H3C S7500X Switch Series
Comware 7 Layer 2—LAN Switching
Configuration Guide
New H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 7577P04 and later versions
Document version: 6W100-20190315
Страница 1: ...S7500X Switch Series Comware 7 Layer 2 LAN Switching Configuration Guide New H3C Technologies Co Ltd http www h3c com Software version Release 7577P04 and later versions Document version 6W100 201903...
Страница 2: ...H3C Technologies Co Ltd any trademarks that may be mentioned in this document are the property of their respective owners Notice The information in this document is subject to change without notice A...
Страница 3: ...ents that are optional x y Braces enclose a set of required syntax choices separated by vertical bars from which you select one x y Square brackets enclose a set of optional syntax choices separated b...
Страница 4: ...s a Layer 2 or Layer 3 switch or a router that supports Layer 2 forwarding and other Layer 2 features Represents an access controller a unified wired WLAN module or the access controller engine on a u...
Страница 5: ...Documentation feedback You can e mail your comments about product documentation to info h3c com We appreciate your comments...
Страница 6: ...e forwarding rule after the MAC learning limit is reached 8 Configuration restrictions and guidelines 8 Configuring the device to forward unknown frames after the MAC learning limit on an interface is...
Страница 7: ...e device receives a frame destined for MAC SOURCE after learning this source MAC address the device performs the following operations 1 Finds the MAC SOURCE entry in the MAC address table 2 Forwards t...
Страница 8: ...try a blackhole entry and a multiport unicast entry cannot overwrite one another MAC address table configuration task list The configuration tasks discussed in the following sections can be performed...
Страница 9: ...ated dynamic MAC address entry does not take effect Forwards the frame based on the multiport unicast MAC address entry Blackhole MAC address entry Drops the frame Dynamic MAC address entry Learns the...
Страница 10: ...VLAN Adding or modifying a multiport unicast MAC address entry You can configure a multiport unicast MAC address entry to associate a unicast destination MAC address with multiple ports The frame wit...
Страница 11: ...y is configured on the interface Make sure you have created the VLAN and assigned the interface to the VLAN Disabling MAC address learning MAC address learning is enabled by default To prevent the MAC...
Страница 12: ...disable MAC address learning on a per VLAN basis To disable MAC address learning on a VLAN Step Command Remarks 1 Enter system view system view N A 2 Enable global MAC address learning mac address ma...
Страница 13: ...upport this feature For more information about PEXs see Virtual Technologies Configuration Guide The MAC address learning limit does not take manually configured dynamic MAC addresses into account Thi...
Страница 14: ...rwarding of unknown frames after the MAC learning limit is reached In this document unknown frames refer to frames whose source MAC addresses are not in the MAC address table Configuration restriction...
Страница 15: ...ng MAC learning priority to interfaces The MAC learning priority mechanism assigns either low priority or high priority to an interface An interface with high priority can learn MAC addresses as usual...
Страница 16: ...table After you enable MAC address synchronization each card advertises learned MAC address entries to other cards of all member devices As shown in Figure 2 Device A and Device B form an IRF fabric e...
Страница 17: ...address is moved from interface A to interface B and a MAC address move occurs The MAC address move notifications feature enables the device to output MAC address move logs when MAC address moves are...
Страница 18: ...old threshold By default the suppression interval is 30 seconds and the suppression threshold is 3 4 Enter interface view Enter Layer 2 Ethernet interface view interface interface type interface numbe...
Страница 19: ...entry If the frame meets both conditions the device drops the frame When this feature is disabled the device does not perform the check for a received frame It can forward the frame whether or not th...
Страница 20: ...enable mac address mac move By default SNMP notifications are enabled for the MAC address table When SNMP notifications are disabled for the MAC address table syslog messages are sent to notify impor...
Страница 21: ...igabitEthernet 1 0 1 that belongs to VLAN 1 Device system view Device mac address static 000f e235 dc71 interface gigabitethernet 1 0 1 vlan 1 Add a blackhole MAC address entry for MAC address 000f e2...
Страница 22: ...thernet interface view interface interface type interface number N A 4 Enable MAC Information on the interface mac address information enable added deleted By default MAC Information is disabled on th...
Страница 23: ...setting is 50 MAC Information configuration example Network requirements Enable MAC Information on GigabitEthernet 1 0 1 on Device in Figure 6 to send MAC address changes in syslog messages to the log...
Страница 24: ...root user b Create a subdirectory named Device in directory var log mkdir var log Device c Create file info log in the Device directory to save logs from Device touch var log Device info log d Edit th...
Страница 25: ...mac address information enable added Device GigabitEthernet1 0 1 mac address information enable deleted Device GigabitEthernet1 0 1 quit Set the MAC Information queue length to 100 Device mac address...
Страница 26: ...ort selection 18 Setting the MTU for a Layer 3 aggregate interface 19 Setting the minimum and maximum numbers of Selected ports for an aggregation group 19 Setting the expected bandwidth for an aggreg...
Страница 27: ...rresponding logical interface called an aggregate interface When an aggregate interface is created the device automatically creates an aggregation group of the same type and number as the aggregate in...
Страница 28: ...ocol configurations Attribute configurations of a link aggregation member port affect its aggregation state Attribute configurations To become a Selected port a member port must have the same attribut...
Страница 29: ...e aggregation states of the member ports Dynamic link aggregation reduces the administrators workload Layer 2 aggregation groups and Layer 3 aggregation groups support both the static and dynamic mode...
Страница 30: ...sting Selected ports A device reboot can cause the device to recalculate the aggregation states of member ports The port is placed in Selected state when the following conditions are met The port and...
Страница 31: ...about IRF and the LACP MAD mechanism see Virtual Technologies Configuration Guide LACP operating modes LACP can operate in active or passive mode When LACP is operating in passive mode on a local mem...
Страница 32: ...ing on the peer information in the received LACPDUs NOTE When you use automatic assignment on one end you must use manual assignment on the other end Automatic member interface assignment As shown in...
Страница 33: ...oup creation methods do not change the processes of reference port selection and Selected port selection IMPORTANT As a best practice to ensure correct operation of dynamic aggregation groups do not u...
Страница 34: ...ort A port ID contains a port priority and a port number The lower the port priority the smaller the port ID a The system chooses the port with the lowest priority value as the reference port If the p...
Страница 35: ...ports the same as their peer ports When you aggregate interfaces in dynamic mode follow these guidelines A dynamic link aggregation group chooses only full duplex ports as the Selected ports For stabl...
Страница 36: ...haring Distributes traffic on a per flow basis The load sharing mode classifies packets into flows and forwards packets of the same flow on the same link This mode can be one or any combination of the...
Страница 37: ...the prioritized criterion for reference port selection Setting the MTU for a Layer 3 aggregate interface Setting the minimum and maximum numbers of Selected ports for an aggregation group Setting the...
Страница 38: ...Interface bound to a VSI VPLS in MPLS Configuration Guide Do not assign a reflector port for port mirroring to an aggregation group For more information about reflector ports see Network Management an...
Страница 39: ...aggregation group group id force Repeat these two substeps to assign more Layer 2 Ethernet interfaces to the aggregation group To synchronize the attribute configurations and mac vlan enable setting f...
Страница 40: ...rd 7 Set the LACP operating mode for the interface Set the LACP operating mode to passive lacp mode passive Set the LACP operating mode to active undo lacp mode By default LACP is operating in active...
Страница 41: ...oute aggregation interface number When you create a Layer 3 aggregate interface the system automatically creates a Layer 3 static aggregation group numbered the same 4 Configure the aggregation group...
Страница 42: ...y created aggregate interface When automatic link aggregation is enabled subinterface creation might fail on LLDP enabled Layer 3 Ethernet interfaces As a best practice to ensure correct operation of...
Страница 43: ...768 All S MLAG devices must use the same LACP system priority 4 Set the LACP system number lacp system number number By default the LACP system number is not set You must assign a unique LACP system n...
Страница 44: ...ame criteria for reference port selection Perform this task to ensure that a dynamic aggregation group selects a high speed member port as the reference port After you perform this task the priority o...
Страница 45: ...nd the state of the aggregate interface When the number of member ports eligible to be Selected ports is smaller than the minimum threshold the following events occur The eligible member ports are pla...
Страница 46: ...oup 4 Set the maximum number of Selected ports for the aggregation group link aggregation selected port maximum max number By default the maximum number of Selected ports for an aggregation group depe...
