1-27
Configuration procedure
# Create customer VLANs VLAN 100 and VLAN 200 and service VLANs VLAN 500 and VLAN 600 on
Switch A.
<SwitchA> system-view
[SwitchA] vlan 100
[SwitchA-vlan100] quit
[SwitchA] vlan 200
[SwitchA-vlan200] quit
[SwitchA] vlan 500
[SwitchA-vlan500] quit
[SwitchA] vlan 600
[SwitchA-vlan600] quit
# Configure Ethernet 1/0/11 of Switch A as a trunk port and configure its default VLAN as VLAN 100.
Assign Ethernet 1/0/11 to VLAN 100 and VLAN 500. Configure Ethernet 1/0/12 in the same way.
[SwitchA] interface Ethernet 1/0/11
[SwitchA-Ethernet1/0/11] port link-type trunk
[SwitchA-Ethernet1/0/11] port trunk pvid vlan 100
[SwitchA-Ethernet1/0/11] port trunk permit vlan 100 500
[SwitchA-Ethernet1/0/11] quit
[SwitchA] interface Ethernet 1/0/12
[SwitchA-Ethernet1/0/12] port link-type trunk
[SwitchA-Ethernet1/0/12] port trunk pvid vlan 200
[SwitchA-Ethernet1/0/12] port trunk permit vlan 200 600
[SwitchA-Ethernet1/0/12] quit
# Configure Ethernet 1/0/10 of Switch A as a trunk port, and assign it to VLAN 100, VLAN 200, VLAN
500, and VLAN 600.
[SwitchA] interface Ethernet 1/0/10
[SwitchA-Ethernet1/0/10] port link-type trunk
[SwitchA-Ethernet1/0/10] port trunk permit vlan 100 200 500 600
[SwitchA-Ethernet1/0/10] quit
# Configure Layer-2 ACLs on Switch A. Configure ACL 4000 to permit packets from VLAN 100, ACL
4001 to permit packets from VLAN 200, ACL 4002 to permit packets from VLAN 500, and ACL 4003 to
permit packets from VLAN 600.
[SwitchA] acl number 4000
[SwitchA-acl-ethernetframe-4000] rule permit source 100
[SwitchA] quit
[SwitchA] acl number 4001
[SwitchA-acl-ethernetframe-4001] rule permit source 200
[SwitchA] quit
[SwitchA] acl number 4002
[SwitchA-acl-ethernetframe-4002] rule permit source 500
[SwitchA] quit
[SwitchA] acl number 4003
[SwitchA-acl-ethernetframe-4003] rule permit source 600
[SwitchA] quit