Experimental background: By dividing virtual broadcast domains into layer 2 switches, broadcast storms are logically isolated.
First of all, it is clear that there are four methods for VLAN division, namely:
1. Port-based vlan;
2. valn based on MAC;
3. IP-based vlan;
4. Protocol-based vlan;
This experiment is based on port vlan division.
1. Build topology
Configure the IP addresses of the virtual PC device with the subnet mask of 255.255.255.0 from left to right: 192.168.1.1; 192.168.1.2; 192.168.1.3; 192.168.1.4
2. Create vlan between two switches
Name the switch on the left as SW1 and the switch on the right as SW2.
2.1 SW1 creates vlan10
<H3C>system-view //Enter system view
[H3C]sys SW1 //Switch naming
[SW1]display vlan brief //Confirm initialization, H3C switch defaults to initial vlan1
Brief information about all VLANs:
Supported Minimum VLAN ID: 1
Supported Maximum VLAN ID: 4094
Default VLAN ID: 1
VLAN ID Name Port
1 VLAN 0001 FGE1/0/53 FGE1/0/54 GE1/0/1
GE1/0/2 GE1/0/3 GE1/0/4 GE1/0/5
GE1/0/6 GE1/0/7 GE1/0/8 GE1/0/9
GE1/0/10 GE1/0/11 GE1/0/12
GE1/0/13 GE1/0/14 GE1/0/15
GE1/0/16 GE1/0/17 GE1/0/18
GE1/0/19 GE1/0/20 GE1/0/21
GE1/0/22 GE1/0/23 GE1/0/24
GE1/0/25 GE1/0/26 GE1/0/27
GE1/0/28 GE1/0/29 GE1/0/30
GE1/0/31 GE1/0/32 GE1/0/33
GE1/0/34 GE1/0/35 GE1/0/36
GE1/0/37 GE1/0/38 GE1/0/39
GE1/0/40 GE1/0/41 GE1/0/42
GE1/0/43 GE1/0/44 GE1/0/45
GE1/0/46 GE1/0/47 GE1/0/48
XGE1/0/49 XGE1/0/50 XGE1/0/51
XGE1/0/52
[SW1]vlan 10
vlan10 is created, use the display command to verify and divide the ports
[SW1-vlan10]port g1/0/1 //Assign port g1/0/1 to vlan10
[SW1-vlan10]display vlan brief //Confirm the port division of vlan10
Brief information about all VLANs:
Supported Minimum VLAN ID: 1
Supported Maximum VLAN ID: 4094
Default VLAN ID: 1
VLAN ID Name Port
1 VLAN 0001 FGE1/0/53 FGE1/0/54 GE1/0/2
GE1/0/3 GE1/0/4 GE1/0/5 GE1/0/6
GE1/0/7 GE1/0/8 GE1/0/9 GE1/0/10
GE1/0/11 GE1/0/12 GE1/0/13
GE1/0/14 GE1/0/15 GE1/0/16
GE1/0/17 GE1/0/18 GE1/0/19
GE1/0/20 GE1/0/21 GE1/0/22
GE1/0/23 GE1/0/24 GE1/0/25
GE1/0/26 GE1/0/27 GE1/0/28
GE1/0/29 GE1/0/30 GE1/0/31
GE1/0/32 GE1/0/33 GE1/0/34
GE1/0/35 GE1/0/36 GE1/0/37
GE1/0/38 GE1/0/39 GE1/0/40
GE1/0/41 GE1/0/42 GE1/0/43
GE1/0/44 GE1/0/45 GE1/0/46
GE1/0/47 GE1/0/48 XGE1/0/49
XGE1/0/50 XGE1/0/51 XGE1/0/52
10 VLAN 0010 GE1/0/1
2.2 SW1 creates vlan20
[SW1]vlan 20
[SW1-vlan20]qu
[SW1]int ge1/0/2 //Enter port g1/0/2
[SW1-GigabitEthernet1/0/2]port access vlan 20 //Default access port vlan division
[SW1-GigabitEthernet1/0/2]display vlan brief
Brief information about all VLANs:
Supported Minimum VLAN ID: 1
Supported Maximum VLAN ID: 4094
Default VLAN ID: 1
VLAN ID Name Port
1 VLAN 0001 FGE1/0/53 FGE1/0/54 GE1/0/3
GE1/0/4 GE1/0/5 GE1/0/6 GE1/0/7
GE1/0/8 GE1/0/9 GE1/0/10
GE1/0/11 GE1/0/12 GE1/0/13
GE1/0/14 GE1/0/15 GE1/0/16
GE1/0/17 GE1/0/18 GE1/0/19
GE1/0/20 GE1/0/21 GE1/0/22
GE1/0/23 GE1/0/24 GE1/0/25
GE1/0/26 GE1/0/27 GE1/0/28
GE1/0/29 GE1/0/30 GE1/0/31
GE1/0/32 GE1/0/33 GE1/0/34
GE1/0/35 GE1/0/36 GE1/0/37
GE1/0/38 GE1/0/39 GE1/0/40
GE1/0/41 GE1/0/42 GE1/0/43
GE1/0/44 GE1/0/45 GE1/0/46
GE1/0/47 GE1/0/48 XGE1/0/49
XGE1/0/50 XGE1/0/51 XGE1/0/52
10 VLAN 0010 GE1/0/1
20 VLAN 0020 GE1/0/2
It can be seen that currently vlan1 already has vlan10 and vlan20.
2.3 SW1 creates a trunk port connected to SW2
[SW1]int g1/0/3 //Enter port g1/0/3 [SW1-GigabitEthernet1/0/3]port link-type ? //Select the interface mode access Set the link type to access hybrid Set the link type to hybrid trunk Set the link type to trunk [SW1-GigabitEthernet1/0/3]port link-type trunk //Select the trunk port [SW1-GigabitEthernet1/0/3]port trunk permit vlan 10 20 //H3C switch allows vlan1 by default, so the configuration here needs to allow vlan10 and vlan20
The vlan division of SW2 is the same as above.
[SW2]vlan 10 //Enter vlan10 [SW2-vlan10]port g1/0/1 //Enter port 1 [SW2-vlan10]name shichangbu //Customized port name
[SW2]int g1/0/3 //Enter port 3 [SW2-GigabitEthernet1/0/3]display this //trunk port verification # interface GigabitEthernet1/0/3 port link-mode bridge port link-type trunk port trunk permit vlan 1 10 20 combo enable fiber #
3. VLAN division effect verification
expected outcome:
PC3 can communicate with PC6, but cannot communicate with PC5 and PC8;
PC5 can communicate with PC6, but cannot communicate with PC8 and PC6;
(You can use the ping command to test.)