manualshive.com logo in svg

HP 3100 Series, Configuration Manual

The Philips 3100 Series product offers innovation and convenience with its advanced features. Access the comprehensive User Manual, containing detailed instructions and helpful tips, for free download on our website. Elevate your experience and unlock the full potential of your Philips 3100 Series by referring to the manual available at manualshive.com.

Share
Download
background image

 

20 

To improve port security, you can bind specific user devices to the port by manually adding MAC 
address entries to the MAC address table of the switch.  

Types of MAC address table entries 

A MAC address table can contain the following types of entries: 

 Static 

entries

—Static entries are manually added in order to forward frames with specific 

destination MAC addresses out of their associated ports and never age out. 

 Dynamic 

entries

—Dynamic entries can be manually added or dynamically learned in order to 

forward frames with specific destination MAC addresses out of their associated ports and might 
age out. 

 Blackhole 

entries

—Blackhole entries are manually configured and never age out. Blackhole 

entries are configured for filtering out frames with specific destination MAC addresses. For 
example, to block all packets destined for a specific user for security concerns, you can 
configure the MAC address of this user as a blackhole MAC address entry. 

A static or blackhole MAC address entry can overwrite a dynamic MAC address entry, but not vice 
versa. 

To adapt to network changes and prevent inactive entries from occupying table space, an aging 
mechanism is adopted for dynamic MAC address entries. Each time a dynamic MAC address entry 
is obtained or created, an aging time starts. If the entry has not updated when the aging timer expires, 
the device deletes the entry. If the entry has updated before the aging timer expires, the aging timer 
restarts.  

MAC address table-based frame forwarding 

When forwarding a frame, the device adopts the following forwarding modes based on the MAC 
address table: 

 Unicast 

mode

—If an entry is available for the destination MAC address, the device forwards 

the frame out of the outgoing interface indicated by the MAC address table entry. 

 Broadcast 

mode

—If the device receives a frame with the destination address as all-ones, or 

no entry is available for the destination MAC address, the device broadcasts the frame to all the 
interfaces except the receiving interface. 

Configuring static, dynamic, and blackhole MAC 
address table entries 

To prevent MAC address spoofing attacks and improve port security, you can manually add MAC 
address table entries to bind ports with MAC addresses. You can also configure blackhole MAC 
address entries to filter out packets with certain destination MAC addresses.  

Configuring a static or dynamic MAC address table entry in 
system view 

 

Step Command 

Remarks 

1. 

Enter system view. 

system-view 

N/A 

Summary of Contents for 3100 Series

Page 1: ...HPE 3100 v2 Switch Series Layer 2 LAN Switching Configuration Guide Part number 5998 5991s Software version Release 5213 and Release 5213P02 Document version 6W101 20160506 ...

Page 2: ...nd 12 212 Commercial Computer Software Computer Software Documentation and Technical Data for Commercial Items are licensed to the U S Government under vendor s standard commercial license Links to third party websites take you outside the Hewlett Packard Enterprise website Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise ...

Page 3: ...he cable connection of an Ethernet interface 12 Configuring storm control on an Ethernet interface 12 Configuration restrictions and guidelines 13 Configuration procedure 13 Displaying and maintaining an Ethernet interface 14 Configuring loopback and null interfaces 15 Configuring a loopback interface 15 Introduction to the loopback interface 15 Configuration procedure 15 Configuring a null interf...

Page 4: ... group 35 Configuration guidelines 35 Configuring a static aggregation group 36 Configuring a dynamic aggregation group 37 Configuring an aggregate interface 38 Configuring the description of an aggregate interface 38 Enabling link state traps for an aggregate interface 38 Limiting the number of Selected ports for an aggregation group 38 Shutting down an aggregate interface 39 Restoring the defaul...

Page 5: ...edure 72 Configuring path costs of ports 72 Specifying a standard for the device to use when it calculates the default path cost 72 Configuring path costs of ports 74 Configuration example 74 Configuring the port priority 75 Configuring the port link type 75 Configuration restrictions and guidelines 75 Configuration procedure 76 Configuring the mode a port uses to recognize send MSTP packets 76 En...

Page 6: ...Introduction to port based VLAN 107 Assigning an access port to a VLAN 109 Assigning a trunk port to a VLAN 110 Assigning a hybrid port to a VLAN 111 Port based VLAN configuration example 112 Configuring MAC based VLANs 114 Introduction to MAC based VLAN 114 Configuration restrictions and guidelines 114 Configuration procedure 115 MAC based VLAN configuration example 116 Configuring protocol based...

Page 7: ...aintaining GVRP 143 GVRP configuration examples 144 GVRP normal registration mode configuration example 144 GVRP fixed registration mode configuration example 145 GVRP forbidden registration mode configuration example 147 Configuring QinQ 149 Overview 149 Background and benefits 149 How QinQ works 149 QinQ frame structure 150 Implementations of QinQ 151 Modifying the TPID in a VLAN tag 151 Protoco...

Page 8: ... LLDP reinitialization delay 182 Enabling LLDP polling 182 Configuring the advertisable TLVs 182 Configuring the management address and its encoding format 183 Setting other LLDP parameters 183 Setting an encapsulation format for LLDP frames 184 Configuring CDP compatibility available only on the HPE 3100 v2 EI 185 Configuration prerequisites 186 Configuration procedure 186 Configuring LLDP trappi...

Page 9: ... and icons 209 Conventions 209 Network topology icons 210 Support and other resources 211 Accessing Hewlett Packard Enterprise Support 211 Accessing updates 211 Websites 212 Customer self repair 212 Remote support 212 Documentation feedback 212 Index 214 ...

Page 10: ...e following tasks For the number of combo interfaces that an HPE 3100 v2 switch provides see the installation guide Use the display interface command to determine which port fiber or copper of the combo interface is active If the current port is the copper port the output will include Media type is twisted pair Port hardware type is 1000_BASE_T If the current port is the fiber port the output will...

Page 11: ...ace name Interface For example Ethernet1 0 1 Interface 4 Set the duplex mode of the interface duplex auto full half Optional By default the duplex mode is auto for Ethernet interfaces The half keyword is not applicable to Ethernet copper ports that are configured with a 1000 Mbps port speed and fiber ports 5 Set the port speed speed 10 100 1000 auto Optional By default an Ethernet interface automa...

Page 12: ... You can narrow down the speed option list for negotiation Figure 1 Speed auto negotiation application scenario As shown in Figure 1 all ports on Switch A are operating in speed auto negotiation mode with the highest speed of 100 Mbps If the transmission rate of each server in the server cluster is 100 Mbps their total transmission rate will exceed the capability of port Ethernet 1 0 4 the port pr...

Page 13: ...Port B forward packets at the rate of 1000 Mbps Port C is congested To avoid packet loss enable flow control on Port A and Port B Figure 2 Flow control on ports Configure flow control in TxRx mode on Port B and flow control in Rx mode on Port A When congestion occurs on Port C Switch B buffers frames When the amount of buffered frames exceeds a certain value Switch B sends a common Pause frame out...

Page 14: ...o shutdown command the interface reports the event to the upper layers immediately Link down event suppression enables an interface to suppress link down events and start a delay timer each time the physical link goes down During this delay the interface does not report the link down event and the display interface brief or display interface command displays the interface state as UP If the physic...

Page 15: ...rnal loopback testing on an Ethernet interface connect a loopback plug to the Ethernet interface The switch sends test packets out of the interface which are expected to loop over the plug and back to the interface If the interface fails to receive any test packet the hardware of the interface is faulty An Ethernet interface in a loopback test does not forward data traffic Configuration restrictio...

Page 16: ...e interfaces on your switch might use the same set of settings To configure these interfaces in bulk rather than one by one you can assign them to a port group You create port groups manually All settings made for a port group apply to all the member ports of the group Even though the settings are made on the port group they are saved on each interface basis rather than on a port group basis You c...

Page 17: ...er Ethernet interface view To configure storm suppression on a group of Ethernet interfaces enter port group view 3 Set the broadcast suppression threshold ratio broadcast suppression ratio kbps max kbps Optional By default all broadcast traffic is allowed to pass through 4 Set the multicast suppression threshold ratio multicast suppression ratio kbps max kbps Optional By default all multicast tra...

Page 18: ...k occurs when a switch receives a packet that it sent and the receiving interface is the same as the sending interface as shown in Figure 3 Multi port loopback A multi port loopback occurs when a switch receives a packet that it sent but the receiving interface might not be the sending interface as shown in Figure 4 Figure 3 Single port loopback Figure 4 Multi port loopback You can enable loopback...

Page 19: ...he function both globally and on the interface When you enable multi port loopback detection on a switch both single port and multi port loops can be detected To disable loopback detection on all interfaces run the undo loopback detection enable command in system view To enable a hybrid or trunk port to take the administratively specified protective action you must use the loopback detection contr...

Page 20: ...es not receive or send packets the system generates traps and log messages and deletes all MAC address entries of the looped interface With the shutdown keyword specified the switch shuts down the looped ports and set their physical state to Loop down When a looped port recovers you must use the undo shutdown command to restore its forwarding capability Setting the MDI mode of an Ethernet interfac...

Page 21: ...T Fiber ports do not support this feature If the link of an Ethernet port is up testing its cable connection will cause the link to come down and then go up You can test the cable connection of an Ethernet interface for a short or open circuit The switch displays cable test results within five seconds If any fault is detected the test results include the length of the faulty cable segment To test ...

Page 22: ...uidelines For network stability use the default or set a higher traffic polling interval Storm control uses a complete polling cycle to collect traffic data and analyzes the data in the next cycle It takes a port at least one polling interval and at most two polling intervals to take a storm control action The storm control function allows you to set the upper and lower thresholds for all three ty...

Page 23: ...terface interface type begin exclude include regular expression Available in any view Display traffic rate statistics over the last sampling interval display counters rate inbound outbound interface interface type begin exclude include regular expression Available in any view Display information about a manual port group or all manual port groups display port group manual all name port group name ...

Page 24: ... identifications When you configure a rule on an authentication or security server to permit or deny packets generated by a device you can simplify the rule by configuring it to permit or deny packets that carry the loopback interface address identifying the device When you use a loopback interface address as the source address of IP packets be sure to perform any necessary routing configuration t...

Page 25: ... 255 0 0 null 0 command which configures a static route that leads to null interface 0 you can have all the packets destined to the network segment 92 101 0 0 16 discarded Only one null interface Null 0 is supported on your switch You cannot remove or create a null interface Configuration procedure Step Command Remarks 1 Enter system view system view N A 2 Enter null interface view interface null ...

Page 26: ...clude regular expression display interface null 0 brief description begin exclude include regular expression Available in any view Clear the statistics on a loopback interface reset counters interface loopback 0 Available in user view Clear the statistics on the null interface reset counters interface null 0 Available in user view ...

