Port-based VLAN configuration example

Network requirements

As shown in Figure 42:

Host A and Host C belong to Department A. VLAN 100 is assigned to Department A.
Host B and Host D belong to Department B. VLAN 200 is assigned to Department B.

Configure port-based VLANs so that only hosts in the same department can communicate with each other.

Figure 42: Network diagram

Configuration procedure

Configure Device A:

# Create VLAN 100, and assign Ten-GigabitEthernet 1/0/1 to VLAN 100.

<DeviceA> system-view
[DeviceA] vlan 100
[DeviceA-vlan100] port ten-gigabitethernet 1/0/1
[DeviceA-vlan100] quit

# Create VLAN 200, and assign Ten-GigabitEthernet 1/0/2 to VLAN 200.

[DeviceA] vlan 200
[DeviceA-vlan200] port ten-gigabitethernet 1/0/2
[DeviceA-vlan200] quit

# Configure Ten-GigabitEthernet 1/0/3 as a trunk port to forward packets from VLANs 100 and 200 to Device B.

[DeviceA] interface ten-gigabitethernet 1/0/3
[DeviceA-Ten-GigabitEthernet1/0/3] port link-type trunk
[DeviceA-Ten-GigabitEthernet1/0/3] port trunk permit vlan 100 200
Please wait... Done.

Configure Device B in the same way Device A is configured. (Details not shown.)
Configure hosts:
- Configure Host A and Host C to be on the same IP subnet. For example, 192.168.100.0/24.
- Configure Host B and Host D to be on the same IP subnet. For example, 192.168.200.0/24.

Verifying the configuration

# Verify that Host A and Host C can ping each other, but they both fail to ping Host B. (Details not shown.)

# Verify that Host B and Host D can ping each other, but they both fail to ping Host A. (Details not shown.)

# Verify that VLANs 100 and 200 are correctly configured on devices, for example, on Device A.

[DeviceA-Ten-GigabitEthernet1/0/3] display vlan 100
 VLAN ID: 100
 VLAN type: Static
 Route interface: Not configured
 Description: VLAN 0100
 Name: VLAN 0100
 Tagged ports:
    Ten-GigabitEthernet1/0/3
 Untagged ports:
    Ten-GigabitEthernet1/0/1
[DeviceA-Ten-GigabitEthernet1/0/3] display vlan 200
 VLAN ID: 200
 VLAN type: Static
 Route interface: Not configured
 Description: VLAN 0200
 Name: VLAN 0200
 Tagged ports:
    Ten-GigabitEthernet1/0/3
 Untagged ports:
    Ten-GigabitEthernet1/0/2

prev	up	next
VLAN configuration examples	home	MAC-based VLAN configuration example