- 产品与解决方案
- 行业解决方案
- 服务
- 支持
- 合作伙伴
- 新华三人才研学中心
- 关于我们
09-VLAN映射典型配置举例
本章节下载: 09-VLAN映射典型配置举例 (205.09 KB)
目 录
VLAN映射是指将报文原有的VLAN Tag进行替换,使其能够在转发后的网络中应用基于VLAN的各种传输策略。
· 1:1 VLAN映射:将来自某一特定VLAN的报文所携带的VLAN Tag替换为新的VLAN Tag。
· N:1 VLAN映射:将来自两个或多个VLAN的报文所携带的不同VLAN Tag替换为相同的VLAN Tag。
如图1所示:
· 在某个小区网络中,服务提供商为家庭用户提供电脑上网(PC)、视频点播(VoD)和语音电话(VoIP)三种数据应用服务,每个用户通过家庭网关接入楼道交换机,并通过DHCP自动获取IP地址。在向用户分发家庭网关时,服务提供商在家庭网关上进行了统一配置,将PC业务划分到VLAN1、VoD业务化分到VLAN2、VoIP业务划分到VLAN3。
· 在楼道交换机上,为了对不同用户的相同业务进行区分,同时防止用户之间的信息泄漏和恶意攻击,要求将每个用户的每种业务采用单独的VLAN进行标记;在园区交换机上,为节省VLAN资源,要求将数据根据业务类型进行统一分类,其中:PC业务通过VLAN 501发送;VoD业务通过VLAN 502发送;VoIP业务通过VLAN 503发送。
图1 1:1/N:1 VLAN映射组网示意图
· 要完成楼道交换机的组网需求,可以通过在楼道交换机连接家庭网关的每个端口上配置1:1VLAN映射功能来实现,将接收到的所有用户的VLAN1/VLAN2/VLAN3的数据都分别映射到不同的VLAN。例如在端口1上将VLAN1映射到VLAN101,在端口2上将VLAN1映射到VLAN102,依次类推。这样,便可保证在楼道交换机上,每个用户的每种业务都能够用不同的VLAN来区分。
· 在园区交换机上,需要使用N:1 VLAN映射,将楼道交换机映射后的数据再根据数据类型进行重新映射,忽略对不同用户的区分,例如将上一段介绍中楼道交换机映射后的VLAN101和VLAN102都映射为501。
经过以上配置后,VLAN Tag的替换效果如图2所示。
图2 1:1/N:1VLAN映射配置效果示意图
(1) 创建映射前的用户网络VLAN(CVLAN)和映射后的运营商网络VLAN(SVLAN)。
<SwitchA> system-view
[SwitchA] vlan 1
[SwitchA-vlan1] quit
[SwitchA] vlan 2
[SwitchA-vlan2] quit
[SwitchA] vlan 3
[SwitchA-vlan3] quit
[SwitchA] vlan 101
[SwitchA-vlan101] quit
[SwitchA] vlan 201
[SwitchA-vlan201] quit
[SwitchA] vlan 301
[SwitchA-vlan301] quit
[SwitchA] vlan 102
[SwitchA-vlan102] quit
[SwitchA] vlan 202
[SwitchA-vlan202] quit
[SwitchA] vlan 302
[SwitchA-vlan302] quit
其他略。
(2) 配置下行端口GigabitEthernet1/0/1和GigabitEthernet1/0/2
# 配置下行端口GigabitEthernet1/0/1和GigabitEthernet1/0/2为Hybrid端口且允许原始VLAN及转换后VLAN通过,同时在端口上配置1:1 VLAN映射。
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA -GigabitEthernet1/0/1] port link-type hybrid
[SwitchA -GigabitEthernet1/0/1] port hybrid vlan 1 to 3 101 201 301 tagged
[SwitchA] quit
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA -GigabitEthernet1/0/2] port link-type hybrid
[SwitchA -GigabitEthernet1/0/2] port hybrid vlan 1 to 3 102 102 302 tagged
[SwitchA] quit
# 配置端口的VLAN映射功能。
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA -GigabitEthernet1/0/1] vlan mapping uni single 1 translated-vlan 101
[SwitchA -GigabitEthernet1/0/1] vlan mapping uni single 2 translated-vlan 201
[SwitchA -GigabitEthernet1/0/1] vlan mapping uni single 3 translated-vlan 301
[SwitchA -GigabitEthernet1/0/1] quit
[SwitchA] interface gigabitethernet 1/0/2
[SwitchA -GigabitEthernet1/0/2] vlan mapping uni single 1 translated-vlan 102
[SwitchA -GigabitEthernet1/0/2] vlan mapping uni single 2 translated-vlan 202
[SwitchA -GigabitEthernet1/0/2] vlan mapping uni single 3 translated-vlan 302
[SwitchA -GigabitEthernet1/0/2] quit
(3) 配置上行端口GigabitEthernet1/0/3
#配置上行端口Ethernet1/0/3为Trunk端口,且允许转换后VLAN通过.
