H3C S6850 Series Скачать руководство пользователя страница 321 | Manualshive

Страница: 321 / 394

background image

52

Enabling BPDU drop

About BPDU drop

In a spanning tree network, every BPDU arriving at the device triggers an STP calculation process
and is then forwarded to other devices in the network. Malicious attackers might use the vulnerability
to attack the network by forging BPDUs. By continuously sending forged BPDUs, they can make all
devices in the network continue performing STP calculations. As a result, problems such as CPU
overload and BPDU protocol status errors occur.

To avoid this problem, you can enable BPDU drop on ports. A BPDU drop-enabled port does not
receive any BPDUs and is invulnerable to forged BPDU attacks.

Procedure

1.

Enter system view.

system-view

2.

Enter Layer 2 Ethernet interface view.

interface interface-type interface-number

3.

Enable BPDU drop on the interface.

bpdu-drop any

By default, BPDU drop is disabled.

Enabling PVST BPDU guard

About PVST BPDU guard

This feature takes effect only when the device is operating in MSTP mode.

An MSTP-enabled device forwards PVST BPDUs as data traffic because it cannot recognize PVST
BPDUs. If a PVST-enabled device in another independent network receives the PVST BPDUs, a
PVST calculation error might occur. To avoid PVST calculation errors, enable PVST BPDU guard on
the MSTP-enabled device. The device shuts down a port if the port receives PVST BPDUs.

Procedure

1.

Enter system view.

system-view

2.

Enable PVST BPDU guard.

stp pvst-bpdu-protection

By default, PVST BPDU guard is disabled.

Disabling dispute guard

About dispute guard

Dispute guard can be triggered by unidirectional link failures. If an upstream port receives inferior
BPDUs from a downstream designated port in forwarding or learning state because of a
unidirectional link failure, a loop appears. Dispute guard blocks the upstream designated port to
prevent the loop.

, in normal conditions, the spanning tree calculation result is as follows:

•

Device A is the root bridge, and Port A1 is a designated port.

•

Port B1 is blocked.

When the link between Port A1 and Port B1 fails in the direction of Port A1 to Port B1 and becomes
unidirectional, the following events occur:

«
...
319
320
321
322
323
...
»

Содержание S6850 Series

Страница 1: ...H3C S6850 S9850 Switch Series Layer 2 LAN Switching Configuration Guide New H3C Technologies Co Ltd http www h3c com Software version Release 6555 and later Document version 6W100 20190510...

Страница 2: ...H3C Technologies Co Ltd any trademarks that may be mentioned in this document are the property of their respective owners Notice The information in this document is subject to change without notice A...

Страница 3: ...ons Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown Italic Italic text represents arguments that you replace with actual values Square brac...

Страница 4: ...at contains additional or supplementary information TIP An alert that provides helpful information Network topology icons Convention Description Represents a generic network device such as a router sw...

Страница 5: ...document might use devices that differ from your device in hardware model configuration or software version It is normal that the port numbers sample output screenshots and other information in the e...

Страница 6: ...MAC address learning on an interface 7 Disabling MAC address learning on a VLAN 7 Setting the MAC learning limit 7 Configuring the unknown frame forwarding rule after the MAC learning limit is reached...

Страница 7: ...nd When the device receives a frame destined for MAC SOURCE after learning this source MAC address the device performs the following operations 1 Finds the MAC SOURCE entry in the MAC address table 2...

Страница 8: ...entry a blackhole entry and a multiport unicast entry cannot overwrite one another A multicast unicast MAC address entry does not affect learning the corresponding dynamic MAC address entry For the s...

Страница 9: ...ed dynamic MAC address entry will overwrite a learned entry that already exists with a different outgoing interface for the MAC address The manually configured static blackhole and multiport unicast M...

Страница 10: ...ify a blackhole MAC address entry mac address blackhole mac address vlan vlan id By default no blackhole MAC address entry is configured Adding or modifying a multiport unicast MAC address entry About...

Страница 11: ...ate interface view interface bridge aggregation interface number 3 Add the interface to a multiport unicast MAC address entry mac address multiport mac address vlan vlan id By default no multiport uni...

Страница 12: ...e default setting is 300 seconds Disabling MAC address learning About disabling MAC address learning MAC address learning is enabled by default To prevent the MAC address table from being saturated wh...

Страница 13: ...arning on a VLAN About disabling MAC address learning on a VLAN When global MAC address learning is enabled you can disable MAC address learning on a per VLAN basis Procedure 1 Enter system view syste...

Страница 14: ...it on the interface is reached Assigning MAC learning priority to interfaces About MAC learning priority mechanism The MAC learning priority mechanism assigns either low priority or high priority to a...

Страница 15: ...Figure 2 Device A and Device B form an IRF fabric enabled with MAC address synchronization Device A and Device B connect to AP C and AP D respectively When Client A associates with AP C Device A lear...

Страница 16: ...g conditions exist Interface B receives a packet with the MAC address as the source MAC address Interface B belongs to the same VLAN as interface A In this case the MAC address is moved from interface...

Страница 17: ...sion interval interval threshold threshold By default the suppression interval is 30 seconds and the suppression threshold is 3 For the MAC address move suppression parameters to take effect enable th...

Страница 18: ...m the outgoing interface in the entry If the frame meets both conditions the device drops the frame When this feature is disabled the device does not perform the check for a received frame It can forw...

Страница 19: ...the information center To display the logs configure the log destination and output rule configuration in the information center For more information about SNMP and information center configuration s...

Страница 20: ...rop all frames destined for Host B add a blackhole MAC address entry for Host B Set the aging timer to 500 seconds for dynamic MAC address entries Figure 5 Network diagram Procedure Add a static MAC a...

Страница 21: ...ac address blackhole MAC Address VLAN ID State Port Nickname Aging 000f e235 abcd 1 Blackhole N A N Display the aging time of dynamic MAC address entries Device display mac address aging time MAC addr...

Страница 22: ...h globally and on interfaces Procedure 1 Enter system view system view 2 Enable MAC Information globally mac address information enable By default MAC Information is globally disabled 3 Enter Layer 2...

Страница 23: ...tion queue length About the MAC Information queue length If the MAC Information queue length is 0 the device sends a syslog message or SNMP notification immediately after learning or deleting a MAC ad...

Страница 24: ...g the info center loghost and info center source commands respectively Procedure 1 Configure Device to send syslog messages to Host B Enable the information center Device system view Device info cente...

Страница 25: ...slogd r The device can output MAC address logs to the log host which stores the logs to the specified file 3 Enable MAC Information on Device Enable MAC Information globally Device mac address informa...

Страница 26: ...ts Bulk configuring interfaces 1 About interface bulk configuration 1 Restrictions and guidelines Bulk interface configuration 1 Procedure 2 Display and maintenance commands for bulk interface configu...

Страница 27: ...type interface number interface number subnumber command Do not assign both an aggregate interface and any of its member interfaces to an interface range Some commands after being executed on both an...

Страница 28: ...4 Create a named interface range interface range name name interface interface type interface number to interface type interface number 1 24 3 Optional Display commands available for the first interfa...

Страница 29: ...3 Configuring link compensation 14 Configuring storm suppression 14 Configuring generic flow control on an Ethernet interface 15 Configuring PFC 16 Setting PFC thresholds 17 Configuring PFC deadlock d...

Страница 30: ...r on a subordinate device The two management Ethernet interfaces operate as follows When the IRF system has multiple management Ethernet interfaces only the management Ethernet interface on the master...

Страница 31: ...interfaces are organized into one group For 25 GE interfaces on an LSWM124TG2H interface module four continuous interfaces starting from 1 are organized into one group Interfaces in the same group mu...

Страница 32: ...igure autonegotiation settings Set the FEC mode to RS FEC for the local interface The local interface is up by default when connected to the peer by using a transceiver module S9850 4C S6850 2C By def...

Страница 33: ...settings Set the FEC mode to RS FEC for the peer interface Execute the port media type copper command on the local interface if the local interface is an SFP28 interface on an LSWM124TG2H interface m...

Страница 34: ...4 If you need higher bandwidth on a single interface you can combine the four 10 GE breakout interfaces into a 40 GE interface Restrictions and guidelines for 40 GE interface splitting and 10 GE brea...

Страница 35: ...out interfaces Ten GigabitEthernet1 0 1 1 through Ten GigabitEthernet1 0 1 4 If you need higher bandwidth on a single interface you can combine the multiple 10 GE breakout interfaces into a 100 GE int...

Страница 36: ...split 100 GE interface HundredGigE 1 0 1 into four 25 GE breakout interfaces Twenty FiveGigE 1 0 1 1 through Twenty FiveGigE 1 0 1 4 If you need higher bandwidth on a single interface you can combine...

Страница 37: ...face About Ethernet interface basic settings You can configure an Ethernet interface to operate in one of the following duplex modes Full duplex mode The interface can send and receive packets simulta...

Страница 38: ...hernet subinterface interface interface type interface number subnumber 3 Set the description for the Ethernet subinterface description text The default setting is interface name Interface For example...

Страница 39: ...ame support jumboframe enable size By default the device allows jumbo frames within 9416 bytes to pass through If you set the size argument multiple times the most recent configuration takes effect Co...

Страница 40: ...to the CPU For state change events the interface only generates SNMP trap and log messages Parameters Penalty The interface has an initial penalty of 0 When the interface flaps the penalty increases...

Страница 41: ...the shutdown command the penalty restores to 0 and the interface reports the down event to the upper layer protocols Do not enable the dampening feature on an interface with RRPP MSTP or Smart Link en...

Страница 42: ...able link flapping protection globally link flap protect enable By default link flapping protection is disabled globally 3 Enter Ethernet interface view interface interface type interface number 4 Ena...

Страница 43: ...status only when the interface cannot come up Procedure 1 Enter system view system view 2 Enter Ethernet interface view interface interface type interface number 3 Configure link compensation on the i...

Страница 44: ...l at both ends of the link When traffic congestion occurs at the receiving end the receiving end sends a flow control Pause frame to ask the sending end to suspend sending packets Generic flow control...

Страница 45: ...ate correctly as a best practice do not enable PFC for 802 1p priorities 0 6 and 7 To perform PFC on an IRF port configure PFC on the IRF port and the IRF physical ports that are bound to the IRF port...

Страница 46: ...sholds enables flexible control over PFC and can make good use of the storage spaces The device supports the following PFC thresholds Headroom buffer threshold Maximum number of cell resources that ca...

