Configuring Transparent Bridge and VLAN Isolation on a Huawei Router

Application scenario: an enterprise has multiple departments spread across different floors of the same building. Business development creates a need for data communication within the same department and between some departments, while other departments require isolation for security reasons.

To address this, the router’s transparent bridge local‑bridge function can be used: users that need to communicate are placed in the same bridge group, allowing inter‑department communication or isolation as required.

Network layout: USER1 and USER2 belong to one department and are placed in VLAN11; USER3 and USER4 belong to two other departments. USER1, USER2, and USER3 need to communicate with each other.

Configuration approach:

Add USER1 and USER2 to VLAN11, then bind VLANIF11 to bridge group 1; also add USER3 to bridge group 1 to achieve communication among USER1, USER2, and USER3.

Add USER4 to bridge group 2 to keep it isolated from USER1, USER2, and USER3.

Operational steps (commands to be entered on the Huawei router):

[huawei]sysname routerA

[RouterA]vlan 11

[RouterA-vlan11]quit

[RouterA]interface ethernet 5/0/1

[RouterA-Ethernet5/0/1]port link-type access

[RouterA-Ethernet5/0/1]port default vlan 11

[RouterA-Ethernet5/0/1]quit

[RouterA]interface ethernet 5/0/2

[RouterA-Ethernet5/0/2]port link-type access

[RouterA-Ethernet5/0/2]port default vlan 11

[RouterA-Ethernet5/0/2]quit

[RouterA]bridge 1

[RouterA-bridge1]quit

[RouterA]interface ethernet1/0/1

[RouterA-ethernet1/0/1]bridge 1

[RouterA-ethernet1/0/1]quit

[RouterA]interface vlanif 11

[RouterA-vlanif11]bridge 1

[RouterA-vlanif11]quit

[RouterA]bridge 2

[RouterA-bridge2]quit

[RouterA]interface ethernet1/0/2

[RouterA-ethernet1/0/2]bridge 2

[RouterA-ethernet1/0/2]quit