Hi,
In this post, we are going to introduce you the example of connecting a terminal to a layer 3 gateway through a layer 2 switch.
Overview
After VLANs are assigned, broadcast packets are only forwarded within the same VLAN. That is, hosts in different VLANs cannot communicate at Layer 2 because VLAN technology isolates broadcast domains. In real-world applications, hosts in different VLANs often need to communicate, so inter-VLAN communication needs to be implemented to resolve this. Layer 3 routing or VLAN technology is required to implement inter-VLAN communication.
Huawei provides a variety of technologies to implement inter-VLAN communication. The following two technologies are commonly used:
VLANIF interface
A VLANIF interface is a Layer 3 logical interface. You can configure an IP address for a VLANIF interface to implement inter-VLAN Layer 3 communication.
Dot1q termination sub-interface
Similar to a VLANIF interface, a sub-interface is also a Layer 3 logical interface. You can configure dot1q termination and an IP address for a sub-interface to implement inter-VLAN Layer 3 communication.
Inter-VLAN communication through a dot1q termination sub-interface is used in scenarios where an Ethernet interface connects to many VLANs. Because data flows from different VLANs preempt the bandwidth of the primary Ethernet interface, communication bottlenecks may occur when the network is busy.
The VLANIF interface and Dot1q termination sub-interface can only allow hosts on different network segments in different VLANs to communicate, whereas super-VLAN (VLAN aggregation) and the VLAN Switch function allow hosts on the same network segment in different VLANs to communicate.
Configuration Notes
Only E series cards, X series cards, F series cards, SC cards among S series of the S7700&S9700 support the termination sub-interface. For details, see the card classification in Hardware Description.
X1E cards among X series support the termination sub-interface in V200R007C00 and later versions.
For Layer 2 interfaces, only hybrid and trunk interfaces support termination sub-interfaces.
The VLAN IDs terminated by a sub-interface cannot be created in the system view or be displayed.
When IP packets need to be sent out from the termination sub-interface and there is no corresponding ARP entry on the device. If ARP broadcast is not enabled on the termination sub-interface through the command arp broadcast enable, the system does not send or forward broadcast ARP packets to learn ARP entries. In this case, the IP packets are discarded directly.
This example applies to all versions of the modular switches.
Networking Requirements
In Figure 6-16, Host A and Host B belong to the R&D department, and Host C and Host D belong to the quality department. The two departments are connected through a Layer 2 switch and require Layer 2 isolation and Layer 3 connectivity.
Figure 6-16 Networking for connecting a terminal to a Layer 3 gateway through a Layer 2 switch 
Configuration Roadmap
The configuration roadmap is as follows:
Configure interface-based assignment on the Layer 2 switch to implement Layer 2 isolation.
Configure sub-interface termination on the Layer 3 switch to implement Layer 3 connectivity.
Procedure
Configure Layer 2 switch SwitchA.
# Create VLANs.
<HUAWEI> system-view [HUAWEI] sysname SwitchA //Change the device name to SwitchA for easy identification. [SwitchA] vlan batch 2 to 3 //Create VLAN 2 and VLAN 3 in a batch.
# Add the interface connected to the host to VLANs.
[SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type access //Configure the interface connected to the PC as the access interface. [SwitchA-GigabitEthernet1/0/1] port default vlan 2 //Add Host A to VLAN 2. [SwitchA-GigabitEthernet1/0/1] quit [SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] port link-type access [SwitchA-GigabitEthernet1/0/2] port default vlan 2 //Add Host B to VLAN 2. [SwitchA-GigabitEthernet1/0/2] quit[SwitchA] interface gigabitethernet 1/0/3 [SwitchA-GigabitEthernet1/0/3] port link-type access //Configure the interface connected to the PC as the access interface. [SwitchA-GigabitEthernet1/0/3] port default vlan 3 //Add Host C to VLAN 3. [SwitchA-GigabitEthernet1/0/3] quit [SwitchA] interface gigabitethernet 1/0/4 [SwitchA-GigabitEthernet1/0/4] port link-type access [SwitchA-GigabitEthernet1/0/4] port default vlan 3 //Add Host D to VLAN 3. [SwitchA-GigabitEthernet1/0/4] quit
