VLAN Basic

Principle and
Configuration
www.huawei.com

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved.

 Foreword
 Virtual local area network (VLAN) introduces flexible control
methods into Ethernet, which is widely used in the actual
network.

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page1
 Objectives
 Upon completion of this course, you will be able to:
 Know The Background of VLAN Generation

 Know The Generation of VLAN Tag

 Describe Application rule of VLAN tag

 Understand VLAN Configuration

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page2
 Contents
1. VLAN Overview

2. VLAN Communication Principle

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page3
VLAN Generation
 The Ethernet lacks in forwarding control methods .

B C
A

User ：I do not want

Administrator：B can
to receive broadcast
not access A
packet from C

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page4
The Aim of VLAN

Group 2
Group 1

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page5
 VLAN Tag

6B 6B 2B 64-1500B 4B
DA SA TYPE DATA FCS Untagged frame

6B 6B 4B 2B 64-1500B 4B
DA SA TAG TYPE DATA FCS Tagged frame

2B 2B

C
0x8100 PRI F VLAN ID（12b）
I

TPID TCI

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page6
 Classification of VLANs
 Classification methods of VLANs ：
 Classification of VLANs based on port numbers

 Classification of VLANs based on MAC addresses

 Classification of VLANs based on IP subnets

 Classification of VLANs based on protocols

 Classification of VLANs based on policies (MAC addresses, IP

addresses, and interfaces)

 At present, the classification of VLANs based on port

numbers is most commonly used.

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page7
 How to Generate VLAN Tag

Port PVID
Port 1 Port 10 Port1 5
Port 2 Port 7
Port2 10
…… ……
Port7 5
…… ……
Port10 10
Host A Host C
Host B Host D

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page8
Advantages of VLAN

 Compared to the traditional LAN technology, the VLAN has the

following advantages:
 Improve the bandwidth utilization rate

 Enhance the communication security

 Strengthen the network robustness

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page9
 Contents
1. VLAN Overview

2. VLAN Communication Principle

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page10
Link Types of VLAN

Trunk-Link
Switch-A Switch-B

Access-Link

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page11
Port Link Types of VLAN

 Port types
 Access Port

 Trunk Port

 Hybrid Port

 QinQ Port (dot1q tunnel)

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page12
Access Port

 Access port receives an

 Untagged frame, Switch adds a VLAN tag with

PVID to the frame.

 Tagged frame, Switch discards the tagged frame

regardless of its VLAN ID

 Access port sends the frame after VLAN tag is removed.

Receive

PVID:10 Access

Send

Access

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page13
Trunk Port
 Trunk port receives
 Untagged frame, Switch adds a VLAN tag with PVID to the frame if PVID is
permitted by the port.

 Tagged frame, Switch accepts the frame if its VLAN ID is permitted by the
port. Else, it is denied.

 Trunk port sends

 If its VLAN ID = PVID and the VLAN ID is permitted by the port, Switch
removes VLAN tag and sends the frame.

 If its VLAN ID ≠ PVID but the VLAN ID is permitted by the port, Switch
sends the frame directly without removing the VLAN tag.

Receive

PVID:10 Trunk
Send
PVID:20 Trunk

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page14
Hybrid Port
 Hybrid port receives
 Untagged frame, Switch adds a VLAN tag with PVID to the frame if PVID is permitted
by the port.

 Tagged frame, Switch accepts the frame if its VLAN ID is permitted by the port. Else, it
is denied.

 Hybrid port sends the frame

 If the interface is added to the VLAN in untagged mode, Switch removes the VLAN tag
and send the frame

 If the interface is added to the VLAN in tagged mode, Switch directly sends the frame .

tagged vlan 10 20 send

PVID:20 Hybrid
untagged vlan 10 20 send
PVID:10 Hybrid

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page15
QinQ Port
 QinQ interface receives
 An untagged frame, Switch adds a VLAN tag with PVID to the frame if PVID is
permitted by the port

 A tagged frame, Switch adds second VLAN tag or outer tag

 QinQ interface sends the frame

 Switch removes the outer tag with the default VLAN ID and
sends the packets
Receive

PVID:10 Access

Send

PVID:20 Access

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page16
 Principle of VLAN Communication
VLAN3

