抱歉,您的浏览器无法访问本站
本页面需要浏览器支持(启用)JavaScript
了解详情 >


VLAN 原理与配置

广播域过大造成的弊端

交换机所处的位置是一个广播域.

  • 1. 广播域的泛洪会导致网络传输效率降低.
  • 2. 广播域过大可能会造成安全隐患.
  • 3. 如果发生了故障很难排查.
  • 4. 广播域过大会造成策略难以部署.
  • 5. 会导致网络中带宽消耗过大.

VLAN

VLAN: 虚拟局域网,是在交换机上实现广播域隔离的一项二层技术,每个 VLAN 就是一个广播域,VLAN 和设备的物理位置无关。同一 VLAN 设备可以直接二层通信,不同的 VLAN 设备相互隔离,缺省情况下交换机属于同一个 VLAN.

不同的 VLAN 通过 VLAN 编号进行区分,VLAN 编号的取值范围 0-4095, 其中 04095 有特殊用处不能使用,缺省 VLAN 为 1.

VLAN Tag (802.1q) 数据帧源 MAC 地址和类型之间插入 VLAN Tag, 包含 VLAN ID.

PVID 位于交换机接口.

VLAN 的划分方式

  • 1. 基于接口的划分:根据交换机的接口编号来划分,通过交换机的每一个接口配置不同的 PVID, 来将不同的接口划分到不同的 VLAN 中.
  • 2. 基于 MAC 地址的划分.
  • 3. 基于 IP 子网的划分.
  • 4. 基于协议的划分.
  • 5. 基于策略的划分.

接口

Access

接收

当交换机收到一个没有 TAG 的数据帧时,则接收该数据帧并根据 PVID 打上 VLANID.

当交换机接收到一个带有 TAG 的数据帧时,当数据帧中的 VLANID 和 PVID 相同时,接收,不相同时,不接收.

发送

当交换机发送一个 VLANID 和 PVID 相同的数据帧时,剥离数据帧的 TAG 发送.

当交换机发送一个 VLANID 和 PVID 不相同的数据帧时,禁止数据帧发出.

TRTUNK

接收

当交换机接收到一个不带 TAG 的数据帧时,根据 PVID 打上 VLANID, 如果 VLANID 在允许放行的列表中,则接收.

当交换机接收到一个带 TAG 的数据帧时,查看 VLANID 是否允许通过列表里,在则通过,不在,禁止通过.

发送

当数据帧中 VLANID 和 PVID 相同,该 VLANID 是否在允许通过列表中,在则剥离 TAG 发送,不在则丢弃.

当数据帧中 VLANID 和 PVID 不相同,该 VLANID 是否在允许通过的列表中,在则保留 TAG 发送,不在则丢弃.

Hybrid

接收

与 Trunk 端口类型一致.

发送

如果该数据帧的 VLANID 不在允许通过列表中,则禁止通过.

当数据帧的 VLANID 在允许通过列表中,根据管理员指定该数据帧是否携带 TAG 通过.

VLAN 命令

Access Trunk

Access Trunk

SW1
<Huawei>display port vlan 
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    hybrid       1     -                                   
GigabitEthernet0/0/2    hybrid       1     -                                   
GigabitEthernet0/0/3    hybrid       1     -                                   
GigabitEthernet0/0/4    hybrid       1     -                                   
GigabitEthernet0/0/5    hybrid       1     -                                   
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
<Huawei>
<Huawei>sy
Enter system view, return user view with Ctrl+Z.
[Huawei]vlan 10
[Huawei-vlan10]q
[Huawei]vlan 20
[Huawei-vlan20]q
[Huawei]undo vlan 10
[Huawei]undo vlan 20
[Huawei]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]vlan batch 10 to 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type access
[Huawei-GigabitEthernet0/0/1]port default vlan 10
[Huawei-GigabitEthernet0/0/1]dis th
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
return
[Huawei-GigabitEthernet0/0/1]display port vlan 
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    access       10    -                                   
GigabitEthernet0/0/2    hybrid       1     -                                   
GigabitEthernet0/0/3    hybrid       1     -                                   
GigabitEthernet0/0/4    hybrid       1     -                                   
GigabitEthernet0/0/5    hybrid       1     -                                   
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
[Huawei-GigabitEthernet0/0/1]
[Huawei-GigabitEthernet0/0/1]int g0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type access
[Huawei-GigabitEthernet0/0/3]port default vlan 10
[Huawei-GigabitEthernet0/0/3]int g0/0/2
[Huawei-GigabitEthernet0/0/2]port link-type access
[Huawei-GigabitEthernet0/0/2]port default vlan 20
[Huawei-GigabitEthernet0/0/2]int g0/0/4
[Huawei-GigabitEthernet0/0/4]port link-type access
[Huawei-GigabitEthernet0/0/4]port default vlan 20
[Huawei]display port vlan 
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    access       10    -                                   
GigabitEthernet0/0/2    access       20    -                                   
GigabitEthernet0/0/3    access       10    -                                   
GigabitEthernet0/0/4    access       20    -                                   
GigabitEthernet0/0/5    hybrid       1     -                                   
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
[Huawei]




[Huawei]int g0/0/5
[Huawei-GigabitEthernet0/0/5]port link-type trunk 
[Huawei-GigabitEthernet0/0/5]port trunk allow-pass vlan ?
  INTEGER<1-4094>  VLAN ID
  all              All

[Huawei-GigabitEthernet0/0/5]port trunk allow-pass vlan 10 20
[Huawei-GigabitEthernet0/0/5]dis this
#
interface GigabitEthernet0/0/5
 port link-type trunk
 port trunk allow-pass vlan 10 20
#
return
[Huawei-GigabitEthernet0/0/5]display port vlan
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    access       10    -                                   
GigabitEthernet0/0/2    access       20    -                                   
GigabitEthernet0/0/3    access       10    -                                   
GigabitEthernet0/0/4    access       20    -                                   
GigabitEthernet0/0/5    trunk        1     1 10 20
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
[Huawei-GigabitEthernet0/0/5]

[Huawei]int g0/0/5
[Huawei-GigabitEthernet0/0/5]port trunk pvid vlan 10
[Huawei-GigabitEthernet0/0/5]display port vlan
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    access       10    -                                   
GigabitEthernet0/0/2    access       20    -                                   
GigabitEthernet0/0/3    access       10    -                                   
GigabitEthernet0/0/4    access       20    -                                   
GigabitEthernet0/0/5    trunk        10    1 10 20
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
[Huawei-GigabitEthernet0/0/5]
<Huawei>display  cu
#
sysname Huawei
#
vlan batch 10 to 20
#
cluster enable
ntdp enable
ndp enable
#
drop illegal-mac alarm
#
diffserv domain default
#
drop-profile default
#
aaa
 authentication-scheme default
 authorization-scheme default
 accounting-scheme default
 domain default
 domain default_admin
 local-user admin password simple admin
 local-user admin service-type http
#
interface Vlanif1
#
interface MEth0/0/1
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 20
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/4
 port link-type access
 port default vlan 20
#
interface GigabitEthernet0/0/5
 port link-type trunk
 port trunk pvid vlan 10
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/6

SW2
<Huawei>dis cu
#
sysname Huawei
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port link-type trunk
 port trunk pvid vlan 10
 port trunk allow-pass vlan 10 20
#
interface GigabitEthernet0/0/2
 port link-type access
 port default vlan 10
#
interface GigabitEthernet0/0/3
 port link-type access
 port default vlan 20
#
<Huawei> 
[Huawei]vlan batch 10 20 // 同时创建vlan 10 20

[Huawei-GigabitEthernet0/0/x]port link-type access // 端口类型改为access
[Huawei-GigabitEthernet0/0/x]port default vlan xx // 默认 vlan 为xx

[Huawei-GigabitEthernet0/0/x]port link-type trunk  // 端口类型改为trunk
[Huawei-GigabitEthernet0/0/x]port trunk allow-pass vlan 10 20 // 允许通过列表 10 20

[Huawei-GigabitEthernet0/0/x]port trunk pvid vlan 10 // 更改 pvid 为 VLAN10

Hybrid

Hybrid

SW1
<Huawei>sy
Enter system view, return user view with Ctrl+Z.
[Huawei]sy SW1
[SW1]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]int g0/0/3
[SW1-GigabitEthernet0/0/3]port hybrid pvid vlan 10
[SW1-GigabitEthernet0/0/3]port hybrid untagged vlan 10
[SW1-GigabitEthernet0/0/3]dis this 
#
interface GigabitEthernet0/0/3
 port hybrid pvid vlan 10
 port hybrid untagged vlan 10
#
return

