Principle overview
VLAN logically divides a physical LAN into multiple broadcast domains. Hosts in a VLAN can communicate directly, but they cannot communicate directly between VLANs.
In real networks, we often encounter situations that require cross-VLAN mutual access. Engineers usually choose some methods to achieve mutual access between hosts in different VLANs, such as single-arm routing. However, due to some limitations in single-arm routing technology, such as bandwidth, forwarding efficiency, etc., this technology is less applied.
Layer 3 switches add routing functions to the original Layer 2 switches. At the same time, because data is not routed through physical lines like single-arm routing, it solves the bandwidth bottleneck problem and provides a flexible solution for network design.
The VLANIF interface is an interface based on the network layer and can be configured with an IP address. With the VLANIF interface, the Layer 3 switch can realize the routing and forwarding function.
Experimental topology
Experimental steps
1: Configure IP slightly
2: First test the connectivity of
PC-1 and PC-2
PC>ping 192.168.1.2
Ping 192.168.1.2: 32 data bytes, Press Ctrl_C to break
From 192.168.1.2: bytes=32 seq=1 ttl=128 time=47 ms
From 192.168.1.2: bytes=32 seq=2 ttl=128 time=32 ms
From 192.168.1.2: bytes=32 seq=3 ttl=128 time=46 ms
From 192.168.1.2: bytes=32 seq=4 ttl=128 time=32 ms
From 192.168.1.2: bytes=32 seq=5 ttl=128 time=31 ms
--- 192.168.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/37/47 ms
It can be observed that the communication is normal.
Test the connectivity between PC-1 and PC-3
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
From 192.168.1.1: Destination host unreachable
From 192.168.1.1: Destination host unreachable
From 192.168.1.1: Destination host unreachable
From 192.168.1.1: Destination host unreachable
From 192.168.1.1: Destination host unreachable
--- 192.168.1.254 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
PC-1 to PC-3 cannot communicate normally
. Let’s analyze it here: (It’s boring, just ignore the command configuration.)
Before the host sends a data packet, it will check the destination address in the data packet. If the destination IP address is On the same network segment as the local IP address, the host will directly send an ARP request packet to request the MAC address of the opposite host, encapsulate the packet, and then send the packet to request the MAC address of the gateway. After receiving the gateway ARP reply, Then encapsulate the data packet and send it.
Therefore, when PC-1 visits the IP address of 192.168.2.1 and finds that the destination IP address is not in the same IP address segment as the local IP address, PC-1 will send out an ARP packet requesting the MAC address of the gateway 192.168.1.254. However, because the switch did not do any IP configuration, no device responded to the ARP request. As a result, the sales department host PC-1 could not normally encapsulate data packets, and therefore could not communicate with PC-3 normally.
3: Create vlan10 and vlan20 on S1, divide PC-1 and PC-2 into vlan10, and divide PC-3 into vlan20.
First modify the interface type:
[Huawei]int g 0/0/2
[Huawei-GigabitEthernet0/0/2]port link-type access
[Huawei-GigabitEthernet0/0/2]quit
[Huawei]int g 0/0/3
[Huawei-GigabitEthernet0/0/3]port link-type access
[Huawei]vlan 10
[Huawei-vlan10]port GigabitEthernet 0/0/1
[Huawei-vlan10]port GigabitEthernet 0/0/2
[Huawei-vlan10]quit
[Huawei]vlan 20
[Huawei-vlan20]port GigabitEthernet 0/0/3
[Huawei-vlan20]quit
4: Now it is necessary to realize communication through inter-VLAN routing, and configure VLANIF interface on the three-layer switch.
[Huawei]interface Vlanif 10
[Huawei-Vlanif10]ip address 192.168.1.254 24
[Huawei-Vlanif10]interface vlanif 20
[Huawei-Vlanif20]ip address 192.168.2.254 24
[Huawei-Vlanif20]quit
5: Check the interface status
[Huawei]display ip interface brief
*down: administratively down
^down: standby
(l): loopback
(s): spoofing
The number of interface that is UP in Physical is 3
The number of interface that is DOWN in Physical is 2
The number of interface that is UP in Protocol is 3
The number of interface that is DOWN in Protocol is 2
Interface IP Address/Mask Physical Protocol
MEth0/0/1 unassigned down down
NULL0 unassigned up up(s)
Vlanif1 unassigned down down
Vlanif10 192.168.1.254/24 up up
Vlanif20 192.168.2.254/24 up up
no problem
6: Test the connectivity of PC-1 to PC-3 again
PC>ping 192.168.2.1
Ping 192.168.2.1: 32 data bytes, Press Ctrl_C to break
From 192.168.2.1: bytes=32 seq=1 ttl=127 time=62 ms
From 192.168.2.1: bytes=32 seq=2 ttl=127 time=47 ms
From 192.168.2.1: bytes=32 seq=3 ttl=127 time=47 ms
From 192.168.2.1: bytes=32 seq=4 ttl=127 time=31 ms
From 192.168.2.1: bytes=32 seq=5 ttl=127 time=31 ms
--- 192.168.2.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 31/43/62 ms
**没有问题**