Switch-A Switch-B
GE1/0/4 GE1/0/2 GE1/0/1 GE1/0/3
2

VLAN2

Host A Host B

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page17
 Basic Principle of VLAN Communication
•Port Type •Method of Processing •Method of Processing •Frame Sending
Untagged Frames Tagged Frames

•Access Accepts an untagged frame and
adds a tag with the default VLAN
ID to the frame.
•Accepts a tagged frame if the After the PVID tag is stripped, the frame
VLAN ID carried in the frame is
the same as the default VLAN
ID.
•Discards a tagged frame if the
VLAN ID carried in the frame is
different from the default VLAN
ID.

•Trunk Adds a tag with the default
VLAN ID to an untagged frame
and accepts the frame if the port
permits the default VLAN ID.
Adds a tag with the default
VLAN ID to an untagged frame
and discards the frame if the
port denies the default VLAN ID.
•Hybrid
Accepts a tagged frame if the
VLAN ID carried in the frame
is permitted by the port.
Discards a tagged frame if the
VLAN ID carried in the frame
is denied by the port.
Removes the tag and then sends a received frame if
the VLAN ID carried in the frame is the same as the
default VLAN ID and the VLAN ID is permitted by the
port.
Directly sends a received frame if the VLAN ID carried
in the frame is different from the default VLAN ID but
the VLAN ID is permitted by the port.
Sends a received frame if the VLAN ID carried in the
frame is permitted by the port. The port can be
configured with a specified command to determine
whether or not it sends frames with tags.

•QinQ QinQ ports are enabled with the IEEE 802.1QinQ protocol. A QinQ port adds a tag to a single-tagged frame, and thus
supports a maximum of 4094 x 4094 VLAN tags, which meets the requirement of a Metropolitan Area Network (MAN) for the
number of VLANs.

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page18
Configure Access Port Attribute

Port-0/1 : VLAN-3 SWA Port-0/2 : VLAN-5

\\configure port type

[Switch-Ethernet0/1]port link-type access
[Switch-Ethernet0/2]port link-type access

\\create VLAN
[Switch]vlan 3
[Switch]vlan 5

\\set port PVID

[Switch-Ethernet0/1]port default vlan 3
[Switch-Ethernet0/2]port default vlan 5

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page19
Configure Trunk Port Attribute
SWA SWB
Port-0/3 Port-0/3

\\create VLAN
[Switch]vlan 3

\\configure port type

[Switch-Ethernet0/3]port link-type trunk

\\configure Trunk-Link port PVID

[Switch-Ethernet0/3]port trunk pvid vlan 3

\\configure VLAN permitted by Trunk-Link（permitted VLAN）

[Switch-Ethernet0/3]port trunk allow-pass vlan 5

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page20
Configure Hybrid Port
Port-1/0/24
Port-2/0/0

Port-1/0/1

[Quidway-Ethernet1/0/1]port link-type hybrid

[Quidway-Ethernet1/0/1]port hybrid pvid vlan 2
[Quidway-Ethernet1/0/1]port hybrid untagged vlan 2

[Quidway-Ethernet1/0/24]port link-type hybrid

[Quidway-Ethernet1/0/24]port hybrid pvid vlan 3
[Quidway-Ethernet1/0/24]port hybrid untagged vlan 3

[Quidway-Ethernet2/0/0]port link-type hybrid

[Quidway-Ethernet2/0/0]port hybrid pvid vlan 99
[Quidway-Ethernet2/0/0]port hybrid untagged vlan 2 to 3

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page21
Configure QinQ Port

SWA SWC SWD SWB

Port-1/0/1 Port-1/0/24 Port-1/0/1

Port-1/0/24
Vlan 10 Vlan 20 Vlan 20 Vlan 10

[SWC-Ethernet1/0/1]port link-type dot1q-tunnel

[SWC-Ethernet1/0/1] port default vlan 20

[SWC-Ethernet1/0/24]port link-type trunk

[SWC-Ethernet1/0/24]port trunk allow-pass vlan 20

Copyright © 2018 Huawei Technologies Co., Ltd. All rights reserved. Page22
Thank you
www.huawei.com