Страница 47: ...er threshold is 8192 5 Set the back pressure frame triggering threshold Set the dynamic back pressure frame triggering threshold priority flow control dot1p dot1p ingress buffer dynamic ratio By defau...

Страница 48: ...e 802 1p priority for each CoS value execute the display qos map table dot1p lp command Prerequisites Before you configure PFC deadlock detection on an Ethernet interface complete the following tasks...

Страница 49: ...ing threshold the system generates traps and logs to notify the user According to the traps and logs the user can discover some exceptions in the network for example The NIC of the peer device fails a...

Страница 50: ...istics polling interval use the display interface command To clear the interface statistics use the reset counters interface command Setting the statistics polling interval in Ethernet interface view...

Страница 51: ...tting Procedure 1 Enter system view system view 2 Enter Ethernet interface view interface interface type interface number 3 Enable loopback testing loopback external internal Forcibly bringing up a fi...

Страница 52: ...h a fiber to copper converter 100 1000 Mbps transceiver module or 100 Mbps transceiver module To solve the problem use the undo port up mode command on the fiber port Procedure 1 Enter system view sys...

Страница 53: ...nterface number 3 Set the media type for the Ethernet interface port media type copper fiber By default the media type of an Ethernet interface is fiber Configuring interface alarm functions About int...

Страница 54: ...e type interface number 3 Configure output error packet alarm parameters port ifmonitor output error high threshold high value low threshold low value interval interval shutdown By default the upper t...

Страница 55: ...raffic meets one of the following conditions Exceeds the upper threshold Drops below the lower threshold Both storm suppression and storm control can suppress storms on an interface Storm suppression...

Страница 56: ...this feature depends on the Layer 2 Ethernet interface type and device model Restrictions and guidelines After you configure this feature on a Layer 2 Ethernet interface the system deletes the interfa...

Страница 57: ...interface interface type interface number interface number subnumber 3 Set the MTU for the interface mtu size The default setting is 1500 bytes Setting the MAC address of an Ethernet interface or subi...

Страница 58: ...ping protection on interfaces display link flap protection interface interface type interface number Display information about dropped packets on the specified interfaces display packet drop interface...

Страница 59: ...ed ports for an aggregation group 22 Disabling the default action of selecting a Selected port for dynamic aggregation groups that have not received LACPDUs 23 Configuring a dynamic aggregation group...

Страница 60: ...xample Configuring a Layer 2 edge aggregate interface 39 Example Configuring a Layer 3 static aggregation group 41 Example Configuring a Layer 3 dynamic aggregation group 42 Example Configuring Layer...

Страница 61: ...egate interface Each aggregate interface has an automatically created aggregation group which contains member ports to be used for aggregation The type and number of an aggregation group are the same...

Страница 62: ...the aggregation state of the port but the protocol configuration does not Attribute configuration To become a Selected port a member port must have the same attribute configuration as the aggregate i...

Страница 63: ...ort must have the same operational key and attribute configurations as the reference port The system chooses a reference port from the member ports in up state The candidate reference ports are organi...

Страница 64: ...re met The port and the Selected ports have different port priorities and the port has a higher port priority than a minimum of one Selected port The port has the same attribute configurations as the...

Страница 65: ...e higher the priority Table 3 LACP priorities Type Description LACP system priority Used by two peer devices or systems to determine which one is superior in link aggregation In dynamic link aggregati...

Страница 66: ...namic aggregation groups is qualified the device automatically creates a new dynamic aggregation group Then the device assigns the interface to that group and synchronizes the interface s attribute co...

Страница 67: ...stem the partner negotiate a reference port by using the following workflow 1 The two systems determine the system with the smaller system ID A system ID contains the LACP system priority and the syst...

Страница 68: ...any member port When a member port changes to the Selected or Unselected state its peer port changes to the same aggregation state After the Selected port limit is reached a newly joining port become...

Страница 69: ...Per flow load sharing Distributes traffic on a per flow basis The load sharing mode classifies packets into flows and forwards packets of the same flow on the same link This mode can be one of or a co...

Страница 70: ...ptional Configuring an aggregate interface Configuring the description of an aggregate interface Setting the MAC address for an aggregate interface Configuring jumbo frame support Setting the MTU for...

Страница 71: ...orm this task to make sure the bidirectional traffic of a subnet traverses the same member port in an aggregation group Enabling a Layer 2 aggregate interface to reflect incoming packets back Perform...

Страница 72: ...l configurations for an aggregate interface take effect only on the current aggregate interface The protocol configurations for a member port take effect only when the port leaves its aggregation grou...

Страница 73: ...roup operates in static mode 5 Return to system view quit 6 Assign an interface to the Layer 2 aggregation group a Enter Layer 2 Ethernet interface view interface interface type interface number b Ass...

Страница 74: ...roup id Repeat the substeps to assign more interfaces to the aggregation group 5 Optional Set the port priority of the interface link aggregation port priority priority The default port priority of an...

Страница 75: ...MC network you can use automatic link aggregation to aggregate the redundant physical links between devices to ease management and increase bandwidth and availability For more information about SmartM...

Страница 76: ...intain consistency across S MLAG devices in service feature configuration Prerequisites Configure the link aggregation settings other than S MLAG settings on each S MLAG device Make sure the settings...

Страница 77: ...ace view interface route aggregation interface number Enter Layer 3 aggregate subinterface view interface route aggregation interface number subnumber 3 Configure the interface description description...

Страница 78: ...mes that exceed the allowed length Procedure 1 Enter system view system view 2 Enter aggregate interface view Enter Layer 2 aggregate interface view interface bridge aggregation interface number Enter...

Страница 79: ...h bandwidth value By default the expected bandwidth in kbps is the interface baud rate divided by 1000 Configuring an edge aggregate interface Restrictions and guidelines This configuration takes effe...

Страница 80: ...ature on an aggregate interface to reduce the impact of interface flapping on upper layer services for example on a DRNI IPP For more information about IPPs see Layer 2 LAN Switching Configuration Gui...

Страница 81: ...default command might fail to restore the default settings for some commands for reasons such as command dependencies and system restrictions To resolve this issue 1 Use the display this command in in...

Страница 82: ...limitation whichever value is smaller You can implement backup between two ports by performing the following tasks Assigning two ports to an aggregation group Setting the maximum number of Selected p...

Страница 83: ...tically chooses the port with the lowest ID from among all up member ports as a Selected port if none of them has received LACPDUs before the LACP timeout interval expires After this action is disable...

Страница 84: ...he prioritized criterion for reference port selection of a dynamic aggregation group Specifying ignored VLANs for a Layer 2 aggregate interface About ignored VLANs By default you cannot add a port to...

Страница 85: ...ets are load shared based on the source and destination IP addresses Setting the group specific load sharing mode 1 Enter system view system view 2 Enter aggregate interface view Enter Layer 2 aggrega...

Страница 86: ...e local first load sharing to reduce traffic on IRF links as shown in Figure 6 For more information about IRF see Virtual Technologies Configuration Guide Figure 6 Load sharing for multidevice link ag...

Страница 87: ...ew system view 2 Configure a link aggregation load sharing algorithm link aggregation global load sharing algorithm algorithm number By default no algorithm is configured 3 Configure a link aggregatio...

Страница 88: ...d Layer 3 data traffic of some VLANs through a specific port specify the VLANs as management VLANs and the port as a management port Procedure 1 Enter system view system view 2 Specify link aggregatio...

Страница 89: ...ink traffic of a subnet through Port C1 to Port A1 on the IRF fabric If that subnet is not specified as a management subnet the IRF fabric distributes its downlink traffic across Port A1 and Port B2 T...

Страница 90: ...s shut down by using the shutdown command The slot that hosts the port reboots and the aggregation group spans multiple slots NOTE The device does not redirect traffic to member ports that become Sele...

Страница 91: ...status in an aggregation group After you enable BFD on an aggregate interface each Selected port in the aggregation group establishes a BFD session with its peer port BFD operates differently dependi...

Страница 92: ...al to the number of BFD sessions supported by the device If the aggregation group contains more member ports than the supported sessions some Selected ports might change to the Unselected state If the...

Страница 93: ...Display summary information about all aggregation groups display link aggregation summary Display detailed information about the specified aggregation groups display link aggregation verbose bridge a...

Страница 94: ...on group 1 DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 port link aggregation group 1 DeviceA Twenty FiveGigE1 0 1 quit DeviceA interface twenty fivegige 1 0 2 DeviceA Twenty F...

Страница 95: ...pe Shar Management VLANs None Port Status Priority Oper Key WGE1 0 1 R S 32768 1 WGE1 0 2 S 32768 1 WGE1 0 3 S 32768 1 The output shows that link aggregation group 1 is a Layer 2 static aggregation gr...

Страница 96: ...eGigE1 0 2 quit DeviceA interface twenty fivegige 1 0 3 DeviceA Twenty FiveGigE1 0 3 port link aggregation group 1 DeviceA Twenty FiveGigE1 0 3 quit Configure Layer 2 aggregate interface Bridge Aggreg...

Страница 97: ...ollowing tasks Configure Layer 2 static aggregation groups 1 and 2 on Device A and Device B respectively Enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end En...

Страница 98: ...it vlan 10 DeviceA Bridge Aggregation1 quit Create Layer 2 aggregate interface Bridge Aggregation 2 DeviceA interface bridge aggregation 2 Configure Layer 2 aggregation group 2 to load share packets b...

Страница 99: ...tatic aggregation groups Each aggregation group contains two Selected ports Display all the group specific load sharing modes on Device A DeviceA display link aggregation load sharing mode interface B...

Страница 100: ...2 port link aggregation group 1 Device Twenty FiveGigE1 0 2 quit Verifying the configuration Display detailed information about all aggregation groups on the device when the server is not configured...

Страница 101: ...DeviceA Route Aggregation1 ip address 192 168 1 1 24 DeviceA Route Aggregation1 quit Assign Layer 3 Ethernet interfaces Twenty FiveGigE 1 0 1 through Twenty FiveGigE 1 0 3 to aggregation group 1 Devi...

Страница 102: ...ce Route Aggregation 1 DeviceA system view DeviceA interface route aggregation 1 Set the link aggregation mode to dynamic DeviceA Route Aggregation1 link aggregation mode dynamic Configure an IP addre...

Страница 103: ...3 S 32768 13 1 ACDEF Remote Actor Priority Index Oper Key SystemID Flag WGE1 0 1 32768 81 1 0x8000 000f e267 57ad ACDEF WGE1 0 2 32768 82 1 0x8000 000f e267 57ad ACDEF WGE1 0 3 32768 83 1 0x8000 000f...

Страница 104: ...sses DeviceA Route Aggregation2 link aggregation load sharing mode destination ip Configure an IP address and subnet mask for Layer 3 aggregate interface Route Aggregation 2 DeviceA Route Aggregation2...

Страница 105: ...the group specific load sharing modes on Device A DeviceA display link aggregation load sharing mode interface Route Aggregation1 Load Sharing Mode source ip address Route Aggregation2 Load Sharing Mo...

Страница 106: ...p system priority 123 Set the LACP system number to 1 DeviceB lacp system number 1 Create Layer 2 aggregate interface Bridge Aggregation 2 and set the link aggregation mode to dynamic DeviceB interfac...

Страница 107: ...twenty fivegige 1 0 1 DeviceD Twenty FiveGigE1 0 1 port link aggregation group 4 DeviceD Twenty FiveGigE1 0 1 quit Verifying the configuration Verify that Twenty FiveGigE 1 0 1 through Twenty FiveGig...

Страница 108: ...48 WGE1 0 3 32768 49153 50100 0x7b 0001 0001 0001 ACDEF...

Страница 109: ...nes for configuring DR keepalive settings 10 Configuring DR keepalive packet parameters 10 Setting the DR keepalive interval and timeout timer 11 Excluding an interface from the shutdown action by DRN...

Страница 110: ...DR role priority The secondary DR device passes the traffic of those features to the primary DR device for processing If the DR member devices in a DR system have the same DR role priority the device...

Страница 111: ...every 30 seconds Short DRCP timeout timer enables the DR member devices to detect a peer interface down event more quickly than the long DRCP timeout timer However this benefit is at the expense of b...

Страница 112: ...hen the delay timer expires the secondary DR device brings up all network interfaces You can use the display drni mad verbose command to view detailed information about DRNI MAD DR system setup proces...

Страница 113: ...dary DR device disables the affected service features but it does not shut down its DR interfaces To prevent interface flapping the DR system performs configuration consistency check when half the dat...

Страница 114: ...s Up VLAN interfaces of which the VLANs contain the IPP Passing tagged VLANs or passing PVID VLANs of which the IPP forwards tagged traffic or PVID of which the IPP forwards traffic Table 4 DR interfa...

Страница 115: ...In this situation the primary DR device forwards all traffic for the DR system When the IPP comes up the secondary DR device does not bring up the network interfaces immediately Instead it starts a d...

Страница 116: ...r device to forward all traffic of Device C For more information about Monitor Link see High Availability Configuration Guide Figure 6 Uplink failure handling mechanism Protocols and standards IEEE P8...

Страница 117: ...20 minutes For more information about the MAC aging time see Configuring the MAC address table DRNI tasks at a glance To configure DRNI perform the following tasks 1 Configuring DR system settings Co...

Страница 118: ...ting the DR system number Restrictions and guidelines Changing the DR system number causes DR system split When you perform this task on a live network make sure you are fully aware of its impact You...

Страница 119: ...is 32768 Configuring DR keepalive settings Restrictions and guidelines for configuring DR keepalive settings Use Layer 3 Ethernet interfaces or management Ethernet interfaces to set up the keepalive...

Страница 120: ...and timeout timer drni keepalive interval interval timeout timeout By default the DR keepalive interval is 1000 milliseconds and the DR keepalive timeout timer is 5 seconds Excluding an interface from...

Страница 121: ...the IPP Restrictions and guidelines A DR member device can have only one IPP A Layer 2 aggregate interface or VXLAN tunnel interface cannot operate as both IPP and DR interface Do not associate a VXLA...

Страница 122: ...setting for configuration consistency check Procedure 1 Enter system view system view 2 Disable configuration consistency check drni consistency check disable By default configuration consistency chec...

Страница 123: ...ccur before IPL failure is confirmed To set the interval at which the VRRP master sends VRRP advertisements use the vrrp vrid timer advertise command For more information about this command see High A...

Страница 124: ...expires the secondary DR device brings up all network interfaces Restrictions and guidelines Increase the data restoration interval as needed for the following purposes Avoid packet loss and forwardin...

Страница 125: ...Clear DRCPDU statistics reset drni drcp statistics interface interface list DRNI configuration examples Example Configuring basic DRNI functions Network configuration As shown in Figure 7 configure DR...

Страница 126: ...t link aggregation group 3 DeviceA Twenty FiveGigE1 0 2 quit Specify Bridge Aggregation 3 as the IPP DeviceA interface bridge aggregation 3 DeviceA Bridge Aggregation3 port drni intra portal port 1 De...

Страница 127: ...n 3 as the IPP DeviceB interface bridge aggregation 3 DeviceB Bridge Aggregation3 port drni intra portal port 1 DeviceB Bridge Aggregation3 quit Create Layer 2 dynamic aggregate interface Bridge Aggre...

Страница 128: ...onsistent type 1 global settings IPP IPP ID State BAGG3 1 UP DR interface DR group ID State Check result Type 1 inconsistency BAGG4 4 UP SUCCESS DeviceA display drni verbose Flags A Home_Gateway B Nei...

Страница 129: ...01 0001 0001 ACDEF WGE1 0 2 32768 16388 40004 0x7b 0001 0001 0001 ACDEF WGE1 0 3 32768 32771 40004 0x7b 0001 0001 0001 ACDEF WGE1 0 4 32768 32772 40004 0x7b 0001 0001 0001 ACDEF Example Configuring La...

Страница 130: ...nk mode route DeviceA Twenty FiveGigE1 0 5 ip address 1 1 1 1 24 DeviceA Twenty FiveGigE1 0 5 quit Exclude the interface used for DR keepalive detection Twenty FiveGigE 1 0 5 from the shutdown action...

Страница 131: ...nty fivegige 1 0 2 DeviceA Twenty FiveGigE1 0 2 port link aggregation group 101 DeviceA Twenty FiveGigE1 0 2 quit Create VLAN 100 and VLAN 101 DeviceA vlan 100 DeviceA vlan100 quit DeviceA vlan 101 De...

Страница 132: ...face100 quit Create VRRP group 2 on VLAN interface 101 and set its virtual IP address to 20 1 1 100 DeviceA interface vlan interface 101 DeviceA Vlan interface101 vrrp vrid 2 virtual ip 20 1 1 100 Set...

Страница 133: ...ige 1 0 1 DeviceB Twenty FiveGigE1 0 1 port link aggregation group 100 DeviceB Twenty FiveGigE1 0 1 quit Create Layer 2 dynamic aggregate interface Bridge Aggregation 101 and assign it to DR group 2 D...

Страница 134: ...0 0 0 network 20 1 1 0 0 0 0 255 DeviceB ospf 1 area 0 0 0 0 quit DeviceB ospf 1 quit Create VRRP group 1 on VLAN interface 100 and set its virtual IP address to 10 1 1 100 DeviceB interface vlan inte...

Страница 135: ...ge aggregation 101 DeviceD Bridge Aggregation101 link aggregation mode dynamic DeviceD Bridge Aggregation101 quit Assign Twenty FiveGigE 1 0 1 and Twenty FiveGigE 1 0 2 to aggregation group 101 Device...

Страница 136: ...1 3 Neighbor Brief Information Area 0 0 0 0 Router ID Address Pri Dead Time State Interface 20 1 1 1 10 1 1 1 1 37 Full DR Vlan100 20 1 1 2 10 1 1 2 1 32 Full BDR Vlan100 Verify that Device D has esta...

Страница 137: ...uring port isolation 1 About port isolation 1 Assigning a port to an isolation group 1 Display and maintenance commands for port isolation 1 Port isolation configuration examples 2 Example Configuring...

Страница 138: ...ies only to the interface The configuration in Layer 2 aggregate interface view applies to the Layer 2 aggregate interface and its aggregation member ports If the device fails to apply the configurati...

Страница 139: ...o provide Internet access for the hosts and isolate them from one another at Layer 2 Figure 1 Network diagram Procedure Create isolation group 2 Device system view Device port isolate group 2 Assign T...

Страница 140: ...group 2 Port isolation group information Group ID 2 Group members Twenty FiveGigE1 0 1 Twenty FiveGigE1 0 2 Twenty FiveGigE1 0 3 The output shows that Twenty FiveGigE 1 0 1 Twenty FiveGigE 1 0 2 and...

Страница 141: ...d VLANs 13 Configuring a VLAN group 14 Configuring VLAN interfaces 14 Restrictions and guidelines 14 VLAN interfaces configuration tasks at a glance 14 Prerequisites 15 Creating a VLAN interface 15 Sp...

Страница 142: ...phone access methods 49 Voice VLAN assignment modes 50 Cooperation of voice VLAN assignment modes and IP phones 51 Security mode and normal mode of voice VLANs 52 Restrictions and guidelines Voice VL...

Страница 143: ...e to be the same as the neighbor device For more information about setting the TPID value see Configuring QinQ Priority 3 bit long identifies the 802 1p priority of the frame For more information see...

Страница 144: ...rt VLAN ID PVID packets sent out of a trunk port are VLAN tagged Ports connecting network devices are typically configured as trunk ports Hybrid A hybrid port can forward packets from multiple VLANs T...

Страница 145: ...AN entries 2 Enable the MAC based VLAN feature on the port 3 Assign the port to the MAC based VLAN A port configured with static MAC based VLAN assignment processes a received frame as follows before...

Страница 146: ...C address match IP subnet based VLAN Protocol based VLAN Port based VLAN After tagging the frame with the selected VLAN the port gets the source MAC address of the frame 2 The port uses the source MAC...

Страница 147: ...not conflict with the existing static MAC to VLAN entries If a confliction exists the dynamic MAC to VLAN entry cannot be generated 2 Assigns the port that connects the user to the MAC based VLAN When...

Страница 148: ...VLAN interface acts as the gateway of the VLAN to forward packets destined for another IP subnet at Layer 3 Protocols and standards IEEE 802 1Q IEEE Standard for Local and Metropolitan Area Networks...

Страница 149: ...a QoS policy For more information about configuring QoS policies see QoS configuration in ACL and QoS Configuration Guide Procedure 1 Enter system view system view 2 Enter VLAN view vlan vlan id 3 En...

Страница 150: ...ss vlan vlan id By default all access ports belong to VLAN 1 Assigning a trunk port to a VLAN About assigning a trunk port to a VLAN A trunk port supports multiple VLANs You can assign it to a VLAN in...

Страница 151: ...view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number 3 Set the port link type to hybrid port link type hybrid By default...

Страница 152: ...guring dynamic MAC based VLAN assignment About dynamic MAC based VLAN assignment For successful dynamic MAC based VLAN assignment use static VLANs when you create MAC to VLAN entries When a port joins...

Страница 153: ...sed VLAN assignment and automatic voice VLAN assignment mode on a port They can have a negative impact on each other Procedure 1 Enter system view system view 2 Create a MAC to VLAN entry mac vlan mac...

Страница 154: ...e Configuring IP subnet based VLANs Restrictions and guidelines This feature is available only on hybrid ports and it processes only untagged packets Procedure 1 Enter system view system view 2 Enter...

Страница 155: ...untagged packet arrives at the port the port processes the packet as follows If the protocol type and encapsulation format in the packet match a protocol template the port tags the packet with the VL...

Страница 156: ...selects a VLAN from the group and assigns the VLAN to the user For more information about 802 1X and MAC authentication see Security Configuration Guide Procedure 1 Enter system view system view 2 Cre...

Страница 157: ...or the VLAN interface mac address mac address By default no MAC addresses are set for a VLAN interface 7 Optional Set the expected bandwidth for the interface bandwidth bandwidth value By default the...

Страница 158: ...LANs Execute display commands in any view and reset commands in user view Task Command Display VLAN interface information display interface vlan interface interface number brief description down Displ...

Страница 159: ...so that only hosts in the same department can communicate with each other Figure 3 Network diagram Procedure 1 Configure Device A Create VLAN 100 and assign Twenty FiveGigE 1 0 1 to VLAN 100 DeviceA...

Страница 160: ...N type Static Route interface Not configured Description VLAN 0100 Name VLAN 0100 Tagged ports Twenty FiveGigE1 0 3 Untagged ports Twenty FiveGigE1 0 1 DeviceA Twenty FiveGigE1 0 3 display vlan 200 VL...

Страница 161: ...VLANs 100 and 200 as an untagged VLAN member DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 port link type hybrid DeviceA Twenty FiveGigE1 0 1 port hybrid vlan 100 200 untagged E...

Страница 162: ...Twenty FiveGigE1 0 2 port link type trunk DeviceB Twenty FiveGigE1 0 2 port trunk permit vlan 100 200 DeviceB Twenty FiveGigE1 0 2 quit 3 Configure Device C in the same way as the Device A is configur...

Страница 163: ...eC interface twenty fivegige 1 0 2 DeviceC Twenty FiveGigE1 0 2 port link type hybrid DeviceC Twenty FiveGigE1 0 2 port hybrid vlan 100 tagged DeviceC Twenty FiveGigE1 0 2 quit Configure Twenty FiveGi...

Страница 164: ...100 Subnet index IP address Subnet mask 0 192 168 5 0 255 255 255 0 VLAN ID 200 Subnet index IP address Subnet mask 0 192 168 50 0 255 255 255 0 Verify the IP subnet based VLAN configuration on Twent...

Страница 165: ...4 to VLAN 200 Device vlan200 port twenty fivegige 1 0 4 Configure VLAN 200 as a protocol based VLAN and create an IPv6 protocol template with the index 1 for VLAN 200 Device vlan200 protocol vlan 1 ip...

Страница 166: ...2 port hybrid protocol vlan vlan 100 1 to 2 Device Twenty FiveGigE1 0 2 port hybrid protocol vlan vlan 200 1 Device Twenty FiveGigE1 0 2 quit 2 Configure hosts and servers a Configure IPv4 Host A IPv...

Страница 167: ...Active 100 2 Ethernet II Etype 0x0806 Active 200 1 IPv6 Active Interface Twenty FiveGigE 1 0 2 VLAN ID Protocol index Protocol type Status 100 1 IPv4 Active 100 2 Ethernet II Etype 0x0806 Active 200...

Страница 168: ...r VLAN 2 Enable local proxy ARP or ND on the super VLAN interface as follows In an IPv4 network enable local proxy ARP on the super VLAN interface The super VLAN can then process ARP requests and repl...

Страница 169: ...see High Availability Configuration Guide Procedure 1 Enter system view system view 2 Create a VLAN interface and enter its view interface vlan interface interface number The value for the interface...

Страница 170: ...examples Example Configuring a super VLAN Network configuration As shown in Figure 7 Twenty FiveGigE 1 0 1 and Twenty FiveGigE 1 0 2 are in VLAN 2 Twenty FiveGigE 1 0 3 and Twenty FiveGigE 1 0 4 are...

Страница 171: ...te VLAN 5 and assign Twenty FiveGigE 1 0 5 and Twenty FiveGigE 1 0 6 to the VLAN DeviceA vlan 5 DeviceA vlan5 port twenty fivegige 1 0 5 twenty fivegige 1 0 6 DeviceA vlan5 quit Configure VLAN 10 as a...

Страница 172: ...dress 10 1 1 1 Ipv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports Twenty FiveGigE1 0 3 Twenty FiveGigE1 0 4 VLAN ID 5 VLAN type Static It is a sub VLA...

Страница 173: ...mple L3 Device A in Figure 8 As shown in Figure 8 the private VLAN feature is enabled on L2 Device B VLAN 10 is the primary VLAN VLANs 2 5 and 8 are secondary VLANs that are associated with VLAN 10 L3...

Страница 174: ...ault VLAN does not support the private VLAN configuration Private VLAN tasks at a glance To configure a private VLAN perform the following tasks 1 Creating a primary VLAN 2 Creating secondary VLANs 3...

Страница 175: ...y VLANs Procedure 1 Enter system view system view 2 Enter interface view of the uplink port interface interface type interface number 3 Configure the uplink port as a promiscuous or trunk promiscuous...

Страница 176: ...trunk secondary port of the specified VLANs port private vlan vlan id list trunk secondary By default a port is not a host or trunk secondary port 5 Return to system view quit 6 Enter VLAN view of a...

Страница 177: ...s in any view Task Command Display information about primary VLANs and the secondary VLANs associated with each primary VLAN display private vlan primary vlan id Private VLAN configuration examples Ex...

Страница 178: ...ous port of VLAN 5 DeviceB interface twenty fivegige 1 0 5 DeviceB Twenty FiveGigE1 0 5 port private vlan 5 promiscuous DeviceB Twenty FiveGigE1 0 5 quit Assign downlink port Twenty FiveGigE 1 0 2 to...

Страница 179: ...gige 1 0 3 DeviceC Twenty FiveGigE1 0 3 port access vlan 3 DeviceC Twenty FiveGigE1 0 3 port private vlan host DeviceC Twenty FiveGigE1 0 3 quit Assign downlink port Twenty FiveGigE 1 0 4 to VLAN 4 an...

Страница 180: ...ntagged member of primary VLAN 5 and secondary VLAN 3 Example Configuring trunk promiscuous ports Network configuration As shown in Figure 10 configure the private VLAN feature to meet the following r...

Страница 181: ...it DeviceB vlan 8 DeviceB vlan8 quit Associate secondary VLANs 2 and 3 with primary VLAN 5 DeviceB vlan 5 DeviceB vlan5 private vlan secondary 2 to 3 DeviceB vlan5 quit Associate secondary VLANs 6 and...

Страница 182: ...Twenty FiveGigE 1 0 5 to VLAN 8 and configure the port as a host port DeviceB interface twenty fivegige 1 0 5 DeviceB Twenty FiveGigE1 0 5 port access vlan 8 DeviceB Twenty FiveGigE1 0 5 port private...

Страница 183: ...y VLAN 2 Host port Twenty FiveGigE 1 0 3 is an untagged member of primary VLAN 5 and secondary VLAN 3 Example Configuring trunk promiscuous and trunk secondary ports Network configuration As shown in...

Страница 184: ...vlan20 quit Create VLANs 11 12 21 and 22 DeviceA vlan 11 to 12 DeviceA vlan 21 to 22 Associate secondary VLANs 11 and 12 with primary VLAN 10 DeviceA vlan 10 DeviceA vlan10 private vlan secondary 11...

Страница 185: ...vlan 11 21 trunk secondary DeviceA Twenty FiveGigE1 0 2 quit 2 Configure Device B Create VLANs 11 and 21 DeviceB system view DeviceB vlan 11 DeviceB vlan11 quit DeviceB vlan 21 DeviceB vlan21 quit Con...

Страница 186: ...configured Description VLAN 0010 Name VLAN 0010 Tagged ports Twenty FiveGigE1 0 2 Twenty FiveGigE1 0 5 Untagged ports Twenty FiveGigE1 0 3 VLAN ID 11 VLAN type Static Private vlan type Secondary Route...

Страница 187: ...2 and VLAN 3 respectively Secondary VLANs are isolated at Layer 2 but interoperable at Layer 3 Figure 12 Network diagram Procedure Create VLAN 10 and configure it as a primary VLAN DeviceA system vie...

Страница 188: ...eA Vlan interface10 private vlan secondary 2 3 Assign IP address 192 168 1 1 24 to VLAN interface 10 DeviceA Vlan interface10 ip address 192 168 1 1 255 255 255 0 Enable local proxy ARP on VLAN interf...

Страница 189: ...condary Route interface Configured IPv4 address 192 168 1 1 IPv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports Twenty FiveGigE1 0 1 Twenty FiveGigE1 0...

Страница 190: ...hrough OUI addresses A device identifies voice packets based on their source MAC addresses A packet whose source MAC address complies with an Organizationally Unique Identifier OUI address of the devi...

Страница 191: ...t to identify IP phones if the network has more IP phone categories than the maximum number of OUI addresses supported on the device LLDP has higher priority than the OUI list For more information abo...

Страница 192: ...e device transmit both voice traffic and data traffic When an IP phone is powered on it sends out protocol packets After receiving these protocol packets the device uses the source MAC address of the...

Страница 193: ...l VLAN VLAN IDs must be different for the following VLANs Voice VLAN PVID of the access port 802 1X guest Auth Fail or critical VLAN If an IP phone sends out untagged voice traffic the PVID of the acc...

Страница 194: ...priority only for voice VLAN packets whose source MAC addresses match OUI addresses of the device As a best practice do not transmit both voice traffic and non voice traffic in a voice VLAN If you mu...

Страница 195: ...N assignment mode Configuring a port to operate in manual voice VLAN assignment mode 3 Optional Enabling LLDP for automatic IP phone discovery 4 Optional Use one of the following methods Configuring L...

Страница 196: ...VLAN As a best practice do not use this mode with PVST In PVST mode if the target voice VLAN is not permitted on a port the port is placed in blocked state The port drops the received packets instead...

Страница 197: ...t to the voice VLAN Procedure 1 Enter system view system view 2 Optional Enable the voice VLAN security mode voice vlan security enable By default the voice VLAN security mode is enabled 3 Optional Ad...

Страница 198: ...ure 1 Enter system view system view 2 Enable LLDP for automatic IP phone discovery voice vlan track lldp By default this feature is disabled Configuring LLDP or CDP to advertise a voice VLAN Configuri...

Страница 199: ...ts from the IP phone will be transmitted in the dedicated voice VLAN LLDP packets sent from the device carry the priority information CDP packets sent from the device do not carry the priority informa...

Страница 200: ...addresses of IP phones A and B to the device for voice packet identification The mask of the two MAC addresses is FFFF FF00 0000 Set an aging timer for voice VLANs Figure 16 Network diagram Procedure...

Страница 201: ...LAN for it DeviceA Twenty FiveGigE1 0 2 voice vlan 3 enable DeviceA Twenty FiveGigE1 0 2 quit Verifying the configuration Display the OUI addresses supported on Device A DeviceA display voice vlan mac...

Страница 202: ...0 1 to operate in manual voice VLAN assignment mode DeviceA interface twenty fivegige 1 0 1 DeviceA Twenty FiveGigE1 0 1 undo voice vlan mode auto Configure Twenty FiveGigE 1 0 1 as a hybrid port Devi...

Страница 203: ...ne 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00e0 bb00 0000 ffff ff00 0000 3Com phone Display the voice VLAN state DeviceA display voice vlan state Curren...

Страница 204: ...and standards 4 Restrictions and guidelines MVRP configuration 4 MVRP tasks at a glance 4 Prerequisites 4 Enabling MVRP 5 Setting an MVRP registration mode 5 Setting MRP timers 5 Enabling GVRP compat...

Страница 205: ...MRP implementation For example MRP registers and deregisters VLAN attributes as follows When a port receives a declaration for a VLAN the port registers the VLAN and joins the VLAN When a port receiv...

Страница 206: ...pants on the device After receiving the New message other participants send the New message to their respective peer participants Leave message An MRP participant sends a Leave message to the peer par...

Страница 207: ...en both the Join timer and the Periodic timer expire the participant resends the Join message Leave timer The Leave timer controls the deregistration of attributes An MRP participant starts the Leave...

Страница 208: ...ck PVST RRPP and Smart Link For more information about STP RSTP MSTP and PVST see Configuring spanning tree protocols For more information about service loopback see Configuring service loopback group...

Страница 209: ...ation about the port trunk permit vlan command see Layer 2 LAN Switching Command Reference 6 Enable MVRP on the port mvrp enable By default MVRP is disabled on a port Setting an MVRP registration mode...

Страница 210: ...e interface type interface number 3 Set the LeaveAll timer mrp timer leaveall timer value The default setting is 1000 centiseconds 4 Set the Join timer mrp timer join timer value The default setting i...

Страница 211: ...lan vlan id Display MVRP statistics display mvrp statistics interface interface list Clear MVRP statistics reset mvrp statistics interface interface list MVRP configuration examples Example Configurin...

Страница 212: ...Configure Device A as the primary root bridge of MSTI 1 DeviceA stp instance 1 root primary Globally enable the spanning tree feature DeviceA stp global enable Globally enable MVRP DeviceA mvrp globa...

Страница 213: ...ermit vlan all Enable MVRP on Twenty FiveGigE 1 0 3 DeviceA Twenty FiveGigE1 0 3 mvrp enable DeviceA Twenty FiveGigE1 0 3 quit Create VLAN 10 DeviceA vlan 10 DeviceA vlan10 quit 2 Configure Device B E...

Страница 214: ...stp region configuration Configure the MST region name VLAN to instance mappings and revision level DeviceC mst region region name example DeviceC mst region instance 1 vlan 10 DeviceC mst region inst...

Страница 215: ...configure it to permit VLANs 20 and 40 DeviceD interface twenty fivegige 1 0 1 DeviceD Twenty FiveGigE1 0 1 port link type trunk DeviceD Twenty FiveGigE1 0 1 port trunk permit vlan 20 40 Enable MVRP o...

Страница 216: ...led Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 20 Declared...

Страница 217: ...ning Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default 10 Decla...

Страница 218: ...centiseconds Registration Type Normal Registered VLANs 1 default 10 20 Declared VLANs 1 default Propagated VLANs 1 default 10 Twenty FiveGigE1 0 2 Config Status Enabled Running Status Enabled Join Ti...

Страница 219: ...following events have occurred Twenty FiveGigE 1 0 1 has registered and propagated VLAN 10 and VLAN 20 and declared VLAN 1 through MVRP Twenty FiveGigE 1 0 2 has registered VLAN 1 and declared and pr...

Страница 220: ...n Device A DeviceA undo vlan 10 Display local MVRP VLAN information on Twenty FiveGigE 1 0 3 of Device B DeviceB display mvrp running status interface twenty fivegige 1 0 3 MVRP Global Info Global Sta...

Страница 221: ...back interfaces 1 About loopback interfaces 1 About null interfaces 1 About inloopback interfaces 1 Configuring a loopback interface 1 Configuring a null interface 2 Restoring the default settings for...

Страница 222: ...sidered packets sent to the device itself so the device does not forward these packets Using a loopback interface in dynamic routing protocols With no router ID configured for a dynamic routing protoc...

Страница 223: ...nfigure the interface description description text The default setting is NULL0 Interface Restoring the default settings for an interface Restrictions and guidelines CAUTION This feature might interru...

Страница 224: ...brief description down Display information about the specified or all loopback interfaces display interface loopback interface number brief description down Display information about the null interfa...

Страница 225: ...guring the TPID for SVLAN tags 6 Setting the 802 1p priority in SVLAN tags 6 About the 802 1p priority in SVLAN tags 6 Prerequisites for setting the 802 1p priority in SVLAN tags 6 Tasks at a glance 7...

Страница 226: ...customers to keep their VLAN assignment schemes unchanged when the service provider changes its VLAN assignment scheme Allows different customers to use overlapping CVLAN IDs Devices in the service p...

Страница 227: ...rovides the most basic VLAN manipulation method to tag all incoming frames tagged or untagged with the PVID tag To perform advanced VLAN manipulations use VLAN mappings or QoS policies as follows To a...

Страница 228: ...adding an SVLAN tag on a QinQ enabled port and then modifying the CVLAN and SVLAN IDs Enabling QinQ About enabling QinQ Enable QinQ on customer side ports of PEs A QinQ enabled port tags an incoming f...

Страница 229: ...o one one to two and many to one VLAN mappings Original or translated outer VLANs of two to two VLAN mappings Procedure 1 Enter system view system view 2 Enter Layer 2 Ethernet interface view or Layer...

Страница 230: ...rame is handled as untagged if the TPID in its outer VLAN tag is different from the SVLAN TPID For example a PE device is connected to a customer device that uses the TPID 0x8200 and to a provider dev...

Страница 231: ...port priority is trusted the port priority 0 by default is used as the 802 1p priority in the SVLAN tag You can configure a QoS policy to modify the 802 1p priority in SVLAN tags as follows Modify th...

Страница 232: ...id vlan id list Match 802 1p priority if match customer dot1p dot1p value 1 8 Creating a traffic behavior and configuring a priority marking action for SVLAN tags 1 Enter system view system view 2 Cr...

Страница 233: ...erface number QinQ configuration examples Example Configuring basic QinQ Network configuration As shown in Figure 3 The service provider assigns VLAN 100 to Company A s VLANs 10 through 70 The service...

Страница 234: ...port and assign it to VLANs 100 and 200 PE1 interface twenty fivegige 1 0 2 PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permit vlan 100 200 Set the TPID value in...

Страница 235: ...E2 interface twenty fivegige 1 0 3 PE2 Twenty FiveGigE1 0 3 port link type trunk PE2 Twenty FiveGigE1 0 3 port trunk permit vlan 100 Set the PVID of Twenty FiveGigE 1 0 3 to VLAN 100 PE2 Twenty FiveGi...

Страница 236: ...re Twenty FiveGigE 1 0 2 as a trunk port and assign it to VLANs 100 and 3000 PE1 interface twenty fivegige 1 0 2 PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permi...

Страница 237: ...type trunk PE2 Twenty FiveGigE1 0 2 port trunk permit vlan 100 3000 3 Configure the devices between PE 1 and PE 2 Set the MTU to a minimum of 1504 bytes for each port on the path of QinQ frames Detail...

Страница 238: ...ne VLAN mapping 7 About many to one VLAN mapping 7 Configuring many to one VLAN mapping in dynamic IP address assignment environment 7 Configuring many to one VLAN mapping in static IP address assignm...

Страница 239: ...pping Replaces multiple VLAN tags with the same VLAN tag One to two VLAN mapping Tags single tagged packets with an outer VLAN tag Two to two VLAN mapping Replaces the outer and inner VLAN IDs of doub...

Страница 240: ...to the same type of traffic from different customers One to two and two to two VLAN mapping One to two and two to two VLAN mapping are typically used to implement communication across different SP net...

Страница 241: ...ing benefits Enables a customer network to plan its CVLAN assignment without conflicting with SVLANs Adds a VLAN tag to a tagged packet and expands the number of available VLANs to 4094 4094 Reduces t...

Страница 242: ...ing As shown in Figure 5 many to one VLAN mapping is implemented on both the customer side and network side ports as follows For the uplink traffic the customer side many to one VLAN mapping replaces...

Страница 243: ...move the SVLAN tag from the downlink traffic Configure the customer side port as a hybrid port and assign the port to the SVLAN as an untagged member Configure the customer side port as a trunk port a...

Страница 244: ...Use the appropriate VLAN mapping methods for the devices in the network To configure VLAN mapping perform the following tasks Configuring one to one VLAN mapping Configure one to one VLAN mapping on...

Страница 245: ...N 1 Assign the hybrid port to the original VLAN and the translated VLAN as a tagged member port hybrid vlan vlan id list tagged By default a hybrid port is an untagged member of the VLAN to which the...

Страница 246: ...r side port 4 Configuring the network side port Enabling DHCP snooping 1 Enter system view system view 2 Enable DHCP snooping dhcp snooping enable By default DHCP snooping is disabled Enabling ARP det...

Страница 247: ...ge aggregation interface number 3 Set the link type of the port port link type hybrid trunk By default the link type of a port is access 4 Assign the port to the translated VLAN Assign the trunk port...

Страница 248: ...one VLAN mapping use the reset arp snooping vlan vlan id command to clear the ARP snooping entries in each CVLAN To ensure correct traffic forwarding from the service provider network to the customer...

Страница 249: ...t 1 Enter system view system view 2 Enter interface view Enter Layer 2 Ethernet interface view interface interface type interface number Enter Layer 2 aggregate interface view interface bridge aggrega...

Страница 250: ...e interface type interface number Enter Layer 2 aggregate interface view interface bridge aggregation interface number 3 Set the link type of the port port link type hybrid trunk By default the link t...

Страница 251: ...id list tagged By default a hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access 5 Configure a two to two VLAN mapping vlan mapping tunnel outer vlan id...

Страница 252: ...AN 501 VoD VLAN 2 VLANs 201 202 203 204 VLAN 502 VoIP VLAN 3 VLANs 301 302 303 304 VLAN 503 Figure 8 Network diagram Campus switch Switch C Distribution network DHCP client DHCP server Wiring closet S...

Страница 253: ...SwitchA Twenty FiveGigE1 0 2 port link type trunk Assign Twenty FiveGigE 1 0 2 to all original VLANs and translated VLANs SwitchA Twenty FiveGigE1 0 2 port trunk permit vlan 1 2 3 102 202 302 Configur...

Страница 254: ...t Configure customer side port Twenty FiveGigE 1 0 1 as a trunk port SwitchC interface twenty fivegige 1 0 1 SwitchC Twenty FiveGigE1 0 1 port link type trunk Assign Twenty FiveGigE 1 0 1 to all origi...

Страница 255: ...t link type trunk Assign Twenty FiveGigE 1 0 3 to the translated VLANs SwitchC Twenty FiveGigE1 0 3 port trunk permit vlan 501 to 503 Configure Twenty FiveGigE 1 0 3 as a DHCP snooping trusted and ARP...

Страница 256: ...to two VLAN mapping Network configuration As shown in Figure 9 Two VPN A branches Site 1 and Site 2 are in VLAN 5 and VLAN 6 respectively The two sites use different VPN access services from different...

Страница 257: ...quit 2 Configure PE 2 Create VLAN 100 PE2 system view PE2 vlan 100 PE2 vlan100 quit Configure Twenty FiveGigE 1 0 1 as a trunk port PE2 interface twenty fivegige 1 0 1 PE2 Twenty FiveGigE1 0 1 port l...

Страница 258: ...enty FiveGigE1 0 1 quit Configure the customer side port Twenty FiveGigE 1 0 2 as a hybrid port PE4 interface twenty fivegige 1 0 2 PE4 Twenty FiveGigE1 0 2 port link type hybrid Assign Twenty FiveGig...

Страница 259: ...21 6 N A 200 6...

Страница 260: ...configuration 3 Enabling loop detection globally 3 Enabling loop detection on a port 3 Setting the loop protection action 4 Restrictions and guidelines for loop protection action configuration 4 Sett...

Страница 261: ...nQ or VLAN mapping configuration for incorrect settings For more information about QinQ and VLAN mapping see Configuring QinQ and Configuring VLAN mapping Figure 1 Ethernet frame header for loop detec...

Страница 262: ...etermine whether loops occur on ports and whether loops are removed Loop protection actions When the device detects a loop on a port it generates a log but performs no action on the port by default Yo...

Страница 263: ...l Setting the loop protection action Setting the global loop protection action Setting the loop protection action on an interface 3 Optional Setting the loop detection interval Enabling loop detection...

Страница 264: ...tem view 2 Enter interface view interface interface type interface number 3 Set the loop protection action on the interface loopback detection action block no learning shutdown By default the device g...

Страница 265: ...e following requirements Device A generates a log as a notification Device A automatically shuts down the port on which a loop is detected Figure 3 Network diagram Procedure 1 Configure Device A Creat...

Страница 266: ...Twenty FiveGigE1 0 1 quit DeviceB interface twenty fivegige 1 0 2 DeviceB Twenty FiveGigE1 0 2 port link type trunk DeviceB Twenty FiveGigE1 0 2 port trunk permit vlan 100 DeviceB Twenty FiveGigE1 0...

Страница 267: ...Use the display loopback detection command to display the loop detection configuration and status on devices for example Device A DeviceA display loopback detection Loop detection is enabled Loop det...

Страница 268: ...rictions Interface configuration 23 Spanning tree protocol tasks at a glance 24 STP tasks at a glance 24 RSTP tasks at a glance 25 PVST tasks at a glance 26 MSTP tasks at a glance 27 Setting the spann...

Страница 269: ...ion tasks at a glance 47 Configuring BPDU guard 48 Enabling root guard 49 Enabling loop guard 49 Configuring port role restriction 50 Configuring TC BPDU transmission restriction 51 Enabling TC BPDU g...

Страница 270: ...refers to the IEEE 802 1d STP and various enhanced spanning tree protocols derived from that protocol STP protocol frames STP uses bridge protocol data units BPDUs also known as configuration messages...

Страница 271: ...BPDU transmission interval Forward delay Delay for STP bridges to transit port state Devices use the root bridge ID root path cost designated bridge ID designated port ID message age max age hello ti...

Страница 272: ...gnated port Classification Designated bridge Designated port For a device Device directly connected to the local device and responsible for forwarding BPDUs to the local device Port through which the...

Страница 273: ...t bridge selection The root bridge can be selected in the following methods Automatic election Initially each STP enabled device on the network assumes itself to be the root bridge with its own device...

Страница 274: ...raffic Table 2 Selecting the optimum configuration BPDU Step Actions 1 Upon receiving a configuration BPDU on a port the device compares the priority of the received configuration BPDU with that of th...

Страница 275: ...dge ID root path cost designated bridge ID and designated port ID Table 3 Initial state of each device Device Port name Configuration BPDU on the port Device A Port A1 0 0 0 Port A1 Port A2 0 0 0 Port...

Страница 276: ...1 3 Updates its configuration BPDU Port B2 performs the following operations 1 Receives the configuration BPDU of Port C2 2 0 2 Port C2 2 Determines that its existing configuration BPDU 1 0 1 Port B2...

Страница 277: ...B2 2 Determines that the received configuration BPDU is superior to its existing configuration BPDU 0 10 2 Port C2 3 Updates its configuration BPDU Port C1 performs the following operations 1 Receive...

Страница 278: ...nfiguration BPDU through the designated port If a designated port receives a configuration BPDU with a lower priority than its configuration BPDU the port immediately responds with its configuration B...

Страница 279: ...has expired If it is expired a new spanning tree calculation process starts The max age timer does not take effect on MSTIs If a port does not receive any configuration BPDUs within the timeout period...

Страница 280: ...cted as the root port or designated port it enters the learning state after the forward delay The port learns MAC addresses and enters the forwarding state after another forward delay A newly elected...

Страница 281: ...cannot be blocked on a per VLAN basis to prune loops PVST allows every VLAN to have its own spanning tree which increases usage of links and bandwidth Because each VLAN runs RSTP independently a span...

Страница 282: ...02 1s MSTP overcomes the limitations of STP RSTP and PVST In addition to supporting rapid network convergence it allows data flows of different VLANs to be forwarded along separate paths This provides...

Страница 283: ...used to identify the MST region for the originating bridge CIST IRPC Internal root path cost IRPC from the originating bridge to the root of the MST region CIST bridge ID ID of the bridge that sends t...

Страница 284: ...king topology of MST region 3 Figure 9 Basic concepts in MSTP Figure 10 Network diagram and topology of MST region 3 MST region 1 MST region 2 MST region 3 MST region 4 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Oth...

Страница 285: ...nd MSTIs In Figure 10 the VLAN to instance mapping table of MST region 3 is as follows VLAN 1 to MSTI 1 VLAN 2 and VLAN 3 to MSTI 2 Other VLANs to MSTI 0 MSTP achieves load balancing by means of the V...

Страница 286: ...ort or master port is blocked the alternate port takes over Backup port Acts as the backup port of a designated port When the designated port is invalid the backup port becomes the new designated port...

Страница 287: ...ding How MSTP works MSTP divides an entire Layer 2 network into multiple MST regions which are connected by a calculated CST Inside an MST region multiple spanning trees called MSTIs are calculated Am...

Страница 288: ...rom the blocking state to the forwarding state The forward delay is related to the hello time and network diameter If the forward delay is too short loops might occur This affects the stability of the...

Страница 289: ...orts transits to the discarding or learning state it sets the proposal flag in its BPDU Its peer bridge receives the BPDU and determines whether the receiving port is the root port If it is the root p...

Страница 290: ...5 the P A transition operates as follows 1 Device A sets the proposal and agreement flags in its BPDU and sends it to Device B through Port A1 2 Device B receives the BPDU Port B1 of Device B is elect...

Страница 291: ...22 IEEE 802 1Q REV D1 3 Media Access Control MAC Bridges and Virtual Bridged Local Area Networks Clause 13 Spanning tree Protocols...

Страница 292: ...k group RRPP Smart Link and L2PT Restrictions Interface configuration Some spanning tree features are supported in Layer 2 Ethernet interface view and Layer 2 aggregate interface view Unless otherwise...

Страница 293: ...rom reactivating edge ports shut down by BPDU guard Enabling BPDU transparent transmission on a port Enabling SNMP notifications for new root election and topology change events Configuring the leaf n...

Страница 294: ...protection features Disabling the device from reactivating edge ports shut down by BPDU guard Enabling BPDU transparent transmission on a port Enabling SNMP notifications for new root election and to...

Страница 295: ...advanced spanning tree features Performing mCheck Disabling inconsistent PVID protection Configuring protection features Enabling the device to log events of detecting or receiving TC BPDUs Disabling...

Страница 296: ...ing spanning tree timers Setting the timeout factor Configuring the BPDU transmission rate Configuring edge ports Configuring the port link type 6 Optional Configuring the mode a port uses to recogniz...

Страница 297: ...he peer device A port in this mode does not transit to the MSTP mode when it receives MSTP BPDUs from the peer device PVST mode All ports of the device send PVST BPDUs Each VLAN maintains a spanning t...

Страница 298: ...command Enable a spanning tree protocol by using the stp global enable command if the spanning tree protocol is disabled Restrictions and guidelines In STP RSTP or PVST mode MST region configurations...

Страница 299: ...ority settings Once you specify a device as the root bridge or a secondary root bridge you cannot change the priority of the device You can configure a device as the root bridge by setting the device...

Страница 300: ...f an MST region About the maximum hops of an MST region Restrict the region size by setting the maximum hops of an MST region The hop limit configured on the regional root bridge is used as the hop li...

Страница 301: ...ridge diameter diameter The default setting is 7 Setting spanning tree timers About spanning tree timers The following timers are used for spanning tree calculation Forward delay Delay time for port s...

Страница 302: ...akes packet loss for a link failure and triggers a new spanning tree calculation process If the hello time is too short the device frequently sends the same configuration BPDUs which wastes device and...

Страница 303: ...n starts an undesired spanning tree calculation To save network resources on a stable network Procedure 1 Enter system view system view 2 Set the timeout factor of the device stp timer factor factor T...

Страница 304: ...usive Procedure 1 Enter system view system view 2 Enter interface view interface interface type interface number 3 Configure the port as an edge port stp edged port By default all ports are non edge p...

Страница 305: ...ports 100000 180 Aggregate interface containing three Selected ports 66666 160 Aggregate interface containing four Selected ports 50000 140 Table 8 Mappings between the link speed 1000M and the path...

Страница 306: ...ports 400 1 Aggregate interface containing three Selected ports 266 1 Aggregate interface containing four Selected ports 200 1 Table 11 Mappings between the link speed 40G and the path cost Link spee...

Страница 307: ...E 802 1d 1998 or the private standard always assigns the smallest possible value to a single port or aggregate interface with a speed exceeding 10 Gbps The forwarding path selected based on this crite...

Страница 308: ...the system recalculates the port role and initiates a state transition Prepare for the network topology change before configuring the port priority Procedure 1 Enter system view system view 2 Enter in...

Страница 309: ...ition mode of a port is auto The port automatically distinguishes the two MSTP frame formats and determines the format of frames that it will send based on the recognized format You can configure the...

Страница 310: ...STP RSTP or MSTP mode make sure the spanning tree feature is enabled globally and on the desired ports In PVST mode make sure the spanning tree feature is enabled globally in the desired VLANs and on...

Страница 311: ...ed on all ports Performing mCheck About mCheck The mCheck feature enables user intervention in the port state transition process When a port on an MSTP RSTP or PVST device connects to an STP device an...

Страница 312: ...evices that host the ports To avoid PVST calculation errors make sure the following requirements are met Make sure the VLANs on one device do not use the same ID as the PVID of its peer port except th...

Страница 313: ...ated devices of different vendors are connected and run spanning tree protocols With Digest Snooping enabled in the same region verification does not require comparison of configuration digest The VLA...

Страница 314: ...e upstream device is received Figure 16 Rapid state transition of an MSTP designated port Figure 17 Rapid state transition of an RSTP designated port If the upstream device is a third party device the...

Страница 315: ...ocols through a point to point link Configure the same region name revision level and VLAN to instance mappings on the two devices Procedure Enable the No Agreement Check feature on the root port 1 En...

Страница 316: ...ore enabling TC Snooping The priority of BPDU tunneling is higher than that of TC Snooping When BPDU tunneling is enabled on a port the TC Snooping feature does not take effect on the port TC Snooping...

Страница 317: ...these ports Notifies the NMS that these ports have been shut down by the spanning tree protocol The device reactivates the ports that have been shut down when the port status detection timer expires...

Страница 318: ...tion BPDU with a higher priority from an MSTI it performs the following operations Immediately sets that port to the listening state in the MSTI Does not forward the received configuration BPDU This i...

Страница 319: ...re is enabled on the up interface Procedure 1 Enter system view system view 2 Enter interface view interface interface type interface number 3 Enable the loop guard feature stp loop protection By defa...

Страница 320: ...tion is disabled Enabling TC BPDU guard About TC BPDU guard When a device receives topology change TC BPDUs the BPDUs that notify devices of topology changes it flushes its forwarding address entries...

Страница 321: ...An MSTP enabled device forwards PVST BPDUs as data traffic because it cannot recognize PVST BPDUs If a PVST enabled device in another independent network receives the PVST BPDUs a PVST calculation er...

Страница 322: ...ks between Device A and Device B become unidirectional the links fail in the direction of Port A1 to Port B1 the following events occur 1 Device B cannot receive BPDUs from Device A 2 Device B determi...

Страница 323: ...AN 100 to Device A When Device A receives the inferior BPDU dispute guard blocks Port A1 which causes traffic interruption To ensure service continuity you can disable dispute guard on Device A to pre...

Страница 324: ...mer expires You can set this timer by using the shutdown interval command For more information about this command see device management commands in Fundamentals Command Reference Restrictions and guid...

Страница 325: ...ust also configure SNMP on the device For more information about SNMP configuration see the network management and monitoring configuration guide for the device When you use the snmp agent trap enable...

Страница 326: ...rts display stp bpdu statistics interface interface type interface number instance instance list Display information about ports shut down by spanning tree protection features display stp down port Di...

Страница 327: ...eA mst region region name example Map VLAN 10 VLAN 30 and VLAN 40 to MSTI 1 MSTI 3 and MSTI 4 respectively DeviceA mst region instance 1 vlan 10 DeviceA mst region instance 3 vlan 30 DeviceA mst regio...

Страница 328: ...STI 4 respectively DeviceC mst region instance 1 vlan 10 DeviceC mst region instance 3 vlan 30 DeviceC mst region instance 4 vlan 40 Configure the revision level of the MST region as 0 DeviceC mst reg...

Страница 329: ...ING NONE 0 Twenty FiveGigE1 0 2 DESI FORWARDING NONE 0 Twenty FiveGigE1 0 3 DESI FORWARDING NONE 1 Twenty FiveGigE1 0 2 DESI FORWARDING NONE 1 Twenty FiveGigE1 0 3 ROOT FORWARDING NONE 3 Twenty FiveGi...

Страница 330: ...ng trees of the VLAN VLAN 10 VLAN 20 and VLAN 30 are terminated on the distribution layer devices and VLAN 40 is terminated on the access layer devices The root bridge of VLAN 10 and VLAN 20 is Device...

Страница 331: ...oot bridge of VLAN 30 DeviceB stp vlan 30 root primary Enable the spanning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceB stp global enable DeviceB stp vlan 10 20 30 enable 4 Configu...

Страница 332: ...FORWARDING NONE 30 Twenty FiveGigE1 0 3 DESI FORWARDING NONE Display brief spanning tree information on Device C DeviceC display stp brief VLAN ID Port Role STP State Protection 10 Twenty FiveGigE1 0...

Страница 333: ...VLAN 20 and VLAN 30 are terminated on the distribution layer devices The root bridge of VLAN 10 VLAN 20 and VLAN 30 is the DR system formed by Device A and Device B NOTE As a best practice do not conn...

Страница 334: ...he device as the root bridge of VLAN 10 and VLAN 20 DeviceA stp vlan 10 20 root primary Enable the spanning tree feature globally and in VLAN 10 VLAN 20 and VLAN 30 DeviceA stp global enable DeviceA s...

Страница 335: ...NG NONE 20 Bridge Aggregation1 DESI FORWARDING NONE 20 Bridge Aggregation2 DESI FORWARDING NONE 30 Bridge Aggregation2 DESI FORWARDING NONE Display brief spanning tree information on Device C DeviceC...

Страница 336: ...alidation and aging 19 Configuring LLDP neighbor validation on an interface 19 Configuring LLDP neighbor aging on an interface 19 Configuring MAC address learning for DCN 20 About MAC address learning...

Страница 337: ...ii...

Страница 338: ...ice ID Port ID LLDP agents and bridge modes An LLDP agent is a mapping of a protocol entity that implements LLDP Multiple LLDP agents can run on the same interface LLDP agents are classified into the...

Страница 339: ...otocol SNAP format LLDP frame encapsulated in Ethernet II Figure 2 Ethernet II encapsulated LLDP frame Table 1 Fields in an Ethernet II encapsulated LLDP frame Field Description Destination MAC addres...

Страница 340: ...ermine the validity of the received Ethernet frame LLDPDUs Each LLDP frame contains one LLDPDU Each LLDPDU is a sequence of type length value TLV structures Figure 4 LLDPDU encapsulation format As sho...

Страница 341: ...device and the enabled primary features Management Address Specifies the following elements The management address of the local device The interface number and object identifier OID associated with t...

Страница 342: ...uplex mode Link Aggregation Indicates whether the port supports link aggregation and if yes whether link aggregation is enabled Power Via MDI Contains the power supply capabilities of the port Port cl...

Страница 343: ...ts model name Asset ID Allows a terminal device to advertise its asset ID The typical case is that the user specifies the asset ID for the endpoint to facilitate directory management and asset trackin...

Страница 344: ...l value of the aging timer is equal to the TTL value in the Time To Live TLV carried in the LLDP frame When the LLDP agent receives a new LLDP frame the aging timer restarts When the aging timer decre...

Страница 345: ...rts of OpenFlow instances For more information about OpenFlow see OpenFlow Configuration Guide You can configure LLDP on an IRF physical interface to monitor the connection and link status of the IRF...

Страница 346: ...nabled globally 3 Enter interface view interface interface type interface number 4 Enable LLDP lldp enable By default LLDP is enabled on a port Setting the LLDP bridge mode 1 Enter system view system...

Страница 347: ...t initializes the protocol state machines after an LLDP reinitialization delay By adjusting the delay you can avoid frequent initializations caused by frequent changes to the LLDP operating mode on a...

Страница 348: ...management TLVs and IEEE 802 1 organizationally specific TLVs In Layer 3 Ethernet interface view lldp tlv enable basic tlv all port description system capability system description system name manage...

Страница 349: ...ic TLV set In Layer 2 aggregate interface view lldp tlv enable dot1 tlv protocol vlan id vlan id vlan name vlan id management vid mvlan id lldp agent nearest nontpmr tlv enable basic tlv all managemen...

Страница 350: ...management address tlv command 3 Default setting for the interface By default The nearest bridge agent and nearest customer bridge agent advertise the management address TLV The nearest non TPMR bridg...

Страница 351: ...ce view lldp agent nearest customer nearest nontpmr management address format string The default management address encoding format is numeric Setting the encapsulation format for LLDP frames About se...

Страница 352: ...the token bucket size for sending LLDP frames lldp max credit credit value The default setting is 5 5 Set the number of LLDP frames sent each time fast LLDP frame transmission is triggered lldp fast c...

Страница 353: ...t nearest customer nearest nontpmr check change interval interval In IRF physical interface view lldp check change interval interval By default LLDP polling is disabled Disabling LLDP PVID inconsisten...

Страница 354: ...carrying TLVs with the configured voice VLAN If no voice VLAN is configured for CDP packets CDP packets carry the voice VLAN of the port or the voice VLAN assigned by the RADIUS server The assigned vo...

Страница 355: ...g notifies the network management system of events such as newly detected neighboring devices and link failures To prevent excessive LLDP traps from being sent when the topology is unstable set a trap...

Страница 356: ...LV criterion lldp neighbor identity chassis id chassis id subtype chassis id Configure the port ID TLV criterion lldp neighbor identity port id port id subtype port id By default no neighbor validatio...

Страница 357: ...the source MAC address of LLDP frames 2 Enabling generation of ARP or ND entries for received management address TLVs Configuring MAC address learning for DCN on a Layer 3 Ethernet interface 1 Optiona...

Страница 358: ...of LLDP frames This ensures that the neighbor NE can generate correct ARP or ND entries In Layer 3 Ethernet interface view you can specify an existing Layer 3 Ethernet subinterface as the output inte...

Страница 359: ...e interface number agent nearest bridge nearest customer nearest nontpmr Display types of advertisable optional LLDP TLVs display lldp tlv config interface interface type interface number agent neares...

Страница 360: ...ace twenty fivegige 1 0 1 SwitchB Twenty FiveGigE1 0 1 lldp enable Set the LLDP operating mode to Tx on Twenty FiveGigE 1 0 1 SwitchB Twenty FiveGigE1 0 1 lldp admin status tx SwitchB Twenty FiveGigE1...

Страница 361: ...nown TLV 0 LLDP status information of port 2 Twenty FiveGigE1 0 2 LLDP agent nearest bridge Port status of LLDP Enable Admin status Rx_Only Trap flag No MED trap flag No Polling interval 0s Number of...

Страница 362: ...minutes 20 seconds Transmit interval 30s Fast transmit interval 1s Transmit credit max 5 Hold multiplier 4 Reinit delay 2s Trap interval 30s Fast start times 4 LLDP status information of port 1 Twenty...

Страница 363: ...LLDP agent nearest customer Port status of LLDP Enable Admin status Disable Trap flag No MED trap flag No Polling interval 0s Number of LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbo...

Страница 364: ...y fivegige 1 0 1 SwitchA Twenty FiveGigE1 0 1 lldp enable Configure LLDP to operate in TxRx mode on Twenty FiveGigE 1 0 1 SwitchA Twenty FiveGigE1 0 1 lldp admin status txrx Configure CDP compatible L...

Страница 365: ...iveGigE1 0 1 LLDP agent nearest bridge CDP neighbor index 1 Chassis ID SEP00141CBCDBFE Port ID Port 1 CDP neighbor information of port 2 Twenty FiveGigE1 0 2 LLDP agent nearest bridge CDP neighbor ind...

Страница 366: ...n Traffic Classes DCBX functions DCBX offers the following functions Discovers the peer devices capabilities and determines whether devices at both ends support these capabilities Detects configuratio...

Страница 367: ...PP parameters 4 Configuring ETS parameters a Configuring the 802 1p to local priority mapping b Configuring group based WRR queuing 5 Configuring PFC parameters Enabling LLDP and DCBX TLV advertising...

Страница 368: ...s preferably negotiated Procedure 1 Enter system view system view 2 Enter Layer 2 Ethernet interface view interface interface type interface number 3 Set the DCBX version dcbx version rev100 rev101 st...

Страница 369: ...IPv4 advanced ACL and configure a rule for the ACL acl advanced acl number name acl name match order auto config rule rule id permit tcp udp destination port eq port DCBX Rev 1 00 supports only Layer...

Страница 370: ...mmitted bandwidth of the interface Restrictions and guidelines To configure ETS parameters perform the following tasks 1 Configure the 802 1p to local priority mapping by using either of the following...

Страница 371: ...pping in the priority mapping table method 1 Enter system view system view 2 Enter 802 1p to local priority mapping table view for the outgoing traffic qos map table dot1p lp 3 Configure the priority...

Страница 372: ...ype interface number 3 Enable PFC in auto mode on the Ethernet interface priority flow control auto By default PFC is disabled To advertise the PFC data you must enable PFC in auto mode 4 Enable PFC f...

Страница 373: ...onfigure the traffic behavior to mark packets with 802 1p priority value 3 SwitchA traffic behavior app_b SwitchA behavior app_b remark dot1p 3 SwitchA behavior app_b quit Create a QoS policy named pl...

Страница 374: ...DCBX Parameter Type and Length DCBX Parameter Length 13 DCBX Parameter Type 2 DCBX Parameter Information Parameter Type Current Pad Byte Present Yes DCBX Parameter Valid Yes Reserved 0 DCBX Parameter...

Страница 375: ...f Priority 6 6 Priority Group 0 Percentage 2 Priority Group 1 Percentage 4 Priority Group 2 Percentage 6 Priority Group 3 Percentage 0 Priority Group 4 Percentage 10 Priority Group 5 Percentage 18 Pri...

Страница 376: ...ength 2 DCBX Parameter Type 3 DCBX Parameter Information Parameter Type Current Pad Byte Present No DCBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabled on Priority 0 No PFC Enabled on...

Страница 377: ...CBX Parameter Valid Yes Reserved 0 DCBX Parameter Data PFC Enabled on Priority 0 No PFC Enabled on Priority 1 No PFC Enabled on Priority 2 No PFC Enabled on Priority 3 Yes PFC Enabled on Priority 4 No...

Страница 378: ...and guidelines for L2PT 3 Enabling L2PT for a protocol in Layer 2 Ethernet interface view 4 Enabling L2PT for a protocol in Layer 2 aggregate interface view 4 Setting the destination multicast MAC ad...

Страница 379: ...e packet is from the customer network or the service provider network They must deliver the packet to the CPU for processing In this case the Layer 2 protocol calculation in Customer A s network is mi...

Страница 380: ...iving port Decapsulates the packet and multicasts the decapsulated packet out of all customer facing ports in the VLAN Figure 2 L2PT operating mechanism For example as shown in Figure 3 PE 1 receives...

Страница 381: ...the following conditions exist The protocol is running on the aggregate interface on the CE The aggregate interface on the CE connects to an L2PT enabled port on the PE Enable L2PT on PE ports connec...

Страница 382: ...cols Enabling L2PT for a protocol in Layer 2 aggregate interface view 1 Enter system view system view 2 Enter Layer 2 aggregate interface view interface bridge aggregation interface type interface num...

Страница 383: ...es Example Configuring L2PT for STP Network configuration As shown in Figure 4 the MAC addresses of CE 1 and CE 2 are 00e0 fc02 5800 and 00e0 fc02 5802 respectively MSTP is enabled in Customer A s net...

Страница 384: ...all PE1 Twenty FiveGigE1 0 2 quit 2 Configure PE 2 in the same way PE 1 is configured Details not shown Verifying the configuration Verify that the root bridge of Customer A s network is CE 1 CE2 dis...

Страница 385: ...ansmitted configure all ports in the service provider network as trunk ports Procedure 1 Configure CE 1 Configure Layer 2 aggregation group Bridge Aggregation 1 to operate in dynamic aggregation mode...

Страница 386: ...rt link mode bridge PE1 Twenty FiveGigE1 0 2 port link type trunk PE1 Twenty FiveGigE1 0 2 port trunk permit vlan 3 PE1 Twenty FiveGigE1 0 2 port trunk pvid vlan 3 Enable QinQ on Twenty FiveGigE 1 0 2...

Страница 387: ...cket s CE2 display link aggregation member port Flags A LACP_Activity B LACP_Timeout C Aggregation D Synchronization E Collecting F Distributing G Defaulted H Expired Twenty FiveGigE1 0 1 Aggregate In...

Страница 388: ...10 Flag ACDEF Remote System ID 0x8000 0001 0000 0000 Port Number 4 Port Priority 32768 Oper Key 1 Flag ACDEF Received LACP Packets 10 packet s Illegal 0 packet s Sent LACP Packets 13 packet s...

Страница 389: ...groups 1 Restrictions and guidelines Service loopback group configuration 1 Configuring a service loopback group 1 Display and maintenance commands for service loopback groups 2 Service loopback group...

Страница 390: ...assign a physical interface to the service loopback group if that interface is the only member interface of an IRF port For correct traffic processing make sure the service loopback group has a minim...

Страница 391: ...e loopback group 1 All configurations on the interface will be lost Continue Y N y After this command is executed the speed will be reset to the default value on Twenty FiveGigE1 0 1 to Twenty FiveGig...

Страница 392: ...3 Create the interface Tunnel 1 and set it to GRE mode The interface will automatically use service loopback group 1 Sysname interface tunnel 1 mode gre Sysname Tunnel1...

Страница 393: ...i Contents Configuring cut through Layer 2 forwarding 1 About cut through Layer 2 forwarding 1 Restrictions and guidelines for cut through Layer 2 forwarding configuration 1 Procedure 1...

Страница 394: ...erformance Restrictions and guidelines for cut through Layer 2 forwarding configuration With cut through forwarding the device forwards CRC error frames because it starts forwarding frames before thei...

Отзывы:

Нет отзывов

Похожие инструкции для S6850 Series

Бренд: Under Control Страницы: 9

Бренд: Magnetrol Страницы: 24

Бренд: Xenteq Страницы: 22

Бренд: OEM Страницы: 1

Бренд: CalDigit Страницы: 13

2X2 VGA SWITCHER

Бренд: Gefen Страницы: 12

Edison Cooper Power Series

Бренд: Eaton Страницы: 12

Бренд: Guntermann & Drunck Страницы: 8

Бренд: Metra Electronics Страницы: 8

Бренд: Xcellon Страницы: 2

Digi-Touch DDN-SW1

Бренд: Blueridge Страницы: 13

Бренд: GarrettCom Страницы: 42

SL-5-DS-2 SWITCH AND CHECK VALVE

Бренд: BENDIX Страницы: 4

Бренд: Daewoo Страницы: 7

Бренд: WIKA Страницы: 76

Бренд: Zennio Страницы: 61

Бренд: Cabletron Systems Страницы: 12

Бренд: COP Страницы: 12

Бренды по названию

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Популярные бренды

Загрузить еще бренды