manualshive.com logo in svg

H3C S6850 Series, Configuration Manual

The H3C S6850 Series is a high-performance switch with advanced features for efficient networking. Improve your network capabilities with our Installation Manual available for free download on our website. Ensure seamless setup and configuration by accessing the manual at manualshive.com.

Share
Download
background image

Configuring port isolation 

About port isolation 

The port isolation feature isolates Layer 2 traffic for data privacy and security without using VLANs.  

Ports in an isolation group cannot communicate with each other. However, they can communicate 
with ports outside the isolation group.  

Assigning a port to an isolation group 

About port assignment to an isolation group 

The device supports multiple isolation groups, which can be configured manually. The number of 
ports assigned to an isolation group is not limited. 

Restrictions and guidelines 

 

You can assign a port to only one isolation group. If you execute the 

port-isolate enable 

group

 command multiple times, the most recent configuration takes effect. 

 

The configuration in Layer 2 Ethernet interface view applies only to the interface. 

 

The configuration in Layer 2 aggregate interface view applies to the Layer 2 aggregate interface 
and its aggregation member ports. If the device fails to apply the configuration to the aggregate 
interface, it does not assign any aggregation member port to the isolation group. If the failure 
occurs on an aggregation member port, the device skips the port and continues to assign other 
aggregation member ports to the isolation group. 

Procedure 

1. 

Enter system view. 

system-view 

2. 

Create an isolation group. 

port-isolate group group-id 

3. 

Enter interface view. 

{

 

Enter Layer 2 Ethernet interface view.

 

interface interface-type interface-number 

{

 

Enter Layer 2 aggregate interface view.

 

interface bridge-aggregation interface-number 

4. 

Assign the port to the isolation group. 

port-isolate enable group group-id 

By default, the port is not in any isolation group.  

Display and maintenance commands for port 
isolation 

Execute 

display

 commands in any view. 

 

Summary of Contents for S6850 Series

Page 1: ...H3C S6850 S9850 Switch Series Layer 2 LAN Switching Configuration Guide New H3C Technologies Co Ltd http www h3c com Software version Release 6555 and later Document version 6W100 20190510...

Page 2: ...H3C Technologies Co Ltd any trademarks that may be mentioned in this document are the property of their respective owners Notice The information in this document is subject to change without notice A...

Page 3: ...ons Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown Italic Italic text represents arguments that you replace with actual values Square brac...

Page 4: ...at contains additional or supplementary information TIP An alert that provides helpful information Network topology icons Convention Description Represents a generic network device such as a router sw...

Page 5: ...document might use devices that differ from your device in hardware model configuration or software version It is normal that the port numbers sample output screenshots and other information in the e...

Page 6: ...MAC address learning on an interface 7 Disabling MAC address learning on a VLAN 7 Setting the MAC learning limit 7 Configuring the unknown frame forwarding rule after the MAC learning limit is reached...

Page 7: ...nd When the device receives a frame destined for MAC SOURCE after learning this source MAC address the device performs the following operations 1 Finds the MAC SOURCE entry in the MAC address table 2...

Page 8: ...entry a blackhole entry and a multiport unicast entry cannot overwrite one another A multicast unicast MAC address entry does not affect learning the corresponding dynamic MAC address entry For the s...

Page 9: ...ed dynamic MAC address entry will overwrite a learned entry that already exists with a different outgoing interface for the MAC address The manually configured static blackhole and multiport unicast M...

Page 10: ...ify a blackhole MAC address entry mac address blackhole mac address vlan vlan id By default no blackhole MAC address entry is configured Adding or modifying a multiport unicast MAC address entry About...

Page 11: ...ate interface view interface bridge aggregation interface number 3 Add the interface to a multiport unicast MAC address entry mac address multiport mac address vlan vlan id By default no multiport uni...

Page 12: ...e default setting is 300 seconds Disabling MAC address learning About disabling MAC address learning MAC address learning is enabled by default To prevent the MAC address table from being saturated wh...

Page 13: ...arning on a VLAN About disabling MAC address learning on a VLAN When global MAC address learning is enabled you can disable MAC address learning on a per VLAN basis Procedure 1 Enter system view syste...

Page 14: ...it on the interface is reached Assigning MAC learning priority to interfaces About MAC learning priority mechanism The MAC learning priority mechanism assigns either low priority or high priority to a...

Page 15: ...Figure 2 Device A and Device B form an IRF fabric enabled with MAC address synchronization Device A and Device B connect to AP C and AP D respectively When Client A associates with AP C Device A lear...

Page 16: ...g conditions exist Interface B receives a packet with the MAC address as the source MAC address Interface B belongs to the same VLAN as interface A In this case the MAC address is moved from interface...

Page 17: ...sion interval interval threshold threshold By default the suppression interval is 30 seconds and the suppression threshold is 3 For the MAC address move suppression parameters to take effect enable th...

Page 18: ...m the outgoing interface in the entry If the frame meets both conditions the device drops the frame When this feature is disabled the device does not perform the check for a received frame It can forw...

Page 19: ...the information center To display the logs configure the log destination and output rule configuration in the information center For more information about SNMP and information center configuration s...

Page 20: ...rop all frames destined for Host B add a blackhole MAC address entry for Host B Set the aging timer to 500 seconds for dynamic MAC address entries Figure 5 Network diagram Procedure Add a static MAC a...

Page 21: ...ac address blackhole MAC Address VLAN ID State Port Nickname Aging 000f e235 abcd 1 Blackhole N A N Display the aging time of dynamic MAC address entries Device display mac address aging time MAC addr...

Page 22: ...h globally and on interfaces Procedure 1 Enter system view system view 2 Enable MAC Information globally mac address information enable By default MAC Information is globally disabled 3 Enter Layer 2...

Page 23: ...tion queue length About the MAC Information queue length If the MAC Information queue length is 0 the device sends a syslog message or SNMP notification immediately after learning or deleting a MAC ad...

Page 24: ...g the info center loghost and info center source commands respectively Procedure 1 Configure Device to send syslog messages to Host B Enable the information center Device system view Device info cente...

Page 25: ...slogd r The device can output MAC address logs to the log host which stores the logs to the specified file 3 Enable MAC Information on Device Enable MAC Information globally Device mac address informa...

Page 26: ...ts Bulk configuring interfaces 1 About interface bulk configuration 1 Restrictions and guidelines Bulk interface configuration 1 Procedure 2 Display and maintenance commands for bulk interface configu...

Page 27: ...type interface number interface number subnumber command Do not assign both an aggregate interface and any of its member interfaces to an interface range Some commands after being executed on both an...

Page 28: ...4 Create a named interface range interface range name name interface interface type interface number to interface type interface number 1 24 3 Optional Display commands available for the first interfa...

Page 29: ...3 Configuring link compensation 14 Configuring storm suppression 14 Configuring generic flow control on an Ethernet interface 15 Configuring PFC 16 Setting PFC thresholds 17 Configuring PFC deadlock d...

Page 30: ...r on a subordinate device The two management Ethernet interfaces operate as follows When the IRF system has multiple management Ethernet interfaces only the management Ethernet interface on the master...

Page 31: ...interfaces are organized into one group For 25 GE interfaces on an LSWM124TG2H interface module four continuous interfaces starting from 1 are organized into one group Interfaces in the same group mu...

Page 32: ...igure autonegotiation settings Set the FEC mode to RS FEC for the local interface The local interface is up by default when connected to the peer by using a transceiver module S9850 4C S6850 2C By def...

Page 33: ...settings Set the FEC mode to RS FEC for the peer interface Execute the port media type copper command on the local interface if the local interface is an SFP28 interface on an LSWM124TG2H interface m...

Page 34: ...4 If you need higher bandwidth on a single interface you can combine the four 10 GE breakout interfaces into a 40 GE interface Restrictions and guidelines for 40 GE interface splitting and 10 GE brea...

Page 35: ...out interfaces Ten GigabitEthernet1 0 1 1 through Ten GigabitEthernet1 0 1 4 If you need higher bandwidth on a single interface you can combine the multiple 10 GE breakout interfaces into a 100 GE int...

Page 36: ...split 100 GE interface HundredGigE 1 0 1 into four 25 GE breakout interfaces Twenty FiveGigE 1 0 1 1 through Twenty FiveGigE 1 0 1 4 If you need higher bandwidth on a single interface you can combine...

Page 37: ...face About Ethernet interface basic settings You can configure an Ethernet interface to operate in one of the following duplex modes Full duplex mode The interface can send and receive packets simulta...

Page 38: ...hernet subinterface interface interface type interface number subnumber 3 Set the description for the Ethernet subinterface description text The default setting is interface name Interface For example...

Page 39: ...ame support jumboframe enable size By default the device allows jumbo frames within 9416 bytes to pass through If you set the size argument multiple times the most recent configuration takes effect Co...

Page 40: ...to the CPU For state change events the interface only generates SNMP trap and log messages Parameters Penalty The interface has an initial penalty of 0 When the interface flaps the penalty increases...

Page 41: ...the shutdown command the penalty restores to 0 and the interface reports the down event to the upper layer protocols Do not enable the dampening feature on an interface with RRPP MSTP or Smart Link en...

Page 42: ...able link flapping protection globally link flap protect enable By default link flapping protection is disabled globally 3 Enter Ethernet interface view interface interface type interface number 4 Ena...

Page 43: ...status only when the interface cannot come up Procedure 1 Enter system view system view 2 Enter Ethernet interface view interface interface type interface number 3 Configure link compensation on the i...

Page 44: ...l at both ends of the link When traffic congestion occurs at the receiving end the receiving end sends a flow control Pause frame to ask the sending end to suspend sending packets Generic flow control...

Page 45: ...ate correctly as a best practice do not enable PFC for 802 1p priorities 0 6 and 7 To perform PFC on an IRF port configure PFC on the IRF port and the IRF physical ports that are bound to the IRF port...

Page 46: ...sholds enables flexible control over PFC and can make good use of the storage spaces The device supports the following PFC thresholds Headroom buffer threshold Maximum number of cell resources that ca...

Page 47: ...er threshold is 8192 5 Set the back pressure frame triggering threshold Set the dynamic back pressure frame triggering threshold priority flow control dot1p dot1p ingress buffer dynamic ratio By defau...

Page 48: ...e 802 1p priority for each CoS value execute the display qos map table dot1p lp command Prerequisites Before you configure PFC deadlock detection on an Ethernet interface complete the following tasks...

