Login
- Table of Contents
-
- 05-Network Connectivity Configuration Guide
- 00-Preface
- 01-About the network connectivity configuration guide
- 02-MAC address table configuration
- 03-Ethernet link aggregation configuration
- 04-VLAN configuration
- 05-Loop detection configuration
- 06-Spanning tree configuration
- 07-LLDP configuration
- 08-Layer 2 forwarding configuration
- 09-VLAN termination configuration
- 10-PPP configuration
- 11-L2TP configuration
- 12-ARP configuration
- 13-IP addressing configuration
- 14-DHCP configuration
- 15-DHCPv6 configuration
- 16-DNS configuration
- 17-NAT configuration
- 18-IP performance optimization configuration
- 19-IPv6 basics configuration
- 20-Policy-based routing configuration
- 21-IPv6 policy-based routing configuration
- 22-GRE configuration
- 23-Tunneling configuration
- 24-Basic IP routing configuration
- 25-IP forwarding basics configuration
- 26-Static routing configuration
- 27-IPv6 static routing configuration
- 28-Multicast overview
- 29-IGMP snooping configuration
- 30-MLD snooping configuration
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 09-VLAN termination configuration | 104.00 KB |
VLAN termination application scenarios
VLAN termination tasks at a glance
Configuring ambiguous QinQ termination
About ambiguous QinQ termination
Configuring ambiguous QinQ termination by specifying the Layer 2 VLAN IDs
Configuring unambiguous QinQ termination
About unambiguous QinQ termination
Configuring unambiguous QinQ termination by specifying the Layer 2 VLAN ID
Enabling a VLAN termination-enabled interface to transmit broadcasts and multicasts
Configuring VLAN termination
About VLAN termination
VLAN termination typically processes packets that include VLAN tags. A VLAN termination-enabled interface performs the following tasks when receiving a VLAN-tagged packet:
1. Assigns the packet to an interface according to its VLAN tags.
2. Removes the VLAN tags of the packet.
3. Delivers the packet to Layer 3 forwarding or other processing pipelines.
Before sending the packet, the VLAN termination-enabled interface determines whether to add new VLAN tags to the packet, based on the VLAN termination type.
VLAN termination can also process packets that do not include any VLAN tags.
This document uses the following VLAN tag concepts for a packet that has two or more layers of VLAN tags:
· Layer 1 VLAN tag—Specifies the outermost layer of VLAN tags.
· Layer 2 VLAN tag—Specifies the second outermost layer of VLAN tags.
The VLAN IDs of the packets are numbered in the same manner as the VLAN tags.
VLAN termination mechanism
VLAN interfaces can terminate the following packets:
· Packets whose outermost VLAN IDs match the configured values.
· Packets whose outermost two layers of VLAN IDs match the configured values.
A VLAN interface terminates only the packets whose outermost VLAN ID is the same as the VLAN interface number. For example, VLAN-interface 10 terminates only the packets with the outermost VLAN tag 10.
VLAN termination application scenarios
Inter-VLAN communication
As shown in Figure 1, Host A is in VLAN 2, Host B is in VLAN 3, and Host C is in VLAN 4. For Host A and Host B to communicate with each other, perform the following tasks:
1. Specify 1.1.1.1/24 and 1.1.2.1/24 as the gateway IP address for Host A and Host B, respectively.
2. On the device, create VLAN-interface 2 and configure the IP address as 1.1.1.1/24, which is the same as the gateway address of Host A. Create VLAN-interface 3 and configure the IP address as 1.1.2.1/24, which is the same as the gateway address of Host B.
VLAN termination by the outermost VLAN ID of packets is automatically performed on VLAN interfaces. For example, when Host A sends a packet to Host B, VLAN-interface 2 removes the VLAN tag from the packet and forwards it to VLAN-interface 3. Then, VLAN-interface 3 tags the packet with VLAN 3 and Host B can receive the packet.
Because the device does not have a VLAN interface to terminate packets from VLAN 4, Host C cannot communicate with Host A or Host B.
Figure 1 Inter-VLAN communication through VLAN interfaces
LAN-WAN communication
Typically, WAN protocols (PPP for example) do not recognize VLAN-tagged packets from LANs. Before packets are sent to a WAN, the sending port must locally record the VLAN information and remove VLAN tags from the packets. To do that, configure VLAN termination on VLAN interfaces.
As shown in Figure 2, a host is located on a customer network and wants to access the WAN network through a PPPoE connection. CVLAN and SVLAN represent the VLAN on the customer network and service provider network, respectively.
To access the WAN network, a packet originating from the host is processed as follows:
1. Layer 2 Switch A adds a CVLAN tag to the packet and sends the packet.
2. Layer 2 Switch B adds an SVLAN tag to the packet on the QinQ-enabled port.
3. The packet is forwarded on the service provider network based on the SVLAN tag.
4. The gateway removes the two layers of VLAN tags from the packet and adds new VLAN tags on the QinQ termination-enabled port.
5. The gateway sends the packet to the WAN.
Figure 2 VLAN termination enables LAN-WAN communication
VLAN termination tasks at a glance
To configure VLAN termination, perform the following tasks:
1. (Required.) Configuring VLAN termination
Choose one of the following tasks:
¡ Configuring ambiguous QinQ termination
¡ Configuring unambiguous QinQ termination
2. (Optional.) Enabling a VLAN termination-enabled interface to transmit broadcasts and multicasts
Perform this task to enable VLAN termination-enabled interfaces to transmit broadcasts and multicasts.
Configuring ambiguous QinQ termination
About ambiguous QinQ termination
Use this feature to terminate QinQ packets whose outermost two layers of VLAN IDs are in the specified range.
When an interface receives a packet, it removes the outermost two layers of VLAN tags from the packet. When the interface sends a packet, it tags the packet with the outermost two layers of VLAN IDs, which are determined as follows:
· For a PPPoE packet, VLAN IDs are from the matching PPPoE session entry.
· For a DHCP relay packet, VLAN IDs are from the matching DHCP relay entry.
Configuring ambiguous QinQ termination by specifying the Layer 2 VLAN IDs
Restrictions and guidelines
After you enable ambiguous QinQ termination on a VLAN interface, Layer 2 Ethernet interfaces bound to the VLAN interface operate as follows:
· Process only packets that match the ambiguous QinQ termination configuration of the VLAN interface.
· Drop any other packets sent to the VLAN interface.
Procedure
1. Enter system view.
system-view
2. Enter VLAN interface view.
interface vlan-interface interface-number
3. Configure ambiguous QinQ termination by specifying the Layer 2 VLAN IDs.
second-dot1q { vlan-id-list | any }
The Layer 1 VLAN ID of the VLAN-tagged packets that can be terminated by the subinterface or VLAN interface is the number of the subinterface or VLAN interface. This Layer 1 VLAN ID is not configurable.
Configuring unambiguous QinQ termination
About unambiguous QinQ termination
Use this feature to terminate QinQ packets whose outermost two layers of VLAN IDs match the specified values.
When an interface receives a packet, it removes the two layers of VLAN tags from the packet. When the interface sends a packet, it tags the packet with two layers of VLAN tags as specified.
Configuring unambiguous QinQ termination by specifying the Layer 2 VLAN ID
Restrictions and guidelines
After you enable unambiguous QinQ termination on a VLAN interface, Layer 2 Ethernet interfaces bound to the VLAN interface operate as follows:
· Process only packets that match the unambiguous QinQ termination configuration of the VLAN interface.
· Drop any other packets sent to the VLAN interface.
Procedure
1. Enter system view.
system-view
2. Enter VLAN interface view.
interface vlan-interface interface-number
3. Configure unambiguous QinQ termination by specifying the Layer 2 VLAN ID.
second-dot1q vlan-id
By default, QinQ termination is disabled on an interface.
The Layer 1 VLAN ID of the VLAN-tagged packets that can be terminated by the subinterface or VLAN interface is the number of the subinterface or VLAN interface. This Layer 1 VLAN ID is not configurable.
Enabling a VLAN termination-enabled interface to transmit broadcasts and multicasts
About this task
This function enables ambiguous QinQ termination-enabled interfaces to transmit broadcasts and multicasts.
To transmit a broadcast or multicast packet, the interface starts a traversal over the VLAN IDs specified for ambiguous termination. It copies the packet and tags each copy with a VLAN ID, until all VLAN IDs in the specified range are traversed. For example, when ambiguous QinQ termination is configured, both layers of VLAN ID ranges are traversed.
Restrictions and guidelines
As a best practice, use the vlan-termination broadcast ra command to enable an ambiguous QinQ termination-enabled interface to transmit RA multicast packets on an IPv6 network. This command prohibits transmission of broadcast packets and other types of multicast packets, and consumes less CPU resources than the vlan-termination broadcast enable command.
Procedure
1. Enter system view.
system-view
2. Enter VLAN interface view.
interface vlan-interface interface-number
3. Enable the interface to transmit broadcasts and multicasts.
¡ Enable the interface to transmit broadcasts and multicasts.
vlan-termination broadcast enable
¡ Enable the interface to transmit only RA multicasts on an IPv6 network.
vlan-termination broadcast ra
By default, an ambiguous Dot1q or QinQ termination-enabled interface does not transmit broadcasts and multicasts.
