background image

 

71 

In addition to basic MSTP features, the following features are provided for ease of management: 

 

Root bridge hold 

 

Root bridge backup 

 

Root guard 

 

BPDU guard 

 

Loop guard 

 

TC-BPDU guard 

 

Port role restriction 

 

TC-BPDU transmission restriction 

 

Support for hot swapping of interface cards and active/standby changeover. 

Protocols and standards 

MSTP is documented in the following protocols and standards: 

 

IEEE 802.1d, 

Media Access Control (MAC) Bridges

 

 

IEEE 802.1w, 

Part 3: Media Access Control (MAC) Bridges—Amendment 2: Rapid 

Reconfiguration

 

 

IEEE 802.1s, 

Virtual Bridged Local Area Networks—Amendment 3: Multiple Spanning Trees

 

 

IEEE 802.1Q-REV/D1.3, 

Media Access Control (MAC) Bridges and Virtual Bridged Local Area 

Networks —Clause 13: Spanning tree Protocols

 

General configuration restrictions and guidelines 

 

In an IRF 3 system, a device in PVST mode can maintain a maximum of 254 spanning trees. If 
a PVST device is not in an IRF 3 system, it can maintain a maximum of 510 spanning trees. 

 

If both MVRP and spanning tree are enabled on a network, MVRP packets are forwarded along 
MSTIs. To advertise a specific VLAN within the network through MVRP, make sure this VLAN is 
mapped to an MSTI when you configure the VLAN-to-instance mapping table. For more 
information about MVRP, see "

Configuring MVRP

." 

 

To connect a spanning tree network to a TRILL network, make sure the following requirements 
are met: 

{

 

The spanning tree protocol is disabled on the TRILL network. 

{

 

An edge port is used to connect the spanning tree network to the TRILL network. The edge 
port can quickly transit to the forwarding state. This prevents network topology changes 
from influencing the TRILL network. 

For more information about TRILL, see 

TRILL Configuration Guide

 

The spanning tree configurations are mutually exclusive with service loopback, RRPP, and 
Smart Link on a port. 

 

Configurations made in system view take effect globally. Configurations made in Ethernet 
interface view take effect only on the interface. Configurations made in Layer 2 aggregate 
interface view take effect only on the aggregate interface. Configurations made on an 
aggregation member port can take effect only after the port is removed from the aggregation 
group.  

 

After you enable a spanning tree protocol on a Layer 2 aggregate interface, the system 
performs spanning tree calculation only on the Layer 2 aggregate interface. It does not perform 
spanning tree calculation on the aggregation member ports. The spanning tree protocol state 
and forwarding state of each selected member port are consistent with those of the 
corresponding Layer 2 aggregate interface.  

Summary of Contents for H3C S7500E-X

Page 1: ...H3C S7500E X Switch Series Layer 2 LAN Switching Configuration Guide Hangzhou H3C Technologies Co Ltd http www h3c com Software version S7500EX CMW710 R7178 Document version 6W100 20160118 ...

Page 2: ...ine SecPath SecCenter SecBlade Comware ITCMM and HUASAN are trademarks of Hangzhou H3C Technologies Co Ltd All other trademarks that may be mentioned in this manual are the property of their respective owners Notice The information in this document is subject to change without notice Every effort has been made in the preparation of this document to ensure accuracy of the contents but all statement...

Page 3: ...on only and might be unavailable on your device Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown Italic Italic text represents arguments that you replace with actual values Square brackets enclose syntax choices keywords or arguments that are optional x y Braces enclose a set of required syntax choices separated by ver...

Page 4: ...OTE An alert that contains additional or supplementary information TIP An alert that provides helpful information Network topology icons Convention Description Represents a generic network device such as a router switch or firewall Represents a routing capable device such as a router or Layer 3 switch Represents a generic switch such as a Layer 2 or Layer 3 switch or a router that supports Layer 2...

Page 5: ... Modules User Guide Describes the transceiver modules available for the H3C network products their external views and specifications Software configuration Configuration guides Describes software features and configuration procedures Command references Provides a quick reference to all available commands Configuration examples Describes typical network scenarios and provide configuration examples ...

Page 6: ...cts Solutions Provides information about products and technologies as well as solutions Software Download Provides the documentation released with the software version Technical support service h3c com http www h3c com Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments ...

Page 7: ...ss move notifications 11 Configuring MAC address move suppression 11 Enabling ARP fast update for MAC address moves 12 Disabling static source check 13 Enabling SNMP notifications for the MAC address table 13 Displaying and maintaining the MAC address table 14 MAC address table configuration example 14 Network requirements 14 Configuration procedure 15 Verifying the configuration 15 Configuring MA...

Page 8: ...t link aggregation configuration examples 40 Layer 2 static aggregation configuration example 40 Layer 2 dynamic aggregation configuration example 42 Layer 2 aggregation load sharing configuration example 44 Layer 2 edge aggregate interface configuration example 46 Layer 3 static aggregation configuration example 48 Layer 3 dynamic aggregation configuration example 49 Layer 3 aggregation load shar...

Page 9: ...nabling the spanning tree feature in STP RSTP MSTP mode 87 Enabling the spanning tree feature in PVST mode 87 Performing mCheck 88 Performing mCheck globally 88 Performing mCheck in interface view 88 Configuring Digest Snooping 88 Configuration restrictions and guidelines 89 Configuration procedure 89 Digest Snooping configuration example 90 Configuring No Agreement Check 90 Configuration prerequi...

Page 10: ...onfiguring dynamic MAC based VLAN assignment 124 Configuring server assigned MAC based VLAN 125 Configuring IP subnet based VLANs 125 Configuring protocol based VLANs 126 Configuring a VLAN group 127 Displaying and maintaining VLANs 128 VLAN configuration examples 128 Port based VLAN configuration example 128 MAC based VLAN configuration example 130 IP subnet based VLAN configuration example 132 P...

Page 11: ... phone discovery 166 Configuration restrictions and guidelines 166 Configuration procedure 166 Configuring LLDP to advertise a voice VLAN 166 Configuring CDP to advertise a voice VLAN 167 Displaying and maintaining voice VLANs 168 Voice VLAN configuration examples 168 Automatic voice VLAN assignment mode configuration example 168 Manual voice VLAN assignment mode configuration example 170 Configur...

Page 12: ...o one VLAN mapping configuration example 209 One to two and two to two VLAN mapping configuration example 214 Configuring LLDP 217 Overview 217 Basic concepts 217 Working mechanism 222 Protocols and standards 223 LLDP configuration task list 223 Performing basic LLDP configurations 224 Enabling LLDP 224 Setting the LLDP bridge mode 224 Setting the LLDP operating mode 224 Setting the LLDP reinitial...

Page 13: ...51 Configuration restrictions and guidelines 251 Configuring a service loopback group 252 Displaying and maintaining service loopback groups 252 Service loopback group configuration example 252 Network requirements 252 Configuration procedure 252 Index 254 ...

Page 14: ...hen the device receives a frame destined for MAC SOURCE after learning this source MAC address the device performs the following tasks a Finds the MAC SOURCE entry in the MAC address table b Forwards the frame out of port A The device performs the learning process each time it receives a frame with an unknown source MAC address until the table is fully populated Manually configuring MAC address en...

Page 15: ... entry and a multiport unicast entry cannot overwrite one another MAC address table configuration task list The configuration tasks discussed in the following sections can be performed in any order This document covers only the configuration of unicast MAC address entries including static dynamic blackhole and multiport unicast MAC address entries For information about configuring static multicast...

Page 16: ...e frame and generates a dynamic MAC address entry but the entry does not take effect Forwards frames destined for MAC A based on the multiport unicast MAC address entry Dynamic MAC address entry Learns the MAC address of the frames received on a different interface from that in the entry and overwrites the original entry Forwards the frame received on the same interface as that in the entry and up...

Page 17: ...address entry mac address blackhole mac address vlan vlan id By default no blackhole MAC address entry is configured Make sure you have created the VLAN Adding or modifying a multiport unicast MAC address entry You can configure a multiport unicast MAC address entry to associate a unicast destination MAC address with multiple ports The frame with a destination MAC address matching the entry is sen...

Page 18: ...rface to the VLAN Disabling MAC address learning MAC address learning is enabled by default To prevent the MAC address table from being saturated when the device is experiencing attacks disable MAC address learning For example you can disable MAC address learning to prevent the device from being attacked by a large amount of frames with different source MAC addresses After MAC address learning is ...

Page 19: ... undo mac address mac learning enable By default MAC address learning on the interface is enabled Disabling MAC address learning on a VLAN When global MAC address learning is enabled you can disable MAC address learning on a per VLAN basis To disable MAC address learning on a VLAN Step Command Remarks 1 Enter system view system view N A 2 Enable global MAC address learning mac address mac learning...

Page 20: ...each unintended destinations To set the aging timer for dynamic MAC address entries Step Command Remarks 1 Enter system view system view N A 2 Set the aging timer for dynamic MAC address entries mac address timer aging seconds no aging The default setting is 300 seconds The no aging keyword disables the aging timer Setting the MAC learning limit on an interface This feature limits the MAC address ...

Page 21: ...t enable forwarding command in Layer 2 aggregate interfaces Assigning MAC learning priority to interfaces The MAC learning priority mechanism assigns either low priority or high priority to an interface An interface with high priority can learn MAC addresses as usual However an interface with low priority is not allowed to learn MAC addresses already learned on a high priority interface The MAC le...

Page 22: ...n To avoid unnecessary floods and improve forwarding speed make sure all cards have the same MAC address table After you enable MAC address synchronization each card advertises learned MAC address entries to other cards In standalone mode To avoid unnecessary floods and improve forwarding speed make sure all cards have the same MAC address table After you enable MAC address synchronization each ca...

Page 23: ...ises it to Device A to ensure service continuity for Client A as shown in Figure 2 Figure 2 MAC address tables of devices when Client A roams to AP D To enable MAC address synchronization Step Command Remarks 1 Enter system view system view N A 2 Enable MAC address synchronization mac address mac roaming enable By default MAC address synchronization is disabled ...

Page 24: ...ve command To configure MAC address move notifications Step Command Remarks 1 Enter system view system view N A 2 Enable MAC address move notifications and optionally specify a MAC move detection interval mac address notification mac move interval interval value By default MAC address move notifications are disabled If you do not specify a MAC move detection interval the default setting of 1 minut...

Page 25: ...s move suppression mac address notification mac move suppression By default MAC address move suppression is disabled Enabling ARP fast update for MAC address moves ARP fast update for MAC address moves allows the device to update an ARP entry immediately after the outgoing interface for a MAC address changes This feature ensures data connection without interruption This feature takes effect only o...

Page 26: ...ayer 2 Ethernet interface view interface interface type interface number Enter Layer 3 Ethernet interface view interface interface type interface number N A 3 Disable the static source check feature undo mac address static source check enable By default the static source check feature is enabled Enabling SNMP notifications for the MAC address table After you enable SNMP notifications for the MAC a...

Page 27: ...ning state display mac address mac learning interface interface type interface number Display MAC address statistics display mac address statistics Display the MAC address move records in standalone mode display mac address mac move slot slot number Display the MAC address move records in IRF mode display mac address mac move chassis chassis number slot slot number MAC address table configuration ...

Page 28: ... seconds for dynamic MAC address entries Device mac address timer aging 500 Verifying the configuration Display the static MAC address entries for interface GigabitEthernet 1 0 1 Device display mac address static interface gigabitethernet 1 0 1 MAC Address VLAN ID State Port NickName Aging 000f e235 dc71 1 Static GE1 0 1 N Display the blackhole MAC address entries Device display mac address blackh...

Page 29: ...face view Enter Layer 2 Ethernet interface view interface interface type interface number Enter S channel interface view interface s channel interface number channel id Enter S channel aggregate interface view interface schannel aggregation interface number channel id N A 4 Enable MAC Information on the interface mac address information enable added deleted By default MAC Information is disabled o...

Page 30: ...the MAC change notification interval mac address information interval interval time The default setting is 1 second Setting the MAC Information queue length Step Command Remarks 1 Enter system view system view N A 2 Set the MAC Information queue length mac address information queue length value The default setting is 50 MAC Information configuration example Network requirements Enable MAC Informat...

Page 31: ...n this example before you configure an output rule Configure an output rule to output to the log host MAC address logs that have a severity level of at least informational Device info center source mac loghost level informational 2 Configure the log host Host B Configure Solaris as follows Configure other UNIX operating systems in the same way Solaris is configured a Log in to the log host as a ro...

Page 32: ...formation when the interface performs either of the following tasks Learns a new MAC address Deletes an existing MAC address Device interface gigabitethernet 1 0 1 Device GigabitEthernet1 0 1 mac address information enable added Device GigabitEthernet1 0 1 mac address information enable deleted Device GigabitEthernet1 0 1 quit Set the MAC Information queue length to 100 Device mac address informat...

Page 33: ...nterface Aggregate interfaces include Layer 2 aggregate interfaces and Layer 3 aggregate interfaces When you create an aggregate interface the device automatically creates an aggregation group of the same type and number as the aggregate interface For example when you create Layer 2 aggregate interface 1 Layer 2 aggregation group 1 is created You can assign Layer 2 Ethernet interfaces or RPR logic...

Page 34: ...on states of the member ports and running services The system displays a warning message every time you try to change an attribute configuration setting on a member port Table 1 Attribute configurations Feature Considerations Port isolation Indicates whether the port has joined an isolation group and which isolation group the port belongs to QinQ QinQ enable state enabled disabled TPID for VLAN ta...

Page 35: ...nd attribute configurations as the reference port The system chooses a reference port from the member ports that are in up state and have the same attribute configurations as the aggregate interface The candidate ports are sorted in the following order 1 Highest port priority 2 Full duplex high speed 3 Full duplex low speed 4 Half duplex high speed 5 Half duplex low speed The candidate port at the...

Page 36: ...e configuration change might affect the aggregation states of link aggregation member ports Aggregating links in dynamic mode Dynamic aggregation is implemented through IEEE 802 3ad Link Aggregation Control Protocol LACP LACP LACP uses LACPDUs to exchange aggregation information between LACP enabled devices Each member port in an LACP enabled aggregation group exchanges information with its peer W...

Page 37: ...ity and port priority as described in Table 3 The smaller the priority value the higher the priority Table 3 LACP priorities Type Description System LACP priority Used by two peer devices or systems to determine which one is superior in link aggregation In dynamic link aggregation the system that has higher system LACP priority sets the Selected state of member ports on its side The system that ha...

Page 38: ... priority values are the same the two systems proceed to step b b The two systems compare their MAC addresses The lower the MAC address the smaller the system ID 2 The system with the smaller system ID chooses the port with the smallest port ID as the reference port A port ID contains a port priority and a port number The lower the port priority the smaller the port ID a The system chooses the por...

Page 39: ...e interfaces in dynamic mode follow these guidelines A dynamic link aggregation group preferably chooses full duplex ports as the Selected ports The group will choose only one half duplex port as a Selected port when either of the following conditions exist None of the full duplex ports can be chosen as Selected ports Only half duplex ports exist in the group To ensure stable aggregation and servi...

Page 40: ...when it is configured on an aggregate interface corresponding to a dynamic aggregation group After the server reboot the device can receive LACPDUs from the server Then link aggregation between the device and the server operates correctly Load sharing modes for link aggregation groups In a link aggregation group traffic can be load shared across the Selected ports based on any of the following mod...

Page 41: ...n group Configuration restrictions and guidelines When you configure an aggregation group follow these restrictions and guidelines RPR logical interfaces cannot be assigned to dynamic aggregation groups The maximum number of aggregation groups and the maximum number of Selected ports allowed in an aggregation group depend on the location of member ports as shown in the following matrix Member port...

Page 42: ...n state Configuring a Layer 2 static aggregation group Step Command Remarks 1 Enter system view system view N A 2 Create a Layer 2 aggregate interface and enter Layer 2 aggregate interface view interface bridge aggregation interface number When you create a Layer 2 aggregate interface the system automatically creates a Layer 2 static aggregation group numbered the same 3 Exit to system view quit N...

Page 43: ...ring a dynamic aggregation group To guarantee a successful dynamic aggregation make sure the peer ports of the ports aggregated at one end are also aggregated The two ends can automatically negotiate the aggregation state of each member port Configuring a Layer 2 dynamic aggregation group Step Command Remarks 1 Enter system view system view N A 2 Set the system LACP priority lacp system priority s...

Page 44: ...nterval 90 seconds is adopted by the interface To avoid traffic interruption during an ISSU do not set the short LACP timeout interval before performing the ISSU For more information about ISSU see Fundamentals Configuration Guide Configuring a Layer 3 dynamic aggregation group Step Command Remarks 1 Enter system view system view N A 2 Set the system LACP priority lacp system priority system prior...

Page 45: ... short By default the long LACP timeout interval 90 seconds is adopted by the interface To avoid traffic interruption during an ISSU do not set the short LACP timeout interval before performing the ISSU For more information about ISSU see Fundamentals Configuration Guide Configuring an aggregate interface Most of the configurations that can be performed on Layer 2 or Layer 3 Ethernet interfaces ca...

Page 46: ...egate interface Perform this task to reserve a VLAN interface resource for a Layer 2 aggregate interface whose corresponding aggregation group uses RPR logical interfaces as member ports The reserved VLAN interface resource is used for traffic forwarding on the RPR logical interfaces You must reserve a VLAN interface resource for a Layer 2 aggregate interface after assigning RPR logical interfaces...

Page 47: ...gregate interface When the number of member ports eligible to be Selected ports is smaller than the minimum threshold the following events occur The eligible member ports are placed in the Unselected state The link layer state of the aggregate interface becomes down When the number of member ports eligible to be Selected ports reaches or exceeds the minimum threshold the following events occur The...

Page 48: ...ter system view system view N A 2 Enter aggregate interface view Enter Layer 2 aggregate interface view interface bridge aggregation interface number Enter Layer 3 aggregate interface view interface route aggregation interface number N A 3 Set the expected bandwidth for the interface bandwidth bandwidth value By default the expected bandwidth in kbps is the interface baud rate divided by 1000 Conf...

Page 49: ...rface is brought up the aggregation states of member ports in the corresponding aggregation group are recalculated The loopback command cannot be configured on the member port of a shutdown aggregate interface A port configured with the loopback command cannot be assigned to a shutdown aggregate interface For more information about the loopback command see Interface Command Reference To shut down ...

Page 50: ...g mode If the group specific load sharing mode is not available the group uses the global load sharing mode Setting the global link aggregation load sharing mode In system view the switch supports the following load sharing modes and combinations Source IP address Destination IP address Source MAC address Destination MAC address Source IP address and destination IP address Source IP address and so...

Page 51: ...terface bridge aggregation interface number N A 3 Set the load sharing mode for the aggregation group link aggregation load sharing mode destination ip destination mac mpls label1 mpls label2 source ip source mac flexible By default the load sharing mode is the same as the global load sharing mode Enabling local first load sharing for link aggregation Use local first load sharing in a multidevice ...

Page 52: ...RF member devices or other cards In IRF mode Configuration restrictions and guidelines When you enable link aggregation traffic redirection follow these restrictions and guidelines Link aggregation traffic redirection applies only to dynamic link aggregation groups To prevent traffic interruption enable link aggregation traffic redirection on devices at both ends of the aggregate link To prevent p...

Page 53: ...e number brief description down Display the local system ID display lacp system id Display the global or group specific link aggregation load sharing modes display link aggregation load sharing mode interface bridge aggregation route aggregation interface number Display detailed link aggregation information for link aggregation member ports display link aggregation member port interface list Displ...

Page 54: ...vlan20 quit Create Layer 2 aggregate interface Bridge Aggregation 1 DeviceA interface bridge aggregation 1 DeviceA Bridge Aggregation1 quit Assign ports GigabitEthernet 1 0 1 through GigabitEthernet 1 0 3 to link aggregation group 1 DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 port link aggregation group 1 DeviceA GigabitEthernet1 0 1 quit DeviceA interface gigabitethernet ...

Page 55: ...d H Expired Aggregate Interface Bridge Aggregation1 Aggregation Mode Static Loadsharing Type Shar Port Status Priority Oper Key GE1 0 1 S 32768 1 GE1 0 2 S 32768 1 GE1 0 3 S 32768 1 The output shows that link aggregation group 1 is a Layer 2 static aggregation group that contains three Selected ports Layer 2 dynamic aggregation configuration example Network requirements On the network shown in Fig...

Page 56: ...igabitEthernet1 0 2 port link aggregation group 1 DeviceA GigabitEthernet1 0 2 quit DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port link aggregation group 1 DeviceA GigabitEthernet1 0 3 quit Configure Layer 2 aggregate interface Bridge Aggregation 1 as a trunk port and assign it to VLANs 10 and 20 DeviceA interface bridge aggregation 1 DeviceA Bridge Aggregation1 port lin...

Page 57: ...ollowing tasks Configure Layer 2 static aggregation groups 1 and 2 on Device A and Device B respectively Enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end Enable VLAN 20 at one end of the aggregate link to communicate with VLAN 20 at the other end Configure link aggregation groups 1 and 2 to load share traffic across aggregation group member ports Configu...

Page 58: ...trunk DeviceA Bridge Aggregation1 port trunk permit vlan 10 DeviceA Bridge Aggregation1 quit Create Layer 2 aggregate interface Bridge Aggregation 2 DeviceA interface bridge aggregation 2 Configure Layer 2 aggregation group 2 to load share packets based on destination MAC addresses DeviceA Bridge Aggregation2 link aggregation load sharing mode destination mac DeviceA Bridge Aggregation2 quit Assig...

Page 59: ...ggregation groups Each aggregation group contains two Selected ports Display all the group specific load sharing modes on Device A DeviceA display link aggregation load sharing mode interface Bridge Aggregation1 Load Sharing Mode source mac address Bridge Aggregation2 Load Sharing Mode destination mac address The output shows that Link aggregation group 1 load shares packets based on source MAC ad...

Page 60: ...evice interface gigabitethernet 1 0 2 Device GigabitEthernet1 0 2 port link aggregation group 1 Device GigabitEthernet1 0 2 quit 2 Configure the server as required Details not shown Verifying the configuration Display detailed information about all aggregation groups on the device during the server reboot process Device display link aggregation verbose Loadsharing Type Shar Loadsharing NonS Non Lo...

Page 61: ...ation1 quit Assign Layer 3 Ethernet interfaces GigabitEthernet 1 0 1 through GigabitEthernet 1 0 3 to aggregation group 1 DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 port link aggregation group 1 DeviceA GigabitEthernet1 0 1 quit DeviceA interface gigabitethernet 1 0 2 DeviceA GigabitEthernet1 0 2 port link aggregation group 1 DeviceA GigabitEthernet1 0 2 quit DeviceA inte...

Page 62: ...gation1 link aggregation mode dynamic Configure an IP address and subnet mask for Route Aggregation 1 DeviceA Route Aggregation1 ip address 192 168 1 1 24 DeviceA Route Aggregation1 quit Assign Layer 3 Ethernet interfaces GigabitEthernet 1 0 1 through GigabitEthernet 1 0 3 to aggregation group 1 DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 port link aggregation group 1 Devi...

Page 63: ...E1 0 3 3 32768 1 0x8000 000f e267 57ad ACDEF The output shows that link aggregation group 1 is a Layer 3 dynamic aggregation group that contains three Selected ports Layer 3 aggregation load sharing configuration example Network requirements On the network shown in Figure 15 perform the following tasks Configure Layer 3 static aggregation groups 1 and 2 on Device A and Device B respectively Config...

Page 64: ...mode destination ip Configure an IP address and subnet mask for Layer 3 aggregate interface Route Aggregation 2 DeviceA Route Aggregation2 ip address 192 168 2 1 24 DeviceA Route Aggregation2 quit Assign Layer 3 Ethernet interfaces GigabitEthernet 1 0 3 and GigabitEthernet 1 0 4 to aggregation group 2 DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port link aggregation group ...

Page 65: ...s based on destination IP addresses Layer 3 edge aggregate interface configuration example Network requirements As shown in Figure 16 the device and the server are the two ends of a Layer 3 dynamic aggregate link Configure an edge aggregate interface so that GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 can forward packets from the server during the server reboot process Figure 16 Network diagra...

Page 66: ...y link aggregation verbose Loadsharing Type Shar Loadsharing NonS Non Loadsharing Port Status S Selected U Unselected I Individual Flags A LACP_Activity B LACP_Timeout C Aggregation D Synchronization E Collecting F Distributing G Defaulted H Expired Aggregate Interface Route Aggregation1 Aggregation Mode Dynamic Loadsharing Type Shar System ID 0x8000 000f e267 6c6a Local Port Status Priority Oper ...

Page 67: ...ation in Layer 2 aggregate interface view applies to the Layer 2 aggregate interface and its aggregation member ports If the device fails to apply the configuration to the aggregate interface it does not assign any aggregation member port to the isolation group If the failure occurs on an aggregation member port the device skips the port and continues to assign other aggregation member ports to th...

Page 68: ...the Internet through GigabitEthernet 1 0 4 Configure the device to provide Internet access for the hosts and isolate them from one another at Layer 2 Figure 17 Network diagram Configuration procedure Create isolation group 2 Device system view Device port isolate group 2 Assign GigabitEthernet 1 0 1 GigabitEthernet 1 0 2 and GigabitEthernet 1 0 3 to isolation group 2 Device interface gigabitethern...

Page 69: ...group 2 Device display port isolate group 2 Port isolation group information Group ID 2 Group members GigabitEthernet1 0 1 GigabitEthernet1 0 2 GigabitEthernet1 0 3 Community VLAN ID None The output shows that ports GigabitEthernet 1 0 1 GigabitEthernet 1 0 2 and GigabitEthernet 1 0 3 are assigned to isolation group 2 As a result Host A Host B and Host C are isolated from one another at layer 2 ...

Page 70: ...57 ...

Page 71: ...s exchange BPDUs to establish a spanning tree BPDUs contain sufficient information for the network devices to complete spanning tree calculation STP uses the following types of BPDUs Configuration BPDUs Used by the network devices to calculate a spanning tree and maintain the spanning tree topology Topology change notification TCN BPDUs Notify network devices of network topology changes Configurat...

Page 72: ...s LAN segment Port through which the designated bridge forwards BPDUs to this LAN segment As shown in Figure 18 Device B and Device C are directly connected to a LAN If Device A forwards BPDUs to Device B through port A1 the designated bridge and designated port are as follows The designated bridge for Device B is Device A The designated port for Device B is port A1 on Device A If Device B forward...

Page 73: ...rt ID is replaced with the ID of this port 3 The device compares the calculated configuration BPDU with the configuration BPDU on the port whose port role will be determined Then the device acts depending on the result of the comparison If the calculated configuration BPDU is superior the device performs the following operations Considers this port as the designated port Replaces the configuration...

Page 74: ...e configuration BPDU that contains a smaller designated bridge ID designated port ID or receiving port ID is selected A tree shape topology forms when the root bridge root ports and designated ports are selected Example of STP calculation Figure 19 provides an example showing how the STP algorithm works Figure 19 The STP algorithm As shown in Figure 19 the priority values of Device A Device B and ...

Page 75: ...ot bridge and designated bridge in the configuration BPDUs of all its ports It considers itself as the root bridge It does not change the configuration BPDU of any port and starts to periodically send configuration BPDUs Port A1 0 0 0 Port A1 Port A2 0 0 0 Port A2 Device B Port B1 performs the following operations 13 Receives the configuration BPDU of Port A1 0 0 0 Port A1 14 Determines that the r...

Page 76: ...t C1 as the root port with the configuration BPDU unchanged Based on the configuration BPDU and path cost of the root port Device C calculates the configuration BPDU of Port C2 0 10 2 Port C2 Device C compares it with the existing configuration BPDU of Port C2 1 0 1 Port B2 Device C determines that the calculated configuration BPDU is superior to the existing one selects Port C2 as the designated ...

Page 77: ...ulated spanning tree The configuration BPDU forwarding mechanism of STP The configuration BPDUs of STP are forwarded according to these guidelines Upon network initiation every device regards itself as the root bridge and generates configuration BPDUs with itself as the root Then it sends the configuration BPDUs at a regular hello interval If the root port receives a configuration BPDU superior to...

Page 78: ...d and discards it if the max age is exceeded RSTP RSTP achieves rapid network convergence by allowing a newly elected root port or designated port to enter the forwarding state much faster than STP A newly elected RSTP root port rapidly enters the forwarding state when the following conditions exist The old root port on the device has stopped forwarding data The upstream designated port has starte...

Page 79: ...overburdened with recalculating the affected spanning trees As a result network performance is degraded MSTP features Developed based on IEEE 802 1s MSTP overcomes the limitations of STP RSTP and PVST In addition to supporting rapid network convergence it allows data flows of different VLANs to be forwarded along separate paths This provides a better load sharing mechanism for redundant links MSTP...

Page 80: ... segments among them All these devices have the following characteristics A spanning tree protocol enabled Same region name Same VLAN to instance mapping configuration MST region 1 MST region 2 MST region 3 MST region 4 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0 VLAN 1 MSTI 1 VLAN 2 3 MSTI 2 Other VLA...

Page 81: ...tree that connects all MST regions in a switched network If you regard each MST region as a device the CST is a spanning tree calculated by these devices through STP or RSTP The blue lines in Figure 21 represent the CST IST An internal spanning tree IST is a spanning tree that runs in an MST region It is also called MSTI 0 a special MSTI to which all VLANs are mapped by default In Figure 21 MSTI 0...

Page 82: ...cted so the device blocks one of the ports The blocked port acts as the backup Edge port Does not connect to any network device or network segment but directly connects to a user host Master port Acts as a port on the shortest path from the local MST region to the common root bridge The master port is not always located on the regional root It is a root port on the IST or CIST and still a master p...

Page 83: ...nning trees An important difference is that an MSTP BPDU carries the MSTP configuration of the bridge from which the BPDU is sent CIST calculation During the CIST calculation the following process takes place The device with the highest priority is elected as the root bridge of the CIST MSTP generates an IST within each MST region through calculation MSTP regards each MST region as a single device...

Page 84: ... VLAN to instance mapping table For more information about MVRP see Configuring MVRP To connect a spanning tree network to a TRILL network make sure the following requirements are met The spanning tree protocol is disabled on the TRILL network An edge port is used to connect the spanning tree network to the TRILL network The edge port can quickly transit to the forwarding state This prevents netwo...

Page 85: ...mission rate Optional Enabling outputting port state transition information Required Enabling the spanning tree feature Configuring the leaf nodes Required Setting the spanning tree mode Optional Configuring the device priority Optional Setting the timeout factor Optional Setting the BPDU transmission rate Optional Configuring path costs of ports Optional Configuring the port priority Optional Ena...

Page 86: ...nts PVST configuration task list Tasks at a glance Configuring the root bridge Required Setting the spanning tree mode Optional Configuring the root bridge or a secondary root bridge Optional Configuring the device priority Optional Configuring the network diameter of a switched network Optional Setting spanning tree timers Optional Setting the timeout factor Optional Setting the BPDU transmission...

Page 87: ...ort uses to recognize and send MSTP packets Optional Enabling outputting port state transition information Required Enabling the spanning tree feature Configuring the leaf nodes Required Setting the spanning tree mode Required Configuring an MST region Optional Configuring the device priority Optional Setting the timeout factor Optional Setting the BPDU transmission rate Optional Configuring edge ...

Page 88: ...the RSTP mode is compatible with the STP mode Compatibility of the PVST mode depends on the link type of a port On an access port the PVST mode is compatible with other spanning tree modes in all VLANs On a trunk port or hybrid port the PVST mode is compatible with other spanning tree modes only in VLAN 1 To set the spanning tree mode Step Command Remarks 1 Enter system view system view N A 2 Set ...

Page 89: ...root bridge in another However one device cannot be the root bridge and a secondary root bridge in the same spanning tree A spanning tree can have only one root bridge If multiple devices can be selected as the root bridge in a spanning tree the device with the lowest MAC address is selected When the root bridge of an instance fails or is shut down and no new root bridge is specified the following...

Page 90: ...icates a higher priority You can set the priority of a device to a low value to specify the device as the root bridge of the spanning tree A spanning tree device can have different priorities in different spanning trees During root bridge selection if all devices in a spanning tree have the same priority the one with the lowest MAC address is selected You cannot change the priority of a device aft...

Page 91: ...series of devices on the path The switched network diameter is the maximum number of devices on the path for an edge device to reach another one in the switched network through the root bridge The network diameter indicates the network size The bigger the diameter the larger the network size Based on the network diameter you configured the system automatically sets an optimal hello time forward de...

Page 92: ...the network diameter of the switched network The larger the network diameter is the longer the forward delay time should be As a best practice use the automatically calculated value because inappropriate forward delay setting might cause temporary redundant paths or increase the network convergence time An appropriate hello time setting enables the device to promptly detect link failures on the ne...

Page 93: ...so wastes network resources To prevent undesired spanning tree calculation and save network resources on a stable network you can set the timeout factor to 5 6 or 7 To set the timeout factor Step Command Remarks 1 Enter system view system view N A 2 Set the timeout factor of the device stp timer factor factor The default setting is 3 Setting the BPDU transmission rate The maximum number of BPDUs a...

Page 94: ... state when ensuring network security On a port the loop guard feature and the edge port setting are mutually exclusive Configuration procedure To configure a port as an edge port Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet or aggregate interface view interface interface type interface number N A 3 Configure the current ports as edge ports stp edged port By de...

Page 95: ... to a single port or aggregate interface with a speed exceeding 10 Gbps The forwarding path selected based on this criterion might not be the best one To solve this problem perform one of the following tasks Use dot1t as the standard for default path cost calculation Manually set the path cost for the port see Configuring path costs of ports To specify a standard for the device to use when it calc...

Page 96: ...e containing two Selected ports 1000 1 Aggregate interface containing three Selected ports 666 1 Aggregate interface containing four Selected ports 500 1 20 Gbps Single port 1 1000 1 Aggregate interface containing two Selected ports 500 1 Aggregate interface containing three Selected ports 333 1 Aggregate interface containing four Selected ports 250 1 40 Gbps Single port 1 500 1 Aggregate interfac...

Page 97: ...nce list cost cost By default the system automatically calculates the path cost of each port Configuration example In MSTP mode perform the following tasks Configure the device to calculate the default path costs of its ports by using IEEE 802 1d 1998 Set the path cost of GigabitEthernet 1 0 3 to 200 on MSTI 2 Sysname system view Sysname stp pathcost standard dot1d 1998 Cost of every port will be ...

Page 98: ...tep Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet or aggregate interface view interface interface type interface number N A 3 Configure the port priority In STP RSTP mode stp port priority priority In PVST mode stp vlan vlan id list port priority priority In MSTP mode stp instance instance list port priority priority The default setting is 128 for all ports Configuri...

Page 99: ...at to communicate with devices that send packets of the same format By default a port in auto mode sends 802 1s MSTP packets When the port receives an MSTP packet of a legacy format the port starts to send packets only of the legacy format This prevents the port from frequently changing the format of sent packets To configure the port to send 802 1s MSTP packets shut down and then bring up the por...

Page 100: ...after you disable the spanning tree feature on these ports Enabling the spanning tree feature in STP RSTP MSTP mode Step Command Remarks 1 Enter system view system view N A 2 Enable the spanning tree feature stp global enable By default the spanning tree feature is disabled globally 3 Enter Layer 2 Ethernet or aggregate interface view interface interface type interface number N A 4 Optional Enable...

Page 101: ...STP with Device C you must perform mCheck operations on the ports interconnecting Device B and Device C Performing mCheck globally Step Command Remarks 1 Enter system view system view N A 2 Perform mCheck stp global mcheck The mCheck operation takes effect on devices operating in MSTP PVST or RSTP mode Performing mCheck in interface view Step Command Remarks 1 Enter system view system view N A 2 E...

Page 102: ...onfiguration digest The VLAN to instance mappings must be the same on associated ports To make Digest Snooping take effect you must enable Digest Snooping both globally and on associated ports As a best practice enable Digest Snooping on all associated ports first and then enable it globally This will make the configuration take effect on all configured ports and reduce impact on the network To pr...

Page 103: ...est snooping DeviceA GigabitEthernet1 0 1 quit DeviceA stp global config digest snooping Enable Digest Snooping on GigabitEthernet 1 0 1 of Device B and enable global Digest Snooping on Device B DeviceB system view DeviceB interface gigabitethernet 1 0 1 DeviceB GigabitEthernet1 0 1 stp config digest snooping DeviceB GigabitEthernet1 0 1 quit DeviceB stp global config digest snooping Configuring N...

Page 104: ... not operate in RSTP mode In this case the following occurs 1 The root port on the downstream device receives no agreement from the upstream device 2 It sends no agreement to the upstream device As a result the designated port of the upstream device can transit to the forwarding state only after a period twice the Forward Delay To enable the designated port of the upstream device to transit its st...

Page 105: ...tp no agreement check By default No Agreement Check is disabled No Agreement Check configuration example Network requirements As shown in Figure 27 Device A connects to a third party device that has a different spanning tree implementation Both devices are in the same region The third party device Device B is the regional root bridge and Device A is the downstream device Figure 27 Network diagram ...

Page 106: ...g traffic forwarding in the network For more information about the MAC address table and the ARP table see Configuring the MAC address table and Layer 3 IP Services Configuration Guide Configuration restrictions and guidelines When you configure TC Snooping follow these restrictions and guidelines TC Snooping and the spanning tree feature are mutually exclusive You must globally disable the spanni...

Page 107: ...nning tree protocol The device reactivates the shutdown port after the port status detection interval set by using the shutdown interval command You can also use the stp port shutdown permanent command to disable the device to reactivate the shutdown port The stp port shutdown permanent command applies to edge ports that are shut down after you configure the stp port shutdown permanent command To ...

Page 108: ... from an MSTI it performs the following operations Immediately sets that port to the listening state in the MSTI Does not forward the received configuration BPDU This is equivalent to disconnecting the link connected to this port in the MSTI If the port receives no BPDUs with a higher priority within twice the forwarding delay it reverts to its original state On a port the loop guard feature and t...

Page 109: ...access network might cause a change to the spanning tree topology in the core network To avoid this problem you can enable port role restriction on a port With this feature enabled when the port receives a superior BPDU it becomes an alternate port rather than a root port Make this configuration on the port that connects to the user access network To configure port role restriction Step Command Re...

Page 110: ...ush when the time period expires This prevents frequent flushing of forwarding address entries As a best practice enable TC BPDU guard To enable TC BPDU guard Step Command Remarks 1 Enter system view system view N A 2 Enable the TC BPDU guard feature stp tc protection By default TC BPDU guard is enabled As a best practice do not disable this feature 3 Optional Configure the maximum number of forwa...

Page 111: ...bles SNMP notifications for spanning tree topology changes To enable SNMP notifications for new root election and topology change events Step Command Remarks 1 Enter system view system view N A 2 Enable SNMP notifications for new root election events In STP MSTP or RSTP mode execute either of the following commands snmp agent trap enable stp new root snmp agent trap enable stp The default settings...

Page 112: ...ng tree status and statistics in standalone mode display stp instance instance list vlan vlan id list interface interface list slot slot number brief Display the spanning tree status and statistics in IRF mode display stp instance instance list vlan vlan id list interface interface list chassis chassis number slot slot number brief Display the MST region configuration information that has taken ef...

Page 113: ... and MSTI 4 respectively DeviceA mst region instance 1 vlan 10 DeviceA mst region instance 3 vlan 30 DeviceA mst region instance 4 vlan 40 Configure the revision level of the MST region as 0 DeviceA mst region revision level 0 Activate MST region configuration DeviceA mst region active region configuration DeviceA mst region quit Configure the current device as the root bridge of MSTI 1 DeviceA st...

Page 114: ...mst region instance 4 vlan 40 Configure the revision level of the MST region as 0 DeviceC mst region revision level 0 Activate MST region configuration DeviceC mst region active region configuration DeviceC mst region quit Configure the current device as the root bridge of MSTI 4 DeviceC stp instance 4 root primary Enable the spanning tree feature globally DeviceC stp global enable 5 Configure Dev...

Page 115: ...hernet1 0 2 DESI FORWARDING NONE 0 GigabitEthernet1 0 3 DESI FORWARDING NONE 1 GigabitEthernet1 0 2 DESI FORWARDING NONE 1 GigabitEthernet1 0 3 ROOT FORWARDING NONE 3 GigabitEthernet1 0 1 DESI FORWARDING NONE 3 GigabitEthernet1 0 3 DESI FORWARDING NONE Display brief spanning tree information on Device C DeviceC display stp brief MST ID Port Role STP State Protection 0 GigabitEthernet1 0 1 DESI FOR...

Page 116: ...f a VLAN are forwarded along the spanning trees of the VLAN VLAN 10 VLAN 20 and VLAN 30 are terminated on the distribution layer devices and VLAN 40 is terminated on the access layer devices The root bridge of VLAN 10 and VLAN 20 is Device A The root bridge of VLAN 30 is Device B The root bridge of VLAN 40 is Device C A B A B C D C B C MSTI 1 mapped to VLAN 10 A D D Root bridge Normal link Blocked...

Page 117: ...panning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceA stp global enable DeviceA stp vlan 10 20 30 enable 3 Configure Device B Set the spanning tree mode to PVST DeviceB system view DeviceB stp mode pvst Configure the device as the root bridge of VLAN 30 DeviceB stp vlan 30 root primary Enable the spanning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceB stp globa...

Page 118: ...information on Device B DeviceB display stp brief VLAN ID Port Role STP State Protection 10 GigabitEthernet1 0 2 DESI FORWARDING NONE 10 GigabitEthernet1 0 3 ROOT FORWARDING NONE 20 GigabitEthernet1 0 1 DESI FORWARDING NONE 20 GigabitEthernet1 0 2 DESI FORWARDING NONE 20 GigabitEthernet1 0 3 ROOT FORWARDING NONE 30 GigabitEthernet1 0 1 DESI FORWARDING NONE 30 GigabitEthernet1 0 3 DESI FORWARDING N...

Page 119: ...tEthernet1 0 2 ALTE DISCARDING NONE 40 GigabitEthernet1 0 3 ROOT FORWARDING NONE Based on the output you can draw a topology for each VLAN spanning tree as shown in Figure 32 Figure 32 VLAN spanning tree topologies ...

Page 120: ... within a VLAN If a detection frame is returned with a different VLAN tag than it was sent out with an inter VLAN loop has occurred To remove the loop examine the QinQ configuration for incorrect settings For more information about QinQ see Configuring QinQ Figure 33 Ethernet frame header for loop detection The Ethernet frame header for loop detection contains the following fields DMAC Destination...

Page 121: ...ames are sent at a specified interval called a loop detection interval to determine whether loops occur on ports and whether loops are removed Loop protection actions When the device detects a loop on a port it generates a log but performs no action on the port by default You can configure the device to take the shutdown action When the device detects a loop on a port the device generates a log an...

Page 122: ...ction on TRILL ports because TRILL networks prevent loops from being generated For information more about TRILL see TRILL Configuration Guide Enabling loop detection globally Step Command Remarks 1 Enter system view system view N A 2 Globally enable loop detection loopback detection global enable vlan vlan list all Disabled by default Enabling loop detection on a port Step Command Remarks 1 Enter ...

Page 123: ...he loop protection action on a Layer 2 aggregate interface Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 aggregate interface view interface bridge aggregation interface number N A 3 Configure the loop protection action on the interface loopback detection action shutdown By default the device generates a log but performs no action on the port on which a loop is detected S...

Page 124: ...e port on which a loop is detected Figure 35 Network diagram Configuration procedure 1 Configure Device A Create VLAN 100 and globally enable loop detection for the VLAN DeviceA system view DeviceA vlan 100 DeviceA vlan100 quit DeviceA loopback detection global enable vlan 100 Configure GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 as trunk ports and assign them to VLAN 100 DeviceA interface Gig...

Page 125: ...ethernet 1 0 2 DeviceB GigabitEthernet1 0 2 port link type trunk DeviceB GigabitEthernet1 0 2 port trunk permit vlan 100 DeviceB GigabitEthernet1 0 2 quit 3 Configure Device C Create VLAN 100 DeviceC system view DeviceC vlan 100 DeviceC vlan100 quit Configure GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 as trunk ports and assign them to VLAN 100 DeviceC interface GigabitEthernet 1 0 1 DeviceC G...

Page 126: ...ection Loop detection is enabled Loop detection interval is 35 second s No loopback is detected The output shows that the device has removed the loops from GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 according to the shutdown action Display the status of GigabitEthernet 1 0 1 on devices for example Device A DeviceA display interface gigabitethernet 1 0 1 GigabitEthernet1 0 1 current state DOWN...

Page 127: ...ll workstations and servers used by a particular workgroup to the same VLAN regardless of their physical locations Hosts in the same VLAN can directly communicate with one another You need a router or a Layer 3 switch for hosts in different VLANs to communicate with one another All these VLAN features reduce bandwidth waste improve LAN security and enable flexible virtual group creation VLAN frame...

Page 128: ...re For information about the VLAN tag fields in other frame encapsulation formats see related protocols and standards For a frame that has multiple VLAN tags the device handles it according to its outermost VLAN tag and transmits its inner VLAN tags as the payload Protocols and standards IEEE 802 1Q IEEE Standard for Local and Metropolitan Area Networks Virtual Bridged Local Area Networks Configur...

Page 129: ... have the following characteristics Associated with the same primary VLAN Enabled with Layer 3 communication in VLAN interface view of the primary VLAN interface For more information about secondary VLANs see Configuring the private VLAN To configure basic settings of a VLAN interface Step Command Remarks 1 Enter system view system view N A 2 Create a VLAN interface and enter VLAN interface view i...

Page 130: ...AN tagged Ports connecting network devices are typically configured as trunk ports Hybrid A hybrid port can forward packets from multiple VLANs The tagging status of the packets forwarded by a hybrid port depends on the port configuration In one to two VLAN mapping hybrid ports are used to remove SVLAN tags from downlink traffic For more information about one to two VLAN mapping see Configuring VL...

Page 131: ...moving the tag if its VLAN is carried on the port but is different from the PVID Sends the frame if its VLAN is permitted on the port The tagging status of the frame depends on the port hybrid vlan command configuration In a VLAN aware network the default processing order for untagged packets is as follows in descending order of priority MAC based VLANs IP subnet based VLANs Protocol based VLANs P...

Page 132: ...and guidelines To change the link type of a port from trunk to hybrid or vice versa set the link type to access first To enable a trunk port to transmit packets from its PVID you must assign the trunk port to the PVID by using the port trunk permit vlan command To assign a trunk port to one or multiple VLANs Step Command Remarks 1 Enter system view system view N A 2 Enter interface view Enter Laye...

Page 133: ... A 2 Enter interface view Enter Layer 2 Ethernet interface view RPR logical interface view or Layer 2 aggregate interface view interface interface type interface number Enter S channel interface view interface s channel interface number channel id Enter S channel aggregate interface view interface schannel aggregation interface number channel id N A 3 Configure the link type of the port as hybrid ...

Page 134: ...he VLAN ID specific to this entry b If the fuzzy match fails the port performs an exact match It searches for MAC to VLAN entries whose masks are all Fs If the source MAC address of the frame exactly matches the MAC address of a MAC to VLAN entry the port tags the frame with the VLAN ID specific to this entry c If no matching VLAN ID is found the port determines the VLAN for the packet by using th...

Page 135: ...y MAC addresses in MAC to VLAN entries the port checks whether the VLAN ID of the frame is its PVID If the VLAN ID of the frame is the PVID of the port the port determines whether it allows the PVID If the PVID is allowed the port forwards the frame within the PVID If the PVID is not allowed the port drops the frame If the VLAN ID of the frame is not the PVID of the port the port determines whethe...

Page 136: ...e then performs the following operations 3 Generates a MAC to VLAN entry by using the source MAC address of the user packet and the authorization VLAN information The authorization VLAN is a MAC based VLAN The generated MAC to VLAN entry cannot conflict with the existing static MAC to VLAN entries If a confliction exists the dynamic MAC to VLAN entry cannot be generated 4 Assigns the port that con...

Page 137: ... learning do not take effect For successful dynamic MAC based VLAN assignment use static VLANs when you create MAC to VLAN entries As a best practice do not use dynamic MAC based VLAN assignment with MSTP In MSTP mode if a port is blocked in the MSTI of its target VLAN the port drops the received packets instead of delivering them to the CPU As a result the port will not be dynamically assigned to...

Page 138: ...rce MAC addresses fail the exact match the port forwards them in its PVID Configuring server assigned MAC based VLAN Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view interface interface type interface number N A 3 Configure the link type of the ports as hybrid port link type hybrid By default all ports are access ports 4 Assign the hybrid port to the...

Page 139: ...e hybrid port to the specified IP subnet based VLANs port hybrid vlan vlan id list tagged untagged By default a hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access 8 Associate the hybrid port with the specified IP subnet based VLAN port hybrid ip subnet vlan vlan vlan id By default no IP subnet based VLAN is associated with a hybrid port Configuring...

Page 140: ...thernet interface view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number N A 6 Configure the port link type as hybrid port link type hybrid By default all ports are access ports 7 Assign the hybrid port to the specified protocol based VLANs port hybrid vlan vlan id list tagged untagged By default a hybrid port is an untag...

Page 141: ...n about protocol based VLANs that are associated with the specified ports display protocol vlan interface interface type interface number1 to interface type interface number2 all Display information about protocol based VLANs display protocol vlan vlan vlan id1 to vlan id2 all Display VLAN information display vlan vlan id1 to vlan id2 all dynamic reserved static Display brief VLAN information disp...

Page 142: ...mit vlan 100 200 Please wait Done 2 Configure Device B in the same way Device A is configured Details not shown 3 Configure hosts a Configure Host A and Host C to be on the same IP subnet For example 192 168 100 0 24 b Configure Host B and Host D to be on the same IP subnet For example 192 168 200 0 24 Verifying the configuration Verify that Host A and Host C can ping each other but they both fail...

Page 143: ...eting rooms One department uses VLAN 100 and owns Laptop 1 The other department uses VLAN 200 and owns Laptop 2 Configure MAC based VLANs so that Laptop 1 and Laptop 2 can access Server 1 and Server 2 respectively no matter which meeting room they are used in Figure 40 Network diagram Configuration procedure 1 Configure Device A Create VLANs 100 and 200 DeviceA system view DeviceA vlan 100 DeviceA...

Page 144: ...Ethernet 1 0 13 to VLAN 100 DeviceB system view DeviceB vlan 100 DeviceB vlan100 port gigabitethernet 1 0 13 DeviceB vlan100 quit Create VLAN 200 and assign GigabitEthernet 1 0 14 to VLAN 200 DeviceB vlan 200 DeviceB vlan200 port gigabitethernet 1 0 14 DeviceB vlan200 quit Configure GigabitEthernet 1 0 3 as a trunk port and assign the port to VLANs 100 and 200 DeviceB interface gigabitethernet 1 0...

Page 145: ...ts from 192 168 5 0 24 and 192 168 50 0 24 in VLANs 100 and 200 respectively Figure 41 Network diagram Configuration procedure 1 Configure Device C Associate IP subnet 192 168 5 0 24 with VLAN 100 DeviceC system view DeviceC vlan 100 DeviceC vlan100 ip subnet vlan ip 192 168 5 0 255 255 255 0 DeviceC vlan100 quit Associate IP subnet 192 168 50 0 24 with VLAN 200 DeviceC vlan 200 DeviceC vlan200 ip...

Page 146: ...e IP subnet based VLANs 100 and 200 DeviceC GigabitEthernet1 0 1 port hybrid ip subnet vlan vlan 100 DeviceC GigabitEthernet1 0 1 port hybrid ip subnet vlan vlan 200 DeviceC GigabitEthernet1 0 1 quit 2 Configure Device A and Device B to forward packets from VLANs 100 and 200 respectively Details not shown Verifying the configuration Verify the IP subnet based VLAN configuration on Device C DeviceC...

Page 147: ...s protocol VLAN for IPv6 Device vlan 200 Device vlan200 description protocol VLAN for IPv6 Assign GigabitEthernet 1 0 12 to VLAN 200 Device vlan200 port gigabitethernet 1 0 12 Configure VLAN 200 as a protocol based VLAN and create an IPv6 protocol template with the index 1 for VLAN 200 Device vlan200 protocol vlan 1 ipv6 Device vlan200 quit Configure VLAN 100 as a protocol based VLAN Create an IPv...

Page 148: ...VLAN 200 Device GigabitEthernet1 0 2 port hybrid protocol vlan vlan 100 1 to 2 Device GigabitEthernet1 0 2 port hybrid protocol vlan vlan 200 1 Device GigabitEthernet1 0 2 quit 2 Configure hosts and servers a Configure IPv4 Host A IPv4 Host B and IPv4 server to be on the same network segment 192 168 100 0 24 for example Details not shown b Configure IPv6 Host A IPv6 Host B and IPv6 server to be on...

Page 149: ... type Status 100 1 IPv4 Active 100 2 Ethernet II Etype 0x0806 Active 200 1 IPv6 Active Interface GigabitEthernet 1 0 2 VLAN ID Protocol index Protocol type Status 100 1 IPv4 Active 100 2 Ethernet II Etype 0x0806 Active 200 1 IPv6 Active ...

Page 150: ...rface as follows In an IPv4 network enable local proxy ARP on the super VLAN interface The super VLAN can then process ARP requests and replies sent from the sub VLANs In an IPv6 network enable local proxy ND on the super VLAN interface The super VLAN can then process the NS and NA messages sent from the sub VLANs Super VLAN configuration task list Tasks at a glance Required Creating a sub VLAN Re...

Page 151: ...iew interface vlan interface vlan interface id The vlan interface id argument must be the super VLAN ID 3 Configure an IP address for the super VLAN interface Configure an IPv4 address ip address ip address mask length mask sub Configure an IPv6 address ipv6 address ipv6 address prefix length ipv6 address prefix length By default no IP address is configured for a VLAN interface 4 Configure Layer 3...

Page 152: ...address to its VLAN interface Associate the super VLAN with VLANs 2 3 and 5 Figure 43 Network diagram Configuration procedure Create VLAN 10 and configure its VLAN interface IP address as 10 1 1 1 24 DeviceA system view DeviceA vlan 10 DeviceA vlan10 quit DeviceA interface vlan interface 10 DeviceA Vlan interface10 ip address 10 1 1 1 255 255 255 0 Enable local proxy ARP DeviceA Vlan interface10 l...

Page 153: ...ervlan DeviceA vlan10 subvlan 2 3 5 DeviceA vlan10 quit DeviceA quit Verifying the configuration Display information about super VLAN 10 and its associated sub VLANs DeviceA display supervlan Super VLAN ID 10 Sub VLAN ID 2 3 5 VLAN ID 10 VLAN type Static It is a super VLAN Route interface Configured Ipv4 address 10 1 1 1 Ipv4 subnet mask 255 255 255 0 Description VLAN 0010 Name VLAN 0010 Tagged po...

Page 154: ...Name VLAN 0003 Tagged ports None Untagged ports GigabitEthernet1 0 3 GigabitEthernet1 0 4 VLAN ID 5 VLAN type Static It is a sub VLAN Route interface Configured Ipv4 address 10 1 1 1 Ipv4 subnet mask 255 255 255 0 Description VLAN 0005 Name VLAN 0005 Tagged ports None Untagged ports GigabitEthernet1 0 5 GigabitEthernet1 0 6 ...

Page 155: ... B VLAN 10 is the primary VLAN VLANs 2 5 and 8 are secondary VLANs that are associated with VLAN 10 L3 Device A is only aware of VLAN 10 Figure 44 Private VLAN example If the private VLAN feature is configured on a Layer 3 device use one of the following methods on the Layer 3 device to enable Layer 3 communication Layer 3 communication might be required between secondary VLANs that are associated...

Page 156: ...ir associated primary VLANs For more information about promiscuous trunk promiscuous host and trunk secondary ports see Layer 2 LAN Switching Command Reference 5 Configure Layer 3 communication between the specified secondary VLANs that are associated with the primary VLAN Configuration restrictions and guidelines When you configure the private VLAN feature follow these restrictions and guidelines...

Page 157: ... promiscuous port of the specified VLAN port private vlan vlan id promiscuous Configure the uplink port as a trunk promiscuous port of the specified VLANs port private vlan vlan id list trunk promiscuous By default a port is not a promiscuous or trunk promiscuous port of any VLANs 12 Return to system view quit N A 13 Enter interface view of the downlink port interface interface type interface numb...

Page 158: ...gth mask sub d Assign an IPv6 address to the primary VLAN interface ipv6 address ipv6 address prefix length ipv6 address prefix len gth e Enable local proxy ARP local proxy arp enable f Enable local proxy ND local proxy nd enable Use substeps a b c and e for devices that run IPv4 protocols Use substeps a b d and f for devices that run IPv6 protocols By default Secondary VLANs cannot communicate wi...

Page 159: ...d with secondary VLANs 3 and 4 GigabitEthernet 1 0 5 is in VLAN 6 GigabitEthernet 1 0 3 is in VLAN 3 GigabitEthernet 1 0 4 is in VLAN 4 Device A is aware of only VLAN 5 on Device B and VLAN 6 on Device C Figure 45 Network diagram Configuration procedure This example describes the configurations on Device B and Device C 1 Configure Device B Configure VLAN 5 as a primary VLAN DeviceB system view Dev...

Page 160: ...C vlan6 quit Create VLANs 3 and 4 DeviceC vlan 3 to 4 Associate secondary VLANs 3 and 4 with primary VLAN 6 DeviceC vlan 6 DeviceC vlan6 private vlan secondary 3 to 4 DeviceC vlan6 quit Configure the uplink port GigabitEthernet 1 0 5 as a promiscuous port of VLAN 6 DeviceC interface gigabitethernet 1 0 5 DeviceC GigabitEthernet1 0 5 port private vlan 6 promiscuous DeviceC GigabitEthernet1 0 5 quit...

Page 161: ...Static Private VLAN type Secondary Route interface Not configured Description VLAN 0003 Name VLAN 0003 Tagged Ports None Untagged Ports GigabitEthernet1 0 3 GigabitEthernet1 0 5 The output shows that The promiscuous port GigabitEthernet 1 0 5 is an untagged member of primary VLAN 5 and secondary VLANs 2 and 3 The host port GigabitEthernet 1 0 2 is an untagged member of primary VLAN 5 and secondary...

Page 162: ...ry VLAN 8 Secondary VLANs 6 and 8 are associated with primary VLAN 10 Device A is aware of only VLANs 5 and 10 on Device B Figure 46 Network diagram Configuration procedure 1 Configure Device B Configure VLANs 5 and 10 as primary VLANs DeviceB system view DeviceB vlan 5 DeviceB vlan5 private vlan primary DeviceB vlan5 quit DeviceB vlan 10 DeviceB vlan10 private vlan primary DeviceB vlan10 quit Cre...

Page 163: ...rt GigabitEthernet 1 0 6 to VLAN 6 and configure the port as a host port DeviceB interface gigabitethernet 1 0 6 DeviceB GigabitEthernet1 0 6 port access vlan 6 DeviceB GigabitEthernet1 0 6 port private vlan host DeviceB GigabitEthernet1 0 6 quit Assign the downlink port GigabitEthernet 1 0 8 to VLAN 8 and configure the port as a host port DeviceB interface gigabitethernet 1 0 8 DeviceB GigabitEth...

Page 164: ... ports GigabitEthernet1 0 1 Untagged ports GigabitEthernet1 0 2 VLAN ID 3 VLAN type Static Private VLAN type Secondary Route interface Not configured Description VLAN 0003 Name VLAN 0003 Tagged ports GigabitEthernet1 0 1 Untagged ports GigabitEthernet1 0 3 The output shows that The trunk promiscuous port GigabitEthernet 1 0 1 is a tagged member of primary VLAN 5 and secondary VLANs 2 and 3 The hos...

Page 165: ... A The downlink port GigabitEthernet 1 0 2 permits the packets from secondary VLANs 11 and 21 to pass through tagged The downlink port GigabitEthernet 1 0 1 permits secondary VLAN 22 The downlink port GigabitEthernet 1 0 3 permits secondary VLAN 12 Secondary VLANs 11 and 12 are associated with primary VLAN 10 Secondary VLANs 21 and 22 are associated with primary VLAN 20 Figure 47 Network diagram C...

Page 166: ...lan 22 DeviceA GigabitEthernet1 0 1 port private vlan host DeviceA GigabitEthernet1 0 1 quit Assign the downlink port GigabitEthernet 1 0 3 to VLAN 12 and configure the port as a host port DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port access vlan 12 DeviceA GigabitEthernet1 0 3 port private vlan host DeviceA GigabitEthernet1 0 3 quit Configure the downlink port GigabitE...

Page 167: ...d VLAN member DeviceC interface gigabitethernet 1 0 5 DeviceC GigabitEthernet1 0 5 port link type hybrid DeviceC GigabitEthernet1 0 5 port hybrid vlan 10 20 tagged DeviceC GigabitEthernet1 0 5 quit Verifying the configuration Verify the primary VLAN configurations on Device A The following output uses primary VLAN 10 as an example DeviceA display private vlan 10 Primary VLAN ID 10 Secondary VLAN I...

Page 168: ...of primary VLAN 10 and secondary VLAN 12 Secondary VLAN Layer 3 communication configuration example Network requirements As shown in Figure 48 configure the private VLAN feature to meet the following requirements Primary VLAN 10 on Device A is associated with secondary VLANs 2 and 3 The IP address of VLAN interface 10 is 192 168 1 1 24 The port GigabitEthernet 1 0 1 belongs to VLAN 10 The ports Gi...

Page 169: ...iceA GigabitEthernet1 0 2 quit Assign the downlink port GigabitEthernet 1 0 3 to VLAN 3 and configure the port as a host port DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port access vlan 3 DeviceA GigabitEthernet1 0 3 port private vlan host DeviceA GigabitEthernet1 0 3 quit Enable Layer 3 communication between secondary VLANs 2 and 3 that are associated with primary VLAN 1...

Page 170: ...5 255 255 0 Description VLAN 0002 Name VLAN 0002 Tagged ports None Untagged ports GigabitEthernet1 0 1 GigabitEthernet1 0 2 VLAN ID 3 VLAN type Static Private VLAN type Secondary Route interface Configured IPv4 address 192 168 1 1 IPv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports GigabitEthernet1 0 1 GigabitEthernet1 0 3 The Route interface field ...

Page 171: ...dresses A device identifies voice packets based on their source MAC addresses A packet whose source MAC address complies with an Organizationally Unique Identifier OUI address of the device is regarded as a voice packet You can use system default OUI addresses see Table 10 or configure OUI addresses for the device You can manually remove or add the system default OUI addresses Table 10 Default OUI...

Page 172: ...ist to identify IP phones if the network has more IP phone categories than the maximum number of OUI addresses supported on the device LLDP has higher priority than the OUI list For more information about LLDP see Configuring LLDP Advertising the voice VLAN information to IP phones Figure 49 shows the workflow of advertising the voice VLAN information to IP phones Figure 49 Workflow of advertising...

Page 173: ...tic mode when PCs and IP phones are connected in series to access the network through the device as shown in Figure 50 Ports on the device transmit both voice traffic and data traffic When an IP phone is powered on it sends out protocol packets After receiving these protocol packets the device uses the source MAC address of the protocol packets to match its OUI addresses If the match succeeds the ...

Page 174: ...ket processing ports of different link types must meet specific configuration requirements in different voice VLAN assignment modes Access ports do not transmit tagged packets Table 11 Configuration requirements for trunk and hybrid ports to support tagged voice traffic Port link type Voice VLAN assignment mode Configuration requirements Trunk Automatic The PVID of the port cannot be the voice VLA...

Page 175: ...voice VLANs to operate in normal mode This mode reduces system resource consumption in source MAC address checking TIP A device increases the transmission priority only for packets whose source MAC addresses match OUI addresses of the device In normal mode the device performs no OUI address match for the received packets The priority of the packets transmitted in the voice VLAN are not increased A...

Page 176: ... Before you configure the QoS priority settings for voice traffic on a port make sure the voice VLAN feature is disabled on it To configure the QoS priority settings for voice traffic Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view interface interface type interface number N A 3 Configure QoS priority settings for incoming voice VLAN packets Configu...

Page 177: ...ps the received packets instead of delivering them to the CPU As a result the port will not be dynamically assigned to the voice VLAN As a best practice do not configure both dynamic MAC based VLAN assignment and automatic voice VLAN assignment mode on a port They can have a negative impact on each other Configuration procedure To configure a port to operate in automatic voice VLAN assignment mode...

Page 178: ... aggregation To make a voice VLAN take effect on a port operating in manual mode you must manually assign the port to the voice VLAN EVB is not supported on a port that is enabled with the voice VLAN feature For more information about EVB see EVB Configuration Guide Configuration procedure To configure a port to operate in manual voice VLAN assignment mode Step Command Remarks 1 Enter system view ...

Page 179: ...fore you configure a voice VLAN you must create a VLAN Enabling LLDP for automatic IP phone discovery Configuration restrictions and guidelines When you enable LLDP for automatic IP phone discovery following these restrictions and guidelines Before you enable this feature enable LLDP both globally and on access ports Use this feature only with the automatic voice VLAN assignment mode Do not use th...

Page 180: ...ets from the IP phone Send CDP packets to the IP phone The voice VLAN information is carried in the CDP packets After receiving the advertised VLAN information the IP phone performs automatic voice VLAN configuration Packets from the IP phone will be transmitted in the dedicated voice VLAN LLDP packets sent from the device carry the priority information CDP packets sent from the device do not carr...

Page 181: ...raffic transmission perform the following tasks on Device A Configure voice VLANs 2 and 3 to transmit voice packets from IP phone A and IP phone B respectively Configure GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 to operate in automatic voice VLAN assignment mode Add MAC addresses of IP phones A and B to the device for voice packet identification The mask of the two MAC addresses is FFFF FF00...

Page 182: ...0 2 DeviceA GigabitEthernet1 0 2 port link type hybrid Configure GigabitEthernet 1 0 2 to operate in automatic voice VLAN assignment mode DeviceA GigabitEthernet1 0 2 voice vlan mode auto Enable voice VLAN on GigabitEthernet 1 0 2 and configure VLAN 3 as the voice VLAN for it DeviceA GigabitEthernet1 0 2 voice vlan 3 enable DeviceA GigabitEthernet1 0 2 quit Verifying the configuration Display the ...

Page 183: ...ddress 0011 2200 0000 with the mask FFFF FF00 0000 DeviceA voice vlan mac address 0011 2200 0000 mask ffff ff00 0000 description test Create VLAN 2 DeviceA vlan 2 DeviceA vlan2 quit Configure GigabitEthernet 1 0 1 to operate in manual voice VLAN assignment mode DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 undo voice vlan mode auto Configure GigabitEthernet 1 0 1 as a hybrid...

Page 184: ...0d00 0000 ffff ff00 0000 Avaya phone 000f e200 0000 ffff ff00 0000 H3C Aolynk phone 0011 2200 0000 ffff ff00 0000 test 0060 b900 0000 ffff ff00 0000 Philips NEC phone 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00e0 bb00 0000 ffff ff00 0000 3Com phone Display the voice VLAN state DeviceA display voice vlan state Current voice VLANs 1 Voice VLAN security ...

Page 185: ...icipant As shown in Figure 54 an MRP participant sends declarations and withdrawals to notify other participants to register and deregister its attribute values It also registers and deregisters the attribute values of other participants according to the received declarations and withdrawals MRP rapidly propagates the configuration information of an MRP participant throughout the LAN Figure 54 MRP...

Page 186: ...w message enables MRP participants to register attributes When the MSTP topology changes an MRP participant sends a New message to the peer participant to declare the topology change Upon receiving a New message from the peer participant an MRP participant performs the following tasks Registers the attributes in the message Propagates the New message to all other participants on the device After r...

Page 187: ...nsmission of Join messages An MRP participant starts the Join timer after sending a Join message to the peer participant Before the Join timer expires the participant does not resend the Join message when the following conditions exist The participant receives a JoinIn message from the peer participant The received JoinIn message has the same attributes as the sent Join message When both the Join ...

Page 188: ...N Protocols and standards IEEE 802 1ak IEEE Standard for Local and Metropolitan Area Networks Virtual Bridged Local Area Networks Amendment 07 Multiple Registration Protocol MVRP configuration task list Tasks at a glance Required Enabling MVRP Optional Configuring an MVRP registration mode Optional Configuring MRP timers Optional Enabling GVRP compatibility Configuration restrictions and guideline...

Page 189: ...lly mvrp global enable By default MVRP is globally disabled For MVRP to take effect on a port enable MVRP both on the port and globally 3 Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number N A 4 Configure the port as a trunk port port link type trunk By default each port is an access port For more information about the port link type...

Page 190: ...mber N A 3 Configure the LeaveAll timer mrp timer leaveall timer value Optional The default setting is 1000 centiseconds 4 Configure the Join timer mrp timer join timer value Optional The default setting is 20 centiseconds 5 Configure the Leave timer mrp timer leave timer value Optional The default setting is 60 centiseconds 6 Configure the Periodic timer mrp timer periodic timer value Optional Th...

Page 191: ...ommand Remarks 1 Enter system view system view N A 2 Enable GVRP compatibility mvrp gvrp compliance enable By default GVRP compatibility is disabled Displaying and maintaining MVRP Execute display commands in any view and reset commands in user view Task Command Display MVRP running status display mvrp running status interface interface list Display the MVRP state of a port in a VLAN display mvrp ...

Page 192: ...revision level 0 Manually activate the MST region configuration DeviceA mst region active region configuration DeviceA mst region quit Configure Device A as the primary root bridge of MSTI 1 DeviceA stp instance 1 root primary VLAN 20 Permit all VLANs Permit VLAN 40 Permit all VLANs Permit VLANs 20 40 Permit all VLANs Device A Device B Device C Device D GE1 0 2 G E 1 0 1 GE1 0 2 G E 1 0 1 G E 1 0 ...

Page 193: ... it to permit all VLANs DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port link type trunk DeviceA GigabitEthernet1 0 3 port trunk permit vlan all Enable MVRP on GigabitEthernet 1 0 3 DeviceA GigabitEthernet1 0 3 mvrp enable DeviceA GigabitEthernet1 0 3 quit Create VLAN 10 DeviceA vlan 10 DeviceA vlan10 quit 2 Configure Device B Enter MST region view DeviceB system view Devi...

Page 194: ... DeviceB GigabitEthernet1 0 3 mvrp enable DeviceB GigabitEthernet1 0 3 quit Create VLAN 20 DeviceB vlan 20 DeviceB vlan20 quit 3 Configure Device C Enter MST region view DeviceC system view DeviceC stp region configuration Configure the MST region name VLAN to instance mappings and revision level DeviceC mst region region name example DeviceC mst region instance 1 vlan 10 DeviceC mst region instan...

Page 195: ...obally enable the spanning tree feature DeviceD stp global enable Globally enable MVRP DeviceD mvrp global enable Configure GigabitEthernet 1 0 1 as a trunk port and configure it to permit VLANs 20 and 40 DeviceD interface gigabitethernet 1 0 1 DeviceD GigabitEthernet1 0 1 port link type trunk DeviceD GigabitEthernet1 0 1 port trunk permit vlan 20 40 Enable MVRP on GigabitEthernet 1 0 1 DeviceD Gi...

Page 196: ...econds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs None Declared VLANs 1 default Propagated VLANs None GigabitEthernet1 0 3 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 20 Dec...

Page 197: ...centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default Declared VLANs 1 default 20 Propagated VLANs 1 default GigabitEthernet1 0 2 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default 10 Declar...

Page 198: ...MVRP Global Info Global Status Enabled Compliance GVRP False GigabitEthernet1 0 1 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default 10 20 Declared VLANs 1 default Propagated VLANs 1 default 10 GigabitEthernet1 0 2 Config Status Enabl...

Page 199: ...d VLANs 1 default 20 GigabitEthernet1 0 2 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default Declared VLANs None Propagated VLANs None The output shows that the following events have occurred GigabitEthernet 1 0 1 has registered and p...

Page 200: ...xed Registered VLANs 1 default 10 Declared VLANs 20 Propagated VLANs 10 The output shows that VLAN information on GigabitEthernet 1 0 3 is not changed after you set its MVRP registration mode to fixed Delete VLAN 10 on Device A DeviceA undo vlan 10 Display local MVRP VLAN information on GigabitEthernet 1 0 3 of Device B DeviceB display mvrp running status interface gigabitethernet 1 0 3 MVRP Globa...

Page 201: ...188 The output shows that dynamic VLAN information on GigabitEthernet 1 0 3 is not changed after you set its MVRP registration mode to fixed ...

Page 202: ...cheme Allows different customers to use overlapping CVLAN IDs Devices in the service provider network make forwarding decisions based on SVLAN IDs instead of CVLAN IDs How QinQ works As shown in Figure 56 a QinQ frame transmitted over the service provider network carries the following tags CVLAN tag Identifies the VLAN to which the frame belongs when it is transmitted in the customer network SVLAN...

Page 203: ...tagged with the PVID tag To perform advanced VLAN manipulations use VLAN mapping see Configuring VLAN mapping or QoS policies For example To use different SVLANs for different CVLAN tags use one to two VLAN mapping To replace the SVLAN ID CVLAN ID or both IDs for an incoming double tagged frame use two to two VLAN mapping To set the 802 1p priority in SVLAN tags configure a QoS policy as described...

Page 204: ...et interface view or Layer 2 aggregate interface view interface interface type interface number N A 3 Enable QinQ qinq enable By default QinQ is disabled Configuring transparent transmission for VLANs You can exclude a VLAN for example the management VLAN from the QinQ tagging action on a customer side port This VLAN is called a transparent VLAN To ensure successful transmission for a transparent ...

Page 205: ...nd match incoming tagged frames An incoming frame is handled as untagged if the TPID in its outer VLAN tag is different from the SVLAN TPID For example a PE device is connected to a customer device that uses the TPID 0x8200 and to a provider device that uses the TPID 0x9100 For correct packet processing you must set the CVLAN TPID and SVLAN TPID to 0x8200 and 0x9100 on the PE respectively The TPID...

Page 206: ... port depends on the priority trust mode on the port If the 802 1p priority in frames is trusted the device copies the 802 1p priority in the CVLAN tag to the SVLAN tag If port priority is trusted the port priority 0 by default is used as the 802 1p priority in the SVLAN tag To set the 802 1p priority in SVLAN tags Step Command Remarks 1 Enter system view system view N A 2 Create a traffic class a...

Page 207: ...N A 10 Return to system view quit N A 11 Enter Layer 2 Ethernet interface view interface interface type interface number N A 12 Configure the port to trust the 802 1p priority in incoming frames qos trust dot1p By default the device does not trust the priority carried in frames This step is required only if the remark dot1p command is configured 13 Enable QinQ qinq enable N A 14 Apply the QoS poli...

Page 208: ...y B respectively For the QinQ frames to be identified correctly set the SVLAN TPID to 0x8200 on the service provider side ports of PE 1 and PE 2 Figure 58 Network diagram Configuration procedure 1 Configure PE 1 Configure GigabitEthernet 1 0 1 as a trunk port and assign it to VLAN 100 PE1 system view PE1 interface gigabitethernet 1 0 1 PE1 GigabitEthernet1 0 1 port link type trunk PE1 GigabitEther...

Page 209: ...gabitEthernet1 0 1 port trunk permit vlan 200 Configure VLAN 200 as the PVID for GigabitEthernet 1 0 1 PE2 GigabitEthernet1 0 1 port trunk pvid vlan 200 Enable QinQ on GigabitEthernet 1 0 1 PE2 GigabitEthernet1 0 1 qinq enable PE2 GigabitEthernet1 0 1 quit Configure GigabitEthernet 1 0 2 as a trunk port and assign it to VLANs 100 and 200 PE2 interface gigabitethernet 1 0 2 PE2 GigabitEthernet1 0 2...

Page 210: ...net 1 0 1 as a trunk port and assign it to VLANs 100 and 3000 PE1 system view PE1 interface gigabitethernet 1 0 1 PE1 GigabitEthernet1 0 1 port link type trunk PE1 GigabitEthernet1 0 1 port trunk permit vlan 100 3000 Configure VLAN 100 as the PVID of GigabitEthernet 1 0 1 PE1 GigabitEthernet1 0 1 port trunk pvid vlan 100 Enable QinQ on GigabitEthernet 1 0 1 PE1 GigabitEthernet1 0 1 qinq enable Ena...

Page 211: ...parent transmission for VLAN 3000 on GigabitEthernet 1 0 1 PE2 GigabitEthernet1 0 1 qinq transparent vlan 3000 PE2 GigabitEthernet1 0 1 quit Configure GigabitEthernet 1 0 2 as a trunk port and assign it to VLANs 100 and 3000 PE2 interface gigabitethernet 1 0 2 PE2 GigabitEthernet1 0 2 port link type trunk PE2 GigabitEthernet1 0 2 port trunk permit vlan 100 3000 3 Configure the devices between PE 1...

Page 212: ...iple VLAN tags with the same VLAN tag One to two VLAN mapping Tags single tagged packets with an outer VLAN tag Two to two VLAN mapping Replaces the outer and inner VLAN IDs of double tagged traffic with a new pair of VLAN IDs Application scenario of one to one and many to one VLAN mapping Figure 60 shows a typical application scenario of one to one and many to one VLAN mapping The scenario implem...

Page 213: ...yer device configure many to one VLAN mapping on the campus switch This feature assigns the same VLAN to the same type of traffic from different customers VLANs 101 102 VLAN 501 VLANs 201 202 VLAN 502 VLANs 301 302 VLAN 503 Campus switch Distribution network DHCP client DHCP server Wiring closet switch VLAN 1 VLAN 101 VLAN 2 VLAN 201 VLAN 3 VLAN 301 VLAN 1 VLAN 102 VLAN 2 VLAN 202 VLAN 3 VLAN 302 ...

Page 214: ...LAN tag 10 with SVLAN tag 20 Replaces CVLAN tag 2 with CVLAN tag 3 One to two VLAN mapping provides the following benefits Enables a customer network to plan its CVLAN assignment without conflicting with SVLANs Adds a VLAN tag to a tagged packet and expands the number of available VLANs to 4094 4094 Reduces the stress on the SVLAN resources which were 4094 VLANs in the SP network before the mappin...

Page 215: ... Many to one VLAN mapping As shown in Figure 64 many to one VLAN mapping is implemented on both the customer side and network side ports as follows For the uplink traffic the customer side many to one VLAN mapping replaces multiple CVLANs with the same SVLAN For the downlink traffic the network side many to one VLAN mapping replaces the SVLAN with the CVLAN found in the DHCP snooping table For mor...

Page 216: ...remove the SVLAN tag from the downlink traffic Configure the customer side port as a hybrid port and assign the port to the SVLAN as an untagged member Configure the customer side port as a trunk port and configure the SVLAN as the PVID Figure 65 One to two VLAN mapping implementation Two to two VLAN mapping As shown in Figure 66 two to two VLAN mapping is implemented on the customer side port and...

Page 217: ...ing Configure one to one VLAN mapping on the wiring closet switch as shown in Figure 60 Configuring many to one VLAN mapping Configure many to one VLAN mapping on the campus switch as shown in Figure 60 Configuring one to two VLAN mapping Configure one to two VLAN mapping on PE 1 and PE 4 as shown in Figure 61 through which traffic from customer networks enters the service provider networks Config...

Page 218: ...ring many to one VLAN mapping Configure many to one VLAN mapping on campus switches see Figure 60 to transmit the same type of traffic from different users in one VLAN Configuration restrictions and guidelines When you configure many to one VLAN mapping follow these restrictions and guidelines Before you configure many to one VLAN mapping create the original VLANs and the translated VLANs To ensur...

Page 219: ...nce Configuring the customer side port Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view Enter Layer 2 Ethernet interface view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number N A 3 Set the link type of the port Configure the port as a tru...

Page 220: ...support DHCP snooping are untrusted ports when DHCP snooping is enabled 6 Configure the port as an ARP trusted port arp detection trust By default all ports are ARP untrusted ports 7 Configure the port to use the original VLAN tags of the many to one mapping to replace the VLAN tags of the packets destined for the user network vlan mapping nni By default the port does not replace the VLAN tags of ...

Page 221: ...mapping nest range vlan range list single vlan id list nested vlan vlan id By default no VLAN mapping is configured on an interface Only one SVLAN tag can be added to packets from the same CVLAN To add different SVLAN tags to different CVLAN packets execute this command multiple times Configuring two to two VLAN mapping Configure two to two VLAN mapping on the customer side port of an edge device ...

Page 222: ...to one and many to one VLAN mapping configuration example Network requirements As shown in Figure 67 Each household subscribes to PC VoD and VoIP services and obtains the IP address through DHCP On the home gateways VLANs 1 2 and 3 are assigned to PC VoD and VoIP traffic respectively To isolate traffic of the same service type from different households configure one to one VLAN mapping on the wiri...

Page 223: ...Campus switch Switch C Distribution network DHCP client DHCP server Wiring closet Switch A VLAN 1 VLAN 101 VLAN 2 VLAN 201 VLAN 3 VLAN 301 VLAN 1 VLAN 102 VLAN 2 VLAN 202 VLAN 3 VLAN 302 PC VoD VoIP VLAN 2 Home gateway VLAN 1 VLAN 3 PC VoD VoIP VLAN 2 Home gateway VLAN 1 VLAN 3 VLAN 1 VLAN 103 VLAN 2 VLAN 203 VLAN 3 VLAN 303 VLAN 1 VLAN 104 VLAN 2 VLAN 204 VLAN 3 VLAN 304 PC VoD VoIP VLAN 2 Home g...

Page 224: ... mappings on GigabitEthernet 1 0 2 to map VLANs 1 2 and 3 to VLANs 102 202 and 302 respectively SwitchA GigabitEthernet1 0 2 vlan mapping 1 translated vlan 102 SwitchA GigabitEthernet1 0 2 vlan mapping 2 translated vlan 202 SwitchA GigabitEthernet1 0 2 vlan mapping 3 translated vlan 302 SwitchA GigabitEthernet1 0 2 quit Configure the network side port GigabitEthernet 1 0 3 as a trunk port SwitchA ...

Page 225: ...hC GigabitEthernet1 0 1 vlan mapping uni range 101 to 102 translated vlan 501 SwitchC GigabitEthernet1 0 1 vlan mapping uni range 201 to 202 translated vlan 502 SwitchC GigabitEthernet1 0 1 vlan mapping uni range 301 to 302 translated vlan 503 Enable DHCP snooping entry recording on GigabitEthernet 1 0 1 SwitchC GigabitEthernet1 0 1 dhcp snooping binding record SwitchC GigabitEthernet1 0 1 quit Co...

Page 226: ...itchD system view SwitchD interface gigabitethernet 1 0 1 SwitchD GigabitEthernet1 0 1 port link type trunk Assign GigabitEthernet 1 0 1 to the translated VLANs SwitchD GigabitEthernet1 0 1 port trunk permit vlan 501 to 503 SwitchD GigabitEthernet1 0 1 quit Verifying the configuration Verify VLAN mapping information on the wiring closet switches for example Switch A SwitchA display vlan mapping In...

Page 227: ...figure a one to two VLAN mapping on the customer side port GigabitEthernet 1 0 1 to add SVLAN tag 100 to packets from VLAN 5 PE1 system view PE1 interface gigabitethernet 1 0 1 PE1 GigabitEthernet1 0 1 vlan mapping nest single 5 nested vlan 100 Configure GigabitEthernet 1 0 1 as a hybrid port PE1 GigabitEthernet1 0 1 port link type hybrid Assign GigabitEthernet 1 0 1 to VLAN 5 as a tagged member P...

Page 228: ...gure a two to two VLAN mapping on GigabitEthernet 1 0 1 to map SVLAN 100 and CVLAN 5 to SVLAN 200 and CVLAN 6 PE3 GigabitEthernet1 0 1 vlan mapping tunnel 100 5 translated vlan 200 6 PE3 GigabitEthernet1 0 1 quit Configure GigabitEthernet 1 0 2 as a trunk port PE3 interface gigabitethernet 1 0 2 PE3 GigabitEthernet1 0 2 port link type trunk Assign GigabitEthernet 1 0 2 to VLAN 200 PE3 GigabitEther...

Page 229: ...y VLAN mapping information on PE 1 PE1 display vlan mapping Interface GigabitEthernet1 0 1 Outer VLAN Inner VLAN Translated Outer VLAN Translated Inner VLAN 5 N A 100 5 Verify VLAN mapping information on PE 3 PE3 display vlan mapping Interface GigabitEthernet1 0 1 Outer VLAN Inner VLAN Translated Outer VLAN Translated Inner VLAN 100 5 200 6 Verify VLAN mapping information on PE 4 PE4 display vlan ...

Page 230: ...ion Guide LLDP enables a network management system to quickly detect and identify Layer 2 network topology changes Basic concepts LLDP agent An LLDP agent is a mapping of an entity where LLDP runs Multiple LLDP agents can run on the same interface LLDP agents are divided into the following types Nearest bridge agent Nearest customer bridge agent Nearest non TPMR bridge agent A Two port MAC Relay T...

Page 231: ...s This helps distinguish between LLDP frames sent and received by different agent types on the same interface The destination MAC address is fixed to one of the following multicast MAC addresses 0x0180 C200 000E for LLDP frames destined for nearest bridge agents 0x0180 C200 0000 for LLDP frames destined for nearest customer bridge agents 0x0180 C200 0003 for LLDP frames destined for nearest non TP...

Page 232: ...evice information as shown in Figure 72 Figure 72 LLDPDU encapsulation format An LLDPDU can carry up to 32 types of TLVs Mandatory TLVs include Chassis ID TLV Port ID TLV Time to Live TLV and End of LLDPDU TLV Other TLVs are optional TLVs A TLV is an information element that contains the type length and value fields LLDPDU TLVs include the following categories Basic management TLVs Organizationall...

Page 233: ...l device The interface number and object identifier OID associated with the address IEEE 802 1 organizationally specific TLVs Table 20 IEEE 802 1 organizationally specific TLVs Type Description Port VLAN ID Specifies the port VLAN identifier PVID Port And Protocol VLAN ID Indicates whether the device supports protocol VLANs and if so what VLAN IDs these protocols will be associated with VLAN Name ...

Page 234: ...ort Power Stateful Control Indicates the power state control configured on the sending port including the following Power supply mode of the PSE PD PSE PD priority PSE PD power Energy Efficient Ethernet Indicates Energy Efficient Ethernet EEE NOTE The Power Stateful Control TLV is defined in IEEE P802 3at D1 0 and is not supported in later versions H3C devices send this type of TLVs only after rec...

Page 235: ...ble the other LLDP MED TLVs will not be advertised even if they are advertisable Management address The network management system uses the management address of a device to identify and manage the device for topology maintenance and network management The management address is encapsulated in the management address TLV Working mechanism LLDP operating modes An LLDP agent can operate in one of the ...

Page 236: ...formation ages out immediately Protocols and standards IEEE 802 1AB 2005 Station and Media Access Control Connectivity Discovery IEEE 802 1AB 2009 Station and Media Access Control Connectivity Discovery ANSI TIA 1057 Link Layer Discovery Protocol for Media Endpoint Devices DCB Capability Exchange Protocol Specification Rev 1 00 DCB Capability Exchange Protocol Base Specification Rev 1 01 IEEE Std ...

Page 237: ...ult LLDP is enabled on a port Setting the LLDP bridge mode The following LLDP bridge modes are available Customer bridge mode In customer bridge mode LLDP supports nearest bridge agents nearest non TPMR bridge agents and nearest customer bridge agents LLDP processes the LLDP frames with destination MAC addresses for these agents and transparently transmits the LLDP frames with other destination MA...

Page 238: ...st bridge agents In aggregate interface view you can configure the operating mode only for nearest customer bridge agents and nearest non TPMR bridge agents Setting the LLDP reinitialization delay When the LLDP operating mode changes on a port the port initializes the protocol state machines after an LLDP reinitialization delay By adjusting the delay you can avoid frequent initializations caused b...

Page 239: ...net interface view lldp agent nearest customer nearest nontpmr check change interval interval In Layer 2 Layer 3 aggregate interface view lldp agent nearest customer nearest nontpmr check change interval interval By default LLDP polling is disabled Configuring the advertisable TLVs Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Layer 3 Ethernet interface view management E...

Page 240: ...Vs except the location identification TLV Nearest non TPMR bridge agents can advertise only the EVB TLV Nearest customer bridge agents can advertise basic TLVs and IEEE 802 1 organizationally specific TLVs only port VLAN ID and link aggregation TLVs are supported 4 Configure the advertisable TLVs in Layer 3 Ethernet interface view or management Ethernet interface view lldp tlv enable basic tlv all...

Page 241: ...le TLVs in Layer 3 aggregate interface view lldp agent nearest nontpmr nearest customer tlv enable basic tlv all management address tlv ip address port description system capability system description system name By default Nearest non TPMR bridge agents advertise no TLVs Nearest customer bridge agents can advertise only basic TLVs Nearest bridge agents are not supported on Layer 3 aggregate inter...

Page 242: ...ess for mat string In Layer 2 Layer 3 aggregate interface view lldp agent nearest customer nearest nontpmr management address for mat string By default the encoding format of the management address is numeric Setting other LLDP parameters The Time to Live TLV carried in an LLDPDU determines how long the device information carried in the LLDPDU can be saved on a recipient device By setting the TTL ...

Page 243: ...or LLDP frames to SNAP Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Layer 3 Ethernet interface view management Ethernet interface view or Layer 2 Layer 3 aggregate interface view interface interface type interface number N A 3 Set the encapsulation format for LLDP frames to SNAP In Layer 2 Layer 3 Ethernet interface view or management Ethernet interface view lldp agent ...

Page 244: ...ated from other types of traffic For more information about voice VLANs see Configuring voice VLANs Configuration prerequisites Before you configure CDP compatibility complete the following tasks Globally enable LLDP Enable LLDP on the port connecting to an IP phone Configure LLDP to operate in Rx or TxRx mode on the port Configuration procedure CDP compatible LLDP operates in one of the following...

Page 245: ... Exchange Protocol Specification Rev 1 00 DCB Capability Exchange Protocol Base Specification Rev 1 01 IEEE Std 802 1Qaz 2011 Media Access Control MAC Bridges and Virtual Bridged Local Area Networks Amendment 18 Enhanced Transmission Selection for Bandwidth Sharing Between Traffic Classes DCBX offers the following functions Discovers the peer devices capabilities and determines whether devices at ...

Page 246: ...02 1p to local priority mapping Configuring group based WRR queuing Required Configuring PFC parameters Enabling LLDP and DCBX TLV advertising To enable the device to advertise APP ETS and PFC data through an interface perform the following tasks Enable LLDP globally Enable LLDP and DCBX TLV advertising on the interface To enable LLDP and DCBX TLV advertising Step Command Remarks 1 Enter system vi...

Page 247: ...otocol packets that the server adapter sends Identify traffic based on the 802 1p priority values For example the device can use the APP parameters to negotiate with the server adapter to set 802 1p priority 3 for all FCoE and FIP frames When the negotiation succeeds all FCoE and FIP frames that the server adapter sends to the device carry the 802 1p priority 3 Configuration restrictions and guide...

Page 248: ...tion port eq port Create rules according to the type of the ACL previously created 4 Return to system view quit N A 5 Create a class specify the operator of the class as OR and enter class view traffic classifier classifier name operator or N A 6 Use the specified ACL as the match criterion of the class if match acl acl number N A 7 Return to system view quit N A 8 Create a traffic behavior and en...

Page 249: ...e specified type of traffic Guarantees that the transmission speed is within the committed bandwidth of the interface To configure ETS parameters you must configure the 802 1p to local priority mapping and group based WRR queuing Configuring the 802 1p to local priority mapping You can configure the 802 1p to local priority mapping either in the MQC method or in the priority mapping table method I...

Page 250: ...s map table dot1p lp N A 3 Configure the priority mapping table to map the specified 802 1p priority values to a local precedence value import import value list export export value For information about the default priority mapping tables see ACL and QoS Configuration Guide For more information about the qos map table qos map table color and import commands see ACL and QoS Command Reference Config...

Page 251: ...ies For more information about the priority flow control and priority flow control no drop dot1p commands see Interface Command Reference Configuring LLDP trapping and LLDP MED trapping LLDP trapping or LLDP MED trapping notifies the network management system of events such as newly detected neighboring devices and link failures To prevent excessive LLDP traps from being sent when the topology is ...

Page 252: ...ace interface type interface number agent nearest bridge nearest customer nearest nontpmr verbose list system name system name Display LLDP statistics display lldp statistics global interface interface type interface number agent nearest bridge nearest customer nearest nontpmr Display LLDP status of a port display lldp status interface interface type interface number agent nearest bridge nearest c...

Page 253: ...0 2 SwitchA GigabitEthernet1 0 2 lldp admin status rx SwitchA GigabitEthernet1 0 2 quit 2 Configure Switch B Enable LLDP globally SwitchB system view SwitchB lldp global enable Enable LLDP on GigabitEthernet 1 0 1 By default LLDP is enabled on ports SwitchB interface gigabitethernet 1 0 1 SwitchB GigabitEthernet1 0 1 lldp enable Set the LLDP operating mode to Tx on GigabitEthernet 1 0 1 SwitchB Gi...

Page 254: ...erval 0s Number of LLDP neighbors 1 Number of MED neighbors 1 Number of CDP neighbors 0 Number of sent optional TLV 21 Number of received unknown TLV 0 LLDP agent nearest customer Port status of LLDP Enable Admin status Disable Trap flag No MED trap flag No Polling interval 0s Number of LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbors 0 Number of sent optional TLV 16 Number of re...

Page 255: ...LV 16 Number of received unknown TLV 0 Remove the link between Switch A and Switch B Verify that GigabitEthernet 1 0 2 of Switch A does not connect to any neighboring devices SwitchA display lldp status Global status of LLDP Enable The current number of LLDP neighbors 1 The current number of CDP neighbors 0 LLDP neighbor information last changed time 0 days 0 hours 5 minutes 20 seconds Transmit in...

Page 256: ...nt nearest bridge Port status of LLDP Enable Admin status RX_Only Trap flag No MED trap flag No Polling interval 0s Number of LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbors 0 Number of sent optional TLV 0 Number of received unknown TLV 0 LLDP agent nearest nontpmr Port status of LLDP Enable Admin status Disable Trap flag No MED trap flag No Polling interval 0s Number of LLDP ne...

Page 257: ...h A Create VLAN 2 SwitchA system view SwitchA vlan 2 SwitchA vlan2 quit Set the link type of GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 to trunk and enable voice VLAN on them SwitchA interface gigabitethernet 1 0 1 SwitchA GigabitEthernet1 0 1 port link type trunk SwitchA GigabitEthernet1 0 1 voice vlan 2 enable SwitchA GigabitEthernet1 0 1 quit SwitchA interface gigabitethernet 1 0 2 SwitchA...

Page 258: ...wing tasks Discovering the IP phones connected to GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 Obtaining IP phone information SwitchA display lldp neighbor information CDP neighbor information of port 1 GigabitEthernet1 0 1 CDP neighbor index 1 Chassis ID SEP00141CBCDBFE Port ID Port 1 Software version P0030301MFG2 Platform Cisco IP Phone 7960 Duplex Full CDP neighbor information of port 2 Giga...

Page 259: ...hernetframe 4000 rule permit type 8914 ffff SwitchA acl ethernetframe 4000 quit Create a class named app_c specify the operator of the class as OR and use ACL 4000 as the match criterion of the class SwitchA traffic classifier app_c operator or SwitchA classifier app_c if match acl 4000 SwitchA classifier app_c quit Create a traffic behavior named app_b and configure the traffic behavior to mark p...

Page 260: ...tEthernet1 0 1 priority flow control auto Enable PFC for 802 1 priority 3 SwitchA GigabitEthernet1 0 1 priority flow control no drop dot1p 3 Verifying the configuration Display the data exchange result on the DC server through the software interface This example uses the data exchange result for a QLogic adapter on the DC server DCBX Parameters Details for CNA Instance 0 QLE8142 Mon May 17 10 00 5...

Page 261: ...ty Group ID of Priority 1 0 Priority Group ID of Priority 0 2 Priority Group ID of Priority 3 15 Priority Group ID of Priority 2 1 Priority Group ID of Priority 5 5 Priority Group ID of Priority 4 4 Priority Group ID of Priority 7 7 Priority Group ID of Priority 6 6 Priority Group 0 Percentage 2 Priority Group 1 Percentage 4 Priority Group 2 Percentage 6 Priority Group 3 Percentage 0 Priority Grou...

Page 262: ...Group 6 Percentage 0 Priority Group 7 Percentage 0 Number of Traffic Classes Supported 2 The output shows that the DC server will use SP queuing priority group ID 15 for 802 1p priority 3 DCBX Parameter Type and Length DCBX Parameter Length 2 DCBX Parameter Type 3 DCBX Parameter Information Parameter Type Current Pad Byte Present No DCBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabl...

Page 263: ...on Priority 7 No Number of Traffic Classes Supported 6 DCBX Parameter Information Parameter Type Local Pad Byte Present No DCBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabled on Priority 0 No PFC Enabled on Priority 1 No PFC Enabled on Priority 2 No PFC Enabled on Priority 3 Yes PFC Enabled on Priority 4 No PFC Enabled on Priority 5 No PFC Enabled on Priority 6 No PFC Enabled on Pr...

Page 264: ...member ports or the ingress ports of the traffic are on any of these OAP modules LSQ1FWBSC0 LSQ1LBSC0 LSQ1NSMSC0 LSQ2FWBSC0 LSU1FWCEA0 LSU3FWCEA0 LSU3WCMD0 128 8 No service loopback group contains member ports on any of these OAP modules 1024 32 Assign ports with the same rate to the same service loopback group for load balancing Make sure the ports you are assigning to a service loopback group me...

Page 265: ...out service loopback groups display service loopback group group id Service loopback group configuration example Network requirements All Ethernet ports on Device A support the tunnel service Assign GigabitEthernet 1 0 1 through GigabitEthernet 1 0 3 to a service loopback group to loop GRE packets sent out by the device back to the device Configuration procedure Create service loopback group 1 and...

Page 266: ...t1 0 3 port service loopback group 1 All configurations on the interface will be lost Continue Y N y DeviceA GigabitEthernet1 0 3 quit Create the interface Tunnel 1 and set it to GRE mode The interface will automatically use service loopback group 1 DeviceA interface tunnel 1 mode gre DeviceA Tunnel1 ...

Page 267: ...ation 9 MAC address table learning limit on interface 7 MAC address table learning priority 8 MAC address table SNMP notification 13 MAC Information queue length 17 static source check disable 13 advertising LLDP advertisable TLV 226 LLDP DCBX TLV advertisement 233 voice VLAN CDP advertisement configuration 167 voice VLAN information advertisement to IP phones 159 voice VLAN LLDP advertisement con...

Page 268: ...hones 159 checking spanning tree No Agreement Check 90 92 choosing Ethernet link aggregation reference port 22 25 Cisco LLDP CDP compatibility 231 LLDP configuration CDP compatible 244 CIST calculation 70 network device connection 68 spanning tree max age timer 78 common root bridge 68 configuring Ethernet aggregate interface 32 Ethernet link aggregation 20 27 40 Ethernet link aggregation edge agg...

Page 269: ...up 251 252 252 spanning tree 58 72 99 spanning tree BPDU guard 94 spanning tree BPDU transmission rate 80 spanning tree device priority 77 spanning tree Digest Snooping 88 90 spanning tree edge port 81 spanning tree No Agreement Check 90 92 spanning tree port link type 85 spanning tree port mode 86 spanning tree port path cost 81 84 spanning tree port priority 85 spanning tree port role restrictio...

Page 270: ...ion 70 MVRP configuration 172 175 178 spanning tree BPDU drop 97 spanning tree BPDU guard 94 spanning tree Digest Snooping 88 90 spanning tree loop guard 95 spanning tree No Agreement Check 90 92 spanning tree port role restriction 96 spanning tree priority 77 spanning tree protection features 94 spanning tree root guard 95 spanning tree SNMP notification new root election topology change events 9...

Page 271: ...ng 206 voice VLAN LLDP 166 encapsulating LLDP frame encapsulation Ethernet II 218 LLDP frame encapsulation SNAP 218 LLDP frame encapsulation format 230 VLAN frame encapsulation 114 entry ARP fast update enabling for MAC address move 12 Ethernet link aggregation See Ethernet link aggregation LLDP APP parameters 234 LLDP DCBX configuration 232 245 LLDP DCBX version 234 LLDP ETS parameters 236 LLDP f...

Page 272: ...al key 21 reference port 25 reference port choice 22 static mode 22 traffic redirection 39 traffic redirection restrictions 39 ETS parameter LLDP 236 F FCoE LLDP APP parameters 234 LLDP DCBX configuration 245 LLDP DCBX version 234 format LLDP frame encapsulation Ethernet II 218 LLDP frame encapsulation SNAP 218 LLDP frame encapsulation format 230 LLDP management address encoding format 228 forward...

Page 273: ...ink aggregate interface shutdown 36 Ethernet link aggregation edge aggregate interface 27 35 Layer 2 Ethernet aggregate interface ignored VLAN 33 Layer 2 Ethernet aggregate interface VLAN interface resource 33 Layer 3 aggregate interface configuration MTU 34 interval loop detection 108 110 MAC change notification interval 17 IP addressing voice VLAN configuration 158 163 168 IP phone voice VLAN ho...

Page 274: ...ple isolation groups 55 port isolation display 55 port isolation group assignment multiple 54 port based VLAN assignment access port 118 port based VLAN assignment hybrid port 120 port based VLAN assignment trunk port 119 port based VLAN configuration 117 private VLAN configuration 143 146 private VLAN display 145 private VLAN promiscuous port configuration 146 private VLAN trunk promiscuous port ...

Page 275: ...n group dynamic 30 31 Ethernet link aggregation group static 29 29 Ethernet link aggregation group load sharing mode 37 Ethernet link aggregation load sharing 37 50 Ethernet link aggregation local first load sharing 38 Ethernet link aggregation traffic redirection 39 IP subnet based VLAN configuration 125 132 LAN switching LAN switching VLAN interface basics 116 LLDP basic configuration 239 LLDP c...

Page 276: ...on 166 voice VLAN LLDP enable 166 LLDPDU LLDP basic configuration 224 239 LLDP configuration 217 223 239 LLDP parameters 229 management address configuration 228 management address encoding format 228 management address TLV 222 TLV basic management types 219 TLV LLDP MED types 219 TLV organization specific types 219 load balancing service loopback group configuration 251 252 252 load sharing Ether...

Page 277: ... assignment 121 123 VLAN frame encapsulation 114 MAC Information change notification interval 17 configuration 16 17 configuration restrictions 18 enable 16 mode configuration 16 queue length setting 17 MAC relay LLDP agent 217 MAC based VLAN configuration 121 130 dynamic assignment 121 124 dynamic assignment restrictions 124 server assignment 123 125 static assignment 121 123 maintaining Ethernet...

Page 278: ...nd standards 71 regional root 68 relationships 66 spanning tree max age timer 78 spanning tree port mode configuration 86 VLAN to instance mapping table 68 MTU Layer 3 Ethernet aggregate interface 34 multiple registration protocol Use MRP VLAN registration protocol Use MVRP Multiple Spanning Tree Protocol Use MSTP multiport unicast entry MAC address table 1 4 MVRP configuration 172 175 178 configu...

Page 279: ...ary port configuration 152 protocol based VLAN configuration 126 133 QinQ basic configuration 195 QinQ VLAN tag TPID value 192 QinQ VLAN transparent transmission 191 QinQ VLAN transparent transmission configuration 197 RSTP network convergence 65 secondary VLAN Layer 3 communication 155 service loopback group configuration 252 252 spanning tree BPDU drop 97 spanning tree BPDU guard 94 spanning tre...

Page 280: ...ation 142 146 PVST configuration 103 QinQ configuration 189 195 service loopback group configuration 251 spanning tree configuration 58 72 99 super VLAN configuration 137 VLAN configuration 114 128 VLAN mapping configuration 199 204 209 voice VLAN configuration 158 163 168 No Agreement Check spanning tree 90 92 no learning action loop detection 108 normal voice VLAN mode 162 notification MAC addre...

Page 281: ...30 Layer 2 Ethernet link aggregation group static 29 Layer 2 Ethernet link aggregation load sharing 44 Layer 3 aggregate interface configuration MTU 34 Layer 3 Ethernet link aggregation dynamic 49 Layer 3 Ethernet link aggregation static 48 Layer 3 Ethernet link aggregation edge aggregate interface 52 Layer 3 Ethernet link aggregation group dynamic 31 Layer 3 Ethernet link aggregation group static...

Page 282: ...nk secondary port configuration 152 procedure adding MAC address table blackhole entry 4 adding MAC address table entry global 3 adding MAC address table entry on interface 3 adding MAC address table multiport unicast entry 4 assigning MAC address table learning priority to interface 8 assigning port isolation group multiple 54 assigning port based VLAN access port 118 assigning port based VLAN ac...

Page 283: ...MVRP timer 177 configuring port isolation multiple isolation groups 55 configuring port based VLAN 117 128 configuring private VLAN 143 146 configuring private VLAN promiscuous port 146 configuring private VLAN trunk promiscuous port 148 configuring private VLAN trunk promiscuous trunk secondary port 152 configuring protocol based VLAN 126 133 configuring PVST 73 103 configuring QinQ 195 configuri...

Page 284: ...hernet link aggregation local first load sharing 38 enabling Ethernet link aggregation traffic redirection 39 enabling LLDP 224 enabling LLDP polling 225 enabling LLDP DCBX TLV advertisement 233 enabling loop detection global 109 enabling loop detection port specific 109 enabling MAC address synchronization globally 9 enabling MAC address table SNMP notification 13 enabling MAC Information 16 enab...

Page 285: ...LAN trunk promiscuous trunk secondary port configuration 152 protecting loop detection protection action setting 109 spanning tree protection features 94 spanning tree SNMP notification new root election topology change events 98 protocol based VLAN configuration 126 133 protocols and standards Ethernet link aggregation protocol configuration 21 LLDP 223 MSTP 71 MVRP 175 QinQ 190 STP protocol pack...

Page 286: ...ssignment 164 voice VLAN port operation configuration restrictions manual assignment 165 root MST common root bridge 68 MST regional root 68 MST root port role 69 spanning tree root bridge 76 spanning tree root bridge device 76 spanning tree root guard 95 spanning tree secondary root bridge device 77 STP algorithm calculation 59 STP root bridge 58 STP root port 59 routing IP subnet based VLAN conf...

Page 287: ...ation 94 BPDU transmission rate configuration 80 configuration 58 72 99 device priority configuration 77 Digest Snooping 88 90 displaying 98 edge port configuration 81 feature enable 87 loop guard enable 95 maintaining 98 mCheck 88 mode set 75 MST region max hops 77 MSTP 66 See also MSTP No Agreement Check 90 92 port link type configuration 85 port mode configuration 86 port path cost calculation ...

Page 288: ...figuration 197 VLAN mapping configuration 199 204 209 VLAN mapping implementation 201 switching spanning tree switched network diameter 78 synchronizing MAC addresses 9 syslog MAC Information configuration 16 17 MAC Information mode configuration 16 T table LLDP priority mapping table 236 MAC address 1 2 14 MAC address table learning limit on interface 7 MSTP VLAN to instance mapping table 68 tag ...

Page 289: ... 111 MAC based configuration 130 MAC based dynamic assignment 124 MAC based server assignment 125 MAC based static assignment 123 MAC based VLAN configuration 121 MAC based VLAN dynamic assignment 121 MAC based VLAN server assignment 123 MAC based VLAN static assignment 121 maintain 128 mapping See VLAN mapping MRP implementation 172 MSTP VLAN to instance mapping table 68 MVRP configuration 172 17...

Page 290: ...assignment mode manual 161 assignment mode IP phone cooperation 161 CDP advertisement configuration 167 configuration 158 163 168 display 168 host IP phone connection in series 159 information advertisement to IP phone 159 IP phone access method 159 IP phone connection device 160 IP phone identification method 158 IP phone identification method LLDP 159 IP phone identification method OUI address 1...

Reviews: