Command Manual (For Soliton) VLAN-VPN. Table of Contents

Similar documents
Command Manual QinQ-BPDU Tunneling H3C S3610&S5510 Series Ethernet Switches. Table of Contents

Command Manual QinQ-BPDU TUNNEL H3C S5500-SI Series Ethernet Switches. Table of Contents

Table of Contents 1 QinQ Configuration BPDU Tunneling Configuration 2-1

Configuring BPDU tunneling

Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling

Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling

QinQ Operation. Page 1 of 11

Table of Contents 1 QinQ Configuration 1-1

Configuring Q-in-Q VLAN Tunnels

Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling

Configuring MPLS L2VPN

Configuring VLANs. Understanding VLANs CHAPTER

Configuring MPLS L2VPN

Configuring Control-Plane Security

Configuring IEEE 802.1Q Tunneling

IEEE 802.1ad Support on Provider Bridges

Configuring Q-in-Q VLAN Tunnels

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VPLS. VPLS overview. Operation of VPLS. Basic VPLS concepts

Configuring VLANs. Understanding VLANs CHAPTER

Huawei H HCNP R&S Fast Track.

Configuring VLANs. Understanding VLANs CHAPTER

Configuring Control-Plane Security

Ethernet Virtual Connections Configuration

24-Port 10/100 L3 Switch Model: Web Configuration Guide

Configuring MPLS L2VPN

Configuring VLANs. Understanding VLANs CHAPTER

Configuring VLANs. Understanding VLANs CHAPTER

ARP attack protection commands

Exam Implementing Cisco IP Switched Networks (SWITCH)

VLAN Configuration. Understanding VLANs CHAPTER

HP 6125G & 6125G/XG Blade Switches

Configuring SPAN and RSPAN

Loop detection commands 1

2] Chapter 2 Cisco IOS Commands traceroute mac

Configuring Ethernet Virtual Connections on the Cisco ASR 1000 Series Router

Implementing IP in IP Tunnel

Configuring VLAN Trunks

LAN Troubleshooting. Ethernet Troubleshooting

Configuring VLANs. Understanding VLANs CHAPTER

FSOS. Ethernet Configuration Guide

Configuring SPAN and RSPAN

Table of Contents 1 VLAN Configuration 1-1

Lab 3.3 Configuring Wireshark and SPAN

Authorized CCNP. Student. LabManual SWITCH.

IEEE 802.1Q Tunneling (QinQ) and L2PT on L2 Ports

Configuring Interfaces

Command Manual MAC Address Table Management H3C S5500-EI Series Ethernet Switches. Table of Contents

Configuring EtherChannels and Link-State Tracking

Configuring Virtual Private LAN Services

Configuring Private VLANs

Cisco Implementing Cisco IP Switched Networks (SWITCH v2.0)

Port ACLs (PACLs) Prerequisites for PACls CHAPTER

Configuring SPAN. Understanding SPAN CHAPTER. This chapter describes how to configure Switched Port Analyzer (SPAN) and on the Catalyst 2960 switch.

Cisco. Exam Questions SWITCH Implementing Cisco IP Switched Networks. Version:Demo

Figure 7-1 Unicast Static FDB window

VLAN - SP6510P8 2013/4. Copyright 2011 Micronet Communications, INC

Table of Contents 1 Port Mirroring Configuration 1-1

Configuring EtherChannels and Layer 2 Trunk Failover

Configuring Interfaces

Configuring SPAN and RSPAN

HP FlexFabric 5700 Switch Series

examcollection.premium.exam.157q. Exam code: Exam name: Implementing Cisco IP Switched Networks. Version 15.0

Configuring StackWise Virtual

H3C S5500-HI Switch Series

Carrier Ethernet Services

Massimiliano Sbaraglia

Configuring SPAN and RSPAN

Building Cisco Multilayer Switched Networks (BCMSN)

Cisco Certified Network Associate ( )

TestOut Routing and Switching Pro - English 6.0.x COURSE OUTLINE. Modified

Chapter 4 Configuring Switching

Question No: 1 What is the maximum number of switches that can be stacked using Cisco StackWise?

Configuring VLANs. Understanding VLANs CHAPTER

Lab 1-2Connecting to a Cisco Router or Switch via Console. Lab 1-6Basic Graphic Network Simulator v3 Configuration

::::::::Notes::::::::: (802.1q Tunneling/QinQ Tunneling)(Used for Metro-Ethernet Networks/Layer 2 VPN)

EVC Command Reference

CCNP SWITCH (22 Hours)

CCNA Routing and Switching (NI )

Configuring EtherChannels

Operation Manual Cluster Management. Table of Contents

Table of Contents 1 MSTP Configuration Commands 1-1

TEXTBOOK MAPPING CISCO COMPANION GUIDES

Configuring Q-in-Q VLAN Tunnels

Configuring Port Channels

HP 5820X & 5800 Switch Series Layer 2 - LAN Switching. Configuration Guide. Abstract

Operation Manual MPLS VLL. Table of Contents

Configuring Private VLANs

Quidway S5700 Series Ethernet Switches V100R006C01. Configuration Guide - Ethernet. Issue 02 Date HUAWEI TECHNOLOGIES CO., LTD.

Configuring VLANs. Understanding VLANs CHAPTER

CCNA. Course Catalog

Configuring EtherChannels

H3C S10500 Switch Series

Portal configuration commands

VLAN. Command Reference, Cisco IOS XE Everest 16.6.x (Catalyst 3850 Switches) 1

Configuring EtherChannels and Layer 2 Trunk Failover

Actual4Test. Actual4test - actual test exam dumps-pass for IT exams

Configuring SPAN and RSPAN

CCNA. Murlisona App. Hiralal Lane, Ravivar Karanja, Near Pethe High-School, ,

Catalyst 1900 Series and Catalyst 2820 Series Enterprise Edition Software Configuration Guide

Transcription:

Table of Contents Table of Contents Chapter 1 VLAN-VPN Configuration Commands... 1-1 1.1 VLAN-VPN Configuration Commands... 1-1 1.1.1 display port vlan-vpn... 1-1 1.1.2 vlan-vpn enable... 1-2 1.1.3 vlan-vpn tpid... 1-3 Chapter 2 Selective QinQ Configuration Commands... 2-1 2.1 Selective QinQ Configuration Commands... 2-1 2.1.1 raw-vlan-id inbound... 2-1 2.1.2 vlan-vpn vid... 2-2 2.1.3 vlan-vpn selective enable... 2-3 Chapter 3 VLAN Mapping Configuration Commands... 3-1 3.1 VLAN Mapping Configuration Commands... 3-1 3.1.1 vlan-mapping... 3-1 3.1.2 vlan-mapping enable... 3-2 Chapter 4 BPDU Tunnel Configuration Commands... 4-1 4.1 BPDU Tunnel Configuration Commands... 4-1 4.1.1 bpdu-tunnel... 4-1 4.1.2 bpdu-tunnel tunnel-dmac... 4-2 4.1.3 display bpdu-tunnel... 4-3 i

Chapter 1 VLAN-VPN Configuration Commands Chapter 1 VLAN-VPN Configuration Commands 1.1 VLAN-VPN Configuration Commands 1.1.1 display port vlan-vpn display port vlan-vpn Any view None Use the display port vlan-vpn command to display the information about VLAN-VPN configuration of the current system. Related commands: vlan-vpn enable, vlan-vpn inner-cos-trust, vlan-vpn tpid. # Display the VLAN-VPN configuration of the current system. <Sysname> display port vlan-vpn VLAN-VPN TPID: 8200 Ethernet1/0/1 VLAN-VPN status: enabled VLAN-VPN VLAN: 1 Ethernet1/0/5 VLAN-VPN status: enabled VLAN-VPN VLAN: 1 Table 1-1 on the fields of the display port vlan-vpn command Field VLAN-VPN TPID Ethernet1/0/1 VLAN-VPN status Global TPID value The port with the VLAN VPN feature enabled The operation status of the VLAN VPN feature on the port 1-1

Field Chapter 1 VLAN-VPN Configuration Commands VLAN-VPN VLAN The VLAN corresponding to the tag that the port tags packets with, that is, the default VLAN of the port 1.1.2 vlan-vpn enable vlan-vpn enable undo vlan-vpn Ethernet port view None Use the vlan-vpn enable command to enable the VLAN-VPN feature for a port. Use the undo vlan-vpn command to disable the VLAN-VPN feature for a port. By default, the VLAN-VPN feature is disabled. With the VLAN-VPN feature enabled, a received packet is tagged with the default VLAN tag of the receiving port no matter whether or not the packet already carries a VLAN tag. If the packet already carries a VLAN tag, the packet becomes a dual-tagged packet. Otherwise, the packet becomes a packet carrying the default VLAN tag of the port. You can use the display port vlan-vpn command to display the configuration information of VLAN-VPN on the ports to verity your configuration. After the VLAN-VPN function is enabled, you can use the vlan-vpn vid command and the raw-vlan-id inbound command to configure the selective QinQ function. Refer to Selective QinQ Configuration Commands for details. # Enable the VLAN-VPN feature for Ethernet 1/0/1 port. System : return to User with Ctrl+Z. [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1] vlan-vpn enable 1-2

Chapter 1 VLAN-VPN Configuration Commands 1.1.3 vlan-vpn tpid vlan-vpn tpid value undo vlan-vpn tpid System view value: User-defined TPID value (in hexadecimal format), in the range 0x0001 to 0xFFFF. Use the vlan-vpn tpid command to set the global TPID value. With the TPID value set, the port fills the value to the TPID field of the outer tag to be added for a packet and, upon receiving a packet, compares the TPID value with the TPID field of the packet to determine whether the packet carries a VLAN tag or not. Use the undo vlan-vpn tpid command to restore the default TPID value. The default TPID value is 0x8100. For the position and function of the TPID field in a packet, refer to VLAN Operation. The TPID field in an Ethernet frame has the same position with the protocol type field in a frame without a VLAN tag. To prevent other devices in the network from recognizing the tag-encapsulated packets of the current switch as protocol packets, you are not allowed to set the TPID value to any of the values in the table below. Table 1-2 Common Ethernet frame protocol type values Protocol type Value ARP IP MPLS IPX IS-IS LACP 0x0806 0x0800 0x8847/0x8848 0x8137 0x8000 0x8809 802.1x 0x888E 1-3

Chapter 1 VLAN-VPN Configuration Commands # Set the global TPID value to 0x9100. System : return to User with Ctrl+Z. [Sysname] vlan-vpn tpid 9100 1-4

Chapter 2 Selective QinQ Configuration Commands Chapter 2 Selective QinQ Configuration Commands 2.1 Selective QinQ Configuration Commands 2.1.1 raw-vlan-id inbound raw-vlan-id inbound vlan-id-list undo raw-vlan-id inbound { all vlan-id-list } QinQ view vlan-id-list: Lists of VLAN IDs. After receiving packets of these VLANs, the switch will encapsulate the packets with the specified outer VLAN tag. You need to provide this argument in the form of { vlan-id [ to vlan-id ] }&<1-10>, where the VLAN ID after the to keyword must be larger than or equal to the VLAN ID before the to keyword and &<1-10> means that you can specify up to 10 VLANs/VLAN ranges for this argument. all: Removes all configurations of encapsulating an outer VLAN tag for specified inner VLANs in the current view. Use the raw-vlan-id inbound command to specify to encapsulate packets with the specified inner VLAN tags with the specified outer tag. This command must be configured on ports connecting the user network. Use the undo raw-vlan-id inbound command to remove the configuration. By default, the switch does not encapsulate packets with any outer VLAN tag. Caution: A packet cannot be tagged with different outer VLAN tags. To change the outer VLAN tag of a packet, you need to remove the existing outer VLAN tag configuration and configure a new outer VLAN tag. 2-1

Chapter 2 Selective QinQ Configuration Commands Before configuring this command in QinQ view, you need to use the vlan-vpn vid command to configure the outer VLAN tag to be used in the selective QinQ policy. Related commands: vlan-vpn vid. # Configure Switch to add the tag of VLAN 20 as the outer tag to packets with their inner VLAN IDs being 8 through 15. System : return to User with Ctrl+Z. [Sysname] vlan-vpn vid 20 [Sysname-vid-20] raw-vlan-id inbound 8 to 15 2.1.2 vlan-vpn vid vlan-vpn vid vlan-id undo vlan-vpn vid vlan-id System view vlan-id: VLAN ID, in the range 1 to 4094. Use the vlan-vpn vid command to configure the outer VLAN tag for a selective QinQ policy (that is, the outer VLAN tag to be used by a port to encapsulate received packets) and to enter QinQ view. Use the undo vlan-vpn vid command to remove the configured outer VLAN tag. Note that this command will also remove all configurations configured by the raw-vlan-id inbound command in QinQ view. By default, no selective QinQ policy is configured on a port. After specifying an outer VLAN tag and enter QinQ view, you need to use the raw-vlan-id inbound command to specify which VLANs packets will be encapsulated with the specified outer VLAN tag. Otherwise, the configuration of the outer VLAN tag is of no use. Related commands: raw-vlan-id inbound. 2-2

Chapter 2 Selective QinQ Configuration Commands # Specify to add VLAN 20 tag as the outer tags to the packets with their inner VLAN IDs being 2 through 14. System : return to User with Ctrl+Z. [Sysname] vlan-vpn vid 20 [Sysname-vid-20] raw-vlan-id inbound 2 to 14 2.1.3 vlan-vpn selective enable vlan-vpn selective enable undo vlan-vpn selective enable Ethernet port view Parameter None Use the vlan-vpn selective enable command to enable the selective QinQ feature on a port. With the selective QinQ feature enabled, packets carrying specific inner VLAN tags are tagged with specific outer VLAN tags according to the VLAN tag mapping rules defined. Use the undo vlan-vpn selective enable command to disable the selective QinQ feature. By default, the selective QinQ feature is disabled on a port. Related commands: vlan-vpn vid, raw-vlan-id inbound. Example # Enable the selective QinQ feature on Ethernet 1/0/1. System : return to User with Ctrl+Z. [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1] vlan-vpn selective enable 2-3

Chapter 3 VLAN Mapping Configuration Commands Chapter 3 VLAN Mapping Configuration Commands 3.1 VLAN Mapping Configuration Commands 3.1.1 vlan-mapping vlan-mapping vlan old-vlan-id remark new-vlan-id undo vlan-mapping vlan old-vlan-id System view, Ethernet port view Parameter vlan old-vlan-id: Specifies the source VLAN ID for VLAN mapping. The old-vlan-id argument is in the range of 1 to 4094. remark new-vlan-id: Specifies the target VLAN ID for VLAN mapping. The new-vlan-id argument is in the range of 1 to 4094. Use the vlan-mapping command in system view to define a global VLAN mapping rule. A VLAN mapping rule maps the VLAN tag of a specific VLAN carried in packets to another one. Use the vlan-mapping command in Ethernet port view to define a VLAN mapping rule for the current port and enable the VLAN mapping function for the port. Use the undo vlan-mapping command in system view to invalidate a VLAN mapping rule. Use the undo vlan-mapping command in Ethernet port view to invalidate a VLAN mapping rule and disable the VLAN mapping function on the current port. 3-1

Chapter 3 VLAN Mapping Configuration Commands By default, no global VLAN mapping rule or port-level VLAN mapping rule is defined. Note: A port that is in a link aggregation port group cannot have the VLAN Mapping feature enabled. The VLAN mapping function and the protocol-based VLAN function are mutually exclusive on the same port. To modify a VLAN mapping relationship, you need to delete the corresponding VLAN mapping rule and then define a new one. With a global VLAN mapping rule defined in system view, you cannot define any VLAN mapping rules in Ethernet port view. Related commands: vlan-mapping enable. Example # Define a VLAN mapping rule on Ethernet 1/0/1 to map VLAN 100 to VLAN 200. System : return to User with Ctrl+Z. [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1]vlan-mapping vlan 100 remark 200 3.1.2 vlan-mapping enable vlan-mapping enable undo vlan-mapping enable Ethernet port view Parameter None Use the vlan-mapping enable command to enable the VLAN mapping function on a port based on global VLAN mapping rules. Use the undo vlan-mapping enable command to disable the VLAN mapping function on a port. 3-2

Chapter 3 VLAN Mapping Configuration Commands By default, the VLAN mapping function is disabled. Note: A port that is in a link aggregation port group cannot have the VLAN Mapping feature enabled. With port-based VLAN mapping rules configured for a port, the VLAN mapping function is enabled on the port at the same time. In this case, the vlan-mapping enable command cannot be used to enable the VLAN mapping function again. The VLAN mapping function and the protocol-based VLAN function are mutually exclusive on the same port. Related command: vlan-mapping. Example # Enable the VLAN mapping function on Ethernet 1/0/1. System : return to User with Ctrl+Z. [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1] vlan-mapping enable 3-3

Chapter 4 BPDU Tunnel Configuration Commands Chapter 4 BPDU Tunnel Configuration Commands 4.1 BPDU Tunnel Configuration Commands 4.1.1 bpdu-tunnel bpdu-tunnel protocol-type undo bpdu-tunnel { protocol-type all } Ethernet port view protocol-type: Protocol type, packets of which will be transmitted through a BPDU tunnel, This argument can be a keyword listed in Table 4-1. Table 4-1 on the protocol-name argument Value cdp hgmp lacp pagp pvst stp vtp udld Enable/Disable BPDU tunnel for CISCO discovery protocol (CDP). Enable/Disable BPDU tunnel for Huawei group management protocol (HGMP) related protocols, including neighbor discovery protocol (NDP), neighbor topology discovery protocol, cluster member remote control (MRC), and Huawei authentication bypass protocol (HABP). Enable/Disable BPDU tunnel for link aggregation control protocol (LACP). Enable/Disable BPDU tunnel for port aggregation protocol (PAGP). Enable/Disable BPDU tunnel for per-vlan spanning tree (PVST). Enable/Disable BPDU tunnel for spanning tree protocol (STP). Enable/Disable BPDU tunnel for VLAN trunk protocol (VTP). Enable/Disable BPDU tunnel for uni-directional link direction (UDLD). all: Disables BPDU tunnel for all protocol packets. Use the bpdu-tunnel command to enable BPDU tunnel on a port, so that packets of the specified protocol will be transparently transmitted through the BPDU tunnel on the port. 4-1

Chapter 4 BPDU Tunnel Configuration Commands Use the undo bpdu-tunnel command to disable BPDU tunnel on a port. By default, BPDU tunnel is disabled on a port. After you enable a port to transmit packets of a specified protocol type through the BPDU tunnel, when the port receives such a packet, it will use the specified private multicast MAC address to replace the original destination MAC address of the packet before sending it. As a result, the packet will not be recognized as a protocol packet by other devices in the operator network during transmission. In this way, transparent transmission is implemented. You can use the bpdu-tunnel tunnel-dmac command to change the destination MAC addresses of protocol packets to a specified multicast MAC address. Caution: If this command is enabled on a port for a specific protocol, the specific protocol cannot be enabled on the port. For example, if you have configured the bpdu-tunnel lacp command, the lacp enable command cannot be enabled on the port. The commands configured for service provider s devices at both ends of a BPDU tunnel must be consistent. Otherwise, BPDU packets of the customer network cannot be transparently transmitted properly. # Enable BPDU tunnel for packets of LACP. System : return to User with Ctrl+Z. [Sysname] interface Ethernet 1/0/1 [Sysname-Ethernet1/0/1] bpdu-tunnel lacp 4.1.2 bpdu-tunnel tunnel-dmac bpdu-tunnel tunnel-dmac mac-address undo bpdu-tunnel tunnel-dmac System view 4-2

Chapter 4 BPDU Tunnel Configuration Commands mac-address: Destination MAC address to be assigned to the protocol packets transmitted along a BPDU tunnel. This argument must be a multicast MAC address. Use the bpdu-tunnel tunnel-dmac command to configure the destination MAC address for protocol packets transmitted along a BPDU tunnel. Use the undo bpdu-tunnel tunnel-dmac command to restore the default destination MAC address. By default, the destination MAC address for protocol packets transmitted along a BPDU tunnel is 010f-e200-0003. Caution: To prevent the devices in the service provider network from processing the tunnel packets as other protocol packets, the MAC address for tunnel packets must be a multicast address specially for BPDU tunnels in the service provider network. The destination MAC addresses configured at the two ends of a BPDU tunnel must be the same; otherwise, the protocol packets cannot be transmitted and forwarded normally. Related commands: display bpdu-tunnel. # Set the destination MAC address for protocol packets transmitted along BPDU tunnels to 010f-e266-c3ab. System : return to User with Ctrl+Z. [Sysname] bpdu-tunnel tunnel-dmac 010f-e266-c3ab 4.1.3 display bpdu-tunnel display bpdu-tunnel Any view 4-3

Chapter 4 BPDU Tunnel Configuration Commands None Use the display bpdu-tunnel command to display the private multicast MAC address configured for protocol packets transmitted along the BPDU tunnel(s). Related commands: bpdu-tunnel tunnel-dmac. # Display the private multicast MAC address configured for packets transmitted along the BPDU tunnel(s). <Sysname> display bpdu-tunnel Tunnel packet's destination-mac-address: 010f-e2cd-0003 The above output information indicates that all the protocol packets transmitted along the BPDU tunnel(s) use 010f-e2cd-0003 as their destination MAC addresses. 4-4

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback