis:

NO. : display serial number

VID: VLAN ID

VLAN-Name: VLAN description information

Owner: the label of the VLAN creator, static (created manually) or

dynamic (created by GVRP protocol)

Mode: how the port joins the VLAN: tagged or untagged

Port-Name: port name

The displayed result indicates the existing VLAN of the system, VLAN

description information, VLAN member ports and the Tag/Untag attributes.

VLAN Configuration


router#show mac-vlan

Displayed result:

total 4096, used 1, left 4095

---- --------------- ---------MAC-VLAN--------------------------------------------------------

NO. MAC address dynamicvlan staticvlan currentpri staticpri

---- --------------- -------------------------------------------------------------------------

1 0002.0003.0004 0 3 0

0

Description & analysis:

NO.: display serial number

MAC address: MAC address

Dynamicvlan: The VLAN ID assigned by matched MAC address packets. It

is created by dot1X protocol

staticvlan: The VLAN ID assigned by matched MAC address packets. It is

created by the user

currentpri: The current valid priority

staticpri: The shell configured priority

The displayed result indicates the existing MAC VLAN items of the system

and the included details.

chapter 20 vlan configuration

Documents