# Enable the interface connected to the Layer 3 switch to transparently transmit packets from a specified VLAN.
[SwitchA] interface gigabitethernet 1/0/5 [SwitchA-GigabitEthernet1/0/5] port link-type trunk //Configure the interface connected to the switch as the trunk interface. [SwitchA-GigabitEthernet1/0/5] port trunk allow-pass vlan 2 to 3 //Add the interface to VLAN 2 and VLAN 3. [SwitchA-GigabitEthernet1/0/5] quit
Configure Layer 3 switch SwitchB.
<HUAWEI> system-view [HUAWEI] sysname SwitchB //Change the device name to SwitchB. [SwitchB] interface gigabitethernet 1/0/1 [SwitchB-GigabitEthernet1/0/1] port link-type hybrid //In V200R005 earlier versions, you do not need to manually configure the link type of the interface to hybrid. [SwitchB-GigabitEthernet1/0/1] quit [SwitchB] interface gigabitethernet 1/0/1.1 //Create a sub-interface and enter the sub-interface view. [SwitchB-GigabitEthernet1/0/1.1] dot1q termination vid 2 //Set the VLAN ID for dot1q termination on GE1/0/1.1 to VLAN 2. [SwitchB-GigabitEthernet1/0/1.1] ip address 1.1.1.1 24 [SwitchB-GigabitEthernet1/0/1.1] arp broadcast enable //A termination sub-interface directly discards broadcast packets, so the sub-interface needs to be configured to forward ARP broadcast packets. [SwitchB-GigabitEthernet1/0/1.1] quit [SwitchB] interface gigabitethernet 1/0/1.2 //Create a sub-interface and enter the sub-interface view. [SwitchB-GigabitEthernet1/0/1.2] dot1q termination vid 3 //Set the VLAN ID for dot1q termination on GE1/0/1.2 to VLAN 3. [SwitchB-GigabitEthernet1/0/1.2] ip address 2.2.2.1 24 [SwitchB-GigabitEthernet1/0/1.2] arp broadcast enable [SwitchB-GigabitEthernet1/0/1.2] quit
Verify the configuration.
Configure the IP address 1.1.1.2/24 for Host A and the default gateway address as the IP address 1.1.1.1.1/24 of GE1/0/1.1.
Configure the IP address 1.1.1.3/24 for Host B and the default gateway address as the IP address 1.1.1.1.1/24 of GE1/0/1.1.
Configure the IP address 2.2.2.2/24 for Host C and the default gateway address as the IP address 2.2.2.1/24 of GE1/0/1.2.
Configure the IP address 2.2.2.3/24 for Host D and the default gateway address as the IP address 2.2.2.1/24 of GE1/0/1.2.
After the configuration is complete, Host A, Host B, Host C, and Host D can ping each other and communicate at Layer 3.
Configuration Files
Switch A configuration file
# sysname SwitchA # vlan batch 2 to 3 # interface GigabitEthernet1/0/1 port link-type access port default vlan 2 # interface GigabitEthernet1/0/2 port link-type access port default vlan 2 # interface GigabitEthernet1/0/3 port link-type access port default vlan 3 # interface GigabitEthernet1/0/4 port link-type access port default vlan 3 # interface GigabitEthernet1/0/5 port link-type trunk port trunk allow-pass vlan 2 to 3 # return
Switch B configuration file
# sysname SwitchB #interface GigabitEthernet1/0/1 port link-type hybrid #interface GigabitEthernet1/0/1.1 dot1q termination vid 2 ip address 1.1.1.1 255.255.255.0 arp broadcast enable # interface GigabitEthernet1/0/1.2 dot1q termination vid 3 ip address 2.2.2.1 255.255.255.0 arp broadcast enable # return
See more please click:
S2700, S3700, S5700, S6700, S7700, and S9700 Series Switches Typical Configuration Examples
