Can an interface on an S series switch learn the MAC address entries in a VLAN if the interface is not added to the VLAN

10

For S series switches (except the S1700), if an interface is not added to a VLAN, the interface does not learn the MAC address entries in the VLAN.

Other related questions:
How to bind the IP address, MAC address, and interface
The Switch implements binding between an interface and a MAC address through the traffic policy and DHCP snooping. Then the interface allows only the packets with the bound MAC address and packets matching the DHCP snooping binding table to pass through. The Switch does support binding of IP address + MAC address + interface. For example, to configure Ethernet 0/0/1 to allow only the packets with the source MAC address being 0-02-02 apart from of the packets matching the DHCP snooping binding table, and discard other packets, do as follows: # Enable DHCP snooping globally. [HUAWEI] dhcp snooping enable# Create an ACL that permits only the packets with the source MAC address being 0-02-02. [HUAWEI] acl 4000 [HUAWEI-acl-L2-4000] rule permit source-mac 0-02-02 ffff-ffff-ffff [HUAWEI-acl-L2-4000] rule deny# Create a traffic classifier that matches ACL 4000. [HUAWEI] traffic classifier c1 [HUAWEI-classifier-c1] if-match acl 4000# Create a traffic behavior and a traffic policy. [HUAWEI] traffic behavior b1 [HUAWEI-behavior-b1] permit [HUAWEI] traffic policy p1 [HUAWEI-trafficpolicy-p1] classifier c1 behavior b1# Apply the traffic policy to Ethernet 0/0/1 so that the interface allows only the packets with the source MAC address 0-02-02 to pass through apart from of the packets matching the DHCP snooping binding table. In V100R005C00 and later versions, the configuration is as follows: [HUAWEI] interface Ethernet 0/0/1 [HUAWEI-Ethernet0/0/1] port default vlan 4094 [HUAWEI-Ethernet0/0/1] ip source check user-bind enable [HUAWEI-Ethernet0/0/1] traffic-policy p1 inbound

Why Is one MAC address learned in multiple VLANs on S series switch
On S series switches (except S1700), MAC addresses are learned based on MAC addresses+VLANs. If multiple VLANs receive packets with the same MAC address, these VLANs will learn the same MAC address.

Which VLAN does the interface enabled with VLAN mapping or QinQ obtain through MAC address learning
The VLAN mapping or QinQ implementation is prior to the MAC address learning. Thus, after the VLAN mapping or QinQ implementation, the interface obtains the outer VLAN through MAC address learning.

MAC-based VLAN assignment on S series switch
Example of configuring MAC address-based VLAN assignment for S series switches (except S1700 switches): 1. Configuration roadmap 1). Create a VLAN and determine the VLAN to which employees belong. 2). Configure the modes in which interfaces are added to the VLAN, so that the interfaces allow packets of the VLAN to pass through. 3). Associate the MAC address with the VLAN, so that the switch can determine the VLAN to which received packets belong according to the source MAC address in the packets. 2. Configuration procedure [HUAWEI] vlan batch 10 //Create a VLAN. [HUAWEI] interface gigabitethernet 0/0/1 [HUAWEI-GigabitEthernet0/0/1] port link-type hybrid [HUAWEI-GigabitEthernet0/0/1] port hybrid tagged vlan 10 //Add an uplink interface to the VLAN in tagged mode. [HUAWEI-GigabitEthernet0/0/1] quit [HUAWEI] interface gigabitethernet 0/0/2 [HUAWEI-GigabitEthernet0/0/2] port link-type hybrid [HUAWEI-GigabitEthernet0/0/2] port hybrid untagged vlan 10 //Add a downlink interface to the VLAN in untagged mode. [HUAWEI-GigabitEthernet0/0/2] quit [HUAWEI] vlan 10 [HUAWEI-vlan10] mac-vlan mac-address 22-22-22 //Associate the PC's MAC address with VLAN 10. [HUAWEI-vlan10] quit [HUAWEI] interface gigabitethernet 0/0/2 [HUAWEI-GigabitEthernet0/0/2] mac-vlan enable //Enable MAC address-based VLAN assignment on the downlink interface. [HUAWEI-GigabitEthernet0/0/2] quit

How do I verify that an interface is added to a VLAN

Run the display vlan vlan-id command and verify that the interface is listed in the command output.

For example, interface Ethernet2/0/0 is added to VLAN 10.

 display vlan 10
* : management-vlan
---------------------
VLAN ID Type         Status   MAC Learning Broadcast/Multicast/Unicast Property 
--------------------------------------------------------------------------------
10      common       enable   enable       forward   forward   forward default
-------------------
Untagged      Port: Ethernet2/0/0
-------------------
Active Untag  Port: Ethernet2/0/0
-------------------
Interface                   Physical
Ethernet2/0/0               UP

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top