[SW1-GigabitEthernet0/0/3]int g0/0/1
[SW1-GigabitEthernet0/0/1]port link-type hybrid 
[SW1-GigabitEthernet0/0/1]port hybrid pvid vlan 10
[SW1-GigabitEthernet0/0/1]port hybrid untagged vlan 10

[SW1-GigabitEthernet0/0/3]int g0/0/2
[SW1-GigabitEthernet0/0/2]port link-type hybrid 
[SW1-GigabitEthernet0/0/2]port hybrid pvid vlan 20
[SW1-GigabitEthernet0/0/2]port hybrid untagged vlan 20

[SW1-GigabitEthernet0/0/2]int g0/0/4
[SW1-GigabitEthernet0/0/4]port link-type hybrid 
[SW1-GigabitEthernet0/0/4]port hybrid pvid vlan 20
[SW1-GigabitEthernet0/0/4]port hybrid untagged vlan 20

[SW1]int g0/0/5
[SW1-GigabitEthernet0/0/5]port link-type hybrid 
[SW1-GigabitEthernet0/0/5]port hybrid ?
  pvid      Specify current port's PVID VLAN characteristics
  tagged    Tagged
  untagged  Untagged
  vlan      Virtual LAN
[SW1-GigabitEthernet0/0/5]port hybrid tagged vlan 10 20
[SW1-GigabitEthernet0/0/5]display port vlan 
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    hybrid       10    -                                   
GigabitEthernet0/0/2    hybrid       20    -                                   
GigabitEthernet0/0/3    hybrid       10    -                                   
GigabitEthernet0/0/4    hybrid       20    -                                   
GigabitEthernet0/0/5    hybrid       1     10 20
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   hybrid       1     -                                   
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -                                   
[SW1-GigabitEthernet0/0/5]
<SW1>display cu
#
sysname SW1
#
vlan batch 10 20

#
interface GigabitEthernet0/0/1
 port hybrid pvid vlan 10
 port hybrid untagged vlan 10
#
interface GigabitEthernet0/0/2
 port hybrid pvid vlan 20
 port hybrid untagged vlan 20
#
interface GigabitEthernet0/0/3
 port hybrid pvid vlan 10
 port hybrid untagged vlan 10
#
interface GigabitEthernet0/0/4
 port hybrid pvid vlan 20
 port hybrid untagged vlan 20
#
interface GigabitEthernet0/0/5
 port hybrid tagged vlan 10 20
#

SW2
<Huawei>sy
Enter system view, return user view with Ctrl+Z.
[Huawei]sy SW2
[SW2]vlan batch 10 20
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW2]
[SW2]int g0/0/1
[SW2-GigabitEthernet0/0/1]port hybrid tagged vlan 10 20
[SW2-GigabitEthernet0/0/1]int g0/0/2
[SW2-GigabitEthernet0/0/2]port link-type hybrid 
[SW2-GigabitEthernet0/0/2]port hybrid pvid vlan 10
[SW2-GigabitEthernet0/0/2]port hybrid untagged vlan 10
[SW2-GigabitEthernet0/0/2]int g0/0/3
[SW2-GigabitEthernet0/0/3]port link-type hybrid 
[SW2-GigabitEthernet0/0/3]port hybrid pvid vlan 20
[SW2-GigabitEthernet0/0/3]port hybrid untagged vlan 20

<SW2>display cu
#
sysname SW2
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
 port hybrid tagged vlan 10 20
#
interface GigabitEthernet0/0/2
 port hybrid pvid vlan 10
 port hybrid untagged vlan 10
#
interface GigabitEthernet0/0/3
 port hybrid pvid vlan 20
 port hybrid untagged vlan 20
#

推荐阅读
实现VLAN间通信 实现VLAN间通信 IP路由基础 IP路由基础 以太网链路聚合 以太网链路聚合 OSPF基础 OSPF基础 DHCP DHCP VRF 虚拟路由转发 VRF 虚拟路由转发

留言区

Are You A Robot?