How to Configure the Switch to Translate Customer VLAN to Service Provider VLAN
VLAN Mapping provides a mechanism to map a Customer VLAN to a service provider’s VLAN (Translated-VLAN). Packets received on a port will map to a Translated VLAN based on a port ID and customer VLAN ID from packets.
VLAN Mapping also can be used to prevent traffic from forwarding between different customers when they use the same VLAN in their own networks. In the following example, both of company A and company B use the same VLAN 10. When company A sends traffic to an ISP network, the traffic is possible to be forwarded to company B across a core switch because both of the companies are in the same VLAN 10.
Once VLAN Mapping is configured on edge switches, it can translate customer VLANs of company A and company B to different VLANs respectively. Thus, the traffic will not be forwarded between company A and company B since they are in the different VLANs after processing VLAN translation on edge switches.
The following example will instruct how an administrator configures a switch to achieve VLAN translation.
Note:
The example was tested using two GS2210 as edge switches, and one XGS4600 as a core switch.
1.Configuration on the Core Switch
1-1. Access to the web GUI, Go to Menu > Advanced Application > VLAN Mapping. Check the Active box and activate port 1.
1-2. Go to Menu > Advanced Application > VLAN Mapping > Configure. Check the Active box and type the Name. Set Port as 1, VID as 100, and Translated VID as 1001. Select Priority value as 3 (Optional), and click “Apply”.
1-3. Go to Menu > Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup. Check the Active box, type the Name and VLAN Group ID= as 1001. Select port 1, 26 as Fixed, and click “Apply”.
Note:
Create a Static VLAN only for the Translated VLAN, and set both of ports as members for the Translated VLAN. Otherwise the packets from the Translated VLAN received on port 26 will NOT be forwarded to port 1.
2.Configuration on the Edge Switch
2-1. Setup Customer Switch-1: Access to the web GUI. Go to Menu > Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup. Check the Active box, type the Name and VLAN Group ID= as 100. Select port 1 as Fixed and uncheck Tx Tagging (Untagged). Select port 9 as Fixed, and click “Apply”.
2-2. Setup Customer Switch-1: Go to Menu > Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup. Set port 1 PVID= as 100 (VLAN 100), and click “Apply”.
2-3. Setup Customer Switch-2: Go to Menu > Advanced Application > VLAN > VLAN Configuration > Static VLAN Setup. Check the Active box, type the Name and VLAN Group ID= as 1001. Select port 1 as Fixed and uncheck Tx Tagging (Untagged). Select port 9 as Fixed, and click “Apply”.
2-4. Setup Customer Switch-2: Go to Menu > Advanced Application > VLAN > VLAN Configuration > VLAN Port Setup. Set port 1 PVID= as 1001 (VLAN 1001), and click “Apply”.
3.Test the Results
3-1. PC-1 can ping PC-2 successfully.
3-2. Configure Mirroring to verify the VLAN ID/Priority value in the packets which are received on port 1 of the core switch, and ensure they are the original value (VLAN=100/Priority=0). Access to the web GUI and go to Menu > Advanced Application > Mirroring. Check the “Active” box. Set the Monitor port as port 2, which is used to monitor the traffic, and check the destination port 1 in this example. Select the direction as “Both”, and click “Apply”.
3-3. Connect with another PC to port 2 of the core switch. Open wireshark to monitor the packets, and filter “icmp”.
3-4. Configure Mirroring to verify the VLAN ID/Priority in the packets sent out from port 26 of the core switch and ensure they should be the translated values (VLAN=1001/Priority=3). Go to Menu > Advanced Application > Mirroring. Uncheck port 1 and check port 26. Select the direction as “Both”, and click “Apply”.
3-5. Connect with another PC to port 2 of the core switch. Open wireshark to monitor the packets, and filter “icmp”.
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 146 Nebula Ideas
- 96 Nebula Status and Incidents
- 5.7K Security
- 262 USG FLEX H Series
- 271 Security Ideas
- 1.4K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 40 Wireless Ideas
- 6.4K Consumer Product
- 249 Service & License
- 387 News and Release
- 84 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.5K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 73 Security Highlight