Got it

VLAN communicates with each other through VLANif

Latest reply: Feb 28, 2020 17:25:26 85 1 2 0

Hi, everyone! Today I’m going to introduce you summary of learning between vlans through vlanif.


Understanding of vlanif:

The Vlanif port is a Layer 3 logical port that can be assigned an IP address and has the following functions:

(1) Layer 2 communicates with the broadcast domain of the vlan to which it belongs.

(2) Layer 3 is forwarded through the routing table.


1


Principle experiment

1. Experimental networking


2


2. Process analysis

Ping PC2 on PC1, and analyze the entire communication process by capturing packets:


3


(1) PC1

1) When PC1 assembles the packet when pinging 192.168.20.1, the destination IP is not on the same network segment as its own IP, so PC1 sends the packet to its own gateway for the gateway to continue forwarding. The communication sent by PC1 to the gateway belongs to Layer 2 communication on the same network segment, so the destination mac address needs to be filled in the gateway's mac address.

 

2) In the initial situation, PC1 does not know the MAC of the gateway, so PC1 first requests the MAC of the gateway through ARP broadcast. / 0/1, and saved in the arp table), as shown in the figure below:


4


According to the networking information, the gateway of PC1 is configured on vlanif10 of SW1. You can see from the message in the figure below that vlanif10 unicasted an ARP response to PC1:


5


Note: Since vlanif10 is a logical port, the MAC address returned to PC1 is the mac address of the physical port connected to PC1:


6


After knowing the MAC of the gateway, PC1 sends the encapsulated packet to port 0/0/1 of SW1:


7


(2) SW1

After receiving the packet from PC1 on port 0/0/1 of SW1, it is a VLAN 10 access port. Therefore, this packet is tagged with vlan 10 to enter SW1. Look at the second layer of the message, and find that the destination mac is its own, so after disassembling the second layer message, check the third layer packet header. The destination ip is not on the network segment to which the broadcast domain belongs, and the third layer forwarding is required. The text is forwarded to vlanif10 in this broadcast domain.

 

Vlanif10 is equivalent to a Layer 3 sub-interface with an IP address of 192.168.10.254. It allows traffic carrying vlan 10 tags to enter and strips the tags.


8


Vlanif10 searches the routing table of the Layer 3 switch as follows according to the destination IP of the packet. It is found that the route to the destination IP needs to be sent from vlanif99, and the next hop is 192.168.99.2.


9


Then SW1 forwards the packet from vlanif10 to vlanif99. Vlanif99 and the next hop IP belong to Layer 2 communication. Initially SW1 does not know the MAC corresponding to this IP, so it sends an ARP broadcast request to obtain its MAC address. At the same time, SW1 learns the MAC address. Correspondence with the port and record it. According to the figure below, the returned MAC address is the MAC address of port 0/0/2 of SW2.


10


11


Vlanif99 re-encapsulates the Layer 2 packet header (the source mac is the MAC of port 0/0/2 of SW1, the destination mac is the mac of port 0/0/2 of SW2, and the layer 3 packet header remains unchanged), The tag of vlan 99 is sent to the 0/0/2 port of SW1 for transmission. Since the 0/0/2 port of SW1 is the access port, the tag of vlan 99 is stripped and sent to the 0/0/2 port of SW2.

 

(3) SW2

The 0/0/2 port of SW2 is the access port. After receiving the packet, enter the tag of vlan 99 to enter SW2. Since the destination IP address of the third layer is not the network segment to which the broadcast domain belongs, SW2 will send the packet to vlanif99 for forwarding (When the packet reaches vlanif99, the vlan tag has been removed).

 

Vlanif99 searches the routing table of SW2 according to the destination IP of the packet, and obtains that the interface to the destination IP is vlanif20 and the next hop is 192.168.20.254.


12

The vlanif99 of SW2 forwards the packet to vlanif20, and vlanif20 checks that the destination IP is not itself, but is on the same network segment as itself, so it sends an ARP broadcast requesting the MAC address of the destination IP, as shown in the figure below:


13

After PC2 received the ARP broadcast, it unicasted to vlanif20's own MAC address. At the same time, SW2 learned from this message that the physical port corresponding to the mac of PC2 was 0/0/1.

 

SW2 re-encapsulates the packet's Layer 2 header (the source mac is SW2's 0/0/1 port mac, the destination mac is PC2's mac, and the source and destination IPs of the layer 3 header are unchanged), and the packet is vlanif20 to vlan The 20 tag is handed to port 0/0/1 of SW2 and sent to PC1. Because port 0/0/1 is an access port, the VLAN tag 20 is stripped before sending a message and then sent to PC2.


14


(4) PC2

After PC2 receives the untagged frame sent by SW2, PC2 processes it through the ICMP protocol and sends a corresponding packet to the source IP to complete a ping process.


If you have any problems, please post them in our Community. We are happy to solve them for you!


  • x
  • convention:

lucian2003
MVE Created Feb 28, 2020 17:25:26 Helpful(0) Helpful(0)

Great, thaks to share
View more
  • x
  • convention:

Hello%20friends%2C%20I%20am%20a%20Telecommunications%20and%20electronics%20engineer%20and%20I%20just%20graduated%20as%20a%20master%20in%20telecommunications%20systems.%20I%20work%20in%20the%20telecommunications%20company%20of%20Cuba%2C%20ETECSA.%20I%20am%2035%20years%20old%20and%20I%20attend%20the%20transport%20network%20in%20my%20province%2C%20which%20is%20mainly%20Huawei.

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

My Followers

Login and enjoy all the member benefits

Login

Huawei Enterprise Support Community
Huawei Enterprise Support Community