Wednesday , November 27 2024
Home / Ethernet / VLAN, trunk, VLANIF (SVI) on Huawei switch

VLAN, trunk, VLANIF (SVI) on Huawei switch

Today I want to show you:

  • How to configure VLANs
  • How to add interface to a VLAN
  • How to establish 802.1q trunk between two Ethernet switches and filter VLANs
  • How to configure VLANIF (VLAN interface or simply SVI).

Look at the following topology:

Let’s assume that we want to configure two switches, which are connected via Ethernet link. Both switches have PCs connected to them. We want to allow PC101 to be able to reach PC102 and PC201 to be able to reach PC202.To do so, we need to add two different VLANs, configure Ethernet Trunk between switches and add PCs to the correct VLAN.

Let’s start with SW1 switch configuration.

First I have to add two VLANs 100 and 200, and describe these VLANs labnario100 and labnario200 respectively (description is optional). Both switches should be configured at exactly the same way, so SW2 configuration is omitted.

<labnariosw1>system-view
[labnariosw1]vlan 100	
[labnariosw1-vlan100]description labnario100
[labnariosw1-vlan100]vlan 200
[labnariosw1-vlan200]description labnario200

Let’s verify VLAN configuration:

[labnariosw1]display vlan
The total number of vlans is : 3
--------------------------------------------------------------------------------

U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------

VID  Type    Ports                
--------------------------------------------------------------------------------
1    common  UT:GE0/0/1(U)      GE0/0/2(U)      GE0/0/3(D)      GE0/0/4(D)      
                GE0/0/5(D)      GE0/0/6(D)      GE0/0/7(D)      GE0/0/8(D)      
                GE0/0/9(D)      GE0/0/10(U)     GE0/0/11(D)     GE0/0/12(D)     
                GE0/0/13(D)     GE0/0/14(D)     GE0/0/15(D)     GE0/0/16(D)     
                GE0/0/17(D)     GE0/0/18(D)     GE0/0/19(D)     GE0/0/20(D)     
                GE0/0/21(D)     GE0/0/22(D)     GE0/0/23(D)     GE0/0/24(D)     
100  common  
200  common  

VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------
1    enable  default       enable  disable    VLAN 0001                         
100  enable  default       enable  disable    labnario100                       
200  enable  default       enable  disable    labnario200

As the second step, I want to configure 802.1q trunk between SW1 and SW2 and filter VLANs, which can pass through this trunk (VLAN filtering is optional):

[labnariosw1-GigabitEthernet0/0/10]port link-type trunk
[labnariosw1-GigabitEthernet0/0/10]port trunk allow-pass vlan 100 200

Let’s verify, if our trunk interface is configured correctly:

[labnariosw1]display port vlan 
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    hybrid       1     -                                   
GigabitEthernet0/0/2    hybrid       1     -                                   
GigabitEthernet0/0/3    hybrid       1     -                                   
GigabitEthernet0/0/4    hybrid       1     -                                   
GigabitEthernet0/0/5    hybrid       1     -                                   
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   trunk        1     1 100 200
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -

There is also more specific command:

[labnariosw1]display port vlan GigabitEthernet 0/0/10
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/10   trunk        1     1 100 200

You can also filter VLANs which can pass through the trunk:

[labnariosw1-GigabitEthernet0/0/10]undo port trunk allow-pass vlan 1
[labnariosw1]display port vlan GigabitEthernet 0/0/10
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/10   trunk        1     100 200

As you see, Ge0/0/10 interface is working as a 802.1q trunk. Only VLANs 100 and 200 can pass through this trunk link.

