H3c-technologies H3C WX5500E Series Access Controllers Bedienungsanleitung Seite 149
- Seite / 221
- Inhaltsverzeichnis
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
138
Configuring isolate-user-VLANs
An isolate-user-VLAN uses a two-tier VLAN structure. In this approach, both an isolate-user-VLAN and
secondary VLANs are configured on the same device.
The isolate-user-VLAN implementation delivers the following benefits:
• Isolate-user-VLANs are mainly used for upstream data exchange. An isolate-user-VLAN can be
associated with multiple secondary VLANs. Because the upstream device identifies only the
isolate-user-VLAN and not the secondary VLANs, network configuration is simplified and VLAN
resources are saved.
• You can isolate Layer 2 traffic from different users by assigning ports connected to them to different
secondary VLANs. To enable communication between secondary VLANs associated with the same
isolate-user-VLAN, you can enable local proxy ARP on the upstream device (such as Device A
in Figure 41) to r
ealize Layer 3 communication between the secondary VLANs.
As shown in Figure 41,
the isolate-user-VLAN function is enabled on Device B. VLAN 10 is the
isolate-user-VLAN. VLAN 2, VLAN 5, and VLAN 8 are secondary VLANs associated with VLAN 10 and
are invisible to Device A.
Figure 41 An isolate-user-VLAN example
Configuration restrictions and guidelines
When you configure an isolate-user-VLAN, follow these guidelines:
• To enable users in the isolate-user-VLAN to communicate with other networks at Layer 3, configure
VLAN interfaces for the isolate-user-VLAN and the secondary VLANs, and configure the gateway IP
address for the isolate-user-VLAN interface (you do not need to configure IP addresses for the
secondary VLAN interfaces).
• You cannot configure the member port of a service loopback group as the uplink or downlink port
of an isolate-user-VLAN. For more information about the service loopback group, see "Configuring
se
rvice loopback groups."
• The port isolate-user-vlan vlan-list trunk promiscuous command and the port isolate-user-vlan
vlan-id promiscuous command are mutually exclusive. The two commands are different as follows:
{ The former configures a port to permit packets from multiple isolate-user-VLANs to pass through.
- H3C WX5540E Access Controller 1
- Switching Engine 1
- Preface 3
- Symbols 4
- Network topology icons 4
- Port numbering in examples 4
- Obtaining documentation 5
- Technical support 5
- Documentation feedback 5
- Contents 6
- Switch A Switch B 14
- Switch C 14
- Enabling auto power-down 17
- Bulk configuring interfaces 30
- Configuring MAC Information 39
- Operational key 44
- Configuration classes 44
- Reference port 44
- Link aggregation modes 45
- Choosing a reference port 46
- Configuring port isolation 63
- STP protocol packets 65
- Basic concepts in STP 66
- Path cost 67
- STP timers 71
- MSTP features 73
- MSTP basic concepts 73
- MST region 74
- Regional root 75
- Common root bridge 75
- Port roles 75
- How MSTP works 76
- STP configuration task list 78
- RSTP configuration task list 79
- PVST configuration task list 80
- MSTP configuration task list 81
- Configuring an MST region 82
- Configuring edge ports 89
- Performing mCheck 96
- Configuring digest snooping 97
- <DeviceB> system-view 99
- Configuration prerequisites 100
- Configuration procedure 100
- Configuration example 101
- Enabling BPDU guard 101
- Enabling root guard 102
- Enabling loop guard 102
- Enabling TC-BPDU guard 103
- Enabling BPDU drop 104
- MSTP configuration example 105
- PVST configuration example 109
- Configuring BPDU tunneling 113
- Enabling BPDU tunneling 116
- Network requirements 117
- Configuring VLANs 120
- VLAN frame encapsulation 121
- VLAN types 122
- Protocols and standards 122
- Configuring port-based VLANs 125
- Frame handling on a port 126
- Verifying the configuration 130
- Configuring MAC-based VLANs 131
- Configuration considerations 136
- Configuration guidelines 142
- Task Command 143
- Remarks 143
- Configuring super VLANs 144
- Name: VLAN 0005 148
- Tagged Ports: none 148
- Untagged Ports: 148
- Configuring voice VLANs 158
- VLAN assignment mode 162
- Configuring GVRP 169
- GARP timers 170
- GARP PDU format 171
- Introduction to GVRP 172
- GVRP registration modes 172
- GVRP configuration task list 173
- Configuring GVRP functions 173
- Configuring the GARP timers 174
- GVRP configuration examples 176
- Configuring LLDP 181
- LLDPDUs 182
- LLDP-MED TLVs 184
- Working mechanism 185
- LLDP configuration task list 186
- Enabling LLDP polling 188
- Configuring LLDP trapping 193
- LLDP configuration examples 194
- Overview 199
- Configuring MVRP 203
- MRP messages 204
- MRP timers 205
- MVRP configuration task list 206
- Enabling MVRP 207
- Configuring MRP timers 208
- Enabling GVRP compatibility 209
- Configuring Device B 212
- Configuring Device C 213
- Configuring Device D 214
- 1(default), 10 219
Verwandte Produkte und Handbücher für Router H3c-technologies H3C WX5500E Series Access Controllers
(4 Seiten)
(18 Seiten)© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.026 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern