VLAN assignment modes:

?  Port-based VLAN assignment: VLAN IDs are assigned based on switch ports. The configuration is simple, and this mode applies to various scenarios.

?  MAC address-based VLAN assignment: VLAN IDs are assigned based on source MAC addresses of packets. This mode applies to scenarios where users positions change frequently.

?  IP subnet-based VLAN assignment: VLAN IDs are assigned based on source IP addresses of packets. This mode applies to scenarios where hosts on the same network segment are managed uniformly.

?  Protocol-based VLAN assignment: VLAN IDs are assigned based on protocol types of packets. This mode applies to scenarios where hosts with the same applications or services are managed uniformly.

?  Policy-based VLAN assignment: VLAN IDs are assigned based on policies such as source MAC addresses, source IP addresses, and port number of packets. This mode applies to scenarios demanding high security.

Among the preceding VLAN assignment modes, port-based VLAN assignment is often used and its configuration is the most simplest. Before configure port-based VLAN assignment, lets review common link types of ports.

Access port: connects a switch to a PC.

Trunk port: connects switches.

Hybrid port: connects a switch to a PC or connects switches. The hybrid port is often used when a switch connects to a PC through a hub or switches are connected through a hub.

Lets move to port-based VLAN assignment configuration.

Scenario 1: Two PCs connect to a switch. How the hosts are isolated using port-based VLAN assignment?

?  How are PCs isolated using VLAN assignment? Add ports to different VLANs. For example, GE0/0/1 and GE0/0/2 as access ports join VLAN 10 and VLAN 20 respectively.

?  The two PCs in different VLANs cannot communicate with each other.

 

Scenario 2: Four PCs connect to switches. How do we implement isolation and interworking of the PCs using port-based VLAN assignment?

By default, the four PCs belong to the same network segment and can be pinged mutually. Assume that PC1 and PC2 belong to the same department, and PC3 and PC4 belong to the same department. How do we implement interworking of the same department and between departments using port-based VLAN assignment?

?  PC1 and PC2 of the same department are added to VLAN 100. GE0/0/1 ports on Switch 1 and Switch 2 join VLAN 100 as access ports.

?  PC3 and PC4 of the same department are added to VLAN 200.

?  GE0/0/3 ports on Switch 1 and Switch 2 join VLAN 200 as trunk ports.

?  PC1 and PC2 in the same department can communicate, and PC3 and PC4 in different departments cannot communicate.

To improve the post you should include the simulation file along with configuration script. 

Peace

Faisal.

It would be very nice.

Thank you for your advice.

Different product configuration method is different, We give a general configuration method for the switch product, which is used for studying.

 

For Scenario 1

 

For Scenario 2

 

 

 

 

Thank you !