Huawei converged VLAN principle and configuration

Usual vlan Of IP Distribute , We are usually one vlan Assign a network segment , But sometimes such distribution is too extravagant . So there are many vlan Sharing a network segment . This is aggregation vlan.

Now let's recognize some concepts ：

father vlan： The vlan Not assigned to any physical interface , Just as aggregation vlan Gateway for , That is, polymerization vlan Three layer routing interface

Son vlan： Son vlan It's polymerization vlan Part of , Son vlan Used to assign to physical interfaces , The sub interface depends on the father vlan The three-tier interface of is connected with the outside world or different vlan signal communication

To configure

For example, in the above example ,vlan100 For father vlan,vlan10,20 To be a son vlan, Hypothetical aggregation vlan Other general configurations and completion .

Configuration command ：

The system view ：vlan 100
vlan100 View ：aggregate-vlan  ： Indicates that the vlan Is a father vlan
vlan100 View ：access-vlan 10,20 ： take vlan11 and vlan22 Add to vlan100, As his son vlan

Finish here , Just the others vlan A three-tier virtual interface is also configured , That is to say vlanif, Then vlan It can be different from others vlan signal communication . But aggregation vlan The son inside vlan But can't communicate , This is because they use the address of the same network segment , Then vlan If you want to pass arp Conduct IP Address and mac When obtaining the mapping relationship information of the address , Son vlan Because of the same network segment arp Package to broadcast , And its arp The package indicates that its object is aggregation vlan The son of vlan, But although they are in the same aggregation vlan, In essence, they are different vlan, So son vlan Between the arp The bag naturally carries vlan label , So a penny vlan Of arp As a general rule, broadcast packets will not be transferred to other children vlan Up there , This leads to sub vlan Communication between... Was interrupted .

The same aggregation vlan neutron vlan Reasons and solutions for failure to communicate

To solve this problem, it is necessary for father vlan Of vlanif Enter... Under view arp-proxy inter-sub-vlan-proxy enable , Indicates that the interface is enabled arp agent . In this way, when others vlan send out arp When broadcasting packets , The layer 3 switching opportunity replaces the requested communication host , As a messenger . For example, analyze according to the above example ,PC10 Want and PC9 communicate , that PC10 send out arp Broadcast packet , Then the layer 3 switch vlanif100 Interface will own arp Information is returned to PC10, And tell it that I am PC9, Actually, it means a little white lie , Then the layer-3 switch starts from the sub vlan Send... On the interface arp radio broadcast , Hope to get PC10 The host that wants to communicate arp Information , then PC9 From G0/0/2 Reply on the interface , So the layer 3 switch records its information . When PC10 When a message is sent , The switch only needs to put the purpose in the message MAC, Source MAC Just modify it .

For example, in the above example, let PC10 and PC9 each other ping, Then observe their arp cache , As shown in the figure below ：

 PC9 Of ARP cache

PC10 Of ARP cache

Can see , The of these two hosts arp Corresponding to IP Of mac It's all pointing to the same mac, This mac The address is vlanif100 Virtual interface mac Address . Although in real life arp Agents may rarely meet , But the instance of this configuration makes arp Agents appear in the public view .