MUX-VLAN
定义主从vlan,从vlan分为组vlan和隔离vlan
规则:
主vlan可以和所有vlan进行通信
从vlan之间不能通信
组vlan之内可以通信
隔离vlan之内不能通信
实验拓扑:
实验配置:
vlan batch 100 501 502
vlan 100
mux-vlan
subordinate separate 502
subordinate group 501
interface GigabitEthernet0/0/1
port link-type access
port default vlan 100
port mux-vlan enable
interface Ethernet0/0/1
port link-type access
port default vlan 501
port mux-vlan enable
interface Ethernet0/0/2
port link-type access
port default vlan 501
port mux-vlan enable
interface Ethernet0/0/3
port link-type access
port default vlan 502
port mux-vlan enable
interface Ethernet0/0/4
port link-type access
port default vlan 502
port mux-vlan enable
端口隔离:
mux-vlan不能用时,用端口隔离。
这里如果让pc1和pc2不能通信的话
[sw1]port-isolate mode l2
[sw1]port-group group-member e 0/0/1 e 0/0/2
[sw1-port-group]port-isolate enable group 10