谁做过VMPS ，网上都是一些相互摘抄的文本

net-wolf

现在打算使用VMPS,同时希望最好VMPS分配的VLAN都属于同一个PVLAN，这个能做到吗？
好像不行，一个 primary vlan 只能有一个 isolated vlan
---------------------------------------------------
•A primary VLAN can be associated with multiple community VLANs, but only one isolated VLAN.

•An isolated or community VLAN can be associated with only one primary VLAN.

[ 本帖最后由 net-wolf 于 2006-9-15 10:33 编辑 ]

yuhuohu

<Quidway>syst
Enter system view, return to user view with Ctrl+Z.
[Quidway]vlan 1
[Quidway-vlan1]iso
[Quidway-vlan1]isolate-user-vlan enabl
[Quidway-vlan1]vlan 2
[Quidway-vlan2]port e0/2
[Quidway-vlan2]vlan 3
[Quidway-vlan3]port e0/3
[Quidway-vlan3]quit
[Quidway]isolate-user-vlan 1 secondary vlan 2 5 to 23
[Quidway]
[Quidway]int e0/12 不想让vlan 2 7 8 10访问就undo掉它
         undo por hy vlan 2 7 to 8 10
[Quidway]int e0/14
         undo por hy vlan 2 7 to 8 10
[Quidway]int e0/20
         undo por hy vlan 2 7 to 8 10
[Quidway]int e0/9
         undo por hy vlan 2 5 6 9 to 23

yuhuohu

<Quidway>dis cu
#
sysname Quidway
#
radius scheme system
server-type huawei
primary authentication 127.0.0.1 1645
primary accounting 127.0.0.1 1646
user-name-format without-domain

domain system
radius-scheme system
access-limit disable
state active
vlan-assignment-mode integer
idle-cut disable
self-service-url disable
messenger time disable

domain default enable system
#
local-server nas-ip 127.0.0.1 key huawei
#
temperature-limit 0 42 65
#
vlan 1
isolate-user-vlan enable
#
vlan 2
#
vlan 3
#
vlan 5
#
vlan 6
#
vlan 7
#
vlan 8
#
vlan 10
#
vlan 11
#
vlan 12
#
vlan 13
#
vlan 14
#
vlan 15
#
vlan 16
#
vlan 17
#
vlan 18
#
vlan 19
#
vlan 20
#
vlan 21
#
vlan 22
#
vlan 23
#
vlan 24
#
vlan 25
#
vlan 26
#
vlan 27
#
vlan 28
#
vlan 29
#
vlan 30
#
vlan 31
#
vlan 32
#
vlan 33
#
vlan 34
#
vlan 35
#
vlan 36
#
vlan 37
#
vlan 38
#
vlan 39
#
vlan 40
#
vlan 41
#
vlan 42
#
vlan 43
#
vlan 44
#
vlan 45
#
vlan 46
#
vlan 47
#
vlan 48
#
vlan 49
#
vlan 50
description qiantai
#
vlan 60
description nei-wai-fuwuqi
#
vlan 70
description dayin-fuwuqi
#
vlan 80
description manager-room
#
vlan 501
#
interface Vlan-interface1
ip address 192.168.1.253 255.255.255.0
#
interface Aux0/0
#
interface Ethernet0/1
port link-type hybrid
port hybrid vlan 1 to 2 5 to 8 10 to 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/2
port link-type hybrid
port hybrid vlan 1 to 2 untagged
port hybrid pvid vlan 2
#
interface Ethernet0/3
port link-type hybrid
port hybrid vlan 1 to 2 5 to 8 10 to 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/4
port link-type hybrid
port hybrid vlan 1 to 2 5 to 8 10 to 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/5
port link-type hybrid
port hybrid vlan 1 5 untagged
port hybrid pvid vlan 5
#
interface Ethernet0/6
port link-type hybrid
port hybrid vlan 1 6 untagged
port hybrid pvid vlan 6
#
interface Ethernet0/7
port link-type hybrid
port hybrid vlan 1 7 untagged
port hybrid pvid vlan 7
#
interface Ethernet0/8
port link-type hybrid
port hybrid vlan 1 8 untagged
port hybrid pvid vlan 8
#
interface Ethernet0/9
port link-type hybrid
port hybrid vlan 1 7 to 8 untagged
#
interface Ethernet0/10
port link-type hybrid
port hybrid vlan 1 10 untagged
port hybrid pvid vlan 10
#
interface Ethernet0/11
port link-type hybrid
port hybrid vlan 1 11 untagged
port hybrid pvid vlan 11
#
interface Ethernet0/12
port link-type hybrid
port hybrid vlan 1 5 to 6 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/13
port link-type hybrid
port hybrid vlan 1 13 untagged
port hybrid pvid vlan 13
#
interface Ethernet0/14
port link-type hybrid
port hybrid vlan 1 5 to 6 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/15
port link-type hybrid
port hybrid vlan 1 15 untagged
port hybrid pvid vlan 15
#
interface Ethernet0/16
port access vlan 16
#
interface Ethernet0/17
port link-type hybrid
port hybrid vlan 1 17 untagged
port hybrid pvid vlan 17
#
interface Ethernet0/18
port link-type hybrid
port hybrid vlan 1 to 2 5 to 8 10 to 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/19
port link-type hybrid
port hybrid vlan 1 19 untagged
port hybrid pvid vlan 19
#
interface Ethernet0/20
port link-type hybrid
port hybrid vlan 1 5 to 6 11 13 15 17 19 21 to 23 untagged
#
interface Ethernet0/21
port link-type hybrid
port hybrid vlan 1 21 untagged
port hybrid pvid vlan 21
#
interface Ethernet0/22
port link-type hybrid
port hybrid vlan 1 22 untagged
port hybrid pvid vlan 22
#
interface Ethernet0/23
port link-type hybrid
port hybrid vlan 1 23 untagged
port hybrid pvid vlan 23
#
interface Ethernet0/24
port link-type hybrid
port hybrid vlan 1 to 2 5 to 8 10 to 11 13 15 17 19 21 to 23 untagged
#
interface NULL0
#
isolate-user-vlan 1 secondary 2 5 to 8 10 to 11 13 15 17 19 21 to 23
#
user-interface aux 0
user-interface vty 0 4
user privilege level 3
set authentication password simple abc123!
#
return
<Quidway>

net-wolf

but this board is for cisco, HeHe , thank you anyway.
Another question :
You know HuaWei does support pvlan.  Do you how many sub vlans in one pvlan ?
Sorry for my english , I can't input chinese now.

cnadl

isolated要那么多干什么？

net-wolf

我不想让计算机间进行通讯.
pvlan已经否定了,
现在的问题是一个端口最多可以属于多少个vlan?
思科的好象最多是 250个,华为的有什么限制?

[ 本帖最后由 net-wolf 于 2006-9-18 09:20 编辑 ]

yuhuohu

回楼主，偶也是搞CISCO的，华为也不熟，我贴的配置是今年51的时候，一个哥们公司的网络配置，他需求如下：
1。每部门隔离
2。员工间隔离
3。部门主管和员工间互访，主管间互访
4。所有人可访问打印服务器等

偶就只好作了以上配置了 呵呵

net-wolf

发现华为的 hybrid 端口可以满足我的要求，估计没有思科的这个 250 个端口的限制了。