VLAN (Virtual Local Area Network) is a technology that can solve broadcasting issues. A LAN can be divided into several VLANs logically, and only the hosts in a same VLAN can communicate with each other.
Here is a configuration example for 802.1Q VLAN.
Network Topology:
Network Requirement:
- Hosts in the same department can communicate with each other.
- Hosts in different departments cannot communicate with each other.
- Both department A and department B can visit the FTP server.
Configuration Scheme:
- Create VLAN 10 and VLAN 20 for department A and department B respectively.
- Create VLAN 30 for the FTP server, and add the hosts in department A and department B to VLAN 30.
- Configure PVIDs for ports. With correct PVID settings, both department A and department B can visit the FTP server, but cannot communicate with each other.
VLAN Configurations on Switch 1 and Switch 2:
|
VLAN 10 |
VLAN 20 |
VLAN 30 |
Switch 1 |
Port 1-2 |
Port 1, 3 |
Port 1-3 |
Switch 2 |
Port 1-2, 4 |
Port 1, 3-4 |
Port 1-4 |
Egress Rule and PVID settings for Switch 1 and Switch 2:
Switch |
Switch 1 |
Switch 2 |
|||||
Port |
1 |
2 |
3 |
1 |
2 |
3 |
4 |
Egress Rule |
Tagged |
Untagged |
Untagged |
Tagged |
Untagged |
Untagged |
Untagged |
PVID |
1 |
10 |
20 |
1 |
10 |
20 |
30 |
Configurations on Switch 1:
Step 1
Go to L2 Features > VLAN > 802.1Q VLAN > VLAN Config, create VLAN 10, VLAN 20 and VLAN 30; add Untagged port 2 and Tagged port 1 to VLAN 10; add Untagged port 3 and Tagged port 1 to VLAN 20; add Untagged port 2-3 to VLAN 30 and Tagged port 1 to VLAN 30.
Step 2
Go to L2 Features > VLAN > 802.1Q VLAN > Port Config, set the PVID value as 1, 10, 20 for port 1, port 2 and port 3 respectively.
Configurations on Switch 2:
Step 1
Go to L2 Features > VLAN > 802.1Q VLAN > VLAN Config, create VLAN 10, VLAN 20 and VLAN 30; add Untagged port 2, Untagged port 4 and Tagged port 1 to VLAN 10; add Untagged port 3, Untagged port 4 and Tagged port 1 to VLAN 20; add Untagged port 2-4 to VLAN 30 and Tagged port 1 to VLAN 30.
Step 2
Go to L2 Features > VLAN > 802.1Q VLAN > Port Config, set the PVID value as 1, 10, 20 and 30 for port 1, port 2, port 3 and port 4 respectively.