[SwitchA] interface gigabitethernet 1/0/3
[SwitchA-GigabitEthernet1/0/3] port link-type trunk
[SwitchA-GigabitEthernet1/0/3] port trunk permit vlan 101 201 301 102 202 302
[SwitchA-GigabitEthernet1/0/3] undo port trunk permit vlan 1
[SwitchA-GigabitEthernet1/0/3] quit
Switch B的配置与Switch A相似,配置过程略。
(1) 创建映射前的用户网络VLAN(CVLAN)和映射后的运营商网络VLAN(SVLAN)。
[SwitchC] vlan 101
[SwitchC-vlan101] vlan 201
[SwitchC-vlan201] vlan 301
[SwitchC-vlan301] vlan 102
[SwitchC-vlan102] vlan 202
[SwitchC-vlan202] vlan 302
[SwitchC-vlan302] vlan 501
[SwitchC-vlan501] vlan 502
[SwitchC-vlan502] vlan 503
[SwitchC-vlan503] quit
(2) 配置下行端口GigabitEthernet1/0/1
# 配置下行端口GigabitEthernet1/0/1为Hybrid端口且允许原始VLAN及转换后VLAN通过,同时在端口上配置N:1 VLAN映射.。
[SwitchC] interface gigabitethernet 1/0/1
[SwitchC-GigabitEthernet1/0/1] port link-type hybrid
[SwitchC-GigabitEthernet1/0/1] port hybrid vlan 101 102 201 202 301 302 501 to 503 tagged
[SwitchC-GigabitEthernet1/0/1] undo port hybrid vlan 1
[SwitchC-GigabitEthernet1/0/1] quit
# 配置端口的VLAN映射功能。
[SwitchC] interface gigabitethernet 1/0/1
[SwitchC-GigabitEthernet1/0/1] vlan mapping uni range 101 to 102 translated-vlan 501
[SwitchC-GigabitEthernet1/0/1] vlan mapping uni range 201 to 202 translated-vlan 502
[SwitchC-GigabitEthernet1/0/1] vlan mapping uni range 301 to 302 translated-vlan 503
[SwitchC-GigabitEthernet1/0/1] quit
(3) 配置上行端口GigabitEthernet1/0/3
# 配置端口Ethernet1/0/3为Trunk端口且允许转换后VLAN通过。
[SwitchC] interface gigabitethernet 1/0/3
[SwitchC-GigabitEthernet1/0/3] port link-type trunk
[SwitchC-GigabitEthernet1/0/3] port trunk permit vlan 501 to 503
[SwitchC-GigabitEthernet1/0/3] undo port trunk permit vlan 1
[SwitchC-GigabitEthernet1/0/3] quit
(1) 查看端口的配置,以查看SwitchA上GigabitEthernet1/0/1的配置为例。
[SwitchA] interface gigabitethernet 1/0/1
[SwitchA-GigabitEthernet1/0/1] display this
interface GigabitEthernet1/0/1
port link-type hybrid
port hybrid vlan 1 to 3 101 201 301 tagged
vlan mapping uni single 1 translated-vlan 101
vlan mapping uni single 2 translated-vlan 201
vlan mapping uni single 3 translated-vlan 301
#
return
(1) SwitchA
#
vlan 1
#
vlan 2 to 3
#
vlan 101 to 102
#
vlan 201 to 202
#
vlan 301 to 302
#
interface GigabitEthernet1/0/1
port link-type hybrid
port hybrid vlan 1 to 3 101 201 301 tagged
vlan mapping uni single 1 translated-vlan 101
vlan mapping uni single 2 translated-vlan 201
vlan mapping uni single 3 translated-vlan 301
#
interface GigabitEthernet1/0/2
port link-type hybrid
port hybrid vlan 1 to 3 102 102 302 tagged
vlan mapping uni single 1 translated-vlan 102
vlan mapping uni single 2 translated-vlan 202
vlan mapping uni single 3 translated-vlan 302
#
interface GigabitEthernet1/0/3
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 101 to 102 201 to 202 301 to 302
#
(2) SwitchB
略。
(3) SwtichC
#
vlan 101 to 102
#
vlan 201 to 202
#
vlan 301 to 302
#
vlan 501 to 503
#
interface GigabitEthernet1/0/1
port link-type hybrid
undo port hybrid vlan 1
port hybrid vlan 101 102 201 202 301 302 501 to 503 tagged
vlan mapping uni range 101 to 102 translated-vlan 501
vlan mapping uni range 201 to 202 translated-vlan 502
vlan mapping uni range 301 to 302 translated-vlan 503
interface GigabitEthernet1/0/3
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 501 to 503
不同款型规格的资料略有差异, 详细信息请向具体销售和400咨询。H3C保留在没有任何通知或提示的情况下对资料内容进行修改的权利!
支持
售前咨询
售后咨询
人工在线咨询
