18
Configuring Interfaces
Understanding Interface Types
All ports on the switch can be configured as UNIs or ENIs.
The default state for a UNI or ENI is administratively down to prevent unauthorized users from gaining access to other
ports as you configure the switch. Traffic is not switched between these ports, and all arriving traffic at UNIs or ENIs must
leave on NNIs to prevent a user from gaining access to another user’s private network. If it is appropriate for two or more
UNIs or ENIs to exchange traffic within the switch, the UNIs and ENIs can be assigned to a community VLAN. See
Chapter 18, “Configuring VLANs,”
for instructions on how to configure community VLANs.
Note:
Even though the default state for a UNI or ENI is shutdown, entering the
default interface
interface-id
command
changes the port to the enabled state.
The default status for an NNI is administratively up to allow a service provider remote access to the switch during initial
configuration.
A port can be reconfigured from UNI to NNI or ENI and the reverse. When a port is reconfigured as another interface type,
it inherits all the characteristics of that interface type. When you reconfigure a UNI or ENI to be an NNI, you must enable
the port before it becomes active.
Changing the port type from UNI to ENI does not affect the administrative state of the port. If the UNI status is shut down,
it remains shut down when reconfigured as an ENI; if the port is in a no shutdown state, it remains in the no shutdown
state. At any time, all ports on the switch are either UNI, NNI, or ENI.
Port-Based VLANs
A VLAN is a switched network that is logically segmented by function, team, or application, without regard to the physical
location of the users.
Packets received on a port are forwarded only to ports that belong to the same VLAN as the
receiving port. Network devices in different VLANs cannot communicate with one another without a Layer 3 device to
route traffic between the VLANs.
VLAN partitions provide hard firewalls for traffic in the VLAN, and each VLAN has its own MAC address table. A VLAN
comes into existence when a local port is associated with the VLAN ID or when a user creates te VLAN ID.
To isolate VLANs of different customers in a service-provider network, the switch uses UNI-ENI VLANs. UNI-ENI VLANs
isolate user network interfaces (UNIs) or enhanced network interfaces (ENIs) on the switch from UNIs or ENIs that belong
to other customer VLANs. There are two types of UNI-ENI VLANs:
UNI-ENI isolated VLAN—This is the default VLAN state for all VLANs created on the switch. Local switching does not
occur among UNIs or ENIs on the switch that belong to the same UNI-ENI isolated VLAN.
UNI-ENI community VLAN—Local switching is allowed among UNIs and ENIs on the switch that belong to the same
UNI community VLAN. If UNIs or ENIs belong to the same customer, and you want to switch packets between the
ports, you can configure the common VLAN as a UNI-ENI community VLAN.
Note:
Local switching takes place between ENIs and UNIs in the same community VLAN. Because you can enable
spanning tree on ENIs, but not on UNIs, you should use caution when configuring ENIs and UNIs in the same
community VLAN. UNIs are always in the forwarding state.
To configure VLANs, use the
vlan
vlan-id
global configuration command to enter VLAN configuration mode. The VLAN
configurations for VLAN IDs 1 to 1005 are saved in the VLAN database. Extended-range VLANs (VLAN IDs 1006 to 4094)
are not added to the VLAN database. VLAN configuration is saved in the switch running configuration, and you can save
it in the switch startup configuration file by entering the
copy running-config startup-config
privileged EXEC command.
Add ports to a VLAN by using the
switchport
interface configuration commands:
Identify the interface.
For a trunk port, set trunk characteristics, and if desired, define the VLANs to which it can belong.
For an access port, set and define the VLAN to which it belongs.
For a tunnel port, set and define the VLAN ID for the customer-specific VLAN tag.
Содержание IE 4000
Страница 12: ...8 Configuration Overview Default Settings After Initial Switch Configuration ...
Страница 52: ...48 Configuring Interfaces Monitoring and Maintaining the Interfaces ...
Страница 108: ...104 Configuring Switch Clusters Additional References ...
Страница 128: ...124 Performing Switch Administration Additional References ...
Страница 130: ...126 Configuring PTP ...
Страница 140: ...136 Configuring CIP Additional References ...
Страница 146: ...142 Configuring SDM Templates Configuration Examples for Configuring SDM Templates ...
Страница 192: ...188 Configuring Switch Based Authentication Additional References ...
Страница 244: ...240 Configuring IEEE 802 1x Port Based Authentication Additional References ...
Страница 274: ...270 Configuring SGT Exchange Protocol over TCP SXP and Layer 3 Transport Configuring Cisco TrustSec Caching ...
Страница 298: ...294 Configuring VLANs Additional References ...
Страница 336: ...332 Configuring STP Additional References ...
Страница 408: ...404 Configuring DHCP Additional References ...
Страница 450: ...446 Configuring IGMP Snooping and MVR Additional References ...
Страница 490: ...486 Configuring SPAN and RSPAN Additional References ...
Страница 502: ...498 Configuring Layer 2 NAT ...
Страница 559: ...555 Configuring Network Security with ACLs How to Configure Network Security with ACLs Creating a Numbered Extended ACL ...
Страница 770: ...766 Configuring IPv6 MLD Snooping Related Documents ...
Страница 930: ...926 Configuring IP Unicast Routing Related Documents ...
Страница 956: ...952 Configuring IPv6 Unicast Routing Configuring IPv6 network 2010 AB8 2 48 network 2010 AB8 3 48 exit address family ...
Страница 976: ...972 Configuring Cisco IOS IP SLAs Operations Additional References ...
Страница 978: ...974 Dying Gasp ...
Страница 990: ...986 Configuring Enhanced Object Tracking Monitoring Enhanced Object Tracking ...
Страница 994: ...990 Configuring MODBUS TCP Displaying MODBUS TCP Information ...
Страница 996: ...992 Ethernet CFM ...
Страница 1030: ...1026 Working with the Cisco IOS File System Configuration Files and Software Images Working with Software Images ...
Страница 1066: ...1062 Using an SD Card SD Card Alarms ...