Page 49: ...ing threshold the system generates traps and logs to notify the user According to the traps and logs the user can discover some exceptions in the network for example The NIC of the peer device fails a...

Page 50: ...istics polling interval use the display interface command To clear the interface statistics use the reset counters interface command Setting the statistics polling interval in Ethernet interface view...

Page 51: ...tting Procedure 1 Enter system view system view 2 Enter Ethernet interface view interface interface type interface number 3 Enable loopback testing loopback external internal Forcibly bringing up a fi...

Page 52: ...h a fiber to copper converter 100 1000 Mbps transceiver module or 100 Mbps transceiver module To solve the problem use the undo port up mode command on the fiber port Procedure 1 Enter system view sys...

Page 53: ...nterface number 3 Set the media type for the Ethernet interface port media type copper fiber By default the media type of an Ethernet interface is fiber Configuring interface alarm functions About int...

Page 54: ...e type interface number 3 Configure output error packet alarm parameters port ifmonitor output error high threshold high value low threshold low value interval interval shutdown By default the upper t...

Page 55: ...raffic meets one of the following conditions Exceeds the upper threshold Drops below the lower threshold Both storm suppression and storm control can suppress storms on an interface Storm suppression...

Page 56: ...this feature depends on the Layer 2 Ethernet interface type and device model Restrictions and guidelines After you configure this feature on a Layer 2 Ethernet interface the system deletes the interfa...

Page 57: ...interface interface type interface number interface number subnumber 3 Set the MTU for the interface mtu size The default setting is 1500 bytes Setting the MAC address of an Ethernet interface or subi...

Page 58: ...ping protection on interfaces display link flap protection interface interface type interface number Display information about dropped packets on the specified interfaces display packet drop interface...

Page 59: ...ed ports for an aggregation group 22 Disabling the default action of selecting a Selected port for dynamic aggregation groups that have not received LACPDUs 23 Configuring a dynamic aggregation group...

Page 60: ...xample Configuring a Layer 2 edge aggregate interface 39 Example Configuring a Layer 3 static aggregation group 41 Example Configuring a Layer 3 dynamic aggregation group 42 Example Configuring Layer...

Page 61: ...egate interface Each aggregate interface has an automatically created aggregation group which contains member ports to be used for aggregation The type and number of an aggregation group are the same...

Page 62: ...the aggregation state of the port but the protocol configuration does not Attribute configuration To become a Selected port a member port must have the same attribute configuration as the aggregate i...

Page 63: ...ort must have the same operational key and attribute configurations as the reference port The system chooses a reference port from the member ports in up state The candidate reference ports are organi...

Page 64: ...re met The port and the Selected ports have different port priorities and the port has a higher port priority than a minimum of one Selected port The port has the same attribute configurations as the...

Page 65: ...e higher the priority Table 3 LACP priorities Type Description LACP system priority Used by two peer devices or systems to determine which one is superior in link aggregation In dynamic link aggregati...

Page 66: ...namic aggregation groups is qualified the device automatically creates a new dynamic aggregation group Then the device assigns the interface to that group and synchronizes the interface s attribute co...

Page 67: ...stem the partner negotiate a reference port by using the following workflow 1 The two systems determine the system with the smaller system ID A system ID contains the LACP system priority and the syst...

Page 68: ...any member port When a member port changes to the Selected or Unselected state its peer port changes to the same aggregation state After the Selected port limit is reached a newly joining port become...

Page 69: ...Per flow load sharing Distributes traffic on a per flow basis The load sharing mode classifies packets into flows and forwards packets of the same flow on the same link This mode can be one of or a co...

Page 70: ...ptional Configuring an aggregate interface Configuring the description of an aggregate interface Setting the MAC address for an aggregate interface Configuring jumbo frame support Setting the MTU for...

Page 71: ...orm this task to make sure the bidirectional traffic of a subnet traverses the same member port in an aggregation group Enabling a Layer 2 aggregate interface to reflect incoming packets back Perform...

Page 72: ...l configurations for an aggregate interface take effect only on the current aggregate interface The protocol configurations for a member port take effect only when the port leaves its aggregation grou...

Page 73: ...roup operates in static mode 5 Return to system view quit 6 Assign an interface to the Layer 2 aggregation group a Enter Layer 2 Ethernet interface view interface interface type interface number b Ass...

Page 74: ...roup id Repeat the substeps to assign more interfaces to the aggregation group 5 Optional Set the port priority of the interface link aggregation port priority priority The default port priority of an...

Page 75: ...MC network you can use automatic link aggregation to aggregate the redundant physical links between devices to ease management and increase bandwidth and availability For more information about SmartM...

Page 76: ...intain consistency across S MLAG devices in service feature configuration Prerequisites Configure the link aggregation settings other than S MLAG settings on each S MLAG device Make sure the settings...

Page 77: ...ace view interface route aggregation interface number Enter Layer 3 aggregate subinterface view interface route aggregation interface number subnumber 3 Configure the interface description description...

Page 78: ...mes that exceed the allowed length Procedure 1 Enter system view system view 2 Enter aggregate interface view Enter Layer 2 aggregate interface view interface bridge aggregation interface number Enter...

Page 79: ...h bandwidth value By default the expected bandwidth in kbps is the interface baud rate divided by 1000 Configuring an edge aggregate interface Restrictions and guidelines This configuration takes effe...

Page 80: ...ature on an aggregate interface to reduce the impact of interface flapping on upper layer services for example on a DRNI IPP For more information about IPPs see Layer 2 LAN Switching Configuration Gui...

Page 81: ...default command might fail to restore the default settings for some commands for reasons such as command dependencies and system restrictions To resolve this issue 1 Use the display this command in in...

Page 82: ...limitation whichever value is smaller You can implement backup between two ports by performing the following tasks Assigning two ports to an aggregation group Setting the maximum number of Selected p...

Page 83: ...tically chooses the port with the lowest ID from among all up member ports as a Selected port if none of them has received LACPDUs before the LACP timeout interval expires After this action is disable...

Page 84: ...he prioritized criterion for reference port selection of a dynamic aggregation group Specifying ignored VLANs for a Layer 2 aggregate interface About ignored VLANs By default you cannot add a port to...

Page 85: ...ets are load shared based on the source and destination IP addresses Setting the group specific load sharing mode 1 Enter system view system view 2 Enter aggregate interface view Enter Layer 2 aggrega...

Page 86: ...e local first load sharing to reduce traffic on IRF links as shown in Figure 6 For more information about IRF see Virtual Technologies Configuration Guide Figure 6 Load sharing for multidevice link ag...

Page 87: ...ew system view 2 Configure a link aggregation load sharing algorithm link aggregation global load sharing algorithm algorithm number By default no algorithm is configured 3 Configure a link aggregatio...

Page 88: ...d Layer 3 data traffic of some VLANs through a specific port specify the VLANs as management VLANs and the port as a management port Procedure 1 Enter system view system view 2 Specify link aggregatio...

Page 89: ...ink traffic of a subnet through Port C1 to Port A1 on the IRF fabric If that subnet is not specified as a management subnet the IRF fabric distributes its downlink traffic across Port A1 and Port B2 T...

Page 90: ...s shut down by using the shutdown command The slot that hosts the port reboots and the aggregation group spans multiple slots NOTE The device does not redirect traffic to member ports that become Sele...

Page 91: ...status in an aggregation group After you enable BFD on an aggregate interface each Selected port in the aggregation group establishes a BFD session with its peer port BFD operates differently dependi...

Page 92: ...al to the number of BFD sessions supported by the device If the aggregation group contains more member ports than the supported sessions some Selected ports might change to the Unselected state If the...

Page 93: ...Display summary information about all aggregation groups display link aggregation summary Display detailed information about the specified aggregation groups display link aggregation verbose bridge a...

Page 94: ...on group 1 DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 port link aggregation group 1 DeviceA Twenty FiveGigE1 0 1 quit DeviceA interface twenty fivegige 1 0 2 DeviceA Twenty F...

Page 95: ...pe Shar Management VLANs None Port Status Priority Oper Key WGE1 0 1 R S 32768 1 WGE1 0 2 S 32768 1 WGE1 0 3 S 32768 1 The output shows that link aggregation group 1 is a Layer 2 static aggregation gr...

Page 96: ...eGigE1 0 2 quit DeviceA interface twenty fivegige 1 0 3 DeviceA Twenty FiveGigE1 0 3 port link aggregation group 1 DeviceA Twenty FiveGigE1 0 3 quit Configure Layer 2 aggregate interface Bridge Aggreg...

Page 97: ...ollowing tasks Configure Layer 2 static aggregation groups 1 and 2 on Device A and Device B respectively Enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end En...

Page 98: ...it vlan 10 DeviceA Bridge Aggregation1 quit Create Layer 2 aggregate interface Bridge Aggregation 2 DeviceA interface bridge aggregation 2 Configure Layer 2 aggregation group 2 to load share packets b...

Page 99: ...tatic aggregation groups Each aggregation group contains two Selected ports Display all the group specific load sharing modes on Device A DeviceA display link aggregation load sharing mode interface B...

Page 100: ...2 port link aggregation group 1 Device Twenty FiveGigE1 0 2 quit Verifying the configuration Display detailed information about all aggregation groups on the device when the server is not configured...

Page 101: ...DeviceA Route Aggregation1 ip address 192 168 1 1 24 DeviceA Route Aggregation1 quit Assign Layer 3 Ethernet interfaces Twenty FiveGigE 1 0 1 through Twenty FiveGigE 1 0 3 to aggregation group 1 Devi...

Page 102: ...ce Route Aggregation 1 DeviceA system view DeviceA interface route aggregation 1 Set the link aggregation mode to dynamic DeviceA Route Aggregation1 link aggregation mode dynamic Configure an IP addre...

Page 103: ...3 S 32768 13 1 ACDEF Remote Actor Priority Index Oper Key SystemID Flag WGE1 0 1 32768 81 1 0x8000 000f e267 57ad ACDEF WGE1 0 2 32768 82 1 0x8000 000f e267 57ad ACDEF WGE1 0 3 32768 83 1 0x8000 000f...

Page 104: ...sses DeviceA Route Aggregation2 link aggregation load sharing mode destination ip Configure an IP address and subnet mask for Layer 3 aggregate interface Route Aggregation 2 DeviceA Route Aggregation2...

Page 105: ...the group specific load sharing modes on Device A DeviceA display link aggregation load sharing mode interface Route Aggregation1 Load Sharing Mode source ip address Route Aggregation2 Load Sharing Mo...

Page 106: ...p system priority 123 Set the LACP system number to 1 DeviceB lacp system number 1 Create Layer 2 aggregate interface Bridge Aggregation 2 and set the link aggregation mode to dynamic DeviceB interfac...

Page 107: ...twenty fivegige 1 0 1 DeviceD Twenty FiveGigE1 0 1 port link aggregation group 4 DeviceD Twenty FiveGigE1 0 1 quit Verifying the configuration Verify that Twenty FiveGigE 1 0 1 through Twenty FiveGig...

Page 108: ...48 WGE1 0 3 32768 49153 50100 0x7b 0001 0001 0001 ACDEF...

Page 109: ...nes for configuring DR keepalive settings 10 Configuring DR keepalive packet parameters 10 Setting the DR keepalive interval and timeout timer 11 Excluding an interface from the shutdown action by DRN...

Page 110: ...DR role priority The secondary DR device passes the traffic of those features to the primary DR device for processing If the DR member devices in a DR system have the same DR role priority the device...

Page 111: ...every 30 seconds Short DRCP timeout timer enables the DR member devices to detect a peer interface down event more quickly than the long DRCP timeout timer However this benefit is at the expense of b...

Page 112: ...hen the delay timer expires the secondary DR device brings up all network interfaces You can use the display drni mad verbose command to view detailed information about DRNI MAD DR system setup proces...

Page 113: ...dary DR device disables the affected service features but it does not shut down its DR interfaces To prevent interface flapping the DR system performs configuration consistency check when half the dat...

Page 114: ...s Up VLAN interfaces of which the VLANs contain the IPP Passing tagged VLANs or passing PVID VLANs of which the IPP forwards tagged traffic or PVID of which the IPP forwards traffic Table 4 DR interfa...

Page 115: ...In this situation the primary DR device forwards all traffic for the DR system When the IPP comes up the secondary DR device does not bring up the network interfaces immediately Instead it starts a d...

Page 116: ...r device to forward all traffic of Device C For more information about Monitor Link see High Availability Configuration Guide Figure 6 Uplink failure handling mechanism Protocols and standards IEEE P8...

Page 117: ...20 minutes For more information about the MAC aging time see Configuring the MAC address table DRNI tasks at a glance To configure DRNI perform the following tasks 1 Configuring DR system settings Co...

Page 118: ...ting the DR system number Restrictions and guidelines Changing the DR system number causes DR system split When you perform this task on a live network make sure you are fully aware of its impact You...

Page 119: ...is 32768 Configuring DR keepalive settings Restrictions and guidelines for configuring DR keepalive settings Use Layer 3 Ethernet interfaces or management Ethernet interfaces to set up the keepalive...

Page 120: ...and timeout timer drni keepalive interval interval timeout timeout By default the DR keepalive interval is 1000 milliseconds and the DR keepalive timeout timer is 5 seconds Excluding an interface from...

Page 121: ...the IPP Restrictions and guidelines A DR member device can have only one IPP A Layer 2 aggregate interface or VXLAN tunnel interface cannot operate as both IPP and DR interface Do not associate a VXLA...

Page 122: ...setting for configuration consistency check Procedure 1 Enter system view system view 2 Disable configuration consistency check drni consistency check disable By default configuration consistency chec...

Page 123: ...ccur before IPL failure is confirmed To set the interval at which the VRRP master sends VRRP advertisements use the vrrp vrid timer advertise command For more information about this command see High A...

Page 124: ...expires the secondary DR device brings up all network interfaces Restrictions and guidelines Increase the data restoration interval as needed for the following purposes Avoid packet loss and forwardin...

Page 125: ...Clear DRCPDU statistics reset drni drcp statistics interface interface list DRNI configuration examples Example Configuring basic DRNI functions Network configuration As shown in Figure 7 configure DR...

Page 126: ...t link aggregation group 3 DeviceA Twenty FiveGigE1 0 2 quit Specify Bridge Aggregation 3 as the IPP DeviceA interface bridge aggregation 3 DeviceA Bridge Aggregation3 port drni intra portal port 1 De...

Page 127: ...n 3 as the IPP DeviceB interface bridge aggregation 3 DeviceB Bridge Aggregation3 port drni intra portal port 1 DeviceB Bridge Aggregation3 quit Create Layer 2 dynamic aggregate interface Bridge Aggre...

Page 128: ...onsistent type 1 global settings IPP IPP ID State BAGG3 1 UP DR interface DR group ID State Check result Type 1 inconsistency BAGG4 4 UP SUCCESS DeviceA display drni verbose Flags A Home_Gateway B Nei...

Page 129: ...01 0001 0001 ACDEF WGE1 0 2 32768 16388 40004 0x7b 0001 0001 0001 ACDEF WGE1 0 3 32768 32771 40004 0x7b 0001 0001 0001 ACDEF WGE1 0 4 32768 32772 40004 0x7b 0001 0001 0001 ACDEF Example Configuring La...

Page 130: ...nk mode route DeviceA Twenty FiveGigE1 0 5 ip address 1 1 1 1 24 DeviceA Twenty FiveGigE1 0 5 quit Exclude the interface used for DR keepalive detection Twenty FiveGigE 1 0 5 from the shutdown action...

Page 131: ...nty fivegige 1 0 2 DeviceA Twenty FiveGigE1 0 2 port link aggregation group 101 DeviceA Twenty FiveGigE1 0 2 quit Create VLAN 100 and VLAN 101 DeviceA vlan 100 DeviceA vlan100 quit DeviceA vlan 101 De...

Page 132: ...face100 quit Create VRRP group 2 on VLAN interface 101 and set its virtual IP address to 20 1 1 100 DeviceA interface vlan interface 101 DeviceA Vlan interface101 vrrp vrid 2 virtual ip 20 1 1 100 Set...

Page 133: ...ige 1 0 1 DeviceB Twenty FiveGigE1 0 1 port link aggregation group 100 DeviceB Twenty FiveGigE1 0 1 quit Create Layer 2 dynamic aggregate interface Bridge Aggregation 101 and assign it to DR group 2 D...

Page 134: ...0 0 0 network 20 1 1 0 0 0 0 255 DeviceB ospf 1 area 0 0 0 0 quit DeviceB ospf 1 quit Create VRRP group 1 on VLAN interface 100 and set its virtual IP address to 10 1 1 100 DeviceB interface vlan inte...

Page 135: ...ge aggregation 101 DeviceD Bridge Aggregation101 link aggregation mode dynamic DeviceD Bridge Aggregation101 quit Assign Twenty FiveGigE 1 0 1 and Twenty FiveGigE 1 0 2 to aggregation group 101 Device...

Page 136: ...1 3 Neighbor Brief Information Area 0 0 0 0 Router ID Address Pri Dead Time State Interface 20 1 1 1 10 1 1 1 1 37 Full DR Vlan100 20 1 1 2 10 1 1 2 1 32 Full BDR Vlan100 Verify that Device D has esta...

Page 137: ...uring port isolation 1 About port isolation 1 Assigning a port to an isolation group 1 Display and maintenance commands for port isolation 1 Port isolation configuration examples 2 Example Configuring...

Page 138: ...ies only to the interface The configuration in Layer 2 aggregate interface view applies to the Layer 2 aggregate interface and its aggregation member ports If the device fails to apply the configurati...

Page 139: ...o provide Internet access for the hosts and isolate them from one another at Layer 2 Figure 1 Network diagram Procedure Create isolation group 2 Device system view Device port isolate group 2 Assign T...

Page 140: ...group 2 Port isolation group information Group ID 2 Group members Twenty FiveGigE1 0 1 Twenty FiveGigE1 0 2 Twenty FiveGigE1 0 3 The output shows that Twenty FiveGigE 1 0 1 Twenty FiveGigE 1 0 2 and...

Page 141: ...d VLANs 13 Configuring a VLAN group 14 Configuring VLAN interfaces 14 Restrictions and guidelines 14 VLAN interfaces configuration tasks at a glance 14 Prerequisites 15 Creating a VLAN interface 15 Sp...

Page 142: ...phone access methods 49 Voice VLAN assignment modes 50 Cooperation of voice VLAN assignment modes and IP phones 51 Security mode and normal mode of voice VLANs 52 Restrictions and guidelines Voice VL...

Page 143: ...e to be the same as the neighbor device For more information about setting the TPID value see Configuring QinQ Priority 3 bit long identifies the 802 1p priority of the frame For more information see...

Page 144: ...rt VLAN ID PVID packets sent out of a trunk port are VLAN tagged Ports connecting network devices are typically configured as trunk ports Hybrid A hybrid port can forward packets from multiple VLANs T...

Page 145: ...AN entries 2 Enable the MAC based VLAN feature on the port 3 Assign the port to the MAC based VLAN A port configured with static MAC based VLAN assignment processes a received frame as follows before...

Page 146: ...C address match IP subnet based VLAN Protocol based VLAN Port based VLAN After tagging the frame with the selected VLAN the port gets the source MAC address of the frame 2 The port uses the source MAC...

Page 147: ...not conflict with the existing static MAC to VLAN entries If a confliction exists the dynamic MAC to VLAN entry cannot be generated 2 Assigns the port that connects the user to the MAC based VLAN When...

Page 148: ...VLAN interface acts as the gateway of the VLAN to forward packets destined for another IP subnet at Layer 3 Protocols and standards IEEE 802 1Q IEEE Standard for Local and Metropolitan Area Networks...

Page 149: ...a QoS policy For more information about configuring QoS policies see QoS configuration in ACL and QoS Configuration Guide Procedure 1 Enter system view system view 2 Enter VLAN view vlan vlan id 3 En...

Page 150: ...ss vlan vlan id By default all access ports belong to VLAN 1 Assigning a trunk port to a VLAN About assigning a trunk port to a VLAN A trunk port supports multiple VLANs You can assign it to a VLAN in...

Page 151: ...view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number 3 Set the port link type to hybrid port link type hybrid By default...

Page 152: ...guring dynamic MAC based VLAN assignment About dynamic MAC based VLAN assignment For successful dynamic MAC based VLAN assignment use static VLANs when you create MAC to VLAN entries When a port joins...

Page 153: ...sed VLAN assignment and automatic voice VLAN assignment mode on a port They can have a negative impact on each other Procedure 1 Enter system view system view 2 Create a MAC to VLAN entry mac vlan mac...

Page 154: ...e Configuring IP subnet based VLANs Restrictions and guidelines This feature is available only on hybrid ports and it processes only untagged packets Procedure 1 Enter system view system view 2 Enter...

Page 155: ...untagged packet arrives at the port the port processes the packet as follows If the protocol type and encapsulation format in the packet match a protocol template the port tags the packet with the VL...

Page 156: ...selects a VLAN from the group and assigns the VLAN to the user For more information about 802 1X and MAC authentication see Security Configuration Guide Procedure 1 Enter system view system view 2 Cre...

Page 157: ...or the VLAN interface mac address mac address By default no MAC addresses are set for a VLAN interface 7 Optional Set the expected bandwidth for the interface bandwidth bandwidth value By default the...

Page 158: ...LANs Execute display commands in any view and reset commands in user view Task Command Display VLAN interface information display interface vlan interface interface number brief description down Displ...

Page 159: ...so that only hosts in the same department can communicate with each other Figure 3 Network diagram Procedure 1 Configure Device A Create VLAN 100 and assign Twenty FiveGigE 1 0 1 to VLAN 100 DeviceA...

Page 160: ...N type Static Route interface Not configured Description VLAN 0100 Name VLAN 0100 Tagged ports Twenty FiveGigE1 0 3 Untagged ports Twenty FiveGigE1 0 1 DeviceA Twenty FiveGigE1 0 3 display vlan 200 VL...

Page 161: ...VLANs 100 and 200 as an untagged VLAN member DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 port link type hybrid DeviceA Twenty FiveGigE1 0 1 port hybrid vlan 100 200 untagged E...

Page 162: ...Twenty FiveGigE1 0 2 port link type trunk DeviceB Twenty FiveGigE1 0 2 port trunk permit vlan 100 200 DeviceB Twenty FiveGigE1 0 2 quit 3 Configure Device C in the same way as the Device A is configur...

Page 163: ...eC interface twenty fivegige 1 0 2 DeviceC Twenty FiveGigE1 0 2 port link type hybrid DeviceC Twenty FiveGigE1 0 2 port hybrid vlan 100 tagged DeviceC Twenty FiveGigE1 0 2 quit Configure Twenty FiveGi...

Page 164: ...100 Subnet index IP address Subnet mask 0 192 168 5 0 255 255 255 0 VLAN ID 200 Subnet index IP address Subnet mask 0 192 168 50 0 255 255 255 0 Verify the IP subnet based VLAN configuration on Twent...

Page 165: ...4 to VLAN 200 Device vlan200 port twenty fivegige 1 0 4 Configure VLAN 200 as a protocol based VLAN and create an IPv6 protocol template with the index 1 for VLAN 200 Device vlan200 protocol vlan 1 ip...

Page 166: ...2 port hybrid protocol vlan vlan 100 1 to 2 Device Twenty FiveGigE1 0 2 port hybrid protocol vlan vlan 200 1 Device Twenty FiveGigE1 0 2 quit 2 Configure hosts and servers a Configure IPv4 Host A IPv...

Page 167: ...Active 100 2 Ethernet II Etype 0x0806 Active 200 1 IPv6 Active Interface Twenty FiveGigE 1 0 2 VLAN ID Protocol index Protocol type Status 100 1 IPv4 Active 100 2 Ethernet II Etype 0x0806 Active 200...

Page 168: ...r VLAN 2 Enable local proxy ARP or ND on the super VLAN interface as follows In an IPv4 network enable local proxy ARP on the super VLAN interface The super VLAN can then process ARP requests and repl...

Page 169: ...see High Availability Configuration Guide Procedure 1 Enter system view system view 2 Create a VLAN interface and enter its view interface vlan interface interface number The value for the interface...

Page 170: ...examples Example Configuring a super VLAN Network configuration As shown in Figure 7 Twenty FiveGigE 1 0 1 and Twenty FiveGigE 1 0 2 are in VLAN 2 Twenty FiveGigE 1 0 3 and Twenty FiveGigE 1 0 4 are...

Page 171: ...te VLAN 5 and assign Twenty FiveGigE 1 0 5 and Twenty FiveGigE 1 0 6 to the VLAN DeviceA vlan 5 DeviceA vlan5 port twenty fivegige 1 0 5 twenty fivegige 1 0 6 DeviceA vlan5 quit Configure VLAN 10 as a...

Page 172: ...dress 10 1 1 1 Ipv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports Twenty FiveGigE1 0 3 Twenty FiveGigE1 0 4 VLAN ID 5 VLAN type Static It is a sub VLA...

Page 173: ...mple L3 Device A in Figure 8 As shown in Figure 8 the private VLAN feature is enabled on L2 Device B VLAN 10 is the primary VLAN VLANs 2 5 and 8 are secondary VLANs that are associated with VLAN 10 L3...

Page 174: ...ault VLAN does not support the private VLAN configuration Private VLAN tasks at a glance To configure a private VLAN perform the following tasks 1 Creating a primary VLAN 2 Creating secondary VLANs 3...

Page 175: ...y VLANs Procedure 1 Enter system view system view 2 Enter interface view of the uplink port interface interface type interface number 3 Configure the uplink port as a promiscuous or trunk promiscuous...

Page 176: ...trunk secondary port of the specified VLANs port private vlan vlan id list trunk secondary By default a port is not a host or trunk secondary port 5 Return to system view quit 6 Enter VLAN view of a...

Page 177: ...s in any view Task Command Display information about primary VLANs and the secondary VLANs associated with each primary VLAN display private vlan primary vlan id Private VLAN configuration examples Ex...

Page 178: ...ous port of VLAN 5 DeviceB interface twenty fivegige 1 0 5 DeviceB Twenty FiveGigE1 0 5 port private vlan 5 promiscuous DeviceB Twenty FiveGigE1 0 5 quit Assign downlink port Twenty FiveGigE 1 0 2 to...

Page 179: ...gige 1 0 3 DeviceC Twenty FiveGigE1 0 3 port access vlan 3 DeviceC Twenty FiveGigE1 0 3 port private vlan host DeviceC Twenty FiveGigE1 0 3 quit Assign downlink port Twenty FiveGigE 1 0 4 to VLAN 4 an...

Page 180: ...ntagged member of primary VLAN 5 and secondary VLAN 3 Example Configuring trunk promiscuous ports Network configuration As shown in Figure 10 configure the private VLAN feature to meet the following r...

Page 181: ...it DeviceB vlan 8 DeviceB vlan8 quit Associate secondary VLANs 2 and 3 with primary VLAN 5 DeviceB vlan 5 DeviceB vlan5 private vlan secondary 2 to 3 DeviceB vlan5 quit Associate secondary VLANs 6 and...

Page 182: ...Twenty FiveGigE 1 0 5 to VLAN 8 and configure the port as a host port DeviceB interface twenty fivegige 1 0 5 DeviceB Twenty FiveGigE1 0 5 port access vlan 8 DeviceB Twenty FiveGigE1 0 5 port private...

Page 183: ...y VLAN 2 Host port Twenty FiveGigE 1 0 3 is an untagged member of primary VLAN 5 and secondary VLAN 3 Example Configuring trunk promiscuous and trunk secondary ports Network configuration As shown in...

Page 184: ...vlan20 quit Create VLANs 11 12 21 and 22 DeviceA vlan 11 to 12 DeviceA vlan 21 to 22 Associate secondary VLANs 11 and 12 with primary VLAN 10 DeviceA vlan 10 DeviceA vlan10 private vlan secondary 11...

Page 185: ...vlan 11 21 trunk secondary DeviceA Twenty FiveGigE1 0 2 quit 2 Configure Device B Create VLANs 11 and 21 DeviceB system view DeviceB vlan 11 DeviceB vlan11 quit DeviceB vlan 21 DeviceB vlan21 quit Con...

Page 186: ...configured Description VLAN 0010 Name VLAN 0010 Tagged ports Twenty FiveGigE1 0 2 Twenty FiveGigE1 0 5 Untagged ports Twenty FiveGigE1 0 3 VLAN ID 11 VLAN type Static Private vlan type Secondary Route...

Page 187: ...2 and VLAN 3 respectively Secondary VLANs are isolated at Layer 2 but interoperable at Layer 3 Figure 12 Network diagram Procedure Create VLAN 10 and configure it as a primary VLAN DeviceA system vie...

Page 188: ...eA Vlan interface10 private vlan secondary 2 3 Assign IP address 192 168 1 1 24 to VLAN interface 10 DeviceA Vlan interface10 ip address 192 168 1 1 255 255 255 0 Enable local proxy ARP on VLAN interf...

Page 189: ...condary Route interface Configured IPv4 address 192 168 1 1 IPv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports Twenty FiveGigE1 0 1 Twenty FiveGigE1 0...

Page 190: ...hrough OUI addresses A device identifies voice packets based on their source MAC addresses A packet whose source MAC address complies with an Organizationally Unique Identifier OUI address of the devi...

Page 191: ...t to identify IP phones if the network has more IP phone categories than the maximum number of OUI addresses supported on the device LLDP has higher priority than the OUI list For more information abo...

Page 192: ...e device transmit both voice traffic and data traffic When an IP phone is powered on it sends out protocol packets After receiving these protocol packets the device uses the source MAC address of the...

Page 193: ...l VLAN VLAN IDs must be different for the following VLANs Voice VLAN PVID of the access port 802 1X guest Auth Fail or critical VLAN If an IP phone sends out untagged voice traffic the PVID of the acc...

Page 194: ...priority only for voice VLAN packets whose source MAC addresses match OUI addresses of the device As a best practice do not transmit both voice traffic and non voice traffic in a voice VLAN If you mu...

Page 195: ...N assignment mode Configuring a port to operate in manual voice VLAN assignment mode 3 Optional Enabling LLDP for automatic IP phone discovery 4 Optional Use one of the following methods Configuring L...

Page 196: ...VLAN As a best practice do not use this mode with PVST In PVST mode if the target voice VLAN is not permitted on a port the port is placed in blocked state The port drops the received packets instead...

Page 197: ...t to the voice VLAN Procedure 1 Enter system view system view 2 Optional Enable the voice VLAN security mode voice vlan security enable By default the voice VLAN security mode is enabled 3 Optional Ad...

Page 198: ...ure 1 Enter system view system view 2 Enable LLDP for automatic IP phone discovery voice vlan track lldp By default this feature is disabled Configuring LLDP or CDP to advertise a voice VLAN Configuri...

Page 199: ...ts from the IP phone will be transmitted in the dedicated voice VLAN LLDP packets sent from the device carry the priority information CDP packets sent from the device do not carry the priority informa...

Page 200: ...addresses of IP phones A and B to the device for voice packet identification The mask of the two MAC addresses is FFFF FF00 0000 Set an aging timer for voice VLANs Figure 16 Network diagram Procedure...

Page 201: ...LAN for it DeviceA Twenty FiveGigE1 0 2 voice vlan 3 enable DeviceA Twenty FiveGigE1 0 2 quit Verifying the configuration Display the OUI addresses supported on Device A DeviceA display voice vlan mac...

Page 202: ...0 1 to operate in manual voice VLAN assignment mode DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 undo voice vlan mode auto Configure Twenty FiveGigE 1 0 1 as a hybrid port Devi...

Page 203: ...ne 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00e0 bb00 0000 ffff ff00 0000 3Com phone Display the voice VLAN state DeviceA display voice vlan state Curren...

Page 204: ...and standards 4 Restrictions and guidelines MVRP configuration 4 MVRP tasks at a glance 4 Prerequisites 4 Enabling MVRP 5 Setting an MVRP registration mode 5 Setting MRP timers 5 Enabling GVRP compat...

Page 205: ...MRP implementation For example MRP registers and deregisters VLAN attributes as follows When a port receives a declaration for a VLAN the port registers the VLAN and joins the VLAN When a port receiv...

Page 206: ...pants on the device After receiving the New message other participants send the New message to their respective peer participants Leave message An MRP participant sends a Leave message to the peer par...

Page 207: ...en both the Join timer and the Periodic timer expire the participant resends the Join message Leave timer The Leave timer controls the deregistration of attributes An MRP participant starts the Leave...

Page 208: ...ck PVST RRPP and Smart Link For more information about STP RSTP MSTP and PVST see Configuring spanning tree protocols For more information about service loopback see Configuring service loopback group...

Page 209: ...ation about the port trunk permit vlan command see Layer 2 LAN Switching Command Reference 6 Enable MVRP on the port mvrp enable By default MVRP is disabled on a port Setting an MVRP registration mode...

Page 210: ...e interface type interface number 3 Set the LeaveAll timer mrp timer leaveall timer value The default setting is 1000 centiseconds 4 Set the Join timer mrp timer join timer value The default setting i...

Page 211: ...lan vlan id Display MVRP statistics display mvrp statistics interface interface list Clear MVRP statistics reset mvrp statistics interface interface list MVRP configuration examples Example Configurin...

Page 212: ...Configure Device A as the primary root bridge of MSTI 1 DeviceA stp instance 1 root primary Globally enable the spanning tree feature DeviceA stp global enable Globally enable MVRP DeviceA mvrp globa...

Page 213: ...ermit vlan all Enable MVRP on Twenty FiveGigE 1 0 3 DeviceA Twenty FiveGigE1 0 3 mvrp enable DeviceA Twenty FiveGigE1 0 3 quit Create VLAN 10 DeviceA vlan 10 DeviceA vlan10 quit 2 Configure Device B E...

Page 214: ...stp region configuration Configure the MST region name VLAN to instance mappings and revision level DeviceC mst region region name example DeviceC mst region instance 1 vlan 10 DeviceC mst region inst...

Page 215: ...configure it to permit VLANs 20 and 40 DeviceD interface twenty fivegige 1 0 1 DeviceD Twenty FiveGigE1 0 1 port link type trunk DeviceD Twenty FiveGigE1 0 1 port trunk permit vlan 20 40 Enable MVRP o...

Page 216: ...led Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 20 Declared...

Page 217: ...ning Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default 10 Decla...

Page 218: ...centiseconds Registration Type Normal Registered VLANs 1 default 10 20 Declared VLANs 1 default Propagated VLANs 1 default 10 Twenty FiveGigE1 0 2 Config Status Enabled Running Status Enabled Join Ti...

Page 219: ...following events have occurred Twenty FiveGigE 1 0 1 has registered and propagated VLAN 10 and VLAN 20 and declared VLAN 1 through MVRP Twenty FiveGigE 1 0 2 has registered VLAN 1 and declared and pr...

Page 220: ...n Device A DeviceA undo vlan 10 Display local MVRP VLAN information on Twenty FiveGigE 1 0 3 of Device B DeviceB display mvrp running status interface twenty fivegige 1 0 3 MVRP Global Info Global Sta...

Page 221: ...back interfaces 1 About loopback interfaces 1 About null interfaces 1 About inloopback interfaces 1 Configuring a loopback interface 1 Configuring a null interface 2 Restoring the default settings for...

Page 222: ...sidered packets sent to the device itself so the device does not forward these packets Using a loopback interface in dynamic routing protocols With no router ID configured for a dynamic routing protoc...

Page 223: ...nfigure the interface description description text The default setting is NULL0 Interface Restoring the default settings for an interface Restrictions and guidelines CAUTION This feature might interru...

Page 224: ...brief description down Display information about the specified or all loopback interfaces display interface loopback interface number brief description down Display information about the null interfa...

Page 225: ...guring the TPID for SVLAN tags 6 Setting the 802 1p priority in SVLAN tags 6 About the 802 1p priority in SVLAN tags 6 Prerequisites for setting the 802 1p priority in SVLAN tags 6 Tasks at a glance 7...

Page 226: ...customers to keep their VLAN assignment schemes unchanged when the service provider changes its VLAN assignment scheme Allows different customers to use overlapping CVLAN IDs Devices in the service p...

Page 227: ...rovides the most basic VLAN manipulation method to tag all incoming frames tagged or untagged with the PVID tag To perform advanced VLAN manipulations use VLAN mappings or QoS policies as follows To a...

Page 228: ...adding an SVLAN tag on a QinQ enabled port and then modifying the CVLAN and SVLAN IDs Enabling QinQ About enabling QinQ Enable QinQ on customer side ports of PEs A QinQ enabled port tags an incoming f...

Page 229: ...o one one to two and many to one VLAN mappings Original or translated outer VLANs of two to two VLAN mappings Procedure 1 Enter system view system view 2 Enter Layer 2 Ethernet interface view or Layer...

Page 230: ...rame is handled as untagged if the TPID in its outer VLAN tag is different from the SVLAN TPID For example a PE device is connected to a customer device that uses the TPID 0x8200 and to a provider dev...

Page 231: ...port priority is trusted the port priority 0 by default is used as the 802 1p priority in the SVLAN tag You can configure a QoS policy to modify the 802 1p priority in SVLAN tags as follows Modify th...

Page 232: ...id vlan id list Match 802 1p priority if match customer dot1p dot1p value 1 8 Creating a traffic behavior and configuring a priority marking action for SVLAN tags 1 Enter system view system view 2 Cr...

Page 233: ...erface number QinQ configuration examples Example Configuring basic QinQ Network configuration As shown in Figure 3 The service provider assigns VLAN 100 to Company A s VLANs 10 through 70 The service...

Page 234: ...port and assign it to VLANs 100 and 200 PE1 interface twenty fivegige 1 0 2 PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permit vlan 100 200 Set the TPID value in...

Page 235: ...E2 interface twenty fivegige 1 0 3 PE2 Twenty FiveGigE1 0 3 port link type trunk PE2 Twenty FiveGigE1 0 3 port trunk permit vlan 100 Set the PVID of Twenty FiveGigE 1 0 3 to VLAN 100 PE2 Twenty FiveGi...

Page 236: ...re Twenty FiveGigE 1 0 2 as a trunk port and assign it to VLANs 100 and 3000 PE1 interface twenty fivegige 1 0 2 PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permi...

Page 237: ...type trunk PE2 Twenty FiveGigE1 0 2 port trunk permit vlan 100 3000 3 Configure the devices between PE 1 and PE 2 Set the MTU to a minimum of 1504 bytes for each port on the path of QinQ frames Detail...

Page 238: ...ne VLAN mapping 7 About many to one VLAN mapping 7 Configuring many to one VLAN mapping in dynamic IP address assignment environment 7 Configuring many to one VLAN mapping in static IP address assignm...

Page 239: ...pping Replaces multiple VLAN tags with the same VLAN tag One to two VLAN mapping Tags single tagged packets with an outer VLAN tag Two to two VLAN mapping Replaces the outer and inner VLAN IDs of doub...

Page 240: ...to the same type of traffic from different customers One to two and two to two VLAN mapping One to two and two to two VLAN mapping are typically used to implement communication across different SP net...

Page 241: ...ing benefits Enables a customer network to plan its CVLAN assignment without conflicting with SVLANs Adds a VLAN tag to a tagged packet and expands the number of available VLANs to 4094 4094 Reduces t...

Page 242: ...ing As shown in Figure 5 many to one VLAN mapping is implemented on both the customer side and network side ports as follows For the uplink traffic the customer side many to one VLAN mapping replaces...

Page 243: ...move the SVLAN tag from the downlink traffic Configure the customer side port as a hybrid port and assign the port to the SVLAN as an untagged member Configure the customer side port as a trunk port a...

Page 244: ...Use the appropriate VLAN mapping methods for the devices in the network To configure VLAN mapping perform the following tasks Configuring one to one VLAN mapping Configure one to one VLAN mapping on...

Page 245: ...N 1 Assign the hybrid port to the original VLAN and the translated VLAN as a tagged member port hybrid vlan vlan id list tagged By default a hybrid port is an untagged member of the VLAN to which the...

Page 246: ...r side port 4 Configuring the network side port Enabling DHCP snooping 1 Enter system view system view 2 Enable DHCP snooping dhcp snooping enable By default DHCP snooping is disabled Enabling ARP det...

Page 247: ...ge aggregation interface number 3 Set the link type of the port port link type hybrid trunk By default the link type of a port is access 4 Assign the port to the translated VLAN Assign the trunk port...

Page 248: ...one VLAN mapping use the reset arp snooping vlan vlan id command to clear the ARP snooping entries in each CVLAN To ensure correct traffic forwarding from the service provider network to the customer...

Page 249: ...t 1 Enter system view system view 2 Enter interface view Enter Layer 2 Ethernet interface view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggrega...

Page 250: ...e interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number 3 Set the link type of the port port link type hybrid trunk By default the link t...

Page 251: ...id list tagged By default a hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access 5 Configure a two to two VLAN mapping vlan mapping tunnel outer vlan id...

Page 252: ...AN 501 VoD VLAN 2 VLANs 201 202 203 204 VLAN 502 VoIP VLAN 3 VLANs 301 302 303 304 VLAN 503 Figure 8 Network diagram Campus switch Switch C Distribution network DHCP client DHCP server Wiring closet S...

Page 253: ...SwitchA Twenty FiveGigE1 0 2 port link type trunk Assign Twenty FiveGigE 1 0 2 to all original VLANs and translated VLANs SwitchA Twenty FiveGigE1 0 2 port trunk permit vlan 1 2 3 102 202 302 Configur...

Page 254: ...t Configure customer side port Twenty FiveGigE 1 0 1 as a trunk port SwitchC interface twenty fivegige 1 0 1 SwitchC Twenty FiveGigE1 0 1 port link type trunk Assign Twenty FiveGigE 1 0 1 to all origi...

Page 255: ...t link type trunk Assign Twenty FiveGigE 1 0 3 to the translated VLANs SwitchC Twenty FiveGigE1 0 3 port trunk permit vlan 501 to 503 Configure Twenty FiveGigE 1 0 3 as a DHCP snooping trusted and ARP...

Page 256: ...to two VLAN mapping Network configuration As shown in Figure 9 Two VPN A branches Site 1 and Site 2 are in VLAN 5 and VLAN 6 respectively The two sites use different VPN access services from different...

Page 257: ...quit 2 Configure PE 2 Create VLAN 100 PE2 system view PE2 vlan 100 PE2 vlan100 quit Configure Twenty FiveGigE 1 0 1 as a trunk port PE2 interface twenty fivegige 1 0 1 PE2 Twenty FiveGigE1 0 1 port l...

Page 258: ...enty FiveGigE1 0 1 quit Configure the customer side port Twenty FiveGigE 1 0 2 as a hybrid port PE4 interface twenty fivegige 1 0 2 PE4 Twenty FiveGigE1 0 2 port link type hybrid Assign Twenty FiveGig...

Page 259: ...21 6 N A 200 6...

Page 260: ...configuration 3 Enabling loop detection globally 3 Enabling loop detection on a port 3 Setting the loop protection action 4 Restrictions and guidelines for loop protection action configuration 4 Sett...

Page 261: ...nQ or VLAN mapping configuration for incorrect settings For more information about QinQ and VLAN mapping see Configuring QinQ and Configuring VLAN mapping Figure 1 Ethernet frame header for loop detec...

Page 262: ...etermine whether loops occur on ports and whether loops are removed Loop protection actions When the device detects a loop on a port it generates a log but performs no action on the port by default Yo...

Page 263: ...l Setting the loop protection action Setting the global loop protection action Setting the loop protection action on an interface 3 Optional Setting the loop detection interval Enabling loop detection...

Page 264: ...tem view 2 Enter interface view interface interface type interface number 3 Set the loop protection action on the interface loopback detection action block no learning shutdown By default the device g...

Page 265: ...e following requirements Device A generates a log as a notification Device A automatically shuts down the port on which a loop is detected Figure 3 Network diagram Procedure 1 Configure Device A Creat...

Page 266: ...Twenty FiveGigE1 0 1 quit DeviceB interface twenty fivegige 1 0 2 DeviceB Twenty FiveGigE1 0 2 port link type trunk DeviceB Twenty FiveGigE1 0 2 port trunk permit vlan 100 DeviceB Twenty FiveGigE1 0...

Page 267: ...Use the display loopback detection command to display the loop detection configuration and status on devices for example Device A DeviceA display loopback detection Loop detection is enabled Loop det...

Page 268: ...rictions Interface configuration 23 Spanning tree protocol tasks at a glance 24 STP tasks at a glance 24 RSTP tasks at a glance 25 PVST tasks at a glance 26 MSTP tasks at a glance 27 Setting the spann...

Page 269: ...ion tasks at a glance 47 Configuring BPDU guard 48 Enabling root guard 49 Enabling loop guard 49 Configuring port role restriction 50 Configuring TC BPDU transmission restriction 51 Enabling TC BPDU g...

Page 270: ...refers to the IEEE 802 1d STP and various enhanced spanning tree protocols derived from that protocol STP protocol frames STP uses bridge protocol data units BPDUs also known as configuration messages...

Page 271: ...BPDU transmission interval Forward delay Delay for STP bridges to transit port state Devices use the root bridge ID root path cost designated bridge ID designated port ID message age max age hello ti...

Page 272: ...gnated port Classification Designated bridge Designated port For a device Device directly connected to the local device and responsible for forwarding BPDUs to the local device Port through which the...

Page 273: ...t bridge selection The root bridge can be selected in the following methods Automatic election Initially each STP enabled device on the network assumes itself to be the root bridge with its own device...

Page 274: ...raffic Table 2 Selecting the optimum configuration BPDU Step Actions 1 Upon receiving a configuration BPDU on a port the device compares the priority of the received configuration BPDU with that of th...

Page 275: ...dge ID root path cost designated bridge ID and designated port ID Table 3 Initial state of each device Device Port name Configuration BPDU on the port Device A Port A1 0 0 0 Port A1 Port A2 0 0 0 Port...

Page 276: ...1 3 Updates its configuration BPDU Port B2 performs the following operations 1 Receives the configuration BPDU of Port C2 2 0 2 Port C2 2 Determines that its existing configuration BPDU 1 0 1 Port B2...

Page 277: ...B2 2 Determines that the received configuration BPDU is superior to its existing configuration BPDU 0 10 2 Port C2 3 Updates its configuration BPDU Port C1 performs the following operations 1 Receive...

Page 278: ...nfiguration BPDU through the designated port If a designated port receives a configuration BPDU with a lower priority than its configuration BPDU the port immediately responds with its configuration B...

Page 279: ...has expired If it is expired a new spanning tree calculation process starts The max age timer does not take effect on MSTIs If a port does not receive any configuration BPDUs within the timeout period...

Page 280: ...cted as the root port or designated port it enters the learning state after the forward delay The port learns MAC addresses and enters the forwarding state after another forward delay A newly elected...

Page 281: ...cannot be blocked on a per VLAN basis to prune loops PVST allows every VLAN to have its own spanning tree which increases usage of links and bandwidth Because each VLAN runs RSTP independently a span...

Page 282: ...02 1s MSTP overcomes the limitations of STP RSTP and PVST In addition to supporting rapid network convergence it allows data flows of different VLANs to be forwarded along separate paths This provides...

Page 283: ...used to identify the MST region for the originating bridge CIST IRPC Internal root path cost IRPC from the originating bridge to the root of the MST region CIST bridge ID ID of the bridge that sends t...

Page 284: ...king topology of MST region 3 Figure 9 Basic concepts in MSTP Figure 10 Network diagram and topology of MST region 3 MST region 1 MST region 2 MST region 3 MST region 4 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Oth...

Page 285: ...nd MSTIs In Figure 10 the VLAN to instance mapping table of MST region 3 is as follows VLAN 1 to MSTI 1 VLAN 2 and VLAN 3 to MSTI 2 Other VLANs to MSTI 0 MSTP achieves load balancing by means of the V...

Page 286: ...ort or master port is blocked the alternate port takes over Backup port Acts as the backup port of a designated port When the designated port is invalid the backup port becomes the new designated port...

Page 287: ...ding How MSTP works MSTP divides an entire Layer 2 network into multiple MST regions which are connected by a calculated CST Inside an MST region multiple spanning trees called MSTIs are calculated Am...

Page 288: ...rom the blocking state to the forwarding state The forward delay is related to the hello time and network diameter If the forward delay is too short loops might occur This affects the stability of the...

Page 289: ...orts transits to the discarding or learning state it sets the proposal flag in its BPDU Its peer bridge receives the BPDU and determines whether the receiving port is the root port If it is the root p...

Page 290: ...5 the P A transition operates as follows 1 Device A sets the proposal and agreement flags in its BPDU and sends it to Device B through Port A1 2 Device B receives the BPDU Port B1 of Device B is elect...

Page 291: ...22 IEEE 802 1Q REV D1 3 Media Access Control MAC Bridges and Virtual Bridged Local Area Networks Clause 13 Spanning tree Protocols...

Page 292: ...k group RRPP Smart Link and L2PT Restrictions Interface configuration Some spanning tree features are supported in Layer 2 Ethernet interface view and Layer 2 aggregate interface view Unless otherwise...

Page 293: ...rom reactivating edge ports shut down by BPDU guard Enabling BPDU transparent transmission on a port Enabling SNMP notifications for new root election and topology change events Configuring the leaf n...

Page 294: ...protection features Disabling the device from reactivating edge ports shut down by BPDU guard Enabling BPDU transparent transmission on a port Enabling SNMP notifications for new root election and to...

Page 295: ...advanced spanning tree features Performing mCheck Disabling inconsistent PVID protection Configuring protection features Enabling the device to log events of detecting or receiving TC BPDUs Disabling...

Page 296: ...ing spanning tree timers Setting the timeout factor Configuring the BPDU transmission rate Configuring edge ports Configuring the port link type 6 Optional Configuring the mode a port uses to recogniz...

Page 297: ...he peer device A port in this mode does not transit to the MSTP mode when it receives MSTP BPDUs from the peer device PVST mode All ports of the device send PVST BPDUs Each VLAN maintains a spanning t...

Page 298: ...command Enable a spanning tree protocol by using the stp global enable command if the spanning tree protocol is disabled Restrictions and guidelines In STP RSTP or PVST mode MST region configurations...

Page 299: ...ority settings Once you specify a device as the root bridge or a secondary root bridge you cannot change the priority of the device You can configure a device as the root bridge by setting the device...

Page 300: ...f an MST region About the maximum hops of an MST region Restrict the region size by setting the maximum hops of an MST region The hop limit configured on the regional root bridge is used as the hop li...

Page 301: ...ridge diameter diameter The default setting is 7 Setting spanning tree timers About spanning tree timers The following timers are used for spanning tree calculation Forward delay Delay time for port s...

Page 302: ...akes packet loss for a link failure and triggers a new spanning tree calculation process If the hello time is too short the device frequently sends the same configuration BPDUs which wastes device and...

Page 303: ...n starts an undesired spanning tree calculation To save network resources on a stable network Procedure 1 Enter system view system view 2 Set the timeout factor of the device stp timer factor factor T...

Page 304: ...usive Procedure 1 Enter system view system view 2 Enter interface view interface interface type interface number 3 Configure the port as an edge port stp edged port By default all ports are non edge p...

Page 305: ...ports 100000 180 Aggregate interface containing three Selected ports 66666 160 Aggregate interface containing four Selected ports 50000 140 Table 8 Mappings between the link speed 1000M and the path...

Page 306: ...ports 400 1 Aggregate interface containing three Selected ports 266 1 Aggregate interface containing four Selected ports 200 1 Table 11 Mappings between the link speed 40G and the path cost Link spee...

Page 307: ...E 802 1d 1998 or the private standard always assigns the smallest possible value to a single port or aggregate interface with a speed exceeding 10 Gbps The forwarding path selected based on this crite...

Page 308: ...the system recalculates the port role and initiates a state transition Prepare for the network topology change before configuring the port priority Procedure 1 Enter system view system view 2 Enter in...

Page 309: ...ition mode of a port is auto The port automatically distinguishes the two MSTP frame formats and determines the format of frames that it will send based on the recognized format You can configure the...

Page 310: ...STP RSTP or MSTP mode make sure the spanning tree feature is enabled globally and on the desired ports In PVST mode make sure the spanning tree feature is enabled globally in the desired VLANs and on...

Page 311: ...ed on all ports Performing mCheck About mCheck The mCheck feature enables user intervention in the port state transition process When a port on an MSTP RSTP or PVST device connects to an STP device an...

Page 312: ...evices that host the ports To avoid PVST calculation errors make sure the following requirements are met Make sure the VLANs on one device do not use the same ID as the PVID of its peer port except th...

Page 313: ...ated devices of different vendors are connected and run spanning tree protocols With Digest Snooping enabled in the same region verification does not require comparison of configuration digest The VLA...

Page 314: ...e upstream device is received Figure 16 Rapid state transition of an MSTP designated port Figure 17 Rapid state transition of an RSTP designated port If the upstream device is a third party device the...

Page 315: ...ocols through a point to point link Configure the same region name revision level and VLAN to instance mappings on the two devices Procedure Enable the No Agreement Check feature on the root port 1 En...

Page 316: ...ore enabling TC Snooping The priority of BPDU tunneling is higher than that of TC Snooping When BPDU tunneling is enabled on a port the TC Snooping feature does not take effect on the port TC Snooping...

Page 317: ...these ports Notifies the NMS that these ports have been shut down by the spanning tree protocol The device reactivates the ports that have been shut down when the port status detection timer expires...

Page 318: ...tion BPDU with a higher priority from an MSTI it performs the following operations Immediately sets that port to the listening state in the MSTI Does not forward the received configuration BPDU This i...

Page 319: ...re is enabled on the up interface Procedure 1 Enter system view system view 2 Enter interface view interface interface type interface number 3 Enable the loop guard feature stp loop protection By defa...

Page 320: ...tion is disabled Enabling TC BPDU guard About TC BPDU guard When a device receives topology change TC BPDUs the BPDUs that notify devices of topology changes it flushes its forwarding address entries...

Page 321: ...An MSTP enabled device forwards PVST BPDUs as data traffic because it cannot recognize PVST BPDUs If a PVST enabled device in another independent network receives the PVST BPDUs a PVST calculation er...

Page 322: ...ks between Device A and Device B become unidirectional the links fail in the direction of Port A1 to Port B1 the following events occur 1 Device B cannot receive BPDUs from Device A 2 Device B determi...

Page 323: ...AN 100 to Device A When Device A receives the inferior BPDU dispute guard blocks Port A1 which causes traffic interruption To ensure service continuity you can disable dispute guard on Device A to pre...

Page 324: ...mer expires You can set this timer by using the shutdown interval command For more information about this command see device management commands in Fundamentals Command Reference Restrictions and guid...

Page 325: ...ust also configure SNMP on the device For more information about SNMP configuration see the network management and monitoring configuration guide for the device When you use the snmp agent trap enable...

Page 326: ...rts display stp bpdu statistics interface interface type interface number instance instance list Display information about ports shut down by spanning tree protection features display stp down port Di...

Page 327: ...eA mst region region name example Map VLAN 10 VLAN 30 and VLAN 40 to MSTI 1 MSTI 3 and MSTI 4 respectively DeviceA mst region instance 1 vlan 10 DeviceA mst region instance 3 vlan 30 DeviceA mst regio...

Page 328: ...STI 4 respectively DeviceC mst region instance 1 vlan 10 DeviceC mst region instance 3 vlan 30 DeviceC mst region instance 4 vlan 40 Configure the revision level of the MST region as 0 DeviceC mst reg...

Page 329: ...ING NONE 0 Twenty FiveGigE1 0 2 DESI FORWARDING NONE 0 Twenty FiveGigE1 0 3 DESI FORWARDING NONE 1 Twenty FiveGigE1 0 2 DESI FORWARDING NONE 1 Twenty FiveGigE1 0 3 ROOT FORWARDING NONE 3 Twenty FiveGi...

Page 330: ...ng trees of the VLAN VLAN 10 VLAN 20 and VLAN 30 are terminated on the distribution layer devices and VLAN 40 is terminated on the access layer devices The root bridge of VLAN 10 and VLAN 20 is Device...

Page 331: ...oot bridge of VLAN 30 DeviceB stp vlan 30 root primary Enable the spanning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceB stp global enable DeviceB stp vlan 10 20 30 enable 4 Configu...

Page 332: ...FORWARDING NONE 30 Twenty FiveGigE1 0 3 DESI FORWARDING NONE Display brief spanning tree information on Device C DeviceC display stp brief VLAN ID Port Role STP State Protection 10 Twenty FiveGigE1 0...

Page 333: ...VLAN 20 and VLAN 30 are terminated on the distribution layer devices The root bridge of VLAN 10 VLAN 20 and VLAN 30 is the DR system formed by Device A and Device B NOTE As a best practice do not conn...

Page 334: ...he device as the root bridge of VLAN 10 and VLAN 20 DeviceA stp vlan 10 20 root primary Enable the spanning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceA stp global enable DeviceA s...

Page 335: ...NG NONE 20 Bridge Aggregation1 DESI FORWARDING NONE 20 Bridge Aggregation2 DESI FORWARDING NONE 30 Bridge Aggregation2 DESI FORWARDING NONE Display brief spanning tree information on Device C DeviceC...

Page 336: ...alidation and aging 19 Configuring LLDP neighbor validation on an interface 19 Configuring LLDP neighbor aging on an interface 19 Configuring MAC address learning for DCN 20 About MAC address learning...

Page 337: ...ii...

Page 338: ...ice ID Port ID LLDP agents and bridge modes An LLDP agent is a mapping of a protocol entity that implements LLDP Multiple LLDP agents can run on the same interface LLDP agents are classified into the...

Page 339: ...otocol SNAP format LLDP frame encapsulated in Ethernet II Figure 2 Ethernet II encapsulated LLDP frame Table 1 Fields in an Ethernet II encapsulated LLDP frame Field Description Destination MAC addres...

Page 340: ...ermine the validity of the received Ethernet frame LLDPDUs Each LLDP frame contains one LLDPDU Each LLDPDU is a sequence of type length value TLV structures Figure 4 LLDPDU encapsulation format As sho...

Page 341: ...device and the enabled primary features Management Address Specifies the following elements The management address of the local device The interface number and object identifier OID associated with t...

Page 342: ...uplex mode Link Aggregation Indicates whether the port supports link aggregation and if yes whether link aggregation is enabled Power Via MDI Contains the power supply capabilities of the port Port cl...

Page 343: ...ts model name Asset ID Allows a terminal device to advertise its asset ID The typical case is that the user specifies the asset ID for the endpoint to facilitate directory management and asset trackin...

Page 344: ...l value of the aging timer is equal to the TTL value in the Time To Live TLV carried in the LLDP frame When the LLDP agent receives a new LLDP frame the aging timer restarts When the aging timer decre...

Page 345: ...rts of OpenFlow instances For more information about OpenFlow see OpenFlow Configuration Guide You can configure LLDP on an IRF physical interface to monitor the connection and link status of the IRF...

Page 346: ...nabled globally 3 Enter interface view interface interface type interface number 4 Enable LLDP lldp enable By default LLDP is enabled on a port Setting the LLDP bridge mode 1 Enter system view system...

Page 347: ...t initializes the protocol state machines after an LLDP reinitialization delay By adjusting the delay you can avoid frequent initializations caused by frequent changes to the LLDP operating mode on a...

Page 348: ...management TLVs and IEEE 802 1 organizationally specific TLVs In Layer 3 Ethernet interface view lldp tlv enable basic tlv all port description system capability system description system name manage...

Page 349: ...ic TLV set In Layer 2 aggregate interface view lldp tlv enable dot1 tlv protocol vlan id vlan id vlan name vlan id management vid mvlan id lldp agent nearest nontpmr tlv enable basic tlv all managemen...

Page 350: ...management address tlv command 3 Default setting for the interface By default The nearest bridge agent and nearest customer bridge agent advertise the management address TLV The nearest non TPMR bridg...

Page 351: ...ce view lldp agent nearest customer nearest nontpmr management address format string The default management address encoding format is numeric Setting the encapsulation format for LLDP frames About se...

Page 352: ...the token bucket size for sending LLDP frames lldp max credit credit value The default setting is 5 5 Set the number of LLDP frames sent each time fast LLDP frame transmission is triggered lldp fast c...

Page 353: ...t nearest customer nearest nontpmr check change interval interval In IRF physical interface view lldp check change interval interval By default LLDP polling is disabled Disabling LLDP PVID inconsisten...

Page 354: ...carrying TLVs with the configured voice VLAN If no voice VLAN is configured for CDP packets CDP packets carry the voice VLAN of the port or the voice VLAN assigned by the RADIUS server The assigned vo...

Page 355: ...g notifies the network management system of events such as newly detected neighboring devices and link failures To prevent excessive LLDP traps from being sent when the topology is unstable set a trap...

Page 356: ...LV criterion lldp neighbor identity chassis id chassis id subtype chassis id Configure the port ID TLV criterion lldp neighbor identity port id port id subtype port id By default no neighbor validatio...

Page 357: ...the source MAC address of LLDP frames 2 Enabling generation of ARP or ND entries for received management address TLVs Configuring MAC address learning for DCN on a Layer 3 Ethernet interface 1 Optiona...

Page 358: ...of LLDP frames This ensures that the neighbor NE can generate correct ARP or ND entries In Layer 3 Ethernet interface view you can specify an existing Layer 3 Ethernet subinterface as the output inte...

Page 359: ...e interface number agent nearest bridge nearest customer nearest nontpmr Display types of advertisable optional LLDP TLVs display lldp tlv config interface interface type interface number agent neares...

Page 360: ...ace twenty fivegige 1 0 1 SwitchB Twenty FiveGigE1 0 1 lldp enable Set the LLDP operating mode to Tx on Twenty FiveGigE 1 0 1 SwitchB Twenty FiveGigE1 0 1 lldp admin status tx SwitchB Twenty FiveGigE1...

Page 361: ...nown TLV 0 LLDP status information of port 2 Twenty FiveGigE1 0 2 LLDP agent nearest bridge Port status of LLDP Enable Admin status Rx_Only Trap flag No MED trap flag No Polling interval 0s Number of...

Page 362: ...minutes 20 seconds Transmit interval 30s Fast transmit interval 1s Transmit credit max 5 Hold multiplier 4 Reinit delay 2s Trap interval 30s Fast start times 4 LLDP status information of port 1 Twenty...

Page 363: ...LLDP agent nearest customer Port status of LLDP Enable Admin status Disable Trap flag No MED trap flag No Polling interval 0s Number of LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbo...

Page 364: ...y fivegige 1 0 1 SwitchA Twenty FiveGigE1 0 1 lldp enable Configure LLDP to operate in TxRx mode on Twenty FiveGigE 1 0 1 SwitchA Twenty FiveGigE1 0 1 lldp admin status txrx Configure CDP compatible L...

Page 365: ...iveGigE1 0 1 LLDP agent nearest bridge CDP neighbor index 1 Chassis ID SEP00141CBCDBFE Port ID Port 1 CDP neighbor information of port 2 Twenty FiveGigE1 0 2 LLDP agent nearest bridge CDP neighbor ind...

Page 366: ...n Traffic Classes DCBX functions DCBX offers the following functions Discovers the peer devices capabilities and determines whether devices at both ends support these capabilities Detects configuratio...

Page 367: ...PP parameters 4 Configuring ETS parameters a Configuring the 802 1p to local priority mapping b Configuring group based WRR queuing 5 Configuring PFC parameters Enabling LLDP and DCBX TLV advertising...

Page 368: ...s preferably negotiated Procedure 1 Enter system view system view 2 Enter Layer 2 Ethernet interface view interface interface type interface number 3 Set the DCBX version dcbx version rev100 rev101 st...

Page 369: ...IPv4 advanced ACL and configure a rule for the ACL acl advanced acl number name acl name match order auto config rule rule id permit tcp udp destination port eq port DCBX Rev 1 00 supports only Layer...

Page 370: ...mmitted bandwidth of the interface Restrictions and guidelines To configure ETS parameters perform the following tasks 1 Configure the 802 1p to local priority mapping by using either of the following...

Page 371: ...pping in the priority mapping table method 1 Enter system view system view 2 Enter 802 1p to local priority mapping table view for the outgoing traffic qos map table dot1p lp 3 Configure the priority...

Page 372: ...ype interface number 3 Enable PFC in auto mode on the Ethernet interface priority flow control auto By default PFC is disabled To advertise the PFC data you must enable PFC in auto mode 4 Enable PFC f...

Page 373: ...onfigure the traffic behavior to mark packets with 802 1p priority value 3 SwitchA traffic behavior app_b SwitchA behavior app_b remark dot1p 3 SwitchA behavior app_b quit Create a QoS policy named pl...

Page 374: ...DCBX Parameter Type and Length DCBX Parameter Length 13 DCBX Parameter Type 2 DCBX Parameter Information Parameter Type Current Pad Byte Present Yes DCBX Parameter Valid Yes Reserved 0 DCBX Parameter...

Page 375: ...f Priority 6 6 Priority Group 0 Percentage 2 Priority Group 1 Percentage 4 Priority Group 2 Percentage 6 Priority Group 3 Percentage 0 Priority Group 4 Percentage 10 Priority Group 5 Percentage 18 Pri...

Page 376: ...ength 2 DCBX Parameter Type 3 DCBX Parameter Information Parameter Type Current Pad Byte Present No DCBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabled on Priority 0 No PFC Enabled on...

Page 377: ...CBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabled on Priority 0 No PFC Enabled on Priority 1 No PFC Enabled on Priority 2 No PFC Enabled on Priority 3 Yes PFC Enabled on Priority 4 No...

Page 378: ...and guidelines for L2PT 3 Enabling L2PT for a protocol in Layer 2 Ethernet interface view 4 Enabling L2PT for a protocol in Layer 2 aggregate interface view 4 Setting the destination multicast MAC ad...

Page 379: ...e packet is from the customer network or the service provider network They must deliver the packet to the CPU for processing In this case the Layer 2 protocol calculation in Customer A s network is mi...

Page 380: ...iving port Decapsulates the packet and multicasts the decapsulated packet out of all customer facing ports in the VLAN Figure 2 L2PT operating mechanism For example as shown in Figure 3 PE 1 receives...

Page 381: ...the following conditions exist The protocol is running on the aggregate interface on the CE The aggregate interface on the CE connects to an L2PT enabled port on the PE Enable L2PT on PE ports connec...

Page 382: ...cols Enabling L2PT for a protocol in Layer 2 aggregate interface view 1 Enter system view system view 2 Enter Layer 2 aggregate interface view interface bridge aggregation interface type interface num...

Page 383: ...es Example Configuring L2PT for STP Network configuration As shown in Figure 4 the MAC addresses of CE 1 and CE 2 are 00e0 fc02 5800 and 00e0 fc02 5802 respectively MSTP is enabled in Customer A s net...

Page 384: ...all PE1 Twenty FiveGigE1 0 2 quit 2 Configure PE 2 in the same way PE 1 is configured Details not shown Verifying the configuration Verify that the root bridge of Customer A s network is CE 1 CE2 dis...

Page 385: ...ansmitted configure all ports in the service provider network as trunk ports Procedure 1 Configure CE 1 Configure Layer 2 aggregation group Bridge Aggregation 1 to operate in dynamic aggregation mode...

Page 386: ...rt link mode bridge PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permit vlan 3 PE1 Twenty FiveGigE1 0 2 port trunk pvid vlan 3 Enable QinQ on Twenty FiveGigE 1 0 2...

Page 387: ...cket s CE2 display link aggregation member port Flags A LACP_Activity B LACP_Timeout C Aggregation D Synchronization E Collecting F Distributing G Defaulted H Expired Twenty FiveGigE1 0 1 Aggregate In...

Page 388: ...10 Flag ACDEF Remote System ID 0x8000 0001 0000 0000 Port Number 4 Port Priority 32768 Oper Key 1 Flag ACDEF Received LACP Packets 10 packet s Illegal 0 packet s Sent LACP Packets 13 packet s...

Page 389: ...groups 1 Restrictions and guidelines Service loopback group configuration 1 Configuring a service loopback group 1 Display and maintenance commands for service loopback groups 2 Service loopback group...

Page 390: ...assign a physical interface to the service loopback group if that interface is the only member interface of an IRF port For correct traffic processing make sure the service loopback group has a minim...

Page 391: ...e loopback group 1 All configurations on the interface will be lost Continue Y N y After this command is executed the speed will be reset to the default value on Twenty FiveGigE1 0 1 to Twenty FiveGig...

Page 392: ...3 Create the interface Tunnel 1 and set it to GRE mode The interface will automatically use service loopback group 1 Sysname interface tunnel 1 mode gre Sysname Tunnel1...

Page 393: ...i Contents Configuring cut through Layer 2 forwarding 1 About cut through Layer 2 forwarding 1 Restrictions and guidelines for cut through Layer 2 forwarding configuration 1 Procedure 1...

Page 394: ...erformance Restrictions and guidelines for cut through Layer 2 forwarding configuration With cut through forwarding the device forwards CRC error frames because it starts forwarding frames before thei...

Reviews:

No comments

Related manuals for S6850 Series

Raritan PARAGON II Series Quick Manual preview
PARAGON II Series
Brand: Raritan Pages: 1
Raritan Paragon Manager Installation And Operation Manual preview
Paragon Manager
Brand: Raritan Pages: 117
SIMON RWA HE 083 Brief Instruction preview
HE 083
Brand: SIMON RWA Pages: 3
IDEM SAFETY SWITCHES KLM-P2L Operating Instructions preview
KLM-P2L
Brand: IDEM SAFETY SWITCHES Pages: 2
Edge-Core AS7726-32X Quick Start Manual preview
AS7726-32X
Brand: Edge-Core Pages: 9
G&D DL-DVI-MUX2-NT SERIES Installation And Operation Manual preview
DL-DVI-MUX2-NT SERIES
Brand: G&D Pages: 76
Velleman HQ-Power VMS4 Manual preview
HQ-Power VMS4
Brand: Velleman Pages: 5
Eaton STS 2000A Installation And Operation Manual preview
STS 2000A
Brand: Eaton Pages: 120
Topex multiSwitch User Manual preview
multiSwitch
Brand: Topex Pages: 170
TeleAdapt MediaHub Mini TA-3350 Installation Manual preview
MediaHub Mini TA-3350
Brand: TeleAdapt Pages: 23
Kramer VS-808TP User Manual preview
VS-808TP
Brand: Kramer Pages: 35
C&C TECHNIC AVlink VAX-8404F User Manual preview
AVlink VAX-8404F
Brand: C&C TECHNIC Pages: 2
UNIARCH SW-2106-P User Manual preview
SW-2106-P
Brand: UNIARCH Pages: 6
Belkin OMNICUBE F1DK102P Quick Installation Manual preview
OMNICUBE F1DK102P
Brand: Belkin Pages: 21
Primewire 302523/20191008SZ114 User Manual preview
302523/20191008SZ114
Brand: Primewire Pages: 12
ENSIM SENSORS DX-ELB 11 Operating Manual preview
DX-ELB 11
Brand: ENSIM SENSORS Pages: 15
Clever Little Box ZSU-5A User Instructions preview
ZSU-5A
Brand: Clever Little Box Pages: 12
VNS S901 Quick User Manual preview
S901
Brand: VNS Pages: 8

Brands by name

Popular brands

Load more brands