Now we can configure access ports which are connected to PCs:

[labnariosw1]interface GigabitEthernet 0/0/1
[labnariosw1-GigabitEthernet0/0/1]port link-type access
[labnariosw1-GigabitEthernet0/0/1]port default vlan 100
[labnariosw1-GigabitEthernet0/0/1]interface GigabitEthernet 0/0/2
[labnariosw1-GigabitEthernet0/0/2]port link-type access
[labnariosw1-GigabitEthernet0/0/2]port default vlan 200

Let’s verify our VLANs and ports configuration again:

[labnariosw1]display port vlan
Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
GigabitEthernet0/0/1    access       100   -                                   
GigabitEthernet0/0/2    access       200   -                                   
GigabitEthernet0/0/3    hybrid       1     -                                   
GigabitEthernet0/0/4    hybrid       1     -                                   
GigabitEthernet0/0/5    hybrid       1     -                                   
GigabitEthernet0/0/6    hybrid       1     -                                   
GigabitEthernet0/0/7    hybrid       1     -                                   
GigabitEthernet0/0/8    hybrid       1     -                                   
GigabitEthernet0/0/9    hybrid       1     -                                   
GigabitEthernet0/0/10   trunk        1     100 200
GigabitEthernet0/0/11   hybrid       1     -                                   
GigabitEthernet0/0/12   hybrid       1     -                                   
GigabitEthernet0/0/13   hybrid       1     -                                   
GigabitEthernet0/0/14   hybrid       1     -                                   
GigabitEthernet0/0/15   hybrid       1     -                                   
GigabitEthernet0/0/16   hybrid       1     -                                   
GigabitEthernet0/0/17   hybrid       1     -                                   
GigabitEthernet0/0/18   hybrid       1     -                                   
GigabitEthernet0/0/19   hybrid       1     -                                   
GigabitEthernet0/0/20   hybrid       1     -                                   
GigabitEthernet0/0/21   hybrid       1     -                                   
GigabitEthernet0/0/22   hybrid       1     -                                   
GigabitEthernet0/0/23   hybrid       1     -                                   
GigabitEthernet0/0/24   hybrid       1     -   

[labnariosw1]display vlan
The total number of vlans is : 3
--------------------------------------------------------------------------------

U: Up;         D: Down;         TG: Tagged;         UT: Untagged;
MP: Vlan-mapping;               ST: Vlan-stacking;
#: ProtocolTransparent-vlan;    *: Management-vlan;
--------------------------------------------------------------------------------

VID  Type    Ports                
--------------------------------------------------------------------------------
1    common  UT:GE0/0/3(D)      GE0/0/4(D)      GE0/0/5(D)      GE0/0/6(D)      
                GE0/0/7(D)      GE0/0/8(D)      GE0/0/9(D)      GE0/0/10(U)     
                GE0/0/11(D)     GE0/0/12(D)     GE0/0/13(D)     GE0/0/14(D)     
                GE0/0/15(D)     GE0/0/16(D)     GE0/0/17(D)     GE0/0/18(D)     
                GE0/0/19(D)     GE0/0/20(D)     GE0/0/21(D)     GE0/0/22(D)     
                GE0/0/23(D)     GE0/0/24(D)                                     
100  common  UT:GE0/0/1(U)            
             TG:GE0/0/10(U)           
200  common  UT:GE0/0/2(U)            
             TG:GE0/0/10(U)           

VID  Status  Property      MAC-LRN Statistics Description      
--------------------------------------------------------------------------------
1    enable  default       enable  disable    VLAN 0001                         
100  enable  default       enable  disable    labnario100                       
200  enable  default       enable  disable    labnario200

When both switches are configured, we can check if our PCs can ping each other. Remember that PC101 and PC102 are both in a VLAN 100 and PC201 with PC202 are both in a VLAN 200. So let’s start with PC101:

PC101>ping 192.168.100.2

Ping 192.168.100.2: 32 data bytes, Press Ctrl_C to break
From 192.168.100.2: bytes=32 seq=1 ttl=128 time=15 ms
From 192.168.100.2: bytes=32 seq=2 ttl=128 time=32 ms
From 192.168.100.2: bytes=32 seq=3 ttl=128 time=47 ms
From 192.168.100.2: bytes=32 seq=4 ttl=128 time=46 ms
From 192.168.100.2: bytes=32 seq=5 ttl=128 time=16 ms

--- 192.168.100.2 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 15/31/47 ms

PC101>ping 192.168.200.1

Ping 192.168.200.1: 32 data bytes, Press Ctrl_C to break
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable

PC101>ping 192.168.200.2

Ping 192.168.200.2: 32 data bytes, Press Ctrl_C to break
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable
From 192.168.100.1: Destination host unreachable

PC101 can successfully ping PC102 as both are in a VLAN 100. It can not ping PCs 201 and 202 which are configured in VLAN 200. Let’s check connectivity in VLAN 200:

PC201>ping 192.168.200.2

Ping 192.168.200.2: 32 data bytes, Press Ctrl_C to break
From 192.168.200.2: bytes=32 seq=1 ttl=128 time=46 ms
From 192.168.200.2: bytes=32 seq=2 ttl=128 time=16 ms
From 192.168.200.2: bytes=32 seq=3 ttl=128 time=63 ms
From 192.168.200.2: bytes=32 seq=4 ttl=128 time=46 ms
From 192.168.200.2: bytes=32 seq=5 ttl=128 time=47 ms

--- 192.168.200.2 ping statistics ---
  5 packet(s) transmitted
  5 packet(s) received
  0.00% packet loss
  round-trip min/avg/max = 16/43/63 ms

PC201 can successfully ping PC202. It means that our VLANs, trunk and access ports are configured correctly.

As the last step I want to show you, how to configure VLAN interface.

VLAN interface is a Layer3 virtual interface configured on a switch, which belongs to a specific VLAN. It is sometimes called a “SVI” (Switched Virtual Interface). If there is no VLANIF configured, it is not possible to ping any device connected to that VLAN. This is because IP packets must have source IP address to be able to reach remote device and come back to our switch.

I will configure VLANIF 100 on both SW1 and SW2:

[labnariosw1]interface Vlanif 100
[labnariosw1-Vlanif100]ip add 192.168.100.101 255.255.255.0

[labnariosw2]interface Vlanif 100
[labnariosw2-Vlanif100]ip add 192.168.100.102 255.255.255.0

Now I should have full IP connectivity between all my devices configured in VLAN 100. This means that PC101, PC102, SW1 and SW2 can ping each other:

[labnariosw1]ping 192.168.100.1
  PING 192.168.100.1: 56  data bytes, press CTRL_C to break
    Reply from 192.168.100.1: bytes=56 Sequence=1 ttl=128 time=50 ms
    Reply from 192.168.100.1: bytes=56 Sequence=2 ttl=128 time=1 ms
    Reply from 192.168.100.1: bytes=56 Sequence=3 ttl=128 time=20 ms
    Reply from 192.168.100.1: bytes=56 Sequence=4 ttl=128 time=20 ms
    Reply from 192.168.100.1: bytes=56 Sequence=5 ttl=128 time=1 ms

  --- 192.168.100.1 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 1/18/50 ms

[labnariosw1]ping 192.168.100.2
  PING 192.168.100.2: 56  data bytes, press CTRL_C to break
    Reply from 192.168.100.2: bytes=56 Sequence=1 ttl=128 time=60 ms
    Reply from 192.168.100.2: bytes=56 Sequence=2 ttl=128 time=10 ms
    Reply from 192.168.100.2: bytes=56 Sequence=3 ttl=128 time=40 ms
    Reply from 192.168.100.2: bytes=56 Sequence=4 ttl=128 time=40 ms
    Reply from 192.168.100.2: bytes=56 Sequence=5 ttl=128 time=30 ms

  --- 192.168.100.2 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 10/36/60 ms

[labnariosw1]ping 192.168.100.102
  PING 192.168.100.102: 56  data bytes, press CTRL_C to break
    Reply from 192.168.100.102: bytes=56 Sequence=1 ttl=255 time=30 ms
    Reply from 192.168.100.102: bytes=56 Sequence=2 ttl=255 time=50 ms
    Reply from 192.168.100.102: bytes=56 Sequence=3 ttl=255 time=40 ms
    Reply from 192.168.100.102: bytes=56 Sequence=4 ttl=255 time=50 ms
    Reply from 192.168.100.102: bytes=56 Sequence=5 ttl=255 time=40 ms

  --- 192.168.100.102 ping statistics ---
    5 packet(s) transmitted
    5 packet(s) received
    0.00% packet loss
    round-trip min/avg/max = 30/42/50 ms

Leave a Reply

Your email address will not be published. Required fields are marked *