HCIP R&S Network Practical Technology: Principle and Configuration of MUX VLAN

The basic principle and background of mux VLAN is, in short, similar to the private VLAN in cisco, or the role of isolation between VLANs. It is similar to the aggregation VLAN mentioned last time.

For example, in an enterprise network, enterprise employees and enterprise customers can access the enterprise server. For enterprises, it is hoped that employees within the enterprise can communicate with each other, while enterprise customers are isolated and cannot access each other. In order to realize that all users can access the enterprise server, it can be achieved by configuring inter-VLAN communication. If the enterprise is large and has a large number of users, all users who cannot access each other must be assigned VLANs. This not only requires a large amount of VLAN IDs, but also increases the workload of network administrators and maintenance. The layer 2 traffic isolation mechanism provided by the MUX VLAN enables employees within the enterprise to communicate with each other, while enterprise customers are isolated.

The basic concepts involved in MUX VLAN include:

Principal VLAN and Subordinate VLAN, Subordinate VLAN is divided into Separate VLAN and Group VLAN, the specific relationship is as follows:

Principal VLAN: Principal port can communicate with all interfaces in MUX VLAN.

Isolated Slave VLAN (Separate VLAN): Separate port can only communicate with Principal port and achieve complete isolation from other types of interfaces. Each isolated slave VLAN must be bound to a master VLAN.

Interworking slave VLAN (Group VLAN): Group port can communicate with Principal port, and interfaces in the same group can also communicate with each other, but cannot communicate with other group interfaces or Separate port. Each interworking slave VLAN must be bound to a master VLAN.

Basic configuration of MUX VLAN

First, divide the VLAN on the switch, and assign the corresponding IP address to the PC, and divide the interface into the corresponding VLAN as required. Here, we are talking about VLAN 30 as the main VLAN. Configure the mux VLAN as required.

HCIP R&S Network Practical Technology: Principle and Configuration of MUX VLAN

[SW]vlan 30

[SW-vlan30]mux-vlan —– enable muxVLAN and associate with members

[SW-vlan30] subordinate group 20 ——Set up interworking VLAN

[SW-vlan30] subordinate separate 10 —– set isolation VLAN

[SW]interface GigabitEthernet 0/0/1

[SW-GigabitEthernet0/0/1] port mux-vlan enable —- The interface enables mux VLAN function

[SW]interface GigabitEthernet 0/0/2

[SW-GigabitEthernet0/0/2]port mux-vlan enable

[SW]interface GigabitEthernet 0/0/3

[SW-GigabitEthernet0/0/3]port mux-vlan enable

[SW]interface GigabitEthernet 0/0/4

[SW-GigabitEthernet0/0/4]port mux-vlan enable

[SW]interface GigabitEthernet 0/0/5

[SW-GigabitEthernet0/0/5]port mux-vlan enable

