How to Configure Virtual LAN on S5300 Serirs VLAN Switches?
VLAN Introduction
A VLAN (Virtual Local Area Network) is a group of end stations configured to communicate as if they are in the same link. However, physically they may be in one or different LAN segments. In other words, One can use VLAN to segment the network into logically separate units at the data link layer or layer 2. For instance, there are VLAN 1, VLAN2 and VLAN 3, the devices in the the same VLAN can communicate with each other even if they are physically located in different LAN segments.
The segmentation of VLANs is based on logical connection considering specific functions or applications instead of a physical LAN.
Each switch port may belong to a VLAN with broadcast segments. The unicast, broadcast and multicast packets are sent to the dedicated end station ports in the same VLAN. Network operators should configure a VLAN interface or switched virtual interface (SVI) in layer 3 for each VLAN to communicate across VLANs. A router or bridge should be used to forward packets to end station ports in different VLANs.
Dot1Q Introduction
Dot1Q (IEEE 802.1Q) is a networking standard supporting VLAN on the IEEE 802.3 Ethernet network. Essentially, it wraps the VLAN tag of a private network with that of a public network. This double-tagged packet travels through the ISP's backbone network, creating a relatively simple Layer 2 (L2) VPN tunnel for users. The Dot1Q Tunnel protocol is straightforward to manage. It doesn't rely on signaling support and is commonly used in enterprise networks with L3 switches or small-scale Metropolitan Area Networks (MANs).
Switches with Dot1Q Tunnel capability are well-suited for this purpose. This feature is ideal for users who need an affordable and compact Layer 2 VPN solution. It's becoming increasingly popular among small-scale users requiring VPN networks. Importantly, within the carrier's network, the P device doesn't have to support the Dot1Q Tunnel function. This means traditional L3 switches can fully meet the requirements, providing cost savings for the carrier.
VLAN Configuration Guide
Adding or Deleting VLANs
To configure VLAN, run the following Commands. The first step is to create VLANs. GVRP protocol can be used to dynamically add or delete the VLAN.
Configuring the Port to VLAN of the Switch
Once you have created the VLANs in the first step, now that you should configure the ports to the assigned VLAN. The following commands show you how to configure switch port to VLAN on S5300 series layer 2 switches. Each port has a default VLAN and PVID
By the way, the switch ports support five modes: the access mode, the relay mode, the VLAN tunnel mode, the VLAN translating mode and the VLAN tunnel uplink mode.
The access mode indicates that the port belongs to just one VLAN; only the untagged Ethernet frame can be transmitted and received.
The relay mode can group ports to multiple VLANs and configure the packet types to be forwarded and the quantity of VLANs (tagged Ethernet frame).
The VLAN translating tunnel mode is a sub-mode based on the relay mode. The port looks up the VLAN translation table according to the VLAN tag of received packets to obtain the corresponding SPVLAN, and then the switching chip replaces the original tag with SPVLAN or adds the SPVLAN tag to the outside layer of the original tag. When the packets is forwarded out of the port, the SPVLAN will be replaced by the original tag or the SPVLAN tag will be removed mandatorily. Hence, the switch omits different VLAN partitions that access the network and then passes them without change to the other subnet that connects the other port of the same client, realizing transparent transmission.
The VLAN tunnel uplink mode is a sub-mode based on the relay mode. The SPVLAN should be set when packets are forwarded out of the port. When the port receives the packets, their TPIDs will be checked. If a difference occurs or they are untagged packets, the SPVLAN tag which contains their own TPID will be added to them as their outer-layer tag. When the port receives the packets, their TPIDs will be checked. If a difference occurs or they are untagged packets, the SPVLAN tag which contains their own TPID will beadded to them as their outer-layer tag.
Creating or Deleting the VLAN Interface
You need to create a VLAN interface to designate the IP address
and mask for network management or layer 3 routing. This VLAN interface can be used as the centralized outlet when different VLANs need to communicate.
Monitoring the VLAN Configuration and State
Run the following commands in EXEC mode to monitor the configuration and state of VLAN and Dot1Q tunnel.
Enabling or Disabling Dot1Q Tunnel Globally
The following command can enable Dot1Q-tunnel globally. After it is enabled, all the switch ports will work as the downlink ports of the Dot1Q tunnel by default and put the SPVLAN tag on the incoming packets.
All QSFPTEK managed switches with VLAN supports. the exact steps may vary from serie. This VLAN switch configuration guide is a concise version based on the S5300 series layer 2 switches. If you want to learn more about configuring VLANs or any other software features on QSFPTEK switches. Please check the configuration and commands manual on the dedicated switch product page.