Page 27: ...Some commands after being executed on both an aggregate interface and its member interfaces can break up the aggregation No limit is set on the maximum number of interfaces in an interface range The more interfaces in an interface range the longer the command execution time Configuration procedure To bulk configure interfaces Step Command Remarks 1 Enter system view system view N A 2 Enter interfa...

Page 28: ...1 AGING 1 mac address es found How a MAC address table entry is created The switch automatically obtains entries in the MAC address table or you can add them manually MAC address learning The device can automatically populate its MAC address table by obtaining the source MAC addresses called MAC address learning of incoming frames on each port When a frame arrives at a port Port A for example the ...

Page 29: ...able space an aging mechanism is adopted for dynamic MAC address entries Each time a dynamic MAC address entry is obtained or created an aging time starts If the entry has not updated when the aging timer expires the device deletes the entry If the entry has updated before the aging timer expires the aging timer restarts MAC address table based frame forwarding When forwarding a frame the device a...

Page 30: ...have created the VLAN and assigned the interface to the VLAN Configuring a blackhole MAC address entry Step Command Remarks 1 Enter system view system view N A 2 Add or modify a blackhole MAC address entry mac address blackhole mac address vlan vlan id By default no MAC address entry is configured Make sure that you have created the VLAN Disabling MAC address learning Sometimes you might need to d...

Page 31: ...N Step Command Remarks 1 Enter system view system view N A 2 Enter VLAN view vlan vlan id N A 3 Disable MAC address learning on the VLAN mac address mac learning disable Enabled by default Configuring the aging timer for dynamic MAC address entries The MAC address table uses an aging timer for dynamic MAC address entries for security and efficient use of table space If a dynamic MAC address entry ...

Page 32: ...l member ports in the port group 3 Configure the MAC learning limit on the interface or port group mac address max mac count count No MAC learning limit is configured by default Layer 2 aggregate interfaces do not support this command NOTE Do not configure the MAC learning limit on any member ports of an aggregation group Otherwise the member ports cannot be selected Enabling MAC address migration...

Page 33: ...ression Available in any view Display the system or interface MAC address learning state display mac address mac learning interface type interface number begin exclude include regular expression Available in any view Display MAC address statistics display mac address statistics begin exclude include regular expression Available in any view MAC address table configuration example Network requiremen...

Page 34: ...ing 500 Display the MAC address entry for port Ethernet 1 0 1 Sysname display mac address interface ethernet 1 0 1 MAC ADDR VLAN ID STATE PORT INDEX AGING TIME s 000f e235 dc71 1 Config static Ethernet 1 0 1 NOAGED 1 mac address es found Display information about the blackhole MAC address table Sysname display mac address blackhole MAC ADDR VLAN ID STATE PORT INDEX AGING TIME s 000f e235 abcd 1 Bl...

Page 35: ...end The device writes information and sends messages only for the following MAC addresses automatically learned source MAC addresses MAC addresses that pass MAC authentication MAC addresses that pass 802 1X authentication MAC addresses matching OUI addresses in the voice VLAN feature and secure MAC addresses The device does not write information or send messages for blackhole MAC address static MA...

Page 36: ...ing Syslog or trap messages mac address information interval interval time Optional One second by default Configuring the MAC Information queue length If the MAC Information queue length is 0 the device sends a Syslog or trap message immediately after learning or deleting a MAC address If it is not 0 the device stores MAC address changes in the queue When the timer set for sending Syslog or trap m...

Page 37: ...ide 2 Enable MAC Information Enable MAC Information on Device Device system view Device mac address information enable Configure MAC Information mode as Syslog Device mac address information mode syslog Enable MAC Information on Ethernet 1 0 1 Device interface ethernet 1 0 1 Device Ethernet1 0 1 mac address information enable added Device Ethernet1 0 1 mac address information enable deleted Device...

Page 38: ... link aggregation service a link aggregation group appears to be a single logical link and data traffic is transmitted through the aggregate interface The rate of an aggregate interface equals the total rate of its member ports in the Selected state and its duplex mode is the same as the selected member ports For more information about the states of member ports in an aggregation group see Aggrega...

Page 39: ...nge a class two configuration setting on a member port Class one configurations Include settings that do not affect the aggregation state of the member port even if they are different from those on the aggregate interface GVRP and MSTP settings are examples of class one configurations The class one configuration for a member port is effective only when the member port leaves the aggregation group ...

Page 40: ...l the member port assumes that the peer port has failed You can configure the LACP timeout interval as either the short timeout interval 1 second or the long timeout interval 30 seconds Link aggregation modes Link aggregation has the following modes dynamic and static Dynamic link aggregation uses LACP and static link aggregation does not Table 5 compares the two aggregation modes Table 5 A compar...

Page 41: ...t aggregation priority value Full duplex high speed Full duplex low speed Half duplex high speed Half duplex low speed The one at the top is chosen as the reference port If two ports have the same aggregation priority duplex mode and speed the one with the lower port number is chosen Setting the aggregation state of each member port After selecting the reference port the static aggregation group s...

Page 42: ...r system ID chooses the port with the smallest port ID as the reference port A port ID contains a port aggregation priority and a port number The port with the lower aggregation priority value is chosen If two ports have the same aggregation priority the system compares their port numbers The port with the smaller port number is chosen Setting the aggregation state of each member port After the re...

Page 43: ...s exist in the group When the aggregation state of a member port changes the aggregation state of its peer port also changes After the Selected port limit has been reached a port assigned to the dynamic aggregation group is placed in Selected state if it is more eligible for being selected than a current member port The port assigned to the dynamic aggregation group after the Selected port limit h...

Page 44: ...t link aggregation configuration task list Task Remarks Configuring an aggregation group Configuring a static aggregation group Select either task Configuring a dynamic aggregation group Configuring an aggregate interface Configuring the description of an aggregate interface Optional Enabling link state traps for an aggregate interface Optional Limiting the number of Selected ports for an aggregat...

Page 45: ...t the ports at both ends of each link are in the same aggregation state Configuring a Layer 2 static aggregation group Step Command Remarks 1 Enter system view system view N A 2 Create a Layer 2 aggregate interface and enter Layer 2 aggregate interface view interface bridge aggregation interface number When you create a Layer 2 aggregate interface the system automatically creates a Layer 2 static ...

Page 46: ...gregation group numbered the same 4 Configure the aggregation group to operate in dynamic aggregation mode link aggregation mode dynamic By default an aggregation group operates in static aggregation mode 5 Exit to system view quit N A 6 Assign an Ethernet interface to the aggregation group a Enter Layer 2 Ethernet interface view interface interface type interface number b Assign the Ethernet inte...

Page 47: ... its link goes up and linkDown trap messages when its link goes down For more information see Network Management and Monitoring Configuration Guide To enable link state traps on an aggregate interface Step Command Remarks 1 Enter system view system view N A 2 Enable the trap function globally snmp agent trap enable standard linkdown linkup Optional By default link state trapping is enabled globall...

Page 48: ...n group Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 aggregate interface view interface bridge aggregation interface number N A 3 Set the minimum number of Selected ports for the aggregation group link aggregation selected port minimum number Not specified by default Shutting down an aggregate interface Shutting down or bringing up an aggregate interface affects the agg...

Page 49: ...s Broadcast packets and multicast packets always use the default load sharing criteria Configuring the global link aggregation load sharing criteria Step Command Remarks 1 Enter system view system view N A 2 Configure the global link aggregatio n load sharing criteria link aggregation load sharing mode destination ip destination mac source ip source mac By default the system selects the global loa...

Page 50: ...ression Available in any view Clear LACP statistics for the specified link aggregation member ports reset lacp statistics interface interface list Available in user view Clear statistics for the specified aggregate interfaces reset counters interface bridge aggregation interface number Available in user view Ethernet link aggregation configuration examples In an aggregation group only ports that h...

Page 51: ...3 to link aggregation group 1 DeviceA interface ethernet 1 0 1 DeviceA Ethernet1 0 1 port link aggregation group 1 DeviceA Ethernet1 0 1 quit DeviceA interface ethernet 1 0 2 DeviceA Ethernet1 0 2 port link aggregation group 1 DeviceA Ethernet1 0 2 quit DeviceA interface ethernet 1 0 3 DeviceA Ethernet1 0 3 port link aggregation group 1 DeviceA Ethernet1 0 3 quit Configure Layer 2 aggregate interf...

Page 52: ...d shared Layer 2 static aggregation group and it contains three Selected ports Display the global link aggregation load sharing criteria on Device A DeviceA display link aggregation load sharing mode Link Aggregation Load Sharing Mode destination mac address source mac address The output shows that all link aggregation groups created on the device perform load sharing based on source and destinati...

Page 53: ...thernet 1 0 1 through Ethernet 1 0 3 to link aggregation group 1 one at a time DeviceA interface ethernet 1 0 1 DeviceA Ethernet1 0 1 port link aggregation group 1 DeviceA Ethernet1 0 1 quit DeviceA interface ethernet 1 0 2 DeviceA Ethernet1 0 2 port link aggregation group 1 DeviceA Ethernet1 0 2 quit DeviceA interface ethernet 1 0 3 DeviceA Ethernet1 0 3 port link aggregation group 1 DeviceA Ethe...

Page 54: ...Aggregation Mode S Static D Dynamic Loadsharing Type Shar Loadsharing NonS Non Loadsharing Actor System ID 0x8000 000f e2ff 0001 AGG AGG Partner ID Select Unselect Share Interface Mode Ports Ports Type BAGG1 D 0x8000 000f e2ff 0002 3 0 Shar The output shows that link aggregation group 1 is a load shared Layer 2 dynamic aggregation group and it contains three Selected ports Display the global link ...

Page 55: ...erface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number Enter port group view port group manual port group name Use one of the commands In Ethernet interface view the subsequent configurations apply to the current port In Layer 2 aggregate interface view the subsequent configurations apply to the Layer 2 aggregate interface and all its memb...

Page 56: ...erface ethernet 1 0 1 Device Ethernet1 0 1 port isolate enable Device Ethernet1 0 1 quit Device interface ethernet 1 0 2 Device Ethernet1 0 2 port isolate enable Device Ethernet1 0 2 quit Device interface ethernet 1 0 3 Device Ethernet1 0 3 port isolate enable Display information about the isolation group Device display port isolate group Port isolate group information Uplink port support NO Group...

Page 57: ...ls derived from that protocol STP protocol packets STP uses bridge protocol data units BPDUs also known as configuration messages as its protocol packets STP enabled network devices exchange BPDUs to establish a spanning tree BPDUs contain sufficient information for the network devices to complete spanning tree calculation STP uses the following types of BPDUs Configuration BPDUs Used by network d...

Page 58: ...ports Classification Designated bridge Designated port For a device Device directly connected with the local device and responsible for forwarding BPDUs to the local device Port through which the designated bridge forwards BPDUs to this device For a LAN Device responsible for forwarding BPDUs to this LAN segment Port through which the designated bridge forwards BPDUs to this LAN segment As shown i...

Page 59: ... is replaced with the ID of this device The designated port ID is replaced with the ID of this port 3 The device compares the calculated configuration BPDU with the configuration BPDU on the port whose port role will be defined and acts depending on the result of the comparison If the calculated configuration BPDU is superior the device considers this port as the designated port replaces the confi...

Page 60: ...algorithm works This example shows a simplified spanning tree calculation process Figure 14 The STP algorithm As shown in Figure 14 the priority values of Device A Device B and Device C are 0 1 and 2 and the path costs of links among the three devices are 5 10 and 4 respectively 4 Initial state of each device Table 10 Initial state of each device Device Port name Configuration BPDU on the port Dev...

Page 61: ...0 0 Port A1 finds that the received configuration BPDU is superior to its existing configuration BPDU 1 0 1 Port B1 and updates its configuration BPDU Port B2 receives the configuration BPDU of Port C2 2 0 2 Port C2 finds that its existing configuration BPDU 1 0 1 Port B2 is superior to the received configuration BPDU and discards the received one Port B1 0 0 0 Port A1 Port B2 1 0 1 Port B2 Device...

Page 62: ...ting configuration BPDU 0 10 2 Port C2 and updates its configuration BPDU Port C1 receives a periodic configuration BPDU 0 0 0 Port A2 from Port A2 finds that it is the same as the existing configuration BPDU and discards the received one Port C1 0 0 0 Port A2 Port C2 0 5 1 Port B2 Device C finds that the root path cost of Port C1 10 root path cost of the received configuration BPDU 0 plus path co...

Page 63: ...newly calculated configuration BPDU cannot be propagated throughout the network immediately so the old root ports and designated ports that have not detected the topology change continue forwarding data along the old path If the new root ports and designated ports begin to forward data as soon as they are elected a temporary loop might occur STP timers The most important timing parameters in STP c...

Page 64: ...brid ports according to the status of permitted VLANs except VLAN 1 MSTP STP RSTP and PVST limitations STP does not support rapid state transition of ports A newly elected port must wait twice the forward delay time before it transits to the forwarding state even if it connects to a point to point link or is an edge port Although RSTP supports rapid network convergence it has the same drawback as ...

Page 65: ...ncepts Figure 16 shows a switched network that comprises four MST regions each MST region comprising four MSTP devices Figure 17 shows the networking topology of MST region 3 Figure 16 Basic concepts in MSTP MST region 1 MST region 2 MST region 3 MST region 4 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Other VLANs MSTI 0...

Page 66: ...Each spanning tree is referred to as a multiple spanning tree instance MSTI In Figure 17 MST region 3 comprises three MSTIs MSTI 1 MSTI 2 and MSTI 0 VLAN to instance mapping table As an attribute of an MST region the VLAN to instance mapping table describes the mapping relationships between VLANs and MSTIs In Figure 17 the VLAN to instance mapping table of MST region 3 is VLAN 1 to MSTI 1 VLAN 2 a...

Page 67: ...nt regional roots For example in MST region 3 in Figure 17 the regional root of MSTI 1 is Device B the regional root of MSTI 2 is Device C and the regional root of MSTI 0 also known as the IST is Device A Common root bridge The common root bridge is the root bridge of the CIST In Figure 16 for example the common root bridge is a device in MST region 1 Port roles A port can play different roles in ...

Page 68: ...region or to an STP RSTP running device In MSTP calculation a boundary port s role on an MSTI is consistent with its role on the CIST But that is not true with master ports A master port on MSTIs is a root port on the CIST Port states In MSTP a port can be in one of the following states Forwarding The port receives and sends BPDUs obtains MAC addresses and forwards user traffic Learning The port r...

Page 69: ... different MSTIs for different VLANs based on the VLAN to instance mappings For each spanning tree MSTP performs a separate calculation process similar to spanning tree calculation in STP For more information see Calculation process of the STP algorithm In MSTP a VLAN packet is forwarded along the following paths Within an MST region the packet is forwarded along the corresponding MSTI Between two...

Page 70: ...ly after the port is removed from the aggregation group After you enable a spanning tree protocol on a Layer 2 aggregate interface the system performs spanning tree calculation on the Layer 2 aggregate interface but not on the aggregation member ports The spanning tree protocol enable state and forwarding state of each selected member port is consistent with those of the corresponding Layer 2 aggr...

Page 71: ... Configuring the device priority Optional Configuring the network diameter of a switched network Optional Configuring spanning tree timers Optional Configuring the timeout factor Optional Configuring the maximum port rate Optional Configuring edge ports Optional Configuring the port link type Optional Enabling outputting port state transition information Optional Enabling the spanning tree feature...

Page 72: ...ing the maximum port rate Optional Configuring edge ports Optional Configuring the port link type Optional Enabling outputting port state transition information Optional Enabling the spanning tree feature Required Configuring the leaf nodes Setting the spanning tree mode Required Configure the device to operate in PVST mode Configuring the device priority Optional Configuring the timeout factor Op...

Page 73: ... Configuring the port link type Optional Configuring the mode a port uses to recognize send MSTP packets Optional Enabling outputting port state transition information Optional Enabling the spanning tree feature Required Configuri ng the leaf nodes Setting the spanning tree mode Optional By default the device operates in MSTP mode Configuring an MST region Required Configuring the device priority ...

Page 74: ...panning tree for each VLAN The number of VLANs that PVST can maintain instances for depends on the switch model Suppose the number is n which is 16 on the HPE 3100 v2 When you configure PVST on devices of different models in a network to avoid network failures make sure that the number of VLANs for which PVST maintains instances does not exceed the lowest n The MSTP mode is compatible with the RST...

Page 75: ...Step Command Remarks 1 Enter system view system view N A 2 Enter MST region view stp region configuration N A 3 Configure the MST region name region name name Optional The MST region name is the MAC address by default 4 Configure the VLAN to instance mapping table instance instance id vlan vlan list vlan mapping modulo modulo Optional Use either command All VLANs in an MST region are mapped to the...

Page 76: ...settings Once you specify a device as the root bridge or a secondary root bridge you cannot change its priority You can configure the current device as the root bridge by setting the device priority to 0 For the device priority configuration see Configuring the device priority Configuring the current device as the root bridge of a specific spanning tree To configure the current device as the root ...

Page 77: ...an list priority priority In MSTP mode stp instance instance id priority priority Use one of the commands The default setting is 32768 Configuring the maximum hops of an MST region By setting the maximum hops of an MST region you can restrict the region size The maximum hops configured on the regional root bridge will be used as the maximum hops of the MST region Configuration BPDUs sent by the re...

Page 78: ...ee calculation Forward delay It is the delay time for port state transition To prevent temporary loops on a network the spanning tree sets an intermediate port state the learning state before it transitions from the discarding state to the forwarding state and requires that the port transitions its state after a forward delay timer to make sure that the state transition of the local port keeps syn...

Page 79: ...k resources Hewlett Packard Enterprise recommends you to use the default setting If the max age timer is too short the device will frequently begin spanning tree calculation and might mistake network congestion as a link failure If the max age timer is too long the device might fail to quickly detect link failures and begin spanning tree calculations reducing the auto sensing capability of the net...

Page 80: ...ture The higher the maximum port rate is the more BPDUs will be sent within each hello time and the more system resources will be used By setting an appropriate maximum port rate you can limit the rate at which the port sends BPDUs and prevent spanning tree protocols from using excessive network resources when the network becomes unstable Hewlett Packard Enterprise recommends you to use the defaul...

Page 81: ...rts are non edge ports by default Configuring path costs of ports Path cost is a parameter related to the rate of a port On a spanning tree device a port can have different path costs in different MSTIs Setting appropriate path costs allows VLAN traffic flows to be forwarded along different physical links achieving VLAN based load balancing You can have the device automatically calculate the defau...

Page 82: ... containing 3 Selected ports 66 666 160 Aggregate interface containing 4 Selected ports 50 000 140 1000 Mbps Single port 4 20 000 20 Aggregate interface containing 2 Selected ports 10 000 18 Aggregate interface containing 3 Selected ports 6666 16 Aggregate interface containing 4 Selected ports 5000 14 10 Gbps Single port 2 2000 2 Aggregate interface containing 2 Selected ports 1000 1 Aggregate int...

Page 83: ...d 1998 dot1t legacy Optional legacy by default Configuring path costs of ports When the path cost of a port changes the system re calculates the role of the port and initiates a state transition To configure the path cost of ports Step Command Remarks 1 Enter system view system view N A 2 Enter interface view or port group view Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface v...

Page 84: ... group of ports Step Command Remarks 1 Enter system view system view N A 2 Enter interface view or port group view Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number Enter port group view port group manual port group name Use one of the commands 3 Configure the port priority In STP RSTP mode stp port priority priority In PVST mode st...

Page 85: ...d determines the format of packets that it will send based on the recognized format You can configure the MSTP packet format on a port When operating in MSTP mode after the configuration the port sends and receives only MSTP packets of the format that you have configured to communicate with devices that send packets of the same format MSTP provides MSTP packet format incompatibility guard In MSTP ...

Page 86: ...ort log instance 0 In PVST mode stp port log vlan vlan list In MSTP mode stp port log instance instance id all Use one of the commands Enabled by default Enabling the spanning tree feature You must enable the spanning tree feature for the device before any other spanning tree related configurations can take effect Configuration restrictions and guidelines You can disable the spanning tree feature ...

Page 87: ...nning tree feature is enabled for all ports Enabling the spanning tree feature in PVST mode In PVST mode make sure that the spanning tree feature is enabled globally and on the desired VLANs and ports To enable the spanning tree feature in PVST mode Step Command Remarks 1 Enter system view system view N A 2 Globally enable the spanning tree feature stp enable By default the spanning tree feature i...

Page 88: ...llowing methods for performing mCheck produce the same result Performing mCheck globally Step Command 1 Enter system view system view 2 Perform mCheck stp mcheck Performing mCheck in interface view Step Command 1 Enter system view system view 2 Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number 3 Perform mCheck stp mcheck NOTE An mCh...

Page 89: ...d ports first and then globally To prevent loops do not enable Digest Snooping on MST region edge ports Hewlett Packard Enterprise recommends you to enable Digest Snooping first and then the spanning tree feature To avoid causing traffic interruption do not configure Digest Snooping when the network is already working well Configuration procedure You can enable Digest Snooping only on the HPE devi...

Page 90: ...thernet1 0 1 stp config digest snooping DeviceB Ethernet1 0 1 quit DeviceB stp config digest snooping Configuring No Agreement Check In RSTP and MSTP the following types of messages are used for rapid state transition on designated ports Proposal Sent by designated ports to request rapid transition Agreement Used to acknowledge rapid transition requests Both RSTP and MSTP devices can perform rapid...

Page 91: ...of the upstream device fails to transit rapidly and can only change to the forwarding state after a period twice the Forward Delay You can enable the No Agreement Check feature on the downstream device s port to enable the designated port of the upstream device to transit its state rapidly Configuration prerequisites Before you configure the No Agreement Check function complete the following tasks...

Page 92: ...implementation Both devices are in the same region The third party device Device B is the regional root bridge and Device A is the downstream device Figure 22 Network diagram Configuration procedure Enable No Agreement Check on Ethernet 1 0 1 of Device A DeviceA system view DeviceA interface ethernet 1 0 1 DeviceA Ethernet1 0 1 stp no agreement check Configuring TC snooping Figure 23 shows a topol...

Page 93: ... Layer 3 IP Services Configuration Guide Configuration restrictions and guidelines TC snooping and STP are mutually exclusive You must globally disable the spanning tree feature before enable TC snooping TC snooping does not take effect on the ports on which BPDU tunneling is enabled for spanning tree protocols For more information about BPDU tunneling see Configuring BPDU tunneling TC snooping do...

Page 94: ...spanning tree protocol The device will reactivate the closed ports after a detection interval For more information about this detection interval see Fundamentals Configuration Guide Configuration restrictions and guidelines Configure BPDU guard on a device with edge ports configured You must enable BPDU guard on a port that directly connects to a user terminal rather than another device or shared ...

Page 95: ... a higher priority Another device will supersede the current legal root bridge causing an undesired change of the network topology The traffic that should go over high speed links is switched to low speed links resulting in network congestion To prevent this situation MSTP provides the root guard function If the root guard function is enabled on a port of a root bridge this port plays the role of ...

Page 96: ...w or Layer 2 aggregate interface view interface interface type interface number Enter port group view port group manual port group name Use either command 3 Enable the loop guard function for the ports stp loop protection Disabled by default NOTE Do not enable loop guard on a port that connects user terminals Otherwise the port will stay in the discarding state in all MSTIs because it cannot recei...

Page 97: ...rop on an Ethernet interface Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view interface interface type interface number N A 3 Enable BPDU drop on the current interface bpdu drop any Disabled by default NOTE Because a port with BPDU drop enabled also drops the received 802 1X packets do not enable BPDU drop and 802 1X on a port at the same time For mo...

Page 98: ...mand Remarks Display information about ports blocked by spanning tree protection functions display stp abnormal port begin exclude include regular expression Available in any view Display BPDU statistics on ports display stp bpdu statistics interface interface type interface number instance instance id begin exclude include regular expression Available in any view Display information about ports s...

Page 99: ...ayer Configure MSTP so that packets of different VLANs are forwarded along different spanning trees Packets of VLAN 10 are forwarded along MSTI 1 those of VLAN 30 are forwarded along MSTI 3 those of VLAN 40 are forwarded along MSTI 4 and those of VLAN 20 are forwarded along MSTI 0 VLAN 10 and VLAN 30 are terminated on the distribution layer devices and VLAN 40 is terminated on the access layer dev...

Page 100: ...respectively and configure the revision level of the MST region as 0 DeviceB system view DeviceB stp region configuration DeviceB mst region region name example DeviceB mst region instance 1 vlan 10 DeviceB mst region instance 3 vlan 30 DeviceB mst region instance 4 vlan 40 DeviceB mst region revision level 0 Activate MST region configuration DeviceB mst region active region configuration DeviceB ...

Page 101: ...igurations In this example suppose that Device B has the lowest root bridge ID As a result Device B is elected as the root bridge in MSTI 0 You can use the display stp brief command to display brief spanning tree information on each device after the network is stable Display brief spanning tree information on Device A DeviceA display stp brief MSTID Port Role STP State Protection 0 Ethernet1 0 1 A...

Page 102: ...1 0 3 ALTE DISCARDING NONE 3 Ethernet1 0 1 ROOT FORWARDING NONE 3 Ethernet1 0 2 ALTE DISCARDING NONE 4 Ethernet1 0 3 ROOT FORWARDING NONE Based on the output you can draw the MSTI mapped to each VLAN as shown in Figure 25 Figure 25 MSTIs mapped to different VLANs PVST configuration example Network requirements As shown in Figure 26 Device A and Device B work at the distribution layer Device C and ...

Page 103: ...ated VLANs 2 Configure Device A Set the spanning tree mode to PVST DeviceA system view DeviceA stp mode pvst Specify the device as the root bridge of VLAN 10 and VLAN 20 DeviceA stp vlan 10 20 root primary Enable the spanning tree feature globally and for VLANs 10 20 and 30 DeviceA stp enable DeviceA stp vlan 10 20 30 enable 3 Configure Device B Set the spanning tree mode to PVST DeviceB system vi...

Page 104: ...0 3 DESI FORWARDING NONE 30 Ethernet1 0 2 DESI FORWARDING NONE 30 Ethernet1 0 3 ROOT FORWARDING NONE Display brief spanning tree information on Device B DeviceB display stp brief VLAN Port Role STP State Protection 10 Ethernet1 0 2 DESI FORWARDING NONE 10 Ethernet1 0 3 ROOT FORWARDING NONE 20 Ethernet1 0 1 DESI FORWARDING NONE 20 Ethernet1 0 2 DESI FORWARDING NONE 20 Ethernet1 0 3 ROOT FORWARDING ...

Page 105: ...rnet1 0 1 ROOT FORWARDING NONE 30 Ethernet1 0 2 ALTE DISCARDING NONE 40 Ethernet1 0 3 ROOT FORWARDING NONE Based on the output you can draw the spanning tree mapped to each VLAN as shown in Figure 27 Figure 27 Spanning trees mapped to different VLANs ...

Page 106: ... packet is from the user network or the service provider network and must deliver the packet to the CPU for processing In this case the Layer 2 protocol calculation in User A s network is mixed with that in the service provider network and the user network cannot implement independent Layer 2 protocol calculation Figure 28 BPDU tunneling application scenario BPDU tunneling addresses this problem W...

Page 107: ...culate its independent spanning tree BPDU tunneling allows each network to calculate an independent spanning tree with STP BPDU tunneling delivers the following benefits BPDUs can be transparently transmitted BPDUs of one customer network can be broadcast in a specific VLAN across the service provider network allowing that customer s geographically dispersed networks to implement consistent spanni...

Page 108: ...nable the protocol in the customer network Assign the port on which you want to enable BPDU tunneling on the PE device and the connected port on the CE device to the same VLAN Configure ports that connect network devices in the service provider network as trunk ports that allow packets of any VLAN to pass through Configuration restrictions and guidelines Settings made in Layer 2 Ethernet interface...

Page 109: ...lt Configuring destination multicast MAC address for BPDUs By default the destination multicast MAC address for BPDUs is 0x010F E200 0003 You can change it to 0x0100 0CCD CDD0 0x0100 0CCD CDD1 or 0x0100 0CCD CDD2 To configure destination multicast MAC address for BPDUs Step Command Remarks 1 Enter system view system view N A 2 Configure the destination multicast MAC address for BPDUs bpdu tunnel t...

Page 110: ...0 0CCD CDD0 PE1 system view PE1 bpdu tunnel tunnel dmac 0100 0ccd cdd0 Create VLAN 2 and assign Ethernet 1 0 1 to VLAN 2 PE1 vlan 2 PE1 vlan2 quit PE1 interface ethernet 1 0 1 PE1 Ethernet1 0 1 port access vlan 2 Disable STP on Ethernet 1 0 1 and then enable BPDU tunneling for STP on it PE1 Ethernet1 0 1 undo stp enable PE1 Ethernet1 0 1 bpdu tunnel dot1q stp 2 Configure PE 2 Configure the destina...

Page 111: ... diagram Configuration procedure 1 Configure PE 1 Configure the destination multicast MAC address for BPDUs as 0x0100 0CCD CDD0 PE1 system view PE1 bpdu tunnel tunnel dmac 0100 0ccd cdd0 Configure Ethernet 1 0 1 as a trunk port and assign it to all VLANs PE1 interface ethernet 1 0 1 PE1 Ethernet1 0 1 port link type trunk PE1 Ethernet1 0 1 port trunk permit vlan all Disable STP on Ethernet 1 0 1 an...

Page 112: ...103 Disable STP on Ethernet 1 0 2 and then enable BPDU tunneling for STP and PVST on it PE2 Ethernet1 0 2 undo stp enable PE2 Ethernet1 0 2 bpdu tunnel dot1q stp PE2 Ethernet1 0 2 bpdu tunnel dot1q pvst ...

Page 113: ... and improves network performance 2 Improving LAN security By assigning user groups to different VLANs you can isolate them at Layer 2 To enable communication between VLANs routers or Layer 3 switches are required 3 Creating flexible virtual workgroups Because users from the same workgroup can be assigned to the same VLAN regardless of their physical locations network construction and maintenance ...

Page 114: ...out commands used to modify TPID values see Layer 2 LAN Switching Command Reference Priority The 3 bit priority field indicates the 802 1p priority of the frame CFI The 1 bit CFI field indicates whether the MAC addresses are encapsulated in standard format when packets are transmitted across different media A value of 0 indicates that MAC addresses are encapsulated in standard format A value of 1 ...

Page 115: ...rol VLAN for a smart link group control VLAN for an RRPP domain remote probe VLAN for remote port mirroring remove the configuration from the VLAN first and execute the undo vlan command Configuration procedure To configure basic VLAN settings Step Command Remarks 1 Enter system view system view N A 2 Create a VLAN and enter its view or create VLANs in batch vlan vlan id1 to vlan id2 all Optional ...

Page 116: ...is the VLAN interface name For example Vlan interface1 Interface 5 Set the MTU for the VLAN interface mtu size Optional By default the MTU is 1500 bytes 6 Restore the default settings for the VLAN interface default Optional 7 Cancel the action of manually shutting down the VLAN interface undo shutdown Optional By default a VLAN interface is not manually shut down The VLAN interface is up if one or...

Page 117: ...le VLANs You can configure a PVID for the port You can use a nonexistent VLAN as the PVID for a hybrid or trunk port but not for an access port After you use the undo vlan command to remove the VLAN that an access port resides in the PVID of the port changes to VLAN 1 The removal of the VLAN specified as the PVID of a trunk or hybrid port however does not affect the PVID setting on the port When y...

Page 118: ...sent with the VLAN tag removed or intact depending on your configuration via the port hybrid vlan command This is true of the PVID Assigning an access port to a VLAN You can assign an access port to a VLAN in VLAN view interface view including Layer 2 Ethernet interface view and Layer 2 aggregate interface view or port group view To assign one or multiple access ports to a VLAN in VLAN view Step C...

Page 119: ...ps applying the configuration to aggregation member ports If the system fails to apply the configuration to an aggregation member port it skips the port and moves to the next member port 3 Configure the link type of the ports as access port link type access Optional By default all ports are access ports 4 Assign the access ports to a VLAN port access vlan vlan id Optional By default all access por...

Page 120: ...d moves to the next member port 3 Configure the link type of the ports as trunk port link type trunk By default all ports are access ports To change the link type of a port from trunk to hybrid or vice versa you must set the link type to access first 4 Assign the trunk ports to the specified VLANs port trunk permit vlan vlan list all By default a trunk port carries only VLAN 1 5 Configure the PVID...

Page 121: ...pe to access first 4 Assign the hybrid ports to the specified VLANs port hybrid vlan vlan list tagged untagged By default a hybrid port allows only packets of VLAN 1 to pass through untagged 5 Configure the PVID of the hybrid ports port hybrid pvid vlan vlan id Optional By default the PVID is VLAN 1 NOTE Before you assign a hybrid port to a VLAN create the VLAN After configuring the PVID for a hyb...

Page 122: ...to Device B DeviceA interface ethernet 1 0 3 DeviceA Ethernet1 0 3 port link type trunk DeviceA Ethernet1 0 3 port trunk permit vlan 100 200 Please wait Done 2 Configure Device B as you configure Device A Verifying the configurations 1 Determine whether the configuration is successful by displaying relevant VLAN information Display information about VLANs 100 and 200 on Device A DeviceA Ethernet1 ...

Page 123: ...protocol and forwards the frame c If no VLAN is available the device tags the frame with the PVID of the receiving port and forwards the frame When the port receives a tagged frame the port forwards the frame if the VLAN ID of the frame is permitted by the port or otherwise drops the frame Dynamic MAC based VLAN You can use dynamic MAC based VLAN with access authentication such as 802 1X authentic...

Page 124: ...ermits the packets from VLAN 1 to pass through 6 Enable the MAC based VLAN feature mac vlan enable Disabled by default To configure dynamic MAC based VLAN Step Command Remarks 1 Enter system view system view N A 2 Enter interface view or port group view Enter Layer 2 Ethernet interface view interface interface type interface number Enter port group view port group manual port group name Use either...

Page 125: ...Create VLANs 100 and 200 Configure the uplink ports of Device A and Device C as trunk ports and assign them to VLANs 100 and 200 Configure the downlink ports of Device B as trunk ports and assign them to VLANs 100 and 200 Assign the uplink ports of Device B to VLANs 100 and 200 Associate the MAC address of Laptop 1 with VLAN 100 and associate the MAC address of Laptop 2 with VLAN 200 Configuration...

Page 126: ...1 0 2 quit 2 Configure Device B Create VLANs 100 and 200 Assign Ethernet 1 0 13 to VLAN 100 and assign Ethernet 1 0 14 to VLAN 200 DeviceB system view DeviceB vlan 100 DeviceB vlan100 port ethernet 1 0 13 DeviceB vlan100 quit DeviceB vlan 200 DeviceB vlan200 port ethernet 1 0 14 DeviceB vlan200 quit Configure Ethernet 1 0 3 and Ethernet 1 0 4 as trunk ports and assign them to VLANs 100 and 200 Dev...

Page 127: ...on hybrid ports and a protocol template applies only to untagged packets When an untagged packet arrives a protocol based VLAN assignment enabled hybrid port processes the packet by using the following workflow If the protocol type and encapsulation format in the packet matches a protocol template the packet is tagged with the VLAN tag specific to the protocol template If no protocol template is m...

Page 128: ...2 aggregate interface view applies to the aggregate interface and its aggregation member ports If the system fails to apply the configuration to the aggregate interface it stops applying the configuration to aggregation member ports If the system fails to apply the configuration to an aggregation member port it skips the port and moves to the next member port 6 Configure the port link type as hybr...

Page 129: ...evice vlan100 quit Create VLAN 200 and assign port Ethernet 1 0 12 to VLAN 200 Device vlan 200 Device vlan200 description protocol VLAN for IPv6 Device vlan200 port ethernet 1 0 12 Create an IPv6 protocol template in the view of VLAN 200 and create an IPv4 protocol template in the view of VLAN 100 Device vlan200 protocol vlan 1 ipv6 Device vlan200 quit Device vlan 100 Device vlan100 protocol vlan ...

Page 130: ...st B and IPv4 Server to be on the same IP subnet 192 168 100 0 24 for example and configure IPv6 Host A IPv6 Host B and IPv6 Server to be on the same IP subnet 2001 1 64 for example Verifying the configurations 1 The hosts and the server in VLAN 100 can ping one another successfully The hosts and the server in VLAN 200 can ping one another successfully The hosts or server in VLAN 100 cannot ping t...

Page 131: ...ay MAC address to VLAN entries display mac vlan all dynamic mac address mac address static vlan vlan id begin exclude include regular expression Available in any view Display all interfaces with MAC based VLAN enabled display mac vlan interface begin exclude include regular expression Available in any view Display protocol information and protocol indexes of the specified VLANs available only on t...

Page 132: ...s whether a received packet is a voice packet by evaluating its source MAC address A packet whose source MAC address complies with any of the Organizationally Unique Identifier OUI addresses of the voice devices is regarded as voice traffic You can remove the default OUI address of a device manually and then add new ones manually You can configure the OUI addresses of a device in advance or use th...

Page 133: ...he voice VLAN configuration is based on the received LLDP MED TLVs or CDP packets the IP phone will send out packets tagged with the advertised voice VLAN ID The voice packets will be forwarded in the voice VLAN For more information about configuring LLDP or CDP see Configuring LLDP to advertise a specific voice VLAN For more information about LLDP and CDP compatibility see Configuring LLDP If the...

Page 134: ...in series Connecting the IP phone to the device As shown in Figure 40 the IP phone is connected to the device without the presence of the host Use this connection method when the IP phone sends out untagged voice packets In this scenario you must configure the voice VLAN as the PVID of the port and configure the port to forward the packets from the PVID Figure 40 Connecting the IP phone to the dev...

Page 135: ...in the packets against the device s OUI addresses If the match succeeds the system issues ACL rules to set the packet precedence To remove the port from the voice VLAN you must manually remove it Cooperation of voice VLAN assignment modes and IP phones Some IP phones send out VLAN tagged packets and others send out only untagged packets For correct packet process ports of different link types must...

Page 136: ...led ports operate in the following modes Normal mode The port receives voice VLAN tagged packets and forwards them in the voice VLAN without examining their MAC addresses If the PVID of the port is the voice VLAN and the port operates in manual VLAN assignment mode the port forwards all received untagged packets in the voice VLAN In normal mode voice VLANs are vulnerable to traffic attacks Malicio...

Page 137: ...n the voice VLAN Packets that carry other tags Forwarded or dropped depending on whether the port allows packets of these VLANs to pass through Configuration prerequisites Before you configure a voice VLAN complete the following tasks Create a VLAN Determine the QoS priority settings for voice VLAN traffic Determine the voice VLAN assignment mode Configuring QoS priority settings for voice traffic...

Page 138: ...ee Configuring protocol based VLANs available only on the HPE 3100 v2 EI Do not configure automatic voice VLAN assignment together with MSTP because the former is mainly configured on the access side With MSTP enabled if a port is blocked in the MST instance MSTI of the target voice VLAN the port drops the received packets instead of delivering them to the CPU As a result the receiving port will n...

Page 139: ...e voice vlan vlan id enable By default the voice VLAN feature is disabled Configuring a port to operate in manual voice VLAN assignment mode Configuration restrictions and guidelines You can configure different voice VLANs on different ports at the same time However you can configure one port with only one voice VLAN and this voice VLAN must be a static VLAN that already exists on the device Do no...

Page 140: ...Enabling LLDP to automatically discover IP phones In a traditional voice VLAN network the switch maps the source MAC addresses of IP phones to a limited number of OUI addresses to allow them to access the network This method restricts the types of IP phones on the network if the IP phones with the source MAC addresses match the same OUI address are categorized as a type To break the restriction yo...

Page 141: ...onfiguring LLDP This feature allows you to specify the voice VLAN information that LLDP will advertise to IP phones through network policy TLVs If you enable CDP compatibility on the device the device advertise the voice VLAN information to the IP phones through CDP packets The LLDP packets that the device send to IP phones carry the priority information The CDP packets that the device send to IP ...

Page 142: ...te IP phones As shown in Figure 41 configure 802 1X on the device to authenticate the host and the IP phone which must support 802 1X Configure the authentication server to assign an untagged VLAN to the host and assign a tagged VLAN to the IP phone After the host and the IP phone pass the authentication the port connected to the IP phone is added to the VLAN assigned to the IP phone as a tagged m...

Page 143: ... 1 0 1 and Ethernet 1 0 2 to operate in automatic voice VLAN assignment mode Add MAC addresses of IP phones A and B to the device for voice packet identification The mask of the two MAC addresses is FFFF FF00 0000 Figure 42 Network diagram Configuration procedure 1 Configure voice VLANs Create VLAN 2 and VLAN 3 DeviceA system view DeviceA vlan 2 to 3 Please wait Done Set the voice VLAN aging timer...

Page 144: ...lan mode auto Configure VLAN 3 as the voice VLAN for Ethernet 1 0 1 DeviceA Ethernet1 0 2 voice vlan 3 enable Verifying the configurations Display the OUI addresses and their masks and descriptions DeviceA display voice vlan oui Oui Address Mask Description 0001 e300 0000 ffff ff00 0000 Siemens phone 0003 6b00 0000 ffff ff00 0000 Cisco phone 0004 0d00 0000 ffff ff00 0000 Avaya phone 0011 1100 0000...

Page 145: ...Add a MAC address 0011 2200 0000 with the mask FFFF FF00 0000 DeviceA voice vlan mac address 0011 2200 0000 mask ffff ff00 0000 description test Create VLAN 2 DeviceA vlan 2 DeviceA vlan2 quit Configure Ethernet 1 0 1 to operate in manual voice VLAN assignment mode DeviceA interface ethernet 1 0 1 DeviceA Ethernet1 0 1 undo voice vlan mode auto Configure Ethernet 1 0 1 as a hybrid port DeviceA Eth...

Page 146: ...00 0000 ffff ff00 0000 Pingtel phone 0060 b900 0000 ffff ff00 0000 Philips NEC phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00e0 bb00 0000 ffff ff00 0000 3com phone Display the voice VLAN state DeviceA display voice vlan state Maximum of Voice VLANs 8 Current Voice VLANs 1 Voice VLAN security mode Security Voice VLAN aging time 1440 minutes Voice VLAN enabled port and its mode PORT VLAN MODE ...

Page 147: ... registers and deregisters its attribute values with other GARP participants by sending and withdrawing declarations and registers and deregisters the attribute values of other participants according to the declarations and withdrawals that it has received Figure 44 How GARP works For example a GVRP enabled port registers and deregisters VLAN in the following cases When the port receives a VLAN at...

Page 148: ...a JoinIn message for the attribute value If the GARP participant does not receive any declaration for the attribute value when the Join timer expires it re declares the attribute value Because all attributes of a GARP participant share the same Join timer you must set the Join timer long enough so that all attributes can be sent out in one declaration Leave timer A GARP participant starts a Leave ...

Page 149: ...ue N A Attribute length Length of an attribute inclusive of the attribute length field 2 to 255 in bytes Attribute event Event that the attribute describes 0x00 LeaveAll event 0x01 JoinEmpty event 0x02 JoinIn event 0x03 LeaveEmpty event 0x04 LeaveIn event 0x05 Empty event Attribute value Attribute value VLAN ID for GVRP If the value of the attribute event field is 0x00 LeaveAll event the attribute...

Page 150: ...er or withdraw dynamic VLAN information but allows the port to send declarations for static VLANs A trunk port in this mode carries only static VLANs even if it has been assigned to all VLANs Forbidden mode Disables the trunk port to register or withdraw dynamic VLAN information and allows the port to send declarations only for VLAN 1 A trunk port in this mode carries only VLAN 1 even if it has be...

Page 151: ...port Step Command Remarks 1 Enter system view system view N A 2 Enable GVRP globally gvrp Globally disabled by default 3 Enter Ethernet interface view Layer 2 aggregate interface view or port group view Enter Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number Enter port group view port group manual port group name Use either command 4 Configure th...

Page 152: ... set a value beyond the value range for a timer you can change the value range by tuning the value of another related timer If you want to restore the default settings of the timers restore the Hold timer first followed by the Join Leave and LeaveAll timers Table 19 Dependencies of the GARP timers Timer Lower limit Upper limit Hold 10 centiseconds No greater than half of the Join timer Join No les...

Page 153: ...gin exclude include regular expression Available in any view Clear the GARP statistics on ports reset garp statistics interface interface list Available in user view GVRP configuration examples GVRP normal registration mode configuration example Network requirements As shown in Figure 46 Device A and Device B are connected through their ports Ethernet 1 0 1 Enable GVRP and configure the normal reg...

Page 154: ...ording to the output information about VLAN 1 static VLAN information of VLAN 2 on the local device and dynamic VLAN information of VLAN 3 on Device B are all registered through GVRP Display the local VLAN information that GVRP maintains on port Ethernet 1 0 1 of Device B DeviceB display gvrp local vlan interface ethernet 1 0 1 Following VLANs exist in GVRP local database 1 default 2 3 According t...

Page 155: ...viceB Ethernet1 0 1 gvrp registration fixed DeviceB Ethernet1 0 1 quit Create VLAN 3 a static VLAN DeviceB vlan 3 DeviceB vlan3 quit 3 Verify the configuration Use the display gvrp local vlan command to display the local VLAN information that GVRP maintains on ports For example Display the local VLAN information that GVRP maintains on port Ethernet 1 0 1 of Device A DeviceA display gvrp local vlan...

Page 156: ...t trunk permit vlan all Enable GVRP on Ethernet 1 0 1 and set the GVRP registration mode to forbidden on the port DeviceA Ethernet1 0 1 gvrp DeviceA Ethernet1 0 1 gvrp registration forbidden DeviceA Ethernet1 0 1 quit Create VLAN 2 a static VLAN DeviceA vlan 2 DeviceA vlan2 quit 2 Configure Device B Enable GVRP globally DeviceB system view DeviceB gvrp Configure port Ethernet 1 0 1 as a trunk port...

Page 157: ...ation about VLAN 1 is registered through GVRP but static VLAN information of VLAN 2 on the local device and dynamic VLAN information of VLAN 3 on Device B are not Display the local VLAN information that GVRP maintains on port Ethernet 1 0 1 of Device B DeviceB display gvrp local vlan interface ethernet 1 0 1 Following VLANs exist in GVRP local database 1 default According to the output information...

Page 158: ... have multiple CVLANs Background and benefits The IEEE 802 1Q VLAN tag uses 12 bits for VLAN IDs A device supports a maximum of 4094 VLANs This is far from enough for isolating users in actual networks especially in metropolitan area networks MANs By tagging tagged frames QinQ expands the available VLAN space from 4094 to 4094 4094 QinQ delivers the following benefits Releases the stress on the SV...

Page 159: ... and traffic from different customers can be identified separately The double tagged Ethernet frame is then transmitted over the service provider network and arrives at the other PE The PE removes the SVLAN of the frame before sending it to the target customer edge device CE QinQ frame structure A QinQ frame is transmitted double tagged over the service provider network As shown in Figure 50 the i...

Page 160: ...tag frames from different CVLANs with different SVLAN tags Besides being able to separate the service provider network from the customer networks selective QinQ provides abundant service features and enables more flexible networking Modifying the TPID in a VLAN tag A VLAN tag uses the tag protocol identifier TPID field to identify the protocol type of the tag The value of this field as defined in ...

Page 161: ... 0xFFFD 0xFFFE 0xFFFF Protocols and standards IEEE 802 1Q IEEE standard for local and metropolitan area networks Virtual Bridged Local Area Networks QinQ configuration task list When you configure QinQ follow these guidelines QinQ requires configurations only on the service provider network QinQ configurations made in Ethernet interface view take effect on the current interface only Those made in ...

Page 162: ...lows adding different outer VLAN tags based on different inner VLAN tags You can configure an outer VLAN tagging policy in one of the following approaches Port based approach QoS policy based approach Configuring an outer VLAN tagging policy in the port based approach Step Command Remarks 1 Enter system view system view N A 2 Enter interface view or port group view Enter Layer 2 Ethernet interface...

Page 163: ...te a class and enter class view traffic classifier classifier name operator and or By default the operator of a class is AND 3 Specify the inner VLAN IDs of matching frames if match customer vlan id vlan id list N A 4 Return to system view quit N A 5 Create a traffic behavior and enter traffic behavior view traffic behavior behavior name N A 6 Specify an outer VLAN ID nest top most vlan id vlan id...

Page 164: ...ite 2 are connected through the service provider network and use CVLANs 10 through 70 The two branches of Company B Site 3 and Site 4 are connected through the service provider network and use CVLANs 30 through 90 PE 1 and PE 2 are edge devices on the service provider network and are connected through third party devices with a TPID value of 0x8200 Configure the edge and third party devices to ena...

Page 165: ... permit vlan 100 200 Set the TPID value in the outer VLAN tag to 0x8200 on the port PE1 Ethernet1 0 2 quit PE1 qinq ethernet type 8200 Configure Ethernet 1 0 3 Configure Ethernet 1 0 3 as a trunk port and assign it to VLAN 200 PE1 interface ethernet 1 0 3 PE1 Ethernet1 0 3 port link type trunk PE1 Ethernet1 0 3 port trunk permit vlan 200 Configure VLAN 200 as the PVID for the port PE1 Ethernet1 0 ...

Page 166: ...quit 3 On the third party devices between PE 1 and PE 2 configure the port that connects to PE 1 and that connecting to PE 2 to allow tagged frames of VLAN 100 and VLAN 200 to pass through Selective QinQ configuration example in port based approach IMPORTANT This example is available only on the HPE 3100 v2 EI switches Network requirements As shown in Figure 53 The two branches of a company Site 1...

Page 167: ...ged Configure the port to tag VLAN 10 frames with outer VLAN ID 100 PE1 Ethernet1 0 1 qinq vid 100 PE1 Ethernet1 0 1 vid 100 raw vlan id inbound 10 PE1 Ethernet1 0 1 vid 100 quit Configure the port to tag VLAN 20 frames with outer VLAN ID 200 PE1 Ethernet1 0 1 qinq vid 200 PE1 Ethernet1 0 1 vid 200 raw vlan id inbound 20 PE1 Ethernet1 0 1 vid 200 quit PE1 Ethernet1 0 1 quit Configure Ethernet 1 0 ...

Page 168: ...k PE2 Ethernet1 0 2 port trunk permit vlan 100 200 Set the TPID in the outer VLAN tags to 0x8200 PE2 Ethernet1 0 2 quit PE2 qinq ethernet type 8200 3 On the third party devices between PE 1 and PE 2 configure the port that connects to PE 1 and that connecting to PE 2 to allow tagged frames of VLAN 100 and VLAN 200 to pass through Selective QinQ configuration example in QoS policy based approach IM...

Page 169: ...eate class A10 and configure the class to match frames from Site 1 with CVLAN 10 PE1 traffic classifier A10 PE1 classifier A10 if match customer vlan id 10 PE1 classifier A10 quit Create traffic behavior P100 and add the action of inserting outer VLAN tag 100 PE1 traffic behavior P100 PE1 behavior P100 nest top most vlan id 100 PE1 behavior P100 quit Create class A20 and configure the class to mat...

Page 170: ...00 to pass through untagged PE2 interface ethernet 1 0 1 PE2 Ethernet1 0 1 port link type hybrid PE2 Ethernet1 0 1 port hybrid vlan 100 200 untagged PE2 Ethernet1 0 1 quit Create class A10 and configure the class to match frames from Site 2 with CVLAN 10 PE2 traffic classifier A10 PE2 classifier A10 if match customer vlan id 10 PE2 classifier A10 quit Create traffic behavior P100 and add the actio...

Page 171: ...trunk port and assign it to VLAN 100 and VLAN 200 PE2 interface ethernet 1 0 2 PE2 Ethernet1 0 2 port link type trunk PE2 Ethernet1 0 2 port trunk permit vlan 100 200 Set the TPID in the outer VLAN tags to 0x8200 PE2 Ethernet1 0 2 quit PE2 qinq ethernet type 8200 3 On the third party devices between PE 1 and PE 2 configure the port that connects to PE 1 and the port that connects to PE 2 to allow ...

Page 172: ...ith one to one VLAN mapping Application scenario of one to one VLAN mapping Figure 55 shows a typical one to one VLAN mapping application scenario in which each home gateway uses different VLANs to transmit the PC VoD and VoIP services Figure 55 Application scenario of one to one VLAN mapping To meet the service provider s network design perform one to one VLAN mapping on the wiring closet switch ...

Page 173: ...tomer network Network side port A port connected to or closer to the service provider network Customer side port A port connected to or closer to the customer network Uplink policy A QoS policy that defines VLAN mapping rules for uplink traffic Downlink policy A QoS policy that defines VLAN mapping rules for downlink traffic Customer VLANs CVLANs VLANs assigned for customers Service provider VLANs...

Page 174: ...raffic mapping each SVLAN ID back to the corresponding CVLAN ID When forwarding a packet out of the port the switch replaces its SVLAN ID with the matching CVLAN ID Figure 58 One to one VLAN mapping implementation with a globally QoS policy Implementing one to one VLAN mapping with port QoS policies Implement one to one VLAN mapping on the customer side port through port QoS policies as shown in F...

Page 175: ... a global QoS policy Perform one to one VLAN mapping on the wiring closet switch see Figure 55 Perform these tasks to configure one to one VLAN mapping with a global QoS policy Task Remarks Configuring an uplink policy Required Create CVLAN to SVLAN mappings Configuring the customer side port Required Configure settings required for one to one VLAN mapping Configuring the network side port Require...

Page 176: ...eturn to system view quit 9 Apply the QoS policy to the incoming traffic of all ports qos apply policy policy name global inbound Configuring the customer side port Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view interface interface type interface number N A 3 Configure the port as a trunk port port link type trunk The default link type of an Ethern...

Page 177: ...ired for one to one VLAN mapping Configuring the network side port Required Configure VLAN settings required for normal communication Configuration prerequisites Create CVLANs and SVLANs and plan CVLAN to SVLAN mappings Configuring an uplink policy To configure an uplink policy to map each CVLAN to a unique SVLAN Step Command 1 Enter system view system view 2 Configure a class for a CVLAN a Create...

Page 178: ...r vlan id vlan id 5 Return to system view quit 6 Create a QoS policy and enter QoS policy view qos policy policy name 7 Associate the class with the behavior to map the SVLAN to the CVLAN classifier tcl name behavior behavior name Configuring the customer side port Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view interface interface type interface nu...

Page 179: ...he customer side port Required Configures VLAN and other settings required for many to one VLAN mapping Configuring the network side port Required Configures VLAN and other settings required for many to one VLAN mapping Configuration prerequisites Create CVLANs and SVLANs and plan CVLANs to SVLAN mappings Configuring an uplink policy To configure an uplink policy to map a group of CVLANs of the sa...

Page 180: ... uplink policy to the incoming traffic qos apply policy policy name inbound N A Configuring the network side port Step Command Remarks 1 Enter system view system view N A 2 Enter Ethernet interface view interface interface type interface number N A 3 Configure the port as a trunk port port link type trunk The default link type of an Ethernet port is access 4 Assign the port to CVLANs and SVLANs po...

Page 181: ...ifier c2 SwitchA classifier c2 if match customer vlan id 2 SwitchA classifier c2 traffic classifier c3 SwitchA classifier c3 if match customer vlan id 3 SwitchA classifier c3 traffic classifier c4 SwitchA classifier c4 if match customer vlan id 4 SwitchA classifier c4 traffic classifier c5 SwitchA classifier c5 if match customer vlan id 5 SwitchA classifier c5 traffic classifier c6 SwitchA classif...

Page 182: ...2 3 101 201 301 SwitchA Ethernet1 0 1 qinq enable downlink SwitchA Ethernet1 0 1 quit Configure customer side port Ethernet 1 0 2 as a trunk port assign the port to CVLANs 4 through 6 and SVLANs 102 202 and 302 and enable selective QinQ on the port SwitchA interface ethernet 1 0 2 SwitchA Ethernet1 0 2 port link type trunk SwitchA Ethernet1 0 2 port trunk permit vlan 4 5 6 102 202 302 SwitchA Ethe...

Page 183: ...havior b1 remark service vlan id 101 SwitchA behavior b1 traffic behavior b2 SwitchA behavior b2 remark service vlan id 102 SwitchA behavior b2 quit SwitchA qos policy p1 SwitchA policy p1 classifier c1 behavior b1 mode dot1q tag manipulation SwitchA policy p1 quit SwitchA qos policy p2 SwitchA policy p2 classifier c2 behavior b2 mode dot1q tag manipulation SwitchA policy p2 quit Configure custome...

Page 184: ... 2 SwitchA Ethernet1 0 2 port link type trunk SwitchA Ethernet1 0 2 port trunk permit vlan 4 5 6 102 SwitchA Ethernet1 0 2 qos apply policy p2 inbound SwitchA Ethernet1 0 2 quit Configure network side port Ethernet 1 0 3 as a trunk port and assign it to all CVLANs and SVLANs SwitchA interface ethernet 1 0 3 SwitchA Ethernet1 0 3 port link type trunk SwitchA Ethernet1 0 3 port trunk permit vlan 1 t...

Page 185: ... received in LLDPDUs from the LLDP neighbors in a standard MIB For more information about MIBs see Network Management and Monitoring Configuration Guide LLDP enables a network management system to quickly detect and identify Layer 2 network topology changes Basic concepts LLDP frame formats LLDP sends device information in LLDP frames LLDP frames are encapsulated in Ethernet II or SNAP frames Ethe...

Page 186: ...FCS Frame check sequence a 32 bit CRC value used to determine the validity of the received Ethernet frame LLDPDUs LLDP uses LLDPDUs to exchange information An LLDPDU contains multiple TLVs Each TLV carries a type of device information as shown in Figure 65 Figure 65 LLDPDU encapsulation format An LLDPDU can carry up to 28 types of TLVs Mandatory TLVs include Chassis ID TLV Port ID TLV Time to Live...

Page 187: ...ice System Description Specifies the description of the sending device System Capabilities Identifies the primary functions of the sending device and the enabled primary functions Management Address Specifies the following elements The management address of the local device The interface number and object identifier OID associated with the address IEEE 802 1 organizationally specific TLVs Table 24...

Page 188: ...them LLDP MED TLVs LLDP MED TLVs provide multiple advanced applications for voice over IP VoIP such as basic configuration network policy configuration and address and directory management LLDP MED TLVs provide a cost effective and easy to use solution for deploying voice devices in Ethernet LLDP MED TLVs are shown in Table 26 Table 26 LLDP MED TLVs Type Description LLDP MED Capabilities Allows a ...

Page 189: ...pecified amount of time to initialize LLDP after the LLDP operating mode changes Transmitting LLDP frames An LLDP enabled port operating in TxRx mode or Tx mode sends LLDP frames to its directly connected devices both periodically and when the local configuration changes To prevent LLDP frames from overwhelming the network during times of frequent changes to local device information an interval is...

Page 190: ...etting an encapsulation format for LLDP frames Optional Configuring CDP compatibility available only on the HPE 3100 v2 EI Optional Configuring LLDP trapping Optional Performing basic LLDP configuration Enabling LLDP To make LLDP take effect on specific ports you must enable LLDP both globally and on these ports To enable LLDP Step Command Remarks 1 Enter system view system view N A 2 Enable LLDP ...

Page 191: ...p timer reinit delay delay Optional The default setting is 2 seconds Enabling LLDP polling With LLDP polling enabled a device periodically searches for local configuration changes When the device detects a configuration change it sends LLDP frames to inform neighboring devices of the change To enable LLDP polling Step Command Remarks 1 Enter system view system view N A 2 Enter Ethernet interface v...

Page 192: ...tion with the neighbor To configure a management address to be advertised and its encoding format on a port or group of ports Step Command Remarks 1 Enter system view system view N A 2 Enter Ethernet interface view or port group view Enter Layer 2 Ethernet interface view interface interface type interface number Enter port group view port group manual port group name N A 3 Allow LLDP to advertise ...

Page 193: ...p Command Remarks 1 Enter system view system view N A 2 Set the TTL multiplier lldp hold multiplier value Optional 4 by default 3 Set the LLDP frame transmission interval lldp timer tx interval interval Optional 30 seconds by default 4 Set the LLDP frame transmission delay lldp timer tx delay delay Optional 2 seconds by default 5 Set the number of LLDP frames sent each time fast LLDP frame transmi...

Page 194: ... the directly connected device and send CDP packets to the directly connected device The packets that the switch sends to the neighboring CDP device carry the fields in Table 27 Table 27 Fields in CDP packets Field Description Device ID Device ID which is the bridge MAC address of the device Addresses IPv4 address of the interface The port IPv4 address is the primary IP address of the VLAN interfa...

Page 195: ...t voice VLANs see Configuring a voice VLAN Configuration prerequisites Before you configure CDP compatibility complete the following tasks Globally enable LLDP Enable LLDP on the port connecting to a device supporting CDP Configure the port to operate in TxRx mode Configuration procedure CAUTION The maximum TTL value that CDP allows is 255 seconds To make CDP compatible LLDP work correctly with Ci...

Page 196: ...default 4 Return to system view quit N A 5 Set the LLDP trap transmission interval lldp timer notification interval interval Optional 5 seconds by default Displaying and maintaining LLDP Task Command Remarks Display the global LLDP information or the information contained in the LLDP TLVs to be sent through a port display lldp local information global interface interface type interface number begi...

Page 197: ...ween Switch A and Switch B on the NMS Monitor the link between Switch A and the MED device on the NMS Figure 66 Network diagram Configuration procedure 1 Configure Switch A Enable LLDP globally SwitchA system view SwitchA lldp enable Enable LLDP on Ethernet 1 0 1 By default LLDP is enabled on ports SwitchA interface ethernet 1 0 1 SwitchA Ethernet1 0 1 lldp enable Set the LLDP operating mode to Rx...

Page 198: ...witchA display lldp status Global status of LLDP Enable The current number of LLDP neighbors 2 The current number of CDP neighbors 0 LLDP neighbor information last changed time 0 days 0 hours 4 minutes 40 seconds Transmit interval 30s Hold multiplier 4 Reinit delay 2s Transmit delay 2s Trap interval 5s Fast start times 3 Port 1 Ethernet1 0 1 Port status of LLDP Enable Admin status Rx_Only Trap fla...

Page 199: ...1 Ethernet1 0 1 Port status of LLDP Enable Admin status Rx_Only Trap flag No Polling interval 0s Number of neighbors 1 Number of MED neighbors 1 Number of CDP neighbors 0 Number of sent optional TLV 0 Number of received unknown TLV 5 Port 2 Ethernet1 0 2 Port status of LLDP Enable Admin status Rx_Only Trap flag No Polling interval 0s Number of neighbors 0 Number of MED neighbors 0 Number of CDP ne...

Page 200: ...chA Ethernet1 0 2 port link type trunk SwitchA Ethernet1 0 2 voice vlan 2 enable SwitchA Ethernet1 0 2 quit 2 Configure CDP compatible LLDP on Switch A Enable LLDP globally and enable CDP compatibility globally SwitchA lldp enable SwitchA lldp compliance cdp Enable LLDP on Ethernet 1 0 1 By default LLDP is enabled on ports SwitchA interface ethernet 1 0 1 SwitchA Ethernet1 0 1 lldp enable Configur...

Page 201: ...P neighbor information of port 1 Ethernet1 0 1 CDP neighbor index 1 Chassis ID SEP00141CBCDBFE Port ID Port 1 Software version P0030301MFG2 Platform Cisco IP Phone 7960 Duplex Full CDP neighbor information of port 2 Ethernet1 0 2 CDP neighbor index 2 Chassis ID SEP00141CBCDBFF Port ID Port 1 Software version P0030301MFG2 Platform Cisco IP Phone 7960 Duplex Full ...

Page 202: ...stance MSTI MVRP runs on a per MSTI basis and implements per VLAN redundant link calculation and load sharing MVRP decreases the number of packets transmitted for the same amount of VLAN configuration and improves the declaration efficiency For more information about GVRP see Configuring GVRP For more information about MSTI see Configuring spanning tree protocols Introduction to MRP MRP allows par...

Page 203: ...nIn message New message Similar to a Join message a New message enables MRP participants to register attributes When the Multiple Spanning Tree Protocol MSTP topology changes an MRP participant sends New messages to declare the topology change On receiving a New message an MRP participant sends a New message out of each port except the receiving port Leave message An MRP participant sends Leave me...

Page 204: ...LeaveAll message other participants re register all the attributes and re start their LeaveAll timer When the LeaveAll timer of an MRP participant expires the MRP participant sends LeaveAll messages to the remote participants On receiving a LeaveAll message a remote participant restarts its LeaveAll timer and stops sending out LeaveAll messages This mechanism effectively reduces the number of Leav...

Page 205: ...work with STP RSTP or MSTP but not other link layer topology protocols including PVST RRPP and Smart Link Ports blocked by STP RSTP or MSTP can receive and send MVRP protocol packets For more information about STP RSTP MSTP and PVST see Configuring spanning tree protocols For more information about RRPP and Smart Link see High Availability Configuration Guide Do not enable both MVRP and remote por...

Page 206: ...d Reference 5 Enable MVRP on the port mvrp enable By default MVRP is disabled on a port Configuring the MVRP registration mode Step Command Remarks 1 Enter system view system view N A 2 Enter interface view Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number Enter port group view port group manual port group name Use one of the comman...

Page 207: ...conds Table 28 shows the value ranges for Join Leave and LeaveAll timers and their dependencies If you set a timer to a value beyond the allowed value range your configuration will fail To do that you can change the allowed value range by tuning the value of another related timer To restore the default settings of the timers restore the Join timer first followed by the Leave and LeaveAll timers Ta...

Page 208: ...ce in the specified VLAN display mvrp state interface interface type interface number vlan vlan id begin exclude include regular expression Available in any view Display the MVRP running status display mvrp running status interface interface list begin exclude include regular expression Available in any view Display the MVRP statistics display mvrp statistics interface interface list begin exclude...

Page 209: ...n Device B are not de registered Figure 69 Network diagram Configuration procedure Configuring Device A Enter MST region view DeviceA system view DeviceA stp region configuration Configure the MST region name VLAN to instance mappings and revision level DeviceA mst region region name example DeviceA mst region instance 1 vlan 10 DeviceA mst region instance 2 vlan 20 DeviceA mst region revision lev...

Page 210: ...2 mvrp enable DeviceA Ethernet1 0 2 quit Configure port Ethernet 1 0 3 as a trunk port and configure it to permit all VLANs DeviceA interface ethernet 1 0 3 DeviceA Ethernet1 0 3 port link type trunk DeviceA Ethernet1 0 3 port trunk permit vlan all Enable MVRP on port Ethernet 1 0 3 DeviceA Ethernet1 0 3 mvrp enable DeviceA Ethernet1 0 3 quit Create VLAN 10 DeviceA vlan 10 DeviceA vlan10 quit Conf...

Page 211: ...configure it to permit all VLANs DeviceB interface ethernet 1 0 3 DeviceB Ethernet1 0 3 port link type trunk DeviceB Ethernet1 0 3 port trunk permit vlan all Enable MVRP on port Ethernet 1 0 3 DeviceB Ethernet1 0 3 mvrp enable DeviceB Ethernet1 0 3 quit Create VLAN 20 DeviceB vlan 20 DeviceB vlan20 quit Configuring Device C Enter MST region view DeviceC system view DeviceC stp region configuration...

Page 212: ...iceD mst region region name example DeviceD mst region instance 1 vlan 10 DeviceD mst region instance 2 vlan 20 DeviceD mst region revision level 0 Manually activate the MST region configuration DeviceD mst region active region configuration DeviceD mst region quit Globally enable the spanning tree feature DeviceD stp enable Globally enable MVRP DeviceD mvrp global enable Configure port Ethernet 1...

Page 213: ...pe Normal Local VLANs 1 default Ethernet1 0 2 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Local VLANs 1 default Ethernet1 0 3 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseco...

Page 214: ...entiseconds Registration Type Normal Local VLANs 1 default 10 Ethernet1 0 3 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Local VLANs 1 default 10 The output shows that Port Ethernet 1 0 1 has learned only VLAN 1 through MVRP Ports Ethernet 1 0 2 and Ether...

Page 215: ...ated on Device A and dynamic VLAN 20 created on Device B through MVRP Port Ethernet1 0 2 has learned VLAN 1 and dynamic VLAN 20 created on Device B through MVRP Check the local VLAN information on Device D DeviceD display mvrp running status MVRP Global Info Global Status Enabled Compliance GVRP False Ethernet1 0 1 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer...

Page 216: ... interface ethernet 1 0 3 MVRP Global Info Global Status Enabled Compliance GVRP False Ethernet1 0 3 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Fixed Local VLANs 1 default 10 The output shows that the VLAN information on Ethernet 1 0 3 is not changed after you...

Page 217: ...208 Local VLANs 1 default 10 The output shows that the dynamic VLAN information on Ethernet 1 0 3 is not changed after you set the MVRP registration mode to fixed on Ethernet 1 0 3 ...

Page 218: ...ast one x y Asterisk marked square brackets enclose optional syntax choices separated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered 1 to n times A line that starts with a pound sign is comments GUI conventions Convention Description Boldface Window names button names field nam...

Page 219: ... Represents an access controller a unified wired WLAN module or the access controller engine on a unified wired WLAN switch Represents an access point Represents a wireless terminator unit Represents a wireless terminator Represents a mesh access point Represents omnidirectional signals Represents directional signals Represents a security product such as a firewall UTM multiservice security gatewa...

Page 220: ...s provide a mechanism for accessing software updates through the product interface Review your product documentation to identify the recommended software update method To download product updates go to either of the following Hewlett Packard Enterprise Support Center Get connected with updates page www hpe com support e updates Software Depot website www hpe com support softwaredepot To view and u...

Page 221: ...r self repair CSR programs allow you to repair your product If a CSR part needs to be replaced it will be shipped directly to you so that you can install it at your convenience Some parts do not qualify for CSR Your Hewlett Packard Enterprise authorized service provider will determine whether a repair can be accomplished by CSR For more information about CSR contact your local service provider or ...

Page 222: ...number edition and publication date located on the front cover of the document For online help content include the product name product version help edition and publication date located on the legal notices page ...

Page 223: ...te change suppression on an Ethernet interface 5 Configuring LLDP to advertise a specific voice VLAN 132 Configuring LLDP trapping 187 Configuring load sharing for link aggregation groups 40 Configuring loopback testing on an Ethernet interface 6 Configuring MAC Information mode 27 Configuring MAC based VLANs 114 Configuring many to one VLAN mapping 170 Configuring MRP timers 197 Configuring No Ag...

Page 224: ... MAC Information on an interface 26 Enabling MVRP 196 Enabling outputting port state transition information 77 Enabling SNMP notifications for PVST topology changes 89 Enabling the spanning tree feature 77 Ethernet interface naming conventions 1 Ethernet link aggregation configuration examples 41 Ethernet link aggregation configuration task list 35 G GVRP configuration examples 144 GVRP configurat...

Page 225: ...216 T Testing the cable connection of an Ethernet interface 12 V VLAN mapping configuration examples 171 Voice VLAN configuration examples 134 ...

Reviews:

No comments

Related manuals for 3100 Series

D-Link xStack DGS-3420 Series How To Set Up preview
xStack DGS-3420 Series
Brand: D-Link Pages: 2
D-Link DXS-3600-32S Quick Installation Manual preview
DXS-3600-32S
Brand: D-Link Pages: 29
D-Link DWS-1008 User Manual preview
DWS-1008
Brand: D-Link Pages: 454
D-Link DWS-1008 Product Manual preview
DWS-1008
Brand: D-Link Pages: 502
D-Link DGS-3312SR Product Manual preview
DGS-3312SR
Brand: D-Link Pages: 244
D-Link GO-SW-5G User Manual preview
GO-SW-5G
Brand: D-Link Pages: 20
D-Link DES-1008E Quick Install Manual preview
DES-1008E
Brand: D-Link Pages: 2
D-Link KVM-440 User Manual preview
KVM-440
Brand: D-Link Pages: 37
D-Link DES-1018DG Quick Installation Manual preview
DES-1018DG
Brand: D-Link Pages: 28
Hama S2100 Manual preview
S2100
Brand: Hama Pages: 9
JDS Uniphase SCG Series User Manual preview
SCG Series
Brand: JDS Uniphase Pages: 37
Ubiquiti EdgePoint EP-S16 Quick Start Manual preview
EdgePoint EP-S16
Brand: Ubiquiti Pages: 22
Mach Power NW-SP4-001 Installation Manual preview
NW-SP4-001
Brand: Mach Power Pages: 12
ANTAIRA LMX-1002G-SFP Series Hardware Manual preview
LMX-1002G-SFP Series
Brand: ANTAIRA Pages: 22
LEGRAND 672 34 Quick Start Manual preview
672 34
Brand: LEGRAND Pages: 4
Cumberland PowerTrak Installation preview
PowerTrak
Brand: Cumberland Pages: 2
Green Brook KingShield T206-C Installation And Operating Instruction preview
KingShield T206-C
Brand: Green Brook Pages: 2
DeLOCK 11481 User Manual preview
11481
Brand: DeLOCK Pages: 26

Brands by name

Popular brands

Load more brands