Страница 47: ...in the corresponding aggregation group become Unselected ports and all member ports go down When an aggregate interface is brought up the aggregation states of member ports in the corresponding aggre...
Страница 48: ...regation group will not have any Selected ports to forward traffic if it has not received LACPDUs before the LACP timeout interval expires To disable the default port selection action Step Command Rem...
Страница 49: ...shared based on the following information Source and destination IP addresses Source and destination port numbers IP protocol number MPLS packets are load shared based on Layer 1 and Layer 2 MPLS labe...
Страница 50: ...ffic on IRF links as shown in Figure 6 For more information about IRF see Virtual Technologies Configuration Guide NOTE This feature takes effect only on known unicast traffic Figure 6 Load sharing fo...
Страница 51: ...es the Ethernet link aggregation module that the peer port is reachable Then the local port is placed in Selected state again This mechanism ensures that the local and peer ports of a static aggregate...
Страница 52: ...interface route aggregation interface number N A 3 Enable BFD for the aggregation group link aggregation bfd ipv4 source ip address destination ip address By default BFD is disabled for an aggregatio...
Страница 53: ...ce A and Device B Enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end Enable VLAN 20 at one end of the aggregate link to communicate with VLAN 20 at the other...
Страница 54: ...play detailed information about all aggregation groups on Device A DeviceA display link aggregation verbose Loadsharing Type Shar Loadsharing NonS Non Loadsharing Port Status S Selected U Unselected I...
Страница 55: ...Ethernet 1 0 1 through GigabitEthernet 1 0 3 to link aggregation group 1 DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 port link aggregation group 1 DeviceA GigabitEthernet1 0 1...
Страница 56: ...g GE1 0 1 32768 81 1 0x8000 000f e267 57ad ACDEF GE1 0 2 32768 82 1 0x8000 000f e267 57ad ACDEF GE1 0 3 32768 83 1 0x8000 000f e267 57ad ACDEF The output shows that link aggregation group 1 is a Layer...
Страница 57: ...k aggregation load sharing mode source mac DeviceA Bridge Aggregation1 quit Assign ports GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 to link aggregation group 1 DeviceA interface gigabitethernet 1...
Страница 58: ...A is configured Details not shown Verifying the configuration Display detailed information about all aggregation groups on Device A DeviceA display link aggregation verbose Loadsharing Type Shar Load...
Страница 59: ...tem view Device interface bridge aggregation 1 Device Bridge Aggregation1 link aggregation mode dynamic Configure Layer 2 aggregate interface Bridge Aggregation 1 as an edge aggregate interface Device...
Страница 60: ...the network shown in Figure 11 perform the following tasks Configure a Layer 3 static aggregation group on both Device A and Device B Configure IP addresses and subnet masks for the corresponding Laye...
Страница 61: ...E1 0 1 R S 32768 1 GE1 0 2 S 32768 1 GE1 0 3 S 32768 1 The output shows that link aggregation group 1 is a Layer 3 static aggregation group that contains three Selected ports Layer 3 dynamic aggregati...
Страница 62: ...g Port Status S Selected U Unselected I Individual Port A Auto port M Management port R Reference port Flags A LACP_Activity B LACP_Timeout C Aggregation D Synchronization E Collecting F Distributing...
Страница 63: ...ggregation group 10 DeviceA GigabitEthernet1 0 2 quit DeviceA interface gigabitethernet 1 0 3 DeviceA GigabitEthernet1 0 3 port link aggregation group 10 DeviceA GigabitEthernet1 0 3 quit 2 Configure...
Страница 64: ...DeviceD system view DeviceD lacp system mac 1 1 1 Set the LACP system priority to 123 DeviceD lacp system priority 123 Set the LACP system number to 3 DeviceD lacp system number 3 Create Layer 2 aggre...
Страница 65: ...40fa 264f 0100 Local Port Status Priority Index Oper Key Flag GE1 0 1 R S 32768 1 1 ACDEF GE1 0 2 S 32768 2 1 ACDEF GE1 0 3 S 32768 3 1 ACDEF Remote Actor Priority Index Oper Key SystemID Flag GE1 0...
Страница 66: ...evice 9 Configuring DR keepalive settings 10 Configuration restrictions and guidelines 10 Excluding an interface from the shutdown action by DRNI MAD 10 Configuring DR keepalive packet parameters 10 S...
Страница 67: ...ts DR role priority The secondary DR device passes the traffic of those features to the primary DR device for processing If the DR member devices in a DR system have the same DR role priority the devi...
Страница 68: ...ch is fixed at 90 seconds If this timer is used the peer interface sends one DRCPDU every 30 seconds Short DRCP timeout timer enables the DR member devices to detect a peer interface down event more q...
Страница 69: ...ng operations to form a DR system 1 Send DRCPDUs over the IPL to each other and compare the DRCPDUs to determine the DR system stackability and device roles a Compare the DR system settings The device...
Страница 70: ...device during DR system setup For more information see Setting the data restoration interval Type 1 configuration Type 1 configuration consistency check is performed both globally and on DR interface...
Страница 71: ...orm a DR system to which Device C is attached through a multichassis aggregation If traffic to Device C arrives at Device B after the DR interface connected Device B to Device C has failed the DR syst...
Страница 72: ...ailure handling mechanism As shown in Figure 5 when the primary DR device fails the secondary DR device takes over the primary role to forward all traffic for the DR system When the faulty device reco...
Страница 73: ...d as one DR system you must configure the same DR system MAC address and DR system priority on them You must assign different DR system numbers to the DR member devices For correct traffic forwarding...
Страница 74: ...on interval Configuring DR system settings Configuring the DR system MAC address Configuration restrictions and guidelines Changing the DR system MAC address causes DR system split When you perform th...
Страница 75: ...ystem view system view N A 2 Set the DR system priority drni system priority system priority By default the DR system priority is 32768 Setting the DR role priority of the device Overview DRNI assigns...
Страница 76: ...luded from the MAD shutdown action see the Excluded ports user configured field in the output from the display drni mad verbose command If you exclude an interface that is already in DRNI MAD DOWN sta...
Страница 77: ...the keepalive link is down Configuration restrictions and guidelines The local DR keepalive timeout timer must be two times the DR keepalive interval of the peer at minimum Configure the same DR keepa...
Страница 78: ...es to the PVID As a best practice assign the IPP interfaces to all VLANs by using the port trunk permit vlan all command On an IPP you can execute only the following commands link aggregation mode dyn...
Страница 79: ...ew system view N A 2 Disable configuration consistency check drni consistency check disable By default configuration consistency check is enabled Enabling the short DRCP timeout timer on the IPP or a...
Страница 80: ...er drni keepalive hold time value By default the keepalive hold timer is 3 seconds Configuring DR system auto recovery Overview If only one DR member device recovers after the entire DR system reboots...
Страница 81: ...s come up upon expiration of the data restoration interval Configuration procedure To set the data restoration interval Step Command Remarks 1 Enter system view system view N A 2 Set the data restorat...
Страница 82: ...e 1 1 1 2 Set the link mode of GigabitEthernet 1 0 5 to Layer 3 and assign the interface an IP address The IP address will be used as the source IP address of keepalive packets DeviceA interface gigab...
Страница 83: ...gabitEthernet1 0 4 quit Assign Bridge Aggregation 4 to DR group 4 DeviceA interface bridge aggregation 4 DeviceA Bridge Aggregation4 port drni group 4 DeviceA Bridge Aggregation4 quit 2 Configure Devi...
Страница 84: ...4 DeviceB GigabitEthernet1 0 4 quit Assign Bridge Aggregation 4 to DR group 4 DeviceB interface bridge aggregation 4 DeviceB Bridge Aggregation4 port drni group 4 DeviceB Bridge Aggregation4 quit 3 C...
Страница 85: ...erface DR group ID BAGG4 4 State UP Local state Peer state ABDFG ABDFG Local Selected ports Index 16387 16388 Peer Selected ports Index 32771 32772 Verify that all member ports of aggregation group 4...
Страница 86: ...with Device C and one with Device D Set up a keepalive link between GigabitEthernet 1 0 5 of Device A and GigabitEthernet 1 0 5 of Device B and exclude the interfaces from the shutdown action by DRNI...
Страница 87: ...GigabitEthernet 1 0 4 DeviceA GigabitEthernet1 0 4 port link aggregation group 125 DeviceA GigabitEthernet1 0 4 quit Create Layer 2 dynamic aggregate interface Bridge Aggregation 100 and assign it to...
Страница 88: ...vlan interface101 ip address 20 1 1 1 24 DeviceA vlan interface101 quit Configure OSPF DeviceA ospf DeviceA ospf 1 import route direct DeviceA ospf 1 area 0 DeviceA ospf 1 area 0 0 0 0 network 10 1 1...
Страница 89: ...Ethernet1 0 3 port link aggregation group 125 DeviceB GigabitEthernet1 0 3 quit DeviceB interface gigabitethernet 1 0 4 DeviceB GigabitEthernet1 0 4 port link aggregation group 125 DeviceB GigabitEthe...
Страница 90: ...n interface100 quit DeviceB interface vlan interface 101 DeviceB vlan interface101 ip address 20 1 1 2 24 DeviceB vlan interface101 quit Configure OSPF DeviceB ospf DeviceB ospf 1 import route direct...
Страница 91: ...t DeviceC ospf 1 area 0 DeviceC ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 DeviceC ospf 1 area 0 0 0 0 quit DeviceC ospf 1 quit 4 Configure Device D Create Layer 2 dynamic aggregate interface Brid...
Страница 92: ...ice C has established OSPF neighbor relationships with Device A and Device B DeviceC display ospf peer OSPF Process 1 with Router ID 10 1 1 3 Neighbor Brief Information Area 0 0 0 0 Router ID Address...
Страница 93: ...s and guidelines Port isolation configuration 1 Assigning a port to an isolation group 1 Displaying and maintaining port isolation 2 Port isolation configuration example 2 Network requirements 2 Confi...
Страница 94: ...trusted port in a DHCP snooping enabled network use the dhcp snooping trust command For more information see DHCP snooping configuration in Layer 3 IP Services Configuration Guide Assigning a port to...
Страница 95: ...ds in any view Task Command Display isolation group information display port isolate group group id Port isolation configuration example Network requirements As shown in Figure 1 LAN users Host A Host...
Страница 96: ...GigabitEthernet1 0 2 quit Device interface gigabitethernet 1 0 3 Device GigabitEthernet1 0 3 port isolate enable group 2 Device GigabitEthernet1 0 3 quit Verifying the configuration Display informatio...
Страница 97: ...AN configuration example 17 IP subnet based VLAN configuration example 19 Protocol based VLAN configuration example 21 Configuring super VLANs 25 Overview 25 Super VLAN configuration restrictions and...
Страница 98: ...tings for voice traffic 51 Configuring a port to operate in automatic voice VLAN assignment mode 52 Configuration restrictions and guidelines 52 Configuration procedure 52 Configuring a port to operat...
Страница 99: ...workstations and servers used by a particular workgroup to the same VLAN regardless of their physical locations Hosts in the same VLAN can directly communicate with one another You need a router or a...
Страница 100: ...d here For information about the VLAN tag fields in other frame encapsulation formats see related protocols and standards For a frame that has multiple VLAN tags the device handles it according to its...
Страница 101: ...r secondary VLANs that have the following characteristics Associated with the same primary VLAN Enabled with Layer 3 communication in VLAN interface view of the primary VLAN interface For more informa...
Страница 102: ...ing VLAN mapping PVID The PVID identifies the default VLAN of a port Untagged packets received on a port are considered as the packets from the port PVID When you set the PVID for a port follow these...
Страница 103: ...C based VLANs IP subnet based VLANs Protocol based VLANs Port based VLANs Assigning an access port to a VLAN You can assign an access port to a VLAN in VLAN view or interface view Make sure the VLAN h...
Страница 104: ...Set the port link type to trunk port link type trunk By default all ports are access ports 4 Assign the trunk port to the specified VLANs port trunk permit vlan vlan id list all By default a trunk po...
Страница 105: ...MAC based VLAN assignment on a port perform the following tasks 1 Create MAC to VLAN entries 2 Enable the MAC based VLAN feature on the port 3 Assign the port to the MAC based VLAN A port configured w...
Страница 106: ...rder MAC based VLAN fuzzy and exact MAC address match IP subnet based VLAN Protocol based VLAN Port based VLAN After tagging the frame with the selected VLAN the port gets the source MAC address of th...
Страница 107: ...server assigned MAC based VLAN perform the following tasks 1 Configure the server assigned MAC based VLAN feature on the access device 2 Configure username to VLAN entries on the access authenticatio...
Страница 108: ...e interface view interface interface type interface number N A 4 Set the port link type to hybrid port link type hybrid By default all ports are access ports 5 Assign the hybrid port to the MAC based...
Страница 109: ...o the CPU As a result the port will not be dynamically assigned to the target VLAN As a best practice do not use dynamic MAC based VLAN assignment with PVST In PVST mode if the target VLAN of a port i...
Страница 110: ...id port to the MAC based VLANs port hybrid vlan vlan id list tagged untagged By default a hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access 5 Enable...
Страница 111: ...ed VLAN feature assigns inbound packets to different VLANs based on their protocol types and encapsulation formats The protocols available for VLAN assignment include IP IPX and AT The encapsulation f...
Страница 112: ...lt a hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access 8 Associate the hybrid port with the specified protocol based VLAN port hybrid protocol vlan v...
Страница 113: ...type interface number2 all Display information about IP subnet based VLANs display ip subnet vlan vlan vlan id1 to vlan id2 all Display information about protocol based VLANs that are associated with...
Страница 114: ...DeviceA vlan 100 DeviceA vlan100 port gigabitethernet 1 0 1 DeviceA vlan100 quit Create VLAN 200 and assign GigabitEthernet 1 0 2 to VLAN 200 DeviceA vlan 200 DeviceA vlan200 port gigabitethernet 1 0...
Страница 115: ...et1 0 1 DeviceA GigabitEthernet1 0 3 display vlan 200 VLAN ID 200 VLAN type Static Route interface Not configured Description VLAN 0200 Name VLAN 0200 Tagged ports GigabitEthernet1 0 3 Untagged ports...
Страница 116: ...untagged VLAN member DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEthernet1 0 1 port link type hybrid DeviceA GigabitEthernet1 0 1 port hybrid vlan 100 200 untagged Enable the MAC based VLA...
Страница 117: ...type trunk DeviceB GigabitEthernet1 0 2 port trunk permit vlan 100 200 DeviceB GigabitEthernet1 0 2 quit 3 Configure Device C in the same way as the Device A is configured Details not shown Verifying...
Страница 118: ...d port and assign it to VLAN 100 as a tagged VLAN member DeviceC interface gigabitethernet 1 0 2 DeviceC GigabitEthernet1 0 2 port link type hybrid DeviceC GigabitEthernet1 0 2 port hybrid vlan 100 ta...
Страница 119: ...100 Subnet index IP address Subnet mask 0 192 168 5 0 255 255 255 0 VLAN ID 200 Subnet index IP address Subnet mask 0 192 168 50 0 255 255 255 0 Verify the IP subnet based VLAN configuration on Gigab...
Страница 120: ...rnet 1 0 4 to VLAN 200 Device vlan200 port gigabitethernet 1 0 4 Configure VLAN 200 as a protocol based VLAN and create an IPv6 protocol template with the index 1 for VLAN 200 Device vlan200 protocol...
Страница 121: ...2 port hybrid protocol vlan vlan 100 1 to 2 Device GigabitEthernet1 0 2 port hybrid protocol vlan vlan 200 1 Device GigabitEthernet1 0 2 quit 2 Configure hosts and servers a Configure IPv4 Host A IPv...
Страница 122: ...Active 100 2 Ethernet II Etype 0x0806 Active 200 1 IPv6 Active Interface GigabitEthernet 1 0 2 VLAN ID Protocol index Protocol type Status 100 1 IPv4 Active 100 2 Ethernet II Etype 0x0806 Active 200...
Страница 123: ...tween sub VLANs perform the following tasks 1 Create a super VLAN and the VLAN interface for the super VLAN 2 Enable local proxy ARP or ND on the super VLAN interface as follows In an IPv4 network ena...
Страница 124: ...with a super VLAN Configuring a super VLAN interface As a best practice do not configure VRRP for a super VLAN interface because the configuration affects network performance For more information abo...
Страница 125: ...work requirements As shown in Figure 8 GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 are in VLAN 2 GigabitEthernet 1 0 3 and GigabitEthernet 1 0 4 are in VLAN 3 GigabitEthernet 1 0 5 and GigabitEthe...
Страница 126: ...n3 port gigabitethernet 1 0 3 gigabitethernet 1 0 4 DeviceA vlan3 quit Create VLAN 5 and assign GigabitEthernet 1 0 5 and GigabitEthernet 1 0 6 to the VLAN DeviceA vlan 5 DeviceA vlan5 port gigabiteth...
Страница 127: ...tatic It is a sub VLAN Route interface Configured Ipv4 address 10 1 1 1 Ipv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports GigabitEthernet1 0 3 Gigabi...
Страница 128: ...ed on L2 Device B VLAN 10 is the primary VLAN VLANs 2 5 and 8 are secondary VLANs that are associated with VLAN 10 L3 Device A is only aware of VLAN 10 Figure 9 Private VLAN example If the private VLA...
Страница 129: ...specified secondary VLANs that are associated with the primary VLAN Configuration restrictions and guidelines When you configure the private VLAN feature follow these restrictions and guidelines Make...
Страница 130: ...romiscuous Configure the uplink port as a trunk promiscuous port of the specified VLANs port private vlan vlan id list trunk promiscuous By default a port is not a promiscuous or trunk promiscuous por...
Страница 131: ...le local proxy ND local proxy nd enable Use substeps a b c and e for devices that run IPv4 protocols Use substeps a b d and f for devices that run IPv6 protocols By default Secondary VLANs cannot comm...
Страница 132: ...Ns 2 and 3 DeviceB vlan 2 to 3 Associate secondary VLANs 2 and 3 with primary VLAN 5 DeviceB vlan 5 DeviceB vlan5 private vlan secondary 2 to 3 DeviceB vlan5 quit Configure the uplink port GigabitEthe...
Страница 133: ...downlink port GigabitEthernet 1 0 3 to VLAN 3 and configure the port as a host port DeviceC interface gigabitethernet 1 0 3 DeviceC GigabitEthernet1 0 3 port access vlan 3 DeviceC GigabitEthernet1 0...
Страница 134: ...gabitEthernet 1 0 3 is an untagged member of primary VLAN 5 and secondary VLAN 3 Trunk promiscuous port configuration example Network requirements As shown in Figure 11 configure the private VLAN feat...
Страница 135: ...2 and 3 with primary VLAN 5 DeviceB vlan 5 DeviceB vlan5 private vlan secondary 2 to 3 DeviceB vlan5 quit Associate secondary VLANs 6 and 8 with primary VLAN 10 DeviceB vlan 10 DeviceB vlan10 private...
Страница 136: ...GigabitEthernet 1 0 5 to VLAN 8 and configure the port as a host port DeviceB interface gigabitethernet 1 0 5 DeviceB GigabitEthernet1 0 5 port access vlan 8 DeviceB GigabitEthernet1 0 5 port private...
Страница 137: ...y VLAN 2 Host port GigabitEthernet 1 0 3 is an untagged member of primary VLAN 5 and secondary VLAN 3 Trunk promiscuous and trunk secondary port configuration example Network requirements As shown in...
Страница 138: ...DeviceA vlan20 quit Create VLANs 11 12 21 and 22 DeviceA vlan 11 to 12 DeviceA vlan 21 to 22 Associate secondary VLANs 11 and 12 with primary VLAN 10 DeviceA vlan 10 DeviceA vlan10 private vlan second...
Страница 139: ...ondary DeviceA GigabitEthernet1 0 2 quit 2 Configure Device B Create VLANs 11 and 21 DeviceB system view DeviceB vlan 11 DeviceB vlan11 quit DeviceB vlan 21 DeviceB vlan21 quit Configure GigabitEthern...
Страница 140: ...net1 0 2 GigabitEthernet1 0 5 Untagged ports GigabitEthernet1 0 3 VLAN ID 11 VLAN type Static Private vlan type Secondary Route interface Not configured Description VLAN 0011 Name VLAN 0011 Tagged por...
Страница 141: ...guration procedure Create VLAN 10 and configure it as a primary VLAN DeviceA system view DeviceA vlan 10 DeviceA vlan10 private vlan primary DeviceA vlan10 quit Create VLANs 2 and 3 DeviceA system vie...
Страница 142: ...VLAN interface 10 DeviceA Vlan interface10 ip address 192 168 1 1 255 255 255 0 Enable local proxy ARP on VLAN interface 10 DeviceA Vlan interface10 local proxy arp enable DeviceA Vlan interface10 qu...
Страница 143: ...erface Configured IPv4 address 192 168 1 1 IPv4 subnet mask 255 255 255 0 Description VLAN 0003 Name VLAN 0003 Tagged ports None Untagged ports GigabitEthernet1 0 1 GigabitEthernet1 0 3 The Route inte...
Страница 144: ...resses A device identifies voice packets based on their source MAC addresses A packet whose source MAC address complies with an Organizationally Unique Identifier OUI address of the device is regarded...
Страница 145: ...t to identify IP phones if the network has more IP phone categories than the maximum number of OUI addresses supported on the device LLDP has higher priority than the OUI list For more information abo...
Страница 146: ...c mode when PCs and IP phones are connected in series to access the network through the device as shown in Figure 15 Ports on the device transmit both voice traffic and data traffic When an IP phone i...
Страница 147: ...packet processing ports of different link types must meet specific configuration requirements in different voice VLAN assignment modes Access ports do not transmit tagged packets Table 2 Configuration...
Страница 148: ...l the match will be dropped In a safe network you can configure the voice VLANs to operate in normal mode This mode reduces system resource consumption in source MAC address checking In either mode th...
Страница 149: ...values You can configure the device to modify the QoS priority settings for voice traffic You cannot configure the QoS priority settings on a voice VLAN enabled port Before you configure the QoS prio...
Страница 150: ...esult the port will not be dynamically assigned to the voice VLAN As a best practice do not use this mode with PVST In PVST mode if the target voice VLAN is not permitted on a port the port is placed...
Страница 151: ...static VLANs To make a voice VLAN take effect on a port operating in manual mode you must manually assign the port to the voice VLAN Configuration procedure To configure a port to operate in manual v...
Страница 152: ...strictions and guidelines Before you enable this feature enable LLDP both globally and on access ports Use this feature only with the automatic voice VLAN assignment mode Do not use this feature toget...
Страница 153: ...e CDP packets After receiving the advertised VLAN information the IP phone performs automatic voice VLAN configuration Packets from the IP phone will be transmitted in the dedicated voice VLAN LLDP pa...
Страница 154: ...e A and IP phone B respectively Configure GigabitEthernet 1 0 1 and GigabitEthernet 1 0 2 to operate in automatic voice VLAN assignment mode Add MAC addresses of IP phones A and B to the device for vo...
Страница 155: ...tic voice VLAN assignment mode DeviceA GigabitEthernet1 0 2 voice vlan mode auto Enable voice VLAN on GigabitEthernet 1 0 2 and configure VLAN 3 as the voice VLAN for it DeviceA GigabitEthernet1 0 2 v...
Страница 156: ...escription test Create VLAN 2 DeviceA vlan 2 DeviceA vlan2 quit Configure GigabitEthernet 1 0 1 to operate in manual voice VLAN assignment mode DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitE...
Страница 157: ...1 2200 0000 ffff ff00 0000 test 0060 b900 0000 ffff ff00 0000 Philips NEC phone 00d0 1e00 0000 ffff ff00 0000 Pingtel phone 00e0 7500 0000 ffff ff00 0000 Polycom phone 00e0 bb00 0000 ffff ff00 0000 3C...
Страница 158: ...nfiguration task list 4 Configuration restrictions and guidelines 4 Configuration prerequisites 5 Enabling MVRP 5 Setting an MVRP registration mode 5 Setting MRP timers 6 Enabling GVRP compatibility 7...
Страница 159: ...icipant As shown in Figure 1 an MRP participant sends declarations and withdrawals to notify other participants to register and deregister its attribute values It also registers and deregisters the at...
Страница 160: ...message enables MRP participants to register attributes When the MSTP topology changes an MRP participant sends a New message to the peer participant to declare the topology change Upon receiving a Ne...
Страница 161: ...mission of Join messages An MRP participant starts the Join timer after sending a Join message to the peer participant Before the Join timer expires the participant does not resend the Join message wh...
Страница 162: ...N Protocols and standards IEEE 802 1ak IEEE Standard for Local and Metropolitan Area Networks Virtual Bridged Local Area Networks Amendment 07 Multiple Registration Protocol MVRP configuration task li...
Страница 163: ...or MVRP to take effect on a port enable MVRP both on the port and globally 3 Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view interface interface type interface number N A 4 C...
Страница 164: ...ptional The default setting is 20 centiseconds 5 Set the Leave timer mrp timer leave timer value Optional The default setting is 60 centiseconds 6 Set the Periodic timer mrp timer periodic timer value...
Страница 165: ...bled Displaying and maintaining MVRP Execute display commands in any view and reset commands in user view Task Command Display MVRP running status display mvrp running status interface interface list...
Страница 166: ...ion DeviceA mst region quit Configure Device A as the primary root bridge of MSTI 1 DeviceA stp instance 1 root primary Globally enable the spanning tree feature DeviceA stp global enable Globally ena...
Страница 167: ...GigabitEthernet1 0 3 port trunk permit vlan all Enable MVRP on GigabitEthernet 1 0 3 DeviceA GigabitEthernet1 0 3 mvrp enable DeviceA GigabitEthernet1 0 3 quit Create VLAN 10 DeviceA vlan 10 DeviceA...
Страница 168: ...ST region view DeviceC system view DeviceC stp region configuration Configure the MST region name VLAN to instance mappings and revision level DeviceC mst region region name example DeviceC mst region...
Страница 169: ...bal enable Configure GigabitEthernet 1 0 1 as a trunk port and configure it to permit VLANs 20 and 40 DeviceD interface gigabitethernet 1 0 1 DeviceD GigabitEthernet1 0 1 port link type trunk DeviceD...
Страница 170: ...Declared VLANs 1 default Propagated VLANs None GigabitEthernet1 0 3 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds...
Страница 171: ...1 default 20 Propagated VLANs 1 default GigabitEthernet1 0 2 Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveA...
Страница 172: ...Config Status Enabled Running Status Enabled Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registere...
Страница 173: ...d Join Timer 20 centiseconds Leave Timer 60 centiseconds Periodic Timer 100 centiseconds LeaveAll Timer 1000 centiseconds Registration Type Normal Registered VLANs 1 default Declared VLANs None Propag...
Страница 174: ...hat VLAN information on GigabitEthernet 1 0 3 is not changed after you set its MVRP registration mode to fixed Delete VLAN 10 on Device A DeviceA undo vlan 10 Display local MVRP VLAN information on Gi...
Страница 175: ...or VLANs 3 Configuration restrictions and guidelines 3 Configuration procedure 4 Configuring the TPID for VLAN tags 4 Configuring the TPID for CVLAN tags 5 Configuring the TPID for SVLAN tags 5 Settin...
Страница 176: ...Allows different customers to use overlapping CVLAN IDs Devices in the service provider network make forwarding decisions based on SVLAN IDs instead of CVLAN IDs How QinQ works As shown in Figure 1 a...
Страница 177: ...s To add different SVLANs for different CVLAN tags use one to two VLAN mappings To replace the SVLAN ID CVLAN ID or both IDs for an incoming double tagged frame use two to two VLAN mappings QinQ and t...
Страница 178: ...ming frame with its PVID Before you enable or disable QinQ on a port you must remove any VLAN mappings on the port To enable QinQ Step Command Remarks 1 Enter system view system view N A 2 Enter Layer...
Страница 179: ...varies by vendor On an H3C device the TPID in the 802 1Q tag added on a QinQ enabled port is 0x8100 by default in compliance with IEEE 802 1Q In a multi vendor network make sure the TPID setting is th...
Страница 180: ...ing is 0x8100 Configuring the TPID for SVLAN tags Perform this task on the service provider side ports of PEs To configure the TPID value for SVLAN tags Step Command Remarks 1 Enter system view system...
Страница 181: ...remark dot1p dot1p value Copy the 802 1p priority in the CVLAN tag to the SVLAN tag remark dot1p customer dot1p trust By default the device copies the 802 1p priority in the CVLAN tag to the SVLAN tag...
Страница 182: ...e service provider network use a TPID value of 0x8200 Configure QinQ on PE 1 and PE 2 to transmit traffic in VLANs 100 and 200 for Company A and Company B respectively For the QinQ frames to be identi...
Страница 183: ...nfigure PE 2 Configure GigabitEthernet 1 0 1 as a trunk port and assign it to VLAN 200 PE2 system view PE2 interface gigabitethernet 1 0 1 PE2 GigabitEthernet1 0 1 port link type trunk PE2 GigabitEthe...
Страница 184: ...E 1 and PE 2 to enable the hosts in VLAN 3000 to communicate without using an SVLAN Figure 4 Network diagram Configuration procedure 1 Configure PE 1 Configure GigabitEthernet 1 0 1 as a trunk port an...
Страница 185: ...QinQ on GigabitEthernet 1 0 1 PE2 GigabitEthernet1 0 1 qinq enable Enable transparent transmission for VLAN 3000 on GigabitEthernet 1 0 1 PE2 GigabitEthernet1 0 1 qinq transparent vlan 3000 PE2 Gigab...
Страница 186: ...g in a network with dynamic IP address assignment 8 Configuring many to one VLAN mapping in a network with static IP address assignment 10 Configuring one to two VLAN mapping 12 Configuring zero to tw...
Страница 187: ...to two VLAN mapping Tags single tagged packets with an outer VLAN tag Zero to two VLAN mapping Adds double VLAN tags to untagged packets Two to two VLAN mapping Replaces the outer and inner VLAN IDs...
Страница 188: ...fic from different customers One to two and two to two VLAN mapping Figure 2 shows a typical application scenario of one to two and two to two VLAN mapping In this scenario the two remote sites of the...
Страница 189: ...t and expands the number of available VLANs to 4094 4094 Reduces the stress on the SVLAN resources which were 4094 VLANs in the SP network before the mapping process was initiated Zero to two VLAN map...
Страница 190: ...ne VLAN mapping As shown in Figure 5 many to one VLAN mapping is implemented on both the customer side and network side ports as follows For the uplink traffic the customer side many to one VLAN mappi...
Страница 191: ...SVLAN as an untagged member Configure the customer side port as a trunk port and set the port PVID to the SVLAN Figure 6 One to two VLAN mapping implementation Zero to two VLAN mapping As shown in Fi...
Страница 192: ...VLAN and CVLAN with the SVLAN and the CVLAN for the downlink traffic Figure 8 Two to two VLAN mapping implementation VLAN mapping configuration task list When you configure VLAN mapping follow these g...
Страница 193: ...g on the customer side ports of wiring closet switches see Figure 1 to isolate traffic of the same service type from different homes Before you configure one to one VLAN mapping create the original VL...
Страница 194: ...t traffic forwarding from the service provider network to the customer network do not configure many to one VLAN mapping together with uRPF For more information about uRPF see Security Configuration G...
Страница 195: ...it vlan vlan id list For the hybrid port port hybrid vlan vlan id list tagged N A 5 Configure a many to one VLAN mapping vlan mapping uni range vlan range list single vlan id list translated vlan vlan...
Страница 196: ...estrictions and guidelines When you configure many to one VLAN mapping in a network that uses static address assignment follow these restrictions and guidelines Before you configure many to one VLAN m...
Страница 197: ...port link type hybrid By default the link type of a port is access 4 Assign the port to the original VLANs and the translated VLANs For the trunk port port trunk permit vlan vlan id list For the hybri...
Страница 198: ...tag is added to a packet the packet length is added by 4 bytes As a best practice set the MTU to a minimum of 1504 bytes for ports on the forwarding path of the packet in the service provider network...
Страница 199: ...h VLAN tags To configure zero to two VLAN mapping Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view Enter Layer 2 Eth...
Страница 200: ...Enter Layer 2 Ethernet interface view or Layer 2 aggregate interface view Enter Layer 2 Ethernet interface view interface interface type interface number Enter Layer 2 aggregate interface view interfa...
Страница 201: ...s on the wiring closet switches This feature assigns one VLAN to each type of traffic from each household To save VLAN resources configure many to one VLAN mappings on the campus switch Switch C This...
Страница 202: ...s 303 304 VLAN 503 Campus switch Switch C Distribution network DHCP client DHCP server Wiring closet Switch A VLAN 1 VLAN 101 VLAN 2 VLAN 201 VLAN 3 VLAN 301 VLAN 1 VLAN 102 VLAN 2 VLAN 202 VLAN 3 VLA...
Страница 203: ...2 vlan mapping 2 translated vlan 202 SwitchA GigabitEthernet1 0 2 vlan mapping 3 translated vlan 302 SwitchA GigabitEthernet1 0 2 quit Configure the network side port GigabitEthernet 1 0 3 as a trunk...
Страница 204: ...503 Enable DHCP snooping entry recording on GigabitEthernet 1 0 1 SwitchC GigabitEthernet1 0 1 dhcp snooping binding record SwitchC GigabitEthernet1 0 1 quit Configure customer side port GigabitEthern...
Страница 205: ...GigabitEthernet1 0 1 port trunk permit vlan 501 to 503 SwitchD GigabitEthernet1 0 1 quit Verifying the configuration Verify VLAN mapping information on the wiring closet switches for example Switch A...
Страница 206: ...m Configuration procedure 1 Configure PE 1 Create VLANs 5 and 100 PE1 system view PE1 vlan 5 PE1 vlan5 quit PE1 vlan 100 PE1 vlan100 quit Configure a one to two VLAN mapping on the customer side port...
Страница 207: ...1 0 2 to VLAN 100 PE2 GigabitEthernet1 0 2 port trunk permit vlan 100 PE2 GigabitEthernet1 0 2 quit 3 Configure PE 3 Create VLANs 5 6 100 and 200 PE3 system view PE3 vlan 5 to 6 PE3 vlan 100 PE3 vlan...
Страница 208: ...ernet 1 0 2 to VLAN 200 as an untagged member PE4 GigabitEthernet1 0 2 port hybrid vlan 200 untagged Configure a one to two VLAN mapping on GigabitEthernet 1 0 2 to add SVLAN tag 200 to packets from V...
Страница 209: ...ion on a port 3 Setting the loop protection action 4 Configuration restrictions and guidelines 4 Setting the global loop protection action 4 Setting the loop protection action on a Layer 2 Ethernet in...
Страница 210: ...ks within a VLAN If a detection frame is returned with a different VLAN tag than it was sent out with an inter VLAN loop has occurred To remove the loop examine the QinQ or VLAN mapping configuration...
Страница 211: ...process as the network changes Loop detection frames are sent at the loop detection interval to determine whether loops occur on ports and whether loops are removed Loop protection actions When the d...
Страница 212: ...ce Required Enabling loop detection Optional Setting the loop protection action Optional Setting the loop detection interval Enabling loop detection You can enable loop detection globally or on a per...
Страница 213: ...ion in Interface Configuration Guide Setting the global loop protection action Step Command Remarks 1 Enter system view system view N A 2 Set the global loop protection action loopback detection globa...
Страница 214: ...d when you set the loop detection interval To set the loop detection interval Step Command Remarks 1 Enter system view system view N A 2 Set the loop detection interval loopback detection interval tim...
Страница 215: ...DeviceA GigabitEthernet1 0 1 quit DeviceA interface gigabitethernet 1 0 2 DeviceA GigabitEthernet1 0 2 port link type trunk DeviceA GigabitEthernet1 0 2 port trunk permit vlan 100 DeviceA GigabitEther...
Страница 216: ...0 2 quit Verifying the configuration View the system logs on devices for example Device A DeviceA Feb 24 15 04 29 663 2013 DeviceA LPDT 4 LPDT LOOPED Loopback exists on GigabitEthernet1 0 1 Feb 24 15...
Страница 217: ...ernet 1 0 1 GigabitEthernet1 0 1 current state DOWN Loop detection down The output shows that GigabitEthernet 1 0 1 is already shut down by the loop detection module Display the status of GigabitEther...
Страница 218: ...26 Configuring the root bridge or a secondary root bridge 27 Configuring the device as the root bridge of a specific spanning tree 27 Configuring the device as a secondary root bridge of a specific s...
Страница 219: ...nfiguring TC Snooping 44 Configuration restrictions and guidelines 45 Configuration procedure 45 Configuring protection features 45 Configuring BPDU guard 46 Enabling root guard 47 Enabling loop guard...
Страница 220: ...efers to the IEEE 802 1d STP and various enhanced spanning tree protocols derived from that protocol STP protocol frames STP uses bridge protocol data units BPDUs also known as configuration messages...
Страница 221: ...BPDU transmission interval Forward delay Delay for STP bridges to transit port state Devices use the root bridge ID root path cost designated bridge ID designated port ID message age max age hello ti...
Страница 222: ...gnated port Classification Designated bridge Designated port For a device Device directly connected to the local device and responsible for forwarding BPDUs to the local device Port through which the...
Страница 223: ...vice ID as the root bridge ID By exchanging configuration BPDUs the devices compare their root bridge IDs to elect the device with the smallest root bridge ID as the root bridge 3 Root port and design...
Страница 224: ...he former priority is higher the device replaces the content of the configuration BPDU generated by the port with the content of the received configuration BPDU 2 The device compares the configuration...
Страница 225: ...dge ID root path cost designated bridge ID and designated port ID Table 3 Initial state of each device Device Port name Configuration BPDU on the port Device A Port A1 0 0 0 Port A1 Port A2 0 0 0 Port...
Страница 226: ...uration BPDU 1 0 1 Port B1 3 Updates its configuration BPDU Port B2 performs the following operations 1 Receives the configuration BPDU of Port C2 2 0 2 Port C2 2 Determines that its existing configur...
Страница 227: ...rations 1 Receives the updated configuration BPDU of Port B2 0 5 1 Port B2 2 Determines that the received configuration BPDU is superior to its existing configuration BPDU 0 10 2 Port C2 3 Updates its...
Страница 228: ...onfiguration BPDU Sends this configuration BPDU through the designated port If a designated port receives a configuration BPDU with a lower priority than its configuration BPDU the port immediately re...
Страница 229: ...rt has expired If it is expired a new spanning tree calculation process starts The max age timer does not take effect on MSTIs If a port does not receive any configuration BPDUs within the timeout per...
Страница 230: ...cted as the root port or designated port it enters the learning state after the forward delay The port learns MAC addresses and enters the forwarding state after another forward delay A newly elected...
Страница 231: ...nnot be blocked on a per VLAN basis to prune loops PVST allows every VLAN to have its own spanning tree which increases usage of links and bandwidth Because each VLAN runs RSTP independently a spannin...
Страница 232: ...ions Because each VLAN has its spanning tree the amount of PVST BPDUs is proportional to the number of VLANs on a trunk or hybrid port When the trunk or hybrid port permits too many VLANs both resourc...
Страница 233: ...t 0x00 The other parameters are used to identify the MST region for the originating bridge CIST IRPC Internal root path cost IRPC from the originating bridge to the root of the MST region CIST bridge...
Страница 234: ...king topology of MST region 3 Figure 9 Basic concepts in MSTP Figure 10 Network diagram and topology of MST region 3 MST region 1 MST region 2 MST region 3 MST region 4 VLAN 1 MSTI 1 VLAN 2 MSTI 2 Oth...
Страница 235: ...nd MSTIs In Figure 10 the VLAN to instance mapping table of MST region 3 is as follows VLAN 1 to MSTI 1 VLAN 2 and VLAN 3 to MSTI 2 Other VLANs to MSTI 0 MSTP achieves load balancing by means of the V...
Страница 236: ...ort or master port is blocked the alternate port takes over Backup port Acts as the backup port of a designated port When the designated port is invalid the backup port becomes the new designated port...
Страница 237: ...ding How MSTP works MSTP divides an entire Layer 2 network into multiple MST regions which are connected by a calculated CST Inside an MST region multiple spanning trees called MSTIs are calculated Am...
Страница 238: ...t before it transits from the blocking state to the forwarding state The forward delay is related to the hello time and network diameter If the forward delay is too short loops might occur This affect...
Страница 239: ...orts transits to the discarding or learning state it sets the proposal flag in its BPDU Its peer bridge receives the BPDU and determines whether the receiving port is the root port If it is the root p...
Страница 240: ...posal and agreement flags in its BPDU and sends it to Device B through Port A1 b Device B receives the BPDU Port B1 of Device B is elected as the root port c Device B then blocks all its ports except...
Страница 241: ...of the following features on a port service loopback group RRPP Smart Link and L2PT Interface configuration restrictions Configurations made in system view take effect globally Configurations made in...
Страница 242: ...d Enabling the spanning tree feature Optional Configuring TC Snooping Optional Configuring protection features Optional Disabling the device from reactivating edge ports shut down by BPDU guard Option...
Страница 243: ...tional Setting the timeout factor Optional Configuring the BPDU transmission rate Optional Configuring edge ports Optional Configuring the port link type Optional Enabling outputting port state transi...
Страница 244: ...Required Configuring an MST region Optional Configuring the device priority Optional Setting the timeout factor Optional Configuring the BPDU transmission rate Optional Configuring edge ports Optiona...
Страница 245: ...s in all VLANs On a trunk port or hybrid port the PVST mode is compatible with other spanning tree modes only in the default VLAN To set the spanning tree mode Step Command Remarks 1 Enter system view...
Страница 246: ...ree can have only one root bridge If multiple devices can be selected as the root bridge in a spanning tree the device with the lowest MAC address is selected When the root bridge of an instance fails...
Страница 247: ...ifferent priorities in different spanning trees During root bridge selection if all devices in a spanning tree have the same priority the one with the lowest MAC address is selected You cannot change...
Страница 248: ...d network through the root bridge The network diameter indicates the network size The bigger the diameter the larger the network size Based on the network diameter you configured the system automatica...
Страница 249: ...er the forward delay time should be As a best practice use the automatically calculated value because inappropriate forward delay setting might cause temporary redundant paths or increase the network...
Страница 250: ...od and then starts an undesired spanning tree calculation To save network resources on a stable network To set the timeout factor Step Command Remarks 1 Enter system view system view N A 2 Set the tim...
Страница 251: ...tting are mutually exclusive Configuration procedure To configure a port as an edge port Step Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface or Layer 2 aggregat...
Страница 252: ...on might not be the best one To solve this problem perform one of the following tasks Use dot1t as the standard for default path cost calculation Manually set the path cost for the port see Configurin...
Страница 253: ...containing three Selected ports 666 1 Aggregate interface containing four Selected ports 500 1 20 Gbps Single port 1 1000 1 Aggregate interface containing two Selected ports 500 1 Aggregate interface...
Страница 254: ...nfiguration example In MSTP mode perform the following tasks Configure the device to calculate the default path costs of its ports by using IEEE 802 1d 1998 Set the path cost of GigabitEthernet 1 0 3...
Страница 255: ...nterface number N A 3 Configure the port priority In STP RSTP mode stp port priority priority In PVST mode stp vlan vlan id list port priority priority In MSTP mode stp instance instance list port pri...
Страница 256: ...that send frames of the same format By default a port in auto mode sends 802 1s MSTP frames When the port receives an MSTP frame of a legacy format the port starts to send frames only of the legacy fo...
Страница 257: ...ter you disable the spanning tree feature on these ports Enabling the spanning tree feature in STP RSTP MSTP mode Step Command Remarks 1 Enter system view system view N A 2 Enable the spanning tree fe...
Страница 258: ...ives an STP BPDU transparently transmitted by Device B the receiving port transits to the STP mode If you configure Device B to run RSTP PVST or MSTP with Device C you must perform mCheck operations o...
Страница 259: ...gion configuration If the local device has different VLAN to instance mappings than its neighboring devices loops or traffic interruption will occur As defined in IEEE 802 1s connected devices are in...
Страница 260: ...ation procedure Use this feature on when your H3C device is connected to a third party device that uses its private key to calculate the configuration digest To configure Digest Snooping Step Command...
Страница 261: ...ent Check In RSTP and MSTP the following types of messages are used for rapid state transition on designated ports Proposal Sent by designated ports to request rapid transition Agreement Used to ackno...
Страница 262: ...ate rapidly enable No Agreement Check on the downstream device s port Configuration prerequisites Before you configure the No Agreement Check feature complete the following tasks Connect a device to a...
Страница 263: ...device Figure 19 Network diagram Configuration procedure Enable No Agreement Check on GigabitEthernet 1 0 1 of Device A DeviceA system view DeviceA interface gigabitethernet 1 0 1 DeviceA GigabitEther...
Страница 264: ...trictions and guidelines TC Snooping and the spanning tree feature are mutually exclusive You must globally disable the spanning tree feature before enabling TC Snooping The priority of BPDU tunneling...
Страница 265: ...imer expires You can set this timer by using the shutdown interval command For more information about this command see device management commands in Fundamentals Command Reference You can configure th...
Страница 266: ...U with a higher priority from an MSTI it performs the following operations Immediately sets that port to the listening state in the MSTI Does not forward the received configuration BPDU This is equiva...
Страница 267: ...ep Command Remarks 1 Enter system view system view N A 2 Enter Layer 2 Ethernet interface or Layer 2 aggregate interface view interface interface type interface number N A 3 Enable the loop guard feat...
Страница 268: ...restriction is disabled Enabling TC BPDU guard When a device receives topology change TC BPDUs the BPDUs that notify devices of topology changes it flushes its forwarding address entries If someone u...
Страница 269: ...calculation error might occur To avoid PVST calculation errors enable PVST BPDU guard on the MSTP enabled device The device shuts down a port if the port receives PVST BPDUs To enable PVST BPDU guard...
Страница 270: ...ks Port A1 which causes traffic interruption To ensure service continuity you can disable dispute guard on Device A to prevent the link from being blocked Figure 22 Disabling dispute guard application...
Страница 271: ...se ports you must use the undo shutdown command For more information about the port status detection interval see device management configuration in Fundamentals Configuration Guide To disable the dev...
Страница 272: ...blocked by spanning tree protection features display stp abnormal port Display BPDU statistics on ports display stp bpdu statistics interface interface type interface number instance instance list Di...
Страница 273: ...s of different VLANs are forwarded along different spanning trees VLAN 10 frames are forwarded along MSTI 1 VLAN 30 frames are forwarded along MSTI 3 VLAN 40 frames are forwarded along MSTI 4 VLAN 20...
Страница 274: ...T region name as example DeviceB system view DeviceB stp region configuration DeviceB mst region region name example Map VLAN 10 VLAN 30 and VLAN 40 to MSTI 1 MSTI 3 and MSTI 4 respectively DeviceB ms...
Страница 275: ...tree feature globally DeviceD stp global enable Verifying the configuration In this example Device B has the lowest root bridge ID As a result Device B is elected as the root bridge in MSTI 0 When th...
Страница 276: ...Port Role STP State Protection 0 GigabitEthernet1 0 1 ROOT FORWARDING NONE 0 GigabitEthernet1 0 2 ALTE DISCARDING NONE 0 GigabitEthernet1 0 3 ALTE DISCARDING NONE 3 GigabitEthernet1 0 1 ROOT FORWARDIN...
Страница 277: ...20 VLAN 30 and VLAN 40 on Device D Configure the ports on these devices as trunk ports and assign them to related VLANs 2 Configure Device A Set the spanning tree mode to PVST DeviceA system view Dev...
Страница 278: ...RWARDING NONE 10 GigabitEthernet1 0 3 DESI FORWARDING NONE 20 GigabitEthernet1 0 1 DESI FORWARDING NONE 20 GigabitEthernet1 0 2 DESI FORWARDING NONE 20 GigabitEthernet1 0 3 DESI FORWARDING NONE 30 Gig...
Страница 279: ...nning tree as shown in Figure 26 Figure 26 VLAN spanning tree topologies PVST on DR system configuration example Network requirements As shown in Figure 27 Device A and Device B work at the distributi...
Страница 280: ...A and Device B Create VLAN 10 and VLAN 20 on Device C Create VLAN 20 and VLAN 30 on Device D Configure the ports on these devices as trunk ports and assign them to related VLANs 2 Configure DRNI on De...
Страница 281: ...rimary DR device Device A DeviceA display stp brief VLAN ID Port Role STP State Protection 10 Bridge Aggregation1 DESI FORWARDING NONE 20 Bridge Aggregation1 DESI FORWARDING NONE 20 Bridge Aggregation...
Страница 282: ...ameters 14 Setting an encapsulation format for LLDP frames 15 Disabling LLDP PVID inconsistency check 16 Configuring CDP compatibility 16 Configuration prerequisites 17 Configuration procedure 17 Conf...
Страница 283: ...Guide LLDP enables a network management system to quickly detect and identify Layer 2 network topology changes Basic concepts LLDP agent An LLDP agent is a mapping of an entity where LLDP runs Multipl...
Страница 284: ...erent types This helps distinguish between LLDP frames sent and received by different agent types on the same interface The destination MAC address is fixed to one of the following multicast MAC addre...
Страница 285: ...pe of device information as shown in Figure 4 Figure 4 LLDPDU encapsulation format An LLDPDU can carry up to 32 types of TLVs Mandatory TLVs include Chassis ID TLV Port ID TLV and Time to Live TLV Oth...
Страница 286: ...e address IEEE 802 1 organizationally specific TLVs Table 4 IEEE 802 1 organizationally specific TLVs Type Description Port VLAN ID PVID Specifies the port VLAN identifier Port And Protocol VLAN ID PP...
Страница 287: ...rt Power Stateful Control Indicates the power state control configured on the sending port including the following Power supply mode of the PSE PD PSE PD priority PSE PD power Energy Efficient Etherne...
Страница 288: ...e the other LLDP MED TLVs will not be advertised even if they are advertisable Management address The network management system uses the management address of a device to identify and manage the devic...
Страница 289: ...can configure a track entry and associate it with an LLDP interface The LLDP module checks the neighbor availability status of the LLDP interface regularly and reports the check result to the Track m...
Страница 290: ...penFlow you must enable LLDP globally on OpenFlow switches To prevent LLDP from affecting topology discovery of OpenFlow controllers disable LLDP on ports of OpenFlow instances For more information ab...
Страница 291: ...ce view or management Ethernet interface view lldp agent nearest customer nearest nontpmr admin status disable rx tx txrx In Layer 2 Layer 3 aggregate interface view lldp agent nearest customer neares...
Страница 292: ...rnet interface view or management Ethernet interface view lldp agent nearest customer nearest nontpmr check change interval interval In Layer 2 Layer 3 aggregate interface view lldp agent nearest cust...
Страница 293: ...TLVs Nearest customer bridge agents can advertise all basic TLVs as well as port VLAN ID and link aggregation TLVs in the 802 1 organizationally specific TLV set The evb keyword is not supported 4 Co...
Страница 294: ...e agents do not advertise any TLVs Nearest customer bridge agents can advertise all basic TLVs and link aggregation TLVs in the IEEE 802 1 organizationally specific TLV set 6 Configure the advertisabl...
Страница 295: ...nt address TLV advertisement setting for an interface in the following order 1 Interface based setting configured by using the lldp tlv enable command with the management address tlv keyword 2 Global...
Страница 296: ...address By default The nearest bridge agent and nearest customer bridge agent advertise the management address TLV The nearest non TPMR bridge agent does not advertise the management address TLV 5 Set...
Страница 297: ...gured an LLDP port sends LLDP frames in Ethernet II frames SNAP With SNAP encapsulation configured an LLDP port sends LLDP frames in SNAP frames Earlier versions of LLDP require the same encapsulation...
Страница 298: ...among the VLANs permitted on the port If no VLAN interfaces of the permitted VLANs are assigned an IP address or all VLAN interfaces are down no port IP address will be advertised You can view the ne...
Страница 299: ...transmission interval to be no more than 1 3 of the TTL value To configure LLDP to be compatible with CDP Step Command Remarks 1 Enter system view system view N A 2 Enable CDP compatibility globally l...
Страница 300: ...e view lldp notification med topology change enable By default LLDP MED trapping is disabled 5 Return to system view quit N A 6 Optional Set the LLDP trap transmission interval lldp timer notification...
Страница 301: ...net interface To use the MAC address of a Layer 3 Ethernet subinterface as the source MAC address use vlan id to specify the subinterface ID in Layer 3 Ethernet interface view Enabling the device to g...
Страница 302: ...laying and maintaining LLDP Execute display commands in any view Task Command Display local LLDP information display lldp local information global interface interface type interface number Display the...
Страница 303: ...g mode to Rx on GigabitEthernet 1 0 1 SwitchA GigabitEthernet1 0 1 lldp admin status rx SwitchA GigabitEthernet1 0 1 quit Enable LLDP on GigabitEthernet 1 0 2 By default LLDP is enabled on ports Switc...
Страница 304: ...ansmit interval 1s Transmit credit max 5 Hold multiplier 4 Reinit delay 2s Trap interval 30s Fast start times 4 LLDP status information of port 1 GigabitEthernet1 0 1 LLDP agent nearest bridge Port st...
Страница 305: ...mer Port status of LLDP Enable Admin status Disable Trap flag No MED trap flag No Polling interval 0s Number of LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbors 0 Number of sent opti...
Страница 306: ...LLDP neighbors 0 Number of MED neighbors 0 Number of CDP neighbors 0 Number of sent optional TLV 1 Number of received unknown TLV 0 LLDP status information of port 2 GigabitEthernet1 0 2 LLDP agent n...
Страница 307: ...ones to automatically configure the voice VLAN The voice VLAN feature performs the following operations Confines the voice traffic to the voice VLAN Isolates the voice traffic from other types of traf...
Страница 308: ...onfigure LLDP to operate in TxRx mode on GigabitEthernet 1 0 2 SwitchA GigabitEthernet1 0 2 lldp admin status txrx Configure CDP compatible LLDP to operate in TxRx mode on GigabitEthernet 1 0 2 Switch...
Страница 309: ...delines 3 L2PT configuration task list 3 Enabling L2PT 3 Restrictions and guidelines 3 Enabling L2PT for a protocol 4 Setting the destination multicast MAC address for tunneled packets 4 Displaying an...
Страница 310: ...packet the PEs cannot determine whether the packet is from the customer network or the service provider network They must deliver the packet to the CPU for processing In this case the Layer 2 protocol...
Страница 311: ...st MAC address to the original MAC address and multicasts the packet out of all customer facing ports in the VLAN Figure 2 L2PT operating mechanism For example as shown in Figure 3 PE 1 receives an ST...
Страница 312: ...te interface on the CE connects to an L2PT enabled port on the PE Enable L2PT on ports connected to a customer network If you enable L2PT on ports connected to the service provider network L2PT determ...
Страница 313: ...tion multicast MAC address for tunneled packets follow these restrictions and guidelines For tunneled packets to be recognized set the same destination multicast MAC addresses on PEs that are connecte...
Страница 314: ...om any VLAN to pass Enable L2PT for STP to enable Customer A s network to implement independent spanning tree calculation across the service provider network Set the destination multicast MAC address...
Страница 315: ...MST ID Root Bridge ID ExtPathCost IntPathCost Root Port 0 32768 0cda 41c5 ba50 0 0 Configuring L2PT for LACP Network requirements As shown in Figure 5 the MAC addresses of CE 1 and CE 2 are 0001 0000...
Страница 316: ...gabitethernet 1 0 1 CE1 GigabitEthernet1 0 1 port link aggregation group 1 CE1 GigabitEthernet1 0 1 quit CE1 interface gigabitethernet 1 0 2 CE1 GigabitEthernet1 0 2 port link aggregation group 1 CE1...
Страница 317: ...link aggregation successfully CE1 display link aggregation member port Flags A LACP_Activity B LACP_Timeout C Aggregation D Synchronization E Collecting F Distributing G Defaulted H Expired GigabitEt...
Страница 318: ...32768 Oper Key 1 Flag ACDEF Remote System ID 0x8000 0001 0000 0000 Port Number 3 Port Priority 32768 Oper Key 1 Flag ACDEF Received LACP Packets 23 packet s Illegal 0 packet s Sent LACP Packets 26 pac...
Страница 319: ...1 Overview 1 Configuration restrictions and guidelines 1 Configuring a service loopback group 1 Displaying and maintaining service loopback groups 2 Service loopback group configuration example 2 Net...
Страница 320: ...gning to a service loopback group meet the following requirements The ports are not used for any other purposes The configuration on a port is removed when it is assigned to a service loopback group T...
Страница 321: ...group 1 and specify its service type as tunnel DeviceA system view DeviceA service loopback group 1 type tunnel Assign GigabitEthernet 1 0 1 through GigabitEthernet 1 0 3 to service loopback group 1...
