Illustrated Parts Manual...Parts Manual for Deck Decals 8600-12
MANUAL 8600-4.1
-
Upload
waperaltaf -
Category
Documents
-
view
322 -
download
7
Transcript of MANUAL 8600-4.1
Part No. 314725-E Rev 00May 2006
4655 Great America ParkwaySanta Clara, CA 95054
Configuring VLANs, Spanning Tree, and Link AggregationEthernet Routing Switch 8600 Software Release 4.1
2
Copyright © 2006 Nortel Networks. All Rights Reserved.
The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks.
Trademarks
Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks.
Adobe and Acrobat Reader are trademarks of Adobe Systems, Incorporated.
Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation.
The asterisk after a name denotes a trademarked item.
Restricted rights legend
Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013.
Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software, the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.
Statement of conditions
In the interest of improving internal design, operational function, and/or reliability, Nortel reserves the right to make changes to the products described in this document without notice.
Nortel does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein.
Portions of the code in this software product may be Copyright © 1988, Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms of such portions are permitted, provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that such portions of the software were developed by the University of California, Berkeley. The name of the University may not be used to endorse or promote products derived from such portions of the software without specific prior written permission.
SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties).
Nortel software license agreement
This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Corporation and its subsidiaries and affiliates (“Nortel”). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE
314725-E Rev 00
3
AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in the original shipping container, within 30 days of purchase to obtain a credit for the full purchase price.
“Software” is owned or licensed by Nortel, its parent or one of its subsidiaries or affiliates, and is copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data, audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole or partial copies. Nortel grants you a license to use the Software only in the country where you acquired the Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for the selection of the Software and for the installation of, use of, and results obtained from the Software.
1.Licensed Use of Software. Nortel grants Customer a nonexclusive license to use a copy of the Software on only one machine at any one time or to the extent of the activation or authorized usage level, whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer furnished equipment (“CFE”), Customer is granted a nonexclusive license to use Software only on such hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as confidential information using the same care and discretion Customer uses with its own similar information that it does not wish to disclose, publish or disseminate. Customer will ensure that anyone who uses the Software does so only in compliance with the terms of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d) sublicense, rent or lease the Software. Licensors of intellectual property to Nortel are beneficiaries of this provision. Upon termination or breach of the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptly return the Software to Nortel or certify its destruction. Nortel may audit by remote polling or other reasonable means to determine Customer’s Software activation or usage levels. If suppliers of third party software included in Software require Nortel to include additional or different terms, Customer agrees to abide by such terms provided by Nortel with respect to such third party software.
2.Warranty. Except as may be otherwise expressly agreed to in writing between Nortel and Customer, Software is provided “AS IS” without any warranties (conditions) of any kind. Nortel DISCLAIMS ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel is not obligated to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in such event, the above exclusions may not apply.
3.Limitation of Remedies. IN NO EVENT SHALL Nortel OR ITS AGENTS OR SUPPLIERS BE LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE, EVEN IF Nortel, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations or exclusions and, in such event, they may not apply.
4.Generala. If Customer is the United States Government, the following paragraph shall apply: All Nortel Software
available under this License Agreement is commercial computer software and commercial computer software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).
b. Customer may terminate the license at any time. Nortel may terminate the license if Customer fails to comply with the terms and conditions of this license. In either event, upon termination, Customer must either return the Software to Nortel or certify its destruction.
Configuring VLANs, Spanning Tree, and Link Aggregation
4
c. Customer is responsible for payment of any taxes, including personal property taxes, resulting from Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable export and import laws and regulations.
d. Neither party may bring an action, regardless of form, more than two years after the cause of the action arose.
e. The terms and conditions of this License Agreement form the complete and exclusive agreement between Customer and Nortel.
f. This License Agreement is governed by the laws of the country in which Customer acquires the Software. If the Software is acquired in the United States, then this License Agreement is governed by the laws of the state of New York.
314725-E Rev 00
5
Contents
Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Before you begin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29
Text conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
Acronyms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
Hard-copy technical manuals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
How to get help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Finding the latest updates on the Nortel web site . . . . . . . . . . . . . . . . . . . . . . . . . 35
Getting help from the Nortel web site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
Getting help over the phone from a Nortel Solutions Center . . . . . . . . . . . . . . . . . 36
Getting help from a specialist by using an Express Routing Code . . . . . . . . . . . . 36
Getting help through a Nortel distributor or reseller . . . . . . . . . . . . . . . . . . . . . . . . 36
Chapter 1Layer 2 operational concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37
Port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Policy-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Port membership types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40
Protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
User-defined protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
MAC address-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
IP subnet-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46
Multihoming support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47
VLAN tagging and port types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
802.1Q tagged ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Treatment of tagged and untagged frames . . . . . . . . . . . . . . . . . . . . . . . . . . . 49
Untagging Default VLAN on a Tagged Port feature . . . . . . . . . . . . . . . . . . . . . 50
Configuring VLANs, Spanning Tree, and Link Aggregation
6 Contents
VLAN virtual router interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
IP routing and VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
IPX routing and VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52
VLAN implementation on the Ethernet Routing Switch 8600 . . . . . . . . . . . . . . . . 53
Default VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Unassigned VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
Brouter ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
VLAN rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
VLAN features supported on the Ethernet Routing Switch 8600 modules . . . . . . 55
MultiLink trunking and VLAN scalability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56
VLAN scaling formulas . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Maximum VLAN support comparison with Enhanced Operation mode . . . . . 57
Module behavior comparison with Enhanced Operation mode . . . . . . . . . . . . 58
Interoperability between operation mode and module type . . . . . . . . . . . . . . 58
Stacked VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
sVLAN specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
sVLAN rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
sVLAN levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60
sVLAN UNI and NNI ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Flooding for Microsoft NLB clustering systems in unicast mode . . . . . . . . . . . . . . 63
VLAN MAC filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
Prevention of IP spoofing within a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 64
VLAN Loop Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65
Spanning tree protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66
Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Spanning tree groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
Spanning Tree Protocol controls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Spanning Tree FastStart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Understanding STGs and VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69
Spanning Tree Protocol topology change detection . . . . . . . . . . . . . . . . . . . . 70
Per-VLAN spanning tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol . . . . . . . . . . 73
Interoperability with legacy STP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73
Link aggregation (MLT, SMLT, LACP, VLACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78
MultiLink Trunking (MLT) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79
314725-E Rev 00
Contents 7
MLT traffic distribution algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
MultiLink Trunking rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Multicast flow distribution over MLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
Multicast distribution algorithm . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84
Multicast traffic redistribution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86
MLT examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
IEEE 802.3ad-based link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93
LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Link aggregation operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94
Principles of link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
LACP and MLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
LACP and SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
LACP and routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
LACP priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98
LACP keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
LACP timers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
LACP modes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
LACP and spanning tree interaction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100
Link aggregation rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Virtual LACP (VLACP) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
VLACP timers and sub-100 ms core convergence . . . . . . . . . . . . . . . . . . . . 104
Split MultiLink Trunking (SMLT) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
Advantages of SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107
How does SMLT work? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111
Traffic flow in an SMLT environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115
SMLT-on-Single-CPU feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 118
Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
Split multilink trunk topologies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Using MLT-based SMLT with Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . 125
Interaction between SMLT and LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126
SMLT network design considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127
SMLT and SLPP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
SMLT and IP routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
Configuring VLANs, Spanning Tree, and Link Aggregation
8 Contents
Simple Loop Prevention Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Chapter 2Configuring VLANs using Device Manager . . . . . . . . . . . . . . . . . . . . . . . . 135
Displaying defined VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135
Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Creating a port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138
Configuring an IP address for a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Configuring a network address and encapsulation for a VLAN . . . . . . . . . . . . . . 144
Configuring policy-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Creating a source IP subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146
Creating a protocol-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Configuring user-defined protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . 150
Creating a source MAC address-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . 152
Enabling source MAC address-based VLANs on the system . . . . . . . . . . . . 152
Configuring a source MAC address-based VLAN . . . . . . . . . . . . . . . . . . . . . 154
Creating a source MAC address-based VLAN using batch files . . . . . . . . . . 157
Managing a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158
Changing VLAN port membership . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159
Configuring advanced VLAN features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
Configuring VLAN forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
Configuring a VLAN to accept tagged or untagged frames . . . . . . . . . . . . . . . . . 165
Configuring Untagging Default VLAN on a Tagged Port . . . . . . . . . . . . . . . . . . . 169
Configuring MAC address auto-learning on a VLAN . . . . . . . . . . . . . . . . . . . . . . 170
Modifying auto-learned MAC addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Configuring VLAN Loop Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Configuring directed broadcast on a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Managing VLAN bridging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Configuring the forwarding database timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Viewing the forwarding database for a specific VLAN . . . . . . . . . . . . . . . . . . . . . 179
Clearing learned MAC addresses from the forwarding database . . . . . . . . . . . . 180
Clearing learned MAC addresses by VLAN . . . . . . . . . . . . . . . . . . . . . . . . . 180
Clearing learned MAC addresses for all VLANs by port . . . . . . . . . . . . . . . . 181
Configuring static forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
MAC-layer bridge packet filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
314725-E Rev 00
Contents 9
Configuring a MAC-layer bridge filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Configuring the Global MAC filter . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Configuring Enhanced Operation mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191
Chapter 3Configuring sVLAN using Device Manager . . . . . . . . . . . . . . . . . . . . . . . . 195
Stacked VLAN configuration overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195
Creating an sVLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
Setting the sVLAN Ethertype and switch level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Setting the sVLAN port type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Creating an sVLAN STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Chapter 4Configuring spanning tree using Device Manager . . . . . . . . . . . . . . . . . . 211
Choosing the spanning tree mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
Configuring Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Creating a STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Editing an STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
Adding ports to an STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Viewing the STG status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
Viewing STG ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
Enabling STP on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Deleting an STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224
Configuring STG topology change detection . . . . . . . . . . . . . . . . . . . . . . . . . . . 225
Configuring Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Configuring MSTP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
Configuring CIST ports for MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230
Viewing statistics for the CIST ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 233
Configuring MSTI bridges for MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Configuring MSTI ports for MSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Viewing MSTI port statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238
Configuring Rapid Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Configuring RSTP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 240
Configuring RSTP ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243
Viewing RSTP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 245
Configuring VLANs, Spanning Tree, and Link Aggregation
10 Contents
Viewing statistics for RSTP Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Chapter 5Configuring link aggregation using Device Manager . . . . . . . . . . . . . . . . 249
Configuring link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 249
Configuring LACP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250
Configuring VLACP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252
Adding a MultiLink/LACP trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Adding ports to a multilink trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258
Viewing multilink trunk interface statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Viewing multilink trunk Ethernet error statistics . . . . . . . . . . . . . . . . . . . . . . . . . . 261
Managing LACP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Configuring a port for LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Configuring a port for Virtual LACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271
Viewing LACP statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273
Configuring Split Multilink Trunking . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Adding a MLT-based SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 276
Viewing MLT-based SMLTs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Adding ports to an MLT-based SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Configuring an IST multilink trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
Editing an IST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Viewing IST statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283
Configuring a single port split multilink trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Viewing Single Port SMLTs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Deleting a Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Configuring Simple Loop Prevention Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Configuring SLPP globally . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Configuring the SLPP by VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Configuring the SLPP by port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Chapter 6Configuring multiple DSAP and SSAP using Device Manager . . . . . . . . 297
Design aspects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
Configuring multiple DSAPs and SSAPs per VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . 300
314725-E Rev 00
Contents 11
Chapter 7Configuring and managing VLANs using the CLI. . . . . . . . . . . . . . . . . . . 303
Roadmap of VLAN commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
Configuring and managing a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Creating a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Performing general VLAN operations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
Configuring VLAN parameters in the forwarding database . . . . . . . . . . . . . . . . . 316
Configuring or modifying VLAN entries in the forwarding database . . . . . . . 316
Configuring VLAN filter members . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 317
Setting or modifying parameters of VLAN not allowed filter member . . . . . . 318
Configuring VLAN static member parameters . . . . . . . . . . . . . . . . . . . . . . . . 320
Limiting MAC learning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321
Adding or removing VLAN ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 323
Adding or removing VLAN source MAC addresses . . . . . . . . . . . . . . . . . . . . . . . 324
Configuring NLB unicast support on an IP interface . . . . . . . . . . . . . . . . . . . . . . 325
Configuring Untagging Default VLAN on a Tagged Port . . . . . . . . . . . . . . . . . . . 325
Configuring Enhanced Operation mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
Configuring VLAN Loop Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
Configuring spoof detection for a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332
Using the VLAN show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Displaying general VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
Displaying forwarding database information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347
Displaying forwarding database filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
Displaying database status, MAC address, and QoS levels . . . . . . . . . . . . . . . . 349
Displaying additional parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Displaying ARP configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 351
Displaying VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Displaying brouter port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
Displaying IGMP switch operation information . . . . . . . . . . . . . . . . . . . . . . . . . . 354
Displaying VLAN routing (IP) configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Displaying port member status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Displaying source MAC addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
Using the show ports commands for VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
Displaying port tagging information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Displaying all port VLAN information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
Configuring VLANs, Spanning Tree, and Link Aggregation
12 Contents
Using the VLAN IP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Assigning an IP address to a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
Chapter 8Configuring sVLANs using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Roadmap of sVLAN commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366
Overview of sVLAN CLI configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
Creating an sVLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
Setting the Ethertype and switch level . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
Showing Ethertype and switch level information . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Setting the sVLAN port type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Creating an sVLAN STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376
Adding UNI or NNI ports to the STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Chapter 9Configuring STGs using the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
Roadmap of spanning tree commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
Configuring the spanning tree protocol mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
Configuring Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
Configuring spanning tree group parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
Configuring STG port parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Configuring topology change detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
Querying the change detection setting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
Using the show STG commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
Displaying all STG information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Displaying STG configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Displaying STG status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
Displaying basic STG information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
Displaying additional STG information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Displaying STG statistics counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
Configuring Rapid Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Configuring Rapid Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
Showing RSTP config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
Showing RSTP stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
Showing RSTP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
314725-E Rev 00
Contents 13
Showing ports info RSTP config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
Showing ports info RSTP stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
Showing ports info RSTP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Showing ports info RSTP config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Showing ports info RSTP role . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Configuring Ethernet RSTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Configuring Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
Configuring Multiple Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Configuring MSTP region . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Configuring MSTP CIST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Configuring MSTP MSTI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Showing MSTP configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
Showing MSTP instance information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Showing MSTP stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
Showing MSTP status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
Showing MSTP port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
Configuring Ethernet MSTP CIST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 424
Configuring Ethernet MSTP MSTI . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425
Chapter 10Configuring link aggregation using the CLI . . . . . . . . . . . . . . . . . . . . . . . 427
Roadmap of link aggregation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428
Configuring link aggregation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
Link aggregation commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433
Adding ports to a link aggregation group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435
Removing ports from a link aggregation group . . . . . . . . . . . . . . . . . . . . . . . . . . 437
Global LACP commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 438
Aggregator configuration commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 440
Port configuration commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 441
LACP show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 443
Displaying global LACP configuration information . . . . . . . . . . . . . . . . . . . . 443
Displaying LACP configuration information . . . . . . . . . . . . . . . . . . . . . . . . . . 444
Displaying LACP statistics information per port . . . . . . . . . . . . . . . . . . . . . . 446
Displaying LACP configuration information per aggregator . . . . . . . . . . . . . 448
Configuring VLACP on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 451
Configuring VLANs, Spanning Tree, and Link Aggregation
14 Contents
Displaying the VLACP port configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 452
Globally enabling or disabling VLACP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
Creating a split multilink trunk from an existing multilink trunk . . . . . . . . . . . . . . 455
Creating an interswitch trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 456
Creating an interswitch trunk from an existing multilink trunk . . . . . . . . . . . . 457
Enabling and disabling an interswitch trunk . . . . . . . . . . . . . . . . . . . . . . . . . 458
Configuring CP-Limit for an IST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 459
Deleting an interswitch trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Creating a single port split multilink trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 460
Configuration example: single port split multilink trunk . . . . . . . . . . . . . . . . . 461
Configuring SMLT-on-Single-CPU . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462
Using the MLT and SMLT show commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Displaying all multilink trunk information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 463
Displaying information about collision errors . . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Displaying information about Ethernet errors . . . . . . . . . . . . . . . . . . . . . . . . . . . 467
Displaying multilink trunk status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Displaying interswitch trunk status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Displaying split multilink trunk status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
Displaying all ports configured for single port split multilink trunk . . . . . . . . . . . . 471
Displaying a port configured for Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . 471
Displaying MLT statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 472
Troubleshooting SMLT problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Troubleshooting IST problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Troubleshooting problems with a single user . . . . . . . . . . . . . . . . . . . . . . . . . . . . 476
Global MAC filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 477
Configuring Simple Loop Prevention Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Configuring SLPP on a port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Showing SLPP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Showing SLPP port information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Chapter 11Configuring multiple DSAP and SSAP using the CLI . . . . . . . . . . . . . . . . 483
Design aspects . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 484
Configuring multiple DSAP and SSAP with the CLI . . . . . . . . . . . . . . . . . . . . . . . . . . 487
314725-E Rev 00
Contents 15
Chapter 12Device Manager configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . 491
LACP point to point LAG configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 491
SMLT and LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
Single Port SMLT and LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . 500
Chapter 13CLI configuration examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 503
MultiLink Trunking configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Single Port SMLT with SLPP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . 505
SMLT triangle with loop detection configuration example . . . . . . . . . . . . . . . . . . . . . 508
Square SMLT configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514
Full mesh SMLT configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 518
SMLT and VRRP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522
SMLT and multicast configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 525
Triangle SMLT and LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 526
Single Port SMLT and LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . 528
SLPP, VRRP BackupMaster, and SMLT configuration example . . . . . . . . . . . . . . . . . 532
Ping Snoop configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 540
LACP point to point LAG configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541
Enabling VLACP on Ethernet links configuration example . . . . . . . . . . . . . . . . . . . . . 543
Per-VLAN Spanning Tree Plus (PVST+) configuration examples . . . . . . . . . . . . . . . 544
Configuring PVST+ on an Ethernet Routing Switch 8600 . . . . . . . . . . . . . . . . . . 544
Configuration example—basic PVST+ setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . 545
Configuration example—load balancing with the Ethernet Routing Switch 8600 as a distribution switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 547
Configuration files for S1 and S2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 550
Configuration example—load balancing with the Cisco System switch as a distribution switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552
Cisco Systems default spanning tree settings . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
Setting the PVST+ bridge ID priority . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 553
Rapid Spanning Tree Protocol configuration example . . . . . . . . . . . . . . . . . . . . . . . . 554
Multiple Spanning Tree Protocol configuration example . . . . . . . . . . . . . . . . . . . . . . 559
Appendix A
Configuring VLANs, Spanning Tree, and Link Aggregation
16 Contents
Tap and OctaPID assignment (Release 3.x feature set) . . . . . . . . . . . . . . 567
Glossary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 573
Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 577
314725-E Rev 00
17
Figures
Figure 1 Port-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39
Figure 2 Dynamic protocol-based VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
Figure 3 PPPoE and IP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44
Figure 4 Incorrect use of an IP subnet-based VLAN . . . . . . . . . . . . . . . . . . . . . . . 47
Figure 5 VLAN tag insertion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Figure 6 Network with IP phone and PC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51
Figure 7 Formulas used for VLAN scaling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
Figure 8 sVLAN model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
Figure 9 One layer sVLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61
Figure 10 Two layer sVLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62
Figure 11 Multiple spanning tree groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68
Figure 12 802.1d spanning tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Figure 13 Multiple instances of spanning tree . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72
Figure 14 Negotiation process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77
Figure 15 Config sys set hash-calc output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
Figure 16 Switch-to-switch multilink trunk configuration . . . . . . . . . . . . . . . . . . . . . . 88
Figure 17 Switch-to-server multilink trunk configuration . . . . . . . . . . . . . . . . . . . . . . 89
Figure 18 Client/server multilink trunk configuration . . . . . . . . . . . . . . . . . . . . . . . . . 90
Figure 19 Link aggregation sublayer (according to IEEE 802.3ad) . . . . . . . . . . . . . . 93
Figure 20 Problem description (1 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Figure 21 Problem description (2 of 2) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103
Figure 22 Sub-100 ms convergence between SuperMezz modules . . . . . . . . . . . . 106
Figure 23 Resilient networks with Spanning Tree Protocol . . . . . . . . . . . . . . . . . . . 109
Figure 24 Resilient networks with SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
Figure 25 Ethernet Routing Switch 8600 as SMLT aggregation switches . . . . . . . 111
Figure 26 Output of the command show vlan info fdb-e 10 . . . . . . . . . . . . . . . . . . 117
Figure 27 Network topology for traffic flow example . . . . . . . . . . . . . . . . . . . . . . . . 118
Figure 28 Single Port SMLT topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 121
Figure 29 SMLT triangle topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122
Configuring VLANs, Spanning Tree, and Link Aggregation
18 Figures
Figure 30 SMLT square topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 123
Figure 31 SMLT full mesh topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124
Figure 32 Changing a split trunk from MLT-based SMLT to Single Port SMLT . . . 125
Figure 33 SLPP frame . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 131
Figure 34 VLAN—Basic tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Figure 35 VLAN, Insert Basic box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Figure 36 VlanPortMembers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
Figure 37 IP, VLAN box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 142
Figure 38 IP, VLAN, Insert IP Address box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Figure 39 IPX, VLAN—Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Figure 40 IPX, VLAN—Insert Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145
Figure 41 VlanPortMembers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
Figure 42 VLAN, Insert Basic . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151
Figure 43 Chassis, System Flags tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
Figure 44 VLAN, Insert Basic—bySrcMac . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155
Figure 45 VlanPortMembers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
Figure 46 PortMembers box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
Figure 47 VLAN—Advanced tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Figure 48 VLAN—Forwarding tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Figure 49 VLAN, Forwarding—Filter tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165
Figure 50 Port—Interface tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
Figure 51 Port—VLAN tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167
Figure 52 VLAN—UntagDefaultVlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Figure 53 VLanMacLearning—Manual Edit tab . . . . . . . . . . . . . . . . . . . . . . . . . . . 170
Figure 54 VLanMacLearning, Insert Manual Edit box . . . . . . . . . . . . . . . . . . . . . . . 171
Figure 55 BridgeManualEditPorts box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171
Figure 56 VLanMacLearning—Auto Learn tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172
Figure 57 Port—VLAN loop detect . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174
Figure 58 Loop Detected . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Figure 59 IP, VLAN—Direct Broadcast tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176
Figure 60 Bridge, VLAN—FDB Aging tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Figure 61 Bridge, VLAN—Forwarding tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Figure 62 VLAN—Advanced . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
Figure 63 Port—Interface, FlushMacFDB . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182
Figure 64 Bridge, VLAN—Static tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183
314725-E Rev 00
Figures 19
Figure 65 Bridge, VLAN—Insert Static box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Figure 66 BridgeStaticPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 184
Figure 67 Bridge, VLAN—Filter tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 186
Figure 68 Bridge, VLAN—Insert Filter box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Figure 69 BridgeFilterPort . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187
Figure 70 BridgeFilterSrcDiscard box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Figure 71 BridgeFilterDestDiscard box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
Figure 72 GlobalMacFiltering tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Figure 73 GlobalMacFiltering, Insert Mac Filter box . . . . . . . . . . . . . . . . . . . . . . . . 190
Figure 74 Chassis—System Flags tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 192
Figure 75 Chassis—System SaveRuntimeConfig . . . . . . . . . . . . . . . . . . . . . . . . . 193
Figure 76 VLAN—Basic tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197
Figure 77 Insert Basic—for sVLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
Figure 78 VlanPortMembers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199
Figure 79 SVLAN—Ether Type tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
Figure 80 Svlan box—Level tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 201
Figure 81 Port box—Interface tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203
Figure 82 Port—VLAN tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
Figure 83 sVLAN configuration warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205
Figure 84 STG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
Figure 85 STG, Insert Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208
Figure 86 Spanning Tree—Globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212
Figure 87 STG—Configuration tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213
Figure 88 STG, Insert Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214
Figure 89 StgPortMembers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
Figure 90 StgPortMembers box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218
Figure 91 STG—Status tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Figure 92 STG—Ports tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Figure 93 MSTP—Globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227
Figure 94 MSTP—CIST Port tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 231
Figure 95 CIST Port Stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Figure 96 MSTP—MSTI Bridges tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 235
Figure 97 MSTP—MSTI Port tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Figure 98 MSTI Port.BridgeInstance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Figure 99 RSTP—Globals . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 241
Configuring VLANs, Spanning Tree, and Link Aggregation
20 Figures
Figure 100 RSTP—RSTP Ports tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Figure 101 RSTP Status tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Figure 102 RSTP Port—RSTP Stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Figure 103 MLT_LACP—LACP Global tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Figure 104 VLACP Global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
Figure 105 MLT_LACP—MultiLink/LACP Trunks . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
Figure 106 MLT_LACP, Insert MultiLink/LACP Trunks box . . . . . . . . . . . . . . . . . . . . 255
Figure 107 MltPortMembers box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259
Figure 108 Statistics, MLT—Interface tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Figure 109 Statistics, MLT—Ethernet Errors tab . . . . . . . . . . . . . . . . . . . . . . . . . . . 262
Figure 110 MLT_LACP—LACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Figure 111 Port—LACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267
Figure 112 Port—VLACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Figure 113 Graph Port—Interface tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Figure 114 Graph Port—LACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Figure 115 SMLT—SMLT Info tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Figure 116 IST MLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
Figure 117 IST MLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Figure 118 Ist/SMLT Stats tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Figure 119 Port—SMLT tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 286
Figure 120 Port, Insert SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Figure 121 SMLT—Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Figure 122 Deleting a Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
Figure 123 SLPP—Global . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Figure 124 Slpp—VLANS tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Figure 125 Slpp, Insert VLANS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
Figure 126 Slpp—Insert VlanId . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
Figure 127 Slpp—Ports tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Figure 128 VLAN—Advanced tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Figure 129 VLAN—DSAP/SSAP VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Figure 130 DSAP/SSAP, VLAN, Insert DSAP/SSAP . . . . . . . . . . . . . . . . . . . . . . . . 301
Figure 131 Config vlan create info command output . . . . . . . . . . . . . . . . . . . . . . . . 313
Figure 132 Config vlan info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Figure 133 Config vlan ports info command output . . . . . . . . . . . . . . . . . . . . . . . . . 324
Figure 134 Configuration example for supporting 1980 VLANs command output . . 327
314725-E Rev 00
Figures 21
Figure 135 Config and show sys link-flap-detect command output . . . . . . . . . . . . . 329
Figure 136 Sample configuration using the loop-detect commands. . . . . . . . . . . . . 331
Figure 137 Show vlan info all command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
Figure 138 Show vlan info fdb-entry command output . . . . . . . . . . . . . . . . . . . . . . . 347
Figure 139 Show vlan info fdb-filter command output . . . . . . . . . . . . . . . . . . . . . . . . 348
Figure 140 Show vlan info fdb-static command output . . . . . . . . . . . . . . . . . . . . . . . 349
Figure 141 Show vlan info advance command output . . . . . . . . . . . . . . . . . . . . . . . 351
Figure 142 Show vlan info arp command output . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Figure 143 Show vlan info basic command output . . . . . . . . . . . . . . . . . . . . . . . . . 353
Figure 144 Show vlan info brouter-port command output . . . . . . . . . . . . . . . . . . . . . 354
Figure 145 Show vlan info igmp command output . . . . . . . . . . . . . . . . . . . . . . . . . . 355
Figure 146 Show vlan info ip command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356
Figure 147 Show vlan info ports command output . . . . . . . . . . . . . . . . . . . . . . . . . . 357
Figure 148 Show vlan info srcmac command output . . . . . . . . . . . . . . . . . . . . . . . . 358
Figure 149 Show ports info vlan command output . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Figure 150 Show ports info port all command output . . . . . . . . . . . . . . . . . . . . . . . . 361
Figure 151 Config vlan ip info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
Figure 152 Config vlan info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
Figure 153 Sample command output for creating an sVLAN . . . . . . . . . . . . . . . . . . 370
Figure 154 Config svlan info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
Figure 155 Show svlan info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Figure 156 sVLAN-porttype warning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
Figure 157 Config ethernet <ports> info command output . . . . . . . . . . . . . . . . . . . . 375
Figure 158 Config stg info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
Figure 159 Spanning tree mode commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384
Figure 160 Config stg info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
Figure 161 Config ethernet <slot/port> stg <sid> info command output . . . . . . . . . . 389
Figure 162 Show ports info stg main command output . . . . . . . . . . . . . . . . . . . . . . . 391
Figure 163 Show stg show-all sample output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Figure 164 Show stg info config command output . . . . . . . . . . . . . . . . . . . . . . . . . . 397
Figure 165 Show stg info status command output . . . . . . . . . . . . . . . . . . . . . . . . . . 398
Figure 166 Show ports info stg main command output . . . . . . . . . . . . . . . . . . . . . . . 399
Figure 167 Show ports info stg extended command output . . . . . . . . . . . . . . . . . . . 400
Figure 168 Show ports stats stg command (partial output) . . . . . . . . . . . . . . . . . . . 402
Figure 169 Show rstp config command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405
Configuring VLANs, Spanning Tree, and Link Aggregation
22 Figures
Figure 170 Show rstp stats command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
Figure 171 Show rstp status command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407
Figure 172 Show ports info rstp config command output . . . . . . . . . . . . . . . . . . . . . 408
Figure 173 Show ports info rstp stats command . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
Figure 174 Show ports info rstp status command . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
Figure 175 Show ports info rstp config command . . . . . . . . . . . . . . . . . . . . . . . . . . . 411
Figure 176 Show ports info rstp role command . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412
Figure 177 Config mstp info command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Figure 178 Config mstp region command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
Figure 179 Config mstp cist command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
Figure 180 Config mstp msti command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
Figure 181 Show mstp config. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
Figure 182 Show mstp instance command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419
Figure 183 Show mstp stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 420
Figure 184 Show mstp status command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 421
Figure 185 Show ports info mstp cistinfo command output . . . . . . . . . . . . . . . . . . . 423
Figure 186 Config mlt info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 435
Figure 187 Show lacp info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 444
Figure 188 Show ports info lacp all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 446
Figure 189 Show ports stats lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 447
Figure 190 Show mlt lacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 449
Figure 191 Show mlt lacp info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 450
Figure 192 Show ports info vlacp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 453
Figure 193 Show ports info vlacp all . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 454
Figure 194 Config mlt ist create ip vlan-id command output . . . . . . . . . . . . . . . . . . . 458
Figure 195 Config mlt ist enable/disable command output . . . . . . . . . . . . . . . . . . . . 459
Figure 196 Configuration example: Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . 462
Figure 197 Show mlt show-all sample output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 464
Figure 198 Show mlt show-all sample output (continued) . . . . . . . . . . . . . . . . . . . . 465
Figure 199 Show mlt show-all sample output (continued) . . . . . . . . . . . . . . . . . . . . 466
Figure 200 Show mlt error collision command output . . . . . . . . . . . . . . . . . . . . . . . . 467
Figure 201 Show mlt error main command output . . . . . . . . . . . . . . . . . . . . . . . . . . 468
Figure 202 Show mlt info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Figure 203 Show mlt ist info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 469
Figure 204 Show smlt info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 470
314725-E Rev 00
Figures 23
Figure 205 Show ports info smlt command output . . . . . . . . . . . . . . . . . . . . . . . . . . 471
Figure 206 Show ports info config command output . . . . . . . . . . . . . . . . . . . . . . . . . 472
Figure 207 Show mlt stats command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 473
Figure 208 Show mlt ist stat command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 474
Figure 209 Show mlt ist info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Figure 210 Show mlt smlt info command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . 475
Figure 211 Show vlan info fdb-entry command output . . . . . . . . . . . . . . . . . . . . . . . 476
Figure 212 Config fdb fdb-filter info command output . . . . . . . . . . . . . . . . . . . . . . . . 477
Figure 213 Show fdb fdb-filter command output . . . . . . . . . . . . . . . . . . . . . . . . . . . . 478
Figure 214 Config slpp slpp info command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 480
Figure 215 Config ethernet command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Figure 216 Show slpp info command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 481
Figure 217 Show ports info slpp command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Figure 218 Config vlan create byprotocol commands . . . . . . . . . . . . . . . . . . . . . . . . 489
Figure 219 Point to point LAG . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
Figure 220 MLT LCAP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 492
Figure 221 Insert Multilink/LACP Trunks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 493
Figure 222 MLT_LACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 494
Figure 223 Port LACP configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 495
Figure 224 SMLT and LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . 496
Figure 225 Insert Multilink/LACP Trunks box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 498
Figure 226 MLT LACP information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
Figure 227 MLT_LACP—LACP tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 499
Figure 228 Network topology for Single Port SMLT example . . . . . . . . . . . . . . . . . . 500
Figure 229 Port box . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 501
Figure 230 Insert SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502
Figure 231 LACP enable . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 502
Figure 232 MLT within a VLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 504
Figure 233 Single Port SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 506
Figure 234 SMLT triangle configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . 508
Figure 235 Show mlt info output . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 511
Figure 236 Show mlt commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 512
Figure 237 Show mlt commands, part 2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 513
Figure 238 Loop detection commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 514
Figure 239 Square SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 515
Configuring VLANs, Spanning Tree, and Link Aggregation
24 Figures
Figure 240 Full mesh SMLT . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 519
Figure 241 Network topology for SMLT and VRRP . . . . . . . . . . . . . . . . . . . . . . . . . . 523
Figure 242 SMLT and IEEE 802.3ad configuration example . . . . . . . . . . . . . . . . . . 526
Figure 243 Network topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 530
Figure 244 SLPP example network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 533
Figure 245 Show slpp results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
Figure 246 Show ports info . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 534
Figure 247 Show ports info interface port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 535
Figure 248 Show log file tail for ERS8600B after port disabled . . . . . . . . . . . . . . . . 535
Figure 249 Enabling SMLT and show log file tail after port enabled . . . . . . . . . . . . . 536
Figure 250 Commands to configure the 8600A MLT, VLAN, ports . . . . . . . . . . . . . . 537
Figure 251 Commands to configure the 8600B MLT, VLAN, ports . . . . . . . . . . . . . . 538
Figure 252 Commands used to configure the ERS 3510 VLAN . . . . . . . . . . . . . . . . 539
Figure 253 LACP configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 541
Figure 254 Enabling VLACP on Ethernet links configuration example . . . . . . . . . . . 543
Figure 255 Basic setup configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 546
Figure 256 Load balancing configuration example . . . . . . . . . . . . . . . . . . . . . . . . . . 548
Figure 257 RSTP topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 555
Figure 258 Multiple spanning tree topology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 560
314725-E Rev 00
25
Tables
Table 1 Port membership types for policy-based VLANs . . . . . . . . . . . . . . . . . . . 41
Table 2 Supported policy-based VLAN types . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Table 3 PIDs that cannot be used for user-defined protocol-based VLANs . . . . . 45
Table 4 VLAN, STG, and MLT support in the Ethernet Routing Switch 8600 . . . . 55
Table 5 Maximum numbers of port/protocol-based VLANs . . . . . . . . . . . . . . . . . . 57
Table 6 Module behavior with and without Enhanced Operation mode . . . . . . . 58
Table 7 Operation mode and module type interoperability . . . . . . . . . . . . . . . . . . 58
Table 8 Differences in port roles for STP and RSTP . . . . . . . . . . . . . . . . . . . . . . . 74
Table 9 Recommended path cost values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
Table 10 Ethernet Routing Switch 8600 LACP and VLACP timer comparison . . . 105
Table 11 VLAN—Basic tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
Table 12 VLAN, Insert Basic fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
Table 13 IP, VLAN field descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Table 14 VLAN—Advanced tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161
Table 15 VLAN—Forwarding tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
Table 16 Port—VLAN field descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
Table 17 VLAN MAC Learning—Insert Manual Edit tab fields . . . . . . . . . . . . . . . 172
Table 18 VLAN Auto Learn tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173
Table 19 LoopDetected dialog box parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
Table 20 IP, VLAN Direct Broadcast tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177
Table 21 Bridge VLAN—FDB Aging tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
Table 22 Bridge, VLAN—Forwarding tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 179
Table 23 Bridge VLAN static fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 185
Table 24 Bridge VLAN Filter fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189
Table 25 GlobalMacFiltering tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 190
Table 26 SVLAN—Ether Type tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Table 27 SVLAN—Level tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202
Table 28 Port—VLAN fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206
Table 29 STG configuration fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
Configuring VLANs, Spanning Tree, and Link Aggregation
26 Tables
Table 30 STG Status fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220
Table 31 STG Ports tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222
Table 32 MSTP—Globals fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228
Table 33 CIST Port fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 232
Table 34 CIST Port Stats fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234
Table 35 MSTI Bridges fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 236
Table 36 MSTP—MSTI Port fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 237
Table 37 MSTI Port Stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 239
Table 38 RSTP—Globals fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242
Table 39 RSTP—RSTP Ports tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244
Table 40 RSTP—RSTP Status fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 246
Table 41 RSTP Port—RSTP Stats fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 247
Table 42 MLT_LACP—LACP Global tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . 251
Table 43 MultiLink/LACP Trunks tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256
Table 44 Statistics, MLT—Interface tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260
Table 45 Statistics, MLT—Ethernet Errors tab fields . . . . . . . . . . . . . . . . . . . . . . . 263
Table 46 MLT_LACP—LACP tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
Table 47 Port—LACP tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
Table 48 Port—VLACP tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272
Table 49 Graph Port—LACP tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275
Table 50 SMLT Info tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
Table 51 Ist multilink trunk fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282
Table 52 MLT_LACP—Ist/SMLT Stats tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . 284
Table 53 Port SMLT tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
Table 54 SMLT—Single Port SMLT tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
Table 55 SLPP—Global tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Table 56 SLPP, Insert VLANS fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
Table 57 Slpp—Ports tab fields . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
Table 58 DSAP/SSAP values . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Table 59 Show vlan info all parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 334
Table 60 Show ports info vlan parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
Table 61 Show svlan info ether-type parameters . . . . . . . . . . . . . . . . . . . . . . . . . 372
Table 62 Show ports info stg main parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
Table 63 Show stg show-all parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
Table 64 Show ports info stg extended parameters . . . . . . . . . . . . . . . . . . . . . . . 400
314725-E Rev 00
Tables 27
Table 65 Show ports stats stg extended parameters . . . . . . . . . . . . . . . . . . . . . . 402
Table 66 Show ports stats lacp field descriptions . . . . . . . . . . . . . . . . . . . . . . . . . 447
Table 67 Show ports info slpp field descriptions . . . . . . . . . . . . . . . . . . . . . . . . . . 482
Table 68 Reserved values for configuring SNA or user-defined VLANs . . . . . . . . 485
Table 69 Available module types and OctapPID ID assignments . . . . . . . . . . . . . 568
Table 70 8608GBE/8608GBM/8608GTE/8608GTM/8608SXE modules . . . . . . . . 569
Table 71 8616SXE module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 569
Table 72 8624FXE module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570
Table 73 8632TXE and 8632TZM modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570
Table 74 8648TXE and 8648TXM modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 570
Table 75 8672ATME and 8672ATMM modules . . . . . . . . . . . . . . . . . . . . . . . . . . . 571
Table 76 8681XLR module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 571
Table 77 8681XLW module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572
Table 78 8683POSM module . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572
Configuring VLANs, Spanning Tree, and Link Aggregation
28 Tables
314725-E Rev 00
29
Preface
This guide describes how to configure VLANs, spanning tree, and link aggregation on the Ethernet Routing Switch 8600.
Before you begin
This guide is intended for network administrators with the following background:
• Basic knowledge of networks, Ethernet bridging, and IP routing
• Familiarity with networking concepts and terminology
• Experience with graphical user interfaces (GUI)
• Basic knowledge of network topologies
Before using this guide, you must complete the following procedures. For a new switch:
• Install the switch (see the Installation Guide that came with your switch).
• Connect the switch to the network (see Getting Started with the Management Software for more information).
Make sure that you are running the latest version of the Ethernet Routing Switch 8600 and Device Manager software. For information about upgrading the Ethernet Routing Switch 8600 and Device Manager, see the upgrading guide for your version of the Ethernet Routing Switch.
Configuring VLANs, Spanning Tree, and Link Aggregation
30 Preface
Text conventions
This guide uses the following text conventions:
angle brackets (< >) Indicate that you choose the text to enter based on the description inside the brackets. Do not type the brackets when entering the command.Example: If the command syntax isping <ip_address>, you enterping 192.32.10.12
bold Courier text Indicates command names and options and text that you need to enter.Example: Use the dinfo command. Example: Enter show ip {alerts|routes}.
braces ({}) Indicate required elements in syntax descriptions where there is more than one option. You must choose only one of the options. Do not type the braces when entering the command.Example: If the command syntax isshow ip {alerts|routes}, you must enter eithershow ip alerts or show ip routes, but not both.
brackets ([ ]) Indicate optional elements in syntax descriptions. Do not type the brackets when entering the command.Example: If the command syntax isshow ip interfaces [-alerts], you can entereither show ip interfaces or show ip interfaces -alerts.
ellipsis points (. . . ) Indicate that you repeat the last element of the command as needed.Example: If the command syntax isethernet/2/1 [<parameter> <value>]... ,you enter ethernet/2/1 and as manyparameter-value pairs as needed.
314725-E Rev 00
Preface 31
Acronyms
This guide uses the following acronyms:
italic text Indicates new terms, book titles, and variables in command syntax descriptions. Where a variable is two or more words, the words are connected by an underscore.Example: If the command syntax isshow at <valid_route>, valid_route is onevariable and you substitute one value for it.
plain Courier text
Indicates command syntax and system output, for example, prompts and system messages.Example: Set Trap Monitor Filters
separator ( > ) Shows menu paths. Example: Protocols > IP identifies the IP command on the Protocols menu.
vertical line ( | ) Separates choices for command keywords and arguments. Enter only one of the choices. Do not type the vertical line when entering the command.Example: If the command syntax isshow ip {alerts|routes}, you enter eithershow ip alerts or show ip routes, but notboth.
ARP Address Resolution Protocol
ATM Asynchronous Transfer Mode
BGP Border Gateway Protocol
BPDU bridge protocol data unit
CIST Common and Internal Spanning Tree
CLI command line interface
CPU Central Processing Unit
DF designated forwarding
DMLT Distributed MultiLink Trunking
Configuring VLANs, Spanning Tree, and Link Aggregation
32 Preface
DSAP Destination Service Access Point
ES Extranet Switch
FCS Frame Check Sequence
FDB forwarding database
GbE Gigabit Ethernet
ICMP Internet Control Message Protocol
I/O input/output
IEEE Institute of Electrical and Electronics Engineers
IGMP Internet Group Management Protocol
IGP interior gateway protocol
IP Internet Protocol
IPX Internetwork Packet Exchange
ISP Internet Service Provider
IST Internal Spanning Tree
IST InterSwitch Trunking
LACP Link Aggregation Control Protocol
LACPDU Link Aggregation Control Protocol data unit
LAG link aggregation group
LLC Logical Link Control
MAC Media Access Control
MIB management information base
MLT MultiLink Trunking
MSTI Multiple Spanning Tree Instance
MSTP Multiple Spanning Tree Protocol
NIC network interface card
NLB Network Load Balancer
NNI network-to-network interface
OSI Open Systems Interconnect
OSPF Open Shortest Path First
314725-E Rev 00
Preface 33
PCAP Packet Capture Tool
PID protocol identifier
PDU protocol data unit
POS Packet over SONET
PPP Point-to-Point Protocol
PPPoE Point-to-Point Protocol over Ethernet
PVST Per-VLAN Spanning Tree
QoS Quality of Service
RARP Reverse Address Resolution Protocol
RIP Routing Information Protocol
RF root forwarding
RSMLT Routed Split MultiLink Trunking
RSTP Rapid Spanning Tree Protocol
SLPP Simple Loop Prevention Protocol
SMLT Split MultiLink Trunking
SNA Systems Network Architecture
SNAP Sub-Network Access Protocol
SNMP Simple Network Management Protocol
SSAP Source Service Access Point
SST single spanning tree
STG spanning tree group
STP Spanning Tree Protocol
sVLAN stacked virtual local area network
TCN topology change notification
UNI user-to-network interface
VLACP Virtual Link Aggregation Control Protocol
VLAN virtual local area network
VRRP Virtual Router Redundancy Protocol
XOR exclusive OR
Configuring VLANs, Spanning Tree, and Link Aggregation
34 Preface
Hard-copy technical manuals
You can print selected technical manuals and release notes free, directly from the Internet. Go to the www.nortel.com/documentation URL. Find the product for which you need documentation. Then locate the specific category and model or version for your hardware or software product. Use Adobe* Reader* to open the manuals and release notes, search for the sections you need, and print them on most standard printers. Go to Adobe Systems at the www.adobe.com URL to download a free copy of the Adobe Reader.
Note: The list of related publications for this manual can be found in the release notes that came with your software.
314725-E Rev 00
35
How to get help
This section explains how to get help for Nortel products and services.
Finding the latest updates on the Nortel web site
The content of this documentation was current at the time the product was released. To check for updates to the latest documentation and software for Ethernet Routing Switch, click one of the following links:
Getting help from the Nortel web site
The best way to get technical support for Nortel products is from the Nortel Technical Support web site:
www.nortel.com/support
This site provides quick access to software, documentation, bulletins, and tools to address issues with Nortel products. From this site, you can:
Link to Takes you directly to the
Latest software Nortel page for Ethernet Routing Switch software located at:
www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=SOFTWARE&resetFilter=1&tranProduct=9015
Latest documentation Nortel page for Ethernet Routing Switch documentation located at:
www130.nortelnetworks.com/cgi-bin/eserv/cs/main.jsp?cscat=DOCUMENTATION&resetFilter=1&tranProduct=9015
Configuring VLANs, Spanning Tree, and Link Aggregation
36 How to get help
• download software, documentation, and product bulletins
• search the Technical Support web site and the Nortel Knowledge Base for answers to technical issues
• sign up for automatic notification of new software and documentation for Nortel equipment
• open and manage technical support cases
Getting help over the phone from a Nortel Solutions Center
If you do not find the information you require on the Nortel Technical Support web site, and you have a Nortel support contract, you can also get help over the phone from a Nortel Solutions Center.
In North America, call 1-800-4NORTEL (1-800-466-7835).
Outside North America, go to the following web site to obtain the phone number for your region:
www.nortel.com/callus
Getting help from a specialist by using an Express Routing Code
To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC) to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for your product or service, go to:
www.nortel.com/erc
Getting help through a Nortel distributor or reseller
If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller.
314725-E Rev 00
37
Chapter 1Layer 2 operational concepts
This chapter describes Layer 2 operational concepts and features supported on your Ethernet Routing Switch.
This chapter covers the following topics:
VLANs
Using a virtual LAN (VLAN), you can divide your LAN into smaller groups without interfering with the physical network. VLAN practical applications include the following:
• You can create VLANs, or workgroups, for common interest groups.
• You can create VLANs, or workgroups, for specific types of network traffic.
• You can add, move, or delete members from these workgroups without making any physical changes to the network.
Note: See Chapter 12, “Device Manager configuration examples,” on page 491, and Chapter 13, “CLI configuration examples,” on page 503 for configuration examples, including command line interface (CLI) commands, for concepts described in this chapter.
Topic Page
VLANs 37
Spanning tree protocols 66
Link aggregation (MLT, SMLT, LACP, VLACP) 78
Simple Loop Prevention Protocol 130
Configuring VLANs, Spanning Tree, and Link Aggregation
38 Chapter 1 Layer 2 operational concepts
By dividing the network into separate VLANs, you can create separate broadcast domains. This arrangement conserves bandwidth, especially in networks supporting broadcast and multicast applications that flood the network with traffic. A VLAN workgroup can include members from a number of dispersed physical segments on the network, improving traffic flow between them.
The Ethernet Routing Switch 8600 Software Release 4.1 performs the Layer 2 switching functions necessary to transmit information within VLANs, as well as the Layer 3 routing functions necessary for VLANs to communicate with one another. A VLAN can be defined for a single switch or it can span multiple switches. A port can be a member of multiple VLANs.
For information about configuring VLANs, see Chapter 2, “Configuring VLANs using Device Manager,” on page 135 and Chapter 7, “Configuring and managing VLANs using the CLI,” on page 303.
This section includes the following topics:
• “Port-based VLANs”
• “Policy-based VLANs” on page 40
• “Multihoming support” on page 47
• “VLAN tagging and port types” on page 48
• “VLAN virtual router interfaces” on page 52
• “IP routing and VLANs” on page 52
• “IPX routing and VLANs” on page 52
• “VLAN implementation on the Ethernet Routing Switch 8600” on page 53
• “VLAN rules” on page 54
• “VLAN features supported on the Ethernet Routing Switch 8600 modules” on page 55
• “MultiLink trunking and VLAN scalability” on page 56
• “Stacked VLANs” on page 59
• “Flooding for Microsoft NLB clustering systems in unicast mode” on page 63
• “VLAN MAC filtering” on page 64
• “Prevention of IP spoofing within a VLAN” on page 64
• “VLAN Loop Detection” on page 65
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 39
Port-based VLANs
A port-based VLAN is a VLAN in which the ports are explicitly configured to be in the VLAN. When creating a port-based VLAN on a switch, you assign a VLAN identification number (VLAN ID) and specify the ports that belong to the VLAN. The VLAN ID is used to coordinate VLANs across multiple switches.
The example in Figure 1 shows two port-based VLANs: one for the marketing department, and one for the sales department. Ports are assigned to each port-based VLAN. A change in the sales area can move the sales representative at port 3/1 (the first port in the input/output (I/O) module in chassis slot 3) to the marketing department without moving cables. With a port-based VLAN, you only need to indicate in Device Manager or the CLI that port 3/1 in the sales VLAN now is a member of the marketing VLAN.
Figure 1 Port-based VLAN
Configuring VLANs, Spanning Tree, and Link Aggregation
40 Chapter 1 Layer 2 operational concepts
Policy-based VLANs
A policy-based VLAN consists of ports that are dynamically added to the VLAN on the basis of the traffic coming into the port.
This section includes the following topics:
• “Port membership types”
• “Protocol-based VLANs” on page 41
• “User-defined protocol-based VLANs” on page 44
• “MAC address-based VLANs” on page 45
• “IP subnet-based VLANs” on page 46
Port membership types
In a policy-based VLAN, a port can be designated as always a member or never a member of the VLAN describing the port membership types.
In addition, you can designate a port as a potential member of the VLAN on the Ethernet Routing Switch 8600. When a port is designated as a potential member of the VLAN, and the incoming traffic matches the policy, the port is dynamically added to the VLAN. Potential member ports that join the VLAN are removed, timed out from the VLAN when the timeout (aging time) period of that VLAN expires.
Port membership in a VLAN is determined by the traffic coming into the port. Nortel recommends that you designate at least some ports as always a member of the VLAN. If a server or router connects to a port, then designate that port as always a member of a VLAN. If a server connects to a port that is only a potential member and the server sends very little traffic, a client fails to reach the server if the server port has timed out of the VLAN.
Note: A port can belong to one port-based VLAN and many policy-based VLANs.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 41
Table 1 describes port membership types for policy-based VLANs.
.
Table 2 lists supported policy-based VLANs.
Protocol-based VLANs
Protocol-based VLANs are an effective way to segment your network into broadcast domains according to the network protocols in use. Traffic generated by any network protocol—IPX, Appletalk, Point-to-Point Protocol over Ethernet (PPPoE)—can be automatically confined to its own VLAN.
Table 1 Port membership types for policy-based VLANs
Membership type Description
Static
(always a member)
Static members are always active members of the VLAN after they are configured as belonging to that VLAN. This membership type is used in policy-based and port-based VLANs.
• In policy-based VLANs, the tagged ports are usually configured as static members.
• In port-based VLANs, all ports are always static members.
Not allowed to join(never a member)
Ports of this type are not allowed to join the VLAN.
Table 2 Supported policy-based VLAN types
VLAN type Ethernet Routing Switch 8600
Protocol-based supported
User-defined protocol-based supported
MAC address-based supported
IP subnet-based supported
Stacked VLANs supported (not on R modules)
Configuring VLANs, Spanning Tree, and Link Aggregation
42 Chapter 1 Layer 2 operational concepts
All ports within a protocol-based VLAN must be in the same port-based VLAN. However, the same port within a port-based VLAN can belong to multiple protocol-based VLANs. Port tagging is not required for a port to be a member of multiple protocol-based VLANs.
The Ethernet Routing Switch 8600 supports the following protocol-based VLANs:
• IP version 4 (ip)
• Novell IPX on Ethernet 802.3 frames (ipx802dot3)
• Novell IPX on IEEE 802.2 frames (ipx802dot2)
• Novell IPX on Ethernet SNAP frames (ipxSnap)
• Novell IPX on Ethernet Type 2 frames (ipxEthernet2)
• AppleTalk on Ethernet Type 2 and Ethernet SNAP frames (AppleTalk)
• DEC LAT Protocol (decLat)
• Other DEC protocols (decOther)
• IBM SNA on IEEE 802.2 frames (sna802dot2)
• IBM SNA on Ethernet Type 2 frames (snaEthernet2)
• NetBIOS Protocol (netBIOS)
• Xerox XNS (xns)
• Banyan VINES (vines)
• IP version 6 (ipv6)
• Reverse Address Resolution Protocol (RARP)
• Point-to-Point Protocol over Ethernet (PPPoE)
• User-defined protocols
IPX protocol-based VLAN example
You can create a VLAN for the IPX protocol and place ports carrying substantial IPX traffic into this new VLAN. In Figure 2 on page 43, the network manager has placed ports 7/1, 3/1, and 3/2 in an IPX VLAN. These ports still belong to their respective marketing and sales VLANs, but they are also new members of the IPX VLAN. This arrangement localizes traffic and ensures that only three ports are flooded with IPX broadcast packets.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 43
Figure 2 Dynamic protocol-based VLAN
Example: PPPoE protocol-based VLAN
With PPPoE, you can connect multiple computers on Ethernet to a remote site through a device, such as a modem, so that multiple users can share a common line connection to the Internet. PPPoE combines the Point-to-Point Protocol (PPP), commonly used in dial-up connections, with the Ethernet protocol, which supports multiple users in a local area network (LAN) by encapsulating the PPP frame within an Ethernet frame.
PPPoE occurs in two stages—a discovery stage and a PPP session stage. The Ether_Type field in the Ethernet frame identifies the stage:
• The discovery stage uses 0x8863 Ether_Type
• The session stage uses 0x8864 Ether_Type
In Figure 3 on page 44, VLAN 2 is a protocol-based VLAN that transports PPPoE traffic to the Internet Service Provider (ISP) network. The traffic to the ISP is bridged.
IP traffic can also be routed to the LAN using port-based VLANs, IP protocol-based VLANs, or IP subnet-based VLANs.
Configuring VLANs, Spanning Tree, and Link Aggregation
44 Chapter 1 Layer 2 operational concepts
Figure 3 PPPoE and IP configuration
User-defined protocol-based VLANs
You can create user-defined protocol-based VLANs to support networks with non-standard protocols. For user-defined protocol-based VLANs, you can specify the Protocol Identifier (PID) for the VLAN. Frames that match the specified PID for the following are assigned to that user-defined VLAN:
• The ethertype for Ethernet type 2 frames
• The PID in Ethernet Sub-Network Access Protocol (SNAP) frames
• The Destination Service Access Point (DSAP) or Source Service Access Point (SSAP) value in Ethernet 802.2 frames
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 45
Table 3 lists reserved, predefined policy-based PIDs that cannot be used as user-defined PIDs.
MAC address-based VLANs
As with all policy-based VLANs, using source media access control (MAC) address VLANs allows Ethernet Routing Switch 8600 modules to associate frames with a VLAN based on the frame content. With source MAC-based VLANs, a frame is associated with a VLAN if the source MAC address is one of the MAC addresses explicitly associated with the VLAN. To create a source MAC-based VLAN, you add the MAC address to a list of MAC addresses that constitutes the VLAN. However, because it is necessary to explicitly associate MAC addresses with a source MAC-based VLAN, the administrative overhead can be quite high.
Table 3 PIDs that cannot be used for user-defined protocol-based VLANs
PID (hex) Description
04xx, xx04 sna802.2
F0xx, xxF0 netBIOS
0000-05DC Overlaps with 802.3 frame length
0600, 0807 xns
0BAD VINES
4242 IEEE 802.1d BPDUs
6000-6003, 6005-6009 decOther
6004 decLat
0800, 0806 ip
8035 RARP
809B, 80F3 AppleTalk
8100 Reserved by IEEE 802.1Q for tagged frames
8137, 8138 ipxEthernet2 and ipxSnap
80D5 snaEthernet2
86DD ipv6
8808 IEEE 802.3x pause frames
9000 Used by diagnostic loopback frames
8863, 8864 PPPoE
Configuring VLANs, Spanning Tree, and Link Aggregation
46 Chapter 1 Layer 2 operational concepts
Use source MAC-based VLANs when you want to enforce a MAC level security scheme to differentiate groups of users. For example, in a university environment, the students are part of a student VLAN with certain services and access privileges, and the faculty are part of a source MAC-based VLAN with faculty services and access privileges. Therefore, a student and a faculty member can plug into the same port, but have access to a different range of services. To provide the correct services throughout the campus, the source MAC-based VLAN must be defined on Ethernet Routing Switch 8600 devices throughout the campus, which entails administrative overhead.
IP subnet-based VLANs
Ethernet Routing Switch 8600 modules support policy-based VLANs based on IP subnets. You can assign access ports to multiple subnet-based VLANs. A frame’s membership in a subnet-based VLAN is based on the IP source address associated with a mask. Subnet-based VLANs are optionally routable. Using source IP subnet-based VLANs, multiple workstations on a single port can belong to different subnets, similar to multinetting.
Figure 4 on page 47 shows two examples of the incorrect use of IP subnet-based VLANs that result in traffic loss. In the IP unicast routing example, the host on 172.100.10.2 sends traffic to switch 2 (172.100.10.1) destined for the router in switch 1 (192.168.1.1). Switch 2 attempts to route the IP traffic, but that traffic does not arrive at the router in switch 1. Switch 1 will not assign this frame to IP
When a source MAC VLAN is created, not all of the port members of the spanning tree group (STG) are automatically made potential members of the VLAN by default.
The source MAC VLAN must have static port members on either the access or trunk switch for source MAC VLANS to explicitly associate the MAC address with the source MAC VLAN. If the static port members are not set, then any source MAC address gains access to the network.
Note: You cannot use IP subnet-based VLANs on segments that act as a transit network.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 47
subnet-based VLAN 2 because the IP address of the traffic source does not match the IP subnet assigned to VLAN 2. If the access link in VLAN 2 which connects switches 1 and 2 is a tagged link, the traffic is associated with the VLAN tag, not the IP address, and is forwarded correctly to switch 1.
In the IP multicast routing example, the multicast stream is on an access link that is part of IP subnet-based VLAN 2. If the source IP address in the multicast data packets received on the access port is not within the subnet of VLAN 2 (a likely scenario), the multicast stream will not reach the multicast router (MR).
Figure 4 Incorrect use of an IP subnet-based VLAN
Multihoming support
Using the multihoming feature, the Ethernet Routing Switch 8600 can support clients or servers that have multiple IPs addresses associated with a single MAC address. Multihomed hosts can be connected to port-based, policy-based, and IP subnet-based VLANs.
The IP addresses associated with a single MAC address on a host must be in the same IP subnet. Multihomed hosts with up to 16 IP addresses per MAC address are supported on the Ethernet Routing Switch 8600.
Configuring VLANs, Spanning Tree, and Link Aggregation
48 Chapter 1 Layer 2 operational concepts
VLAN tagging and port types
The Ethernet Routing Switch 8600 supports the IEEE 802.1Q specification for tagging frames and coordinating VLANs across multiple switches.
Figure 5 shows how an additional four octet (tag) header is inserted in a frame after the source address and before the frame type. The tag contains the VLAN ID associated with the frame.
Figure 5 VLAN tag insertion
802.1Q tagged ports
Tagging a frame adds four octets to a frame, making it bigger than the traditional maximum frame size. These frames are sometimes referred to as baby giant frames. If a device does not support IEEE 802.1Q tagging, it can have problems interpreting tagged frames and receiving baby giant frames.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 49
On the Ethernet Routing Switch 8600, whether or not tagged frames are sent or received depends on what you configure at the port level. Tagging is set as true or false for the port and is applied to all VLANs on that port.
A port with tagging enabled sends frames explicitly tagged with a VLAN ID. Tagged ports are typically used to multiplex traffic belonging to multiple VLANs to other IEEE 802.1Q-compliant devices.
If you disable tagging on a port, it does not send tagged frames. A non-tagged port connects an Ethernet Routing Switch to devices that do not support IEEE 802.1Q tagging. If a tagged frame is forwarded to a port with tagging set to false, the Ethernet Routing Switch removes the tag from the frame before sending it to the port.
Treatment of tagged and untagged frames
An Ethernet Routing Switch 8600 associates a frame with a VLAN based on the data content of the frame and the configuration of the destination port. The treatment of the frame depends on whether it is tagged or untagged.
If a tagged frame is received on a tagged port with a VLAN ID specified in the tag, the Ethernet Routing Switch 8600 directs it to that VLAN if the VLAN is present. For tagged frames received on an untagged port, you can configure that port to either discard the frame or accept it. The discarding of tagged frames on an untagged port is not applicable for the port-based VLAN. If you choose not to discard tagged frames, the Ethernet Routing Switch 8600 sends the frame to the VLAN identified in the frame tag.
For untagged frames, VLAN membership is implied from the content of the frame itself. For untagged frames received on a tagged port, you can configure the port to either discard or accept the frame. If you configure a tagged port to accept untagged frames, the port must be assigned to a port-based VLAN in spanning tree group 1 (STG1).
Note: When you enable tagging on an untagged port, the previous port configuration of VLANs, STGs, and multilink trunking (MLT) is lost. In addition, the port resets and runs Spanning Tree Protocol. This process breaks connectivity while the protocol proceeds through the normal blocking and learning stages before the port enters the forwarding state.
Configuring VLANs, Spanning Tree, and Link Aggregation
50 Chapter 1 Layer 2 operational concepts
The frame is forwarded based on the VLAN on which the frame is received, and on the forwarding options available for that VLAN. The Ethernet Routing Switch 8600 tries to associate untagged frames with a VLAN in the following order:
• Does the frame belong to a source MAC-based VLAN? (Ethernet Routing Switch 8600 modules only)
• Does the frame belong to an IP subnet-based VLAN? (Ethernet Routing Switch 8600 modules only)
• Does the frame belong to a protocol-based VLAN?
• What is the port-based VLAN of the receiving port?
If the frame meets none of the criteria listed, it is discarded.
Untagging Default VLAN on a Tagged Port feature
This feature provides the ability to connect both an IP phone and a PC to a single port of an Ethernet Routing Switch 8600. Most IP phones ship with an embedded three port switch, and traffic coming from the phone is generally tagged (VLAN ID configured statically or remotely). However, the traffic originating from a PC is usually untagged traffic and must be separated from the IP phone traffic. This separation ensures that broadcast traffic from the PC does not impact voice quality.
In the case of the Ethernet Routing Switch, when an IP phone is attached to an untagged port and configured into an IP subnet-based VLAN, it can fail to register with a remote Internet Telephony Gateway (or equivalent device) dependent on the netmask of the destination IP address (Call Server subnet).
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 51
Figure 6 Network with IP phone and PC
In Figure 6, IP phones and PCs coexist on the same port due to the use of an embedded IP Phone Layer 2 switch. In this scenario, the port is configured to be untagged and is a member of two IP subnet-based VLANs. In this network configuration, under certain conditions, packets from the IP phone are not routed and therefore are unable to reach their designated Call Server to register.
The Untagging Default VLAN on a Tagged Port feature separates untagged packets originating from a PC from the tagged packets originating from the IP phone.
You can configure the switch to send untagged packets for the default VLAN on a tagged port. After you configure this option, all the packets sent on a tagged port for the default VLAN are untagged packets.
When a port belongs to multiple VLANs, and the port is removed from the current default VLAN, the lowest VLAN by index (among the VLANs of which the port is a member) is made the default VLAN. In this case, packets for new default VLAN are sent untagged.
To configure this feature using the CLI, see “Configuring VLAN Loop Detection” on page 327. To configure this feature using Device Manager, see “Configuring Untagging Default VLAN on a Tagged Port” on page 169.
Switch 8600Ethernet Routing
Configuring VLANs, Spanning Tree, and Link Aggregation
52 Chapter 1 Layer 2 operational concepts
VLAN virtual router interfaces
Virtual router interfaces correspond to routing on a virtual port that is associated with a VLAN. This type of routing is the routing of IP traffic to and from a VLAN. Because a given port can belong to multiple VLANs (some of which are configured for routing on the switch and some of which are not), there is no longer a one-to-one correspondence between the physical port and the router interface. For VLAN routing, the router interface for the VLAN is called a virtual router interface because the IP address is assigned to an interface on the routing entity in the switch. This initial interface has a one-to-one correspondence with a VLAN on any given switch.
IP routing and VLANs
Ethernet Routing Switch 8600 modules support IP routing on the following types of VLANs only:
• Port-based VLANs
• Source IP subnet-based VLANs
• IP protocol-based VLANs
• Source MAC-based VLANs
IP routing is not supported on VLANs based on other protocols, including user-defined protocol-based VLANs.
IPX routing and VLANs
The Ethernet Routing Switch does not support IPX routing on R modules. IPX routing is supported on non-R modules. All modules support IPX protocol-based VLANs and port-based VLANs.
The IPX network number is associated with a VLAN, and the VLAN can comprise one or more ports with one of four supported frame formats: Ethernet II, 802.3-SNAP, 802.2-RAW, and 802.3-LLC.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 53
You can configure up to four IPX protocol-based VLANs on one port as long as each of these VLANs uses a different IPX encapsulation. With port-based VLANs, you can associate the same VID with any or all of the four IPX encapsulation formats.
You can configure IPX protocol-based VLANs and port-based VLANs on the same port, but traffic routes to the protocol-based VLAN and not to the port-based VLAN (protocol-based VLANs have precedence over port-based VLANs).
VLAN implementation on the Ethernet Routing Switch 8600
This section describes how to implement VLANs on the Ethernet Routing Switch 8600 and describes default VLANs, unassigned VLANs, and brouter ports. It also summarizes the defaults and rules regarding VLAN creation on the Ethernet Routing Switch 8600.
This section includes the following topics:
• “Default VLAN”
• “Unassigned VLAN”
• “Brouter ports” on page 54
Default VLAN
Ethernet Routing Switch 8600 devices are factory configured so that all ports are in a port-based VLAN called the default VLAN. Because all ports are in the default VLAN, the switch behaves like a Layer 2 switch. The VLAN ID of this default VLAN is always 1, and it is always a port-based VLAN. The default VLAN cannot be deleted.
Unassigned VLAN
Internally, an Ethernet Routing Switch 8600 supports a placeholder for ports that is called an unassigned port-based VLAN. This concept is used for ports that are removed from all port-based VLANs. Ports can belong to policy-based VLANs as well as to the unassigned VLAN. If a frame does not meet any policy criteria and there is no underlying port-based VLAN, the port belongs to the unassigned
Configuring VLANs, Spanning Tree, and Link Aggregation
54 Chapter 1 Layer 2 operational concepts
VLAN and the frame is dropped. Only ports in the unassigned VLAN have no spanning tree group association, so these ports do not participate in Spanning Tree Protocol negotiation; that is, no Bridge Protocol Data Units (BPDU) are sent out of ports in the unassigned VLAN.
Because it is an internal construct, the unassigned VLAN cannot be deleted. If a user-defined spanning tree group is deleted, the ports are moved to the unassigned VLAN and can later be assigned to another spanning tree group. Moving the ports to the unassigned VLAN avoids creating unwanted loops and duplicate connections. If routing is disabled in these ports, the port is completely isolated and no Layer 2 or Layer 3 functionality is provided.
The concept of the unassigned VLAN is useful for security purposes or when using a port for monitoring a mirrored port.
Brouter ports
A brouter port is actually a one-port VLAN. The difference between a brouter port and a standard IP protocol-based VLAN configured to do routing is that the routing interface of the brouter port is not subject to the spanning tree state of the port.
VLAN rules
The following are VLAN rules for the Ethernet Routing Switch 8600.
• In addition to the default VLAN, the Ethernet Routing Switch 8600 can support up to 1980 VLANs (1972 if R modules are present in the chassis). VLAN IDs value range is from 1 to 4093.
• If you enable tagging on a port that is in a VLAN, the spanning tree group configuration for that port is lost. To preserve VLAN assignment of ports, enable tagging on the ports before you assign the ports to VLANs.
• A tagged port can belong to multiple VLANs and multiple spanning tree groups. When a tagged port belongs to multiple spanning tree groups, the BPDUs are tagged for all spanning tree groups except for spanning tree group 1. Under the default configuration, the default spanning tree group is number 1.
• An untagged port can belong to only one port-based VLAN. A port in a port-based VLAN can belong to other policy-based VLANs.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 55
• An untagged port can belong to only one policy-based VLAN for a given protocol. For example, a port can belong to only one policy-based VLAN when the policy is the IPX802.2 protocol.
• For every VLAN with MultiLink Trunking that you create, you reduce the number of available VLANs by eight.
• When Enhanced Operation mode is disabled, a VLAN cannot span multiple spanning tree groups; that is, the ports in the VLAN must all be within one spanning tree group.
• The VLAN membership of a frame is determined by the following order of precedence, if applicable:
• IEEE 802.1Q tagged VLAN ID
• source MAC-based VLAN
• IP subnet-based VLAN
• protocol-based VLAN
• port-based VLAN
• The IP subnet-based VLAN must not be assigned to a transit network (for example, a network routed to a bridged subnet).
VLAN features supported on the Ethernet Routing Switch 8600 modules
Table 4 summarizes the features supported on the Ethernet Routing Switch 8600 modules.
Note: When Enhanced Operation mode is enabled, VLAN scalability is not affected.
Note: Table 4 is subject to change. Refer to the release notes that came with your switch to obtain the latest scalability information.
Table 4 VLAN, STG, and MLT support in the Ethernet Routing Switch 8600
Feature
Number of VLANs 1980 (1972 if R modules are in the chassis)
Port-based VLANs Supported
Configuring VLANs, Spanning Tree, and Link Aggregation
56 Chapter 1 Layer 2 operational concepts
MultiLink trunking and VLAN scalability
For release 3.2 and earlier, the maximum number of VLANs depends on whether the VLANs reside on a multilink trunk. With Enhanced Operation mode, you can now increase the maximum number of VLANs when you use MultiLink Trunking (MLT) to 1980 (1972 if R modules are present in the chassis) and to 989 when you use SMLT. Enhanced Operation mode requires Ethernet Routing Switch 8600 E, M, or R modules.
Policy-based VLANs
• Protocol-based
• Source MAC-based• Source IP subnet-based
Supported
SupportedSupported
IEEE 802.1Q tagging Supported
IP routing and VLANs Supported
IPX routing and VLANs Supported on non-R modules
Special VLANs
• Default VLAN• Unassigned VLAN
• Brouter ports
SupportedSupported
Supported
Stacked VLAN Not supported on R modules
Number of spanning tree groups 64
Spanning Tree FastStart Supported
Aggregation groups• 802.3ad aggregation groups
• multilink trunk groups
32 (128 with R module in R mode)
Number of links (ports) per MLT group
8
Caution: When Enhanced Operation mode is enabled, only Ethernet Routing Switch 8600 E, M, or R modules are initialized (other modules are placed offline). To avoid losing modules and network connectivity, replace non-E, M, or R modules or move the network connections to an E, M, or R module before enabling Enhanced Operation mode.
Table 4 VLAN, STG, and MLT support in the Ethernet Routing Switch 8600
Feature
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 57
For instructions for configuring Enhanced Operation mode, see:
• “Configuring Enhanced Operation mode” on page 191 (Device Manager)
• “Configuring Enhanced Operation mode” on page 326 (CLI)
VLAN scaling formulas
Figure 7 shows the formulas used for VLAN scaling.
Figure 7 Formulas used for VLAN scaling
Maximum VLAN support comparison with Enhanced Operation mode
Table 5 shows the maximum number of VLANs available with and without Enhanced Operation mode.
Table 5 Maximum numbers of port/protocol-based VLANs
VLAN typeMaximum VLAN support withenhanced mode enabled
Maximum VLAN support withenhanced mode disabled
MLT 1980 240
IST/SMLT 989 120
(2 * no. of VLANs on regular ports) + (16 * no. of VLANs of SMLT/MLT ports) = 1980
(no. of VLANs on regular ports) + (8 * no. of VLANs on MLT ports) = 1980
VLAN scaling formula used with SMLT/IST without Enhanced mode:
VLAN scaling formula used without SMLT/IST without Enhanced mode:
(no. of VLANs on regular ports or MLT ports) + (2 * no. of VLANs on SMLT ports) = 1980
VLAN scaling formula used with Enhanced mode:
Configuring VLANs, Spanning Tree, and Link Aggregation
58 Chapter 1 Layer 2 operational concepts
Module behavior comparison with Enhanced Operation mode
Table 6 compares the behavior of Ethernet Routing Switch 8600 modules with and without Enhanced Operation mode:
Interoperability between operation mode and module type
R mode supports the operation of R module-specific features. The modules (pre-E, E, M, and R) that are enabled depend on the operation mode (default, M, or R) and the system configuration. Table 7 shows this interoperability information.
Table 6 Module behavior with and without Enhanced Operation mode
Module typeEnhanced Operation mode setting
Behavior
E, M, or R module
Enable (true) The module is initialized and comes online. It can be configured with up to 1980 VLANs with MLT.
E, M, or R module
Disable (false) The module is initialized and comes online. It can be configured with up to 240 VLANs with MLT.
Legacy module Enable (true) The module is not initialized and remains offline. The following error message is displayed and a trap is sent:
[12/18/01 15:17:25] Card taken off-line: Slot=1 Type= -- [12/18/01 15:17:25] ERROR Code=0x3006b Task=rcStart chCardIn: can't initialize a non ETICKET card in enhanced operation mode
Legacy module Disable (false) The module is initialized and remains online. It can be configured with up to 240 VLANs with MLT.
Table 7 Operation mode and module type interoperability
Module types
Chassis configuration
Operation mode R M E Pre-E
Same type module chassis
Default — — — enabled
M — — enabled —
R enabled — — —
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 59
Stacked VLANs
A stacked VLAN (sVLAN) transparently tunnels packets through the sVLAN domain by adding an additional 4-byte header to each packet.
Figure 8 shows a basic sVLAN model that uses two Ethernet Routing Switch 8600s to interconnect two 802.1Q domains.
Figure 8 sVLAN model
Routing cannot be enabled on an sVLAN port. sVLAN user-to-network interface (UNI) ports are VLAN unaware and classify any traffic into the sVLAN that is configured on the port. sVLAN network-to-network interface (NNI) ports connect sVLAN switches together and support multiple sVLANs per port.
Mixed type module chassis
Default enabled enabled enabled enabled
M enabled enabled disabled disabled
R enabled disabled disabled disabled
Note: R modules do not support the sVLAN feature.
Note: You can enable sVLANs on all ports. If the port belongs to a multilink trunk, perform all sVLAN configurations at the multilink trunk level.
Table 7 Operation mode and module type interoperability
Module types
802.1Q Domain B
802.1Q Domain A
sVLAN Core
Ethernet Routing
Switch 8600
Ethernet Routing
Switch 8600
Configuring VLANs, Spanning Tree, and Link Aggregation
60 Chapter 1 Layer 2 operational concepts
sVLAN specifications
sVLANs provide the following features:
• VLAN transparency for IEEE 802.1Q tagged or untagged traffic through service provider core network
• A solution to VLAN scalability issues—you can summarize customer VLANs into core sVLANs
• Uses a layered architecture to improve scalability
sVLAN rules
The following are sVLAN configuration rules.
• IP filters are not supported on an sVLAN.
• To apply Quality of Service (QoS) to an sVLAN, use the per-VLAN QoS option.
• Because regular VLANs are not supported on an sVLAN NNI port, sVLAN switches cannot be managed in-band. Nortel recommends an out-of-band or parallel network for managing the devices.
• When you create an sVLAN spanning tree group, ensure that the tagged BPDU address of the spanning tree group is different than the standardized BDPU MAC address.
• The sVLAN is created with UNI and NNI ports.
• An sVLAN cannot span multiple spanning tree groups; that is, the ports in the sVLAN must all be within one spanning tree group. Spanning tree group IDs can range in value from 1 to 64.
• sVLANs cannot have routing enabled.
• sVLAN UNI and NNI ports are applicable on a per OctaPID basis. All ports on an OctaPID can either be normal ports or sVLAN NNI/UNI ports. For more information, see Appendix A, “Tap and OctaPID assignment (Release 3.x feature set)” on page 567.
sVLAN levels
You can stack sVLANs in a hierarchy to achieve greater VLAN scalability. An sVLAN level defines the hierarchy for the operating switch. When you configure the switch, you must specify only one level at a time.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 61
You must configure the UNI ports on both ends of the tunnel at the same level. Because sVLAN switching is MAC address-based, the usual issues of VLAN switching apply.
• If you build sVLAN networks with multiple levels, the network MAC addresses you specify must all be unique.
• Independent VLAN learning is only applicable within the outer level of sVLAN and does not take inner tags into account.
Figure 9 shows a one layer sVLAN.
Figure 9 One layer sVLAN
Figure 10 on page 62 shows a two layer sVLAN.
Note: Spanning Tree Protocol (STP) is not supported in multilevel sVLAN networks. It is supported for single level sVLAN networks only.
Payload VLAN Ethernetheader
Payload VLAN Ethernetheader
Payload VLAN Ethernetheader
802.1Q Domain
sVLAN core
Ethernet Routing
Switch 8600
802.1Q Domain
UNI port
Level 1
NNI port
Level 1
UNI port
Level 1
sVLAN
Ethernet Routing
Switch 8600
Configuring VLANs, Spanning Tree, and Link Aggregation
62 Chapter 1 Layer 2 operational concepts
Figure 10 Two layer sVLAN
sVLAN UNI and NNI ports
The ports in the switch can be configured as an sVLAN user-to-network interface (UNI), an sVLAN network-to-network interface (NNI), or a normal interface.
You must configure the ports to which you want to provide VLAN transparency as UNI ports. UNI ports can only belong to one sVLAN. When you configure a UNI port in the CLI, the tagged-frames-discard parameter is automatically enabled.
NNI ports interconnect the switches in the core network, drop untagged frames on ingress, and insert the sVLAN tag at the egress. NNI ports can belong to multiple sVLANs. An NNI port sends sVLAN tagged frames. When you configure an NNI port in the CLI, the untagged-frames-discard parameter is automatically enabled.
• If a spanning tree group (STG) contains both UNI and NNI ports, change the standardized MAC addresses used for BPDUs to a non-standardized BPDU MAC address to avoid interference with regular customer BPDUs.
• The UNI and NNI ports are kept in sVLAN type STG.
Note: You must change the switch level to 1 or above before you configure sVLAN, UNI, or NNI ports.
Payload VLAN Ethernetheader Payload VLAN Ethernet
header
Level 1 sVLAN Packet Level 1 sVLAN Packet
Payload VLAN Ethernetheader
Payload VLAN Ethernetheader
Payload VLAN Ethernetheader
Level 2 sVLAN Packet Level D Packet Level D Packet
802.1Q Domain
802.1Q Domain
sVLAN Level 1
sVLAN Level 1
UNI Port
(Level 1)
NNI Port
(Level 1)
UNI Port
(Level 2)
NNI Ports
(Level 2)
UNI Port
(Level 2)
NNI Port
(Level 1)
UNI Port
(Level 1)
8600860086008600
sVLAN sVLAN
sVLAN sVLAN
sVLAN Level 2
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 63
• All the ports in the multilink trunk should have the same port type (normal/UNI/NNI).
• Large frame support is automatically enabled on UNI or NNI ports.
When you change the sVLAN port type from normal to UNI or NNI, all the affected ports are removed from the configured STGs and VLANs. Similarly, when you change the sVLAN port type from UNI or NNI to normal, all the affected ports are removed from the configured STGs and VLANs and added to the default STG and default VLAN.
Flooding for Microsoft NLB clustering systems in unicast mode
You can use Microsoft Network Load Balancer (NLB) to share workload among multiple clustering servers. All servers in the cluster share a common virtual MAC address, which is 02-bf-x-x-x-x in unicast mode. All traffic destined to this MAC address is sent to all the servers in the cluster. The virtual MAC address is specified in the source MAC address field of an Address Resolution Protocol (ARP) request, and ARP responses from the Ethernet Routing Switch 8600 are sent to the virtual MAC address (rather than to the hardware MAC address).
The Ethernet Routing Switch 8600 Software Release 4.1 includes a configurable option for NLB cluster support. The NLB cluster is identified by MAC addresses starting with 02-bf. When you enable the NLB option, the Ethernet Routing Switch 8600 floods routed traffic destined to this MAC address to the VLAN. ARP reply packets sent by the switch are flooded throughout the VLAN to allow all servers to learn the ARP entry corresponding to the switch. The ARP reply packet sent by the switch contains the virtual MAC address in the destination field (rather than the hardware MAC address of the NLB node).
Note: The affected ports are all the ports in the OctaPID. See Appendix A, “Tap and OctaPID assignment (Release 3.x feature set)” on page 567.
Note: An NNI port belonging to a default VLAN or a default STG is not saved across reboots. To avoid this problem, do not configure an NNI port under the default VLAN or STG.
Configuring VLANs, Spanning Tree, and Link Aggregation
64 Chapter 1 Layer 2 operational concepts
For information about enabling or disabling NLB unicast support, see “Configuring NLB unicast support on an IP interface” on page 325.
VLAN MAC filtering
To perform MAC-layer bridging, the switch must know the destination MAC-layer address of each device on each attached network so it can forward packets to the appropriate destination. MAC-layer addresses are stored in the bridging table, and you can filter packet traffic based on the destination MAC-layer address information.
For MAC address filtering, the Ethernet Routing Switch 8600 supports Bridge MIB filtering (RFC 1493). The number of MAC filters is limited to 100. You can create a filter entry in much the same way as you create a static MAC entry, by entering a MAC address and the port on which it resides. In the MAC filter record, you can also specify ports to discard source or destination packets for the MAC address on a port.
Global MAC filtering eliminates the need for configuring multiple per-VLAN filter records for the same MAC. It provides the ability to discard a list of MAC addresses, globally, on the switch. By using a global list you do not have to configure a MAC per VLAN.
For information about configuring bridge MAC filtering with Device Manager, see “Configuring a MAC-layer bridge filter” on page 186. For information about configuring global MAC filtering with Device Manager, see “Configuring the Global MAC filter” on page 189.
Prevention of IP spoofing within a VLAN
You can prevent VLAN logical IP spoofing by blocking the external use of the switch IP address. A configurable option is provided, on a per-port basis, which detects a duplicate IP address (that is, an address that is the same as the switch VLAN IP address) and blocks all packets with a source or destination address equal to that address.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 65
If an ARP packet is received that has the same source IP address as the logical VLAN IP address, all traffic coming to any port of the switch in that VLAN (with this MAC address as source/destination address) is silently discarded by the hardware. After detecting a duplicate IP address, the switch sends a gratuitous ARP packet to inform devices on the VLAN about the correct MAC address for that IP address. You can specify a time on a configurable global timer after which the MAC discard record is deleted and the switch resumes accepting packets from that MAC address.
For information about configuring this option using the CLI, see “Configuring spoof detection for a VLAN” on page 332.
VLAN Loop Detection
On a per-port basis, the Loop Detection feature detects MAC addresses that are looping from one port to other ports. After a loop is detected, the port on which the MAC addresses were learned is disabled. Additionally, if a MAC address is found to loop, the MAC address is disabled for that VLAN.
The Loop Detection feature is used at the edge of a network to prevent loops. It detects whether the same MAC address appears on different ports. This feature can disable a VLAN or a port. The Loop Detection feature can also disable a group of ports if it detects the same MAC address on two different ports five times in a configurable amount of time.
Note: If you use Split MultiLink Trunking (SMLT), configure this option on both SMLT aggregation switches to avoid connectivity issues.
Warning: Enabling the IP spoofing feature requires you to reboot the switch.
Note: The Loop Detection feature must only be enabled on SMLT ports, and never used on IST ports or core SMLT square or full mesh ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
66 Chapter 1 Layer 2 operational concepts
The Loop Detection feature is configured per-switch. If a loop detection event takes place, peer switches are not notified.
You can also use Simple Loop Prevention Protocol to detect VLAN loops (see “Simple Loop Prevention Protocol” on page 130).
The Loop Detection feature has the following traits:
• If a source MAC address is found to loop, and the specified loop detect action is mac-discard, the MAC address is disabled. Any incoming packets with this source or destination MAC address will be discarded for that VLAN.
• Ports, VLANs, and MAC addresses that have been disabled by the Loop Detection feature are reenabled for automatic recovery.
• The link flap feature sets ports to operational down rather than admin down.
• Loop detection cannot be enabled on interswitch trunk ports.
For information about configuring Loop Detection with Device Manager, see “Configuring VLAN Loop Detection” on page 173. For information about configuring Loop Detection with the CLI, see “Configuring VLAN Loop Detection” on page 327. For a CLI loop detection configuration example, see “SMLT triangle with loop detection configuration example” on page 508.
Spanning tree protocols
The Ethernet Routing Switch 8600 can use one of three spanning tree protocols. These include the Spanning Tree Protocol, the Rapid Spanning Tree Protocol, and the Multiple Spanning Tree Protocol.
For information about configuring spanning tree, see Chapter 4, “Configuring spanning tree using Device Manager,” on page 211 and Chapter 9, “Configuring STGs using the CLI,” on page 379.
This section includes the following topics:
• “Spanning Tree Protocol” on page 67
• “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 73
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 67
Spanning Tree Protocol
The operation of the Spanning Tree Protocol (STP) is defined in the IEEE 802.1d standard. The STP detects and eliminates logical loops in a bridged or switched network. When multiple paths exist, the spanning tree algorithm configures the network so that a bridge or switch uses only the most efficient path. If that path fails, the protocol automatically reconfigures the network and makes another path active, which sustains network operations. You can control path redundancy for VLANs by implementing the STP.
A network can include multiple instances of STP. The collection of ports in one spanning tree instance is called a spanning tree group (STG). Ethernet Routing Switch 8600 modules support STP and up to 64 spanning tree groups.
This section includes the following topics:
• “Spanning tree groups”
• “Spanning Tree FastStart” on page 69
• “Understanding STGs and VLANs” on page 69
• “Spanning Tree Protocol topology change detection” on page 70
• “Per-VLAN spanning tree” on page 71
Spanning tree groups
Each STG consists of a collection of ports that belong to the same instance of the STP protocol. These STP instances are completely independent from each other. For example, they send their own BPDUs, and they have their own timers.
For Ethernet Routing Switch 8600s, multiple STGs are possible within the same switch; that is, the routing switch can participate in the negotiation for multiple spanning trees.
Figure 11 on page 68 shows multiple spanning tree groups.
Configuring VLANs, Spanning Tree, and Link Aggregation
68 Chapter 1 Layer 2 operational concepts
Figure 11 Multiple spanning tree groups
Spanning Tree Protocol controls
The ports associated with a VLAN must be contained within a single spanning tree group. If you do not allow a VLAN to span multiple STGs, you avoid problems with spanning tree blocking ports (which causes a loss of connectivity within the VLAN).
Each untagged port can belong to only one STG, while tagged ports can belong to more than one STG. When a tagged port belongs to more than one STG, the spanning tree BPDUs are tagged to distinguish the BPDUs of one STG from those of another STG. BPDUs from STG 1 are not tagged. The tagged BPDUs are transmitted using a multicast MAC address as tagged frames with a VLAN ID, and you specify the multicast MAC address and the VLAN ID. Because tagged BPDUs are not part of the IEEE 802.1d standard, not all devices can interpret tagged BPDUs.
You can enable or disable the Spanning Tree Protocol at the port or at the spanning tree group level. If you disable the protocol at the group level, received BPDUs are handled like a MAC-level multicast and flooded out of the other ports of the STG. Note that an STG can contain one or more VLANs. Remember that MAC broadcasts are flooded out on all ports of a VLAN; a BPDU is a MAC-level message, but the BPDU is flooded out of all ports on the STG, which can encompass many VLANs.
When STP is globally enabled on the STG, BPDU handling depends on the STP setting of the port:
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 69
• When STP is enabled on the port, received BPDUs are processed in accordance with STP.
• When STP is disabled on the port, the port stays in a forwarding state, received BPDUs are dropped and not processed, and no BPDU is generated.
An alternative to disabling the Spanning Tree Protocol is to enable Spanning Tree FastStart.
Spanning Tree FastStart
Spanning Tree FastStart is an enhanced port mode supported by the Ethernet Routing Switch 8600. If you enable Spanning Tree FastStart on a port with no other bridges, Spanning Tree FastStart brings the port up more quickly following switch initialization or a spanning tree change. The port goes through the usual blocking and learning states before the forwarding state, but the hold times for these states is determined by the bridge hello timer (2 seconds by default) instead of the bridge forward delay timer (15 seconds by default). If the port receives a BPDU, it reverts to regular behavior.
FastStart is intended for access ports in which only one device is connected to the switch (as in workstations with no other spanning tree devices). It may not be desirable to wait the usual 30 to 35 seconds for spanning tree initialization and bridge learning.
Understanding STGs and VLANs
For the purposes of Spanning Tree Protocol negotiation, the ports on an Ethernet Routing Switch 8600 can be divided into groups of ports where each group of ports performs its own spanning tree negotiation with neighboring devices. In an Ethernet Routing Switch 8600, these groups of ports are called spanning tree groups (STG). The Ethernet Routing Switch 8600 supports up to 64 STGs.
Note: Use Spanning Tree FastStart with caution. This procedure is contrary to that specified in the IEEE 802.1d standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when the port is enabled through configuration.
Configuring VLANs, Spanning Tree, and Link Aggregation
70 Chapter 1 Layer 2 operational concepts
The ports in a VLAN are always a subset of the ports in an STG. AVLAN can include all the ports in a given STG, and there can be multiple VLANs in an STG, but a VLAN cannot have more ports than exist in the STG. Because VLANs are always subsets of STGs, the recommended practice is to plan STGs and then create VLANs.
In the Ethernet Routing Switch 8600 default configuration, a single STG encompasses all the ports in the switch. For most applications, this configuration is sufficient. The default STG is assigned ID 1 (STG1).
If a VLAN spans multiple switches, it must be within the same STG across all switches; that is, the ID of the STG in which it is defined must be the same across all devices.
Spanning Tree Protocol topology change detection
Change detection enables the detection of topology changes and sends a topology change notification (TCN) to the root on a per-port basis. Change detection is enabled by default. When change detection is enabled and a topology change occurs, a trap is sent with the following information so that you can identify the device:
• the MAC address of the STG sending the TCN
• the port number
• the STG ID
You can disable change detection on ports on which a single end station is connected, and where powering that end station on and off will trigger the TCN. Change detection is referenced in IEEE 802.1d.
Topology change detection configuration rules
When you work with change detection settings:
• You can configure change detection only on access ports. This also applies to link aggregation ports.
• If you disable change detection and then change the port from access to tagging-enabled, the switch automatically sets change detection to enabled for the port. This also applies to link aggregation ports.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 71
• In a link aggregation group with access ports, modifications to change detection for a member port are automatically applied to the remaining member ports.
To configure change detection using Device Manager, see “Configuring STG topology change detection” on page 225.
To configure change detection using the CLI, see “Configuring topology change detection” on page 389.
Per-VLAN spanning tree
The Ethernet Routing Switch supports standards-based IEEE 802.1d STP in addition to supporting proprietary mechanisms for multiple instances of spanning tree.
Unfortunately, the IEEE 802.1d spanning tree provides only one instance of the STP that can lead to incomplete connectivity for certain VLANs, depending on the network topology.
For example, Figure 12 shows a network in which one or more VLANs span only some switches. In this example, the STP can block a VLAN path if that VLAN does not span across all switches.
Figure 12 802.1d spanning tree
You can avoid this issue by configuring multiple spanning tree instances, as shown in Figure 13 on page 72.
Configuring VLANs, Spanning Tree, and Link Aggregation
72 Chapter 1 Layer 2 operational concepts
The Ethernet Routing Switch 8600 uses a tagged BPDU address that is associated with a VLAN tag ID. The VLAN tag ID is applied to one or more VLANs, and is used among switches to prevent loops. The same tagged BPDU address must be configured on all switches in the network.
The Cisco Systems proprietary implementation of multiple spanning tree (pre-IEEE 802.1s) is called PVST/PVST+ (Per VLAN Spanning Tree), which uses a spanning tree instance per VLAN.
Figure 13 Multiple instances of spanning tree
With software release 3.7 or greater, you can configure your Ethernet Routing Switch using either of two methods: Ethernet Routing Switch 8600 tagged BPDU or PVST+.
Similar to the Ethernet Routing Switch 8600 implementation of multiple STP instances, PVST+ uses the standard IEEE 802.1d STP for VLAN 1; all other VLANs use PVST+ BPDUs.
You can use IEEE 802.1Q VLAN tagging to tunnel the multicast PVST+ BPDUs within a IEEE 802.1Q region. The standard BPDUs for VLAN 1 are all addressed to the well-known STP multicast address 01-80-C2-00-00-00, while PVST+ BPDUs in other VLANs are addressed to the multicast address of 01-00-0C-CC-CC-CD.
You can use PVST+ to load balance the VLANs by changing the VLAN bridge priority.
For PVST+ configuration examples with included CLI commands, refer to “Per-VLAN Spanning Tree Plus (PVST+) configuration examples” on page 544.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 73
Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol
The Rapid Spanning Tree Protocol (RSTP or IEEE 802.1w) reduces the recovery time after a network breakdown. It also maintains backward compatibility with IEEE 802.1d (the spanning tree implementation prior to RSTP). In certain configurations, the recovery time of RSTP can be reduced to less than 1 second. RSTP also reduces the amount of flooding in the network by enhancing the way Topology Change Notification (TCN) packets are generated.
With Multiple Spanning Tree Protocol (MSTP or IEEE 802.1s), you can configure multiple instances of RSTP on the same switch. Each RSTP instance can include one or more VLANs. The operation of the MSTP is similar to the current Nortel proprietary MSTP.
Using RSTP and MSTP in addition to the current proprietary STP implementation, the Ethernet Routing Switch 8600 can achieve the following:
• reduced convergence time after a topology change (from 30 seconds to less than 1 or 2 seconds);
• unnecessary flushing of the MAC database and the flooding of traffic to the network eliminated;
• backward compatibility with legacy 802.1d switches;
• support for 64 instances of spanning tree in MSTP mode.
For RSTP and MSTP configuration examples, see “Rapid Spanning Tree Protocol configuration example” on page 554 and “Multiple Spanning Tree Protocol configuration example” on page 559.
Interoperability with legacy STP
RSTP provides a new parameter called ForceVersion to provide backward compatibility with legacy STP. A user can configure a port in either STP-compatible mode or RSTP mode.
• An STP-compatible port transmits and receives only STP BPDUs. Any RSTP BPDU that the port receives in this mode is discarded.
Configuring VLANs, Spanning Tree, and Link Aggregation
74 Chapter 1 Layer 2 operational concepts
• An RSTP-compatible port transmits and receives only RSTP BPDUs. If an RSTP port receives a STP BPDU, it becomes an STP port. User intervention is required to change this port back to RSTP mode. This process is called Port Protocol Migration.
Differences in port roles
RSTP is an enhanced version of STP. These two protocols have almost the same set of parameters.
Table 8 lists the differences in port roles for STP and RSTP. STP supports two port roles while RSTP supports four port roles.
Table 8 Differences in port roles for STP and RSTP
Port Role STP RSTP Description
Root Yes Yes This port receives a better BPDU than its own and has the best path to reach the Root. The root port is in Forwarding state. The root port and designated ports can be in the Discarding state before they go to root forwarding.
Designated Yes Yes This port has the best BPDU on the segment. The designated port is in the Forwarding state.
Alternate No Yes This port receives a better BPDU than its own BPDU, and there is a Root port within the same switch. The alternate port is in the Discarding state.
Backup No Yes This port receives a better BPDU than its own BPDU, and this BPDU is from another port within the same switch. The backup port is in the Discarding state.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 75
Port roles—root forwarding role
MSTP and RSTP root forwarding roles are as follows:
• The port that receives the best path BPDU on a switch is the root port, and is referred to as a Root Forwarding (RF) port. This is the port that is the closest to the root bridge in terms of path cost.
• The spanning tree algorithm elects a single root bridge in a bridged network per spanning tree instance.
• The root bridge is the only bridge in a network that does not have root ports; all ports on a root bridge are Designated Forwarding (DF).
• There can only be one path towards a root bridge on a given segment, otherwise there will be loops.
Port roles—designated forwarding role
MSTP and RSTP designated forwarding roles are as follows:
• All bridges connected on a given segment monitor each other’s BPDUs. The bridge that sends the best BPDU is, by mutual agreement, the root bridge for the segment.
• The corresponding port on the bridge is referred to as a Designated Forwarding Port.
Port roles—alternate blocking role
MSTP and RSTP alternate blocking roles are as follows:
• A blocked port is defined as a port not designated by a root port.
• An Alternate Blocked port is a port that is blocked because it received better path cost BPDUs from another bridge.
Edge port
RSTP uses a new parameter called the edge port. When a port connects to a non-switch device, such as a PC or a workstation, it must be configured as an edge port. An active edge port enters forwarding state without delay. An edge port becomes a non-edge port if it receives a BPDU.
Configuring VLANs, Spanning Tree, and Link Aggregation
76 Chapter 1 Layer 2 operational concepts
Path cost values
RSTP and MSTP recommend new path cost values that support a wide range of link speeds. Table 9 lists the recommended path cost values.
Negotiation process
The following section describes the negotiation process between switches that takes place before PCs can exchange data (see Figure 14 on page 77).
Table 9 Recommended path cost values
Link Speed Recommended Value
Less than or equal to 100 Kb/s
1 Mb/s
10 Mb/s100 Mb/s
200 000 000
20 000 000
2 000 000200 000
1 Gb/s
10 Gb/s100 Gb/s
20 000
2 000200
1 Tb/s
10 Tb/s
20
2
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 77
Figure 14 Negotiation process
After power-up, all ports assume the role of designated ports. All ports are in the discarding state except edge ports. Edge ports go directly into forwarding state without delay.
Switch A port 1 and switch B port 1 exchange BPDUs. Switch A knows that it is the root and that switch A port 1 is the designated port. Switch B learns that switch A has higher priority. Switch B port 1 becomes the root port. Both switch A port 1 and switch B port 1 are still in discarding state.
Switch A starts the negotiation process by sending a BPDU with the proposal bit set.
Switch B receives the proposal BPDU and sets its non-edge ports to discarding state. This operation occurs during the synchronization process.
Switch B sends a BPDU to switch A with the agreement bit set.
Configuring VLANs, Spanning Tree, and Link Aggregation
78 Chapter 1 Layer 2 operational concepts
Switch A sets port 1 to forwarding state and switch B sets port 1 to forwarding state. PC 1 and PC 2 can now communicate. The negotiation process now moves on to switch B port 3 and its partner port. PC 3 cannot exchange data with either PC 1 or PC 2 until the negotiation process between switch B and switch C finishes.
The RSTP convergence time depends on how quickly the switch can exchange BPDUs during the negotiation process, and on the number of switches in the network.
Link aggregation (MLT, SMLT, LACP, VLACP)
Link aggregation allows you to bundle a set of ports into a port group, which is represented as one logical interface to upper layer protocols.
Your Ethernet Routing Switch 8600 supports multiple types of link aggregation:
• MultiLink Trunking (MLT) is a statically configured link bundling method.
• IEEE 802.3ad-based link aggregation, through the Link Aggregation Control Protocol (LACP), supports a dynamic link aggregation function, which can add links dynamically, as they become available, to a trunk group.
• Both MLT and IEEE 802.3ad-based link aggregation are defined as point-to-point functions, although Split MultiLink Trunking (SMLT) allows you to connect a multilink trunk point to two SMLT endpoints. SMLT can connect two SMLT end points to two other SMLT endpoints as well.
• SMLT allows not only module redundancy, but also allows system redundancy while allowing bandwidth aggregation at the same time. In addition, SMLT functionality was extended to include LACP for dynamic link aggregation.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 79
• VLACP provides an end to end failure detection mechanism, which notifies the Ethernet Routing Switch 8600 of unidirectional or bidirectional link failures.
This section includes the following topics:
• “MultiLink Trunking (MLT)” on page 79
• “IEEE 802.3ad-based link aggregation” on page 91
• “Virtual LACP (VLACP)” on page 101
• “Split MultiLink Trunking (SMLT)” on page 106
MultiLink Trunking (MLT)
MultiLink Trunking is a point-to-point connection that aggregates multiple ports so that they logically act like a single port, but with the aggregated bandwidth. Grouping multiple ports into a logical link provides higher aggregate throughput on a switch-to-switch or switch-to-server application.
MultiLink Trunking provides media and module redundancy. Module redundancy is provided in the form of Distributed MLT (DMLT), which you can use to aggregate similar ports from different modules.
Note: For information about configuring link aggregation, see Chapter 5, “Configuring link aggregation using Device Manager,” on page 249 and Chapter 10, “Configuring link aggregation using the CLI,” on page 427.Note: See Chapter 12, “Device Manager configuration examples,” on page 491 and Chapter 13, “CLI configuration examples,” on page 503 for configuration examples, including CLI commands, for concepts described in this section.
Note: MLT links must be statically configured to be trunk group members.
Configuring VLANs, Spanning Tree, and Link Aggregation
80 Chapter 1 Layer 2 operational concepts
This section includes the following topics:
• “MLT traffic distribution algorithm”
• “MultiLink Trunking rules” on page 82
• “Multicast flow distribution over MLT” on page 83
• “Multicast distribution algorithm” on page 84
• “Multicast traffic redistribution” on page 86
• “MLT examples” on page 87
MLT traffic distribution algorithm
A multilink trunk can be used to aggregate bandwidth between two switches. The Ethernet Routing Switch 8600 uses one of two algorithms to determine which active port in the multilink trunk is used for each packet. The MLT algorithms provide load sharing while ensuring that each packet in a flow does not arrive out of sequence.
Traffic distribution algorithm for legacy modules
For non-R modules (that is, legacy, E, or M modules), the distribution algorithm for any bridged packet (except IP distribution) is based on:
(DestIP[5:0] XOR SrcIP[5:0]) MOD (number of active links)
Bridged and routed IP or routed Internetwork Packet Exchange (IPX) distribution is based on:
(DestMAC[5:0] XOR SrcMAC[5:0]) MOD (number of active links)
Traffic distribution algorithm for R modules
Release 4.1 uses an enhanced traffic distribution algorithm for R modules. This ensures proper traffic distribution in all customer networks. The entire MAC or IP source and destination fields, and a hardware-assisted hash mechanism, are used to obtain better load distribution.
Note: The algorithms are the same traffic distribution algorithms used for the IEEE 802.3ad-based link aggregation.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 81
The existing distribution algorithm for IP traffic (bridged or routed) using R modules is:
Result = (DestIP[5:0] XOR SrcIP[5:0])
Other types of traffic use:
Result = (DestMAC[5:0] XOR SrcMAC[5:0])
The result is used as an index to a table that is populated with active MLT ports repeated over 63 entries.
The distribution algorithm enhancement for any IPv4 traffic (bridged or routed) is to form a 64 bit hash key using the 32 bit DestIp and 32 bit SrcIp fields.
The distribution algorithm enhancement for any IPv6 traffic (bridged or routed) is:
64 bit key = (SrcIP[63:0] XOR srcIpIp[127:64])
64 bit key = ((64 bit key) XOR DestIp[63:0])
64 bit key = ((64 bit key) XOR DestIp[127:64])
The distribution algorithm enhancement for other types of traffic is to form a 64 bit hash key using the lower 32 bits of the DestMAC field and the lower 32 bits of the SrcMAC field:
Result = hash(64 bit key, hashFcn)
where hash is an RSP instruction and hashFcn is chosen to produce a 6 bit result. The hash function is 0x000c00003f000000, which contains a 25 bit seed, a 24 bit hash polynomial coefficient, and a 5 bit polynomial width.
The result is used as an index to a table that is populated with active multilink trunk ports repeated over 63 entries.
To view the MLT port calculated by the new distribution algorithm for R modules, use the following command:
config sys set hash-calc getmltindex traffic-type <value> dest-val <value> src-val <value> mltID <value>
Configuring VLANs, Spanning Tree, and Link Aggregation
82 Chapter 1 Layer 2 operational concepts
where
• traffic-type <value> is one of non-ip, ipv4, or ipv6
• dest-val <value> is the destination address in the range of 1 to 1536
• src-val <value> is the source address in the range of 1 to 1536
• mltID <value> is the MLT ID.
The source and destination addresses cannot have the same value. Figure 15 shows sample output for the config sys set hash-calc command.
Figure 15 Config sys set hash-calc output
MultiLink Trunking rules
All Ethernet Routing Switch 8600 multilink trunks operate under the following set of rules:
• MLT is supported on 10BaseT, 100BaseTX, 100BaseFX, Gigabit Ethernet, and 10 Gigabit Ethernet module ports.
• All ports in an multilink trunk must be of the same media type (copper or fiber) and have the same speed and duplex settings.
• All ports in a multilink trunk must be in the same STG, unless the port is tagged; tagging allows ports to belong to multiple STGs.
• MLT is compatible with the Spanning Tree Protocol.
• IEEE 802.1Q tagging is supported on a multilink trunk.
ERS-8610:5# config sys set hash-calc getmltindex traffic-type ipv4 dest-val 1 src-val 1 mltID 1
Dest-addr and Src-addr cannot be same!
ERS-8610:5# config sys set hash-calc getmltindex traffic-type ipv4 dest-val 1 src-val 2 mltID 1
mltHashIndex: 0x37mltId: 1, mltPortIndex 55 mltPort cpp
ERS-8610:5#
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 83
Ethernet Routing Switch 8600 multilink trunks have the following general features and requirements:
• Up to 128 MLT groups (using R modules and R mode) are supported with as many as 8 same-type ports belonging to a single multilink trunk.
• The ports in a multilink trunk can span modules, providing module redundancy.
• All ports in a multilink trunk must be in the same STG, unless the port is tagged; tagging allows ports to belong to multiple STGs.
• Apply filters individually to each port in a multilink trunk.
Multicast flow distribution over MLT
MultiLink Trunking (MLT) provides a mechanism for distributing multicast streams over a multilink trunk. The mechanism is based on source-subnet and group addresses, and you can use it to choose the address and the bytes in the address for the distribution algorithm.
As a result, you can distribute the load on different ports of the multilink trunk and achieve an even distribution of the streams. In applications such as TV distribution, multicast traffic distribution is particularly important, because bandwidth requirements can be substantial when a large number of TV streams are employed.
Note: This algorithm is the same multicast flow distribution algorithm used for IEEE 802.3ad-based link aggregation.
Note: The Multicast Distribution over MLT feature is supported only on Ethernet Routing Switch 8600 E, M, and R modules. As a result, all the modules that have ports in a multilink trunk must be Ethernet Routing Switch 8600 E, M, or R modules to enable multicast flow distribution over MLT.
Configuring VLANs, Spanning Tree, and Link Aggregation
84 Chapter 1 Layer 2 operational concepts
Multicast distribution algorithm
To determine the port for a particular source, group (S, G) pair, use the number of active MLT ports to MOD the number generated by the XOR (exclusive OR operation) for each byte of the masked group address, with the masked source address.
By default, the group mask and source mask is 255.255.255.255. A byte with a value of 255 in the mask means that the corresponding byte in the group or source address is taken into account when the algorithm is applied.
For example, given:
group address G[0].G[1].G[2].G[3]
group mask GM[0].GM[1].GM[2].GM[3]
source subnet address S[0].S[1].S[2].S[3]
source mask SM[0].SM[1].SM[2].SM[3]
The port is calculated using:
( ( ( (( G[0] AND GM[0] ) XOR ( S[0] AND SM[0] ) ) XOR ( (G[1] AND GM[0] ) XOR ( S[1] AND SM[1] )) ) XOR ( (G[2] AND GM[2] ) XOR ( S[2] AND SM[2] )) ) XOR ( ( G[3] AND GM[3] ) XOR ( S[3] AND SM[3] )) ) MOD (active ports of the MLT)
Algorithm example
The algorithm used for traffic distribution causes the distribution to be sequential if the streams are similar to those in this example.
For this example, assume that the MLT ports are 1/1 to 1/4, that the mask configuration is 0.0.0.0 for the source mask and 0.0.0.255 for the group mask, and that source A.B.C.D sends to groups:
X.Y.Z.1
X.Y.Z.2
X.Y.Z.3 to X.Y.Z.10
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 85
The algorithm chooses link 1/1 for group X.Y.Z.1, and then X.Y.Z.2 goes on port 1/2, X.Y.Z.3 goes on port 1/3, X.Y.Z.4 goes on port 1/4, X.Y.Z.5 goes on port 1/1, and so on.
Configuration example
In this configuration example, only the first byte of the group mask, and the first two bytes of the source subnet mask are considered when distributing the streams.
config sys mcast-mlt-distribution grp-mask 255.0.0.0config sys mcast-mlt-distribution src-mask 255.255.0.0config sys mcast-mlt-distribution enableconfig sys mcast-mlt-distribution redistribution enable
For a detailed description of commands used to configure multicast flow distribution over MLT, see the publication, Configuring IP Routing Multicast Protocols.
Note: When you configure flow distribution over MLT, Nortel recommends that you choose source and group masks that result in the most even traffic distribution over the multilink trunk links. For example, if you find that group addresses change incrementally, while there are few sources sending to different groups, use a source mask of 0.0.0.0 and a group mask of 255.255.255.255. In most cases, this provides a sequential distribution of traffic on the multilink trunk links.
Configuring VLANs, Spanning Tree, and Link Aggregation
86 Chapter 1 Layer 2 operational concepts
Multicast traffic redistribution
The overall goal of traffic redistribution is to achieve a distribution of the streams on the multilink trunk links in the event of an MLT configuration change. Traffic distribution is based on the IP multicast MLT distribution algorithm (see “Multicast distribution algorithm” on page 84), and the algorithm behavior is the same for R and non-R modules.
By default, redistribution is disabled. When you add or remove a link from the multilink trunk, the active streams continue flowing on their original links if redistribution is disabled. If redistribution is enabled, however, the active streams are redistributed according to the distribution algorithm on the links of the multilink trunk.
To minimize the effect of redistribution of multicast traffic on the multilink trunks, the implementation does not move the streams to the appropriate links all at once. Instead, it redistributes a few streams at every time tick of the system. To that end, when an MLT port becomes inactive and redistribution is disabled, only the affected streams are redistributed on the remaining active ports.
If redistribution is enabled, all the streams are redistributed on the MLT ports based on the assignment provided by the distribution algorithm. For more information, see “Multicast distribution algorithm” on page 84.
When a new port becomes active in a multilink trunk and redistribution is disabled, existing streams remain on their original links. If you need to redistribute the streams dynamically to split the load on all the links of the multilink trunk, you can enable redistribution. This results in a few streams being redistributed every system time tick.
For a detailed description of the commands used to configure multicast flow distribution over MLT, see Configuring IP Routing Multicast Protocols.
Note: Traffic redistribution can cause minor traffic interruptions.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 87
MLT examples
This section provides three MLT examples and includes the following topics:
• “Switch-to-switch MLT example”, next
• “Switch-to-server MLT example” on page 89
• “Client/server MLT example” on page 89
Configuring VLANs, Spanning Tree, and Link Aggregation
88 Chapter 1 Layer 2 operational concepts
Switch-to-switch MLT example
Figure 16 shows two multilink trunks (T1 and T2) connecting switch S1 to switches S2 and S3.
Figure 16 Switch-to-switch multilink trunk configuration
Each of the trunks shown in Figure 16 can be configured with multiple switch ports to increase bandwidth and redundancy. When traffic between switch-to-switch connections approaches single port bandwidth limitations, you can create a multilink trunk to supply the additional bandwidth required to improve performance.
9050EB
T1
T2
S1
S2 S3
Ethernet Routing Switch 8600
Legend
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 89
Switch-to-server MLT example
Figure 17 shows a typical switch-to-server trunk configuration. In this example, file server FS1 utilizes dual MAC addresses, using one MAC address for each network interface card (NIC). No multilink trunk is configured on FS1. FS2 is a single MAC server (with a four port NIC) and is configured as multilink trunk configuration T1.
As shown in this example, one port on FS1 is blocked, thus is unused, whereas FS2 benefits from having aggregated bandwidth on multilink trunk T1.
Figure 17 Switch-to-server multilink trunk configuration
Client/server MLT example
Figure 18 on page 90 shows an example of how multilink trunks can be used in a client/server configuration. In this example, both servers are connected directly to switch S1. FS2 is connected through a multilink trunk configuration (T1). The switch-to-switch connections are through multilink trunk T2, T3, and T4. Clients accessing data from the servers (FS1 and FS2) are provided with maximized
9051EB
00:80:2d:01:f0:0000:80:2d:01:f0:01
FS2
T1
FS1
Ethernet Routing Switch 8600
Legend
S1
MAC addresses
Configuring VLANs, Spanning Tree, and Link Aggregation
90 Chapter 1 Layer 2 operational concepts
bandwidth through T1, T2, T3, and T4. On the Ethernet Routing Switch 8600, trunk members (the ports that comprise each multilink trunk) do not have to be consecutive switch ports; they can be selected across different modules for module redundancy.
Figure 18 Client/server multilink trunk configuration
With spanning tree enabled, ports that belong to the same MultiLink Trunk operate as follows:
• All ports in the multilink trunk must belong to the same spanning tree group if spanning tree is enabled.
• Identical bridge protocol data units (BPDU) are sent from each port.
9052EB
T2 T3 T4
FS2
T1
FS1
S1
S2 S4S3
Ethernet Routing Switch 8600
Legend
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 91
• The multilink trunk port ID is the ID of the lowest numbered port.
• If identical BPDUs are received on all ports, the multilink trunk mode is forwarding.
• If no BPDU is received on a port or if BPDU tagging and port tagging do not match, the individual port is taken offline.
• Path cost is inversely proportional to the active multilink trunk bandwidth.
IEEE 802.3ad-based link aggregation
IEEE 802.3ad-based (IEEE 802.3 2002 clause 43) link aggregation allows you to aggregate one or more links together to form a link aggregation group (LAG), such that a MAC client can treat the LAG as if it were a single link.
Although IEEE 802.3ad-based link aggregation and MLT provide similar services, MLT is statically defined, whereas IEEE 802.3ad-based link aggregation is dynamic and provides more functionality through the Link Aggregation Control Protocol (LACP). LACP dynamically detects whether links can be aggregated into a link aggregation group and does so when links become available.
IEEE 802.3ad was designed for point-to-point link aggregation only. However, the Ethernet Routing Switch 8600 provides extensions to support IEEE 802.3ad in SMLT configurations, thereby allowing any IEEE 802.3ad-capable device to be connected to an SMLT aggregation pair.
This section includes the following topics:
• “Overview” on page 93
• “LACP” on page 94
• “Link aggregation operations” on page 94
• “Principles of link aggregation” on page 95
• “LACP and MLT” on page 97
• “LACP and SMLT” on page 98
• “LACP and routing” on page 98
Note: You can disable the Nortel Spanning Tree Protocol (ntstg <enable|disable>) if you do not want to receive BPDUs on all ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
92 Chapter 1 Layer 2 operational concepts
• “LACP priority” on page 98
• “LACP keys” on page 99
• “LACP timers” on page 99
• “LACP modes” on page 100
• “LACP and spanning tree interaction” on page 100
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 93
Overview
The IEEE 802.3ad standard comprises of service interfaces, the Link Aggregation Control Protocol, the Marker Protocol, link aggregation selection logic, parser/multiplexer, frame distribution, and frame collection functions.
Figure 19 shows the major functions of IEEE 802.3ad defined as multiple link aggregation.
Figure 19 Link aggregation sublayer (according to IEEE 802.3ad)
Configuring VLANs, Spanning Tree, and Link Aggregation
94 Chapter 1 Layer 2 operational concepts
LACP
The main purpose of LACP is to manage switch ports and their port memberships to form link aggregation groups (LAG). LACP can dynamically add or remove LAG ports, depending on their availability and states.
Aside from automatic link aggregation, a side benefit of LACP is its ability to detect link layer failure within a service provider network. LACP packets are exchanged end to end, thus if a link in the middle fails, but the local ports do not register the failure, LACP times out and disables the port for traffic. VLACP—Virtual LACP—can be used to speed up the link layer failure detection process if necessary.
The interfaces between the LACP module and the other modules is shown in Figure 19 on page 93.
Link aggregation operations
As shown in Figure 19 on page 93, the link aggregation sublayer comprises the following functions:
• Frame distribution:
This block takes frames submitted by the MAC client and submits them for transmission on the appropriate port, based on a frame distribution algorithm employed by the Frame Distributor.
Frame distribution also includes an optional Marker Generator/Receiver used for the Marker Protocol. For the Ethernet Routing Switch 8600, only the Marker Receiver function is implemented. Refer to “MultiLink Trunking (MLT)” on page 79 for details about the frame distribution function.
• Frame collection:
This block passes frames received from the various ports to the MAC client. Frame collection also includes a Marker Responder, used for the Marker Protocol.
• Aggregator Parser/Multiplexers:
— During transmission operations, these blocks pass frame transmission requests from the Distributor, Marker Generator, and Marker Responder to the appropriate port.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 95
— During receive operations, these blocks distinguish among Marker Request, Marker Response, and MAC Client PDUs, and pass each to the appropriate entity (Marker Responder, Marker Receiver, and Collector, respectively).
• Aggregator:
The combination of frame distribution and collection, along with Aggregator Parser/Multiplexers, is referred to as the Aggregator.
• Aggregation Control:
This block configures and controls link aggregation. It incorporates LACP, which can be used for automatic communication of aggregation capabilities between systems. and automatic configuration of link aggregation.
• Control Parser/Multiplexers:
— During transmission operations, these blocks pass frame transmission requests from the Aggregator and Control entities to the appropriate port.
— During receive operations, these blocks distinguish Link Aggregation Control PDUs (LACPDU) from other frames, passing the LACPDUs to the appropriate sublayer entity, and all other frames to the aggregator.
Principles of link aggregation
Link aggregation allows you to group switch ports together to form a link group to another switch or server, thus increasing aggregate throughput of the interconnection between the devices while providing link redundancy.
Link aggregation employs the following principles and concepts:
• A MAC client communicates with a set of ports through an aggregator, which presents a standard IEEE 802.3 service interface to the MAC client. The Aggregator binds to one or more ports within a system.
• The aggregator distributes frame transmissions from the MAC client to the various ports, and collects received frames from the ports and passes them to the MAC client transparently.
• A system can contain multiple aggregators serving multiple MAC clients. A given port binds to (at most) a single aggregator at any time. A MAC client is served by a single aggregator at a time.
Configuring VLANs, Spanning Tree, and Link Aggregation
96 Chapter 1 Layer 2 operational concepts
• The binding of ports to aggregators within a system is managed by the Link Aggregation Control function for that system. The control function determines which links can be aggregated, aggregates them, binds the ports within the system to an appropriate aggregator, and monitors conditions to determine when a change in aggregation is needed. Such determination and binding can be under manual control through direct manipulation of the state variables of link aggregation (for example, keys) by a network manager. In addition, automatic determination, configuration, binding, and monitoring can occur through the use of a LACP.
• The LACP uses peer exchanges across the links to determine, on an ongoing basis, the aggregation capability of the various links, and continuously provides the maximum level of aggregation capability achievable between a given pair of systems.
• Frame ordering is maintained for certain sequences of frame exchanges between MAC Clients. The distributor ensures that all frames of a given conversation are passed to a single port. For any given port, the collector is required to pass frames to the MAC client in the order that they are received from that port. The collector is otherwise free to select frames received from the aggregated ports in any order. Because there are no means for frames to be mis-ordered on a single link, this guarantees that frame ordering is maintained for any conversation.
• Conversations can be moved among ports within an aggregation, both for load balancing and for maintaining availability in the event of link failures.
• The standard does not impose any particular distribution algorithm on the distributor. Use an algorithm that is appropriate for the supported MAC client.
For frame distribution function details, see “MultiLink Trunking (MLT)” on page 79.
• Each port is assigned a unique, globally administered MAC address.
The MAC address is used as the source address for frame exchanges that are initiated by entities within the link aggregation sublayer itself (for example, LACP and Marker Protocol exchanges).
• Each aggregator is assigned a unique, globally administered MAC address, which is used as the MAC address of the aggregation from the perspective of the MAC Client, both as a source address for transmitted frames and as the destination address for received frames.
The MAC address of the aggregator can be one of the MAC addresses of a port in the associated LAG.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 97
LACP and MLT
When you configure standards-based link aggregation, you must enable the aggregatable field. After you enable the aggregatable field, the LACP aggregator is one-to-one mapped to the specified multilink trunk.
For example, when you configure a link aggregation group (LAG), use the following steps:
1 Assign a numeric key to the ports you want to include in the LAG.
2 Configure the LAG to be aggregatable.
3 Enable LACP on the port.
4 Create a multilink trunk and assign the same key to that multilink trunk.
The multilink trunk/LAG only aggregates those ports whose key matches its own.
The newly created multilink trunk/LAG adopts the VLAN membership of its member ports when the first port is attached to the aggregator associated with this LAG. When a port is detached from an aggregator, the port is deleted from the associated LAG port member list. When the last port member is deleted from the LAG, the LAG is deleted from all VLANs and STGs.
After the multilink trunk is configured as aggregatable, you cannot add or delete ports or VLANs manually.
To enable tagging on ports belonging to LAG, first disable LACP on the port, and then enable tagging on the port and enable LACP.
Configuring VLANs, Spanning Tree, and Link Aggregation
98 Chapter 1 Layer 2 operational concepts
LACP and SMLT
The following are some guidelines to follow when using LACP and SMLT:
• If you use LACP in an SMLT square configuration, the LACP ports must have the same keys for that SMLT LAG; otherwise, the aggregation can fail if a switch failure occurs.
• If an SMLT aggregation switch has LACP enabled on some of its multilink trunks, do not change LACP system priority after LACP is enabled on ports. If some ports do not enter the desired multilink trunk after a dynamic configuration change, use the CLI command (assume MLT 10): conf mlt 10 lacp clear-link-aggrgate
• Nortel recommends that LACP not be enabled on interswitch trunks to avoid unnecessary processing and to maintain simplicity. If a failure detection mechanism is required when there is an optical network between the SMLT core switches, use VLACP.
LACP is supported on single port split multilink trunks and split multilink trunks.
LACP and routing
If Open Shortest Path First (OSPF) routing is enabled on the port, do not set the LACP periodic transmission timer to less than 1 second.
LACP priority
LACP priority is configured at the system level and at the port level.
• Port priority—determines which ports are aggregated into LAG if more than eight ports are configured for the LAG, as in a standby-port configuration.
Note: The Ethernet Routing Switch 8600 Software Release 4.1 does not support the use of Simple Loop Prevention Protocol (SLPP) in an LACP-SMLT environment.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 99
• System priority—generates the switch ID when communicating with other switches. For SMLT applications, this is used to determine a master/slave relationship between the SMLT switches. Nortel recommends that this value remain at its default value. If it must be changed, Nortel recommends that you disable LACP first, and then reenable it after the value is changed.
LACP keys
LACP keys are used to determine which ports are eligible to be aggregated into a LAG. The LACP keys are defined under the ports when the multilink trunk is configured. The ports whose keys match the multilink trunk’s key can be aggregated into that multilink trunk.
• Keys need not match between two LACP peers.
• Keys must match on SMLT core switches when using LACP with SMLT.
LACP timers
You can customize failover times by changing the LACP timer attributes (fast periodic time; slow periodic time; aggregate wait time). These values are set by default to match the IEEE 802.3ad values. If they are changed, these values must match on the ports participating in aggregation between two devices.
Any changes to these values at the global level are reflected on all ports. However, these values can be changed on a per-port level. When you change a LACP timer globally, this value is set on all ports. The global timer value overwrites the local port value irrespective of the LACP state. You must reconfigure any port values that differ from the global values.
The user can use either the fast or slow timer, and this is set on the port level. By default, the Ethernet Routing Switch 8600 uses the long timer. LACP uses the following timers, which have the parameters indicated:
• fast periodic timer—200 to 20 000 ms; default 1000 ms
• slow periodic timer—10 000 to 30 000 ms; default 30 000 ms
• aggregation wait timer—200 to 2000; default 2000
Configuring VLANs, Spanning Tree, and Link Aggregation
100 Chapter 1 Layer 2 operational concepts
Timer changes must be made to all ports participating in link aggregation, as well as to the ports on the partnering node.
When you enable LACP on a port, the timer values used are those set at the port level. Toggling of the LACP status is required when timer values change. Existing ports are not impacted by this change unless you toggle the LACP status on the port.
LACP modes
LACP uses two mode types, active and passive.
• Active mode—ports initiate the aggregation process. Active mode ports aggregate with other active mode ports or passive mode ports.
• Passive mode—ports participate in LACP but do not initiate the aggregation process. Passive mode ports must be partnered with active mode ports for aggregation to occur.
LACP and spanning tree interaction
LACP module operation is only affected by the physical link state or its LACP peer status. When a link is enabled or disabled, the LACP module is notified. The STP forwarding state does not affect the operation of LACP module. LACPDUs can be sent even if the port is in the STP blocking state.
Unlike legacy multilink trunks, configuration changes (such as speed and duplex mode) to a LAG member port are not applied to all the member ports in the multilink trunk. Instead, the changed port is removed from the LAG and the corresponding aggregator, and the user is alerted when the configuration is created.
Note: Configuration changes to the LACP timers are not reflected immediately. LACP timers are not reset until the next time LACP is restarted globally or on a port. This action ensures consistency with peer switches.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 101
In contrast to MLT, IEEE 802.3ad-based link aggregation does not expect BPDUs to be replicated over all ports in the trunk group. Therefore, you must enter the ntstg disable command to disable the parameter on the spanning tree group for LACP-based link aggregation. See “Configuring Spanning Tree Protocol” on page 385 for more information about this command.
Be aware that this parameter is applicable to all trunk groups that are members of the spanning tree group. This is necessary when internetworking with devices that only send BPDUs out of one port of the LAG.
Link aggregation rules
Ethernet Routing Switch 8600 link aggregation groups operate under the following rules:
• All ports in a LAG must operate in full-duplex mode.
• All ports in a LAG must operate at the same data rate.
• All ports in a LAG must be in the same VLAN.
• Link aggregation is compatible with the Spanning Tree Protocol (STP).
• Link aggregation groups must be in the same STP groups.
• Ports in a link aggregation group can exist on different modules.
• A maximum of 32 link aggregation groups (128 for R modules in R mode) are supported.
• A maximum of eight active links are supported per LAG.
• A maximum of eight standby links are supported per LAG.
• With the 4.1 release, you can configure up to eight ports (mixture of active and standby ports) in an 802.3ad group.
Virtual LACP (VLACP)
Virtual LACP is an LACP extension that is used for end to end failure detection.VLACP uses the Hello mechanism of LACP to periodically send Hello packets to ensure there is end to end reachability. When Hello packets are not received, VLACP transitions to a failure state, which indicates a service provider failure, and the port is disabled. An advantage of VLACP is that VLACP timers can be reduced to 200 milliseconds, which allows approximately one second failure detection and switchover time.
Configuring VLANs, Spanning Tree, and Link Aggregation
102 Chapter 1 Layer 2 operational concepts
For the Ethernet Routing Switch 8600 Software Release 4.1, the VLACP fast periodic timer is reduced to 10 ms, which allows sub-100 ms failover time. To attain sub-100 ms core convergence, each switch must use the Enterprise enhanced CPU daughter card 8692SF (also called SuperMezz). This feature is only supported between core Ethernet Routing Switches. For more information about this feature, see “VLACP timers and sub-100 ms core convergence” on page 104.
VLACP only works for port-to-port communications where there is a guarantee for a logical port-to-port match through the service provider. It does not work for port-to-multiport communications where there is no guarantee for a point-to-point match through the service provider. VLACP can be configured on a port in addition to LACP. LACP can be used for link aggregation, and VLACP can be used for end to end failure detection.
Ethernet cannot detect end to end failures. Ethernet was extended to detect remote link failures through functions such as remote fault indication or far-end fault indication mechanisms, but a major limitation of these functions is that they terminate at the next Ethernet hop; failures cannot be determined on an end to end basis.
For example, as shown in Figure 20 on page 103, when enterprise networks connect their aggregated Ethernet trunk groups through a service provider network connection (for example, through a VPN), far-end failures cannot be signaled with Ethernet-based functions that operate end to end through the service provider cloud. In this example, the multilink trunk (between enterprise switches S1 and S2) extends through the service provider (SP) network.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 103
Figure 20 Problem description (1 of 2)
As shown in Figure 21, if the L2 link on S1 (S1/L2) fails, the link-down failure is not propagated over the SP network to S2. Thus S2 continues to send traffic over the failed S2/L2 link.
Figure 21 Problem description (2 of 2)
Note that LACP, as defined by IEEE, is a protocol that exists between two bridge endpoints; therefore the LACP PDUs are terminated at the next SP interface.
Configuring VLANs, Spanning Tree, and Link Aggregation
104 Chapter 1 Layer 2 operational concepts
Using VLACP, far-end failures can be detected, which allows MLT to properly failover when end to end connectivity is not guaranteed for certain links in an aggregation group. VLACP prevents the failure scenario shown in Figure 21 on page 103.
When used in conjunction with SMLT, VLACP allows you to switch traffic around entire network devices before Layer 3 protocols detect a network failure, thus minimizing network outages.
The Ethernet Routing Switch 8600 Software Release 4.1 uses the following VLACP timers, which have the parameters indicated:
• fast periodic timer—10 to 20 000 ms; default 200 ms
• slow periodic timer—10 000 to 30 000 ms; default 30 000 ms
VLACP timers and sub-100 ms core convergence
Ethernet Routing Switch 8600 Software Release 4.1 can attain sub-100 millisecond (ms) failover time. The VLACP fast periodic timer is reduced to a minimum value of 10 ms to enable sub-100 ms convergence. Sub-100 ms convergence guarantees ultra fast convergence for critical business and multimedia applications.
To attain sub-100 ms core convergence, each switch must use the Enterprise enhanced CPU daughter card 8692SF (also called SuperMezz). This feature is only supported between core Ethernet Routing Switch 8600s. For more information about SuperMezz, see the document Installing Ethernet Routing Switch 8600 Modules.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 105
Figure 22 on page 106 depicts four core Ethernet Routing Switch 8600s equipped with SuperMezz modules exchanging fast periodic timer messages to acheive sub-100 ms convergence. Table 10 compares the timer ranges (in milliseconds) used in VLACP and LACP for Release 3.7 and 4.1.
Table 10 Ethernet Routing Switch 8600 LACP and VLACP timer comparison
Release 3.7Release 4.1 without SuperMezz
Release 4.1 with SuperMezz
LACP
Fast periodic timer range (ms) 200 to 20 000Default 1000
200 to 20 000Default 1000
200 to 20 000Default 1000
Slow periodic timer range (ms) 10 000 to 30 000
Default 30 000
10 000 to 30 000
Default 30 000
10 000 to 30 000
Default 30 000
Aggregation wait timer range (ms) 200 to 2000
Default 2000
200 to 2000
Default 2000
200 to 2000
Default 2000
VLACP
Fast periodic timer range (ms) 200 to 20 000
Default 1000
200 to 20 000
Default 1000
10 to 20 000 (NEW)
Default 2000
Slow periodic timer range (ms) 10 000 to 30 000Default 30 000
10 000 to 30 000Default 30 000
10 000 to 30 000Default 30 000
Configuring VLANs, Spanning Tree, and Link Aggregation
106 Chapter 1 Layer 2 operational concepts
Figure 22 Sub-100 ms convergence between SuperMezz modules
Split MultiLink Trunking (SMLT)
This section describes the Split MultiLink Trunking (SMLT) feature and includes the following topics. For help with common terms and acronyms used with SMLT, refer to the “Glossary” on page 573.
• “Overview”
• “Advantages of SMLT” on page 107
• “How does SMLT work?” on page 111
• “SMLT-on-Single-CPU feature” on page 118
• “Single Port SMLT” on page 119
Note: Routed SMLT, or RSMLT, is a Layer 3 protocol whereas SMLT is a Layer 2 protocol. SMLT is described in this document, and RSMLT is described in the document Configuring IP Routing Operations.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 107
• “Using MLT-based SMLT with Single Port SMLT” on page 125
• “SMLT network design considerations” on page 127
Overview
Link aggregation technologies are popular for improving link bandwidth efficiency and preventing link failures. IEEE 802.3ad is the standardized link aggregation protocol, although various vendors have developed their own proprietary implementations. IEEE 802.3ad is defined for point-to-point applications, however; it was not designed to recover around a nodal failure.
Split MultiLink Trunking (SMLT) is an extension to IEEE 802.3ad that improves Layer 2 and Layer 3 resiliency by providing nodal protection, in addition to link failure protection, and flexible bandwidth scaling. SMLT achieves this by allowing edge switches using IEEE 802.3ad to dual-home to two SMLT aggregation switches. SMLT is transparent to attached devices supporting IEEE 802.3ad.
Because SMLT inherently avoids loops due to its superior enhanced link aggregation protocol, SMLT networks do not need to use the IEEE 802.1d Spanning Tree Protocol to enable loop-free triangle topologies. This is accomplished by implementing a method that allows two aggregation switches to appear as a single device to edge switches, which are dual-homed to the aggregation switches. The aggregation switches are interconnected using an interswitch trunk, which allows them to exchange addressing and state information (permitting rapid fault detection and forwarding path modification). Although SMLT is primarily designed for Layer 2, it also provides benefits for Layer 3 networks as well.
Advantages of SMLT
SMLT improves the reliability of Layer 2 networks that operate between user access switches and the network center aggregation switch by providing:
• Load sharing among all links
Note: Layer 2 edge switches must support some form of link aggregation (such as MLT) to allow communications with an SMLT aggregation switch.
Configuring VLANs, Spanning Tree, and Link Aggregation
108 Chapter 1 Layer 2 operational concepts
• Fast failover in case of link failures
• Elimination of single point of failure
• Fast recovery, in case of nodal failure
• Transparent and interoperable solutions
• Removes STP convergence issues
These advantages are described in more detail in the sections that follow.
Single point of failure elimination
SMLT helps eliminate all single points of failure and creates multiple paths from all user access switches to the core of the network. In case of failure, SMLT recovers as quickly as possible so that no capacity is unused. SMLT provides a transparent and interoperable solution that requires no modification on the part of the majority of existing user access devices.
SMLT compared to Spanning Tree Protocol
Networks that are designed to have user access switches dual-homed to two aggregation switches, and have VLANs spanning two or more user access switches, experience the following design constraints:
• Spanning tree must be used to detect loops
• No load sharing exists over redundant links
• Network convergence is slow in case of failure
Note: R modules support SMLT over 10 Gigabit Ethernet. This is available only on the 8683XLR/XZR modules.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 109
Figure 23 shows a typical aggregator switch configuration that is dependent upon STP for loop detection.
Figure 23 Resilient networks with Spanning Tree Protocol
As shown in Figure 24 on page 110, with the introduction of SMLT, all dual-homed Layer 2 frame-switched network devices are no longer dependent upon Spanning Tree Protocol for loop detection, because a properly designed SMLT network inherently does not have any logical loops.
Similarly, Layer 3 networks can benefit from SMLT as well.
Configuring VLANs, Spanning Tree, and Link Aggregation
110 Chapter 1 Layer 2 operational concepts
Figure 24 Resilient networks with SMLT
SMLT solves the spanning tree problem by combining two aggregation switches into one logical MLT entity, thus making it transparent to any type of edge switch. In the process, it provides quick convergence, while load sharing across all available trunks.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 111
How does SMLT work?
Figure 25 illustrates an SMLT configuration with a pair of Ethernet Routing Switch 8600 devices (E and F) as aggregation switches. Also included are four separate user access switches (A, B, C, and D). Refer to the following sections for a description of the components shown in this SMLT example.
• “Interswitch trunking”
• “CP Limit and SMLT interswitch trunking” on page 112
• “Other SMLT aggregation switch connections” on page 114
Figure 25 Ethernet Routing Switch 8600 as SMLT aggregation switches
Interswitch trunking
SMLT aggregation switches must be connected through an interswitch trunk. For example, user access switches B and C are connected to the aggregation switches via multilink trunks split between the two aggregation switches. As shown in Figure 25, the implementation of SMLT only requires two SMLT-capable aggregation switches. These switches must be connected through an interswitch trunk.
Configuring VLANs, Spanning Tree, and Link Aggregation
112 Chapter 1 Layer 2 operational concepts
Aggregation switches use the interswitch trunk to:
• Confirm that they are alive and exchange MAC address forwarding tables.
• Send traffic between single switches attached to the aggregation switches.
• Serve as a backup if one SMLT link fails.
Because the interswitch trunk is required for SMLT, for proper operation Nortel recommends that you use multiple links on the interswitch trunk to ensure reliability and high availability. Nortel recommends using Gigabit Ethernet links for interswitch trunk connectivity to provide enough bandwidth for potential cross traffic.
CP Limit and SMLT interswitch trunking
Control packet rate limit (CP Limit) is a feature that controls the amount of multicast and broadcast traffic that can be sent to the CPU from a physical port. It protects the CPU from being flooded by traffic from a single, unstable port. The CP-Limit default settings are:
• default state = enabled
• default multicast packets-per-second (pps) value = 15 000
• default broadcast pps value = 10 000
Note that for SMLT ports, CP Limit is enabled by default. Packets that are destined for the control plane (that is, packets that have a QoS level of 7 such as BPDU, OSPF hello) trigger this feature. When the threshold is reached, CP Limit disables the port from which the offending traffic is received.
Note: Asynchronous Transfer Mode (ATM) and Packet over SONET (PoS) links are not supported for use as interswitch trunk links.
Note: When you configure SMLT links, Nortel recommends setting the multicast packets-per-second value to 6000 pps.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 113
You can enable CP Limit for all ports so that the Ethernet Routing Switch 8600 can disable any port that receives excess control traffic. SMLT is an exception because of the importance of the interswitch trunk. Nortel recommends that you disable the CP Limit feature on all interswitch trunk ports so that these ports are not disabled, which can compromise the stability of SMLT.
Do not confuse CP Limit with port rate limiting. Port rate limiting and CP Limit serve different purposes. Port level rate limiting, if enabled, limits all packets with broadcast and multicast addresses to control the amount of user traffic. CP Limit is a protection mechanism for the control plane that only counts packets that are destined for the control plane, or packets that are processed by the CPU with a QoS=7.
The CPU can count packets which are not counted by the CP Limit feature. Such packet types can include auto-topology or NetBIOS. The QoS level ensures that control plane traffic (with QoS=7) is processed first in the case of congestion in the CPU buffer.
If the actual packets-per-second rate sent from a port exceeds the defined rate, then the port is administratively shut down to protect the CPU from continued bombardment. Disabling interswitch trunk ports in this way can impair network traffic flow, as this is a critical port for SMLT configurations.
Disabling CP Limit on interswitch trunk multilink trunk ports forces another, less-critical port to be disabled if the defined CP Limits are exceeded. In doing so, you preserve network stability if a protection condition (CP Limit) arises. Note that, although it is likely that one of the multilink trunk ports (risers) will be disabled in such a condition, traffic continues to flow uninterrupted through the remaining SMLT ports.
Note: Nortel recommends that an interswitch multilink trunk contain at least two physical ports. Nortel also recommends that you disable CP-Limit on all physical ports that are members of an interswitch trunk multilink trunk.
Note: CP Limit can only be configured through the CLI.
Configuring VLANs, Spanning Tree, and Link Aggregation
114 Chapter 1 Layer 2 operational concepts
The command syntax to enable or disable CP Limit is:
config ethernet <slot/port> cp-limit <enable|disable>
The Ethernet Routing Switch 8600 also supports the Extended CP Limit feature. For more information about Extended CP Limit, see Configuring Network Management.
Other SMLT aggregation switch connections
The example shown in Figure 25 on page 111 includes end stations which connect to each of the switches. In this example, a, b1, b2, c1, c2, and d are clients and printers, while e and f are servers or routers.
User access switches B and C can use any method to determine which link of their multilink trunk connections to use to forward a packet, as long as the same link is used for a given source/destination address (SA/DA) pair. This is true regardless of whether the DA is known by B or C. SMLT aggregation switches always send traffic directly to a user access switch, and only use the interswitch trunk for traffic that they cannot forward in another, more direct way.
The examples that follow explain the process in more detail.
This section includes the following topics:
• “Example 1: Traffic flow from a to b1 or b2”
• “Example 2: Traffic flow from b1/b2 to c1/c2” on page 115
• “Example 3: Traffic flow from a to d” on page 115
• “Example 4: Traffic flow from f to c1/c2” on page 115
Example 1: Traffic flow from a to b1 or b2
Assuming a and b1/b2 are communicating through Layer 2, traffic flows from A to switch E and is forwarded over its direct link to B. Traffic coming from b1 or b2 to a is sent by B on one of its multilink trunk ports.
B can send traffic from b1 to a on the link to switch E, and traffic from b2 to a on the link to F. In the case of traffic from b1, switch E forwards the traffic directly to switch A, while traffic from b2, which arrived at F, is forwarded across the interswitch trunk to E and then on to A.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 115
Example 2: Traffic flow from b1/b2 to c1/c2
Traffic from b1/b2 to c1/c2 is always sent by switch B through its multilink trunk to the core. No matter which switch (E or F) it arrives at, it will be sent directly to C through the local link.
Example 3: Traffic flow from a to d
Traffic from a to d (and d to a) is forwarded across the interswitch trunk because it is the shortest path. This is treated as a standard link; SMLT and interswitch trunk parameters are not considered.
Example 4: Traffic flow from f to c1/c2
Traffic from f to c1/c2 is sent out directly from F. Return traffic from c1/c2 allows you to have one active VRRP Master per IP subnet. It is passed across the interswitch trunk if switch C sends it to E.
Traffic flow in an SMLT environment
Traffic flow in an SMLT environment follows these rules:
• If a packet is received from an interswitch trunk port, it is not forwarded to any active SMLT groups. This is key in preventing network loops.
• When a packet is received, a look-up is performed on the forwarding database. If an entry exists, and if the entry was learned locally from the split multilink trunk or through the interswitch trunk as a remote split multilink trunk, it is forwarded out the local port (the packet should not be sent to the interswitch trunk for forwarding unless there is no local connection). Unknown and Broadcast packets are flooded out all ports that are members of this VLAN.
• For loadsharing purposes in an SMLT scenario, the Ethernet Routing Switch 8600 obeys the MLT traffic distribution algorithm. See “MLT traffic distribution algorithm” on page 80 for more details about the algorithms.
Configuring VLANs, Spanning Tree, and Link Aggregation
116 Chapter 1 Layer 2 operational concepts
Traffic flow example
In an SMLT environment, the two aggregation switches share the same forwarding database by exchanging forwarding entries using the IST. In Figure 26 on page 117, the forwarding databases are shown for a pair of IST nodes (B and C). Note that the entry for 00:E0:7B:B3:04:00 is shown on node C as being learned on MLT-1, but because SMLT REMOTE is true, this entry was actually learned from node B. On B, that same entry is shown as being directly learned through MLT-1 because SMLT REMOTE is false. Figure 27 on page 118 shows the network topology.
When a packet arrives at node C destined for 00:E0:7B:B3:04:00, if the SMLT REMOTE status is true, then the switch tries to send the packet out MLT-1 first, rather than through the interswitch trunk. Traffic rarely traverses the interswitch trunk unless there is a failure. If this same packet arrives at B, then it will be forwarded to MLT-1 on the local ports.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 117
Figure 26 Output of the command show vlan info fdb-e 10
Response from B:
ERS-8610:5# show vlan info fdb-e 10=========================================================================
Vlan Fdb=========================================================================VLAN MAC QOS SMLT ID STATUS ADDRESS INTERFACE MONITOR LEVEL REMOTE-------------------------------------------------------------------------10 self 00:00:5e:00:01:01 - false 1 false10 learned 00:80:2d:ba:d6:01 MLT-5 false 1 true10 self 00:80:2d:be:22:01 - false 1 false10 learned 00:e0:7b:b3:04:00 MLT-1 false 1 false10 learned 00:e0:7b:b3:04:10 MLT-1 false 1 true
Response from C:
=========================================================================Vlan Fdb
=========================================================================VLAN MAC QOS SMLTID STATUS ADDRESS INTERFACE MONITOR LEVEL REMOTE-------------------------------------------------------------------------10 self 00:00:5e:00:01:01 - false 1 false10 self 00:80:2d:ba:d6:01 - false 1 false10 learned 00:80:2d:be:22:01 MLT-5 false 1 true10 learned 00:e0:7b:b3:04:00 MLT-1 false 1 true10 learned 00:e0:7b:b3:04:10 MLT-1 false 1 false
Configuring VLANs, Spanning Tree, and Link Aggregation
118 Chapter 1 Layer 2 operational concepts
Figure 27 Network topology for traffic flow example
SMLT-on-Single-CPU feature
Beginning with Ethernet Routing Switch 8600 Software Release 3.5 and continuing through the latest hardware revisions, an enhancement was added to improve SMLT failover behaviors for single CPU/SF configurations.
Prior to this release, Nortel required that two switch fabric modules be installed in a chassis running SMLT. This was a requirement because SMLT clients did not reroute traffic around SMLT aggregation switches with a single failed CPU. Thus, packet loss can occur in this rare failure case.
The SMLT-on-Single-CPU feature establishes a polling mechanism between the CPU and the interface modules. Because single CPU/SF configurations do not benefit from standard CPU/SF redundancy, in the rare event that a CPU failure occurs on the aggregation switch, this enhancement forces the interface modules offline and allows network redundancy configurations to activate more quickly.
You can configure this feature using the CLI. For instructions, see “Configuring SMLT-on-Single-CPU” on page 462.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 119
This feature is applicable to all I/O modules capable of supporting the new Single CPU/Switch Fabric reliability enhancement. By default, the SMLT-on-Single-CPU feature is disabled.
The SMLT-on-Single-CPU feature can also be implemented on dual SSF/CPU chassis, and is independent of SMLT design. In dual SSF/CPU systems, Nortel recommends that you consider enabling this feature. Its use provides for faster High-Availability-like failover for dual SSF/CPU systems in terms of proper link status. This feature is fully supported on R modules; R modules always operate in this mode independent of configuration settings. R modules have been designed for faster failover without software control.
Note that not all versions of classic (legacy) modules can support this feature. If non-supported modules are in a chassis which has this feature enabled, those modules will not be initialized and an error message will be logged to the log file. For information on module version support consult your Nortel representative. For example, the 8608SX/8608SXE modules are one example of non-supported module types.
Single Port SMLT
Single Port SMLT lets you configure a split multilink trunk using a single port. The Single Port SMLT behaves like an MLT-based SMLT, and can coexist with SMLTs in the same system. Single Port SMLT lets you scale the number of split multilink trunks on a switch to the maximum number of available ports.
Split multilink trunk links can exist in the following combinations on the SMLT-aggregation switch pair:
• MLT-based SMLT + MLT-based SMLT
• MLT-based SMLT + single link SMLT
• single link SMLT + single link SMLT
Rules for configuring Single Port SMLT include:
• The dual-homed device that connects to the aggregation switches must support MLT.
Configuring VLANs, Spanning Tree, and Link Aggregation
120 Chapter 1 Layer 2 operational concepts
• Single Port SMLT is supported on Ethernet, PoS, and ATM ports.
• Each Single Port SMLT is assigned an SMLT ID from 1 to 512.
• Single Port SMLT ports can be designated as Access or Trunk (that is, IEEE 802.1Q tagged or not); changing the type does not affect their behavior.
• You cannot change a single port split multilink trunk to an MLT-based SMLT by adding more ports. You must delete the single port split multilink trunk, and then reconfigure the port as SMLT/MLT.
• You cannot change an MLT-based split multilink trunk into a single port split multilink trunk by deleting all ports but one. You must first remove the SMLT/MLT, then reconfigure the port as Single Port SMLT.
• A port cannot be configured as a MLT-based split multilink trunk and as a single port split multilink trunk at the same time.
• Two or more aggregation switches can have single port split multilink trunks with the same IDs. You can have as many single port split multilink trunks as there are available ports on the switch.
• LACP is supported on single port split multilink trunks.
Split multilink trunk topologies
There are four generic topologies in which SMLT can be deployed. The user can choose either a Single Port SMLT configuration, a triangle configuration, a square configuration, or a full mesh configuration, depending on the resiliency and redundancy required.
Note: Single Port SMLT is not supported on the 8681 module 10 Gigabit Ethernet ports with Software Release 3.5.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 121
Single Port SMLT topology
Sometimes you need to exceed the Ethernet Routing Switch 8600 multilink trunk Group ID limit for server farm applications. In this case, you can use Single Port SMLT (see Figure 28). This topology allows scaling up to the maximum number of ports on a switch. Any Layer 2 switch capable of link aggregation can be used as the client in this case.
Figure 28 Single Port SMLT topology
Configuring VLANs, Spanning Tree, and Link Aggregation
122 Chapter 1 Layer 2 operational concepts
SMLT triangle topology
The most often used configuration, the triangle configuration, connects multiple access switches to a pair of Ethernet Routing Switch 8600 devices. In many cases, dual-NIC servers capable of link aggregation are connected directly to the Ethernet Routing Switch 8600 devices in a similar fashion. Figure 29 depicts Extranet Switches (ES) as the SMLT Clients. In real-world applications, any Layer 2 device capable of link aggregation can become the SMLT client.
Figure 29 SMLT triangle topology
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 123
SMLT square topology
Often used in an enterprise core, the square SMLT configuration provides network resiliency. Figure 30 shows this topology.
Figure 30 SMLT square topology
Configuring VLANs, Spanning Tree, and Link Aggregation
124 Chapter 1 Layer 2 operational concepts
SMLT full mesh topology
For maximum reliability and resiliency, all SMLT nodes can be fully meshed. This may not be an economical solution for many cases, but if traffic loss cannot be tolerated, this design can route traffic around any failure. Figure 31 shows the full mesh topology.
Figure 31 SMLT full mesh topology
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 125
Using MLT-based SMLT with Single Port SMLT
You can configure a split multilink trunk with a single port split multilink trunk on one side and an MLT-based split multilink trunk on the other. Both must have the same SMLT ID. In addition to general use, Figure 32 shows how this configuration can be used for upgrading an MLT-based split multilink trunk to a single port split multilink trunk without taking down the split trunk.
Figure 32 Changing a split trunk from MLT-based SMLT to Single Port SMLT
To configure Single Port SMLT using Device Manager, see “Configuring a single port split multilink trunk” on page 286.
Switch A
Switches A and B are configured withMLT-based SMLT.
1
Switch B
MLT-basedSMLT ID 10
MLT-basedSMLT ID 10
IST
Switch A
Delete MLT-based SMLT 10 on switch B. Alltraffic switches over SMLT 10 on switch A.
2
Switch B
MLT-basedSMLT ID 10
IST
Switch A
Configure single port SMLT ID 10 on switch B.Traffic switches over both sides of split trunk.
3
Switch B
MLT-basedSMLT ID 10
Single portSMLT ID 10
Single portSMLT ID 10
IST
Switch A
Configure single port SMLT 10 on switch A. Trafficswitches over both sides of split trunk.
5
Switch B
Single portSMLT ID 10
Single portSMLT ID 10
IST
Switch A
Delete MLT-based SMLT 10 on switch A. Alltraffic switches over single port SMLT 10 onswitch B.
4
Switch B
IST
11099EA
Configuring VLANs, Spanning Tree, and Link Aggregation
126 Chapter 1 Layer 2 operational concepts
To configure Single Port SMLT using the CLI, see “Creating a single port split multilink trunk” on page 460.
Interaction between SMLT and LACP
The Ethernet Routing Switch 8600 fully supports the IEEE 802.3ad Link Aggregation Control Protocol (LACP); this is supported not only on multilink trunks, but also on a pair of SMLT switches.
With this protocol, the Ethernet Routing Switch 8600 provides a standardized external link aggregation interface to third-party vendor IEEE 802.3ad implementations. This protocol extension provides dynamic link aggregation mechanisms. Advantages of this protocol extension include:
• MLT peers and SMLT client devices can be network switches, and can also be any type of server/workstation that supports link bundling through IEEE 802.3ad.
• Single-link and multilink trunk solutions support dual-homed connectivity for more than 350 attached devices, so that you can build dual-homed server farm solutions.
• Nortel tightly coupled the IEEE link aggregation standard with the SMLT solution to provide seamless configuration integration, while also detecting failure scenarios during network setup or operations.
Supported scenarios
SMLT/IEEE link aggregation interaction supports all known SMLT scenarios in which an IEEE 802.3ad SMLT pair can be connected to SMLT clients, or in which two IEEE 802.3ad SMLT pairs can be connected to each other in a square or full mesh topology.
Non-supported scenarios
Some factors leading to failure are:
• Wrong ports connected
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 127
• Mismatched SMLT IDs assigned to SMLT client: SMLT switches can detect if SMLT IDs are not consistent. The SMLT aggregation switch, which has the lower IP address, does not allow the SMLT port to become a member of the aggregation, thus avoiding misconfigurations.
• SMLT client switch does not have automatic aggregation enabled (LACP disabled): SMLT aggregation switches can detect that aggregation is not enabled on the SMLT client, thus no automatic link aggregation is established until the configuration is resolved.
• Single CPU failures: In the case of a CPU failure in a system with only one switch fabric, the LACP on the other switch (or switches) detects the remote failure and triggers all links connected to the failed system to be removed from the link aggregation group. This process allows failure recovery for the network along a different network path.
SMLT network design considerations
If you use LACP in a square SMLT topology, LACP must have the same keys for that SMLT LAG; otherwise, the aggregation can fail if a switch failure occurs.
Use the following procedure when designing and configuring a SMLT network (for more information, see Network Design Guidelines).
1 Define a separate VLAN for the IST protocol:
config mlt 1 ist create ip <value> vlan-id <value>
2 Disable CP-Limit on the IST ports:
config ethernet <slot|port> cp-limit disable
3 Keep CP-Limit enabled on the split multilink trunk ports and change multicast-limit value to 6000:
config ethernet <slot|port> cp-limit enable multicast-limit 6000
4 Disable loop detect on split multilink trunk ports:
config ethernet <slot|port> loop-detect disable
Note: Only dual-homed devices will benefit from this enhancement.
Configuring VLANs, Spanning Tree, and Link Aggregation
128 Chapter 1 Layer 2 operational concepts
5 Enable tagging on split multilink trunk links:
config ethernet <slot/port> perform-tagging enable
6 Enable dropping of untagged frames on split multilink trunk links:
config ethernet <slot/port> untagged-frames-discard enable
SMLT and SLPP
Do not enable Simple Loop Prevention Protocol (SLPP) on all the ports of a square, partial, or full mesh split multilink trunk core. SLPP can be enabled on other non-SMLT ports of the core. For more information about SLPP, see “Simple Loop Prevention Protocol” on page 130.
SMLT and IP routing
This section describes SMLT and IP routing interactions and includes the following topics:
• “SMLT and Virtual Router Redundancy Protocol”
• “VRRP BackupMaster” on page 129
• “Routed SMLT (RSMLT)” on page 130
SMLT and Virtual Router Redundancy Protocol
Using VRRP, you can have one active primary router per IP subnet, with all other network VRRP interfaces operating in backup mode.
VRRP, when used with SMLT, becomes less efficient. Users that access switches aggregated into two Split-MLT switches send their shared traffic load (based on source and destination MAC or IP addresses) on all uplinks towards the SMLT aggregation switches.
VRRP, however, has only one active routing interface enabled. All other interfaces are in backup (standby) mode. In this case, all traffic is forwarded over the IST link towards the primary VRRP switch. Potentially, all traffic that arrives at the VRRP backup interface is forwarded, so there is not enough bandwidth on the IST link to carry all the aggregated riser traffic. However, an enhancement to VRRP overcomes this issue by ensuring that the IST trunk is not used in such a case for primary data forwarding.
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 129
VRRP BackupMaster
If enabled, the VRRP BackupMaster acts as an IP router for packets destined for the logical VRRP IP address. Thus, all traffic is directly routed to the subnetwork it is destined for, and not Layer 2 switched to the VRRP master. This eliminates a potential limitation in the available interswitch trunk bandwidth.
When using SMLT with routing on SMLT aggregation switches, Nortel recommends that you use VRRP for default gateway redundancy. In a VRRP environment, usually one switch is active and the other is backup. For SMLT, an active-active concept can be used by enabling VRRP BackupMaster. The VRRP BackupMaster router will route traffic that is received on the SMLT VLAN, thus avoiding traffic flow across the interswitch trunk. This provides true load sharing abilities.
The BackupMaster feature provides an additional benefit. Under normal VRRP operation, a hello packet is sent every second. When three hellos are not received, all switches automatically revert to master mode. This results in a 3 second outage. When you are using VRRP in an SMLT environment, and a link goes down, traffic is automatically forwarded to the remaining ports configured for SMLT VRRP BackupMaster. Because both switches are processing traffic, the node immediately recognizes the VRRP state change, so there is faster failure recovery (less than 1 second).
The following sections describe a few guidelines to follow when using VRRP BackupMaster with SMLT:
• The VRRP virtual IP address and the VLAN IP address cannot be the same.
• Configure the hold-down timer for VRRP to a value that is approximately 150 percent of the IGP (Interior Gateway Protocol, such as RIP or OSPF) convergence time to allow the IGP enough time to reconverge following a failure. That is, if OSPF takes 40 seconds to reconverge, set the holddown timer to 60 seconds.
Note: To avoid potential frame duplication problems, the VRRP BackupMaster feature for SMLT can only be used on interfaces that are defined for SMLT. It cannot be used in conjunction with hubs to avoid frame duplication. Also, it cannot be used on brouter or VLAN interfaces.
Configuring VLANs, Spanning Tree, and Link Aggregation
130 Chapter 1 Layer 2 operational concepts
• Stagger the hold-down timers with ARP requests. This means that the Ethernet Routing Switch 8600 will not have to run ARP at the same time, causing excess CPU load. For example, if one node has the hold-down timer set for 60 seconds, you can set the other to 65 seconds.
• Enable hold-down times on both VRRP sides (Master and BackupMaster).
Routed SMLT (RSMLT)
SMLT subsecond failover benefits are only supported in Layer 2 networks. When routing is involved, depending on the specific routing protocol, this convergence time can cause network interruptions ranging from seconds to minutes.
The Nortel RSMLT feature extends the subsecond failover benefit to core topologies by providing an active-active router concept to core SMLT networks.
Supported scenarios are split multilink trunk triangle, square, and full mesh topologies, with routing enabled on the core VLANs.
Routing protocols can be any of the following protocol types: IP Unicast Static Routes, RIP1, RIP2, OSPF, BGP and IPX RIP.
In the case of core router failures, RSMLT provides packet forwarding, thus eliminating dropped packets during the routing protocol convergence.
For detailed information about RSMLT, see Configuring IP Routing Operations.
Simple Loop Prevention Protocol
Simple Loop Prevention Protocol (SLPP) is used at the edge of a network to prevent loops in a SMLT network if Spanning Tree is not used. SLPP is focused on SMLT networks; however, it also works with other configurations. Logical loops can occur in SMLT networks because of the following:
• misconfigurations (for example, when SMLT client devices are erroneously directly connected together)
• MLT is not operating correctly (for example, when a switch is connected to the network using the default configuration without any MLT settings)
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 131
• problems with the edge switch (for example, when MLT or some other form of link aggregation is not working)
You can detect loops with SLPP. You can also use the Ethernet Routing Switch 8600 Loop Detection feature (see “Configuring VLAN Loop Detection” on page 173).
Loop detection is achieved by detecting if a SLPP test packet—called a SLPP-packet data unit (SLPP-PDU)— is received on a peering split multilink trunk switch port or on the same switch from which it originated. If the packet is received by the originating switch, or by a peer aggregation switch on the same VLAN, the port is disabled.
When you configure and enable SLPP, the switch control processor (CP) sends a SLPP-PDU to the VLAN. If there is a loop on the VLAN, the SLPP-PDU eventually returns to the originating port and is received by the CP. The CP disables that port, and a message appears on the console to describe the reason. After a port is disabled, it remains disabled, and manual intervention is required to reenable the port. The port auto-enable feature can be used to reenable the port after a predefined interval.
Figure 33 on page 131 shows the fields of an SLPP-PDU. The destination address (DA) is the switch MAC address with the multicast bit set; the source address (SA) is the switch MAC address; the protocol ID (PID) default is 0x8104 and is user configurable; and the payload contains three fields: (1) SLPP protocol version (one byte), (2) reserved (one byte), (3) VLAN ID (two bytes).
Figure 33 SLPP frame
There are several factors to keep in mind when you use SLPP:
• SLPP-BPUs are forwarded on a per VLAN basis.
• SLPP-PDU reception and processing only operates on a port if SLPP-Rx is enabled on that port.
• SLPP-PDUs are automatically forwarded on all ports of the VLANs that are configured for SLPP.
Configuring VLANs, Spanning Tree, and Link Aggregation
132 Chapter 1 Layer 2 operational concepts
• The SLPP-PDU destination MAC address is the switch MAC address (with the multicast bit set) while the source MAC address is the switch MAC address.
• The SLPP-PDU is sent out as a multicast packet and is constrained to the VLAN on which it is sent.
• The SLPP-PDU payload contains the VLAN ID; a separate SLPP-PDU is sent for each VLAN.
• The SLPP-PDU packet transmission interval default is 500 milliseconds and is configurable from 500 to 5000 milliseconds.
• When a SLPP-PDU is received on a port that is a member of a multilink trunk, all port members in that multilink trunk are disabled if SLPP-Rx is enabled on all port members. If all port members do not have SLPP-Rx enabled, only those that have SLPP-Rx enabled are disabled.
• The SLPP-PDU can be received by the originating CP or the peer SMLT CP. All other switches treat the SLPP-PDU as a normal multicast packet, ignore it, and forward it to the VLAN.
• SLPP-PDU transmission and reception only operates on ports for which STP is in forwarding state (if STP is enabled on one switch in the path).
• You must enable SLPP packet receive on a per-port basis to detect a loop:
— SLPP packet reception should only be enabled on SMLT access ports. It should never be enabled on SMLT IST ports, nor should it be enabled on any SMLT square or full mesh core ports.
— By default, the SLPP packet receive threshold is set to 1 second. It is configurable from 1 to 20 seconds.
— Vary the SLPP packet receive threshold between the two core SMLT switches so that if a loop is detected, the access ports on both switches does not go down, which avoids SMLT client isolation.
SLPP does not have any hardware requirements or dependencies.
Note: SLPP is port-based, so a port will be disabled if it receives SLPP-BDUs on one or more VLANs on a tagged port. For example, if the SLPP packet receive threshold is set to five, a port is shut down if it receives five SLPP-BDUs from one or more VLANs on a tagged port.
Note: SLPP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
314725-E Rev 00
Chapter 1 Layer 2 operational concepts 133
SLPP does not replace the functionality of Spanning Tree Protocol, but is a supplement to help detect and prevent loops in the SMLT environment. Nortel recommends that you use this feature in a SMLT environment only.
For information about configuring SLPP with the CLI, see “Configuring Simple Loop Prevention Protocol” on page 478. For information about configuring SLPP with Device Manager, see “Configuring Simple Loop Prevention Protocol” on page 290.
Note: The Ethernet Routing Switch 8600 Software Release 4.1 does not support the use of SLPP in an LACP-SMLT environment.
Configuring VLANs, Spanning Tree, and Link Aggregation
134 Chapter 1 Layer 2 operational concepts
314725-E Rev 00
135
Chapter 2Configuring VLANs using Device Manager
This chapter describes how to configure VLANs on an Ethernet Routing Switch 8600 with Device Manager.
This chapter includes the following topics:
For conceptual information about VLANs, see“VLANs” on page 37.
Displaying defined VLANs
To display all defined VLANs, their configurations, and their current status:
➨ From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed, which shows all defined VLANs (Figure 34).
Topic Page
Displaying defined VLANs 135
Configuring port-based VLANs 138
Configuring policy-based VLANs 145
Managing a VLAN 158
Managing VLAN bridging 177
Configuring Enhanced Operation mode 189
Configuring VLANs, Spanning Tree, and Link Aggregation
136 Chapter 2 Configuring VLANs using Device Manager
Figure 34 VLAN—Basic tab
Table 11 describes the VLAN—Basic tab fields.
Table 11 VLAN—Basic tab fields
Field Description
Id VLAN ID for the VLAN.
Name Name of the VLAN.
IfIndex The logical interface index assigned to the VLAN.
Color Identifier A proprietary color scheme to associate a color with the VLAN. Color does not affect how frames are forwarded.
Type Type of VLAN:
• byPort
• byIpSubnet• byProtocolId
• bySrcMac
• bySvlan
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 137
StgId The ID of the spanning tree group to which the VLAN belongs.
PortMembers The slot/port of each possible VLAN member.
ActiveMembers The slot/port of each active VLAN member, including all static members and potential members meeting the policy.
StaticMembers Slot/port of each static (always) member of a protocol-based VLAN.
NotAllowToJoin The slot/ports that are never allowed to become a member of the protocol-based VLAN.
OspfPassiveMembers The slot/ports of each OSPF passive member.
ProtocolId Specify the network protocol for protocol-based VLANs. This value is taken from the Assigned Numbers RFC.
• ip (IP version 4) • ipx802dot3 (Novell IPX on Ethernet 802.3 frames)
• ipx802dot2 (Novell IPX on IEEE 802.2 frames)
• ipxSnap (Novell IPX on Ethernet SNAP frames)• ipxEthernet2 (Novell IPX on Ethernet Type 2 frames)
• appleTalk (AppleTalk on Ethernet Type 2 and Ethernet SNAP frames)
• decLat (DEC LAT protocol)
• decOther (Other DEC protocols)
• sna802dot2 (IBM SNA on IEEE 802.2 frames)• snaEthernet2 (IBM SNA on Ethernet Type 2 frames)
• netBIOS (NetBIOS protocol)
• xns (Xerox XNS)• vines (Banyan VINES)
• ipv6 (IP version 6)
• usrDefined (user-defined protocol)• RARP (Reverse Address Resolution Protocol)
• PPPoE (Point-to-Point Protocol over Ethernet)
Note: if the VLAN type is port-based, None is displayed in the Basic tab ProtocolId field.
SubnetAddr The source IP subnet address (IP subnet-based VLANs only).
SubnetMask The source IP subnet mask (IP subnet-based VLANs only).
Table 11 VLAN—Basic tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
138 Chapter 2 Configuring VLANs using Device Manager
Configuring port-based VLANs
A port-based VLAN is a VLAN in which the ports are explicitly configured to be in the VLAN. For more information about port-based VLANs, see “Port-based VLANs” on page 39.
This section describes how you can create and configure port-based VLANs using the following procedures.
• “Creating a port-based VLAN”
• “Configuring an IP address for a VLAN” on page 142
• “Configuring a network address and encapsulation for a VLAN” on page 144
When creating a VLAN, keep in mind the rules described in “VLAN rules” on page 54.
Creating a port-based VLAN
To create a port-based VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed, which shows all defined VLANs (Figure 34 on page 136).
2 In the Basic tab, click Insert.
The VLAN, Insert Basic box appears (Figure 35 on page 139).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 139
Figure 35 VLAN, Insert Basic box
3 In the Id box, enter an unused VLAN ID, or use the ID provided.
— (Optional) In Name, type the VLAN name, or use the name provided.
Configuring VLANs, Spanning Tree, and Link Aggregation
140 Chapter 2 Configuring VLANs using Device Manager
— (Optional) In Color Identifier, click the down arrow and choose a color from the list, or use the color provided.
4 In the StgId box, type or select the spanning tree group ID of the VLAN.
5 In the Type box, select byPort.
6 In the PortMembers box, click the ellipsis (...).
The VlanPortMembers box appears (Figure 36).
Figure 36 VlanPortMembers
7 Click the ports that are always members. The ports that are selected are recessed, while the non selected ports are not recessed. Port numbers that are dimmed cannot be selected as VLAN port members. (For example, you cannot select ports that do not have the same spanning tree group ID as that of the new VLAN.)
8 Click OK.
The Port Membership box closes and the port members appear in the Insert Basic box.
9 In the VLAN, Insert Basic box, click Insert.
The Insert box closes and the new VLAN is displayed in the Basic tab.
10 In the Basic tab, click Close.
The VLAN is configured and the VLAN box closes.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 141
Table 12 describes the VLAN, Insert Basic fields.
.
Table 12 VLAN, Insert Basic fields
Field Description
Id A value that uniquely identifies the virtual LAN associated with this entry. This value corresponds to the lower 12 bits in the IEEE 802.1Q VLAN tag.
Name An assigned name for this VLAN.
Color Identifier An assigned color code for this VLAN. The value of this object is used by the VLAN Manager GUI tool.
Stg Id Indicates the Spanning Tree Group (STG) used by this VLAN to determine the state of its ports. If this VLAN is not associated with an STG, set StgId to zero. This field is shown only if the switch is in STG mode.
MstpInstance Indicates the MSTP instance for the VLAN. This field is shown only if the switch is in MSTP mode.
Type The type of VLAN, distinguished according to the policy used to define its port membership.
PortMembers The set of ports that are members (static or dynamic) of this VLAN.
StaticMembers The set of ports that are static members of this VLAN. A static member of a VLAN is always active and is never aged out.
NotAllowtoJoin The set of ports that are not allowed to become members of this VLAN.
OspfPassiveMembers The set of ports in the VLAN that are designated as OSPF passive
SubnetAddr The IP subnet address of this VLAN. This value is meaningful only if Type is equal to byIpSubnet. For other VLAN types it must have the value 0.0.0.0.
SubnetMask The IP subnet mask of this VLAN. This value is meaningful only if Type is equal to byIpSubnet. For other VLAN types it must have the value 0.0.0.0.
ProtocolId The protocol identifier of this VLAN. This value is meaningful only if Type is equal to byProtocolId. For other VLAN types it must have the value none.
UserDefinedPid When ProtocolId is set to usrDefined in a protocol-based VLAN, this field represents the 16 bit user defined protocol identifier.
Configuring VLANs, Spanning Tree, and Link Aggregation
142 Chapter 2 Configuring VLANs using Device Manager
Configuring an IP address for a VLAN
To configure an IP address for a VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (Figure 34 on page 136).
2 In the Basic tab, select the VLAN for which you are configuring an IP address.
The VLAN is highlighted.
3 Click IP.
The IP, VLAN box for the selected VLAN appears with the IP Address tab displayed (Figure 37).
Figure 37 IP, VLAN box
4 Click Insert.
Encap This is the encapsulation type for user defined protocol-based VLANs. This is not meaningful for other types of VLANs. The default value is null.
AgingTime The timeout period (in seconds) used for aging out FDB entries of this VLAN.
QosLevel Used to specify the QoS level which packets, carried in this VLAN, should be processed with.
FirewallVlanType The firewall VLAN type for port-based VLANs.
FirewallClusterId Firewall cluster ID.
Table 12 VLAN, Insert Basic fields
Field Description
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 143
The Insert IP Address box appears (Figure 38).
Figure 38 IP, VLAN, Insert IP Address box
5 Enter an IP address and net mask for routing purposes.
6 Click Insert.
The Insert IP box closes and the IP Address and Net Mask appear in the IP, VLAN box.
7 In the IP, VLAN box and the VLAN box, click Close.
The IP subnet-based VLAN is configured.
Table 13 describes the IP, VLAN fields.
Table 13 IP, VLAN field descriptions
Field Description
Interface Identifies the interface to which this entry is applicable.
Ip Address The IP address to which addressing information pertains.
NetMask The subnet mask associated with the IP address of this entry. The value of the mask is an IP address with all the network bits set to 1 and all the hosts bits set to 0.
BcastAddrFormat The IP broadcast address format used on this interface.
ReasmMaxSize The size of the largest IP packets which this entity can reassemble from incoming IP fragmented packets received on this interface.
VlanId Identifies the virtual LAN associated with this entry. This value corresponds to the lower 12 bits in the IEEE 802.1Q VLAN tag.
BrouterPort Indicates whether this entry corresponds to a brouter port (as opposed to a routable VLAN). This value cannot be changed after the row is created.
Configuring VLANs, Spanning Tree, and Link Aggregation
144 Chapter 2 Configuring VLANs using Device Manager
Configuring a network address and encapsulation for a VLAN
To configure an IPX network address and select an encapsulation method:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (Figure 34 on page 136).
2 In the Basic tab, select the VLAN for which you are configuring a network address and encapsulation.
The VLAN is highlighted.
3 Click IPX.
The IPX, VLAN box for the selected VLAN appears with the Addresses tab displayed (Figure 39).
Figure 39 IPX, VLAN—Addresses
4 Click Insert.
The IPX, VLAN, Insert Addresses box appears (Figure 40 on page 145).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 145
Figure 40 IPX, VLAN—Insert Addresses
5 In the NetAddr box, enter a network address for routing.
6 In the Encap box, select an encapsulation method (Ethernet II, SNAP, LLC, or RAW).
7 Click Insert.
The IPX, VLAN, Insert Addresses box closes and the network address and encapsulation method appear in the IPX, VLAN box.
8 In both the IP, VLAN box and the VLAN box, click Close.
The network address and encapsulation method are configured for the VLAN.
Configuring policy-based VLANs
A policy-based VLAN consists of ports that are dynamically added to the VLAN on the basis of the traffic coming into the port. Policy-based VLAN types include:
• Protocol-based
• User-defined protocol-based
• MAC address-based
• IP subnet-based
• sVLAN-based
For information about creating sVLAN-based VLANs, see “Creating an sVLAN” on page 196.
This section describes how you can create and configure policy-based VLANs using the following procedures.
Configuring VLANs, Spanning Tree, and Link Aggregation
146 Chapter 2 Configuring VLANs using Device Manager
• “Creating a source IP subnet-based VLAN” on page 146
• “Creating a protocol-based VLAN” on page 147
• “Configuring user-defined protocol-based VLANs” on page 150
• “Creating a source MAC address-based VLAN” on page 152
Creating a source IP subnet-based VLAN
To create a source IP subnet-based VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the Basic tab, click Insert.
The VLAN, Insert Basic box appears (see Figure 35 on page 139).
3 In the Type box, select byIpSubnet.
4 In the Id box, type the VLAN ID.
5 (Optional) In the Name box, type the VLAN name.
If no name is entered, a default name is created.
6 (Optional) In the Color Identifier box, select the color or use the color provided.
This color is used by VLAN Manager to visually distinguish the VLANs in a network.
7 In the StgId box, select the spanning tree group ID of the VLAN.
8 Specify port membership by clicking the ellipsis (...) for one of the following:
• PortMembers (use this for VLAN by IpSubnet, Protocolid, or SrcMac)
• StaticMembers• NotAllowedToJoin
The VlanPortMembers box appears (Figure 41 on page 147).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 147
Figure 41 VlanPortMembers
9 Click each port to choose the desired color:
• Yellow—Potential members
• Green—Always members, static
• Red—Never members, not allowed to join
10 Click OK.
The Port Membership box closes, and the port members appears in the VLAN, Insert Basic box.
11 In the SubnetAddr box, enter an IP address for the VLAN.
12 In the SubnetMask box, enter an IP subnet mask for the VLAN.
13 In the AgingTime box, enter the timeout period in seconds for aging out the dynamic VLAN member ports, or use the 600 second default.
14 (Optional) In the QosLevel box, select a Quality of Service level (0 to 6).
15 Click Insert.
The VLAN, Insert Basic box closes, and the source IP subnet-based VLAN appears in the Basic tab.
Creating a protocol-based VLAN
To create a protocol-based VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
Note: In a source IP subnet-based VLAN, a potential member becomes an active member of the VLAN when a frame is received from the specified source IP address.
Configuring VLANs, Spanning Tree, and Link Aggregation
148 Chapter 2 Configuring VLANs using Device Manager
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the Basic tab, click Insert.
The VLAN, Insert Basic box appears (see Figure 35 on page 139).
3 In the Type box, select byProtocolId.
4 In the Id box, type the unique VLAN ID, or use the ID provided.
5 (Optional) In the Name box, type the VLAN name, or use the name provided.
6 (Optional) In the Color Identifier box, select the color, or use the color provided.
This color is used by VLAN Manager to visually distinguish the VLANs in a network.
7 In the StgID box, select the spanning tree group ID of the VLAN.
8 To specify the VLAN port membership, click the ellipsis (...) for one of the following fields.
• Port Members
• StaticMembers• NotAllowedToJoin
The VlanPortMembers box appears (see Figure 45 on page 156).
9 In the VlanPortMembers box, click each port button to choose the desired membership color.
• Yellow: Potential members—dynamic (potential members are treated as always members).
• Green: Always members—static
• Red: Never members—not allowed to join
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 149
When you have two VLANs with potential members and you want to move ports from one VLAN to the other, you must first change their port membership to Never. Then you can assign the ports to the other VLAN.
10 Click OK.
The VlanPortMembers box closes and the port members are added to the Insert Basic box.
11 In the ProtocolId box, select a protocol ID.
To configure a non-standard protocol, see “Configuring user-defined protocol-based VLANs” on page 150.
12 In the AgingTime box, specify the timeout period, in seconds, for aging out the dynamic member ports of the VLAN, or use the default of 600 seconds.
13 In the QosLevel box, select a level.
14 Click Insert.
The VLAN, Insert Basic box closes, and the protocol-based VLAN is added to the Basic tab of the VLAN box.
15 Click Close.
The VLAN is configured and the VLAN box closes.
Note: When a protocol-based VLAN is created, all ports in the underlying STG are automatically added as potential members if they are not already members of an existing protocol-based VLAN of the same type.
Note: In a protocol-based VLAN for an Ethernet Routing Switch 8600 module, a potential member becomes an active member of the VLAN when a frame of the specified protocol is received.
Configuring VLANs, Spanning Tree, and Link Aggregation
150 Chapter 2 Configuring VLANs using Device Manager
Configuring user-defined protocol-based VLANs
You can create user-defined protocol-based VLANs in support of networks with non-standard protocols.
To create a user-defined protocol-based VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 On the Basic tab, click Insert.
The VLAN, Insert Basic box appears (see Figure 35 on page 139).
3 In the Type box, select byProtocolId.
4 To specify the VLAN port membership, click the ellipsis (...) for one of the following fields.
• Port Members
• StaticMembers• NotAllowedToJoin
The VlanPortMembers box appears (see Figure 45 on page 156).
5 In the VlanPortMembers box, click each port button to achieve the desired membership color.
• Yellow: Potential members—dynamic.
• Green: Always members—static
• Red: Never members—not allowed to join
6 In the ProtocolId box, select usrDefined.
The UserDefinedPID field becomes editable and the Encap field becomes active (Figure 42 on page 151).
Note: In a user-defined protocol-based VLAN on an Ethernet Routing Switch 8600 module, a potential member becomes an active member when a frame from the specified protocol is received.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 151
Figure 42 VLAN, Insert Basic
7 In the UserDefinedPID box, enter the protocol ID for the protocol in the format 0x (protocol type in hexadecimal).
In the Ethernet Routing Switch 8600 modules, the 16-bit PID assigned to a protocol-based VLAN specifies either an Ethertype, a DSAP/SSAP, or a SNAP PID, depending on whether the frame encapsulation is Ethernet 2, 802.2, or LLC-SNAP, respectively.
The following PIDs are not valid:
• PID0x0000 through 0x05dc: overlaps with the 802.3 frame length
• PIDs of predefined protocols (for example, IP, IPX, AppleTalk)
• PID 0x8100: reserved by 802.1Q to identify tagged frames
Configuring VLANs, Spanning Tree, and Link Aggregation
152 Chapter 2 Configuring VLANs using Device Manager
• PID0x9000: used by the diagnostic loopback frames
• PID0x8808: used by 802.3x pause frames
• PID0x4242: overlaps with the BPDU DSAP/SSAP
8 In the AgingTime box, specify the timeout period, in seconds, for aging out the dynamic member ports of the VLAN, or use the default of 600 seconds.
9 In the QosLevel box, select a level.
10 Click Insert.
The VLAN, Insert Basic box closes, and the protocol-based VLAN is added to the Basic tab of the VLAN box.
11 Click Close.
The non-standard protocol-based VLAN is configured.
Creating a source MAC address-based VLAN
Before creating a source MAC-based VLAN, you must first enable source MAC address-based VLANs in the system.
This section includes the following topics:
• “Enabling source MAC address-based VLANs on the system” on page 152
• “Configuring a source MAC address-based VLAN” on page 154
• “Creating a source MAC address-based VLAN using batch files” on page 157
Enabling source MAC address-based VLANs on the system
To enable source MAC address-based VLANs on the system:
1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis box appears with the System tab displayed.
2 Click the System Flags tab.
The System Flags tab appears (see Figure 43 on page 153).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 153
Figure 43 Chassis, System Flags tab
3 Clear the GlobalFilterEnable check box.
• Global filters are disabled when the GlobalFilterEnable check box is cleared.
Configuring VLANs, Spanning Tree, and Link Aggregation
154 Chapter 2 Configuring VLANs using Device Manager
• Global filters are enabled when the GlobalFilterEnable check box is selected.
4 Click Apply.
5 Select the VlanBySrcMacEnable check box.
• Source MAC-based VLANs are enabled when the GlobalFilterEnable check box is selected.
6 Click Apply.
The Chassis box closes and source MAC address-based VLANs are enabled on the system.
Configuring a source MAC address-based VLAN
Before configuring a source MAC address-based VLAN, you must first enable source MAC address-based VLANs on the system (see “Enabling source MAC address-based VLANs on the system” on page 152).
To configure a source MAC-address-based VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 Click Insert.
The VLAN, Insert Basic box appears (see Figure 35 on page 139).
3 In the Type box, select bySrcMac.
The fields needed to set up source MAC-based VLANs become editable (see Figure 44 on page 155).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 155
Figure 44 VLAN, Insert Basic—bySrcMac
4 In the Id box, enter a unique VLAN ID.
Configuring VLANs, Spanning Tree, and Link Aggregation
156 Chapter 2 Configuring VLANs using Device Manager
5 (Optional) In the Name box, type the VLAN name, or use the one provided.
6 (Optional) In the Color Identifier box, select a color, or use the one provided.
This color is used by VLAN Manager to visually distinguish the VLANs in a network.
7 In the StgId box, click the down arrow, and select a spanning tree group ID for the VLAN.
8 To specify the VLAN port membership, click the ellipsis (...) for one of the following fields:
• Port Members
• StaticMembers• NotAllowedToJoin
The VlanPortMembers box appears (see Figure 45).
Figure 45 VlanPortMembers
9 Click each port to choose the desired color.
• Yellow—Potential members, dynamic.
• Green—Always members, static
• Red—Never members, not allowed to join
10 Click Ok.
The VlanPortMembers box closes, and the selected port members appear in the VLAN, Insert Basic box.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 157
11 In the Aging Time box, specify the timeout period in seconds for aging out the dynamic member ports of the VLAN, or use the default of 600 seconds.
12 (Optional) In the QosLevel box, select a Quality of Service level, or use the default, level 1.
13 Click Insert.
The VLAN, Insert Basic box closes, and the VLAN appears on the Basic tab.
14 On the VLAN Basic tab, select the newly created VLAN.
The VLAN is highlighted.
15 Click Mac.
The MAC, VLAN box appears.
16 Click Insert.
The Insert MAC VLAN box appears.
17 In the MacAddr box, specify a source MAC address for the VLAN.
18 Click Insert.
The Insert MAC VLAN box closes and the MAC address appears in the MAC, VLAN box.
19 Click Close.
The MAC, VLAN and VLAN boxes close, and the Source MAC address-based VLAN is configured.
Creating a source MAC address-based VLAN using batch files
Before configuring a source MAC address-based VLAN, you must first enable source MAC address-based VLANs on the system (see “Enabling source MAC address-based VLANs on the system” on page 152).
Note: In a source MAC-based VLAN, a potential member becomes an active member of the VLAN when a frame with the specified source MAC address is received.
Configuring VLANs, Spanning Tree, and Link Aggregation
158 Chapter 2 Configuring VLANs using Device Manager
To create a source MAC address-based VLAN using batch files:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the VLAN Basic tab, select a source MAC address-based VLAN.
The VLAN is highlighted.
3 Click Mac.
The MAC, VLAN box appears.
4 Click File.
The Edit MAC VLAN box appears.
5 Do one of the following:
• To add a MAC address from a file, select Add From File and use the selection box to browse for the file location.
• To save a MAC address to a file, select it, select Save to File, and use the selection box to browse for a save location.
• To delete a MAC address, select it, and select Delete Members on Device.
6 Click Close.
The Edit MAC box closes.
7 Click Close in the MAC VLAN, and VLAN boxes.
The source MAC address-based VLAN is configured.
Managing a VLAN
After you have configured a VLAN, you may wish to enable features to improve VLAN performance. This section describes how to configure advanced VLAN operations, such as forwarding, MAC address auto-learning, and Loop Detection.
This section includes the following topics:
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 159
• “Changing VLAN port membership”
• “Configuring advanced VLAN features” on page 160
• “Configuring VLAN forwarding” on page 163
• “Configuring a VLAN to accept tagged or untagged frames” on page 165
• “Configuring Untagging Default VLAN on a Tagged Port” on page 169
• “Configuring MAC address auto-learning on a VLAN” on page 170
• “Modifying auto-learned MAC addresses” on page 172
• “Configuring VLAN Loop Detection” on page 173
• “Configuring directed broadcast on a VLAN” on page 175
Changing VLAN port membership
To change VLAN port membership:
1 On the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tag displayed (see Figure 34 on page 136).
2 Double-click the PortMember number for the VLAN whose ports you want to change.
The PortMembers box appears (Figure 46 on page 160).
Note: After you create a VLAN, you cannot change the VLAN type. You must first delete the VLAN, and then create a new VLAN of a different type.
Configuring VLANs, Spanning Tree, and Link Aggregation
160 Chapter 2 Configuring VLANs using Device Manager
Figure 46 PortMembers box
3 Click the port members you wish to add or remove.
4 Click Ok.
The Port Member box closes and the changes appear in the Basic tab.
5 Click Apply.
The VLAN’s port membership is changed and the VLAN box closes.
Configuring advanced VLAN features
The Advanced tab contains information which can be useful in troubleshooting—VlanOperationAction can be especially useful.
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 Click the Advanced tab.
The Advanced tab appears (Figure 47 on page 161).
3 Configure the parameters as required.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 161
Figure 47 VLAN—Advanced tab
Table 14 describes the VLAN—Advanced tab fields.
Table 14 VLAN—Advanced tab fields
Field Description
Id The VLAN ID.
Name The name of the VLAN.
IfIndex The logical interface index assigned to the VLAN.
Type Type of VLAN: • byPort
• byIpSubnet
• byProtocolId
• bySrcMac • bySvlan
• byIds
Configuring VLANs, Spanning Tree, and Link Aggregation
162 Chapter 2 Configuring VLANs using Device Manager
ProtocolId Specify the network protocol for protocol-based VLANs. This value is taken from the Assigned Numbers RFC.
• ip (IP version 4) • ipx802dot3 (Novell IPX on Ethernet 802.3 frames)
• ipx802dot2 (Novell IPX on IEEE 802.2 frames)
• ipxSnap (Novell IPX on Ethernet SNAP frames)• ipxEthernet2 (Novell IPX on Ethernet Type 2 frames)
• appleTalk (AppleTalk on Ethernet Type 2 and Ethernet SNAP frames)
• decLat (DEC LAT protocol)
• decOther (Other DEC protocols)
• sna802dot2 (IBM SNA on IEEE 802.2 frames)• snaEthernet2 (IBM SNA on Ethernet Type 2 frames)
• netBIOS (NetBIOS protocol)
• xns (Xerox XNS)• vines (Banyan VINES)
• ipv6 (IP version 6)
• usrDefined (user-defined protocol)• RARP (Reverse Address Resolution protocol)
• PPPoE (Point-to-point protocol over Ethernet)
Note: if the VLAN type is port-based, None is displayed in the Basic tab ProtocolId field.
Encap Specifies the encapsulation method. Values are:
• Ethernet II• SNAP
• LLC
• RAW
AgingTime The timeout period in seconds for aging out the dynamic member ports of policy-based VLANs.
MacAddress The MAC address assigned to the virtual router interface for this VLAN. This field is relevant only when the VLAN is configured for routing. This MAC address is used as the Source MAC in routed frames, ARP replies, or RIP and OSPF frames.
Table 14 VLAN—Advanced tab fields (continued)
Field Description
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 163
Configuring VLAN forwarding
The VLAN Forwarding tab configures filtering for the VLAN.
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 Click the Forwarding tab.
The Forwarding tab appears (Figure 48 on page 164).
Vlan Operation Action
One of the following VLAN-related actions:
• flushMacFdb—flush MAC forwarding table for VLAN
• flushArp—flush ARP table for VLAN• flushIp—flush IP route table for VLAN
• flushDynMemb—flush dynamic VLAN port members
• all—flush all tables for VLAN• flushSnoopMem—flush dynamically learned multicast group
membership
• triggerRipUpdate—set automatic triggered updates for RIP• flushSnoopMRtr—flush learned multicast router ports
Result Result code for action.
UserDefinedPid Specifies the 16-bit user-defined network protocol identifier when the ProtocolID field is set to usrDefined for a protocol-based VLAN type.
UserPriority User-assigned priority level.
QosLevel User-assigned Quality of Service level.
FirewallVlanType The firewall VLAN type for port-based VLANs.
FirewallClusterId Firewall cluster ID.
Table 14 VLAN—Advanced tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
164 Chapter 2 Configuring VLANs using Device Manager
Figure 48 VLAN—Forwarding tab
Table 15 describes the fields in the Forwarding tab, as well as those displayed by clicking the Filter button.
3 Click Filter.
The VLAN, Forwarding—Filter tab appears (Figure 49 on page 165).
Table 15 VLAN—Forwarding tab
Field Description
Address An address for which the filter has forwarding or filtering information.
VlanId The ID of the VLAN.
Port The port number.
Monitor Select true or false to copy packets with a MAC address in the source or destination field. Used with port mirroring.
QoSLevel User-assigned Quality of Service level.
SmltRemote Specifies whether you want to use split multilink trunking.
Status Values include:
• self—one of the bridge addresses
• learned—a learned entry that is being used• mgmt—a static entry
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 165
Figure 49 VLAN, Forwarding—Filter tab
4 Configure the filter.
5 Click Filter.
Configuring a VLAN to accept tagged or untagged frames
Perform the following steps to configure a VLAN to accept tagged or untagged frames from a port:
1 In the Device Manager main window, select the port.
The port is highlighted.
2 From the Device Manager menu bar, choose Edit > Port > General.
The Port box appears with the Interface tab displayed (see Figure 50 on page 166).
Configuring VLANs, Spanning Tree, and Link Aggregation
166 Chapter 2 Configuring VLANs using Device Manager
Figure 50 Port—Interface tab
3 Click the VLAN tab.
The VLAN tab appears (Figure 51 on page 167).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 167
Figure 51 Port—VLAN tab
4 To configure tagging on the port, select the PerformTagging check box. This setting is applied to all VLANs associated with the port.
If the check box is selected, tagging is enabled. All frames sent from this port are tagged. You can either discard the tagged frames (go to step 5) or forward them to a VLAN (go to step 6).
• If the check box is cleared, tagging is disabled. The port does not send tagged frames. The switch removes the tag before sending the frame out of the port. You can either discard the untagged frames (go to step 5) or forward them to a VLAN (go to step 6).
5 Do one of the following:
• To discard tagged frames on a port for which tagging is disabled, select DiscardTaggedFrames.
Note: When you enable tagging on an untagged port, the previous configuration of VLANs, STGs, and MLTs is lost for that port. In addition, the port resets and runs Spanning Tree Protocol, thus breaking connectivity while the protocol goes through the usual blocking and learning states before the forwarding state.
Configuring VLANs, Spanning Tree, and Link Aggregation
168 Chapter 2 Configuring VLANs using Device Manager
• To discard untagged frames on a port for which tagging is enabled, select DiscardUntaggedFrames.
6 To designate a default VLAN to associate with discarded frames, enter a VLAN ID in the Default VLAN ID box (or use the default VLAN 1).
7 Click Apply > Close.
Tagging is configured for the port.
Table 16 describes the Port—VLAN tab fields.
Note: To optimize performance, on untagged ports in configurations in which you do not expect to see tagged frames, set DiscardTaggedFrames to true. However, on untagged ports for interconnecting switches, set DiscardTaggedFrames to false.
Table 16 Port—VLAN field descriptions
Field Description
SvlanPortType Sets the stacked VLAN (sVLAN) port type:
normal (default) uni (User-to-Network Interface) You must configure ports to which you want to provide VLAN transparency as UNI ports. UNI ports can only belong to one sVLAN. When you designate a port as a UNI port, the DiscardTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN). This prevents traffic from leaking to other VLANs.
nni (Network-to-Network Interface) NNI ports interconnect the switches in the core network, drop untagged frames on ingress, and insert the sVLAN tag at the egress. When you configure an NNI port, the DiscardUnTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN). Before configuring a port as uni or nni, you must change the switch level to 1 or above (VLAN > SVLAN > Level).
PerformTagging Enable or disable the port on the current VLAN to perform tagging
VlanNames Identifies which VLANs this port is assigned. Each VLAN ID is stored as a two octet value. The first octet in the pair holds bits 15 to 8 of the VLAN ID, the second octet holds bits 7 to 0 of the VLAN ID.
DiscardTaggedFrames Determines how to process tagged frames received on this access port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are processed normally.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 169
Configuring Untagging Default VLAN on a Tagged Port
The Untagging Default VLAN on a Tagged Port feature separates untagged packets originating from a PC from the tagged packets originating from an IP phone.
For more information about this feature, see “Untagging Default VLAN on a Tagged Port feature” on page 50.
To enable this feature with Device Manager:
1 In Device Manager, select a port.
2 Right-click and choose Edit > Port > General.
The Port box appears.
3 Click the VLAN tab (Figure 52 on page 170).
4 Select UntagDefaultVlan.
5 Click Apply.
DiscardUntaggedFrames Determines how to process untagged frames received on this tagged port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are assigned to the VLAN specified by the DefaultVlanId.
UntagDefaultVLAN Enables or disables egress tagging on the default VLAN of the port.
DefaultVlanId The VLAN ID assigned to untagged frames received on this trunk port.This field is meaningless when the port is not a trunk port.
LoopDetect Enables loop detection.
ArpDetect Enables or disables the ARP loop detection feature on this port. If a loop is detected, the port is disabled. For more information about this feature, see Configuring IP Routing Operations.
LoopDetectAction This value is used to specify the action which needs to be taken once a MAC loop is detected on a specific port. They include portDown, vlanBlock, and macDiscard.
Table 16 Port—VLAN field descriptions (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
170 Chapter 2 Configuring VLANs using Device Manager
Figure 52 VLAN—UntagDefaultVlan
Configuring MAC address auto-learning on a VLAN
You can use MAC address auto-learning to define VLAN ports that you want to automatically learn MAC addresses.
To configure MAC address learning for a VLAN:
1 From the Device Manager menu bar, choose VLAN > MAC Learning.
The VLanMacLearning box appears with the Manual Edit tab displayed (Figure 53).
Figure 53 VLanMacLearning—Manual Edit tab
2 Click Insert.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 171
The VLAN MAC Learning, Insert Manual Edit box appears (Figure 54).
Figure 54 VLanMacLearning, Insert Manual Edit box
3 In the Address box, enter the source MAC address.
4 In the Ports box, click the ellipsis (...).
The BridgeManualEditPorts box appears and shows the available ports (Figure 55).
Figure 55 BridgeManualEditPorts box
5 Click the ports you want to configure to use VLAN MAC learning, and then click Ok.
The BridgeManualEditPorts box closes and the port numbers are added to the Insert Manual Edit box.
6 Click Insert.
The Insert Manual Edit box closes and the MAC address and ports are added to the VLAN MAC Learning Manual Edit box.
7 Click Close.
VLAN MAC learning is configured and the box closes.
Configuring VLANs, Spanning Tree, and Link Aggregation
172 Chapter 2 Configuring VLANs using Device Manager
Table 17 describes the Insert Manual Edit tab fields.
Modifying auto-learned MAC addresses
Use the Auto Learn tab to change a MAC address that was automatically learned to one that can be manually edited.
To modify a MAC address that was automatically learned:
1 On the Device Manager menu bar, choose VLAN > MAC Learning.
The VlanMacLearning box appears with the Manual Edit tab displayed (see Figure 53 on page 170).
2 Click the Auto Learn tab.
The Auto Learn tab appears and shows automatically learned MAC addresses (Figure 56).
Figure 56 VLanMacLearning—Auto Learn tab
3 Double-click in the Auto Learn Action field on the address you want to change, and select ConvertToManualEdit from the list.
4 Click Apply.
The Auto Learn Action is changed.
Table 17 VLAN MAC Learning—Insert Manual Edit tab fields
Field Description
Address The source MAC address of an entry.
Ports The allowed ports on which the MAC address of this entry are learned.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 173
Table 18 describes the VLAN Auto Learn tab fields.
Configuring VLAN Loop Detection
On a per-port basis, the Loop Detection feature detects MAC addresses that are looping from one port to other ports. After a loop is detected, the port on which the MAC addresses were learned is disabled. Additionally, if a MAC address is found to loop, the MAC address is disabled for that VLAN.
You can also use Simple Loop Prevention Protocol to detect VLAN loops (see “Simple Loop Prevention Protocol” on page 130).
For information about the Loop Detection feature, see “VLAN Loop Detection” on page 65.
To configure Loop Detection using Device Manager, do the following:
1 In Device Manager, select a port and right-click.
A menu appears.
2 Select Edit General, and then click the VLAN tab.
Table 18 VLAN Auto Learn tab fields
Field Description
Address The source MAC address of the auto-learned entries.
Port The port where the MAC address was learned.
Auto Learn Action This field is for converting an auto-learned MAC address entry to a manual edit MAC address entry. The variable provides a mechanism for you to move a MAC address entry from the auto-learned table to the Manual Edit table.
Settings:• None
• convertToManualEdit
Note: The Loop Detection feature must only be enabled on SMLT ports, and never used on IST ports or core SMLT square or full mesh ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
174 Chapter 2 Configuring VLANs using Device Manager
The VLAN tab appears (Figure 57). Table 16 on page 168 describes the fields in the VLAN tab.
Figure 57 Port—VLAN loop detect
3 Select the LoopDetect check box.
4 In the LoopDetectAction box, select the action to be taken if a loop is detected.
5 Click Apply.
6 To view loop detection information, click Loop Detect.
The Loop Detected tab appears (Figure 58 on page 175), showing loop detection information.
Note: Nortel recommends that you select portDown as opposed to a VLAN shutdown (vlanBlock). If vlanBlock is selected, the VLAN is shut down, not the port. The access switch continues to forward traffic to the port. If portDown is selected, then the access switch recovers by detecting the failed link.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 175
Figure 58 Loop Detected
Table 19 describes the LoopDetected fields.
Configuring directed broadcast on a VLAN
You can enable or disable directed broadcast traffic forwarding for an IP interface on the Direct Broadcast tab.
To configure directed broadcast for a VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 Select a VLAN.
The VLAN is highlighted.
3 Click IP.
Table 19 LoopDetected dialog box parameters
Field Description
PortIndex Port number.
VlanId The assigned ID of the VLAN.
Value Specifies that a loop has been detected (yes), or that no loop has been detected (no).
Configuring VLANs, Spanning Tree, and Link Aggregation
176 Chapter 2 Configuring VLANs using Device Manager
The IP, VLAN box appears with the IP Address tab displayed (Figure 37 on page 142).
4 Click the Direct Broadcast tab.
The Direct Broadcast tab appears (Figure 59).
Figure 59 IP, VLAN—Direct Broadcast tab
5 Select DirectBroadcastEnable.
• If selected, IP-directed broadcasts are enabled.
• If cleared, IP-directed broadcasts are suppressed.
6 Click Apply, and then click Close.
Directed broadcast is configured for the VLAN.
Note: Multiple VLANs or IPs in the same subnet but in different switches must be configured simultaneously.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 177
Table 20 describes the Direct Broadcast tab.
Managing VLAN bridging
Bridging occurs at Layer 2 of the Open Systems Interconnect (OSI) model, in which only the MAC address in the packet header is considered when forwarding. With the Ethernet Routing Switch 8600, all bridging is done within the context of a VLAN, in which each VLAN has its own bridging configuration and forwarding table.
This section includes the following topics:
• “Configuring the forwarding database timeout” on page 178
• “Viewing the forwarding database for a specific VLAN” on page 179
• “Clearing learned MAC addresses from the forwarding database” on page 180
• “Configuring static forwarding” on page 183
• “MAC-layer bridge packet filtering” on page 185
• “Configuring a MAC-layer bridge filter” on page 186
• “Configuring the Global MAC filter” on page 189
Table 20 IP, VLAN Direct Broadcast tab
Field Description
DirectBroadcastEnable If enabled, an Isolated Routing Port (IRP) can forward directed broadcast traffic. A directed broadcast is a frame sent to the subnet broadcast address on a remote IP subnet. By disabling or suppressing directed broadcast on an interface, all frames sent to the subnet broadcast address for a local router interface are dropped. Disabling this function protects a host from possible denial of service (DOS) attacks.Note: This feature is enabled by default. With the feature enabled, the CPU does not receive a copy of the directed broadcast. As a result, the switch does not respond to a subnet broadcast ping sent from a remote subnet.
Configuring VLANs, Spanning Tree, and Link Aggregation
178 Chapter 2 Configuring VLANs using Device Manager
Configuring the forwarding database timeout
To configure the forwarding database (FDB) timeout:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 Select a VLAN, and then click Bridge.
The Bridge, VLAN box appears with the FDB Aging tab displayed (Figure 60).
Figure 60 Bridge, VLAN—FDB Aging tab
3 In the FdbAging box, enter an interval, in seconds, for aging out dynamically learned forwarding information, or keep the default (300 seconds).
4 Click Apply and then click Close.
Your changes are applied and the Bridge, VLAN box closes.
Table 21 describes the Bridge VLAN—FDB Aging tab fields.
Table 21 Bridge VLAN—FDB Aging tab fields
Field Description
FdbAging The timeout period (in seconds) used for aging out FDB entries of this VLAN.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 179
Viewing the forwarding database for a specific VLAN
The Forwarding tab shows the forwarding database for the VLAN and contains unicast information about bridge forwarding or filtering. This information is used by transparent bridging to determine how to forward a received frame.
To view all entries in the forwarding database, for a specific VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (Figure 34 on page 136).
2 Select a VLAN and click Bridge.
The Bridge, VLAN box appears with the FDB Aging tab displayed (see Figure 60 on page 178).
3 Click the Forwarding tab.
The Bridge, VLAN—Forwarding tab appears (Figure 61).
Figure 61 Bridge, VLAN—Forwarding tab
Table 22 describes the Bridge, VLAN—Forwarding tab fields.
Table 22 Bridge, VLAN—Forwarding tab fields
Field Description
Address A unicast MAC address for which the bridge has forwarding or filtering information.
VlanId The ID of the VLAN.
Configuring VLANs, Spanning Tree, and Link Aggregation
180 Chapter 2 Configuring VLANs using Device Manager
Clearing learned MAC addresses from the forwarding database
For troubleshooting, you need to manually flush the bridge forwarding database of learned MAC addresses.
You can perform this procedure for all MAC addresses as described in the following sections:
• “Clearing learned MAC addresses by VLAN”
• “Clearing learned MAC addresses for all VLANs by port” on page 181
Clearing learned MAC addresses by VLAN
To clear the forwarding database of learned MAC addresses for a VLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the VLAN box, click the Advanced tab.
The Advanced tab appears (Figure 62 on page 181).
Port Either a value of zero (0) or the port number of the port on which a frame having the specified MAC address was seen. A value of 0 indicates a self-assigned MAC address.
Monitor Select true or false to copy packets with a MAC address in the source or destination field. Used with port mirroring.
QosLevel Quality of Service level.
SmltRemote Specifies whether you want to use SMLT.
Status Values include:
• self—one of the bridge addresses• learned—a learned entry that is being used
• mgmt—a static entry
Table 22 Bridge, VLAN—Forwarding tab fields (continued)
Field Description
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 181
Figure 62 VLAN—Advanced
3 Double-click in the VLAN Operation Action field, and choose FlushMacFdb from the list.
4 Click Apply.
The VLAN is set for flushing the bridge forwarding database.
Clearing learned MAC addresses for all VLANs by port
To clear learned MAC addresses from the forwarding database for all VLANs by port:
1 From the Device Manager main window, select a port.
The port is highlighted.
2 From the menu bar, choose Edit > Port > General.
The Port box appears with the Interface tab displayed (see Figure 63 on page 182).
Configuring VLANs, Spanning Tree, and Link Aggregation
182 Chapter 2 Configuring VLANs using Device Manager
Figure 63 Port—Interface, FlushMacFDB
3 In the Action box, select FlushMacFdb.
4 Click Apply.
All learned MAC addresses are cleared from the forwarding database (FDB) for VLANs associated with this port.
5 Click Close.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 183
Configuring static forwarding
The Static tab contains static forwarding information configured by local or network bridge management. The information is used to specify the set of ports that are allowed to forward frames.
Entries are valid for unicast and for group/broadcast addresses.
To configure forwarding information:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the VLAN box, select a VLAN and then click Bridge.
The Bridge, VLAN box appears (see Figure 60 on page 178).
3 Click the Static tab.
The Static tab is displayed (Figure 64).
Figure 64 Bridge, VLAN—Static tab
4 In the Static tab, click Insert.
The Bridge, VLAN Insert Static box appears (Figure 65 on page 184).
Configuring VLANs, Spanning Tree, and Link Aggregation
184 Chapter 2 Configuring VLANs using Device Manager
Figure 65 Bridge, VLAN—Insert Static box
5 In the MacAddress box, enter a forwarding destination MAC address.
6 In the Port box, click the ellipsis (...).
The BridgeStaticPort box appears (Figure 66).
Figure 66 BridgeStaticPort
7 Select the port on which the frame is received.
8 Click Ok.
The Bridge Static Port box closes and the selected port appears in the Insert Static box.
9 To copy packets with a MAC address in the source or destination field, select Monitor.
10 In the QoS box, select a Quality of Service level, or keep the default, level 1. Note that Level 7 is reserved for network control traffic.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 185
11 Click Insert.
The Insert Static box closes and the static information appears in the Bridge, VLAN Static tab.
12 Click Close.
The static forwarding information is configured, and the Bridge VLAN box closes.
Table 23 describes the bridge, VLAN static fields.
MAC-layer bridge packet filtering
To perform MAC-layer bridging, the switch must know the destination MAC-layer address of each device on each attached network so it can forward packets to the appropriate destination. MAC-layer addresses are stored in the bridging table, and you can filter packet traffic based on the destination MAC-layer address information.
Table 23 Bridge VLAN static fields
Field Description
MacAddress The destination MAC address in a frame to which the forwarding information for this entry applies. This object can take the value of a unicast address.
Port The port number of the port on which the frame is received.
Monitor Setting to copy packets with a MAC address in the source or destination field. Used with port mirroring. In Static tab, display = true or false.
QosLevel Quality of Service level.
Status Specifies the status of this entry. Select one of the following values:• permanent—in use and remains so after the next bridge reset. This
is the default value.
• deleteOnReset—in use and remains so until the next bridge reset.• deleteOnTimeout—currently in use and remains so until it is aged.
• other—in use but the conditions under which it remains so are different from other values.
Configuring VLANs, Spanning Tree, and Link Aggregation
186 Chapter 2 Configuring VLANs using Device Manager
For MAC address filtering, the Ethernet Routing Switch 8600 supports Bridge Management Information Base (MIB) filtering (RFC 1493). The number of MAC filters is limited to 100. You can create a filter entry in much the same way as you create a static MAC entry, by entering a MAC address and the port on which it resides. In the MAC filter record, you can also specify ports to discard source or destination packets for the MAC address on a port.
Global MAC filtering eliminates the need for configuring multiple per-VLAN filter records for the same MAC. It provides the ability to discard a list of MAC addresses, globally, on the switch. By using a global list you do not have to configure a MAC per VLAN.
Configuring a MAC-layer bridge filter
To configure a MAC layer bridge filter:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN box appears with the Basic tab displayed (see Figure 34 on page 136).
2 In the VLAN box, select a VLAN and click Bridge.
The Bridge, VLAN box appears (see Figure 60 on page 178).
3 Click the Filter tab.
The Filter tab appears (Figure 67).
Figure 67 Bridge, VLAN—Filter tab
4 Click Insert.
The Bridge, VLAN Insert Filter box appears (Figure 68 on page 187).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 187
Figure 68 Bridge, VLAN—Insert Filter box
5 In the MacAddress box, enter the MAC address used to match the destination address of incoming packets.
6 In the Port box, click the ellipsis (...).
The BridgeFilterPort box appears (Figure 69).
Figure 69 BridgeFilterPort
7 Click the port on which this MAC address is found, and then click OK.
The BridgeFilterPort box closes and the port is added to the Port box on the Bridge, VLAN, Insert Filter box.
8 In the SrcDiscard box, click the ellipsis (...).
The BridgeFilterSrcDiscard box appears (Figure 70 on page 188).
Configuring VLANs, Spanning Tree, and Link Aggregation
188 Chapter 2 Configuring VLANs using Device Manager
Figure 70 BridgeFilterSrcDiscard box
9 Click the ports from which you do not want packet traffic received by this MAC address, and then click Ok.
The box closes and the ports are added to the SrcDiscard field in the Bridge, VLAN, Insert Filter box.
10 In the DestDiscard box, click the ellipsis (...).
The BridgeFilterDestDiscard box appears (Figure 71).
Figure 71 BridgeFilterDestDiscard box
11 Click the ports to which you do not want packet traffic sent from this MAC address, and then click Ok.
The box closes and the ports are added to the DestDiscard box in the Bridge, VLAN, Insert Filter box.
12 Enable Pcap if required.
13 Click Insert.
The Insert Filter box closes and the filter appears in the Filter tab.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 189
14 In the Bridge VLAN box and the VLAN box, click Close.
The MAC layer bridge filter is configured.
Table 24 describes the Bridge VLAN Filter fields.
Configuring the Global MAC filter
Global MAC filtering eliminates the need for configuring multiple per-VLAN filter records for the same MAC. It provides the ability to discard a list of MAC addresses, globally, on the switch. By using a global list you do not have to configure a MAC per VLAN.
To configure the Global MAC filter:
1 From the Device Manager window, select VLAN > Global Mac Filtering. The GlobalMacFiltering tab appears (Figure 72 on page 190).
Table 24 Bridge VLAN Filter fields
Field Description
MacAddress The MAC address of this entry. This address is used to match the destination address of incoming packets.
Port Port on which this MAC address is found.
VlanId The ID of the VLAN.
SrcDiscard Specify a set of ports. Traffic arriving on any of the specified ports is not forwarded to this MAC address.
DestDiscard Specify a set of ports. Traffic arriving on any of the specified ports from this MAC address is discarded.
Status Specifies the status of the VLAN. Values include:
• self—one of the bridge addresses• learned—a learned entry that is being used
• mgmt—a static entry
Pcap Enable or disable the Packet Capture Tool (PCAP) for the MAC address (FDB filter). For more information about PCAP, see Using the Packet Capture Tool.
Configuring VLANs, Spanning Tree, and Link Aggregation
190 Chapter 2 Configuring VLANs using Device Manager
Figure 72 GlobalMacFiltering tab
Table 25 describes the fields on the GlobalMacFiltering tab.
2 Click Insert.
The GlobalMacFiltering, Insert Mac Filter box appears (Figure 73).
Figure 73 GlobalMacFiltering, Insert Mac Filter box
3 In the GlobalMacFilterAddress box, enter the address, and then click Insert.
The address you entered appears in the GlobalMacFiltering tab.
Table 25 GlobalMacFiltering tab fields
Field Description
GlobalMacFilterAddress A MAC address which the switch discards globally.
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 191
Configuring Enhanced Operation mode
With Enhanced Operation mode, you can now increase the maximum number of VLANs when you use MultiLink Trunking to 1980 (1972 if R modules are present in the chassis) and to 989 when you use SMLT. Enhanced Operation mode requires Ethernet Routing Switch 8600 E, M, or R modules.
For more information about Enhanced Operation mode, see “MultiLink trunking and VLAN scalability” on page 56.
To enable Enhanced Operation mode:
1 From the Device Manager menu bar, choose Edit > Chassis.
The Chassis box appears with the System tab displayed (Figure 43 on page 153).
2 Click the System Flags tab.
The System Flags tab appears (Figure 74 on page 192).
Caution: When Enhanced Operation mode is enabled, only Ethernet Routing Switch 8600 E, M, or R modules are initialized (other modules are placed offline). To avoid losing modules and network connectivity, replace non-E, M, or R modules or move the network connections to an E, M, or R module before enabling Enhanced Operation mode.
Configuring VLANs, Spanning Tree, and Link Aggregation
192 Chapter 2 Configuring VLANs using Device Manager
Figure 74 Chassis—System Flags tab
3 Select the NewEnhancedOperMode check box.
4 Click Apply.
The system notifies you that the setting takes effect after save and reboot.
5 Click the System tab.
The System tab appears (Figure 75 on page 193).
314725-E Rev 00
Chapter 2 Configuring VLANs using Device Manager 193
Figure 75 Chassis—System SaveRuntimeConfig
6 In the ActionGroup1 box, select saveRuntimeConfig.
7 Click Apply > Close.
Enhanced Operation mode is configured.
Configuring VLANs, Spanning Tree, and Link Aggregation
194 Chapter 2 Configuring VLANs using Device Manager
314725-E Rev 00
195
Chapter 3Configuring sVLAN using Device Manager
This chapter describes using Device Manager to configure stacked VLAN (sVLAN) on an Ethernet Routing Switch 8600. For conceptual infortmation about sVLANs, see Chapter 1, “Layer 2 operational concepts,” on page 59.
This chapter includes the following topics:
Stacked VLAN configuration overview
The stacked VLAN (sVLAN) protocol transparently transports packets through an sVLAN domain by adding an additional four byte header to each packet. For more information, see “Stacked VLANs” on page 59.
Note: R modules do not support the sVLAN feature.
Topic Page
Stacked VLAN configuration overview 195
Creating an sVLAN 196
Setting the sVLAN Ethertype and switch level 200
Setting the sVLAN port type 202
Creating an sVLAN STG 207
Configuring VLANs, Spanning Tree, and Link Aggregation
196 Chapter 3 Configuring sVLAN using Device Manager
Follow these steps to configure an sVLAN using Device Manager:
1 Change the Ethertype and set the switch level to 1 or above.
For more information, see “Setting the sVLAN Ethertype and switch level” on page 200.
2 Configure user-to-network interface (UNI) and network-to-network interface (NNI) ports.
For more information, see “Setting the sVLAN port type” on page 202.
3 Create a spanning tree group (STG) of type sVLAN.
For more information, see “Creating an sVLAN STG” on page 207.
4 Create a VLAN of type sVLAN within the STG created in Step 3 and add ports to it.
For more information, see “Creating an sVLAN” on page 196.
Creating an sVLAN
To create an sVLAN:
1 From the Device Manager menu bar, choose VLAN > VLANs.
The VLAN—Basic box appears (Figure 76 on page 197).
Note: You must follow these steps in sequence to configure an sVLAN.
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 197
Figure 76 VLAN—Basic tab
2 Click Insert.
The VLAN, Insert Basic box appears (Figure 77 on page 198).
Configuring VLANs, Spanning Tree, and Link Aggregation
198 Chapter 3 Configuring sVLAN using Device Manager
Figure 77 Insert Basic—for sVLANs
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 199
3 In the Id box, enter an unused VLAN ID or use the ID provided. The default VLAN is VLAN ID 1.
4 (Optional) In the Name box, type the VLAN name, or use the name provided.
5 (Optional) In the Color Identifier box, click the down arrow and choose a color from the list, or use the color provided.
Device Manager suggests a color, but you can change it. This color is used by VLAN Manager to display the different VLANs in a network.
6 In the StgId box, type or select the spanning tree group ID for the VLAN.
7 In the Type box, select bySvlan.
8 In the PortMembers box, click the ellipsis (...).
The VlanPortMembers box appears (Figure 78).
Figure 78 VlanPortMembers
9 Click the ports you want to include in the new sVLAN.
10 Click Ok.
The Port Membership box closes and the port members appear in the Insert Basic box.
11 (Optional) In the QoS box, select a Quality of Service level.
12 On the VLAN, Insert Basic box, click Insert.
The Insert box closes and the VLAN appears in the Basic tab.
13 In the VLAN, Basic tab, click Close.
The VLAN is configured and the VLAN box closes.
Configuring VLANs, Spanning Tree, and Link Aggregation
200 Chapter 3 Configuring sVLAN using Device Manager
Setting the sVLAN Ethertype and switch level
To configure the sVLAN Ethertype and switch level for the switch:
1 From the Device Manager menu bar choose VLAN > SVLAN.
The Svlan—Ether Type tab (Figure 79) appears, displaying the Ether types used for sVLAN tagging.
Figure 79 SVLAN—Ether Type tab
2 Do one of the following:
• Use the default Ether Type-Switch Level mapping and continue to Step 3.
• To modify an Ethertype, double-click an EtherType box, enter a new value, and click Apply.
The Ethertype is changed.
Table 26 on page 202 describes the sVLAN Ether Type tab.
3 Click the Level tab.
Note: sVLAN is not supported on the Ethernet Routing Switch 8600 R module v4.1.
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 201
The Level tab appears (Figure 80).
Figure 80 Svlan box—Level tab
4 In the ActiveLevel box, enter an active switch level.
5 Click Apply.
The Ethertype and active switch level are configured.
Note: Change the switch level default of 0 to a value of 1 through 7 before configuring UNI or NNI ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
202 Chapter 3 Configuring sVLAN using Device Manager
Table 27 describes the sVLAN Level tab.
Setting the sVLAN port type
To set the sVLAN port type:
Table 26 SVLAN—Ether Type tab
Field Description
Id Index ID for this row in the table of switch levels.
Level The switch level associated with this entry.
EtherType Specifies the Ethertype used for sVLAN tagging.
The following are the default Ethertypes and switch levels:• Level 0 — 0x8100 (Ethertype defined by IEEE for
802.1Q tagged frames)
• Level 1 — 0x8020• Level 2 — 0x8030
• Level 3 — 0x8040
• Level 4 — 0x8050• Level 5 — 0x8060
• Level 6 — 0x8070
• Level 7 — 0x8080
Table 27 SVLAN—Level tab
Field Description
Active Level Specifies the active level for the switch. The default is level 0.
Note: You must configure the switch level to 1 or above before configuring UNI or NNI ports.
Note: You must change the switch level to 1 or above before you configure UNI or NNI ports. See “Setting the sVLAN Ethertype and switch level” on page 200.”
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 203
1 From the Device Manager view, select the port.
2 From the Device Manager menu bar, choose Edit > Port > General.
The Port—Interface tab appears (Figure 81).
Figure 81 Port box—Interface tab
3 Click the VLAN tab.
The VLAN tab appears (Figure 82 on page 204).
Configuring VLANs, Spanning Tree, and Link Aggregation
204 Chapter 3 Configuring sVLAN using Device Manager
Figure 82 Port—VLAN tab
4 In the sVLANPortType box, select one of the following:
• uni—user-to-network interface
You must configure ports for which you want to provide VLAN transparency as UNI ports. UNI ports can only belong to one sVLAN. When you designate a port as a UNI port, the DiscardTaggedFrames parameter is automatically enabled. This prevents traffic from leaking to other VLANs.
• nni—network-to-network interface
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 205
NNI ports interconnect the switches in the core network, drop untagged frames on ingress, and insert the sVLAN tag at the egress. When you configure an NNI port, the DiscardUnTaggedFrames parameter is automatically enabled.
5 Click Apply.
The system warns you that by changing the port type, all ports in the OctaPID can be removed from all VLANs and STGs (Figure 83). This message shows the port range for the OctaPID. If you changed a port from Normal to UNI/NNI, the other seven ports in the OctaPID are changed automatically.
Figure 83 sVLAN configuration warning
6 To continue applying the configuration, click Yes.
The sVLAN port type is configured.
7 Click Close.
The Port box closes.
Note: All ports within the same OctaPID have the same designation that is, all eight ports are either Normal, or all eight ports are UNI/NNI. When you change a port from normal to UNI/NNI, the other seven ports are changed automatically, and in reverse. For more details, see “Tap and OctaPID assignment (Release 3.x feature set)” on page 567”.
Configuring VLANs, Spanning Tree, and Link Aggregation
206 Chapter 3 Configuring sVLAN using Device Manager
Table 28 describes the Port—VLAN tab.
.
Table 28 Port—VLAN fields
Field Description
SvlanPortType Sets the stacked VLAN (SVLAN) port type:
normal (default)
uni (User-to-Network Interface) You must configure ports to which you want to provide VLAN transparency as UNI ports. UNI ports can only belong to one SVLAN. When you designate a port as a UNI port, the DiscardTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN). This prevents traffic from leaking to other VLANs.
nni (Network-to-Network Interface) NNI ports interconnect the switches in the core network, drop untagged frames on ingress, and insert the SVLAN tag at the egress. When you configure an NNI port, the DiscardUnTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN).
Before configuring a port as uni or nni, you must change the switch level to 1 or above (VLAN > SVLAN > Level).
PerformTagging Enable or disable the port on the current VLAN to perform tagging
VlanNames Identifies which VLANs this port is assigned. Each VLAN ID is stored as a two octet value. The first octet in the pair holds bits 15 to 8 of the VLAN ID, the second octet holds bits 7 to 0 of the VLAN ID.
DiscardTaggedFrames Determines how to process tagged frames received on this access port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are processed normally.
DiscardUntaggedFrames Determines how to process untagged frames received on this tagged port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are assigned to the VLAN specified by the DefaultVlanId.
UntagDefaultVLAN Enables or disables egress tagging on the default VLAN of the port.
DefaultVlanId The VLAN ID assigned to untagged frames received on this trunk port.
This field is meaningless when the port is not a trunk port.
LoopDetect Enables loop detection.
ArpDetect Enables or disables the ARP loop detection feature on this port. If a loop is detected, the port is disabled. For more information about this feature, see Configuring IP Routing Operations.
LoopDetectAction This value is used to specify the action which needs to be taken once a MAC loop is detected on a specific port. They include portDown, vlanBlock, and macDiscard.
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 207
Creating an sVLAN STG
To create an sVLAN spanning tree group:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG box appears (Figure 84).
Figure 84 STG
2 Click Insert.
The STG, Insert Configuration box appears (Figure 85 on page 208).
Configuring VLANs, Spanning Tree, and Link Aggregation
208 Chapter 3 Configuring sVLAN using Device Manager
Figure 85 STG, Insert Configuration
3 In the Id box, enter an STG ID, or use the displayed ID.
4 In the Type box, select svlan.
5 In the TaggedBpduAddress box, enter a MAC address to be assigned to the destination MAC address field in tagged BPDUs.
6 In the PortMembers box, click the ellipsis (...).
The StgPortMembers box appears, displaying available ports.
7 Click the ports you want to include in the sVLAN STG, and then click Ok.
The StgPortMembers box closes, and the ports appear in the STG, Insert Configuration box.
8 Click Insert.
Note: The MAC address you enter must be different from the standardized BPDU MAC address.
314725-E Rev 00
Chapter 3 Configuring sVLAN using Device Manager 209
The STG appears in the Configuration tab.
9 On the Configuration tab, click Close.
The STG is configured and the STG box closes.
Configuring VLANs, Spanning Tree, and Link Aggregation
210 Chapter 3 Configuring sVLAN using Device Manager
314725-E Rev 00
211
Chapter 4Configuring spanning tree using Device Manager
This chapter discusses using Device Manager to create, manage, and monitor spanning tree groups (STG), and discusses using Device Manager to configure Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP).
This chapter includes the following topics:
Choosing the spanning tree mode
You can choose to use STP, MSTP, or RSTP with the Ethernet Routing Switch 8600. To configure the mode:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > Globals.
The Spanning Tree Globals box appears (Figure 86 on page 212).
Topic Page
Choosing the spanning tree mode 211
Configuring Spanning Tree Protocol 212
Configuring Multiple Spanning Tree Protocol 226
Configuring Rapid Spanning Tree Protocol 240
Configuring VLANs, Spanning Tree, and Link Aggregation
212 Chapter 4 Configuring spanning tree using Device Manager
Figure 86 Spanning Tree—Globals
2 Select the required spanning tree mode.
3 Click Apply.
Configuring Spanning Tree Protocol
This section discusses using Device Manager to create, manage, and monitor spanning tree groups. For more information about STP, see “Spanning Tree Protocol” on page 67.
This section includes the following topics:
• “Creating a STG” on page 213
• “Editing an STG” on page 217
• “Adding ports to an STG” on page 218
• “Viewing the STG status” on page 219
• “Viewing STG ports” on page 221
• “Enabling STP on a port” on page 224
• “Deleting an STG” on page 224
Warning: After you change the mode, you must reboot the switch for changes to take effect. You can reboot the switch using the command line interface (CLI) by first saving the boot file with the command save bootconfig, and then entering the command boot <filename>, where filename is the saved boot config file. You can also reboot the switch using Device Manager. Go to Edit > Chassis. In the ActionGroup1 box, select saveBootConfig. Click Apply. Next, in ActionGroup4, select softReset. Click Apply.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 213
• “Configuring STG topology change detection” on page 225
Creating a STG
A network can include multiple instances of STP. The collection of ports in one spanning tree instance is called a spanning tree group (STG). The Ethernet Routing Switch 8600 supports STP and up to 64 spanning tree groups.
To create a STG:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87).
Figure 87 STG—Configuration tab
2 On the Configuration tab, click Insert.
The STG, Insert Configuration box appears (see Figure 88 on page 214).
Table 29 on page 216 describes the STG—Configuration tab parameters.
Note: This information applies to Ethernet Routing Switch 8600 modules only. Spanning Tree Protocol must be disabled on split multilink trunking (SMLT) or interswitch trunk ports, because spanning tree is not a supported configuration on these ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
214 Chapter 4 Configuring spanning tree using Device Manager
Figure 88 STG, Insert Configuration
3 Use the fields in the STG, Insert Configuration box to configure the STG.
4 In the PortMembers box, click the ellipses (...).
The StgPortMembers box (Figure 89 on page 215) appears.
Note: In the STG table, the STG ID and TaggedBpduVlanId must be unique. If you change the STG ID without updating TaggedBpduVlandId, the insertion can fail because of a duplicate TaggedBpduVlanId.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 215
Figure 89 StgPortMembers
5 Click the ports you want to add to the STG, and then click Ok.
The StgPortMembers box closes, and the ports are added to the Port Members field in the Insert Configuration box.
6 Click Insert.
The Insert Configuration box closes, and the STG appears in the Configuration tab.
7 Click Close.
The STG is configured.
Note: Spanning Tree Protocol must be disabled on SMLT or interswitch trunk ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
216 Chapter 4 Configuring spanning tree using Device Manager
Table 29 describes the STG—Configuration fields.
Table 29 STG configuration fields
Field Description
Id The ID number for the STG.Note: The STG ID and TaggedBpduVlanId must be unique in the STG table. If you change the STG ID without updating TaggedBpduVlanId, the insertion can fail because of a duplicate TaggedBpduVlanId.
Type Specifies the type of STG.
• normal = normal STG • svlan = stacked VLAN STG
Priority Sets the STP bridge priority, in decimal.
BridgeMaxAge The value in hundredths of a second that all bridges use for MaxAge when this bridge is acting as the root.
Note: The 802.1d-1990 standard specifies that the BridgeMaxAge range is related to the value of dot1dStpBridgeHelloTime. The default is 2000 (20 seconds).
BridgeHelloTime The value in hundredths of a second that all bridges use for HelloTime when this bridge is acting as the root. The granularity of this timer is specified by the IEEE 802.1d-1990 standard to be in increments of 1/100 of a second. The default is 200 (2 seconds).
BridgeForwardDelay The value in hundredths of a second that all bridges use for forward delay when this bridge is acting as the root. The default is 1500 (15 seconds).
EnableSTP Enables or disables the spanning tree algorithm for the STG.
StpTrapEnable Enables SNMP traps to be sent to trace receiver every time an STP topology occurs.
TaggedBpduAddress Represents a MAC address; specifically for tagged BPDUs.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 217
Editing an STG
To edit an STG:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration box appears (Figure 87 on page 213).
TaggedBpduVlanId Represents the VLAN tag associated with the STG. This ID is used to tag BPDUs through a non-IEEE tagging bridge to another Ethernet Routing Switch 8600. Note: By default, the TaggedBpduVlanId is an address calculated based on the STG ID by Device Manager. Accepting the default value calculated by Device Manager makes it much simpler to coordinate STGs across multiple switches. If you enter a custom value for this field, you must manually coordinate it across all switches.Note: The STG ID and TaggedBpduVlanId must be unique in the STG table. If you change the STG ID without updating TaggedBpduVlanId, the insertion can fail because of a duplicate TaggedBpduVlanId.
Port Members The ports you want to become members of the new STG.
You cannot select a port if it is:• configured as Single Port SMLT, MLT-based SMLT, or IST
• configured as members of any other STG
NtStgEnable Indicates whether this STG is operating in Nortel mode or in Cisco mode:
• true—Nortel mode
• false—Cisco mode
Note: Untagged ports can only belong to one STG.
Note: The information about editing an STG applies to Ethernet Routing Switch 8600 modules only.
Table 29 STG configuration fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
218 Chapter 4 Configuring spanning tree using Device Manager
2 Double-click the field for the STG you want to edit.
The field becomes editable.
3 Enter a new value or select a new setting from the menu.
4 Click Apply.
The changes are applied to the STG.
Adding ports to an STG
To add ports to a spanning tree group:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87 on page 213).
2 Double-click the Port Members field for the STG.
The StgPortMembers box (Figure 90) appears, indicating the port members assigned to this STG.
Figure 90 StgPortMembers box
3 Click the ports you want to add to the STG, and click OK.
The StgPortMembers box closes, and the ports are added to the Port Members field in the Configuration tab.
Note: Spanning Tree Protocol must be disabled on SMLT or IST ports.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 219
4 Click Apply.
The ports are added to the STG.
Viewing the STG status
You can use the STG Status tab to view the status of the spanning tree for each STG that is associated with the network.
To view STG status:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87 on page 213).
2 Click the Status tab.
The Status tab appears (Figure 91 on page 220), displaying the STG status.
Configuring VLANs, Spanning Tree, and Link Aggregation
220 Chapter 4 Configuring spanning tree using Device Manager
Figure 91 STG—Status tab
Table 30 describes the STG Status fields.
Table 30 STG Status fields
Field Description
BridgeAddress The MAC address used by this bridge when it must be referred to in a unique fashion.
NumPorts The number of ports controlled by this bridging entity.
ProtocolSpecification An indication of what version of the Spanning Tree Protocol is being run. The IEEE 802.1d implementations return ieee8021d.
TimeSinceTopologyChange The time in hundredths of a second since the last time a topology change was detected by the bridge entity or STG.
TopChanges A topology change trap is sent by a bridge when any of its configured ports transitions from the Learning state to the Forwarding state, or from the Forwarding state to the Blocking state. The trap is not sent if a new root trap is sent for the same transition. Implementation of this trap is optional.
DesignatedRoot The bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol as executed by this node. This value is used as the Root Identifier parameter in all Configuration Bridge PDUs originated by this node.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 221
Viewing STG ports
Use the Ports tab to view the status of ports for each STG that is associated with the network.
To view STG ports:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87 on page 213).
2 Click the Ports tab.
The Ports tab appears(Figure 92). For parameter descriptions, see “STG Ports tab fields” on page 222.
RootCost The cost of the path to the root as seen from this bridge.
RootPort The port number of the port that offers the lowest cost path from this bridge to the root bridge.
MaxAge The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded, in units of hundredths of a second. This is the actual value that this bridge is currently using.
HelloTime The amount of time in hundredths of a second between transmission of config BPDUs by this node on any port when it is the root of the spanning tree. The default value is 200 (2 seconds).
HoldTime The time interval in hundredths of a second during which no more than two configuration bridge PDUs shall be transmitted by this node. The default value is 100 (1 second).
ForwardDelay The time interval in hundredths of a second that controls how fast a port changes its spanning state when moving toward the Forwarding state. The value determines how long the port stays in each of the Listening and Learning states, which precede the Forwarding state. This value is also used when a topology change is detected and is under way, to age all dynamic entries in the Forwarding Database. Note that this value is the one this bridge is currently using, in contrast to StgBridgeForwardDelay, which is the value that this bridge and all others would use if this bridge becomes the root. The default value is 1500 (15 seconds).
Table 30 STG Status fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
222 Chapter 4 Configuring spanning tree using Device Manager
Figure 92 STG—Ports tab
Table 31 describes the STG—Ports tab fields.
Table 31 STG Ports tab fields
Field Description
Port The port number of the port for which this entry contains Spanning Tree Protocol management information.
StgId The STG identifier assigned to this port.
Priority The value of the priority field which is contained in the first octet of the Port ID. The other octet of the Port ID is given by the value of rcStgPort.Note: Although port priority values can range from 0 to 255, on the Ethernet Routing Switch 8600, only the following values are used: 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, 240.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 223
State The current state of the port as defined by the application of the Spanning Tree Protocol:
disabledblocking
listening
learningforwarding
broken
This state controls what action a port takes on reception of the frame. If the bridge has detected a port that is malfunctioning, it places that port into the broken state. For ports that are disabled, this object has a value of disable.
EnableStp The STP state of the port.
Enabled—BPDUs are processed in accordance with STP.
Disabled—The port stays in a forwarding state, received BPDUs are dropped and not processed, and no BPDU is generated.
FastStart When this flag is set, the port is moved straight to the forwarding state upon being enabled.true (enables FastStart for the port)
false (default, disables FastStart for the port)
Note: This setting is contrary to that specified in the IEEE 802.1d standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when the port is enabled through configuration.
PathCost The contribution of this port to the path cost of paths toward the spanning tree root that includes this port. The 802.1d-1990 protocol recommends that the default value of this parameter be inversely proportion to the speed of the attached LAN.
DesignatedRoot The unique bridge identifier of the bridge recorded as the root in the configuration BPDUs transmitted by the designated bridge for the segment to which the port is attached.
DesignatedCost The path cost of the designated port of the segment connected to this port. This value is compared to the Root Path Cost field in received bridge PDUs.
DesignatedBridge The bridge identifier of the bridge that this port considers to be the designated bridge for this port’s segment.
DesignatedPort The port identifier of the port on the designated bridge for this port segment.
Table 31 STG Ports tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
224 Chapter 4 Configuring spanning tree using Device Manager
Enabling STP on a port
To enable STP for a port:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87 on page 213).
2 Click the Ports tab.
The Ports tab appears (Figure 92 on page 222).
3 Click in the EnableStp field for the port you want to enable.
A menu appears.
4 From the menu, choose true.
The EnableStp setting changes.
5 Click Apply.
STP is enabled for the port.
Deleting an STG
To delete an STG:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
ForwardTransitions The number of times this port has transitioned from the learning state to the forwarding state.
ChangeDetection The change detection setting (true or false) for this port. Can only be configured on access ports. If you enable change detection on an MLT with access ports, the setting is automatically applied to all ports in the MLT.
Note: The deleting an STG procedure applies to Ethernet Routing Switch 8600 modules only.
Table 31 STG Ports tab fields (continued)
Field Description
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 225
The STG box appears (Figure 87 on page 213).
2 Click the STG that you want to delete.
3 Click Delete.
Configuring STG topology change detection
To configure topology change detection on a port:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > STG.
The STG—Configuration tab appears (Figure 87 on page 213).
2 Click the Ports tab.
The Ports tab appears (Figure 92 on page 222).
3 Double-click the ChangeDetection field for a port.
The menu of change detection settings appears.
4 From the menu, choose one of the following:
• To enable change detection on the port, choose true.
• To disable change detection on the port, choose false.
5 Click Apply.
Change detection is configured for the port.
For more information about change detection, see “Spanning Tree Protocol topology change detection” on page 70.
Note: All VLANs must be deleted from an STG before you can remove the STG.
Configuring VLANs, Spanning Tree, and Link Aggregation
226 Chapter 4 Configuring spanning tree using Device Manager
Configuring Multiple Spanning Tree Protocol
Multiple Spanning Tree Protocol (MSTP) allows you to configure multiple instances of RSTP on the same switch. For more information about MSTP, see “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 73.
To configure MSTP, you must first enable it.
For more information about enabling MSTP, see “Choosing the spanning tree mode” on page 211.
This section contains the following topics:
• “Configuring MSTP globally”
• “Configuring CIST ports for MSTP” on page 230
• “Viewing statistics for the CIST ports” on page 233
• “Configuring MSTI bridges for MSTP” on page 235
• “Configuring MSTI ports for MSTP” on page 236
• “Viewing MSTI port statistics” on page 238
Configuring MSTP globally
To configure MSTP globally:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > MSTP.
The MSTP—Globals tab appears (Figure 93 on page 227).
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 227
Figure 93 MSTP—Globals
2 Edit desired fields to configure MSTP.
3 Click Apply.
Configuring VLANs, Spanning Tree, and Link Aggregation
228 Chapter 4 Configuring spanning tree using Device Manager
Table 32 describes the MSTP—Globals tab fields.
Table 32 MSTP—Globals fields
Field Description
PathCostDefaultType The version of the spanning tree default path costs to be used by this bridge. A value of 8021d1998 denotes the use of the 16 bit default path costs from IEEE 802.1d-1998. A value of stp8021t2001 denotes the use of the 32 bit default path costs from IEEE 802.1t.
TxHoldCount The value used by the port transmit state machine to limit the maximum transmission rate.
MaxHopCount Indicates the maximum hop count. The granularity of this timer is specified to be 1 second. An agent can return a bad value error if you attempt to set a value which is not a whole number of seconds.
NoOfInstancesSupported
Indicates the maximum number of spanning tree instances supported.
MstpUpCount The number of times the MSTP module was enabled. A trap is generated on the occurrence of this event.
MstpDownCount The number of times the MSTP module was disabled. A trap is generated on the occurrence of this event.
ForceProtocolVersion The version of Spanning Tree Protocol the bridge currently runs. stpCompatible indicates that the Spanning Tree Protocol as specified in IEEE 802.1d is in use; rstp indicates that the Rapid Spanning Tree Protocol as specified in IEEE 802.1w is in use; and mstp indicates that the Multiple Spanning Tree Protocol as specified in IEEE 802.1s is in use.
BrgAddress The MAC address used by this bridge when it must be referred to in a unique fashion. Nortel recommends that this be the numerically smallest MAC address of all ports that belong to this bridge. When concatenated with MstCistBridgePriority or MstBridgePriority, a unique bridge identifier is formed which is used in the Spanning Tree Protocol.
Root The bridge identifier of the root of the common spanning tree as determined by the Spanning Tree Protocol by this node. This value is used as the CIST root identifier parameter in all configuration bridge PDUs originated by this node.
RegionalRoot The bridge identifier of the root of the multiple spanning tree region as determined by the Spanning Tree Protocol as executed by this node. This value is used as the CIST regional root identifier parameter in all configuration bridge PDUs originated by this node.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 229
RootCost The cost of the path to the CIST root from this bridge.
RegionalRootCost The cost of the path to the CIST regional root from this bridge.
RootPort The port number of the port which offers the lowest path cost from this bridge to the CIST root bridge.
BridgePriority The value of the writable portion of the bridge identifier comprising of the first two octets. The values you enter for bridge priority must be in steps of 4096.
BridgeMaxAge The value that all bridges use for MaxAge when this bridge acts as the root. The granularity of this timer is specified to be 1 second. An agent can return a bad value error if you attempt to set a value which is not a whole number of seconds. The default is 2000.
BridgeForwardDelay The value that all bridges use for forward delay when this bridge acts as the root. Note that 802.1d specifies that the range for this parameter is related to the value of BridgeMaxAge. The granularity of this timer is specified to be 1 second. An agent can return a bad value error if you attempt to set a value which is not a whole number of seconds. The default is 1500.
HoldTime This time value determines the interval length during which no more than two configuration bridge PDUs can be transmitted by this node, in units of hundredths of a second.
MaxAge The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded, in units of hundredths of a second. This is the value that this bridge currently uses.
ForwardDelay This time value, measured in units of hundredths of a second, controls how fast a port changes its spanning state when moving towards the forwarding state. The value determines how long the port stays in a particular state before moving to the next state.
TimeSinceTopology
Change
The time (in hundredths of a second) since the TcWhile Timer for any port in this bridge was non-zero for Common Spanning Tree.
TopChanges The number of times that there was at least one non-zero TcWhile Timer on this bridge for Common Spanning Tree.
NewRootBridgeCount The number of times this bridge has detected a root bridge change for Common Spanning Tree. A trap is generated on the occurrence of this event.
RegionName The name for the region configuration. By default the region name is equal to the bridge MAC Address.
RegionVersion Version of the MST region.
Table 32 MSTP—Globals fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
230 Chapter 4 Configuring spanning tree using Device Manager
Configuring CIST ports for MSTP
To configure Common and Internal Spanning Tree (CIST) ports for MSTP:
1 In Device Manager, go to VLAN > Spanning Tree > MSTP.
The MSTP box appears.
2 In the MSTP box, click the CIST Port tab.
The MSTP—CIST Port tab appears (Figure 94 on page 231).
ConfigIdSel The configuration identifier format selector used by the bridge. This has a fixed value of 0 to indicate RegionName, RegionVersions are specified as in the standard.
ConfigDigest The configured MD5 digest value for this region, which must be 16 octets long.
RegionConfigChangeCount
The number of times a region configuration identifier change was detected. A trap is generated on the occurrence of this event.
Table 32 MSTP—Globals fields (continued)
Field Description
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 231
Figure 94 MSTP—CIST Port tab
3 Use the fields in the CIST Port box to configure the MSTP.
4 Click Apply.
Configuring VLANs, Spanning Tree, and Link Aggregation
232 Chapter 4 Configuring spanning tree using Device Manager
The MSTP—CIST Port tab contains per-port information that is common to all bridge and spanning tree instances. Table 33 describes the CIST Port fields.
Table 33 CIST Port fields
Field Description
Port The port number of the port for which this entry contains spanning tree information
PathCost The contribution of this port to the path cost of paths towards the CIST root which includes this port.
Priority The four most significant bits of the port identifier of the spanning tree instance can be modified by setting the CistPortPriority value. The values that are set for port priority must be in steps of 16.
Note: Although port priority values can range from 0 to 255, on the Ethernet Routing Switch 8600, only the following values are used: 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, 240.
DesignatedRoot The unique bridge identifier of the bridge recorded as the CIST root in the configuration BPDUs transmitted.
DesignatedCost The path cost of the designated port of the segment which connects to this port.
DesignatedBridge The unique bridge identifier of the bridge which this port considers to be the designated bridge for the port’s segment.
DesignatedPort The port identifier of the port on the designated bridge for this port segment.
RegionalRoot The unique bridge identifier of the bridge recorded as the CIST regional root identifier in the configuration BPDUs transmitted.
RegionalPathCost The contribution of this port to the path cost of paths towards the CIST regional root which include this port.
ProtocolMigration Indicates the protocol migration state of this port. When operating in RSTP or MSTP mode, writing true to this object forces this port to transmit MSTP BPDUs without instance information. Any other operation on this object has no effect and it returns false when read.
AdminEdgeStatus The administrative value of the Edge Port parameter. A value of true indicates that this port is an edge-port, and a value of false indicates that this port is a non-edge-port.
OperEdgeStatus The operational value of the Edge Port parameter. The object is initialized to the value of AdminEdgeStatus and is set false on reception of a BPDU.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 233
Viewing statistics for the CIST ports
You can view statistics for the CIST ports. To view statistics:
1 In Device Manager, go to VLAN > Spanning Tree > MSTP.
The MSTP box appears.
2 In the MSTP box, click the CIST Port tab.
The MSTP—CIST Port tab appears.
AdminP2P The administrative point-to-point status of the LAN segment attached to this port. A value of forceTrue indicates that this port is treated as if it connects to a point-to-point link. A value of forceFalse indicates that this port is treated as having a shared media connection. A value of auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full duplex operation, either through auto-negotiation or by management means.
OperP2P The operational point-to-point status of the LAN segment attached to this port. It indicates whether a port is considered to have a point-to-point connection or not. The value is determined by management or by auto-detection as described in the AdminP2P object.
HelloTime The amount of time between the transmission of configuration bridge PDUs by this node on this port in units of hundredths of a second.
OperVersion This indicates whether the port is operationally in the MSTP mode, the RSTP mode, or the STP-compatible mode, that is, whether the port transmits MST BPDUs, RST BPDUs or Config/TCN BPDUs.
EffectivePortState The effective operational state of the port for CIST. This is true only when the port is operationally UP at the interface and protocol levels for CIST. This is set to false for all other conditions.
State Current state of the port as defined by the common spanning tree protocol. It can be disabled, discarding, learning, or forwarding.
ForcePortState Current state of the port, which can be changed to either Disabled or Enabled for the base spanning tree instance.
SelectedPortRole Selected port role of the port for this spanning tree instance.
CurrentPortRole Current port role of the port for this spanning tree instance.
Table 33 CIST Port fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
234 Chapter 4 Configuring spanning tree using Device Manager
3 Click on a port, and then click Graph.
The CIST Port Stats window appears (Figure 95).
Figure 95 CIST Port Stats
Table 34 describes the statistics given in Figure 95.
Table 34 CIST Port Stats fields
Field Description
ForwardTransitions Number of times this port has transitioned to the forwarding state.
RxMstBpduCount Number of MSTP BPDUs received on this port.
RxRstBpduCount Number of RSTP BPDUs received on this port.
RxConfigBpduCount Number of configuration BPDUs received on this port.
RxTcnBpduCount Number of TCN BPDUs received on this port.
TxMstBpduCount Number of MSTP BPDUs transmitted from this port.
TxRstBpduCount Number of RSTP BPDUs transmitted from this port.
TxConfigBpduCount Number of configuration BPDUs transmitted from this port.
TxTcnBpduCount Number of TCN BPDUs transmitted from this port.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 235
Configuring MSTI bridges for MSTP
To configure Multiple Spanning Tree Instance (MSTI) bridges:
1 In Device Manager, go to VLAN > Spanning Tree > MSTP.
The MSTP box appears.
2 In the MSTP box, click the MSTI Bridges tab.
The MSTP—MSTI Bridges tab appears (Figure 96). (MSTI bridge instances are generated by the switch after you create a VLAN in MSTP mode).
Figure 96 MSTP—MSTI Bridges tab
3 Use the fields in the MSTI Bridges box to configure the MSTP.
4 Click Apply.
InvalidMstBpduRxCount Number of Invalid MSTP BPDUs received on this port.
InvalidRstBpduRxCount Number of Invalid RSTP BPDUs received on this port.
InvalidConfigBpduRxCount Number of invalid configuration BPDUs received on this port.
InvalidTcnBpduRxCount Number of invalid TCN BPDUs received on this port.The number of times this port has migrated from one STP protocol version to another. The relevant protocols are STP-Compatible and RSTP/MSTP. A trap is generated on the occurrence of this event.
ProtocolMigrationCount The number of times this port has migrated from one STP protocol version to another. The relevant protocols are STP-Compatible and RSTP. A trap is generated on the occurrence of this event.
Table 34 CIST Port Stats fields
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
236 Chapter 4 Configuring spanning tree using Device Manager
Table 35 describes the fields given in Figure 96.
Configuring MSTI ports for MSTP
To configure MSTI ports, do the following:
1 In Device Manager, go to VLAN > Spanning Tree > MSTP.
The MSTP box appears.
2 In the MSTP box, click the MSTI Port tab.
The MSTI Port tab appears (Figure 97 on page 237). (Port members selected on the VLAN > Basic tab appear in the MSTI Port tab).
Table 35 MSTI Bridges fields
Field Description
Instance Spanning tree instance to which this information belongs
Regional Root MSTI regional root identifier value for the instance. This value is used as the MSTI regional root identifier parameter in all configuration bridge PDUs originated by this node.
Priority The writable portion of the MSTI bridge identifier comprising of the first two octets. The values that are set for bridge priority must be in steps of 4096.
Root Cost The cost of the path to the MSTI regional root as seen by this bridge.
Root Port The port number of the port which offers the lowest path cost from this bridge to the MSTI region root bridge.
TimeSinceTopology Change
The time (in hundredths of a second) since the TcWhile Timer for any port in this bridge was non-zero for this spanning tree instance.
TopChanges The number of times that there was at least one non-zero TcWhile Timer on this bridge for this spanning tree instance.
NewRootCount The number of times this bridge has detected a root bridge change for this spanning tree instance. A trap is generated on the occurrence of this event.
InstanceUpcount The number of times a new spanning tree instance was created. A trap is generated on the occurrence of this event.
InstanceDownCount The number of times a spanning tree instance was deleted. A trap is generated on the occurrence of this event.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 237
Figure 97 MSTP—MSTI Port tab
3 Use the fields in the MSTI Port box to configure the MSTP.
4 Click Apply.
Table 36 describes the MSTP—MSTI Port fields.
Table 36 MSTP—MSTI Port fields
Field Description
Port The port number of the port for which this entry contains spanning tree information.
BridgeInstance Spanning tree instance to which the information belongs.
PathCost The contribution of this port to the path cost of paths towards the MSTI root which includes this port.
Priority The four most significant bits of the port identifier for a given spanning tree instance can be modified independently for each spanning tree instance supported by the bridge. The values set for port priority must be in steps of 16.
DesignatedRoot The unique bridge identifier of the bridge recorded as the MSTI regional root in the configuration BPDUs transmitted.
DesignatedBridge The unique bridge identifier of the bridge which this port considers to be the designated bridge for the port segment.
DesignatedPort The port identifier of the port on the designated bridge for this port segment.
State Current state of the port as defined by the MSTP. A port which is in forwarding state in one instance can be in discarding (blocking) state in another instance.
ForcePortState Current state of the port which can be changed to either disabled or enabled for the specific spanning tree instance.
DesignatedCost The path cost of the designated port of the segment connected to this port.
Configuring VLANs, Spanning Tree, and Link Aggregation
238 Chapter 4 Configuring spanning tree using Device Manager
Viewing MSTI port statistics
You can view statistics for the MSTI Ports. To view statistics:
1 In Device Manager, go to VLAN > Spanning Tree > MSTP.
The MSTP box appears.
2 In the MSTP box, click the MSTI Port tab.
The MSTP—MSTI Port tab appears (Figure 97 on page 237).
3 Click on a port, and then click Graph.
The MSTI Port Stats window appears (Figure 98 on page 239).
CurrentPortRole Current port role of the port for this spanning tree instance.
EffectivePortState The effective operational state of the port for specific instance. This is true when the port is operationally up at the interface and protocol levels for the specific instance. This is set to false at all other times.
Table 36 MSTP—MSTI Port fields (continued)
Field Description
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 239
Figure 98 MSTI Port.BridgeInstance
Table 37 describes the MSTI Port Stats parameters.
Table 37 MSTI Port Stats
Field Description
ForwardTransitions Number of times this port has transitioned to the forwarding state for this specific instance.
ReceivedBPDUs Number of BPDUs received by this port for this spanning tree instance.
TransmittedBPDUs Number of BPDUs transmitted on this port for this spanning tree instance.
InvalidBPDUsRcvd Number of invalid BPDUs received on this port for this spanning tree instance.
Configuring VLANs, Spanning Tree, and Link Aggregation
240 Chapter 4 Configuring spanning tree using Device Manager
Configuring Rapid Spanning Tree Protocol
Rapid Spanning Tree Protocol (RSTP) reduces the recovery time after a network breakdown. For more information about RSTP, see “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 73.
To configure RSTP, you must first enable it.
For more information about enabling RSTP, see “Choosing the spanning tree mode” on page 211.
This section contains the following topics:
• “Configuring RSTP globally”
• “Configuring RSTP ports” on page 243
• “Viewing RSTP status” on page 245
• “Viewing statistics for RSTP Status” on page 246
Configuring RSTP globally
To configure RSTP globally:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > RSTP.
The RSTP—Globals tab appears (Figure 99 on page 241).
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 241
Figure 99 RSTP—Globals
2 Edit the desired fields.
3 Click Apply.
Configuring VLANs, Spanning Tree, and Link Aggregation
242 Chapter 4 Configuring spanning tree using Device Manager
Table 38 describes the RSTP—Globals tab fields.
Table 38 RSTP—Globals fields
Field Description
PathCostDefault The version of the spanning tree default path costs that are used by this bridge. A value of 8021d1998 indicates the use of the 16 bit default path costs from IEEE Std. 802.1d-1998. A value of stp8021t2001 indicates the use of the 32 bit default path costs from IEEE Std. 802.1t.
TxHoldCount The value used by the port transmit state machine to limit the maximum transmission rate.
Version The version of Spanning Tree Protocol the bridge currently runs. The value stpCompatible indicates that the Spanning Tree Protocol as specified in IEEE 802.1d is in use; rstp indicates that the Rapid Spanning Tree Protocol as specified in IEEE 802.1w is in use.
EnableStp Indicates whether the spanning tree protocol is active in this STG.
Priority The value of the priority field.
BridgeMaxAge The value that all bridges use for MaxAge when this bridge acts as the root.
BridgeHelloTime The value that all bridges use for HelloTime when this bridge acts as the root.
BridgeForwardDelay The value that all bridges use for forward delay when this bridge acts as the root.
DesignatedRoot The unique bridge identifier of the bridge recorded as the root in the configuration BPDUs transmitted by the designated bridge for the segment to which the port is attached.
RootCost The cost of the path to the root from this bridge.
RootPort The port number of the port which offers the lowest cost path from this bridge to the root bridge.
MaxAge The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded, in units of hundredths of a second.
HelloTime The amount of time between the transmission of configuration bridge PDUs by this node on any port when it is the root of the spanning tree (or trying to become the root), in units of hundredths of a second.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 243
Configuring RSTP ports
To configure ports for RSTP, do the following:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > RSTP.
The RSTP—Globals tab appears.
2 In the RSTP box, click the RSTP Ports tab.
The RSTP Ports tab appears (Figure 100 on page 244).
ForwardDelay This time value, measured in units of hundredths of a second, controls how fast a port changes its spanning state when moving towards the forwarding state. The value determines how long the port stays in each of the listening and learning states, which precede the forwarding state. This value is also used when a topology change is detected, and is underway, to age all dynamic entries in the forwarding database.
RstpUpCount The number of times the RSTP module was enabled. A trap is generated on the occurrence of this event.
RstpDownCount The number of times the RSTP module was disabled. A trap is generated on the occurrence of this event.
NewRootIdCount The number of times this bridge detected a root identifier change. A trap is generated on the occurrence of this event.
TimeSinceTopology
Change
The time (in hundredths of a second) since the TcWhile Timer for any port in this bridge was non-zero for Common Spanning Tree.
TopChanges The number of times that there was at least one non-zero TcWhile Timer on this bridge for Common Spanning Tree.
Table 38 RSTP—Globals fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
244 Chapter 4 Configuring spanning tree using Device Manager
Figure 100 RSTP—RSTP Ports tab
3 Use the fields in the RSTP Ports box to configure the RSTP ports.
4 Click Apply.
Table 39 describes the fields for RSTP—RSTP Ports.
Table 39 RSTP—RSTP Ports tab fields
Field Description
Port A unique value, greater than zero, indicating the port number.
Priority The value of the priority field.
PathCost The contribution of this port to the path cost of paths towards the root which includes this port.
ProtocolMigration When operating in RSTP mode, writing true to this object forces this port to transmit RSTP BPDUs. Any other operation on this object has no effect and it returns false when read.
AdminEdgePort The administrative value of the Edge Port parameter. A value of true indicates that this port is an edge-port and a value of false indicates that this port is a non-edge-port.
OperEdgePort The operational value of the Edge Port parameter. The object is initialized to the value of AdminEdgePort and is set false on reception of a BPDU.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 245
Viewing RSTP status
To view RSTP status:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > RSTP.
The RSTP—Globals tab appears.
2 Click the RSTP Status tab.
The RSTP Status box appears (Figure 101 on page 246).
AdminPointToPoint The administrative point-to-point status of the LAN segment attached to this port. A value of forceTrue indicates that this port is treated as if it is connected to a point-to-point link. A value of forceFalse indicates that this port is treated as having a shared media connection. A value of auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full duplex operation, either through auto-negotiation or by management means.
OperPointToPoint The operational point-to-point status of the LAN segment attached to this port. It indicates whether a port is considered to have a point-to-point connection or not. The value is determined by management or by auto-detection, as described in the AdminPointToPoint object.
EnableStp Indicates whether Spanning Tree Protocol is active in this STG.
DesignatedRoot The unique bridge identifier of the bridge recorded as the root in the configuration BPDUs transmitted by the designated bridge for the segment to which the port is attached.
DesignatedCost The path cost of the designated port of the segment connected to this port. This value is compared to the Root Path Cost field in received bridge PDUs.
DesignatedBridge The unique bridge identifier of the bridge which this port considers to be the Designated Bridge for the port segment.
DesignatedPort The port identifier of the port on the designated bridge for this port's segment.
ForwardTransitions Number of times this port has transitioned to the forwarding state for this specific instance.
Table 39 RSTP—RSTP Ports tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
246 Chapter 4 Configuring spanning tree using Device Manager
Figure 101 RSTP Status tab
Table 40 describes the RSTP—RSTP Status tab fields.
Viewing statistics for RSTP Status
You can view statistics for RSTP Status. To view statistics:
1 From the Device Manager menu bar, choose VLAN > Spanning Tree > RSTP > RSTP Status.
2 In the RSTP Status tab, select a port, and then click Graph.
The RSTP Port—RSTP Stats window appears (Figure 102 on page 247).
Table 40 RSTP—RSTP Status fields
Field Description
Port A unique value, greater than zero, indicating the port number.
State The current state of the port as defined by application of the Spanning Tree Protocol. This state controls what action a port takes on reception of a frame.
Role This indicates the current port role assumed by this port.
OperVersion This indicates whether the port is operationally in the RSTP or STP-compatible mode, that is, whether the port transmits RSTP BPDUs or Config/TCN BPDUs.
EffectivePortState The effective operational state of the port. This object is set to true when the port is operationally up in the Interface Manager, and Force Port State for this port and the specified port state is enabled. Otherwise, this object is set to false.
314725-E Rev 00
Chapter 4 Configuring spanning tree using Device Manager 247
Figure 102 RSTP Port—RSTP Stats
Table 41 describes the statistics shown in Figure 102.
Table 41 RSTP Port—RSTP Stats fields
Field Description
RxRstBpduCount The number of RSTP BPDUs that were received on this port.
RxConfigBpduCount The number of configuration BPDUs that were received on this port.
RxTcnBpduCount The number of TCN BPDUs that were received on this port.
TxRstBpduCount The number of RSTP BPDUs that were transmitted by this port.
TxConfigBpduCount The number of Config BPDUs that were transmitted by this port.
TxTcnBpduCount The number of TCN BPDUs that were transmitted by this port.
InvalidRstBpduRxCount The number of invalid RSTP BPDUs that were received on this port. A trap is generated on the occurrence of this event.
InvalidConfigBpduRx
Count
The number of invalid configuration BPDUs that were received on this port. A trap is generated on the occurrence of this event.
Configuring VLANs, Spanning Tree, and Link Aggregation
248 Chapter 4 Configuring spanning tree using Device Manager
InvalidTcnBpduRxCount The number of invalid TCN BPDUs that were received on this port. A trap is generated on the occurrence of this event.
ProtocolMigrationCount The number of times this port has migrated from one STP protocol version to another. The relevant protocols are STP-Compatible and RSTP. A trap is generated on the occurrence of this event.
Table 41 RSTP Port—RSTP Stats fields (continued)
Field Description
314725-E Rev 00
249
Chapter 5Configuring link aggregation using Device Manager
This chapter describes how to configure link aggregation in your network. For conceptual information about link aggregation, see “Link aggregation (MLT, SMLT, LACP, VLACP)” on page 78.
This chapter includes the following topics:
Configuring link aggregation
This section describes how to configure and manage link aggregation, including LACP, VLACP, and multilink trunking. This section includes the following topics:
• “Configuring LACP globally” on page 250
• “Configuring VLACP globally” on page 252
• “Adding a MultiLink/LACP trunk” on page 253
• “Adding ports to a multilink trunk” on page 258
• “Viewing multilink trunk interface statistics” on page 259
• “Viewing multilink trunk Ethernet error statistics” on page 261
• “Managing LACP information” on page 265
• “Configuring a port for LACP” on page 267
• “Configuring a port for Virtual LACP” on page 271
Topic Page
Configuring link aggregation 249
Configuring Split Multilink Trunking 276
Configuring Simple Loop Prevention Protocol 290
Configuring VLANs, Spanning Tree, and Link Aggregation
250 Chapter 5 Configuring link aggregation using Device Manager
• “Viewing LACP statistics” on page 273
Configuring LACP globally
The main purpose of LACP is to manage switch ports and their port memberships to form link aggregation groups (LAG). LACP can dynamically add or remove LAG ports, depending on their availability and states.
To configure Link Aggregation Control Protocol (LACP) globally:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP—LACP Global tab appears (Figure 103 on page 251).
Note: Standby mode for aggregation groups of larger than eight ports is not supported in the current release.
Note: LACP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 251
Figure 103 MLT_LACP—LACP Global tab
2 To enable LACP globally, select Enable.
3 Edit the remaining boxes as desired, or retain the default values.
Table 42 defines the MLT_LACP—LACP Global tab fields.
4 Click Apply.
Note: Configuration changes to the LACP timers are not reflected immediately. LACP timers are not reset until the next time LACP is restarted globally or on a port. This ensures consistency with peer switches.
Table 42 MLT_LACP—LACP Global tab fields
Field Description
Enable Globally enable or disable LACP.
SystemPriority Sets the system priority to all the LACP enabled aggregators and ports.
Configuring VLANs, Spanning Tree, and Link Aggregation
252 Chapter 5 Configuring link aggregation using Device Manager
Configuring VLACP globally
Virtual LACP is an LACP extension that is used for end to end failure detection.VLACP uses the Hello mechanism of LACP to periodically send Hello packets to ensure there is end to end reachability. When Hello packets are not received, VLACP transitions to a failure state, which indicates a service provider failure, and the port is disabled.
To configure Virtual LACP (VLACP) globally:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP box appears (Figure 103 on page 251).
2 Click the VLACP Global tab.
FastPeriodicTime Specifies the number of milliseconds between periodic transmissions using short timeouts. Sets this value to all LACP enabled ports.
FastPeriodicTimeOper The operating value of the fast periodic timer on the port.
SlowPeriodicTime Specifies the number of milliseconds between periodic transmissions using long timeouts. Sets this value to all LACP enabled ports.
SlowPeriodicTimeOper The operating value of the slow periodic timer on the port.
AggrWaitTimeOper The operating value of the aggregate wait timer on the port.
AggrWaitTime Specifies the number of milliseconds to delay aggregation to allow multiple links to aggregate simultaneously.
TimeoutScale Sets the value used to calculate timeout time from the periodic time. Sets this value to all LACP enabled ports. The range is 2 to 10.
TimeoutScaleOper The operating value of the timeout scale on the port.
SmltSysId LACP system ID for split multilink trunks.
Note: VLACP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
Table 42 MLT_LACP—LACP Global tab fields (continued)
Field Description
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 253
The MLT_LACP—VLACP Global tab appears (Figure 104).
Figure 104 VLACP Global
3 Select VlacpEnable. If selected, VLACP is enabled globally.
4 Click Apply.
Adding a MultiLink/LACP trunk
To add a MultiLink/LACP trunk:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP, LACP Global tab appears (Figure 103 on page 251).
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254), displaying multilink trunk information.
Configuring VLANs, Spanning Tree, and Link Aggregation
254 Chapter 5 Configuring link aggregation using Device Manager
Figure 105 MLT_LACP—MultiLink/LACP Trunks
3 In the MultiLink/LACP Trunks box, click Insert.
The MLT_LACP, Insert Multilink/LACP Trunks box (Figure 106 on page 255) appears.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 255
Figure 106 MLT_LACP, Insert MultiLink/LACP Trunks box
4 In the Id text box, type the ID number for the multilink trunk.
5 In the SvlanPortType text box, select normal, uni, or nni.
6 In the PortType section, select access or trunk.
7 In the Name text box, type a name for the multilink trunk, or accept the default name.
8 Select member ports and VLANs for this MLT/LACP trunk:
a In the PortMembers box, click the ellipsis (...), select the desired ports in the MltPortMembers box that appears, and then click Ok.
b In the VlanIds box, click the ellipsis (...), select the desired VLANs in the VlanIds box that appears, and then click Ok.
9 In the MltType section, select normalMLT, istMLT, or splitMLT.
For information about configuring SMLT, see “Adding a MLT-based SMLT” on page 276.
• If splitMLT is chosen, in the SmltID box, enter the SMLT ID number.
Configuring VLANs, Spanning Tree, and Link Aggregation
256 Chapter 5 Configuring link aggregation using Device Manager
10 In the Multicast Distribution box, select enable or disable.
11 Select or clear NtStgEnable.
12 In the Aggregatable box, select enable or disable.
13 Click Insert.
The MLT is added to the MultiLink/LACP Trunks tab in the MLT_LACP box.
Table 43 defines the MultiLink/LACP Trunks tab fields.
Note: Multicast distribution over MLT is supported only on Ethernet Routing Switch 8600 E, M, and R modules. For detailed information about configuring multicast distribution over MLT, see Configuring IP Multicast Routing Protocols.
Table 43 MultiLink/LACP Trunks tab fields
Field Description
Id A value that uniquely identifies the multilink trunk.
SvlanPortType Sets multilink trunk port type:
• normal (default)
• uni (user-to-network interface)You must configure ports to which you want to provide VLAN transparency as UNI ports. UNI ports can only belong to one SVLAN. When you designate a port as a UNI port, the DiscardTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN). This prevents traffic from leaking to other VLANs.
• nni (network-to-network interface)
NNI ports interconnect the switches in the core network, drop untagged frames on ingress, and insert the SVLAN tag at the egress. When you configure an NNI port, the DiscardUnTaggedFrames parameter is automatically configured (Edit > Port > General > VLAN).
PortType Sets access or trunk port. Note: When the aggregatable field is set to enable, this field becomes read-only.
Name The name given to the multilink trunk.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 257
PortMembers The ports assigned to the multilink trunk.
MLT is supported on 10Base-T, 100Base-TX, 100Base-FX, and Gigabit Ethernet ports. All ports in an multilink trunk must be of the same media type (copper or fiber) and have the same settings for speed and duplex. All untagged ports must belong to the same spanning tree group.
For Ethernet Routing Switch 8600 modules, up to eight same-type ports can belong to a single multilink trunk.Note: When the aggregatable field is set to enable, this field becomes read-only.
VlanIds The VLANs to which the ports belong. Note: When the aggregatable field is set to enable, this field becomes read-only.
MltType Editable field for specifying the type of multilink trunk:• normalMLT
• istMLT
• splitMLT
RunningType Split MLT running type.
SmltId The split multilink trunk ID assigned to both ends of the split trunk.Note: The corresponding split multilink trunks between aggregation switches must have the same SMLT ID.
IfIndex Interface index.
Multicast Distribution The multicast distribution state on MLT ports:
• enabled
• disabled (default) Multicast distribution must also be configured on the chassis (Edit > Chassis > Mcast MLT Distribution). For more information, see Configuring IP Routing Multicast Protocols.
Note: Multicast distribution over MLT is supported only on Ethernet Routing Switch 8600 E, M, and R modules.
ClearLinkAggregate Clear link aggregate is equivalent to disabling and re-enabling aggregatable on the MLT.
NtStgEnable Specifies if this multilink trunk is operating in Nortel Mode or in Cisco Mode.
• true—Nortel mode
• false—Cisco mode
Table 43 MultiLink/LACP Trunks tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
258 Chapter 5 Configuring link aggregation using Device Manager
Adding ports to a multilink trunk
To add ports to an existing multilink trunk:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP, LACP Global tab appears.
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Click Insert.
The MLT_LACP, Insert MultiLink/LACP Trunks box (Figure 106 on page 255) appears.
4 Double-click in the PortMembers box for the multilink trunk to which you are adding ports.
The MltPortMembers box (Figure 107 on page 259) appears, showing the ports currently assigned for the selected multilink trunk. Available ports are editable.
DesignatedPort Indicates the designated port for the MLT.
Aggregatable Specifies if link aggregation is enabled or disabled.
AggOperState Link aggregation state on a MLT.
AggTimeofLastOperChange The time value since the interface entered its current operational state.
Table 43 MultiLink/LACP Trunks tab fields (continued)
Field Description
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 259
Figure 107 MltPortMembers box
5 In the MltPortMembers box, click the port numbers to be added, or click All to add all ports to the multilink trunk.
• For Ethernet Routing Switch 8600 modules, up to eight ports can belong to a single multilink trunk.
6 Click Ok.
The MltPortMembers box closes. The port numbers are added to the selected multilink trunk on the MultiLink/LACP Trunks tab in the MLT_LACP box.
7 Click Apply.
The ports are added to the multilink trunk.
Viewing multilink trunk interface statistics
To view multilink trunk interface statistics:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP—LACP Global tab appears (Figure 103 on page 251).
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Select a multilink trunk.
4 Click Graph.
Configuring VLANs, Spanning Tree, and Link Aggregation
260 Chapter 5 Configuring link aggregation using Device Manager
The Statistics, MLT—Interface tab appears (Figure 108), displaying interface statistics for the selected multilink trunk.
Figure 108 Statistics, MLT—Interface tab
Table 44 defines the fields on the Interface tab.
Table 44 Statistics, MLT—Interface tab fields
Field Description
InOctets The total number of octets received on the multilink trunk interface, including framing characters.
OutOctets The total number of octets transmitted out of the multilink trunk interface, including framing characters.
InUcastPkts The number of packets delivered by this multilink trunk to higher level protocols that were not addressed to a multicast or broadcast address at this sublayer.
OutUcastPkts The number of packets that higher level protocols requested be transmitted that were not addressed to a multicast address at this multilink trunk. This total number includes those packets discarded or unsent.
InMulticastPkt The number of packets delivered to this multilink trunk that were addressed to a multicast address at this sublayer. For a MAC layer protocol, this number includes both Group and Functional addresses.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 261
Viewing multilink trunk Ethernet error statistics
To view multilink trunk Ethernet error statistics:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP box appears (Figure 103 on page 251).
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Select a multilink trunk, and then click Graph.
The Statistics, MLT box appears (Figure 108 on page 260).
4 Click the Ethernet Errors tab.
The Ethernet Errors tab (Figure 109 on page 262) appears, displaying statistics.
OutMulticast The total number of packets that higher-level protocols requested be transmitted, and that were addressed to a multicast address at this multilink trunk, including those that were discarded or not sent. For a MAC layer protocol, this number includes both Group and Functional addresses.
InBroadcastPkt The number of packets delivered to this multilink trunk that were addressed to a broadcast address at this sublayer.
OutBroadcast The total number of packets that higher-level protocols requested be transmitted, and that were addressed to a broadcast address at this multilink trunk, including those that were discarded or not sent.
Table 44 Statistics, MLT—Interface tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
262 Chapter 5 Configuring link aggregation using Device Manager
Figure 109 Statistics, MLT—Ethernet Errors tab
Table 45 on page 263 lists and defines the fields on the Ethernet Errors tab.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 263
Table 45 Statistics, MLT—Ethernet Errors tab fields
Field Description
AlignmentErrors A count of frames received on a particular multilink trunk that are not an integral number of octets in length and do not pass the FCS check. The count represented by an instance of this object increments when the alignmentError status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC.
FCSErrors A count of frames received on a multilink trunk that are an integral number of octets in length but do not pass the Frame Check Sequence (FCS) check. The count represented by an instance of this object increments when the FrameCheckError status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC.
IMacTransmitError A count of frames for which transmission on a particular multilink trunk fails due to an internal MAC sublayer transmit error. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the LateCollisions object, the ExcessiveCollisions object, or the CarrierSenseErrors object.
IMacReceiveError A count of frames for which reception on a particular multilink trunk fails due to an internal MAC sublayer receive error. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the FrameTooLongs object, the AlignmentErrors object, or the FCSErrors object.
The precise meaning of the count represented by an instance of this object is implementation specific. In particular, an instance of this object can represent a count of receive errors on a particular interface that are not otherwise counted.
CarrierSenseError The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame on a particular multilink trunk. The count represented by an instance of this object increments at most once per transmission attempt, even if the carrier sense condition fluctuates during a transmission attempt.
Configuring VLANs, Spanning Tree, and Link Aggregation
264 Chapter 5 Configuring link aggregation using Device Manager
FrameTooLong A count of frames received on a particular multilink trunk that exceeds the maximum permitted frame size. The count represented by an instance of this object increments when the frameTooLong status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC.
SQETestError A count of times that the SQE test error message is generated by the PLS sublayer for a particular multilink trunk. The SQE test error message is defined in section 7.2.2.2.4 of ANSI/IEEE 802.3-1985.
DeferredTransmiss A count of frames for which the first transmission attempt on a particular multilink trunk is delayed because the medium is busy. The count represented by an instance of this object does not include frames involved in collisions.
SingleCollFrames A count of successfully transmitted frames on a particular multilink trunk for which transmission is inhibited by exactly one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts object, the ifOutMulticastPkts object, or the ifOutBroadcastPkts object, and is not counted by the corresponding instance of the MultipleCollisionFrames object.
MultipleCollFrames A count of successfully transmitted frames on a particular multilink trunk for which transmission is inhibited by more than one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts object, the ifOutMulticastPkts object, or the ifOutBroadcastPkts object, and is not counted by the corresponding instance of the SingleCollisionFrames object.
LateCollisions The number of times that a collision is detected on a particular multilink trunk later than 512 bit-times into the transmission of a packet; 512 corresponds to 51.2 microseconds on a 10 Mb/s system. A (late) collision included in a count represented by an instance of this object is also considered as a (generic) collision for purposes of other collision-related statistics.
ExcessiveCollis A count of frames for which transmission on a particular multilink trunk fails due to excessive collisions.
Table 45 Statistics, MLT—Ethernet Errors tab fields (continued)
Field Description
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 265
Managing LACP information
To manage LACP information:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP, LACP Global tab appears (Figure 103 on page 251).
2 Click the LACP tab.
The LACP tab appears (Figure 110), displaying multilink trunk information.
Figure 110 MLT_LACP—LACP tab
Table 46 defines the LACP tab fields.
3 Click on the fields to edit them. Some fields cannot be edited, as noted in Table 46.
4 Click Apply.
Note: Standby mode for aggregation groups of larger than eight ports is not supported in the current release.
Table 46 MLT_LACP—LACP tab fields
Field Description
Index The unique identifier allocated to this aggregator by the local system. This attribute identifies an aggregator instance among the subordinate managed objects of the containing object. This value is read-only.
MACAddress The six octet read-only value carrying the individual MAC address assigned to the aggregator.
Configuring VLANs, Spanning Tree, and Link Aggregation
266 Chapter 5 Configuring link aggregation using Device Manager
ActorSystemPriority The two octet read-write value indicating the priority value associated with the actor's system ID.
ActorSystemID The six octet read-write MAC address value used as a unique identifier for the system that contains this aggregator.
Note: From the perspective of the link aggregation mechanisms, only a single combination of actor system ID and system priority are considered, and no distinction is made between the values of these parameters for an aggregator and the ports that are associated with it; that is, the protocol is described in terms of the operation of aggregation within a single system. However, the managed objects provided for the aggregator and the port both allow management of these parameters. The result of this is to permit a single piece of equipment to be configured by management to contain more than one system from the point of view of the operation of link aggregation. This can be of particular use in the configuration of equipment that has limited aggregation capability.
AggregateOrIndividual A read-only value indicating whether the aggregator represents an aggregate (true) or an individual link (false)
ActorAdminKey The current administrative value of the key for the aggregator. The administrative key value can differ from the operational key value. This is a 16 bit read-write value. The meaning of particular key values is of local significance.
ActorOperKey The current operational value of the key for the aggregator. The administrative key value can differ from the operational key value. This is a 16 bit read-only value. The meaning of particular key values is of local significance.
PartnerSystemID The six octet read-only MAC address value consisting of the unique identifier for the current protocol partner of this aggregator. A value of zero indicates that there is no known partner. If the aggregation is manually configured, this system ID value is a value assigned by the local system.
PartnerSystemPriority The two octet read-only value that indicates the priority value associated with the partner system ID. If the aggregation is manually configured, this system priority value is a value assigned by the local System.
PartnerOperKey The current operational value of the key for the aggregator current protocol partner. This is a 16 bit read-only value. If the aggregation is manually configured, this key value is a value assigned by the local system.
Table 46 MLT_LACP—LACP tab fields (continued)
Field Description
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 267
Configuring a port for LACP
To configure a port for LACP:
1 Select a port.
2 From the Device Manager menu bar, choose Edit > Port > General.
The Port—Interface tab appears.
3 Click the LACP tab.
The Port—LACP tab appears (Figure 111), displaying multilink trunk information.
Figure 111 Port—LACP tab
Table 47 on page 268 defines the Port—LACP tab fields.
4 Select AdminEnable.
5 Edit the remaining boxes as desired.
Configuring VLANs, Spanning Tree, and Link Aggregation
268 Chapter 5 Configuring link aggregation using Device Manager
6 Click Apply.
Table 47 Port—LACP tab fields
Field Description
AdminEnable Sets the enabled status for LACP for the port.
OperEnable Indicates the operational status of LACP for the port.
FastPeriodicTime Specifies the number of milliseconds between periodic transmissions using short timeouts. Set this value to all LACP enabled ports.
FastPeriodicTimeOper The operating value of the fast periodic timer on the port.
SlowPeriodicTime Specifies the number of milliseconds between periodic transmissions using long timeouts. Set this value to all LACP enabled ports.
SlowPeriodicTimeOper The operating value of the slow periodic timer on the port.
AggrWaitTime Specifies the number of milliseconds to delay aggregation to allow multiple links to aggregate simultaneously.
AggrWaitTimeOper The operating value of the aggregate wait timer on the port.
TimeoutScale Sets the value used to calculate timeout time from the periodic time. Set this value to all LACP enabled ports.
TimeoutScaleOper The operating value of the timeout scale on the port.
ActorSystemPriority The two octet read-write value indicating the priority value associated with the actor system ID.
ActorSystemID The six octet read-write MAC address value used as a unique identifier for the system that contains this aggregator. Note: From the perspective of the link aggregation mechanisms, only a single combination of actor system ID and system priority are considered, and no distinction is made between the values of these parameters for an aggregator and the ports that are associated with it; that is, the protocol is described in terms of the operation of aggregation within a single system. However, the managed objects provided for the aggregator and the port both allow management of these parameters. The result of this is to permit a single piece of equipment to be configured by management to contain more than one system from the point of view of the operation of link aggregation. This can be of particular use in the configuration of equipment that has limited aggregation capability.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 269
ActorAdminKey The current administrative value of the key for the aggregator. The administrative key value can differ from the operational key value. This is a 16-bit read-write value. The meaning of particular key values is of local significance.
ActorOperKey The current operational value of the key for the aggregator. The administrative key value can differ from the operational key value. This is a 16-bit read-only value. The meaning of particular key values is of local significance.
SelectedAggID The identifier value of the aggregator that this aggregation port has currently selected. Zero indicates that the aggregation port has not selected an aggregator, either because it is in the process of detaching from an aggregator or because there is no suitable aggregator available for it to select. This value is read-only.
AttachedAggID The identifier value of the aggregator to which this aggregation port is currently attached. Zero indicates that the aggregation port is not currently attached to an aggregator. This value is read-only.
ActorPort The port number locally assigned to the aggregation port. The port number is communicated in LACPDUs as the Actor_Port. This value is read-only.
ActorPortPriority The priority value assigned to this aggregation port. This 16-bit value is read-write.
ActorAdminState A string of eight bits, corresponding to the administrative values as transmitted by the actor in LACPDUs. The values are:• the first bit corresponds to bit 0 of Actor_State
(LACP_Activity)
• the second bit corresponds to bit 1 (LACP_Timeout)• the third bit corresponds to bit 2 (Aggregation)
• the fourth bit corresponds to bit 3 (Synchronization)
• the fifth bit corresponds to bit 4 (Collecting)• the sixth bit corresponds to bit 5 (Distributing)
• the seventh bit corresponds to bit 6 (Defaulted)
• the eighth bit corresponds to bit 7 (Expired)These values allow administrative control over the values of LACP_Activity, LACP_Timeout and aggregation. This attribute value is read-write.
ActorOperState A string of eight bits, corresponding to the current operational values of Actor_State as transmitted by the actor in LACPDUs. This attribute value is read-only.
Table 47 Port—LACP tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
270 Chapter 5 Configuring link aggregation using Device Manager
PartnerAdminSystemPriority The current administrative value of the port number for the protocol Partner. This is a 16 bit read-write value. The assigned value is used, along with the value of PartnerAdminSystemPriority, PartnerAdminSystemID, PartnerAdminKey, and PartnerAdminPortPriority, to achieve manually configured aggregation.
PartnerOperSystemPriority A two octet read-only value indicating the operational value of priority associated with the partner system ID. The value of this attribute can contain the manually configured value carried in PartnerAdminSystemPriority if there is no protocol partner.
PartnerAdminSystemID A six octet read-write MAC address value representing the administrative value of the aggregation port protocol partner's system ID. The assigned value is used, along with the value of PartnerAdminSystemPriority, PartnerAdminKey, PartnerAdminPort, and PartnerAdminPortPriority, to achieve manually configured aggregation.
PartnerOperSystemID A six octet read-only MAC address value representing the current value of the aggregation port's protocol partner system ID. A value of zero indicates that there is no known protocol partner. The value of this attribute can contain the manually configured value carried in PartnerAdminSystemID if there is no protocol partner.
PartnerAdminKey The current administrative value of the key for the protocol partner. This is a 16 bit read-write value. The assigned value is used, along with the value of PartnerAdminSystemPriority, PartnerAdminSystemID, PartnerAdminPort, and PartnerAdminPortPriority, to achieve manually configured aggregation.
PartnerOperKey The current operational value of the key for the aggregator current protocol partner. This is a 16-bit read-only value. If the aggregation is manually configured, this key value is a value assigned by the local system.
PartnerAdminPort The current administrative value of the port number for the protocol partner. This is a 16 bit read-write value. The assigned value is used, along with the value of PartnerAdminSystemPriority, PartnerAdminSystemID, PartnerAdminKey, and PartnerAdminPortPriority, to achieve manually configured aggregation.
Table 47 Port—LACP tab fields (continued)
Field Description
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 271
Configuring a port for Virtual LACP
VLACP is an extension to LACP which you can use to detect end-to-end failure. To configure a port for VLACP:
1 Select a port.
2 From the Device Manager menu bar, choose Edit > Port > General.
The Port—Interface tab appears.
3 Click the VLACP tab.
The Port—VLACP tab appears (Figure 112 on page 272).
PartnerOperPort The operational port number assigned to this aggregation port by the aggregation port's protocol partner. The value of this attribute can contain the manually configured value carried in AggPortPartnerAdminPort if there is no protocol partner. This 16 bit value is read-only.
PartnerAdminPortPriority The current administrative value of the port priority for the protocol Partner. This is a 16 bit read-write value. The assigned value is used, along with the value of PartnerAdminSystemPriority, PartnerAdminSystemID, PartnerAdminKey, and PartnerAdminPort, to achieve manually configured aggregation.
PartnerOperPortPriority The priority value assigned to this aggregation port by the partner. The value of this attribute can contain the manually configured value carried in PartnerAdminPortPriority if there is no protocol Partner. This 16 bit value is read-only.
PartnerAdminState A string of 8 bits, corresponding to the current administrative value of Actor_State for the protocol partner. This attribute value is read-write. The assigned value is used to achieve manually configured aggregation.
PartnerOperState A string of eight bits, corresponding to the current values of Actor_State in the most recently received LACPDU transmitted by the protocol Partner. In the absence of an active protocol partner, this value can reflect the manually configured value PartnerAdminState. This attribute value is read-only.
Table 47 Port—LACP tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
272 Chapter 5 Configuring link aggregation using Device Manager
Figure 112 Port—VLACP tab
Table 48 defines the Port—VLACP tab fields.
4 Select AdminEnable.
5 Edit the remaining fields as desired.
6 Click Apply.
Table 48 Port—VLACP tab fields
Field Description
AdminEnable Sets the enabled status for VLACP for the port.
OperEnable Indicates the operational status of VLACP for the port.
FastPeriodicTimer Specifies the number of milliseconds between periodic transmissions using short timeouts. Sets this value to all VLACP enabled ports.
SlowPeriodicTimer Specifies the number of milliseconds between periodic transmissions using long timeouts. Set this value to all VLACP enabled ports.
Timeout The timeout control value. It is long or short timeout.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 273
Viewing LACP statistics
To view LACP statistics for a particular port:
1 Select a port.
2 From the Device Manager menu bar, choose Graph > Port.
The Graph Port—Interface tab appears (Figure 113 on page 274).
TimeoutScale Sets the value used to calculate timeout time from the periodic time. Sets this value to all VLACP enabled ports. Timeout = PeriodicTime * TimeoutScale. The range is from 2 to 10.
EtherType The VLACP protocol identification. The ID is in hexadecimal.
EtherMacAddress The multicast MAC address exclusively used for VLACPDUs.
PortState Specifies the VLACP port state.
Table 48 Port—VLACP tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
274 Chapter 5 Configuring link aggregation using Device Manager
Figure 113 Graph Port—Interface tab
3 Click the LACP tab.
The LACP tab appears (Figure 114), displaying LACP statistics.
Figure 114 Graph Port—LACP tab
4 You can change the Poll Interval if desired.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 275
Table 49 defines the Graph Port—LACP tab fields.
Table 49 Graph Port—LACP tab fields
Field Description
LACPDUsRx The number of valid link aggregation control protocol data units (LACPDU) received on this aggregation port.
MarkerPDUsRx The number of valid marker PDUs received on this aggregation port.
MarkerResponsePDUsRx The number of valid marker response PDUs received on this aggregation port.
UnknownRx The number of frames received that either:
• carry Slow Protocols Ethernet type values, but contain an unknown PDU.
• are addressed to the Slow Protocols group MAC Address, but do not carry the Slow Protocols Ethernet Type.
IllegalRx The number of frames received that carry the Slow Protocols Ethernet Type value (43B.4), but contain a badly formed PDU or an illegal value of Protocol Subtype (43B.4).
LACPDUsTx The number of LACPDUs transmitted on this aggregation port.
MarkerPDUsTx The number of marker PDUs transmitted on this aggregation port.
MarkerResponsePDUsTx The number of marker response PDUs transmitted on this aggregation port.
Configuring VLANs, Spanning Tree, and Link Aggregation
276 Chapter 5 Configuring link aggregation using Device Manager
Configuring Split Multilink Trunking
This section describes how to use Device Manager to configure Split MultiLink Trunking (SMLT) and includes the following topics:
• “Adding a MLT-based SMLT”
• “Viewing MLT-based SMLTs” on page 278
• “Adding ports to an MLT-based SMLT” on page 279
• “Configuring an IST multilink trunk” on page 280
• “Viewing IST statistics” on page 283
• “Configuring a single port split multilink trunk” on page 286
• “Viewing Single Port SMLTs” on page 288
• “Deleting a Single Port SMLT” on page 289
Adding a MLT-based SMLT
If you are configuring SMLT, you do not need to create a multilink trunk before creating an SMLT. You can create an SMLT by selecting the multilink trunk type as split multilink trunk and then specifying an SMLT ID.
To add an MLT-based split multilink trunk:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The MLT_LACP box appears (Figure 103 on page 251).
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Click Insert.
The MultiLink/LACP, Insert MultiLink/LACP Trunks box (Figure 106 on page 255) appears.
Note: Routed SMLT, or RSMLT, is a Layer 3 protocol whereas SMLT is a Layer 2 protocol. SMLT is described in this document, and RSMLT is described in the document Configuring IP Routing Operations.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 277
4 In the Id box, the next available MLT ID is displayed. You can use this ID or type an available MLT ID number.
5 In the SvlanPortType box, select normal.
6 In the PortType box, select Access or Trunk.
7 In the Name box, type a name to identify the MLT-based split multilink trunk port.
8 In the PortMembers box, click the ellipsis (...).
The MltPortMembers box appears, displaying the available ports.
9 Click the ports you want to include in the MLT-based split multilink trunk.
• For Ethernet Routing Switch 8600 modules, up to eight same-type ports can belong to a multilink trunk.
10 Click Ok.
The MltPortMembers box closes and the ports are added to the PortMembers box on the Insert MultiLink Trunks tab.
11 In the VlanIds box, click the ellipsis (...).
The VlanIds box appears, displaying the available VLANs.
12 Select the VLAN IDs for the MLT-based split multilink trunk port, and then click Ok.
The VlanIds box closes and the VLANs are added to the VlanIds box in the MLT, Insert Trunks box.
13 In the MltType box, select splitMLT.
The SmltId box becomes editable.
14 In the SmltId box, type an unused SMLT ID.
To view the SMLT IDs currently in use on the switch, see “Viewing Single Port SMLTs” on page 288.
Note: The corresponding split multilink trunks between aggregation switches must have matching SMLT IDs. The same ID number must be used on both switches.
Configuring VLANs, Spanning Tree, and Link Aggregation
278 Chapter 5 Configuring link aggregation using Device Manager
15 Click Insert.
The Insert MultiLink/LACP Trunks box closes, and the new MLT-based split multilink trunk appears in the MultiLink/LACP Trunks tab.
16 On the MultiLink/LACP Trunks tab, click Close.
The MLT-based split multilink trunk is added.
Viewing MLT-based SMLTs
To view the MLT-based split multilink trunks configured on your switch:
1 From the menu bar, choose VLAN > SMLT.
The SMLT box appears (Figure 121 on page 288).
2 Click the SMLT Info tab.
The SMLT Info tab appears with all the configured MLT-based split multilink trunks displayed (Figure 115 on page 279).
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 279
Figure 115 SMLT—SMLT Info tab
Table 50 describes the fields on the SMLT Info tab.
Adding ports to an MLT-based SMLT
To add ports to an existing MLT-based split multilink trunk:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The LACP Global tab appears (Figure 103 on page 251).
Table 50 SMLT Info tab fields
Field Description
Id Read-only field displaying the MLT ID for this split multilink trunk.
SmltId The MLT-based split multilink trunk ID number.
MltType Editable field for specifying the type of multilink trunk:
• normalMLT
• istMLT• splitMLT
RunningType Read-only field displaying the MLT operational type:
• normalMLT• istMLT
• splitMLT
Configuring VLANs, Spanning Tree, and Link Aggregation
280 Chapter 5 Configuring link aggregation using Device Manager
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Double-click the PortMembers box for the MLT-based split multilink trunk to which you are adding ports.
The MltPortMembers box (Figure 107 on page 259) appears for the specified SMLT ID. Available ports are editable.
4 Select the port numbers to be added, or click All to select all ports.
• For Ethernet Routing Switch 8600 modules, up to eight same-type ports can belong to a single multilink trunk.
5 Click Ok.
The MltPortMembers box closes and the ports are added to the Port Members box on the MultiLink Trunks tab.
6 On the MultiLink/LACP Trunks tab, click Apply.
The ports are added to the MLT-based split multilink trunk.
Configuring an IST multilink trunk
To configure an IST multilink trunk:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The LACP Global tab appears (Figure 103 on page 251).
2 Click the MultiLink/LACP Trunks tab.
The MultiLink/LACP Trunks tab appears (Figure 105 on page 254).
3 Click Insert.
The MLT_LACP, Insert Multilink/LACP Trunks box (Figure 106 on page 255) appears.
4 In the PortMembers box for the IST multilink trunk, click the ellipsis (...).
The MltPortMembers box appears, displaying the available ports.
5 Click the ports you want to include in the IST multilink trunk.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 281
6 Click Ok.
The MltPortMembers box closes and the ports are added to the PortMembers box for the IST multilink trunk in the Insert MultiLink Trunks tab.
7 In the MltType box, select istMLT.
8 In the PortType box, select trunk.
9 Configure the remaining boxes as required.
10 Click Insert.
The IST MLT box appears (Figure 116).
Figure 116 IST MLT
11 Enter the peer IP address and the VLAN ID.
12 Select enable, then click Apply.
The IST is added to the MLT_LACP box.
13 Disable CP-Limit on the port using the CLI command:
config ethernet <slot/port> cp-limit disable
The IST multilink trunk is configured. For more information, see ““CP Limit and SMLT interswitch trunking” on page 112 and “Configuring CP-Limit for an IST” on page 459.
Configuring VLANs, Spanning Tree, and Link Aggregation
282 Chapter 5 Configuring link aggregation using Device Manager
Table 51 describes the IST multilink trunk fields.
Editing an IST
To edit an existing IST, use the following procedure.
1 In Device Manager, go to VLAN > MLT/LACP > MultiLink/LACP Trunks.
2 In the MLT_LACP box, select the IST.
3 Click IstMlt.
The IST MLT box (Figure 117) appears. For field definitions, see Table 51 on page 282.
Figure 117 IST MLT
4 In the PeerIp box, enter the peer IP address.
5 In the VlanId box, enter a VLAN ID.
Table 51 Ist multilink trunk fields
Field Description
PeerIp IST multilink trunk peer IP address.
VlanId An IST VLAN ID number.
SessionEnable Enable/disable IST functionality.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 283
6 In the SessionEnable box, select either enable or disable.
7 Click Apply.
The IST MLT box closes and the changes are applied.
Viewing IST statistics
To view IST statistics on an interface:
1 From the Device Manager menu bar, choose VLAN > MLT/LACP.
The LACP Global tab appears (Figure 103 on page 251).
2 Click the Ist/SMLT Stats tab.
The Ist/SMLT Stats tab appears (Figure 118 on page 284).
Configuring VLANs, Spanning Tree, and Link Aggregation
284 Chapter 5 Configuring link aggregation using Device Manager
Figure 118 Ist/SMLT Stats tab
Table 52 describes the Ist/SMLT statistics.
Table 52 MLT_LACP—Ist/SMLT Stats tab fields
Field Description
SmltIstDownCnt The number of IST down messages.
SmltHelloTxMsgCnt The number of hello messages transmitted.
SmltHelloRxMsgCnt The number of hello messages received.
SmltLearnMacAddrTxMsgCnt The number of learn MAC address messages transmitted.
SmltLearnMacAddrRxMsgCnt The number of learn MAC address messages received.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 285
SmltMacAddrAgeOutTxMsgCnt The number of MAC address aging out messages transmitted.
SmltMacAddrAgeOutRxMsgCnt The number of MAC address aging out messages received.
SmltMacAddrAgeExpTxMsgCnt The number of MAC address age expired messages transmitted.
SmltMacAddrAgeExpRxMsgCnt The number of MAC address age expired messages received.
SmltStgInfoTxMsgCnt The number of SMLT STG info messages transmitted.
SmltStgInfoRxMsgCnt The number of SMLT STG info messages received.
SmltDelMacAddrTxMsgCnt The number of deleted MAC address messages transmitted.
SmltDelMacAddrRxMsgCnt The number of deleted MAC address messages received.
SmltSmltDownTxMsgCnt The number of SMLT down messages transmitted.
SmltSmltDownRxMsgCnt The number of SMLT down messages received.
SmltSmltUpTxMsgCnt The number of SMLT up messages transmitted.
SmltSmltUpRxMsgCnt The number of SMLT up messages received.
SmltSendMacTblTxMsgCnt The number of send MAC table messages transmitted.
SmltSendMacTblRxMsgCnt The number of send MAC table messages received.
SmltIgmpTxMsgCnt The number of IGMP messages transmitted.
SmltIgmpRxMsgCnt The number of IGMP messages received.
SmltPortDownTxMsgCnt The number of port down messages transmitted.
SmltPortDownRxMsgCnt The number of port down messages received.
SmltReqMacTblTxMsgCnt The number of request MAC table messages transmitted.
SmltReqMacTblRx MsgCnt The number of request MAC table messages received.
SmltRxUnknownMsgTypeCnt The number of unknown SMLT messages received.
Table 52 MLT_LACP—Ist/SMLT Stats tab fields (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
286 Chapter 5 Configuring link aggregation using Device Manager
Configuring a single port split multilink trunk
Ports that are already configured as MLT or MLT-based split multilink trunks cannot be configured as a single port split multilink trunk. You must first remove the split trunk and then reconfigure the ports as a single port split multilink trunk.
LACP is supported on single port split multilink trunks.
To configure a single port split multilink trunk:
1 From the Device Manager main window, select the port.
The port is highlighted.
2 From the menu bar, choose Edit > Port > General.
The Port box appears.
3 Click the SMLT tab.
The Port—SMLT tab (Figure 119) appears.
Figure 119 Port—SMLT tab
4 Click Insert.
The Insert SMLT box appears (Figure 120 on page 287).
Note: The SMLT tab indicates if this port is already configured as MLT or MLT-based SMLT. If so, you cannot configure Single Port SMLT.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 287
Figure 120 Port, Insert SMLT
5 In the SmltId box, enter an unused SMLT ID number.
To view the SMLT IDs that are already in use on your switch, see “Viewing Single Port SMLTs” on page 288.
6 Click Insert.
A warning message appears, informing you that the spanning tree protocol has been disabled while configuring the port with SMLT.
7 Click Ok.
The Insert SMLT box closes and the ID is entered.
Table 53 Port SMLT tab fields
Field Description
Port The slot/port number for the port.
MltId Read-only field, displaying one of the following:
• A value of 1 to 32 (or 128 for R modules in R mode) indicates that the port is part of an multilink trunk, and Single Port SMLT cannot be configured on this port.
• A value of 0 indicates that no multilink trunk is assigned, and the port can be configured for Single Port SMLT.
SmltId The split multilink trunk ID.
• A read-only field indicates the port Single Port SMLT ID assignment.
• A blank field indicates the port is not configured for Single Port SMLT. Find an unused SMLT ID by viewing the currently used IDs. See “Viewing Single Port SMLTs” on page 288.
Configuring VLANs, Spanning Tree, and Link Aggregation
288 Chapter 5 Configuring link aggregation using Device Manager
Viewing Single Port SMLTs
To view the single port split multilink trunks configured on your switch:
➨ From the menu bar, choose VLAN > SMLT.
The SMLT box appears, and shows the single port split multilink trunks currently configured on your switch (Figure 121).
Figure 121 SMLT—Single Port SMLT
Table 54 describes the fields on the Single Port SMLT tab.
Table 54 SMLT—Single Port SMLT tab fields
Field Description
Port Read-only field that shows the port interface index number.
SmltId The ID number of the single port split multilink trunk.
RunningType Read-only field that shows the port operational type:• normalMLT
• istMLT
• splitMLT
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 289
Deleting a Single Port SMLT
To delete a single port split multilink trunk:
1 From the Device Manager main window, select the port.
The port is highlighted.
2 From the menu bar, choose Edit > Port > General.
The Port box appears.
3 Click the SMLT tab.
The Port—SMLT tab (Figure 122) appears, displaying the Single Port SMLT ID.
Figure 122 Deleting a Single Port SMLT
4 Select the single port split multilink trunk.
The single port split multilink trunk is highlighted.
5 Click Delete, and then click Close.
The single port split multilink trunk is deleted.
Configuring VLANs, Spanning Tree, and Link Aggregation
290 Chapter 5 Configuring link aggregation using Device Manager
Configuring Simple Loop Prevention Protocol
Simple Loop Prevention Protocol (SLPP) is used at the edge of a network to prevent loops in a SMLT network if Spanning Tree is not used.
This section describes how to configure Simple Loop Prevention Protocol (SLPP), and includes the following topics:
• “Configuring SLPP globally”
• “Configuring the SLPP by VLAN” on page 291
• “Configuring the SLPP by port” on page 293
Configuring SLPP globally
To configure Simple Loop Prevention Protocol (SLPP) globally:
1 From the Device Manager menu bar, select VLAN > SLPP.
The Slpp box appears with the Global tag open (Figure 123).
Figure 123 SLPP—Global
Table 55 on page 291 describes the fields on the SLPP Global tab fields.
Note: SLPP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 291
2 Select GlobalEnable.
3 In the TransmissionInterval box, enter a value for the time interval for loop detection.
4 In the EtherType box, enter the SLPP protocol value as a hexadecimal number.
5 Click Apply.
Configuring the SLPP by VLAN
1 From the Device Manager menu bar, select VLAN > SLPP.
The Slpp box appears with the Global tag open (Figure 123 on page 290).
2 Click the VLANS tab.
The VLANS tab appears (Figure 124).
Figure 124 Slpp—VLANS tab
3 Click Insert.
The Slpp, Insert VLANS box appears (Figure 125 on page 292).
Table 55 SLPP—Global tab fields
Field Description
GlobalEnable Globally enables or disables SLPP.
TransmissionInterval Sets the interval (in seconds) for which loop detection occurs. The range is 500 to 5000 s, and the default is 500 s.
Ether Type Specifies the SLPP protocol identification. This value is expressed in hexadecimal.
Configuring VLANs, Spanning Tree, and Link Aggregation
292 Chapter 5 Configuring link aggregation using Device Manager
Figure 125 Slpp, Insert VLANS
Table 56 on page 293 describes the Slpp, Insert VLANS tab fields.
4 Click the VlanID ellipsis (...).
The VlanId box appears (Figure 126).
Figure 126 Slpp—Insert VlanId
5 Select the desired VLAN ID.
6 Click Ok.
7 Select SlppEnable.
8 Click Insert.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 293
The ID and status of the selected VLAN appears in the Slpp—VLANS box (Figure 124 on page 291).
Configuring the SLPP by port
To configure SLPP by port:
1 From the Device Manager menu bar, select VLAN > SLPP.
The Slpp box appears with the Global tag open (Figure 123 on page 290).
2 Click the Ports tab.
The Slpp—Ports tab appears displaying all available ports (Figure 127 on page 294).
Table 56 SLPP, Insert VLANS fields
Field Description
VlanId Specifies the VLAN.
SlppEnable Enables SLPP on the selected VLAN. The SLPP packet transmission and reception process is active only when the SLPP operation is enabled. When the SLPP operation is disabled, no SLPP packet is sent, and any received SLPP packet is discarded.
Configuring VLANs, Spanning Tree, and Link Aggregation
294 Chapter 5 Configuring link aggregation using Device Manager
Figure 127 Slpp—Ports tab
3 Click the SlppEnable box for the desired port and select true to enable SLPP.
4 Click Apply.
The ID and status of selected VLAN appears in the Slpp—VLANS dialog box (Figure 124 on page 291).
Table 57 describes the Slpp, Ports tab fields.
Table 57 Slpp—Ports tab fields
Field Description
IfIndex Specifies the interface index number for a port.
PktRxThreshold Specifies the threshold for packet reception from 1 to 20. After a port reaches the packet threshold, it is disabled.
SlppEnable Enables SLPP on the selected IfIndex.
IncomingVlanId VLAN ID of the classified packet on a port disabled by SLPP.
SrcNodeType Specifies the source node type of the received SLPP packet.
314725-E Rev 00
Chapter 5 Configuring link aggregation using Device Manager 295
Configuring VLANs, Spanning Tree, and Link Aggregation
296 Chapter 5 Configuring link aggregation using Device Manager
314725-E Rev 00
297
Chapter 6Configuring multiple DSAP and SSAP using Device Manager
With the Ethernet Routing Switch 8600, you can configure multiple DSAPs or SSAPs for SNA or user-defined VLAN types. The base implementation of the SNA VLAN allows SNA 802.2 traffic to be classified into a SNA VLAN based on a 0x04 destination SAP or 0x04 source SAP. Some applications require changing these classifications to DSAP or SSAP.
You can support any user-defined VLANs with multiple SSAPs and DSAPs. For example, you can add 31 additional protocol IDs or DSAP/SSAP values, for a total of 32, when you create a SNA 802.2 VLAN or a user-defined VLAN, or when you reconfigure a SNA 802.2 VLAN or a user-defined VLAN.
This chapter describes how to configure multiple DSAPs and SSAPs per VLAN and includes the following topics:
Note: Hardware record usage increases considerably when you configure multiple DSAPs or SSAPs for SNA or user-defined VLAN types. For more information, see “Design aspects” on page 298.
Topic Page
Design aspects 298
Configuring multiple DSAPs and SSAPs per VLAN 300
Configuring VLANs, Spanning Tree, and Link Aggregation
298 Chapter 6 Configuring multiple DSAP and SSAP using Device Manager
Design aspects
You can configure multiple DSAPs or SSAPs for SNA or user-defined VLAN types using the CLI or Device Manager. Regardless of your configuration tool, you must first create the SNA or user-defined VLAN, and then add the DSAPs or SSAPs for this VLAN.
For user-defined VLANs, DSAP/SSAP additions can only be applied to VLANs created without any specific encapsulation type or to VLANs with an encapsulation type of LLC. The addition of DSAP/SSAP is not allowed on user-defined VLANs created with an encapsulation type of Ethernet-ii or SNAP.
For each SNA802.2 VLAN, including 31 additional DSAP/SSAP values, 256 records are created, including:
• 8 IEEE VLAN records
• 31 * 8 = 248 protocol ID records.
In this case the default 0x04 records is always created on the switch.
For each user-defined VLAN created with no encapsulation specified, a total of 280 records are created, including:
• 8 IEEE VLAN records
• 3 * 8 = 24 protocol ID records for the base protocol ID (specified during VLAN creation). One record of each type—LLC, Ethernet-ii and SNAP—is created in this case.
• 31 * 8 = 248 protocol ID records for the additional DSAP/SSAP added
For each user-defined VLAN created with encapsulation set to LLC, 264 hardware records are created, including:
• 8 IEEE VLAN records
• 1 * 8 = 8 protocol ID records for the base protocol ID (specified during VLAN creation). Only the LLC record is created in this case.
• 31 * 8 = 248 protocol ID records for the additional DSAP/SSAP added
314725-E Rev 00
Chapter 6 Configuring multiple DSAP and SSAP using Device Manager 299
Nortel does not recommend using more than 10 of the user-defined VLANs, including 32 DSAP/SSAP values, due to the extensive hardware record usage which can affect overall system scalability.
You can check for hardware record availability by executing the CLI command show/sys/record-reservation.
There is only one SNA VLAN allowed on an individual port. DSAP/SSAP values can be configured provided they are not the same as the reserved values listed (see Table 58).
An exception is 0x0800, which can be configured with the encapsulation set to Logical Link Control (LLC).
Table 58 DSAP/SSAP values
Protocol name Etype DSAP SSAP OUI PID
IP_ii 0x0800
ARP_ii 0x0806
RARP_ii 0x8035
IPX(old)_iiIPX_ii
0x81370x8138
IPX(old)_SNAP
IPX_SNAP
0x000000
0x000000
0x813
70x813
8
IPX_802.3 0xE0 0xE0
IPX_802.3 0xFF 0xFF
APPLE_ii
APPLE_SNAP
0x809B
0X80F3 0x08000
7
0x809B
0x80F
3
DEC_LAT 0x6004
Configuring VLANs, Spanning Tree, and Link Aggregation
300 Chapter 6 Configuring multiple DSAP and SSAP using Device Manager
Configuring multiple DSAPs and SSAPs per VLAN
This procedure assumes you have already created a user-defined or an sna802.2 VLAN. See “Configuring policy-based VLANs” on page 145 for information about adding a policy-based VLAN.
To configure multiple DSAPs and SSAPS per VLAN:
1 Go to VLAN > VLANs.
The VLAN—Basic tab appears.
2 Click the Advanced tab.
The VLAN—Advanced tab appears (see Figure 128 on page 301).
DEC_ELSE 0x6000
-
0x60030x6005
- 0x6009
DEC_BPDU 0x8038
SNA_ii 0x80D5
SNA_LLC 0x04
XX
XX
0x04
NetBIOS 0xF0XX
XX0xF0
XNS
XNS_comp
0x0600
0x0807
Table 58 DSAP/SSAP values (continued)
Protocol name Etype DSAP SSAP OUI PID
314725-E Rev 00
Chapter 6 Configuring multiple DSAP and SSAP using Device Manager 301
Figure 128 VLAN—Advanced tab
3 Select the VLAN to which you wish to add a DSAP, and click DSAP/SSAP.
The VLAN—DSAP/SSAP VLAN box appears (Figure 129).
Figure 129 VLAN—DSAP/SSAP VLAN
4 Click Insert.
The DSAP/SSAP, VLAN, Insert DSAP/SSAP box appears (Figure 130).
Figure 130 DSAP/SSAP, VLAN, Insert DSAP/SSAP
5 Enter a DSAP/SSAP value in hexadecimal form, and then click Insert.
Configuring VLANs, Spanning Tree, and Link Aggregation
302 Chapter 6 Configuring multiple DSAP and SSAP using Device Manager
6 Repeat steps 5 to 6 for as many DSAP/SSAPs as you require.
314725-E Rev 00
303
Chapter 7Configuring and managing VLANs using the CLI
This chapter describes how to configure and manage VLANs using the command line interface (CLI), and includes the following topics:
For conceptual information about VLANs, see “VLANs” on page 37.
Roadmap of VLAN commands
The following roadmap lists the VLAN commands and their parameters. Use this list as a quick reference or click on any entry for more information.
Topic Page
Roadmap of VLAN commands 303
Configuring and managing a VLAN 308
Using the VLAN show commands 333
Using the show ports commands for VLANs 358
Using the VLAN IP commands 362
Command Parameter
config vlan <vid> create info
byIDS <sid> [name <value>] [color <value>]
byipsubnet <sid> <ipaddr/mask> [ name <value>] [color <value>]
Configuring VLANs, Spanning Tree, and Link Aggregation
304 Chapter 7 Configuring and managing VLANs using the CLI
byipsubnet-mstprstp <instance-id> <ipaddr|mask> [name <value>] [color <value>]
byport <sid> [name <value>] [color <value>]
byport-mstprstp <instance-id> [name <value>] [color <value>] [naap-vlan] [firewall-vlan] [firewall-peering-vlan]
byprotocol <sid> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|declat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> [<pid>] [name <value>] [color <value>] [encap <value>]
byprotocol-mstprstp <instance-id> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> [<pid>] [name <value>] [color <value>] [encap <value>]
bysrcmac <sid> [name <value>] [color <value>]
bysrcmac-mstprstp <instance-id> [name <value>] [color <value>]
bysvlan <sid> [name <value>] [color <value>]
bysvlan-mstprstp <instance-id> [name <value>] [color <value>]
forIDS <sid> [name <value>] [color <value>]
forIDS-mstprstp <instance-id> [name <value>] [color <value>]
config vlan <vid> info
action <action choice>
add-mlt <integer>
Command Parameter
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 305
addDsapSsap <DSAP/SSAP values>
removeDsapSsap <DSAP/SSAP values>
agetime <integer>
delete
qos-level <integer>
name <vname>
config vlan <vid> fdb-entry info
aging-time <seconds>
flush
monitor <mac> status <value> <true|false>
qos-level <mac> status <value> <0..7>
sync
config vlan <vid> fdb-filter info
add <mac> port <value> [qos <value>]
pcap <mac> <enable|disable>
remove <mac>
config vlan <vid> fdb-filter notallowfrom
info
add <mac> port <value> [<srcOnly|dstOnly|Both>]
remove <mac> port <value> [<srcOnly|dstOnly|Both>]
config vlan <vid> fdb-static info
add <mac> port <value> [qos <value>]
remove <mac>
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
306 Chapter 7 Configuring and managing VLANs using the CLI
config vlan <vid> ports info
add <ports> [member <value>]
remove <ports> [member <value>]
ospf-passive <true|false> <ports>
config vlan <vid> srcmac info
add <macaddr>
remove <macaddr>
config vlan <vid> ip info
create <ipaddr|mask> [mac_offset <value>]
delete <ipaddr>
Rvs-Path-Chk <enable|disable> [mode <value>]
config vlan <vid> ip nlb-unicast-mode
info
<enable|disable>
config sys set flag enhanced-operational-mode true
false
config ethernet <port> loop-detect <enable|disable>
action <port-down|vlan-block|mac-discard>
arp-detect <enable|disable>
config ether <ports> auto-recover-port <enable|disable>
config ethernet <port number> action clearLoopDetectAlarm
Command Parameter
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 307
config ethernet <port number> info
config mac-flap-time-limit <10..5000 milliseconds>
show ports info loop-detected port <port number>
show sys link-flap-detect general-info
show ports info loop-detected port <port number>
show vlan info all [<vid>] [port <value>] [by <value>]
show vlan info advance [<vid>] [port <value>]
show vlan info arp [<vid>] [port <value>]
show vlan info basic [<vid>] [port <value>]
show vlan info brouter-port [port <value>]
show vlan info fdb-entry [<vid>] [mac <value>] [port <value>]
show vlan info fdb-filter [<vid>] [mac <value>] [port <value>]
show vlan info fdb-static [<vid>] [mac <value>] [port <value>]
show vlan info igmp [<vid>] [port <value>]
show vlan info ip [<vid>] [port <value>]
show vlan info ports [<vid>] [port <value>]
show vlan info srcmac [<vid>] [port <value>]
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
308 Chapter 7 Configuring and managing VLANs using the CLI
Configuring and managing a VLAN
To create VLANs, add or remove ports in the VLAN, set priority, change a VLAN name, or perform other operations, use the VLAN configuration commands. You can also configure reverse path checking, loop detection, Enhanced Operation mode, and other features using the CLI. In all VLAN commands in this section, vid is the VLAN ID.
This section includes the following procedures:
• “Creating a VLAN”
• “Performing general VLAN operations” on page 313
• “Configuring VLAN parameters in the forwarding database” on page 316
• “Limiting MAC learning” on page 321
• “Adding or removing VLAN ports” on page 323
• “Adding or removing VLAN source MAC addresses” on page 324
• “Configuring NLB unicast support on an IP interface” on page 325
• “Configuring Untagging Default VLAN on a Tagged Port” on page 325
• “Configuring Enhanced Operation mode” on page 326
• “Configuring VLAN Loop Detection” on page 327
• “Configuring spoof detection for a VLAN” on page 332
Creating a VLAN
To create a VLAN, use the following command:
config vlan <vid> create
show ports info all [vlan <value>] [port <value>] [by <value>]
show ports info vlans [vlan <value>] [port <value>]
Command Parameter
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 309
You can specify the type of VLAN and assign an IP address to the VLAN using this command. The required parameter vid is the VLAN ID. VLAN 1 is the default VLAN.
This command includes the following parameters:
config vlan <vid> create
followed by:
info Shows information about the type of the specified VLAN.
byIDS <sid> [name <value>] [color <value>]
Creates a VLAN for IDS.
<sid> is spanning tree ID 1 to 64.name <value> is the name of the vlan from 0 to 64 characters.
color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
byipsubnet <sid> <ipaddr/mask> [ name <value>] [color <value>]
Creates an IP subnet-based VLAN.• sid is a spanning tree group ID.
• ipaddr/mask is the IP address and mask {a.b.c.d/x | a.b.c.d/x.x.x.x | default}.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
This command is available only for the Ethernet Routing Switch 8600.
byipsubnet-mstprstp <instance-id> <ipaddr|mask> [name <value>] [color <value>]
Creates a VLAN by IP subnet.
• <instance-id> is the instance ID from 0 to 63.
• <ipaddr/mask> is the subnet address or mask {a.b.c.d/x | a.b.c.d/x.x.x.x | default}.
• name <value> is the name of the VLAN.
• color <value> is the color of the VLAN from 0 to 32. The color attribute is used by Optivity software to display the VLAN.
Configuring VLANs, Spanning Tree, and Link Aggregation
310 Chapter 7 Configuring and managing VLANs using the CLI
byport <sid> [name <value>] [color <value>]
Creates a port-based VLAN.
• <sid> is the spanning tree group ID from 1 to 64 characters.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN from 0 to 32. The color attribute is used by Optivity software to display the VLAN.
byport-mstprstp <instance-id> [name <value>] [color <value>] [naap-vlan] [firewall-vlan] [firewall-peering-vlan]
Creates a VLAN by port.
• <instance-id> is the instance ID from 0 to 63.
• name <value> is the name of the VLAN.
• color <value> is the color of the VLAN from 0 to 32.
• naap-vlan marks the VLAN as a NAAP VLAN.
• firewall-vlan marks the VLAN as a firewall VLAN.
• firewall-peering-vlan marks the VLAN as a firewall peering VLAN.
byprotocol <sid> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|declat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE>[<pid>] [name <value>] [color <value>] [encap <value>]
Creates a protocol-based VLAN.
• <sid> is spanning tree ID.
• ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE specifies the protocol.
• pid is a user-defined protocol ID number in hexadecimal.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
• encap <value> is the frame encapsulation method.
config vlan <vid> create
followed by:
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 311
byprotocol-mstprstp <instance-id> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> [<pid>] [name <value>] [color <value>] [encap <value>]
Creates a VLAN by protocol.
• <instance-id> is the instance ID.• <ip|ipx802dot3|ipx802dot2|ipxSnap|ip
xEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> is the protocol ID.
• <pid> is the user-defined PID number.• name <value> is the name of the VLAN
from 0 to 64 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
• encap <value> is the frame encapsulation with the values ethernet-ii, llc, or snap.
bysrcmac <sid> [name <value>] [color <value>]
Creates a VLAN by source MAC address.
• <sid> is the spanning tree ID from 1 to 64.• name <value> is the name of the VLAN
from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
This command is available only for the Ethernet Routing Switch 8600.
bysrcmac-mstprstp <instance-id> [name <value>] [color <value>]
Creates a VLAN by source MAC address
• <instance-id> is the instance ID from 0 to 63.
• name <value> is the name of the VLAN from 0 to 64 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
bysvlan <sid> [name <value>] [color <value>]
Creates an sVLAN.
• <sid> is the spanning tree ID from 1 to 64.
• name <value> is the name of the sVLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
config vlan <vid> create
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
312 Chapter 7 Configuring and managing VLANs using the CLI
Figure 131 on page 313 shows sample output for the config vlan create info command.
bysvlan-mstprstp <instance-id> [name <value>] [color <value>]
Creates an sVLAN.
• <instance-id> is the instance ID from 0 to 63.
• name <value> is the name of the sVLAN.
• color <value> is the color of the sVLAN from 0 to 32. The color attribute is used by Optivity software to display the VLAN.
forIDS <sid> [name <value>] [color <value>]
Creates a VLAN for IDS.• <sid> is the spanning tree ID from 1 to 64.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
forIDS-mstprstp <instance-id> [name <value>] [color <value>]
Creates a VLAN for IDS
• <instance-id> is the instance ID from 0 to 63.
• name <value> is the name of the VLAN from 0 to 64 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
config vlan <vid> create
followed by:
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 313
Figure 131 Config vlan create info command output
Performing general VLAN operations
To perform general VLAN operations, such a setting a Quality of Service (QoS) level for the VLAN or adding or changing the name of a VLAN, use the following command:
config vlan <vid>
In all VLAN commands, vid is the VLAN ID.
This command includes the following options:
config vlan <vid>
followed by:
info Shows characteristics of the specified VLAN (Figure 132 on page 314).
action <action choice> Flushes a table or triggers an RIP update.
• <action choice> is {none| flushMacFdb|flushArp|flushIp| flushDynMemb|all|flushSnoopMemb| triggerRipUpdate|flushSenders| flushSnoopMRtr}. To flush all tables, use all.
add-mlt <integer> Adds an MLT to a VLAN.
• <integer> is the MLT ID.
addDsapSsap <DSAP/SSAP values>
Adds DSAP/SSAP to SNA/USR defined VLANs.
• DSAP/SSAP values for SNA and user defined VLANs (0x0..0xffff).
ERS-8606:5# config vlan 1 create info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
byport : sid - 1 name - Default color - 0 (white)
Configuring VLANs, Spanning Tree, and Link Aggregation
314 Chapter 7 Configuring and managing VLANs using the CLI
Figure 132 shows sample output for the config vlan info command.
Figure 132 Config vlan info command output
removeDsapSsap <DSAP/SSAP values>
Removes DSAP/SSAP to SNA/USR defined VLANs.
• DSAP/SSAP values for SNA and user-defined VLANs (0x0..0xffff).
agetime <integer> Sets the VLAN aging time in seconds.
delete Deletes a VLAN.
qos-level <integer> Sets a Quality of Service level for a VLAN. • <integer> is the QoS level.
Note: QoS level 7 is reserved for network control traffic.
name <vname> Changes the name of a VLAN.
• <vname> is a string of length 0 to 20 characters.
config vlan <vid>
followed by:
ERS-8606:5# config vlan 1 info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
action : N/A add-mlt : addDsapSsap : removeDsapSsap : N/A agetime : N/A delete : N/A qoslevel : 1 name : Default Security-vlan-type : none Cluster : 0
ERS-8606:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 315
Configuration example
The following configuration example uses the config vlan commands to:
• Add a DSAP to SNA/USR VLANs
• Delete a VLAN
After configuring the parameters, use the info command to show a summary of the results.
ERS-8606:5/config/vlan/10# addDsapSsap 0x0808 ERS-8606:5/config/vlan/10# infoSub-Context: create fdb-entry fdb-filter fdb-static ip ipx ports srcmac static-mcastmacCurrent Context:
action : N/A add-mlt : addDsapSsap : 0x000c,0x0808 removeDsapSsap : N/A agetime : 600 delete : N/A qoslevel : 1 name : VLAN-1000
ERS-8606:5/config/vlan/10# removeDsapSsap 0x0808ERS-8606:5/config/vlan/10# infoSub-Context: create fdb-entry fdb-filter fdb-static ip ipx ports srcmac static-mcastmacCurrent Context:action : N/A add-mlt : addDsapSsap : 0x000c removeDsapSsap : N/A agetime : 600 delete : N/A qoslevel : 1 name : VLAN-1000
Configuring VLANs, Spanning Tree, and Link Aggregation
316 Chapter 7 Configuring and managing VLANs using the CLI
Configuring VLAN parameters in the forwarding database
This section includes the following topics:
• “Configuring or modifying VLAN entries in the forwarding database” on page 316
• “Configuring VLAN filter members” on page 317
• “Setting or modifying parameters of VLAN not allowed filter member” on page 318
• “Configuring VLAN static member parameters” on page 320
Configuring or modifying VLAN entries in the forwarding database
To configure or modify VLAN entries in the forwarding database, enter the following command:
config vlan <vid> fdb-entry
This command includes the following options:
config vlan <vid> fdb-entry
followed by:
info Shows current level parameter settings and next level directories.
aging-time <seconds> Sets the forwarding database aging timer.• <seconds> indicates the timeout period in
seconds.
flush Flushes forwarding database.
monitor <mac> status <value> <true|false>
Sets forwarding database monitor parameters.
• <mac> indicates the MAC address.• status <value> allows you to view the
current status of the forwarding database according to one of the following choices: {other|invalid|learned|self|mgmt}.
• <true|false> enables or disables the monitor.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 317
Configuring VLAN filter members
To configure VLAN filter members, enter the following command:
config vlan <vid> fdb-filter
The config vlan <vid> fdb-filter command includes the following options:
qos-level <mac> status <value> <0..7>
Sets a QoS level for a VLAN.• <mac> indicates the MAC address.
• status <value> is the forwarding database status according to one of the following choices: {other|invalid|learned|self|mgmt}.
• <0..7> sets the QoS level.
Note: QoS level 7 is reserved for network control traffic.
sync Synchronizes the switch forwarding database with the forwarding database of the other aggregation switch.
config vlan <vid> fdb-filter
followed by:
info Shows current level parameter settings and next level directories.
add <mac> port <value> [qos <value>]
Adds a filter member to a VLAN bridge.
• <mac> indicates the MAC address.
• port <value> indicates the port (slot/port) number.
• qos <value> is the QoS level.
Note: QoS level 7 is reserved for network control traffic.
pcap <mac> <enable|disable>
Enables or disables the Packet Capture Tool (PCAP).
• <mac> indicates the MAC address.For more information about PCAP, see Using the Packet Capture Tool.
remove <mac> Removes a filter member from a VLAN bridge.
• <mac> indicates the MAC address.
config vlan <vid> fdb-entry
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
318 Chapter 7 Configuring and managing VLANs using the CLI
Configuration example
The following configuration example uses the config vlan fdb-filter commands to:
• Add a filter member to the VLAN bridge
• Remove a filter member from a VLAN bridge
After configuring the parameters, use the info command to show a summary of the results.
ERS-8606:5/config/vlan/10/fdb-filter# add 2:2:2:2:2:2 port 1/1ERS-8606:5/config/vlan/10/fdb-filter# infoSub-Context: notallowfromCurrent Context:
add : mac - 02:02:02:02:02:02port - 1/1Pcap - Disableremove : N/A
ERS-8606:5/config/vlan/10/fdb-filter# remove 2:2:2:2:2:2ERS-8606:5/config/vlan/10/fdb-filter# infoSub-Context: notallowfromCurrent Context:
add : remove : N/A
Setting or modifying parameters of VLAN not allowed filter member
To set or modify VLAN not allowed filter member parameters, enter the following command:
config vlan <vid> fdb-filter notallowfrom
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 319
This command includes the following options:
Configuration example
The following configuration example uses the config vlan fdb-filter notallowfrom commands to:
• Add a not allowed filter member to a VLAN bridge
• Remove a not allowed filter member to a VLAN bridge
config vlan <vid> fdb-filter notallowfrom
followed by:
info Shows current level parameter settings and next level directories.
add <mac> port <value> [<srcOnly|dstOnly|Both>]
Adds a not allowed filter member to a VLAN bridge.
• <mac> indicates the MAC address.
• <value> indicates the port (slot/port) number.• <srcOnly}dstOnly|Both> is optional to set
a mask.
remove <mac> port <value> [<srcOnly|dstOnly|Both>]
Removes a not allowed filter member from a VLAN bridge.
• <mac> indicates the MAC address.
• <value> indicates the port (slot/port) number.• <srcOnly}dstOnly|Both> is optional to set
a mask.
Configuring VLANs, Spanning Tree, and Link Aggregation
320 Chapter 7 Configuring and managing VLANs using the CLI
After configuring the parameters, use the info command to show a summary of the results.
ERS-8606:5/config/vlan/10/fdb-filter# notallowfromERS-8606:5/config/vlan/10/fdb-filter/notallowfrom# add 2:2:2:2:2:2 port 1/2 BothERS-8606:5/config/vlan/1000/fdb-filter/notallowfrom# infoSub-Context:Current Context:
add : mac - 02:02:02:02:02:02Dest Discard set - 1/2Src Discard set - 1/2remove : N/A
ERS-8606:5/config/vlan/10/fdb-filter/notallowfrom# remove 2:2:2:2:2:2 port 1/2 srcOnlyERS-8606:5/config/vlan/10/fdb-filter/notallowfrom# infoSub-Context:Current Context:
add : mac - 02:02:02:02:02:02Dest Discard set - 1/2Src Discard set - remove : N/A
Configuring VLAN static member parameters
To configure VLAN static member parameters, enter the following command:
config vlan <vid> fdb-static
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 321
This command includes the following options:
Limiting MAC learning
This feature allows you to limit the number of forwarding database entries learned on a particular port to a user-specified value. After the number of learned forwarding database entries reaches the maximum limit, packets with unknown source MAC addresses are dropped by the hardware. If the count drops below a configured minimum value due to forwarding database aging, learning is reenabled on the port. Users can configure various actions—logging, sending traps, and disabling the port—when the number of forwarding database entries reaches the configured maximum limit.
The following CLI commands are implemented for this feature:
config ethernet <ports> limit-fdb-learning fdbprotect <enable|disable>
This command enables or disables the feature on the specified ports. The default value is disable.
config ethernet <ports> limit-fdb-learning max-mac-count <value>
config vlan <vid> fdb-static
followed by:
info Shows current level parameter settings and next level directories.
add <mac> port <value> [qos <value>]
Adds a static member to a VLAN bridge.• <mac> indicates the MAC address.
• port <value> indicates the port (slot/port) number.
• qos <value> is the QoS level.
Note: QoS level 7 is reserved for network control traffic.
remove <mac> Removes a static member from a VLAN bridge.
• <mac> indicates the MAC address.
Configuring VLANs, Spanning Tree, and Link Aggregation
322 Chapter 7 Configuring and managing VLANs using the CLI
This command sets the maximum limit of forwarding database entries (fdb-entries) that can be learned on the specified ports. The default value is 1024.
config ethernet <ports> limit-fdb-learning min-mac-count <value>
This command sets the minimum limit of fdb-entries at which fdb-learning will be reenabled on the specified ports. The default value is 512.
config ethernet <ports> limit-fdb-learning info
This command shows the configuration information related to the feature.
config ethernet <ports> limit-fdb-learning violation-log-trap <enable|disable>
This command enables or disables logging to syslog file and trap generation when a maximum limit is reached. The default value is disable.
config ethernet <ports> limit-fdb-learning violation-down-port <enable|disable>
This command enables or disables the action taken on the ports in the event of a violation. The default value is disable.
There is no Device Manager support for this feature in this release.
Note: To change max-mac-count or min-mac-count when the feature is already enabled, flush the fdb-entries on the particular port using the command config ether <ports> action flushMacFdb.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 323
Adding or removing VLAN ports
To add or remove ports in the VLAN, enter the following command:
config vlan <vid> ports
This command includes the following options:
Figure 133 on page 324 shows sample output for the config vlan ports info command.
config vlan <vid> ports
followed by:
info Shows member status of the ports in the VLAN (Figure 133 on page 324).
add <ports> [member <value>]
Adds one or more ports to an existing VLAN.• <ports> is the port list.
• member <value> is the port member type. It can be portmember (always a member), static (sometimes a member), or notallowed (never a member).
remove <ports> [member <value>]
Removes ports from a VLAN but does not delete the VLAN.
• <ports> is the port list.
• member <value> is the port member type. It can be portmember (always a member), static (sometimes a member), or notallowed (never a member).
ospf-passive <true|false> <ports>
Enables or disables the OSPF passive port.
• <true|false> enables or disables the OSPF port.
• <ports> is the port list.
Configuring VLANs, Spanning Tree, and Link Aggregation
324 Chapter 7 Configuring and managing VLANs using the CLI
Figure 133 Config vlan ports info command output
Adding or removing VLAN source MAC addresses
To add or remove VLAN source MAC addresses, enter the following command:
config vlan <vid> srcmac
This command includes the following options:
config vlan <vid> srcmacfollowed by:
info Shows current level parameter settings and next level directories.
add <macaddr> Adds a source MAC address to a VLAN.
• <macaddr> is the MAC address to be added.
remove <macaddr> Removes a source MAC address from a VLAN.
• <macaddr> is the MAC address to be removed.
ERS-8606:5# config vlan 1 ports info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
add : portmember - 2/1-2/8,4/1-4/30 activemember - 2/1-2/8,4/1-4/30 staticmember - notallowtojoin - remove : N/A ospf-passive-port -
ERS-8606:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 325
Configuring NLB unicast support on an IP interface
You can use Microsoft Network Load Balancer (NLB) to share workload among multiple clustering servers. To enable or disable Network Load Balancer (NLB) unicast support, use the following command:
config vlan <vid> ip nlb-unicast-mode
This command includes the following options:
The default value is disable. For more information about NLB unicast support, see “Flooding for Microsoft NLB clustering systems in unicast mode” on page 63.
Configuring Untagging Default VLAN on a Tagged Port
The Untagging Default VLAN on a Tagged Port feature separates untagged packets originating from a PC from the tagged packets originating from a IP phone.
The following command enables the Untagging Default VLAN on a Tagged Port feature:
config ethernet <ports> untag-port-default-vlan <enable|disable>
where <ports> is the port of list of ports in slot/port format.
config vlan <vid> ip nlb-unicast-modefollowed by:
info Shows current level parameter settings and next level directories.
<enable|disable> Enables or disables unicast mode.
Configuring VLANs, Spanning Tree, and Link Aggregation
326 Chapter 7 Configuring and managing VLANs using the CLI
Configuring Enhanced Operation mode
Enhanced Operation mode enables the Ethernet Routing Switch 8600 to support more VLANs. With MLT, you can create a maximum of 1 980 VLANs (1 972 with R modules in the chassis). With SMLT, the limit is 989 VLANs. For more information about enhanced operation concepts, see “MultiLink trunking and VLAN scalability” on page 56.
To configure enhanced operation for 1 980 VLANs on the Ethernet Routing Switch 8600, use the following command:
config sys set flag enhanced-operational-mode
The config sys set flag enhanced-operational-mode command includes the following options:
Configuration example: configuring support for 1 980 VLANs
This configuration example uses the preceding commands to configure support for up to 1980 VLANs. Figure 134 on page 327 shows sample output for these configuration commands.
Note: You must save the configuration and reset the switch before the change takes effect.
config sys set flag enhanced-operational-mode
followed by:
true Enables Enhanced Operation mode to support 1 980 VLANs for the system.
false Disables Enhanced Operation mode for the system.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 327
Figure 134 Configuration example for supporting 1980 VLANs command output
Configuring VLAN Loop Detection
On a per-port basis, the Loop Detection feature detects MAC addresses that are looping from one port to other ports. After a loop is detected, the port on which the MAC addresses were learned is disabled. Additionally, if a MAC address is found to loop, the MAC address is disabled for that VLAN.
You can also use Simple Loop Prevention Protocol to detect VLAN loops (see “Simple Loop Prevention Protocol” on page 130).
For information about the Loop Detection feature, see “VLAN Loop Detection” on page 65. See “SMLT triangle with loop detection configuration example” on page 508 for a CLI loop detection configuration example.
Note: The Loop Detection feature must only be enabled on SMLT ports, and never used on IST ports or core SMLT square or full mesh ports.
ERS-8610:5# config sys set flag enhanced-operational-mode true
WARNING:The change made will take effect only afterthe configuration is saved and the full chassis is rebooted.ERS-8610:5# config sys set flag info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
m-mode: (false) -> false enhanced-operational-mode: (false) -> true vlan-optimization-mode: (false) -> false global-filter-ordering: (false) -> false r-mode: (false) -> false multicast-check-packet: (true) -> true
ERS-8610:5# config sys set flag r-mode ?enable disable RSP memory (256K) mode - effect after rebootRequired parameters:<true|false> = Enable/Disable RSP memory mode {false|true}Command syntax:r-mode <true|false>ERS-8610:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
328 Chapter 7 Configuring and managing VLANs using the CLI
To enable or disable loop detection, enter the CLI command:
config ethernet <port> loop-detect <enable|disable>
The config ethernet <port> loop-detect command includes the following options:
The MAC flap time limit is configured by using the mac-flap-time-limit command. Note that this interval should be staggered between a pair of SMLT switches. By default, the mac-flap-time-limit is set to 500 milliseconds.
config mac-flap-time-limit <10..5000 milliseconds>
To view the current flap time settings, enter the following command:
config info
To view link-flap-detection information, enter the following command:
show sys link-flap-detect general-info
Figure 135 on page 329 shows sample output for these commands.
config ethernet <port> loop-detect <enable|disable>followed by:
action <port-down|vlan-block|mac-discard>
Specifies the loop detect action to be taken.
• port-down shuts down the port upon detecting a flapping MAC address (an address that is enabled and disabled repeatedly).
• vlan-block shuts down the VLAN upon detecting a flapping MAC address
• mac-discard
arp-detect <enable|disable>
The ARP-Detect feature is used for IP configured interfaces for ARP packets. This feature should be enabled (in addition to loop detection) on routed interfaces.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 329
Figure 135 Config and show sys link-flap-detect command output
To display the results of loop detection in any VLAN, enter the CLI command:
show ports info loop-detected port <port number>
To verify whether the loop detection feature is enabled or disabled on the port, enter the CLI command:
config ethernet <port number> info
The CLI command to enable or disable auto-recovery on individual ports is as follows:
config ether <ports> auto-recover-port <enable|disable>
The default value is disable.
The CLI command to set the recovery timer on a port is as follows:
config auto-recover-delay <seconds>
ERS-8610:6# config ethernet 1/15 loop-detect enable action port-downERS-8610:6# config mac-flap-time-limit 1600ERS-8610:6# config info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
setdate : N/A mac-flap-time-limit : 1600 auto-recover-delay : 15
ERS-8610:6# show sys link-flap-detect general-info
Auto Port Down : enable Send Trap : enable Interval : 60 Frequency : 10
ERS-8610:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
330 Chapter 7 Configuring and managing VLANs using the CLI
The range is 5 to 3600 seconds, and the default value is 30 seconds.
To clear loop detection alarms, enter the CLI command:
config ethernet <port number> action clearLoopDetectAlarm
Figure 136 on page 331 shows sample CLI output using the loop detect commands.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 331
Figure 136 Sample configuration using the loop-detect commands.
ERS-8610:6# show ports info loop-detected port 1/15========================================================================= Port Loop-Detect=========================================================================PORT VLAN MAC LOOP DETECT SMLT REMOTE ACTION------------------------------------------------------------------------1/15 3510 00:00:5e:00:01:01 PORT-DOWN false4/16 3510 00:00:5e:00:01:01 PORT-DOWN false
ERS-8610:6# config ether 1/15 auto-recover-port enableERS-8610:6# config auto-recover-delay 15ERS-8610:6# config ethernet 1/15 action clearLoopDetectAlarmERS-8610:6# config ethernet 1/15 info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:Port 1/15 : lock : false block-traffic : false name : auto-negotiate : true enable-diffserv : false access-diffserv : false qos-level : 1 routing : enable unknown-mac-discard : disable high-secure : false default-vlan-id : 1 untag-port-default-vlan : disable tagged-frames-discard : disable perform-tagging : disable svlan-porttype : normal untagged-frames-discard : disable loop-detect : enable action port-down arp-detect disable state : up linktrap : enable alias : multicast-bandwidth-limit : disabled broadcast-bandwidth-limit : disabled tx-flow-control : disabled sffd : disabled cp-limit : enabled multicast-limit 10000 broadcast-limit 10000 shape : disabled 802.1p-override : disable slpp-rx : disabled auto-recover-port : enable ext-cp-limit : None threshold-util-rate 50ERS-8610:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
332 Chapter 7 Configuring and managing VLANs using the CLI
Loop detection warning messages
The following log message and trap is generated when MAC address discarding is set due to loop-detect:
MAC has been disabled due to MAC <xx:xx:xx:xx:xx:xx> flapping more than <n> times in <t> milliseconds from <port-number> to <port-number>.
The following log message and trap is generated when a port, which has been disabled due to CP-Limit or link-flap, is auto-recovered:
port <port-num> re-enabled by auto recovery
The following log message and trap is generated when a port which has been disabled due to the loop detection feature is auto-recovered:
Loop detect action <action> cleared on port <port-num> by auto recovery
Configuring spoof detection for a VLAN
A port can be configured to prevent IP spoofing by using the following CLI commands. For more information about this feature, see “Prevention of IP spoofing within a VLAN” on page 64.
To enable or disable spoof detection, enter the following command:
config ethernet <ports> spoof-detect <enable|disable>
To enable or disable auto-recovery on a port use the command:
config ethernet <ports> auto-recover-port <enable|disable>
Note: If you are using SMLT, be sure to configure spoof detection on both SMLT aggregation switches to avoid connectivity issues.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 333
Using the VLAN show commands
To obtain configuration information about all VLANs on the switch or specified VLANs, use the show vlan commands.
This section includes the following topics:
• “Displaying general VLAN information”
• “Displaying forwarding database information” on page 347
• “Displaying forwarding database filters” on page 348
• “Displaying database status, MAC address, and QoS levels” on page 349
• “Displaying additional parameters” on page 350
• “Displaying ARP configurations” on page 351
• “Displaying VLAN information” on page 352
• “Displaying brouter port information” on page 353
• “Displaying IGMP switch operation information” on page 354
• “Displaying VLAN routing (IP) configuration” on page 355
• “Displaying port member status” on page 356
• “Displaying source MAC addresses” on page 357
Displaying general VLAN information
To display all general information about the VLANs on the switch or a specified VLAN, enter the following command:
show vlan info all [<vid>] [port <value>] [by <value>]
where:
<vid> is the VLAN ID from 1 to 4092,port <value> is the port or range of ports,by <value> is the group ID.
Warning: Enabling the spoof detection feature requires you to reboot the switch.
Configuring VLANs, Spanning Tree, and Link Aggregation
334 Chapter 7 Configuring and managing VLANs using the CLI
Figure 137 on page 334 shows sample output of this command.
Figure 137 Show vlan info all command output
Table 59 shows the field descriptions for this command.
Table 59 Show vlan info all parameters
Field Description
Vlan Basic
VLAN ID Indicates the VLAN ID.
ERS-8606:5/show/vlan/info# all
============================================================================= Vlan Basic=============================================================================VLAN STGID NAME TYPE ID PROTOCOLID SUBNETADDR SUBNETMASK-----------------------------------------------------------------------------1 Default byPort 1 none N/A N/A
13 VLAN-13 byPort 1 none N/A N/A
============================================================================= Vlan Port=============================================================================VLAN PORT ACTIVE STATIC NOT_ALLOWID MEMBER MEMBER MEMBER MEMBER-----------------------------------------------------------------------------1 1/1,1/5-1/8,2/1- 1/1,1/5-1/8,2/1-
2/8,4/1-4/16,4/18- 2/8,4/1-4/16,4/18-
4/30 4/30
13 4/17 4/17
============================================================================= Vlan ATM VPort=============================================================================VLAN ID PORT NUM PVC LIST-------------------------------------------------------------------------------More-- (q = quit)
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 335
NAME Indicates the administrator assigned name to the VLAN.
TYPE Indicates the type of VLAN, distinguished according to the policy used to define its port membership. Options include:byPort—VLAN by Port
byIpSubnet—VLAN by IP subnet
byProtocolId—VLAN by protocol IDbySrcMac—VLAN by source MAC address
byDstMcast—VLAN by destination multicast
bySvlan—VLAN by stacked VLAN byIds—VLAN by IDS VLAN
STG ID Indicates the Spanning Tree Group (STG) used by this VLAN to determine the state of its ports. If this VLAN is not associated with any STG, it is zero.
PROTOCOLID Indicates the protocol identifier of this VLAN. For other VLAN types it has the value of none. Options include:none
ip
ipx802dot3ipx802dot2
ipxSnap
ipxEthernet2appleTalk
decLat
decOthersna802dot2
snaEthernet2
netBiosxns
vines
ipV6usrDefined
rarp
pPPoE
SUBNETADDR Indicates the IP subnet address of this VLAN. For other VLAN types it has the value of 0.0.0.0.
SUBNETMASK Indicates the IP subnet mask of this VLAN. For other VLAN types it has the value of 0.0.0.0.
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
336 Chapter 7 Configuring and managing VLANs using the CLI
Vlan Port
VLAN ID Indicates the VLAN ID.
PORT MEMBER Indicates the set of ports that are members (static or dynamic) of this VLAN.
ACTIVE MEMBER Indicates the The set of ports that are currently active in this VLAN. Active ports include all static ports and any dynamic ports where the VLAN policy was met.
STATIC MEMBER Indicates the The set of ports that are static members of this VLAN. A static member of a VLAN is always active and is never aged out.
NOT_ALLOW MEMBER
Indicates the The set of ports that are not allowed to become members of this VLAN.
Vlan ATM Port
VLAN ID Indicates the VLAN ID.
PORT NUM Indicates the port number.
PVC LIST Indicates the PVC list.
Ospf Passive Port Members
VLAN Indicates the VLAN ID.
PORT NUM Indicates the VLAN port number for the passive OSPF interface.
Vlan Advance
VLAN ID Indicates the VLAN ID.
NAME Indicates the name assigned to the VLAN.
IF INDEX Indicates the interface index.
QOS LVL Indicates the QoS level packets carried in this VLAN for processing.
AGING TIME Indicates the timeout period (in seconds) used for aging out dynamic members of this VLAN. This field is only relevant for policy-based VLANs.
MAC ADDRESS Indicates the MAC address assigned to the virtual router interface of this VLAN. This field is meaningful only if VlanRoutingEnable is equal to true.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 337
ACTION Inidciates VLAN related actions. Options include:
none—none of the following
flushMacFdb—flush MAC forwarding tableflushArp—flush ARP table
flushIp—flush IP route table
flushDynMemb(—flush dynamic membersall—flush all tables
flushSnoopMemb—flush IGMP snoop members
triggerRipUpdate—manually trigger RIP updateflushSnoopMRtr—flush snoop multicast router
RESULT Indicates the result from the last VLAN action. Options include:
noneinProgress
success
fail
USER DEFINEPED ENCAP
Indicates the encapsulation type for user defined protocol-based VLANs. This is not meaningful for other types of VLANs.
Vlan Arp
VLAN ID Indicates the VLAN ID.
DOPROXY Indicates if ARP proxy responses are enabled or disabled on the specified interface.
DORESP Indicates if the sending of ARP responses is enabled or disabled on the specified interface.
NLB-UNIAST-MODE Indicates the mode for NLB-unicast.
Vlan Fdb
VLAN ID Indicates the VLAN ID.
STATUS Indicates the status of FDB forwarding on the VLAN.
MAC ADDRESS Indicates the MAC address assigned to the virtual router interface of this VLAN. This field is meaningful only if VlanRoutingEnable is equal to true.
INTERFACE Indicates the interface.
MONITOR Indicates whether monitoring is performed on this unicast MAC address. If monitoring is enabled, any packet received with a matching destination MAC address is forwarded to the port configured to receive monitor traffic.
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
338 Chapter 7 Configuring and managing VLANs using the CLI
QOS LVL Indicates the QoS level packets carried in this VLAN for processing.
SMLT REMOTE Indicates the MAC address for remote learnt, either local or remote.
Vlan Filter
VLAN ID Indicates the VLAN ID.
STATUS Indicates the status of the VLAN filter.
MAC ADDRESS Indicates the MAC address assigned to the virtual router interface of this VLAN. This field is meaningful only if VlanRoutingEnable is equal to true.
PORT Indicates the port number.
QOS LVL Indicates the QoS level packets carried in this VLAN for processing.
PCAP Indicates the status of PCAP on the filter.
DEST_DISCARD SET
Indicates a set of ports. Traffic arriving on any of the specified ports from this MAC address.
SRC_DISCARD SET Indicates a set of ports. Traffic arriving on any of the specified ports is not forwarded to this MAC address.
Vlan Static
VLAN ID Indicates the VLAN ID.
STATUS Indicates the status of the static VLAN.
MAC ADDRESS Indicates the MAC address assigned to the virtual router interface of this VLAN. This field is meaningful only if VlanRoutingEnable is equal to true.
PORT Indicates the port number.
MONITOR Indicates whether monitoring is performed on this unicast MAC address. If monitoring is enabled, any packet received with a matching destination MAC address is forwarded to the port configured to receive monitor traffic.
QOS LVL Indicates the QoS level packets carried in this VLAN for processing.
IDS Vlan Info
VLAN ID Indicates the VLAN ID.
MAC LEARNING Indicates the type of MAC learning.
DISABLED PORTS Indicates the disabled port numbers.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 339
Vlan Ip
VLAN ID Indicates the VLAN ID.
IP ADDRESS Indicates the IP subnet address of this VLAN. This value is meaningful only if the VLAN type is set to IP subnet. For other VLAN types, it has the value of 0.0.0.0.
NET MASK Indicates the IP subnet mask of this VLAN. This value is meaningful only if the VLAN type is set to IP subnet. For other VLAN types it has the value of 0.0.0.0.
BCASTADDR FORMAT
Indicates the IP broadcast address format used on this interface.
REASM MAXSIZE Indicates the size of the largest IP datagram that this entity can reassemble from incoming IP fragmented datagrams received on this interface.
ADVERTISE WHEN_DOWN
Indicates whether the VLAN state change is notified to Layer 3 or not, provided the VLAN is configured as a routable interface. A VLAN is considered to be up if at least one member of the port-based VLAN has link up, or at least one port member of the policy-based has an entry in the MGID or at least one static member of the policy-based VLAN has link up. Otherwise, a VLAN is considered to be down. If the value is true then the interface state change does not notify to Layer 3. (that is, it always stays up). If the value is false then the VLAN state change is notified to Layer 3 so that IP related status reflects the routable interface state.
DIRECTED BROADCAST
Indicates the status of directed broadcast.
RPC Indicates the status of RPC.
RPC MODE Indicates the RPC mode type.
Vlan Dhcp
VLAN ID Indicates the VLAN ID number
IF INDEX Indicates the interface index number. Numbers 1 to 256 are ports; numbers above 257 are VLANs.
ENABLE Indicates if DHCP is enabled on the port.
MAX HOP Indicates the maximum number of hops a DHCP packet can take from the source device to the destination device (that is, DHCP client to DHCP server)
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
340 Chapter 7 Configuring and managing VLANs using the CLI
MIN SEC Indicates the minimum number of seconds to wait between receiving a DHCP packet and actually forwarding the DHCP packet to the destination device. A value of zero indicates forwarding should be done immediately without any delay.
MODE Indicates what type of DHCP packets this interface should support. A value of none results in all incoming DHCP and BOOTP packets to be dropped. Options include none, bootp, dhcp, and both.
ALWAYS BCAST Indicates if DHCP reply packets are broadcast to the DHCP client on this interface.
Vlan Ospf
VLAN ID Indicates the VLAN
ENABLE Indicates the status of OSPF configured on the port.
HELLO INTERVAL Indicates the length of time, in seconds (1 to FFFF) between the Hello packets that the router sends on the interface.
RTRDEAD INTERVAL Indicates the number of seconds (1 to FFFF) that router Hello packets have not been seen before neighbors declare the router down.
DESIGRTR PRIORITY
Indicates the priority of this interface. Used in multiaccess networks. This field is used in the designated router election algorithm. The value 0 indicates the router is not eligible to become the designated router on this particular network. In the event of a tie in this value, routers use their router id as a tie breaker. The default is 1.
METRIC Indicates the metric for this type of service (TOS) on this interface. The value of the TOS metric is (10^9 / interface speed). The default is 1.FFFF—There is no route for this TOS.
POS/IPCP links—defaults to 0.
0—The interface speed is used as the metric value when the state of the interface is up.
AUTHTYPE Indicates the type of authentication required for the interface.
none—No authentication required.simple password—All OSPF updates received by the interface must contain the authentication key specified in the interface AuthKey field.MD5 authentication—All OSPF updates received by the interface must contain the MD5 key.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 341
AUTHKEY Indicates the key (up to 8 characters) required when simple password authentication is specified in the interface AuthType field.
INTF Indicates the interface type.
AREA ID Indicates the area where the host is found. By default, the area that is submitting the OSPF interface is in 0.0.0.0.
Vlan Rip
PORT NUM Indicates the ports on the VLAN.
ENABLE Indicates the status of RIP on the port.s for a VLAN
DEFAULT SUPPLY Indicates if the default route must be advertised out this interface.
Note: The default route is advertised only if it exists in the routing table.
DEFAULT LISTEN Indicates if the default route must be learned on this interface when advertised by another router connected to the interface.
TRIGGERED UPDATE
Indicates the status of the RIP triggered update on the interface.
AUTOAGG ENABLE Indicates the status of auto aggregation on the interface.
SUPPLY Indicates the status of advertising RIP routes through the interface.
LISTEN Indicates the status of RIP reception on the interface.
POISON Indicates the status of poison reverse on the interface. If disabled, split horizon is invoked, meaning that IP routes learned from an immediate neighbor are not advertised back to the neighbor from which the routes were learned.If enabled, the RIP update sent to a neighbor from which a route is learned is poisoned with a metric of 16. In this manner, the route entry is not passed along to the neighbor, because historically 16 is infinity in terms of hops on a network. The default is disable.
Vlan Vrrp
VLAN ID Indicates the VLAN ID.
VRRP ID Indicates the number which, along with an interface index (ifIndex), serves to uniquely identify a virtual router on a given VRRP router. A set of one or more associated addresses is assigned to a VRID.
IP ADDR Indicates the assigned IP addresses that a virtual router is responsible for backing up.
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
342 Chapter 7 Configuring and managing VLANs using the CLI
VIRTUAL MAC ADDR Indicates the virtual MAC address of the virtual router. This is derived as follows: 00-00-5E-00-01-<VRID> where the first three octets consist of the Internet Assigned Numbers Authority’s (IANA) Organizationally Unique Identifier (OUI), the next two octets indicate the address block of the VRRP protocol, and the remaining octets consist of the VRID.
Vlan Vrrp Extended
VID Indicates the VLAN ID.
STATE Indicates the current state of the virtual router. Options include:initialize—waiting for a startup event
backup—monitoring the state/availability of the master router
master—forwarding IP addresses associated with this virtual router.
CONTROL Indicates the virtual router function. Setting the value to enabled transitions the state of the router from initialize to backup. Setting the value to disabled, transitions the router from master or backup to initialize.
PRIORITY Indicates the priority for the virtual router (for example, master election) with respect to other virtual routers that are backing up a one or more associated IP addresses. Higher values imply higher priority. A priority of 0, although not possible to set, indicates that this router has ceased to participate in VRRP and a backup virtual router should transition to become a new master.A priority of 255 is used for the router that owns the associated IP addresses.
MASTER IPDDR Indicates the master router real (primary) IP address. This is the IP address listed as the source in VRRP advertisement last received by this virtual router.
ADVERTISE INTERVAL
Indicates the time interval, in seconds, between sending advertisement messages. Only the master router sends VRRP advertisements.
CRITICAL IPADDR Indicates the IP address of the interface that causes a shutdown event.
HOLDDOWN_TIME Indicates the amount of time (in seconds) to wait before preempting the current VRRP master.
ACTION Indicates the trigger for an action on this VRRP interface. Options include none and preemptHoldDownTimer.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 343
CRITICAL IP ENABLE
Indicates the if an user-defined critical IP address is enabled. No indicates the use the default IP address (0.0.0.0). there is no effect if an user-defined IP address does not exist.
BACKUP MASTER Indicates the state of designating a backup master router.
BACKUP MASTER STATE
Indicates the state of the backup master router.
FAST ADV INTERVAL Indicates the faster advertisement interval, in milliseconds, between sending advertisement messages. When the faster advertisement interval enable is checked, the faster advertisement interval is being used instead of the regular advertisement interval
FAST ADV ENABLE Indicates if the faster advertisement interval status.
Vlan Ip Igmp
VLAN ID Indicates the VLAN ID.
QUERY INTVL Indicates the interval (in seconds) between IGMP Host-Query packets transmitted on this interface.
QUERY MAX RESP Indicates the interval (in seconds) for the maximum query response time advertised in IGMPv2 queries on this interface. Smaller values allow a router to prune groups faster.
ROBUST Indicates the tuning for the expected packet loss on a subnet. If a subnet is expected to be lossy, the Robustness variable can be increased. IGMP is robust to (Robustness - 1) packet losses.
VERSION Indicates the version of IGMP that is running on this interface. This object configures a router capable of running either value. For IGMP to function correctly, all routers on a LAN must be configured to run the same version of IGMP on that LAN.
LAST MEMB QUERY Indicates the max response in a group specific query.
PROXY SNOOP ENABLE
Indicates the status of IGMP proxy snoop on the VLAN.
SNOOP ENABLE Indicates the status of IGMP snooping on the VLAN.
SSM SNOOP ENABLE
Indicates the status of SSM IGMP snooping on the VLAN.
FAST LEAVE ENABLE
Indicates the status of fast leave.
FAST LEAVE PORTS Indicates the ports that have fast leave enabled.
Vlan Ip Dvmrp
IF Indicates the ifIndex value of the interface for which DVMRP is enabled.
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
344 Chapter 7 Configuring and managing VLANs using the CLI
ADDR Indicates the IP address this system uses as a source address on this interface.
METRIC Indicates the distance metric for this interface used to calculate distance vectors.
OPERSTAT Indicates the current operational state of this DVMRP interface.
DEFAULT LISTEN Indicates whether the switch can learn DVMRP default routes over this interface.
DEFAULT SUPPLY Indicates the whether the switch should supply DVMRP default routes over this interface.
DEFAULT METRIC Indicates the cost of the DVMRP default route that this interface generates and supplies when it is configured to supply default route.
ADVERTISE SELF Indicates whether the switch can advertise this local network.
IN-POLICY Indicates the DVMRP accept policy name configured on this interface.
OUT-POLICY Indicates the DVMRP announce policy name configured on this interface.
INTF TYPE Indicates the type of this DVMRP interface, whether it uses a tunnel, source routing, a physical interface for which there is a a querier, or a physical interface for which there is not a querier (subnet).
Vlan Ip Icmp Route Discovery
VLAN ID Indicates the VLAN ID.
ADV_ADDRESS Indicates the advertisement address to which the route discovery advertisements transmitted on this interface.
ADV_FLAG Indicates the flag to indicate whether or not the address is to be advertised on this interface.
LIFETIME Indicates the value to be placed in the lifetime field of router Advertisements sent from the interface.
MAX_INT Indicates the maximum time allowed between sending router Advertisements from this interface.
MIN_INT Indicates the minimum time allowed between sending router Advertisements from this interface.
PREF_LEVEL Indicates the preferability of the router address as a default router
Vlan Ipx
VLAN-ID Indicates the VLAN ID.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 345
VLAN-TYPE Indicates the type of VLAN, distinguished according to the policy used to define its port membership. Options include:
byPort—VLAN by Port byIpSubnet—VLAN by IP subnet
byProtocolId—VLAN by protocol ID
bySrcMac—VLAN by source MAC addressbyDstMcast—VLAN by destination multicast
bySvlan—VLAN by stacked VLAN
byIds—VLAN by IDS VLAN
IPXNET Indicates the IPX network address.
ENCAPSULATION Indicates the IPX encapsulation format. It is only relevant if the VLAN is port-based.
ROUTING Indicates the IPX routing protocol. Options include none or RIP.
Manual Edit Mac
MAC ADDRESS Indicates the MAC address that is learned on the port.
PORTS Indicates the allowed ports that can learn this MAC address.
Autolearn Mac
MAC ADDRESS Indicates the MAC address that is automatically learned on the port.
PORT Indicates the allowed ports that can automatically learn this MAC address.
Vlan Ip Pim
VLAN-ID Identifies the VLAN.
PIM-ENABLE The state of PIM on the VLAN.
MODE The configured mode of this VLAN. The valid modes are SSM and Sparse.
HELLOINT Indicates how long to wait (in seconds) before the PIM switch sends out the next hello message to neighboring switches. The default hello interval is 30 seconds.
JPINT Indicates how long to wait (in seconds) before the PIM switch sends out the next join/prune message to its upstream neighbors. The default join/prune interval is 60 seconds.
CBSR PREF The preference for this local interface to become a candidate BSR. The Candidate BSR with the highest BSR-priority and address is referred to as the preferred BSR. The default is -1, which indicates that the current interface is not a candidate BSR.
Table 59 Show vlan info all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
346 Chapter 7 Configuring and managing VLANs using the CLI
INTF TYPE Indicates whether the PIM interface is active or passive.
Vlan Ip Pgm
VLAN-ID Identifies the VLAN.
ENABLE Shows whether PGM is enabled or disabled on this interface.
STATE Indicates the current state (up or down) of PGM.
NAK_RE_XMIT INTERVAL
Specifies how long to wait for an NCF (in milliseconds) before retransmitting the NAK (negative acknowledgement). The default is 1 000 milliseconds.
MAX_NAK_RE XMIT_COUNT
Specifies the maximum number of NAK retransmission packets allowed per second.
NAK_RDATA INTERVAL
Specifies how long to wait for RDATA (in milliseconds) after receiving an NCF.
NAK_ELIMINATE INTERVAL
Specifies the length of time (in milliseconds) during where a network element (NE) eliminates duplicate NAKs. When this interval expires, the NE suspends NAK elimination until the first duplicate arrives. After this NAK is forwarded, the NE again eliminates duplicate NAKs for the specified interval. This parameter must be less than the NAK_RDATA INTERVAL.
Vlan Mcastmac
VLAN ID Indicates the VLAN ID.
MAC ADDRESS Indicates the MAC address.
PORT LIST Indicates the list of ports.
MLT GROUPS Indicates the MLT groups.
Vlan Firewall
ID Indicates the VLAN ID.
NAME Indicates the VLAN name assigned by the user.
FIREWALL TYPE Indicates the firewall VLAN type for port-based VLANs. Options include:
none(naap
enforceable
peering
CLUSTER ID Indicates the firewall cluster ID.
Table 59 Show vlan info all parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 347
Displaying forwarding database information
To display forwarding database information for the specified VLAN, enter the following command:
show vlan info fdb-entry [<vid>] [mac <value>] [port <value>]
where:<vid> is the VLAN ID from 1 to 4 092.port <port-list> is the port or range of ports in slot/port format.mac <value> is the MAC address.
The <vid>, port, and mac are optional parameters.
Figure 138 shows sample output for the show vlan info fdb-entry command.
Figure 138 Show vlan info fdb-entry command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
ERS-8606:5# show vlan info fdb-entry 1
============================================================================= Vlan Fdb=============================================================================VLAN MAC QOS SMLT ID STATUS ADDRESS INTERFACE MONITOR LEVEL REMOTE-----------------------------------------------------------------------------1 learned 00:00:50:0d:6b:82 Port-2/7 false 1 false
1 out of 1 entries in all fdb(s) displayed.
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
348 Chapter 7 Configuring and managing VLANs using the CLI
Displaying forwarding database filters
To display the forwarding database filters for the specified VLAN, enter the following command:
show vlan info fdb-filter [<vid>] [mac <value>] [port <value>]
where:<vid> is the VLAN ID from 1 to 4 092.port <port-list> is the port or range of ports in slot/port format.mac <value> is the MAC address.
The <vid>, port, and mac are optional parameters.
The display includes the VLAN ID, the status, the VLAN MAC address, and the ports from which the VLAN is not allowed to receive frames.
Figure 139 shows sample output for the show vlan info fdb-filter command.
Figure 139 Show vlan info fdb-filter command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
ERS-8610:5# show vlan info fdb-filter 1===================================================================== Vlan Filter=====================================================================VLAN MAC QOS DEST_DISCARDSRC_DISCARDID STATUS ADDRESS PORT LEVEL PCAP SET SET---------------------------------------------------------------------1 permanent 00:13:83:89:22:03 8/7 1 Enable
ERS-8610:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 349
Displaying database status, MAC address, and QoS levels
To display the static forwarding database status, the VLAN MAC address, and the QoS level for the specified VLAN, enter the following command:
show vlan info fdb-static [<vid>] [mac <value>] [port <value>]
where:<vid> is the VLAN ID from 1 to 4 092.port <port-list> is the port or range of ports in slot/port format.mac <value> is the MAC address.
The <vid>, port, and mac are optional parameters.
Figure 140 shows sample output for the show vlan info fdb-static command.
Figure 140 Show vlan info fdb-static command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
ERS-8606:5:# show vlan info fdb-static 1
============================================================================ Vlan Static============================================================================VLAN MAC QOS ID STATUS ADDRESS PORT MONITOR LEVEL ----------------------------------------------------------------------------1 learned 08:12:20:38:4e:76 1/1 1/2 7
ERS-8606:5
Configuring VLANs, Spanning Tree, and Link Aggregation
350 Chapter 7 Configuring and managing VLANs using the CLI
Displaying additional parameters
To display additional parameters for the specified VLAN or all VLANs, enter the following command:
show vlan info advance [<vid>] [port <value>]
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
All zeros in the MAC ADDRESS column indicate that there is no IP address associated with that VLAN.
Figure 141 on page 351 shows sample output for the show vlan info advance command.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 351
Figure 141 Show vlan info advance command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying ARP configurations
To display the Address Resolution Protocol (ARP) configuration for all VLANs or the specified VLAN, enter the following command:
show vlan info arp [<vid>] [port <value>]
ERS-8610:5# show vlan info advance
============================================================================= Vlan Advance=============================================================================VLAN IF QOS AGING MAC USERID NAME INDEX LVL TIME ADDRESS ACTION RESULT DEFINEPID ENCAP------------------------------------------------------------------------------1 Default 2049 1 0 00:00:00:00:00:00 none none 0x0000
2 VLAN-2 2051 1 0 00:12:83:89:22:01 none none 0x0000
3 VLAN-3 2052 1 0 00:00:00:00:00:00 none none 0x0000
100 100 2054 1 0 00:00:00:00:00:00 none none 0x0000
3999 VLAN-3999 2053 1 0 00:00:00:00:00:00 none none 0x0000
VLANID DSAP/SSAP------------------------------------------------------------------------------1231003999
ERS-8610:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
352 Chapter 7 Configuring and managing VLANs using the CLI
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
Figure 142 shows sample output for the show vlan info arp command.
Figure 142 Show vlan info arp command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying VLAN information
To display the basic configuration for all VLANs or a specified VLAN, enter the following command:
show vlan info basic [<vid>] [port <value>]
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
ERS-8610:5# show vlan info arp 1
============================================================== Vlan Arp==============================================================VLAN ID DOPROXY DORESP NLB-UNIAST-MODE--------------------------------------------------------------1 false true false
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 353
Figure 143 shows sample output for the show vlan info basic command.
Figure 143 Show vlan info basic command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying brouter port information
To display the brouter port VLAN information for all VLANs on the switch or for the specified VLAN, enter the following command:
show vlan info brouter-port [port <value>]
where:port <value> is the portlist {slot/port[-slot/port][,...]}. Entering a value is optional. When you enter a value, the command shows information for the specified port. Without the value, the command shows information for all the configured VLANs.
This command is available only for the Ethernet Routing Switch 8600.
Figure 144 on page 354 shows sample output for the show vlan info brouter-port command.
ERS-8606:5# show vlan info basic
============================================================================== Vlan Basic==============================================================================VLAN STGID NAME TYPE ID PROTOCOLID SUBNETADDR SUBNETMASK ------------------------------------------------------------------------------1 Default byPort 1 none N/A N/A 4093 VLAN-4093 byPort 64 none N/A N/A
Configuring VLANs, Spanning Tree, and Link Aggregation
354 Chapter 7 Configuring and managing VLANs using the CLI
Figure 144 Show vlan info brouter-port command output
Displaying IGMP switch operation information
To display information about IGMP operation in the switch, enter the following command:
show vlan info igmp [<vid>] [port <value>]
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
ERS-8606:5# show vlan info brouter-port port 1/1
Vlan Id Port ======= ====
2090 1/1
ERS-8606:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 355
Figure 145 shows sample output for the show vlan info igmp command.
Figure 145 Show vlan info igmp command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying VLAN routing (IP) configuration
To display the routing (IP) configuration for all VLANs on the switch or for the specified VLAN, enter the following command:
show vlan info ip [<vid>] [port <value>]
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
ERS-8606:5# show vlan info igmp 1
============================================================================= Vlan Ip Igmp=============================================================================VLAN QUERY QUERY ROBUST VERSION LAST PROXY SNOOP SSM FAST FASTID INTVL MAX MEMB SNOOP ENABLE SNOOP LEAVE LEAVE RESP QUERY ENABLE ENABLE ENABLE PORTS-----------------------------------------------------------------------------1 125 100 2 2 10 false false false false
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
356 Chapter 7 Configuring and managing VLANs using the CLI
Figure 146 shows sample output for the show vlan info ip command.
Figure 146 Show vlan info ip command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying port member status
To display the port member status for all VLANs on the switch or for the specified VLAN, enter the following command:
show vlan info ports [<vid>] [port <value>]
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
A port can be an active member, a static member, or a not-allowed member.
ERS-8606:5# show vlan info ip
============================================================================= Vlan Ip=============================================================================VLAN IP NET BCASTADDR REASM ADVERTISE DIRECTED ID ADDRESS MASK FORMAT MAXSIZE WHEN_DOWN BROADCAST -----------------------------------------------------------------------------1 192.32.253.1 255.255.255.0 ones 1500 disable enable
ERS-8606:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 357
Figure 147 shows sample output for the show vlan info ports command.
Figure 147 Show vlan info ports command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Displaying source MAC addresses
To display the source MAC address for any source MAC-based VLANs on the switch, or for the specified VLAN, if it is source MAC-based, enter the following command:
show vlan info srcmac [<vid>] [port <value>]
ERS-8606:5# show vlan info ports
============================================================================= Vlan Port=============================================================================VLAN PORT ACTIVE STATIC NOT_ALLOW ID MEMBER MEMBER MEMBER MEMBER -----------------------------------------------------------------------------1 2/1-2/8,4/1-4/30 2/1-2/8,4/1-4/30
============================================================================= Vlan ATM VPort=============================================================================VLAN ID PORT NUM PVC LIST -----------------------------------------------------------------------------
============================================================================= Ospf Passive Port Members=============================================================================VLAN PORT NUM -----------------------------------------------------------------------------1
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
358 Chapter 7 Configuring and managing VLANs using the CLI
where:vid is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vid or port <value> is optional. When you enter a vid or port <value>, the command shows information for the specified VLAN or port. Without the vid or port <value>, the command shows information for all the configured VLANs.
Figure 148 shows sample output for the show vlan info srcmac command.
Figure 148 Show vlan info srcmac command output
See the appropriate section in Table 59 on page 334 for an explanation of each heading in the previous figure.
Using the show ports commands for VLANs
To obtain configuration port information about all VLANs on the switch or specified VLANs, use the show ports commands.
This section includes the following topics:
• “Displaying port tagging information” on page 359
• “Displaying all port VLAN information” on page 360
ERS-8606:5# show vlan info srcmac
============================================================================ Vlan Srcmac============================================================================VLAN_ID MAC_ADDRESS 1 00:13:83:89:22:032 00:00:00:00:00:00
ERS-8606:5#
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 359
Displaying port tagging information
To display VLAN port tagging information, enter the following command:
show ports info vlans [vlan <value>] [port <value>]
where:
vlan <value> is the VLAN ID from 1 to 4092,port <value> is the port or range of ports.
Entering a vlan <value> or port <value> is optional. When you enter a vlan <value> or port <value>, the command shows information for the specified VLAN or port. Without the vlan <value> or port <value>, the command shows information for all the configured VLANs.
Figure 149 shows sample output for this command.
Figure 149 Show ports info vlan command output
Table 60 shows the field descriptions for this command.
Table 60 Show ports info vlan parameters
Field Description
PORT NUM Indicates the port and slot number.
TAGGING Indicates the state of ingress and egress tagging on the port.
ERS-8603:3/show/ports/info# vlans
=============================================================== Port Vlans===============================================================PORT DISCARD DISCARD DEFAULT VLAN PORT UNTAGNUM TAGGING TAGFRAM UNTAGFRAM VLANID IDS TYPE DEFVLAN---------------------------------------------------------------1/1 disable false false 1 1 normal disable1/2 disable false false 1 1 normal disable1/3 disable false false 1 1 normal disable
Configuring VLANs, Spanning Tree, and Link Aggregation
360 Chapter 7 Configuring and managing VLANs using the CLI
Displaying all port VLAN information
To display all port VLAN information, enter the following command:
show ports info all [vlan <value>] [port <value>] [by <value>]
where:
vlan <value> is the VLAN ID from 1 to 4092port <value> is the port or range of portsby <value> is the group ID.
Entering a vlan <value>, port <value> or by <value> is optional. When you enter a vlan <value>, port <value> or by <value>, the command shows information for the specified VLAN, port, or group ID. Without optional parameters, the command shows information for all the configured VLANs.
DISCARD TAGFRAM Indicates the state of how to process tagged frames received on this access port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are processed normally. This only applies when the port is a trunk port.
DISCARD UNTAGFRAM Indicates the state of how to process untagged frames received on this trunk port. When the flag is set, these frames are discarded by the forwarding process. When the flag is reset, these frames are assigned to the default VLAN ID specified by Default VlanId. This only applies when the port is a trunk port.
DEFAULT VLANID Indicates the VLAN ID assigned to untagged frames received on this trunk port. This only applies when the port is a trunk port.
VLAN IDS Indicates the VLANs assigned to this port.
PORT TYPE Indicates the type of port: normal, UNI, or NNI.
UNTAG DEFVLAN Indicates the status of egress tagging on the default VLAN port.
Table 60 Show ports info vlan parameters (continued)
Field Description
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 361
Figure 150 shows sample output for this command.
Figure 150 Show ports info port all command output
ERS-8610:5# show ports info all port 1/1
============================================================================= Port Interface=============================================================================PORT LINK PORT PHYSICAL STATUSNUM INDEX DESCRIPTION TRAP LOCK MTU ADDRESS ADMIN OPERATE-----------------------------------------------------------------------------1/1 64 1000BaseTX true false 1950 00:12:83:89:20:00 up down
============================================================================= Port Name=============================================================================PORT OPERATE OPERATE OPERATENUM NAME DESCRIPTION STATUS DUPLX SPEED VLAN-----------------------------------------------------------------------------1/1 1000BaseTX down half 0 Access
============================================================================= Port Config=============================================================================
PORT AUTO SFFD ADMIN OPERATE DIFF-SERV QOS BLOCK MLT VENDOR DUAL SMLT ADMIN OPERATE AUTO
NUM TYPE NEG. DUPLX SPD DUPLX SPD EN TYPE LVL TFR ID NAME CONN ID ROUTING ROUTING RECOVER-----------------------------------------------------------------------------1/1 1000BaseTX true false half 10 0 fals core 1 false 0 N/A 0 Enable Disable Disable
============================================================================= Port State=============================================================================PORT NUM ADMINSTATUS PORTSTATE REASON DATE-----------------------------------------------------------------------------1/1 up down -- 03/13/06 22:31:41
============================================================================= Port Arp=============================================================================
Configuring VLANs, Spanning Tree, and Link Aggregation
362 Chapter 7 Configuring and managing VLANs using the CLI
Table 59 on page 334 shows the field descriptions for this command.
Using the VLAN IP commands
The VLAN IP commands described in this section are general routing commands for the VLAN. Other VLAN commands are included in the sections of this manual that describe commands used with a specific protocol or feature.
Assigning an IP address to a VLAN
To assign an IP address to a VLAN, use the following command:
config vlan <vid> ip
where:vid is the VLAN ID from 1 to 4 092. Entering a vid is optional. When you enter a vid, the command shows information for the specified VLAN. Without the vid, the command shows information for all the configured VLANs.
This command includes the following options:
config vlan <vid> ip
followed by:
info Shows current level parameter settings and next level directories.
create <ipaddr|mask> [mac_offset <value>]
Assigns an IP address and subnet mask to the VLAN.
• <ipaddr|mask> is the IP address and mask {a.b.c.d}.
• mac_offset <value> is a user-assigned MAC address. This MAC address is in place of the default MAC address.
314725-E Rev 00
Chapter 7 Configuring and managing VLANs using the CLI 363
Figure 151 shows sample output for the config vlan ip info command.
Figure 151 Config vlan ip info command output
delete <ipaddr> Deletes the specified VLAN address.
Rvs-Path-Chk <enable|disable> [mode <value>]
Enables or disables reverse path checking.
• <enable|disable> enables or disables reverse path checking.
• mode <value> is the mode for reverse path checking—exist-only or strict.
See Configuring and Managing Security for more information about Reverse Path Checking.
config vlan <vid> ip
followed by:
ERS-8603:3/config/vlan/1/ip# infoSub-Context: arp-response dhcp-relay directed-broadcast dvmrp igmp ospf pim pgm proxy rip route-discovery rsmlt vrrp
Current Context: create : 10.1.1.1/255.255.255.0 mac_offset 1
delete : N/A
Configuring VLANs, Spanning Tree, and Link Aggregation
364 Chapter 7 Configuring and managing VLANs using the CLI
314725-E Rev 00
365
Chapter 8Configuring sVLANs using the CLI
The stacked VLAN (sVLAN) protocol transparently transports packets through an sVLAN domain by adding an additional 4-byte header to each packet.
This section describes how to configure sVLANs using the command line interface (CLI) and includes the following topics:
For conceptual information about sVLANs, see “Stacked VLANs” on page 59.
Topic Page
Roadmap of sVLAN commands 366
Overview of sVLAN CLI configuration 367
Creating an sVLAN 368
Setting the Ethertype and switch level 370
Showing Ethertype and switch level information 371
Setting the sVLAN port type 373
Creating an sVLAN STG 376
Note: R modules do not support the sVLAN feature.
Configuring VLANs, Spanning Tree, and Link Aggregation
366 Chapter 8 Configuring sVLANs using the CLI
Roadmap of sVLAN commands
The following roadmap lists the VLAN commands and their parameters. Use this list as a quick reference or click on any entry for more information.
Command Parameter
config svlan info
ether-type level <value> <ethertype>
level <level>
show svlan info ether-type
show svlan info active-level
config ethernet <ports> info
svlan-porttype <normal|uni|nni>
config stg <sid> info
add ports <value>
create [<ports>] [vlan <value>] [mac <value>] [type <value>] [ntstg <value>]
delete
forward-delay <timeval>
group-stp <enable|disable>
hello-interval <timeval>
max-age <timeval>
priority <number>
remove ports <value>
trap-stp <enable|disable>
config stg <sid> add ports <ports>
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 367
Overview of sVLAN CLI configuration
Follow these steps to create an sVLAN using the CLI:
1 Set the sVLAN switch level to 1 or higher.
For more information, see “Setting the Ethertype and switch level” on page 370.
2 Configure user-to-network interface (UNI) and network-to-network-interface (NNI) ports.
For more information, see “Setting the sVLAN port type” on page 373.
3 Create a spanning tree group (STG) of type sVLAN and set the tagged BPDU address as different from the standardized BPDU address.
For more information, see “Creating an sVLAN STG” on page 376.
4 Add UNI or NNI ports to the STG.
For more information, see “Adding UNI or NNI ports to the STG” on page 378.
5 Create a VLAN of type sVLAN within the STG created in Step 3 and add ports to it.
For more information, see “Creating an sVLAN” on page 368.
config vlan <vid> create bysvlan <sid> [name <value>] [color <value>]
bysvlan-mstprstp <instance-id> [name <value>] [color <value>]
Note: You must follow these steps in sequence to configure an sVLAN.
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
368 Chapter 8 Configuring sVLANs using the CLI
Creating an sVLAN
To create a VLAN of type sVLAN, use the following command:
config vlan <vid> create
This command allows you to specify the type of VLAN. The required parameter vid is the VLAN ID. VLAN 1 is the default VLAN.
This command includes the following parameters:
Figure 152 on page 369 shows sample output for the config vlan info command.
config vlan <vid> create
followed by:
bysvlan <sid> [name <value>] [color <value>]
Creates an sVLAN.
• <sid> is spanning tree ID.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
This command is available only for the Ethernet Routing Switch 8600.
bysvlan-mstprstp <instance-id> [name <value>] [color <value>]
Creates an sVLAN.
• <instance-id> is the instance ID from 0 to 63.
• name <value> is the name of the sVLAN.
• color <value> is the color of the sVLAN from 0 to 32. The color attribute is used by Optivity software to display the VLAN.
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 369
Figure 152 Config vlan info command output
Figure 153 on page 370 uses all the commands required to create an sVLAN.
Note: You must enter the commands in sequence.
ERS-8606:5/config/vlan/2# create bysvlan 2 name SVLAN2 color 11 ERS-8606:5/config/vlan/2# info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context: action : N/A add-mlt : addDsapSsap : removeDsapSsap : N/A agetime : N/A delete : N/A qoslevel : 1 name : SVLAN2 Security-vlan-type : none Cluster : 0
Configuring VLANs, Spanning Tree, and Link Aggregation
370 Chapter 8 Configuring sVLANs using the CLI
Figure 153 Sample command output for creating an sVLAN
Setting the Ethertype and switch level
To set the Ethertype and switch level, use the following command:
config svlan
For sVLAN configurations, you must set the switch level to 1 or higher.
The config svlan command includes the following parameters:
config svlan
followed by:
info Shows current configuration information for an sVLAN (Figure 154).
ether-type level <value> <ethertype>
Sets an sVLAN tag for a switch level.
• <value> is an integer value in the range of 1 to 7.
• <ethertype> is a hex value in the range of 0x5dd to 0xffff.
level <level> Specifies the switch level associated with this sVLAN.
• <level> is an integer value in the range of 0 to 7. Level 0 (normal port) 802.1Q frames are classified into port-based VLANs.
Level 1 to 7: any frame type is transparently switched and an additional Ethertype 4 bytes is added.
The default level is 0.
ERS-8606:5# config svlan level 3ERS-8606:5# config ethernet 2/1 svlan-porttype uniwarning: Ports 2/1 may be removed from all the Vlans and Stgs. Do you want to continue? (y/n) ? yERS-8606:5# config stg 9 create mac 01:90:c2:00:00:00 type stgsvlanERS-8606:5# config vlan 1476 create bysvlan 9 name SVLAN2 color 11ERS-8606:5# config stg 9 add ports 2/3ERS-8606:5#
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 371
Figure 154 shows the config svlan info command output.
Figure 154 Config svlan info command output
Showing Ethertype and switch level information
To display sVLAN Ethertype and level information, use the following commands:
show svlan info ether-typeshow svlan info active-level
ERS-8606:5# config svlan info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
LEVEL ETHER-TYPE 0 0x8100 1 0x8020 2 0x8030 3 0x8040 4 0x8050 5 0x8060 6 0x8070 7 0x8080
Active-Level = 0 ERS-8606:5
Configuring VLANs, Spanning Tree, and Link Aggregation
372 Chapter 8 Configuring sVLANs using the CLI
Figure 155 shows sample output for the show svlan info ether-type and active-level commands.
Figure 155 Show svlan info command output
Table 61 describes the fields for this command.
Table 61 Show svlan info ether-type parameters
Field Description
LEVEL Indicates the value that identifies the switch level associated with this entry.
ETHER-TYPE Indicates the ether type value used for sVLAN tagging.
ERS-8610:5# show svlan info ether-type
=========================================================================== Stacked Vlan Ether Type===========================================================================LEVEL ETHER-TYPE---------------------------------------------------------------------------0 0x81001 0x80202 0x80303 0x80404 0x80505 0x80606 0x80707 0x8080
ERS-8610:5# show svlan info active-levelActive-Level = 0ERS-8610:5#
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 373
Setting the sVLAN port type
You must set the sVLAN port type to sVLAN UNI or sVLAN NNI.
To set the sVLAN port type, use the following command:
config ethernet <ports> svlan-porttype <normal|uni|nni>
The warning shown in Figure 156 appears.
Figure 156 sVLAN-porttype warning
When you configure a UNI port in the CLI, the tagged-frames-discard parameter is automatically enabled. Similarly, when you configure an NNI port in the CLI, the untagged-frames-discard parameter is automatically enabled.
The
config ethernet <ports>
Note: Because each OctaPID can support up to eight ports, you must designate all ports within an OctaPID as either normal or sVLAN (that is, the ports can be all Normal or a combination of UNI/NNI within the Octapid, which can be up to eight ports). See Appendix A, “Tap and OctaPID assignment (Release 3.x feature set) and “Configuring sVLANs using the CLI” on page 365.
ERS-8606:5# config svlan level 1ERS-8606:5# config ethernet 10/12 svlan-porttype uniwarning: Ports 10/9-10/16 may be removed from all the Vlans and Stgs. Do you want to continue? (y/n) ? yERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
374 Chapter 8 Configuring sVLANs using the CLI
command includes the following parameters:
Figure 157 shows sample output for the config ethernet <ports> info command.
config ethernet <ports>
followed by:
info Shows the current port settings (Figure 157).
svlan-porttype <normal|uni|nni>
Sets the port type for the sVLAN to normal, user-to-network interface (UNI), or network-to-network interface (NNI). The default is normal.
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 375
Figure 157 Config ethernet <ports> info command output
ERS-8606:5/config/ethernet/4/1# info
Sub-Context: eapol fw-isd ip ipv6 ipx lacp limit-fdb-learning mroute-limit multimedia pcap remote-mirroring smlt stg unknown-mac-discard vlacpCurrent Context:
Port 4/1 : lock : false block-traffic : false name : auto-negotiate : true enable-diffserv : false access-diffserv : false qos-level : 1 routing : enable unknown-mac-discard : disable high-secure : false default-vlan-id : 1 untag-port-default-vlan : disable
tagged-frames-discard : disable perform-tagging : disable svlan-porttype : normal
untagged-frames-discard : disable loop-detect : disable action port-down
arp-detect disable state : up linktrap : enable
multicast-bandwidth-limit : disabled broadcast-bandwidth-limit : disabled
tx-flow-control : disabled sffd : disabled cp-limit : enabled multicast-limit 10000
broadcast-limit 10000 shape : disabled 802.1p-override : disable auto-recover-port : disable ext-cp-limit : None threshold-util-rate 50
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
376 Chapter 8 Configuring sVLANs using the CLI
Creating an sVLAN STG
To set a tagged bridge protocol data unit (BPDU) address different from the standardized BPDU address and create an sVLAN STG, use the following command:
config stg <sid>
The config stg <sid> command configures parameters for a specified spanning tree group, where <sid> is the spanning tree group ID.
The config stg <sid> command includes the following parameters:
config stg <sid>
followed by:
info Shows current configuration information.
add ports <value> Adds ports for the STG.
• <value> is the port list.
create [<ports>] [vlan <value>] [mac <value>] [type <value>] [ntstg <value>]
Creates a new STG.
• <ports> specifies one or more ports.
• vlan <value> is the tagged BPDU VLAN ID. If a VLAN spans multiple switches, it must be within the same STG across all switches.
• mac <value> is the tagged BPDU MAC address.
• type <value> sets the STG to normal or sVLAN. Choices are stgsvlan or stgnormal.
• ntstg <value> enables or disables NTSTG. Choices are enable or disable.
delete Deletes an STG.
forward-delay <timeval> Bridges forward delay time for the STG.
• <timeval> is the number in hundredths of a second.
group-stp <enable|disable> Enables or disables STP for a specific STG.
hello-interval <timeval> Bridge hello time for the STG.
• <timeval> is the number in hundredths of a second.
314725-E Rev 00
Chapter 8 Configuring sVLANs using the CLI 377
Figure 158 on page 378 shows sample output for the config stg info command.
max-age <timeval> Bridges maximum age time for the STG.
• <timeval> is the number in hundredths of a second.
priority <number> Bridges priority for the STG.
• <number> is the priority number.
remove ports <value> Removes ports for the STG.
• <value> is the port list.
trap-stp <enable|disable> Enables or disables STP traps for a specific STG.
config stg <sid>
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
378 Chapter 8 Configuring sVLANs using the CLI
Figure 158 Config stg info command output
Adding UNI or NNI ports to the STG
To add UNI or NNI ports to the STG, use the following command:
config stg <sid> add ports <ports>
The config stg <sid> command configures parameters for a specified spanning tree group, where <sid> is the spanning tree group ID.
The config stg <sid> command includes the following options:
config stg <sid>
followed by:
add ports <ports> Adds ports to a STG.
• <ports> specifies one or more ports.
ERS-8606:5# config stg 1 info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
add ports : 2/1-2/8,4/1-4/30 create : 1 delete : N/A forward-delay : 1500 group-stp : true hello-interval : 200 max-age : 2000 priority : 32768 remove ports : N/A trap-stp : true type : normal nt-stg : enable
ERS-8606:5#
314725-E Rev 00
379
Chapter 9Configuring STGs using the CLI
You can set up spanning tree groups (STG) by using the spanning tree group commands. You can set parameters for a group and for ports in that group. You can also enable or disable the Spanning Tree Protocol in an STG.
The Ethernet Routing Switch 8600 modules support up to 64 STGs in a switch.
This section includes information about configuring STG and its parameters by using the appropriate commands and includes the following topics:
For conceptual information about spanning tree protocols, see “Spanning tree protocols” on page 66.
Topic Page
Roadmap of spanning tree commands 380
Configuring the spanning tree protocol mode 384
Configuring Spanning Tree Protocol 385
Configuring Rapid Spanning Tree Protocol 403
Configuring Multiple Spanning Tree Protocol 413
Configuring VLANs, Spanning Tree, and Link Aggregation
380 Chapter 9 Configuring STGs using the CLI
Roadmap of spanning tree commands
The following roadmap lists all spanning tree commands and their parameters. Use this list as a quick reference or click on any entry for more information:
Command Parameter
config bootconfig flags spanning-tree-mode <rstp|mstp|default>
config rstp info
force version <stp-compatible|rstp>
forward-delay <number>
group-stp <enable|disable>
hello-time <number>
max-age <number>
pathcost-type <16-bit|32-bit>
priority <number>
tx-holdcount <number>
show rstp config
show rstp stats
show rstp status
show ports info rstp config [vlan <value>] [port <value>]
show ports info rstp config [vlan <value>] [port <value>]
show ports info rstp stats [vlan <value>] [port <value>]
show ports info rstp role port <portlist>
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 381
config eth <portlist> rstp info
edge-port <true|false>
p2p <forcetrue|forcefalse|auto>
pathcost <value>
priority <value>
protocol-migration <true|false>
stp <enable|disable>
config mstp info
pathcost-type <16-bit|32-bit>
hop count <number>
tx-holdcount <number>
config mstp region info
name <string>
revision <number>
config-id-sel <number>
config mstp cist info
force-version <stp-compatible|rstp|mstp>
forward-delay <number>
max-age <number>
priority <number>
config mstp msti <instid> info
priority
show mstp config
show mstp instance <instid>
show mstp stats
show mstp status
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
382 Chapter 9 Configuring STGs using the CLI
show ports info mstp cistinfo [vlan <value>] [port <value>]
mstiinfo [vlan <value>] [port <value>]
ciststat [vlan <value>] [port <value>]
mstistat [vlan <value>] [port <value>]
cistrole [vlan <value>] [port <value>]
mstirole [vlan <value>] [port <value>]
config eth <portlist> mstp cist info
edge-port <true|false>
forceportstate <enable|disable>
hello-time <value>
p2p <forcetrue|forcefalse|
protocol-migration <true|false>
priority <value>
pathcost <number>
config eth <portlist> mstp msti <instid>
info
priority <value>
pathcost <value>
forceport state <enable|disable>
config stg <sid> info
add ports <ports>
create [<ports>] [vlan <value>] [mac <value>] [type <value>] [ntstg <value>]
Command Parameter
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 383
delete
forward-delay <timeval>
group-stp <enable|disable>
hello-interval <timeval>
max-age <timeval>
priority <number>
remove ports <value>
trap-stp <enable|disable>
config ethernet <ports> stg <sid> info
change-detection <enable|disable>
faststart <enable|disable>
pathcost <intval>
priority <intval>
stp <enable|disable>
faststart <enable|disable>
show stg show-all
show stg info config <sid>
show stg info status <sid>
show ports info stg main [vlan <value>] [port <value>]
show ports info stg extended [vlan <value>] [port <value>]
show ports stats stg <ports>
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
384 Chapter 9 Configuring STGs using the CLI
Configuring the spanning tree protocol mode
There are three spanning tree protocol modes on the Ethernet Routing Switch 8600: Rapid Spanning Tree Protocol (RSTP), Multiple Spanning Tree Protocol (MSTP), and Legacy (Spanning Tree Protocol). To set the spanning tree mode of the switch, use the following command:
config bootconfig flags spanning-tree-mode <rstp|mstp|default>
where:rstp|mstp|default are the Spanning Tree modes RSTP, MSTP, and Legacy. The default is Legacy.
Figure 159 shows sample command line output for changing the spanning tree mode to RSTP.
Figure 159 Spanning tree mode commands
The config bootconfig flags spanning-tree-mode command is in the CLI Global configuration mode.
Note: To change the spanning tree mode, you must use the commands save bootconfig to save the boot configuration and boot to reboot the switch. You must start a new session on the switch.
ERS-8606:5# config bootconfig flags spanning-tree-mode rstpWarning: Please save boot configuration and reboot the switch for this to take effect.ERS-8606:5# save bootSave bootconfig to file /flash/boot.cfg successful.ERS-8606:5# bootAre you sure you want to re-boot the switch (y/n) ? y
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 385
Configuring Spanning Tree Protocol
The operation of the Spanning Tree Protocol (STP) is defined in the IEEE 802.1d standard. The STP detects and eliminates logical loops in a bridged or switched network. When multiple paths exist, the spanning tree algorithm configures the network so that a bridge or switch uses only the most efficient path. If that path fails, the protocol automatically reconfigures the network and makes another path active, which sustains network operations.
Spanning Tree Protocol is the default spanning tree protocol used by the Ethernet Routing Switch 8600. This section includes the following topics:
• “Configuring spanning tree group parameters”
• “Configuring STG port parameters” on page 387
• “Configuring topology change detection” on page 389
• “Using the show STG commands” on page 392
Configuring spanning tree group parameters
To configure parameters for a specified spanning tree group, enter the following command:
config stg <sid>
where:sid is the spanning tree group ID.
This command includes the following options:
config stg <sid>
followed by:
info Shows characteristics of the spanning tree group.
add ports <ports> Adds port to a spanning tree group.
• <ports> specifies one or more slot/port numbers.
Ports can not be added to the STG if they are:
• configured as Single Port SMLT
• configured as members of another STG
Configuring VLANs, Spanning Tree, and Link Aggregation
386 Chapter 9 Configuring STGs using the CLI
create [<ports>] [vlan <value>] [mac <value>] [type <value>] [ntstg <value>]
Creates a new spanning tree group.
• <ports> specifies one or more slot/port numbers.
Note: Ports cannot be added to the STG if configured as Single Port SMLT, or as a member of another STG.
• vlan <value> is the VLAN ID. If a VLAN spans multiple switches, it must be within the same STG across all switches.
• mac <value> is the MAC address.
• type <value> is the type of STG. Choices are stgnormal or stgsvlan.
• ntstg <value> enables or disables STP. Choices are enable or disable.
delete Deletes the specified spanning tree group.
forward-delay <timeval> Sets the bridge forward delay time in hundredths of a second. The default is 1500 (15 seconds).
group-stp <enable|disable>
Enables or disables the Spanning Tree Protocol on the specified spanning tree group.
hello-interval <timeval> Sets the bridge hello time in hundredths of a second. The default is 200 (2 seconds).
max-age <timeval> Sets the bridge maximum age time in hundredths of a second. The default is 2000 (20 seconds).
priority <number> Sets the bridge priority number.
• <number> is between 0 and 65535.
remove ports <value> Removes ports from a spanning tree group.• <value> is the specified port.
trap-stp <enable|disable>
Enables or disables the Spanning Tree Protocol trap for the specified spanning tree group.
Note: Disabling the Spanning Tree Protocol can reduce CPU overhead slightly. However, unless you are using the switch in a simple network with little possibility of looping, Nortel recommends that you leave the Spanning Tree Protocol enabled.
config stg <sid>
followed by:
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 387
Figure 160 shows sample output for the config stg info command.
Figure 160 Config stg info command output
Configuring STG port parameters
Ports must have tagging enabled to belong to multiple spanning tree groups.
To configure spanning tree group port parameters, enter the following command:
config ethernet <ports> stg <sid>
Note: Nortel recommends that you enable FastStart as an alternative to disabling Spanning Tree Protocol on an individual port. The Spanning Tree Protocol is currently not supported on SMLT/IST ports, and must be disabled.
ERS-8606:5# config stg 1 info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
add ports : 2/1-2/8,4/1-4/30 create : 1 delete : N/A forward-delay : 1500 group-stp : true hello-interval : 200 max-age : 2000 priority : 32768 remove ports : N/A trap-stp : true type : normal nt-stg : enable
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
388 Chapter 9 Configuring STGs using the CLI
where:<ports> is the slot/port you want to add to the STG.<sid> is the spanning tree group ID.
This command includes the following options:
To display the current settings for the spanning tree group, use the following command:
config ethernet <ports> stg <sid> info
config ethernet <ports> stg <sid>
followed by:
info Shows current settings for the port spanning tree group.
faststart <enable|disable> Enables or disables the FastStart feature. When FastStart is enabled, the port goes through the normal listening and learning states before forwarding, but the hold time for these states is the bridge hello timer (2 seconds by default) instead of the bridge forward delay timer (15 seconds by default).
change-detection <enable|disable>
Enables or disables topology change detection for the specified spanning tree. The default is enable.
pathcost <intval> Sets the contribution of this port to the path cost.
• <intval> is the cost (1 to 65535).
priority <intval> Sets the priority of this port.• <intval> is the priority (0 to 255).
Note: Although port priority values can range from 0 to 255, only the following values are used: 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, 240
stp <enable|disable> Enables or disables the Spanning Tree Protocol.
Note: Spanning Tree Protocol must be disabled on SMLT or IST ports.
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 389
where:<ports> is the slot/port you want to add to the STG.<sid> is the spanning tree group ID.
Figure 161 shows sample output for this command.
Figure 161 Config ethernet <slot/port> stg <sid> info command output
Configuring topology change detection
Change detection is enabled by default. With change detection enabled, when a topology change occurs, a trap is sent containing the MAC address of the STG sending the topology change notification (TCN), the port number, and the STG ID. You can use this information to identify the device. For more information about change detection, see “Spanning Tree Protocol topology change detection” on page 70.
To configure topology change detection, use the following command:
config ethernet <ports> stg <sid> change-detection <enable|disable>
ERS-8606:5# config ethernet 4/1 stg 1 info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
Port 4/1 : change-detection : enable faststart : disable pathcost : 100 priority : 128 stp : enable
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
390 Chapter 9 Configuring STGs using the CLI
where:<ports> is the slot/port you want to add to the STG.<sid> is the spanning tree group ID.
If you enable change detection on an MLT with access ports, the setting is automatically applied to all ports in the MLT.
Querying the change detection setting
To query the change detection setting, use the following command:
config ethernet <ports> stg <sid> info
where:<ports> is the slot/port you want to add to the STG.<sid> is the spanning tree group ID.
Figure 161 on page 389 shows sample output for this command.
The show ports info stg main command (Figure 162 on page 391) also shows the change detection setting.
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 391
Figure 162 Show ports info stg main command output
Table 62 explains the field parameters for this command.
Table 62 Show ports info stg main parameters
Field Description
SID Indicates the STG identifier this port is assigned to.
PORT_NUM Indicates the port number and slot.
PRIO Indicates the value of the priority field that is contained in the first (in network byte order) octet of the (two octet long) port ID.
ERS-8606:5# show ports info stg main
========================================================================== Port Stg========================================================================== ENABLE FORWARD CHANGESID PORT_NUM PRIO STATE STP FASTSTART PATHCOST TRANSITION DETECTION--------------------------------------------------------------------------1 2/1 128 forwarding false false 1 0 false1 2/2 128 forwarding false false 1 0 false1 2/3 128 forwarding false false 1 0 false1 2/4 128 forwarding false false 1 0 false1 2/5 128 forwarding false false 1 0 false1 2/6 128 forwarding false false 1 0 false1 2/7 128 forwarding false false 1 0 false1 2/8 128 forwarding false false 1 0 false1 4/1 128 disabled true false 100 0 true1 4/2 128 disabled true false 100 0 true1 4/3 128 disabled true false 100 0 true1 4/4 128 disabled true false 100 0 true1 4/5 128 disabled true false 100 0 true1 4/6 128 disabled true false 100 0 true1 4/7 128 disabled true false 100 0 true1 4/8 128 disabled true false 100 0 true
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
392 Chapter 9 Configuring STGs using the CLI
Using the show STG commands
To display the status of spanning tree on the switch or on a port, use the show stg commands.
This section includes information on show commands:
• “Displaying all STG information” on page 393• “Displaying STG configurations” on page 397• “Displaying STG status” on page 398• “Displaying basic STG information” on page 398• “Displaying additional STG information” on page 399• “Displaying STG statistics counters” on page 401
STATE Indicates the port current state as defined by the application of the Spanning Tree Protocol. This state controls what action a port takes on reception of a frame. If the bridge has detected a port that is malfunctioning it places that port into the broken state. Options include:
• disabled• blocking
• listening
• learning• forwarding
• broken
ENABLE STP Indicates that the Spanning Tree Protocol is active in this STG.
FASTSTART Indicates that the port is moved straight to the forwarding state upon being enabled.
PATHCOST Indicates the contribution of this port to the path cost of paths towards the spanning tree root which includes this port. 802.1d-1990 recommends that the default value of this parameter be inversely proportional to the speed of the attached LAN.
FORWARD TRANSITION Indicates the number of times this port has transitioned from the learning state to the forwarding state.
CHANGE DETECTION Indicates if topology change notifications are sent for the port.
Table 62 Show ports info stg main parameters (continued)
Field Description
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 393
Displaying all STG information
To display all spanning tree group information, enter the following command:
show stg show-all
The command uses the syntax:
show stg show-all file <value>
where:<value> is the filename to which the output will be redirected.
Figure 163 on page 394 shows sample output for this command.
Configuring VLANs, Spanning Tree, and Link Aggregation
394 Chapter 9 Configuring STGs using the CLI
Figure 163 Show stg show-all sample output
Table 63 explains the field headings for this command output.
Table 63 Show stg show-all parameters
Field Description
Stg Config
STG ID Indicates the STG identifier.
SJ-ERS-8610:6/show/stg# show-all
# show stg info config
================================================================== Stg Config==================================================================STG BRIDGE BRIDGE FORWARD ENABLE STPTRAPID PRIORITY MAX_AGE HELLO_TIME DELAY STP TRAP NT-STG------------------------------------------------------------------1 32768 2000 200 1500 true true enable
STG TAGGBPDU TAGGBPDU STG PORTID ADDRESS VLAN_ID TYPE MEMBER------------------------------------------------------------------1 01:80:c2:00:00:00 0 normal 1/1-1/48,7/1-7/3,8/1-8/8
Total number of STGs : 1
# show stg info status
================================================================== Stg Status==================================================================STG BRIDGE NUM PROTOCOL TOPID ADDRESS PORTS SPECIFICATION CHANGES------------------------------------------------------------------1 00:12:83:89:20:01 59 ieee8021d 0
STG DESIGNATED ROOT ROOT MAX HELLO HOLD FORWARDID ROOT COST PORT AGE TIME TIME DELAY------------------------------------------------------------------1 80:00:00:12:83:89:20:01 0 cpp 2000 200 100 1500
Total number of STGs : 1
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 395
PRIORITY Indicates the value of the priority field that is contained in the first (in network byte order) octet of the two octet long port ID.
BRIDGE MAX_AGE Indicates the value that all bridges use for the bridge maximum age when this bridge acts as the root.
BRIDGE HELLO_TIME Indicates the value that all bridges use for the bridge hello timer when this bridge acts as the root.
FORWARD DELAY Indicates the value that all bridges use for forward delay when this bridge acts as the root. This time value, measured in units of hundredths of a second, controls how fast a port changes its spanning state when moving towards the forwarding state. The value determines how long the port stays in each of the listening and learning states, which precede the forwarding state. This value is also used, when a topology change is detected and is underway, to age all dynamic entries in the forwarding database.
ENABLE STP Indicates that the Spanning Tree Protocol is active in this STG.
STPTRAP TRAP Indicates the traps relating to the Spanning Tree Protocol which are sent for this STG.
NT-STG Indicates the whether this STG is operating in Nortel mode or in Cisco mode.• enable—Nortel mode
• disable—Cisco mode
Stg Status
STG ID Indicates the STG identifier.
BRIDGE ADDRESS Indicates the MAC address used by this bridge when it must be referred to in a unique fashion. Nortel recommends that this be the numerically smallest MAC address of all the ports that belong to this bridge.
NUM PORTS Indicates the number of ports controlled by this bridging entity.
PROTOCOL SPECIFICATION
Indicates the version of the Spanning Tree Protocol that is used. The value decLb100 indicates the DEC LAN bridge 100 Spanning Tree protocol. IEEE 802.1d implementations will return ieee8021d.
TOP CHANGES Indicates the total number of topology changes detected by this bridge since the management entity was last reset or initialized.
Table 63 Show stg show-all parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
396 Chapter 9 Configuring STGs using the CLI
DESIGNATED ROOT Indicates the bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol as executed by this node. This value is used as the root identifier parameter in all configuration Bridge PDUs originated by this node.
ROOT COST Indicates the cost of the path to the root as seen from this bridge.
ROOT PORT Indicates the port number of the port that offers the lowest cost path from this bridge to the root bridge.
MAX AGE Indicates the maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded, in units of hundredths of a second. This is the actual value that this bridge is currently using.
HELLO TIME Indicates the amount of time between the transmission of configuration bridge PDUs by this node on any port when it is the root of the spanning tree or trying to become so, in units of hundredths of a second. This is the actual value that this bridge is currently using.
HOLD TIME Indicates the interval length during which no more than two configuration bridge PDUs are transmitted by this node, in units of hundredths of a second.
FORWARD DELAY Indicates the how fast (in hundredths of a second) a port changes its spanning state when moving towards the Forwarding state. The value determines how long the port stays in each of the listening and learning states, which precede the forwarding state. This value is also used, when a topology change is detected and is underway, to age all dynamic entries in the forwarding database. Note: This value is the one that this bridge is currently using, in contrast to the bridge forward delay which is the value that this bridge and all others would start using if this bridge were to become the root.
Table 63 Show stg show-all parameters (continued)
Field Description
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 397
Displaying STG configurations
To display the spanning tree group configuration for the switch or for the specified spanning tree group, enter the following command:
show stg info config <sid>
The command syntax is:
show stg info config <sid>
where:<sid> is the spanning tree group ID.
Figure 164 shows sample output for the show stg info config command.
Figure 164 Show stg info config command output
See Table 63 on page 394 for descriptions of the parameters for this command.
ERS-8606:5# show stg info config
============================================================================== Stg Config==============================================================================STG BRIDGE BRIDGE FORWARD ENABLE STPTRAPID PRIORITY MAX_AGE HELLO_TIME DELAY STP TRAP NT-STG ------------------------------------------------------------------------------1 32768 2000 200 1500 true true enable
STG TAGGBPDU TAGGBPDU STG PORTID ADDRESS VLAN_ID TYPE MEMBER------------------------------------------------------------------------------1 01:80:c2:00:00:00 0 normal 2/1-2/8,4/1-4/30
Total number of STGs : 1
ERS-8606#
Configuring VLANs, Spanning Tree, and Link Aggregation
398 Chapter 9 Configuring STGs using the CLI
Displaying STG status
To display the spanning tree group status for the specified spanning tree group or all STGs, enter the following command:
show stg info status <sid>
where:<sid> is the spanning tree group ID.
Figure 165 shows sample output for the show stg info status command.
Figure 165 Show stg info status command output
See Table 63 on page 394 for descriptions of the parameters for this command.
Displaying basic STG information
To display basic spanning tree group information about one or more specified ports or about all ports, enter the following command:
show ports info stg main [vlan <value>] [port <value>]
ERS-8606:5# show stg info status
============================================================================= Stg Status=============================================================================STG BRIDGE NUM PROTOCOL TOP ID ADDRESS PORTS SPECIFICATION CHANGES -----------------------------------------------------------------------------1 00:80:2d:c0:90:01 38 ieee8021d 75
STG DESIGNATED ROOT ROOT MAX HELLO HOLD FORWARD ID ROOT COST PORT AGE TIME TIME DELAY -----------------------------------------------------------------------------1 80:00:00:80:2d:c0:90:01 0 cpp 2000 200 100 1500
Total number of STGs : 1ERS-8606:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 399
where:vlan <value> is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vlan <value> or port <value> is optional. When you enter a vlan <value> or port <value>, the command shows information for the specified VLAN or port. Without the vlan <value> or port <value>, the command shows information for all the configured VLANs.
(For more information about the show ports info stg extended command, see “Displaying basic STG information” on page 398.)
Figure 166 shows sample output for the show ports info stg main command.
Figure 166 Show ports info stg main command output
See Table 62 on page 391 for descriptions of the parameters for this command.
Displaying additional STG information
To display additional spanning tree group information about the specified port or about all ports, enter the following command:
show ports info stg extended [vlan <value>] [port <value>]
ERS-8606:5# show ports info stg main 4/1
============================================================================== Port Stg============================================================================== ENABLE FORWARD CHANGESID PORT_NUM PRIO STATE STP FASTSTART PATHCOST TRANSITION DETECTION------------------------------------------------------------------------------1 4/1 128 disabled true false 100 0 true
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
400 Chapter 9 Configuring STGs using the CLI
where:vlan <value> is the VLAN ID from 1 to 4 092,port <value> is the port or range of ports.
Entering a vlan <value> or port <value> is optional. When you enter a vlan <value> or port <value>, the command shows information for the specified VLAN or port. Without the vlan <value> or port <value>, the command shows information for all the configured VLANs.
This information is less often used in switch monitoring than the information obtained with the show ports info stg main command (page 398).
Figure 167 shows sample output for the show ports info stg extended command.
Figure 167 Show ports info stg extended command output
Table 64 explains the parameters for this command.
Table 64 Show ports info stg extended parameters
Field Description
STG ID Indicates the STG identifier.
PORT NUM Indicates the port and slot number.
ERS-8606:5# show ports info stg extended
============================================================================= Port Stg Extended=============================================================================
----------------------DESIGNATED----------------SID PORT_NUM ROOT COST BRIDGE PORT -----------------------------------------------------------------------------1 2/1 80:00:00:80:2d:c0:90:01 0 80:00:00:80:2d:c0:90:01 80:801 2/2 80:00:00:80:2d:c0:90:01 0 80:00:00:80:2d:c0:90:01 80:811 2/3 80:00:00:80:2d:c0:90:01 0 80:00:00:80:2d:c0:90:01 80:82
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 401
Displaying STG statistics counters
To display statistics counters for spanning tree groups on all ports or the specified port, enter the following command:
show ports stats stg <ports>
where:<ports> is the port or list of ports.
Figure 168 on page 402 shows sample output for the show ports stats stg command.
DESIGNATED ROOT Indicates the bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol as executed by this node. This value is used as the root identifier parameter in all configuration bridge PDUs originated by this node.
DESIGNATED ROOT COST
Indicates the cost of the path to the root as seen from this bridge.
DESIGNATED BRIDGE ADDRESS
Indicates the MAC address used by this bridge when it must be referred to in a unique fashion. Nortel recommends that this be the numerically smallest MAC address of all the ports that belong to this bridge.
DESIGNATED ROOT PORT
Indicates the port number of the port that offers the lowest cost path from this bridge to the root bridge.
Table 64 Show ports info stg extended parameters (continued)
Field Description
Configuring VLANs, Spanning Tree, and Link Aggregation
402 Chapter 9 Configuring STGs using the CLI
Figure 168 Show ports stats stg command (partial output)
Table 65 explains the parameters for this command.
Table 65 Show ports stats stg extended parameters
Field Description
PORT NUM Indicates the port and slot number.
IN_CONFIG BPDU Indicates the number of configuration BPUs received by this port.
IN_TCN BPDU Indicates the number of topology change notification BPUs received by this port.
IN_BAD BPDU Indicates the number of bad BPUs received by this port.
OUT_CONFIG BPDU Indicates the number of Config BPUs transmitted by this port.
OUT_TCN BPDU Indicates the number of topology change notification BPUs transmitted by this port.
ERS-8606:5# show ports stats stg
============================================================================== Port Stats Stg==============================================================================PORT IN_CONFIG IN_TCN IN_BAD OUT_CONFIG OUT_TCN NUM BPDU BPDU BPDU BPDU BPDU ------------------------------------------------------------------------------2/1 0 0 0 0 0 2/2 0 0 0 0 0 2/3 0 0 0 0 0
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 403
Configuring Rapid Spanning Tree Protocol
Rapid Spanning Tree Protocol (RSTP) reduces the recovery time after a network breakdown. For more information about MSTP, see “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 73.
This section describes the following topics:
• “Configuring Rapid Spanning Tree Protocol”
• “Showing RSTP config” on page 404
• “Showing RSTP stats” on page 405
• “Showing RSTP status” on page 406
• “Showing ports info RSTP config” on page 407
• “Showing ports info RSTP stats” on page 408
• “Showing ports info RSTP config” on page 410
• “Showing ports info RSTP role” on page 411
• “Configuring Ethernet RSTP” on page 412
Configuring Rapid Spanning Tree Protocol
To set the Rapid Spanning Tree Protocol (RSTP) parameters for the bridge, use the following command:
config rstp
The config rstp command is in the CLI Global configuration mode.
Note: If you use the force version command to change the STP version to MSTP or RSTP, you must reconfigure the Root Path Cost parameter. It does not return to the default value when the version is changed; instead, its value is changed to 65535.
Configuring VLANs, Spanning Tree, and Link Aggregation
404 Chapter 9 Configuring STGs using the CLI
This command includes the following options:
Showing RSTP config
To display the Rapid Spanning Tree Protocol (RSTP) configuration details, use the following command:
show rstp config
The show rstp config command is in the CLI Global configuration mode.
Figure 169 on page 405 shows sample output for the show rstp config command.
config rstp
followed by:
info Shows current level parameter settings and next level directories.
force version <stp-compatible|rstp>
Sets the RSTP bridge version; default is rstp.
forward-delay <number> Sets the RSTP forward delay for the bridge from 400 to 3000 hundredths of a second.
group-stp <enable|disable>
Enables or disables RSTP for a specific STG.
hello-time <number> Sets the RSTP hello time delay for the bridge from 100 to 1000 hundredths of a second.
max-age <number> Sets the RSTP maximum age time for the bridge from 600 to 4000 hundredths of a second.
pathcost-type <16-bit|32-bit>
Sets the RSTP default pathcost version; default is 32 bits.
priority <number> Sets the RSTP bridge priority from 0 to 61440 in steps of 4096.
tx-holdcount <number> Sets the RSTP Transmit Hold Count from 1 to 10; default is 3.
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 405
Figure 169 Show rstp config command
Showing RSTP stats
To show RSTP statistics, use the following command:
show rstp stats
The show rstp stats command is in the CLI Global configuration mode.
Figure 170 on page 406 shows sample output for the show rstp stats command.
ERS-8606:5# show rstp config
============================================================ RSTP Configuration============================================================Rstp Module Status : EnabledPrority : 32768 (0x8000)Stp Version : rstp ModeBridge Max Age : 20 secondsBridge Hello Time : 2 secondsBridge Forward Delay Time : 15 secondsTx Hold Count : 3PathCost Default Type : 32-bit
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
406 Chapter 9 Configuring STGs using the CLI
Figure 170 Show rstp stats command
Showing RSTP status
To display the Rapid Spanning Tree Protocol (RSTP) related status information for the selected bridge, use the following command:
show rstp status
This command is in the CLI Global configuration mode.
Figure 171 on page 407 shows sample output for the show rstp status command.
ERS-8606:5# show rstp stats
============================================================ RSTP Statistics============================================================Rstp UP Count : 1Rstp Down Count : 0Count of Root Bridge Changes : 0Stp Time since Topology change: 487 seconds Total No. of topology changes : 2ERS-8606:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 407
Figure 171 Show rstp status command
Showing ports info RSTP config
To display the Rapid Spanning Tree Protocol (RSTP) related port level configuration details, use the following command:
show ports info rstp config [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
This command is in the CLI Global configuration mode.
Figure 172 on page 408 shows sample output for the show ports info rstp config command.
ERS-8606:5# show rstp status
============================================================ RSTP Status Information============================================================Designated Root : 80:00:00:80:2d:c0:90:01Stp Root Cost : 0Stp Root Port : cppStp Max Age : 20 seconds Stp Hello Time : 2 seconds Stp Forward Delay Time : 15 seconds ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
408 Chapter 9 Configuring STGs using the CLI
Figure 172 Show ports info rstp config command output
Showing ports info RSTP stats
To display the Rapid Spanning Tree Protocol (RSTP) related port level statistics use the following command:
show ports info rstp stats [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
The show ports info rstp stats command is in the CLI Global configuration mode.
Figure 173 on page 409 shows sample output for the show ports info rstp stats command.
ERS-8606:5# show ports info rstp config
============================================================ RSTP Port Configurations============================================================Port Number : 2/1Port Priority : 128 (0x80) Port PathCost : 20000Port Protocol Migration : FalsePort Admin Edge Status : FalsePort Oper Edge Status : FalsePort Admin P2P Status : AutoPort Oper P2P Status : FalsePort Oper Protocol Version : Rstp
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 409
Figure 173 Show ports info rstp stats command
Showing ports info RSTP status
To display the Rapid Spanning Tree Protocol (RSTP) related status information for a selected port use the following command:
show ports info rstp status [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
The show ports info rstp status command is in the CLI Global configuration mode.
Figure 175 on page 411 shows sample output for the show ports info rstp status command.
ERS-8606:5# show ports info rstp stats
============================================================= RSTP Port Statistics=============================================================Port Number : 2/1Number of Fwd Transitions : 1Rx RST BPDUs Count : 0Rx Config BPDU Count : 0Rx TCN BPDU Count : 0Tx RST BPDUs Count : 737Tx Config BPDU Count : 0Tx TCN BPDU Count : 0Invalid RST BPDUs Rx Count : 0Invalid Config BPDU Rx Count : 0Invalid TCN BPDU Rx Count : 0Protocol Migration Count : 0
Configuring VLANs, Spanning Tree, and Link Aggregation
410 Chapter 9 Configuring STGs using the CLI
Figure 174 Show ports info rstp status command
Showing ports info RSTP config
To display the Rapid Spanning Tree Protocol (RSTP) related configuration information for the selected port use the following command:
show ports info rstp config [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
The show ports info rstp config command is in the CLI Global configuration mode.
Figure 175 on page 411 shows sample output for the show ports info rstp config command.
ERS-8606:5# show ports info rstp status
============================================================== RSTP Port Status (Port Priority Vector)==============================================================Port Number : 2/1Port Designated Root : 80:00:00:80:2d:c0:90:01Port Designated Cost : 0Port Designated Bridge : 80:00:00:80:2d:c0:90:01Port Designated Port : 80:80
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 411
Figure 175 Show ports info rstp config command
Showing ports info RSTP role
To display the RSTP role, use the following command:
show ports info rstp role port <portlist>
where:<portlist> is the port list.
The show ports info rstp role command is in the CLI Interface configuration mode.
Figure 176 on page 412 shows the output for the show ports info rstp command.
ERS-8610:5# show ports info rstp config
============================================================== RSTP Port Configurations==============================================================Port Number : 1/1Port Priority : 128 (0x80)Port PathCost : 200000000Port Protocol Migration : FalsePort Admin Edge Status : FalsePort Oper Edge Status : FalsePort Admin P2P Status : AutoPort Oper P2P Status : FalsePort Oper Protocol Version : RstpERS-8610:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
412 Chapter 9 Configuring STGs using the CLI
Figure 176 Show ports info rstp role command
Configuring Ethernet RSTP
To set RSTP parameters for the port, use the following command:
config eth <portlist> rstp
The config eth rstp info command is in the CLI Global configuration mode.
This command includes the following options:
config eth <portlist> rstp
followed by:
info Shows current level parameter settings and next level directories.
edge-port <true|false> Sets the RSTP edge port parameter for the port.
p2p <forcetrue|forcefalse|auto>
Sets the Ethernet RSTP point-to-point parameter for the port.
ERS-8606:5# show ports info rstp role
============================================================= RSTP Port Roles and States=============================================================
Port-Index Port-Role Port-State PortSTPStatus PortOperStatus-------------------------------------------------------------2/1 Designated Forwarding Disabled Enabled 2/2 Designated Forwarding Disabled Enabled 2/3 Designated Forwarding Disabled Enabled 2/4 Designated Forwarding Disabled Enabled 2/5 Designated Forwarding Disabled Enabled 2/6 Designated Forwarding Disabled Enabled 2/7 Designated Forwarding Disabled Enabled 2/8 Designated Forwarding Disabled Enabled 4/1 Disabled Discarding Enabled Disabled
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 413
Configuring Multiple Spanning Tree Protocol
Multiple Spanning Tree Protocol (MSTP) allows you to configure multiple instances of RSTP on the same switch. For more information about MSTP, see “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 73.
This section describes the following topics:
• “Configuring Multiple Spanning Tree Protocol” on page 414
• “Configuring MSTP region” on page 414
• “Configuring MSTP CIST” on page 415
• “Configuring MSTP MSTI” on page 416
• “Showing MSTP configurations” on page 417
• “Showing MSTP instance information” on page 418
• “Showing MSTP stats” on page 419
• “Showing MSTP status” on page 420
• “Showing MSTP port information” on page 421
pathcost <value> Sets the RSTP path cost parameter for the port from 1 to 20 000 000.
priority <value> Sets the Ethernet RSTP priority parameter for the port. The priority ranges from 0 to 240 in steps of 16 (0, 16, 32....240).
protocol-migration <true|false>
Sets the Ethernet RSTP protocol-migration parameter for the port.
stp <enable|disable> Enables or disables STP on the port.
config eth <portlist> rstp
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
414 Chapter 9 Configuring STGs using the CLI
Configuring Multiple Spanning Tree Protocol
To set the Multiple Spanning Tree Protocol (MSTP) configuration version, use the following command.
config mstp
The config mstp command is in the CLI Global configuration mode.
This command includes the following options:
Figure 177 shows sample output for the config mstp info command.
Figure 177 Config mstp info command
Configuring MSTP region
To configure the MSTP region, use the following command:
config mstp region
config mstp
followed by:
info Shows current level parameter settings and next level directories.
pathcost-type <16-bit|32-bit>
Sets the MSTP default path cost version; default is 32 bits.
hop count <number> Sets the MSTP hop count. The range is
400 to 4000 hundredths of a second; default is 2000.
tx-holdcount <number> Sets the MSTP Transmit Hold Count. The range is
1 to 10; the default is 3.
ERS-8606:5# config mstp info hop-count : 2000 pathcost-type : 32-bit tx-holdcount : 3
ERS-8606:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 415
The config mstp region command is in the CLI Global configuration mode.
This command includes the following options:
Figure 178 shows sample output for the config mstp region commands.
Figure 178 Config mstp region command
Configuring MSTP CIST
To configure the MSTP Common and Internal Spanning Tree (CIST) parameters, use the following command:
config mstp cist
config mstp region
followed by:
info Shows current level parameter settings and next level directories.
name <string> Sets the MSTP configuration name.• <string> is from 1 to 32 characters.
revision <number> Sets the MSTP region revision number
• <number> is between 0 and 65 535.
config-id-sel <number> Sets the MSTP region configuration ID number.
• <number> is between 0 and 255.
ERS-8610:6# config mstp region name mstp-region-1ERS-8610:6# config mstp region config-id-sel 250ERS-8610:6# config mstp region revision 12ERS-8610:6# config mstp region info config-id-sel : 250 region-name : mstp-region-1 revision : 12
ERS-8610:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
416 Chapter 9 Configuring STGs using the CLI
This command includes the following options:
Figure 179 shows sample output of these commands.
Figure 179 Config mstp cist command
Configuring MSTP MSTI
To set the Multiple Spanning Tree Instance (MSTI) configuration version, use the following command:
config mstp msti <instid>
where <instid> is the instance ID.
The config mstp msti command is in the CLI Instance configuration mode.
config mstp cist
followed by:
info Shows current level parameter settings and next level directories.
force-version <stp-compatible|rstp|mstp>
Sets the CIST version.
forward-delay <number> Sets the CIST forward delay from 400 to 3000 hundredths of a second; default is 1500.
max-age <number> Sets the CIST maximum age time from 600 to 4000 hundredths of a second for the bridge; the default is 2000. The step size is in hundreds.
priority <number> Sets the CIST bridge priority from 0 to 61 440 in steps of 4096; the default is 32 768.
ERS-8610:5# config mstp cist max-age 650ERS-8610:5# config mstp cist priority 4096ERS-8610:5# config mstp cist info force-version : mstp forward-delay : 1500 max-age : 600 priority : 4096 (0x1000)
ERS-8610:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 417
This command uses the following options:
Figure 180 shows configuration information for this command.
Figure 180 Config mstp msti command
Showing MSTP configurations
To display the Multiple Spanning Tree Protocol (MSTP) related bridge-level VLAN and region information, use the following command:
show mstp config
The show mstp config command is in the CLI Global configuration mode.
Figure 181 on page 418 shows sample output for this command.
config mstp msti <instid>
followed by:
info Shows current level parameter settings and next level directories.
priority Sets the MSTP bridge priority. Allowed values are 4096, 8192, 12 288, 16 384, 20 480, 24 576, 28 672, 32 768, 36 864, 40 960, 45 056, 49 152, 53 248, 57 344, 61 440.
ERS-8606:5# config mstp msti ?
Sub-Context:Current Context:
info priority <number>
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
418 Chapter 9 Configuring STGs using the CLI
Figure 181 Show mstp config.
Showing MSTP instance information
To show the MSTP instance-specific bridge and VLAN information, use the following command:
show mstp instance <instid>
where: <instid> is the instance ID.
Figure 182 on page 419 shows sample output for this command.
RS-8606:5# show mstp config
============================================================== MSTP Configurations==============================================================Mstp Module Status : EnabledNumber of Msti Supported : 64Cist Bridge priority : 32768 (0x8000)Stp Version : Mstp ModeCist Bridge Max Age : 20 secondsCist Bridge Forward Delay : 15 secondsTx Hold Count : 3PathCost Default Type : 32-bitMax Hop Count : 2000Msti Config Id Selector : 0Msti Region Name : 00:80:2d:c0:90:01Msti Region Version : 0Msti Config Digest : ac:36:17:7f:50:28:3c:d4:b8:38:21:d8:ab:26:de:62
ERS-8606:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 419
Figure 182 Show mstp instance command
Showing MSTP stats
To display the MSTP related bridge-level statistics, use the following command:
show mstp stats
The show mstp stats command is in the CLI Global configuration mode.
Figure 183 on page 420 shows sample output for this command.
ERS-8606:5# show mstp inst 5
============================================================== MSTP Instance Status==============================================================Instance Id : 5Msti Bridge Regional Root : 80:00:00:03:4b:4f:d0:01Msti Bridge Priority : 32768 (0x8000)Msti Root Cost : 0Msti Root Port : cppMsti Instance Vlan Mapped : 5Msti Instance Vlan Mapped2k : Msti Instance Vlan Mapped3k : Msti Instance Vlan Mapped4k :
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
420 Chapter 9 Configuring STGs using the CLI
Figure 183 Show mstp stats
Showing MSTP status
To display the MSTP related status information known by the selected bridge, use the following command:
show mstp status
The show mstp status command is in the CLI Global configuration mode.
Figure 184 on page 421 shows sample output for this command.
ERS-8606:5# show mstp stats
============================================================= MSTP Bridge Statistics=============================================================Mstp UP Count : 1Mstp Down Count : 0Region Config Change Count : 3Time since topology change : 0 seconds Topology change count : 0New Root Bridge Count : 1
ERS-8606:5#
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 421
Figure 184 Show mstp status command
Showing MSTP port information
To display the MSTP, CIST port, and MSTI port information maintained by every port of the Common Spanning Tree, use the following command:
show ports info mstp
RS-8606:5# show mstp status
=============================================================== MSTP Status===============================================================---------------------------------------------------------------Bridge Address : 00:80:2d:c0:90:01Cist Root : 80:00:00:80:2d:c0:90:01Cist Regional Root : 80:00:00:80:2d:c0:90:01Cist Root Port : cppCist Root Cost : 0Cist Regional Root Cost : 0Cist Instance Vlan Mapped : 1-1024Cist Instance Vlan Mapped2k : 1025-2048Cist Instance Vlan Mapped3k : 2049-3072Cist Instance Vlan Mapped4k : 3073-4094Cist Max Age : 20 secondsCist Forward Delay : 15 seconds
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
422 Chapter 9 Configuring STGs using the CLI
This command includes the following parameters:
Figure 185 on page 423 shows sample output for this command.
show ports info mstp
followed by:
cistinfo [vlan <value>] [port <value>]
Shows port CIST configuration.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
mstiinfo [vlan <value>] [port <value>]
Shows port MSTI configuration.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
ciststat [vlan <value>] [port <value>]
Shows statistics for CIST port.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
mstistat [vlan <value>] [port <value>]
Shows port MSTI stats.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
cistrole [vlan <value>] [port <value>]
Shows port CIST port role.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
mstirole [vlan <value>] [port <value>]
Shows port MSTI port role.
• vlan <value> specifies the VLAN IDs.• port <value> specifies the portlist.
Note: External and internal path costs are displayed incorrectly in the show ports info CLI output for the CIST and MST.
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 423
Figure 185 Show ports info mstp cistinfo command output
ERS-8606:5/show/ports/info/mstp# cistinfo
==============================================================MSTP Cist Port Information(Port Priority Vector)==============================================================Port Number : 2/1Cist Port Priority : 128 (0x80)Cist Port Designated Root : 80:00:00:80:2d:c0:90:01Cist Port Designated Cost : 0Cist Port Designated Bridge : 80:00:00:80:2d:c0:90:01Cist Port Designated Port : 80:80Cist Port Regional Root : 80:00:00:80:2d:c0:90:01Cist Port Regional PathCost : 0Cist Port Protocol Migration : FalseCist Port Admin Edge Status : FalseCist Port Oper Edge Status : FalseCist Port Admin P2P Status : AutoCist Port Oper P2P Status : TrueCist Port Hello Time : 2Cist Port Oper Proto-Version : MstpPort Number : 2/2Cist Port Priority : 128 (0x80)Cist Port Designated Root : 80:00:00:80:2d:c0:90:01Cist Port Designated Cost : 0Cist Port Designated Bridge : 80:00:00:80:2d:c0:90:01Cist Port Designated Port : 80:81Cist Port Regional Root : 80:00:00:80:2d:c0:90:01Cist Port Regional PathCost : 0Cist Port Protocol Migration : FalseCist Port Admin Edge Status : FalseCist Port Oper Edge Status : FalseCist Port Admin P2P Status : AutoCist Port Oper P2P Status : TrueCist Port Hello Time : 2Cist Port Oper Proto-Version : Mstp
Configuring VLANs, Spanning Tree, and Link Aggregation
424 Chapter 9 Configuring STGs using the CLI
Configuring Ethernet MSTP CIST
To configure the Ethernet MSTP CIST parameters for a port, use the following command:
config eth <portlist> mstp cist
where:<portlist> is the port list.
The config eth mstp cist command is in the CLI Global configuration mode.
This command includes the following options:
config eth <portlist> mstp cist
followed by:
info Shows current level parameter settings and next level directories.
edge-port <true|false> Sets the MSTP edge port parameter for the port.
forceportstate <enable|disable>
Set forceportstate for a port.
hello-time <value> Sets the hello time for a port from 100 to 1000 hundredths of a second.
p2p <forcetrue|forcefalse|
auto>
Sets the Ethernet MSTP CIST point-to-point parameter for the port.
protocol-migration <true|false>
Sets the Ethernet MSTP CIST protocol-migration parameter for the port.
priority <value> Sets the Ethernet MSTP CIST priority parameter for the port. The priority must be set in steps of 16 within the range of 0 to 240.
pathcost <number> Sets the MSTP path cost parameter for the port.
314725-E Rev 00
Chapter 9 Configuring STGs using the CLI 425
Configuring Ethernet MSTP MSTI
To configure the Ethernet MSTP MSTI parameters on a port, use the following command:
config eth <portlist> mstp msti <instid>
where:<portlist> is the port list, and <instid> is the instance ID.
The config eth mstp msti command is in the CLI Global configuration mode.
This command includes the following options:
config eth <portlist> mstp msti <instid>
followed by:
info Shows current level parameter settings and next level directories.
priority <value> Sets the Ethernet MSTP MSTI priority parameter for the port.
pathcost <value> Sets the MSTP MSTI path cost parameter for the port.
forceport state <enable|disable>
Sets the MSTP MSTI force port state parameter for the port.
Configuring VLANs, Spanning Tree, and Link Aggregation
426 Chapter 9 Configuring STGs using the CLI
314725-E Rev 00
427
Chapter 10Configuring link aggregation using the CLI
Link aggregation allows you to bundle a set of ports into a port group, which is represented as one logical interface to upper layer protocols.
This section describes the link aggregation commands.
This chapter includes the following topics:
Note: For conceptual information about link aggregation, see “Link aggregation (MLT, SMLT, LACP, VLACP)” on page 78.
Topic Page
Roadmap of link aggregation commands 428
Configuring link aggregation 433
Using the MLT and SMLT show commands 463
Troubleshooting SMLT problems 473
Global MAC filtering 477
Configuring Simple Loop Prevention Protocol 478
Configuring VLANs, Spanning Tree, and Link Aggregation
428 Chapter 10 Configuring link aggregation using the CLI
Roadmap of link aggregation commands
The following roadmap lists the commands used for configuring link aggregation.
Command Parameter
config mlt <mid> info
create
cp-limit <enable|disable> [multicast-limit <value>] [broadcast-limit <value>]
delete
mcast-distribution <enable|disable>
name <string>
perform-tagging <enable|disable>
svlan-porttype <uni|nni|normal>
ntstg <enable|disable>
config mlt <mid> add info
ports <ports>
vlan <vid>
config mlt <mid> remove info
ports <ports>
vlan <vid>
config lacp info
enable
disable
aggr-wait-time <milliseconds>
system-priority <integer>
smlt-sys-id <BaseMac>
fast-periodic-time <milliseconds>
slow-periodic-time <milliseconds>
timeout-scale <integer>
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 429
config mlt <mlt id> lacp info
enable
disable
clear-link-aggrgate
key <integer>
system-priority <integer>
config <port-type> <slot|port> lacpinfo
enable
disable
aggr-wait-time <milliseconds>
fast-periodic-time <milliseconds>
key <integer>
aggregation <true|false>
mode <active|passive>
partner-key <int>
partner-port <int>
partner-port-priority <int>
partner-state <hex>
partner-system-id <mac>
partner-system-priority <int>
port-priority <integer>
slow-periodic-time <milliseconds>
system-priority <integer>
port-priority <integer>
slow-periodic-time <milliseconds>
system-priority <integer>
timeout <long|short>
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
430 Chapter 10 Configuring link aggregation using the CLI
timeout-scale <integer>
show lacp info
show ports info lacp all [vlan <value>] [port <value>]
actor-admin [vlan <value>] [port <value>]
actor-oper [vlan <value>] [port <value>]
partner-admin [vlan <value>] [port <value>]
partner-oper [vlan <value>] [port <value>]
extension [vlan <value>] [port <value>]
show ports stats lacp [port <value>]
show mlt lacp info <ifindex>
config <port-type> <slot|port> vlacp info
enable
disable
fast-periodic-time <milliseconds>
slow-periodic-time <milliseconds>
timeout <long|short>
timeout-scale <integer>
ethertype <integer>
macaddress <mac>
show ports info vlacp [vlan <value>] [port <value>]
Command Parameter
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 431
config vlacp info
enable
disable
config mlt <mid> smlt info
create smlt-id <value>
delete
config mlt <mid> ist info
create ip <value> vlan-id <value>
delete
disable
enable
config ethernet <slot/port> cp-limit
<enable|disable>
multicast-limit <value>
broadcast-limit <value>
config ethernet <port> smlt <smltid>
info
create
delete
config sys set smlt-on-single-cp <enable|disable> [timer <value>]
show mlt show-all [file <value>]
show mlt error collision [<mid>]
show mlt error main [<mid>]
show mlt info [<mid>]
show mlt ist info
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation
432 Chapter 10 Configuring link aggregation using the CLI
show mlt stats [<mid>]
show ports info smlt [vlan <value>] [port <value>]
show ports info config [vlan <value>] [port <value>]
show smlt info [<mid>]
config fdb fdb-filter info
add <mac>
remove <mac>
config slpp info
etherType <pid>
remove <vid>
add <vid>
operation <enable|disable>
tx-interval <integer>
config ethernet <portlist> slpp info
packet-rx-threshold <integer>
packet-rx <enable|disable>
show slpp info
Command Parameter
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 433
Configuring link aggregation
Link aggregation allows you to bundle a set of ports into a port group, which is represented as one logical interface to upper layer protocols.
This section includes configuration commands for the following topics:
• “Link aggregation commands”
• “Adding ports to a link aggregation group” on page 435
• “Removing ports from a link aggregation group” on page 437
• “Global LACP commands” on page 438
• “Aggregator configuration commands” on page 440
• “Port configuration commands” on page 441
• “LACP show commands” on page 443
• “Configuring VLACP on a port” on page 451
• “Globally enabling or disabling VLACP” on page 454
• “Creating a split multilink trunk from an existing multilink trunk” on page 455
• “Creating an interswitch trunk” on page 456
• “Creating a single port split multilink trunk” on page 460
• “Configuring SMLT-on-Single-CPU” on page 462
Link aggregation commands
To set up multilink trunks on the switch, enter the following command:
config mlt <mid>
where:<mid> is the multilink trunk ID.
Configuring VLANs, Spanning Tree, and Link Aggregation
434 Chapter 10 Configuring link aggregation using the CLI
The required parameter mid specifies the link aggregation ID.
This command includes the following options:
Figure 186 on page 435 shows sample output for the config mlt info command.
config mlt <mid>
followed by:
info Shows current settings for the specified link aggregation group.
create Creates a link aggregation group.
cp-limit <enable|disable> [multicast-limit <value>] [broadcast-limit <value>]
Sets the control packet rate limit.
• <enable|disable> = Enables or disables control packet rate limit. To reenable the ports, issue the command config ethernet slot/port state disable, and then enable.
• multicast-limit <value> is the multicast control frame rate.
• broadcast-limit <value> is the broadcast frame rate.
delete Deletes a link aggregation group.
mcast-distribution <enable|disable>
Enables or disables multicast distribution per link aggregation group. Multicast distribution is disabled by default. For detailed information about commands used to configure multicast distribution over link aggregation, see Configuring IP Routing Multicast Protocols.
name <string> Names a link aggregation group.
• <string> is the name, from 0 to 20 characters.
perform-tagging <enable|disable>
Enables or disables tagging on a link aggregation port.
svlan-porttype <uni|nni|normal>
Sets the port type to normal, uni, or nni.
ntstg <enable|disable> Enables or disables NTSTG.
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 435
Figure 186 Config mlt info command output
Adding ports to a link aggregation group
To add ports to a link aggregation group, and add an existing VLAN to a link aggregation configuration, enter the following command:
config mlt <mid> add
where:<mid> is the multilink trunk ID.
ERS-8606:5/config# mlt 3 info
Sub-Context: atm atmcard bootconfig cli cluster diag r-module ethernet fdb filter ip ipv6 ipx lacp log mlt naap ntp pos poscard qos radius rmon slot snmp-server snmp-v3 stg svlan sys vlacp vlan web-serverCurrent Context:
create : 3 delete : N/A mcast-distribution : disable name : MLT-3 nt-stg : enable perform-tagging : disable svlan-porttype : normal portmember : cp-limit : port status MC-limit BC-limit
ERS-8606:5/config#
Configuring VLANs, Spanning Tree, and Link Aggregation
436 Chapter 10 Configuring link aggregation using the CLI
This command includes the following options:
Configuration example
The following configuration example uses the config mlt commands to:
• Add ports to link aggregation group
• Add an existing VLAN to the link aggregation group
After configuring the parameters, use the info command to show a summary of the results.
ERS-8600:5#/config/mlt/1# add port 1/1-1/7,1/9ERS-8600:5#/config/mlt/1# add vlan 1-8,10ERS-8600:5#/config/mlt/1# infoSub-Context:Current Context:ports : 1/1-1/7,1/9vlan : 1-8,10
config mlt <mid> add
followed by:
info Shows ports and VLANs added to the link aggregation group.
ports <ports> Adds ports to the link aggregation group.
• <ports> is the port number or a list of ports you want to add to the link aggregation group.
Note: If the port you are configuring already has an SMLT ID on it, you cannot add it to the link aggregation group.
vlan <vid> Adds an existing VLAN to the link aggregation group.
• <vid> is the VLAN ID or a list of VLAN IDs you want to add to the link aggregation group. The range is 1 to 4093.
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 437
Removing ports from a link aggregation group
To remove ports from a multilink trunk and remove a VLAN from a multilink trunk configuration, enter the following command:
config mlt <mid> remove
where:<mid> is the multilink trunk ID.
This command includes the following options:
The following configuration example uses the config mlt <mid> remove command to:
• remove ports from a link aggregation group
• remove an existing VLAN from a link aggregation group
config mlt <mid> remove
followed by:
info Shows the ports and VLANs removed from the multilink trunk.
ports <ports> Removes ports from the multilink trunk.• <ports> is the port number or a list of
ports you want to remove from the multilink trunk.
vlan <vid> Removes a VLAN from the multilink trunk.
• <vid> is the VLAN ID or a list of VLAN IDs you want to remove from the link aggregation group. The range is 1 to 4093 VLANs.
Configuring VLANs, Spanning Tree, and Link Aggregation
438 Chapter 10 Configuring link aggregation using the CLI
After configuration, use the info command to view the results:
ERS-8600:5#/config/mlt/1# infoSub-Context:Current Context:ports: 1/1-1/7,1/9vlan: 1-8,10ERS-8600:5#/config/mlt/1/add# removeERS-8600:5#/config/mlt/1/remove# ports 1/1-1/7,1/9ERR-8600:5#/config/mlt/1/remove# vlan 1-8,10ERS-8600:5#/config/mlt/1/remove# infoSub-Context:Current Context:ports : vlan :
Global LACP commands
LACP can be enabled or disabled globally. When the LACP system priority is set globally, it applies to all LACP-enabled aggregators and ports. When LACP is enabled on an aggregator or a port, it will use the global system priority value.
LACP can be described in terms of link aggregation operations within a single system. You can configure a single piece of equipment such that it contains more than one system (from the point of view of the link aggregation operation).
The basic command syntax is:
config lacp
Caution: Changes to LACP made at the global level override and reset all port level settings.
Note: Standby mode for LACP aggregation groups of larger than eight ports is not supported in the current release.
Note: LACP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 439
This command includes the following options:
config lacp
followed by:
info Shows current level parameter settings and next level directories.
enable Enables LACP globally.
disable Disables LACP globally.
aggr-wait-time <milliseconds>
Sets the aggregator wait time in milliseconds.
system-priority <integer>
Sets LACP system priority globally.
• <integer> is the system priority value within the range of 0 to 65535.
smlt-sys-id <BaseMac> Sets the LACP SMLT system ID globally.
• <BaseMac> is the MAC address in the format {0x00:0x00:0x00:0x00:0x00:0x00}.
fast-periodic-time <milliseconds>
Sets the fast periodic time globally.
• <milliseconds> is the fast periodic time value.
slow-periodic-time <milliseconds>
Sets the slow periodic time globally.
• <milliseconds> is the slow periodic time value.
timeout-scale <integer>
Sets a timeout scale globally.
• <integer> is the timeout scale value from 2 to 10.
Note: Configuration changes to LACP timers are not reflected immediately. LACP timers are not reset until the next time LACP is restarted globally or on a port. This ensures consistency with peer switches.
Configuring VLANs, Spanning Tree, and Link Aggregation
440 Chapter 10 Configuring link aggregation using the CLI
Aggregator configuration commands
When LACP is enabled globally on a multilink trunk, that multilink trunk is associated with an aggregator and used for link aggregation. When LACP is disabled on a multilink trunk, this multilink trunk functions as a legacy multilink trunk. Using the command clear-link-aggrgate is equivalent to disabling and reenabling LACP on the multilink trunk.
You can attach ports to an aggregator only if their system priorities are the same; otherwise, they are considered to be operating in two different switches. You can attach ports to an aggregator only if their keys are the same.
The basic command syntax is:
config mlt <mlt id> lacp
where:<mlt id> is the multilink trunk ID.
This command includes the following options:
config mlt <mlt id> lacp
followed by:
info Shows current level parameter settings and next level directories.
enable Enables LACP for a specific multilink trunk.
disable Disables LACP for a specific multilink trunk.
clear-link-aggrgate Clears link aggregation information for a specific multilink trunk.
key <integer> Sets LACP aggregator key for a specific multilink trunk.• <integer> is the LACP actor admin key.
system-priority <integer>
Sets LACP system priority for a specific multilink trunk.• <integer> is the system priority within the
range 0 to 65 535.
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 441
Port configuration commands
You can enable or disable LACP on selected ports. A port can operate in active or passive mode. You can configure LACP to use long timeout or short timeout. A port can be configured to be an individual link or an aggregateable link. All the timers are configurable, however, when you change a timer, ensure that you restart LACP either globally, or on the port, for the changes to be consistent across the link. The basic command syntax is:
config <port-type> <slot|port> lacp
where:<port-type> is Ethernet (eth) or Packet over SONET (pos); and<slot|port> is the slot and port number.
This command includes the following options:
Caution: Changes made at the global level override and reset all port level settings.
config <port-type> <slot/port> lacp
followed by:
info Shows current level parameter settings and next level directories.
enable Enables LACP for a specific port type.
disable Disables LACP for a specific port type.
aggr-wait-time <milliseconds>
Sets the aggregation wait time (in milliseconds) for a specific port type.
fast-periodic-time <milliseconds>
Sets the fast periodic time (in milliseconds) for a specific port type.
key <integer> Sets LACP aggregation key for a specific port type. You can use a default key only for individual ports
aggregation <true|false>
Sets individual port or aggregatable for a specific port type.
• true sets port as aggregatable.
• false sets port as individual.
mode <active|passive> Sets the mode as active or passive for a specific port type.
Configuring VLANs, Spanning Tree, and Link Aggregation
442 Chapter 10 Configuring link aggregation using the CLI
partner-key <int> Sets the port partner administration key value.• <int> is the LACP partner administrative key;
an integer value in the range of 0 and 65 535.
partner-port <int> Sets the port partner administration port value.• <int> is the LACP partner’s administrative
port; an integer value in the range of 0 and 65 535.
partner-port-priority <int>
Sets the port partner administration port priority value.
• <int> is the LACP partner administrative port priority; an integer value in the range of 0 and 65 535.
partner-state <hex> Sets the port partner administration state.• <hex> is the LACP partner administrative state
bitmap (Exp, Def, Dis, Col, Syn, Agg, Time, Act).
Example:• Activity = true
• Aggregating = true
• val = 00000101 (0x05) {0x0..0xff}
partner-system-id <mac> Sets the port partner administration system ID.
• <mac> is the LACP partner administrative system ID MAC address in the format: 0x00:0x00:0x00:0x00:0x00:0x00.
partner-system-priority <int>
Sets the port partner administration system priority value.• <int> is the LACP partner administrative
system priority; an integer value in the range of 0 and 65 535.
port-priority <integer> Sets the LACP port priority to specific port type. The default value is 32 768.
• <integer> is the port priority value; an integer value in the range of 0 and 65 535.
slow-periodic-time <milliseconds>
Sets the slow periodic time (in milliseconds) for a specific port type.
system-priority <integer>
Sets system priority for a specific port-type.• <integer> is the system priority value within
the range of 0 to 65 535.
config <port-type> <slot/port> lacp
followed by:
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 443
LACP show commands
This section describes show commands you can use to display LACP information.
Displaying global LACP configuration information
To display global LACP configuration information, enter the following command:
show lacp info
Figure 187 on page 444 shows the output for the show lacp info command.
timeout <long|short> Sets the timeout value to either long or short for a specific port type.
timeout-scale <integer> Sets a timeout scale for a specific port type. The default value is 3, and the range is 2 to 10.
config <port-type> <slot/port> lacp
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
444 Chapter 10 Configuring link aggregation using the CLI
Figure 187 Show lacp info
Displaying LACP configuration information
To display LACP configuration information, enter the following command:
show ports info lacp
The show ports info lacp command also includes the following options:
show ports info lacp
followed by:
actor-admin [vlan <value>] [port <value>]
Shows port LACP actor administrative information.
• vlan <value> is the VLAN ID.
• port <value> is the port or port list.
actor-oper [vlan <value>] [port <value>]
Shows port LACP actor operational information.
• vlan <value> is the VLAN ID.
• port <value> is the port or port list.
all [vlan <value>] [port <value>]
Shows all port LACP information.
• vlan <value> is the VLAN ID.
• port <value> is the port or port list.
ERS-8610:5# show lacp info=================================================================== Lacp Global Information=================================================================== SystemId: 00:12:83:89:20:00 SmltSystemId: 00:00:00:00:00:00 Lacp: enable system-priority: 32768 timeout-admin: 3 fast-periodic-time-admin: 1000 slow-periodic-time-admin: 30000 aggr-wait-time-admin: 2000 timeout-oper: 3 fast-periodic-time-oper: 1000 slow-periodic-time-oper: 30000 aggr-wait-time-oper: 2000
ERS-8610:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 445
Figure 188 on page 446 shows some of the output for this command. When the all parameter is used, LACP information is given for each field described in the show ports info lacp table.
partner-admin [vlan <value>] [port <value>]
Shows port LACP partner administrative information.
• vlan <value> is the VLAN ID.
• port <value> is the port or port list.
partner-oper [vlan <value>] [port <value>]
Shows port LACP partner operational information.
• vlan <value> is the VLAN ID.• port <value> is the port or port list.
extension [vlan <value>] [port <value>]
Shows port LACP timer information.
• vlan <value> is the VLAN ID.• port <value> is the port or port list.
show ports info lacp
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
446 Chapter 10 Configuring link aggregation using the CLI
Figure 188 Show ports info lacp all
Displaying LACP statistics information per port
To display LACP statistics information per port, enter the following command:
show ports stats lacp [port <value>]
where:port <value> is the port list.
Figure 189 on page 447 shows the output for the show ports stats lacp command, and Table 66 on page 447 describes the information given in the CLI output.
ERS-8610:5# show ports info lacp all
========================================================================= Actor Admin=========================================================================INDEX SYS SYS KEY PORT PORT STATE PRIO ID PRIO-------------------------------------------------------------------------1/1 32768 00:12:83:89:20:00 1088 0x40 32768 act long indi1/2 32768 00:12:83:89:20:00 1089 0x41 32768 act long indi1/3 32768 00:12:83:89:20:00 1090 0x42 32768 act long indi1/4 32768 00:12:83:89:20:00 1091 0x43 32768 act long indi1/5 32768 00:12:83:89:20:00 1092 0x44 32768 act long indi1/6 32768 00:12:83:89:20:00 1093 0x45 32768 act long indi1/7 32768 00:12:83:89:20:00 1094 0x46 32768 act long indi1/8 32768 00:12:83:89:20:00 1095 0x47 32768 act long indi1/9 32768 00:12:83:89:20:00 1096 0x48 32768 act long indi1/10 32768 00:12:83:89:20:00 1097 0x49 32768 act long indi1/11 32768 00:12:83:89:20:00 1098 0x4a 32768 act long indi1/12 32768 00:12:83:89:20:00 1099 0x4b 32768 act long indi1/13 32768 00:12:83:89:20:00 1100 0x4c 32768 act long indi1/14 32768 00:12:83:89:20:00 1101 0x4d 32768 act long indi1/15 32768 00:12:83:89:20:00 1102 0x4e 32768 act long indi1/16 32768 00:12:83:89:20:00 1103 0x4f 32768 act long indi
--More-- (q = quit)
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 447
Figure 189 Show ports stats lacp
Table 66 Show ports stats lacp field descriptions
Field Description
PORT NUM Specifies the port number.
TX LACPDU The number of LACPDUs transmitted on this aggregation port.
RX LACPDU The number of valid link aggregation control protocol data units (LACPDU) received on this aggregation port.
TX MARKER PDU The number of marker PDUs transmitted on this aggregation port.
RX MARKER PDU The number of valid marker PDUs received on this aggregation port.
TX MARKERRESPPDU The number of marker response PDUs transmitted on this aggregation port.
RX MARKERRESPPDU The number of valid marker response PDUs received on this aggregation port.
RX UNKNOWN The number of frames received that either:• carry Slow Protocols Ethernet type values, but contain
an unknown PDU.
• are addressed to the Slow Protocols group MAC Address, but do not carry the Slow Protocols Ethernet Type.
RX ILLEGAL The number of frames received that carry the Slow Protocols Ethernet Type value (43B.4), but contain a badly formed PDU or an illegal value of Protocol Subtype (43B.4).
ERS-8610:5# show ports stats lacp========================================================================= Port Stats Lacp=========================================================================PORT TX RX TX RX TX RX RX RXNUM LACPDU LACPDU MARKERPDU MARKERPDU MARKERRESPPDU MARKERRESPPDU UNKNOWN ILLEGAL------------------------------------------------------------------------ERS-8610:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
448 Chapter 10 Configuring link aggregation using the CLI
Displaying LACP configuration information per aggregator
To display LACP configuration information per aggregator, enter the following command:
show mlt lacp info <ifindex>
where:<ifindex> is the interface index from 64 to 4351.
Figure 190 on page 449 shows the output for the show mlt lacp command.
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 449
Figure 190 Show mlt lacp
You can also use the following command:
show mlt lacp info
Figure 191 on page 450 shows the output for the show mlt lacp info command.
ERS-8606:6# show mlt lacp info 64
========================================================================= LACP Aggrgator Information========================================================================= MAC COLLECTOR AGGR PORTMLTID IFINDEX ADDR MAXDELAY ORINDI MEMBERS-------------------------------------------------------------------------0 64 00:00:00:00:00:00 32768 indi
------------------------------------------------------------------------- OPER OPERLASTMLTID IFINDEX STATE CHANGE-------------------------------------------------------------------------
------------------------------------------------------------------------- ACTOR ACTOR ACTOR ACTORMLTID IFINDEX SYSPRIO SYSID ADMINKEY OPERKEY-------------------------------------------------------------------------0 64 32768 00:80:2d:c1:34:00 1 1
------------------------------------------------------------------------- PARTNER PARTNER PARTNERMLTID IFINDEX SYSPRIO SYSID OPERKEY-------------------------------------------------------------------------0 64 0 00:00:00:00:00:00 0
ERS-8606:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
450 Chapter 10 Configuring link aggregation using the CLI
Figure 191 Show mlt lacp info
ERS-8606:6# show mlt lacp info
======================================================================== LACP Aggrgator Information======================================================================== MAC COLLECTOR AGGR PORTMLTID IFINDEX ADDR MAXDELAY ORINDI MEMBERS------------------------------------------------------------------------1 4096 00:00:00:00:00:00 32768 aggr0 64 00:00:00:00:00:00 32768 indi0 65 00:00:00:00:00:00 32768 indi0 66 00:00:00:00:00:00 32768 indi0 67 00:00:00:00:00:00 32768 indi0 73 00:00:00:00:00:00 32768 indi
------------------------------------------------------------------------ OPER OPERLASTMLTID IFINDEX STATE CHANGE------------------------------------------------------------------------1 4096 down 0 day(s), 00:00:00
------------------------------------------------------------------------ ACTOR ACTOR ACTOR ACTORMLTID IFINDEX SYSPRIO SYSID ADMINKEY OPERKEY------------------------------------------------------------------------1 4096 32768 00:80:2d:c1:34:00 1 10 64 32768 00:80:2d:c1:34:00 1 10 65 32768 00:80:2d:c1:34:00 1 10 66 32768 00:80:2d:c1:34:00 1 10 67 32768 00:80:2d:c1:34:00 1 10 73 32768 00:80:2d:c1:34:00 1 1
------------------------------------------------------------------------ PARTNER PARTNER PARTNERMLTID IFINDEX SYSPRIO SYSID OPERKEY------------------------------------------------------------------------1 4096 0 00:00:00:00:00:00 00 64 0 00:00:00:00:00:00 00 65 0 00:00:00:00:00:00 00 66 0 00:00:00:00:00:00 00 67 0 00:00:00:00:00:00 00 73 0 00:00:00:00:00:00 0
ERS-8606:6#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 451
Configuring VLACP on a port
Virtual LACP is an LACP extension that is used for end to end failure detection.VLACP uses the Hello mechanism of LACP to periodically send Hello packets to ensure there is end to end reachability. When Hello packets are not received, VLACP transitions to a failure state, which indicates a service provider failure, and the port is disabled.
Use the following command to configure VLACP on a port:
config <port-type> <slot|port> vlacp
where:<port-type> is Ethernet or Packet over SONET (PoS); and<slot|port> is the slot and port number.
This command includes the following options:
Caution: Changes made at the global level override and reset all port level settings.
Note: VLACP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
config <port-type> <slot|port> vlacp
followed by:
info Shows current level parameter settings and next level directories.
enable Enables VLACP for a specific port type.
disable Disables VLACP for a specific port type.
fast-periodic-time <milliseconds>
Sets the fast periodic time (in milliseconds) for a specific port type.
slow-periodic-time <milliseconds>
Sets the slow periodic time (in milliseconds) for a specific port type.
Configuring VLANs, Spanning Tree, and Link Aggregation
452 Chapter 10 Configuring link aggregation using the CLI
Displaying the VLACP port configuration
Enter the following command to display the port VLACP configuration:
show ports info vlacp [vlan <value>] [port <value>]
where:vlan <value> specifies the VLAN ID, andport <value> specifies the port or port list.
Figure 192 on page 453 shows the output for the show ports info vlacp command.
timeout <long|short> Sets the port to use the long or short timeout:• long sets the port to use the timeout-scale value
multiplied by the slow-periodic-time.
• short sets the port to use the timeout-scale value multiplied by the fast-periodic-time.
For example, if you set the timeout-scale value to 3, and the fast-periodic-time to 400 ms, the timer will expire within 1000 to 1200 ms.
timeout-scale <integer>
Sets a timeout scale for a specific port-type (where timeout-scale = periodic-time * timeout-scale). The default value is 3.
• <integer> is the timeout scale, an integer value in the range 2 to 10.
ethertype <integer> Sets the VLACP protocol identification for this port.
• <integer> is the ethertype value, an integer value in the range of 1 and 65 535.
macaddress <mac> Sets the multicast MAC address used for the VLACPDU.
• <mac> is the MAC address in the following format: 0x00:0x00:0x00:0x00:0x00:0x00
config <port-type> <slot|port> vlacp
followed by:
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 453
Figure 192 Show ports info vlacp
You can also use the following command:
show ports info vlacp
to show information for all ports. Figure 193 on page 454 shows the output for the show ports info vlacp command.
ERS-8606:6# show ports info vlacp port 1/1
========================================================================= VLACP Information=========================================================================INDEX ADMIN OPER PORT FAST SLOW TIMEOUT TIMEOUT ETHER MAC
ENABLED ENABLED STATE TIME TIME TIME SCALE TYPE ADDR
-------------------------------------------------------------------------1/1 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:00
ERS-8606:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
454 Chapter 10 Configuring link aggregation using the CLI
Figure 193 Show ports info vlacp all
Globally enabling or disabling VLACP
To globally enable or disable VLACP on the chassis, use the following command:
config vlacp
This command includes the following options:
Caution: Changes you make at the global level override and reset all port level settings.
config vlacp
followed by:
info Shows current level parameter settings and next level directories.
ERS-8610:5# show ports info vlacp
============================================================================= VLACP Information=============================================================================INDEX ADMIN OPER PORT FAST SLOW TIMEOUT TIMEOUT ETHER MAC
ENABLED ENABLED STATE TIME TIME TIME SCALE TYPE ADDR
-----------------------------------------------------------------------------1/1 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:001/2 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:001/3 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:001/4 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:001/5 false false DOWN 200 30000 long 3 8103 01:80:c2:00:11:00
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 455
Creating a split multilink trunk from an existing multilink trunk
To create a split multilink trunk from an existing multilink trunk, enter the following command:
config mlt <mid> smlt
where:<mid> is the MLT ID.
enable Enables VLACP globally.
disable Disables VLACP globally.
Note: Routed SMLT, or RSMLT, is a Layer 3 protocol whereas SMLT is a Layer 2 protocol. SMLT is described in this document, and RSMLT is described in the document Configuring IP Routing Operations.
Note: Before you can create a split multilink trunk, you must first create a multilink trunk (see “Link aggregation commands” on page 433).
config vlacp
followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
456 Chapter 10 Configuring link aggregation using the CLI
This command includes the following options:
Creating an interswitch trunk
To create an interswitch trunk from an existing multilink trunk, enter the following command:
config mlt <mid> ist
where:<mid> is the MLT ID.
config mlt <mid> smlt
followed by:
info Shows ports and VLANs added to the multilink trunk.
create smlt-id <value> Creates a split multilink trunk from an existing multilink trunk.• <value> is an integer value with a range of
1 to 32 (1 to 256 for R modules in R mode). The value must match the peer switch SMLT-ID.
Note: If the SMLT ID already exists on a single port split multilink trunk, you cannot assign it to an MLT-based split multilink trunk.
delete Deletes an existing split multilink trunk.
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 457
This command includes the following options:
Creating an interswitch trunk from an existing multilink trunk
To create an interswitch trunk from an existing multilink trunk, enter the following command:
config mlt <mlt-id> ist create ip <value> vlan-id <value>
where:<mlt-id> is the MLT ID;ip <value> is the IP address of the peer switch; andvlan-id <value> is the VLAN ID.
An interswitch trunk is enabled when you first create it.
The peer IP address is the IP address of the InterSwitch Trunking (IST) VLAN on the peer aggregation switch. A VLAN created on the redundant aggregation switch must also be created on the second aggregation switch. The interswitch trunk treats the two switches as a single switch. To allow the two switches to communicate, you must assign an IP address to both VLANs.
config mlt <mid> ist
followed by:
info Shows current level parameter settings and next level directories.
create ip <value> vlan-id <value>
Creates an interswitch trunk from an existing multilink trunk (see “Creating an interswitch trunk from an existing multilink trunk” on page 457).
• ip <value> is a peer IP address
• vlan-id <value> is an integer value.Note: The peer IP address is the IP address of the IST VLAN on the other aggregation switch.
delete Deletes an existing IST.Note: You must disable an IST before you can delete it.
disable Disables an existing IST.
enable Enables an existing IST.
Configuring VLANs, Spanning Tree, and Link Aggregation
458 Chapter 10 Configuring link aggregation using the CLI
For example:
Figure 194 shows sample output for the config mlt ist create ip vlan-id command, followed by the info command.
Figure 194 Config mlt ist create ip vlan-id command output
Enabling and disabling an interswitch trunk
To enable and disable the interswitch trunk, enter the following command:
config mlt <mlt-id> ist <enable|disable>
where:<mlt-id> is the MLT ID.
Figure 195 on page 459 shows sample output for the config mlt ist enable and config mlt ist disable commands. It includes the system warning that appears when you disable the IST.
switch A switch B
VLAN 20 VLAN 20
10.1.1.1. /24
<--------IST-------->
10.1.1.2 /24 *
* Same subnet, same VLAN.
ERS-8606:5/config/mlt/1/ist# create ip 10.1.1.1 vlan-id 1ERS-8606:5/config/mlt/1/ist# info
Sub-Context: Current Context:
Enable: falsevlan-id: 1
ip: 10.1.1.1
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 459
Figure 195 Config mlt ist enable/disable command output
Configuring CP-Limit for an IST
The CP-Limit feature is disabled by default on all IST ports. It can be enabled on the port under any of the following conditions:
• if the port is removed from the interswitch trunk
• if the interswitch trunk is deleted
• if the interswitch trunk is converted to a normal multilink trunk
Nortel recommends that you disable CP-Limit on IST links. For more information, see “About CP-Limit and SMLT IST” on page 64.
To configure CP-Limit for the interswitch trunk, enter the following command:
config ethernet <slot/port> cp-limit
where:<slot/port> specifies the slot or port.
This command includes the following options:
config ethernet <slot/port> cp-limit followed by:
<enable|disable> Enables or disables control packet rate limit (CP-Limit). The default setting is enabled.
If you want to reenable CP-Limit on a port, you must first disable the port and then reenable it (config ethernet <slot/port> state <disable|enable>).
ERS-8606:5/config/mlt/1/ist# enableERS-8606:5/config/mlt/1/ist# disable WARNING : Disabling IST may cause a loop in the network!
Do you really want to DISABLE IST? (yes/no?)
Configuring VLANs, Spanning Tree, and Link Aggregation
460 Chapter 10 Configuring link aggregation using the CLI
For information about viewing current CP-Limit status for an IST multilink trunk, see Figure 186 on page 435.
Deleting an interswitch trunk
To delete the interswitch trunk, enter the following command:
config mlt <mlt-id> ist delete
where:<mlt-id> is the MLT ID.
You must disable the interswitch trunk before deleting it (see “Enabling and disabling an interswitch trunk” on page 458).
Creating a single port split multilink trunk
To create a single port split multilink trunk, enter the following command:
config ethernet <port> smlt <smltid>
where:<port> is the port number, and<smltid> is the MLT ID.
This command includes the following options:
multicast-limit <value> Sets the multicast control frame packet per second rate (1000 to 100 000).
broadcast-limit <value> Sets the broadcast frame packet per second rate (1000 to 100 000).
config ethernet <port> smlt <smltid>followed by:
info Shows the port SMLT information.
config ethernet <slot/port> cp-limit followed by:
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 461
You cannot use SMLT on brouter ports. LACP is supported on single port split multilink trunks. For more information about single port split multilink trunking, see “Single Port SMLT” on page 119.
Configuration example: single port split multilink trunk
The configuration example shown in Figure 196 on page 462 uses the commands described previously to create a single port split multilink trunk on port 4/5. The switch automatically disables spanning tree protocol on the port after it is configured for SMLT.
After configuring the parameters, use the info command to show a summary of the results.
create Creates a single port split multilink trunk.
delete Deletes a single port split multilink trunk.
config ethernet <port> smlt <smltid>followed by:
Configuring VLANs, Spanning Tree, and Link Aggregation
462 Chapter 10 Configuring link aggregation using the CLI
Figure 196 Configuration example: Single Port SMLT
Configuring SMLT-on-Single-CPU
To support SMLT on an aggregation switch with a single CPU, enter the following command:
config sys set smlt-on-single-cp <enable|disable> [timer <value>]
where:enable enables the SMLT-on-Single-CPU feature;disable disables the SMLT-on-Single-CPU feature;timer <value> sets the SMLT-on-Single-CPU feature timeout value.
The timeout value determines when the Input/Output (I/O) modules port link status goes down after the single CPU becomes non-operational. The parameter is a numerical value in the range 1 to 3. If not set, the default value (3) is used. A timer value of 1 relates to approximately 3 seconds of detection time and a timer value of 3 relates to approximately 9 seconds of detection time.
ERS-8606:5# config ethernet 4/5 smlt 1ERS-8606:5/config/ethernet/4/5/smlt/1# create
INFO : The spanning tree protocol has been disabled on this port while configuring the port with SMLT
ERS-8606:5/config/ethernet/4/5/smlt/1# info
Sub-Context:Current Context:
Port 4/5 : create : 1 delete : N/A Oper Status : normal
ERS-8606:5
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 463
Using the MLT and SMLT show commands
To display information and statistics about MLT operation in the switch, use the show mlt commands.
This section includes information on show commands:
• “Displaying all multilink trunk information”
• “Displaying information about collision errors” on page 467
• “Displaying information about Ethernet errors” on page 467
• “Displaying multilink trunk status” on page 468
• “Displaying interswitch trunk status” on page 469
• “Displaying split multilink trunk status” on page 470
• “Displaying all ports configured for single port split multilink trunk” on page 471
• “Displaying a port configured for Single Port SMLT” on page 471
• “Displaying MLT statistics” on page 472
Displaying all multilink trunk information
The show mlt show-all command shows all multilink trunk information.
The command uses the syntax:
show mlt show-all [file <value>]
where <value> is the filename to which the output will be directed.
Figure 197 on page 464, Figure 198 on page 465, and Figure 199 on page 466 show sample output for this command.
Configuring VLANs, Spanning Tree, and Link Aggregation
464 Chapter 10 Configuring link aggregation using the CLI
Figure 197 Show mlt show-all sample output
ERS-8606:5# show mlt show-all
# show mlt error collision ================================================================================ Mlt Collision Error================================================================================MLT -----------------COLLISIONS------------ID SINGLE MULTIPLE LATE EXCESSIVE--------------------------------------------------------------------------------3 0 0 0 0
# show mlt error main ================================================================================ Mlt Ethernet Error================================================================================MLT ALIGN FCS IMAC IMAC CARRIER FRAMES SQETEST DEFER ID ERROR ERROR TRNSMIT RECEIVE SENSE TOOLONG ERROR TRNSMSS--------------------------------------------------------------------------------3 0 0 0 0 0 0 0 0
show mlt info ================================================================================Mlt Info================================================================================PORT SVLAN MLT MLT PORT VLANMLTID IFINDEX NAME TYPE TYPE ADMIN CURRENT MEMBERS IDS--------------------------------------------------------------------------------3 4098 MLT-3 access normal norm norm
MULTICAST DESIGNATED LACP LACPMLTID IFINDEX DISTRIBUTION NT-STG PORTS ADMIN OPER--------------------------------------------------------------------------------
3 4098 disable enable null disable down
ERS-8610:6# show mlt ist info
========================================================================== Mlt IST Info==========================================================================MLT IP VLAN ENABLE ISTID ADDRESS ID IST STATUS--------------------------------------------------------------------------2 131.202.7.2 4095 false down
ERS-8610:6## show mlt ist stat
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 465
Figure 198 Show mlt show-all sample output (continued)
#show mlt ist stat
================================================================================
Mlt IST Message Statistics
================================================================================PROTOCOL MESSAGE COUNT --------------------------------------------------------------------------------
Ist Down : 0 Hello Sent : 0 Hello Recv : 0 Learn MAC Address Sent : 0 Learn MAC Address Recv : 0 MAC Address AgeOut Sent : 0 MAC Address AgeOut Recv : 0 MAC Address Expired Sent : 0 MAC Address Expired Sent : 0 Delete Mac Address Sent : 0 Delete Mac Address Recv : 0 Smlt Down Sent : 0 Smlt Down Recv : 0 Smlt Up Sent : 0 Smlt Up Recv : 0 Send MAC Address Sent : 0 Send MAC Address Recv : 0 IGMP Sent : 0 IGMP Recv : 0 Port Down Sent : 0 Port Down Recv : 0 Request MAC Table Sent : 0 Request MAC Table Recv : 0 Unknown Msg Type Recv : 0
Configuring VLANs, Spanning Tree, and Link Aggregation
466 Chapter 10 Configuring link aggregation using the CLI
Figure 199 Show mlt show-all sample output (continued)
# show mlt smlt info
============================================================================ Mlt SMLT Info============================================================================MLT SMLT ADMIN CURRENTID ID TYPE TYPE----------------------------------------------------------------------------2 27 smlt norm
# show mlt stats
============================================================================ Mlt Interface============================================================================ID IN-OCTETS OUT-OCTETS IN-UNICST OUT-UNICST----------------------------------------------------------------------------
1 0 0 0 02 0 0 0 03 0 0 0 0
ID IN-MULTICST OUT-MULTICST IN-BROADCST OUT-BROADCST MT----------------------------------------------------------------------------1 0 0 0 0 E2 0 0 0 0 E3 0 0 0 0 E
NOTE 1: MT - MLT Type, P - POS, E - Ethernet, A - ATMNOTE 2: Broadcast & Multicast values are not applicable for MLT POS ports.NOTE 3: ATM link out-bound statistics are available in aggregate form only as show in OUT UNICST/OUT MULTICST/OUT BROADCST8610:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 467
Displaying information about collision errors
To display information about collision errors in the specified multilink trunk, or for all multilink trunks, enter the following command:
show mlt error collision [<mid>]
where:<mid> is the MLT ID.
Figure 200 shows sample output for the show mlt error collision command.
Figure 200 Show mlt error collision command output
Displaying information about Ethernet errors
To display information about the types of Ethernet errors sent and received by the specified multilink trunk or all multilink trunks, enter the following command:
show mlt error main [<mid>]
where:<mid> is the MLT ID.
Figure 201 on page 468 shows sample output for the show mlt error main command. The IMAC columns refer to internal MAC address errors.
ERS-8606:5# show mlt error collision
=============================================================== Mlt Collision Error===============================================================MLT -----------------COLLISIONS------------ID SINGLE MULTIPLE LATE EXCESSIVE---------------------------------------------------------------3 0 0 0 0
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
468 Chapter 10 Configuring link aggregation using the CLI
Figure 201 Show mlt error main command output
Displaying multilink trunk status
To display the status of MultiLink Trunking for the switch or for the specified multilink trunk ID, enter the following command:
show mlt info [<mid>]
where:<mid> is the MLT ID.
Figure 202 on page 469 shows sample output for the show mlt info command.
ERS-8606:5# show mlt error main ============================================================================= Mlt Ethernet Error=============================================================================MLT ALIGN FCS IMAC IMAC CARRIER FRAMES SQETEST DEFER ID ERROR ERROR TRNSMIT RECEIVE SENSE TOOLONG ERROR TRNSMSS-----------------------------------------------------------------------------31 0 0 0 0 0 0 0 0 32 0 0 0 0 0 0 0 0
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 469
Figure 202 Show mlt info command output
Displaying interswitch trunk status
To display the status of interswitch trunking for the switch or for the specified multilink trunk ID, enter the following command:
show mlt ist info
Figure 203 shows sample output for the show mlt ist info command.
Figure 203 Show mlt ist info command output
ERS-8606:5# show mlt info
================================================================================ Mlt Info================================================================================ PORT SVLAN MLT MLT PORT VLANMLTID IFINDEX NAME TYPE TYPE ADMIN CURRENT MEMBERS IDS--------------------------------------------------------------------------------3 4098 MLT-3 access normal norm norm
MULTICAST DESIGNATED LACP LACPMLTID IFINDEX DISTRIBUTION NT-STG PORTS ADMIN OPER--------------------------------------------------------------------------------3 4098 disable enable null disable down
ERS-8606:5#
ERS-8610:6# show mlt ist info
========================================================================= Mlt IST Info=========================================================================MLT IP VLAN ENABLE ISTID ADDRESS ID IST STATUS-------------------------------------------------------------------------2 131.202.7.2 4095 false down
ERS-8610:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
470 Chapter 10 Configuring link aggregation using the CLI
Displaying split multilink trunk status
To display split multilink trunk status for the switch or for a specific SMLT ID, enter the following command:
show smlt info [<mid>]
where:<mid> is the MLT ID.
The switch shows both MLT-based split multilink trunk information and single port split multilink trunk information.
Figure 204 shows output from a sample show smlt info command.
Figure 204 Show smlt info command output
ERS-8606:5# show smlt info 1
=========================================================================== Mlt SMLT Info===========================================================================MLT SMLT ADMIN CURRENT ID ID TYPE TYPE ---------------------------------------------------------------------------
=========================================================================== Port SMLT Info===========================================================================PORT SMLT ADMIN CURRENT NUM ID TYPE TYPE ---------------------------------------------------------------------------4/5 1 smlt normal
ERS-8606:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 471
Displaying all ports configured for single port split multilink trunk
To view all ports currently configured for single port split multilink trunk, enter the following command:
show ports info smlt [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
The VLAN ID and the port are optional parameters.
Figure 205 shows the output from a sample show ports info smlt command.
Figure 205 Show ports info smlt command output
Displaying a port configured for Single Port SMLT
To view a port configured for Single Port SMLT, enter the following command:
show ports info config [vlan <value>] [port <value>]
where:vlan <value> is the VLAN ID, andport <value> is a port or list of ports.
ERS-8606:5# show ports info smlt
============================================================================= SMLT Info=============================================================================PORT SMLT ADMIN CURRENT NUM ID TYPE TYPE -----------------------------------------------------------------------------4/5 1 smlt normal
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
472 Chapter 10 Configuring link aggregation using the CLI
Figure 206 shows output from a sample show ports info config command.
Figure 206 Show ports info config command output
Displaying MLT statistics
To display MultiLink Trunking statistics for the switch or for the specified multilink trunk ID, enter the following command:
show mlt stats [<mid>]
where:<mid> is the MLT ID.
Figure 207 on page 473 shows sample output for the show mlt stats command.
ERS-8606:5# show ports info config 4/1
============================================================================ Port Config============================================================================PORT AUTO SFFD ADMIN OPERATE DIFF-SERV QOS MLT VENDOR DUAL SMLT ADMIN OPERATENUM TYPE NEG. DUPLX SPD DUPLX SPD EN TYPE LVL ID NAME CONN ID ROUTING ROUTING-----------------------------------------------------------------------------4/1 100BaseTX true false half 10 0 fals core 1 0 0 Enable Disable
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 473
Figure 207 Show mlt stats command output
Troubleshooting SMLT problems
This section provides procedures for troubleshooting IST problems and single-user problems.
The following topics are included:
• “Troubleshooting IST problems” on page 474
• “Troubleshooting problems with a single user” on page 476
ERS-8606:5# show mlt stats
================================================================================ Mlt Interface================================================================================ID IN-OCTETS OUT-OCTETS IN-UNICST OUT-UNICST --------------------------------------------------------------------------------3 4411520 1782784 0 0
ID IN-MULTICST OUT-MULTICST IN-BROADCST OUT-BROADCST MT--------------------------------------------------------------------------------3 68930 27856 0 0 E
NOTE 1: MT - MLT Type, P - POS, E - Ethernet, A - ATMNOTE 2: Broadcast & Multicast values are not applicable for MLT POS ports.NOTE 3: ATM link out-bound statistics are available in aggregate form only as show in OUT UNICST/OUT MULTICST/OUT BROADCST
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
474 Chapter 10 Configuring link aggregation using the CLI
Troubleshooting IST problems
To troubleshoot SMLT IST problems:
1 Enter the show mlt ist stat command to display the IST message count. (Figure 208).
Figure 208 Show mlt ist stat command output
2 Enter the show mlt info command to display all the multilink trunks in the switch, their admin-type, running type, ports, and VLANs (Figure 202 on page 469).
ERS-8606:5# show mlt ist stat==============================================================Mlt IST Message Statistics==============================================================PROTOCOL MESSAGE COUNT --------------------------------------------------------------
Ist Down : 0 Hello Sent : 5 Hello Recv : 3 Learn MAC Address Sent : 0 Learn MAC Address Recv : 0 MAC Address AgeOut Sent : 0 MAC Address AgeOut Recv : 0 MAC Address Expired Sent : 0 MAC Address Expired Sent : 0 Delete Mac Address Sent : 0 Delete Mac Address Recv : 0 Smlt Down Sent : 6 Smlt Down Recv : 0 Smlt Up Sent : 0 Smlt Up Recv : 0 Send MAC Address Sent : 0 Send MAC Address Recv : 0 IGMP Sent : 0 IGMP Recv : 0 Port Down Sent : 0 Port Down Recv : 0 Request MAC Table Sent : 0 Request MAC Table Recv : 0 Unknown Msg Type Recv : 0
ERS-8606:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 475
3 Check to ensure that IST is operational by using the show mlt ist info command (Figure 209).
Figure 209 Show mlt ist info command output
4 If IST is not operational, check to ensure that:
a The correct VLAN ID exists on either side of the interswitch trunk
b The IST configuration contains the correct local and peer IP addresses
5 If IST is operational, check that the SMLT port is operating by using the show mlt smlt info command (Figure 210).
a If the SMLT status is SMLT, the status is correct.
Figure 210 Show mlt smlt info command output
b If the SMLT status is NORMAL, the link is running in a normal (single) mode and not SMLT mode. The reasons for this can be as follows:
— the remote split multilink trunk link is not operational
ERS-8610:6# show mlt ist info
=============================================================== Mlt IST Info===============================================================MLT IP VLAN ENABLE ISTID ADDRESS ID IST STATUS---------------------------------------------------------------2 131.202.7.2 4095 false down
ERS-8610:6#
ERS-8610:6# show mlt smlt info
=============================================================== Mlt SMLT Info===============================================================MLT SMLT ADMIN CURRENTID ID TYPE TYPE---------------------------------------------------------------3 12 smlt norm
ERS-8610:6#
Configuring VLANs, Spanning Tree, and Link Aggregation
476 Chapter 10 Configuring link aggregation using the CLI
— the ID is not configured on the other switch. To determine this, check to see whether the SMLT IDs match
— the IST is not operational
Troubleshooting problems with a single user
To determine if only a single user is affected, check the VLAN FDB tables on both IST switches using the show vlan info fdb-entry <vlan-id> command. Both FDB tables should be synchronized.
The command shows whether:
• The MAC address is learned on the local SMLT port (that is, SMLT REMOTE flag is false). See Figure 211 on page 476.
or
• The MAC address is learned through IST from a remote SMLT port (that is, the SMLT REMOTE flag is true).
The FDB table entry for the client connected to the user access switch must specify the learned split multilink trunk port as INTERFACE in both IST switches.
Figure 211 Show vlan info fdb-entry command output
ERS-8606:5# show vlan info fdb-entry 1
=============================================================== Vlan Fdb===============================================================VLAN MAC QOS SMLT ID STATUS ADDRESS INTERFACE MONITOR LEVEL REMOTE---------------------------------------------------------------1 learned 00:00:50:0d:6b:82 Port-2/7 false 1 false
1 out of 1 entries in all fdb(s) displayed.
ERS-8606:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 477
Global MAC filtering
You can globally configure MAC filtering to disallow bridging or routing of any packets transmitted or received from specified MAC addresses on any VLAN.
To globally filter MAC addresses, use the following command:
config fdb fdb-filter
This command includes the following options:
Figure 212 on page 477 show an example of the config fdb fdb-filter info command output.
Figure 212 Config fdb fdb-filter info command output
Figure 213 on page 478 shows an example of the show fdb fdb-filter command output:
config fdb fdb-filterfollowed by:
info Show current level parameter settings and next level directories.
add <mac> Adds a global FDB filter.
• <mac> is the MAC address to filter.
Enter the MAC address in the following format {0x00:0x00:0x00:0x00:0x00:0x00}.
remove <mac> Removes a global FDB filter.
• <mac> is the MAC address to filter.Enter the MAC address in the following format {0x00:0x00:0x00:0x00:0x00:0x00}.
ERS-8606:5/config/fdb/fdb-filter# info
add :
mac - 00:11:22:23:43:21
remove : N/A
Configuring VLANs, Spanning Tree, and Link Aggregation
478 Chapter 10 Configuring link aggregation using the CLI
Figure 213 Show fdb fdb-filter command output
Configuring Simple Loop Prevention Protocol
Logical loops can occur in SMLT networks because of misconfigurations, switch problems, or because MLT is not operating correctly. You can detect loops with Simple Loop Prevention Protocol (SLPP). For more information about SLPP, see “Simple Loop Prevention Protocol” on page 130.
The following topics are included:
• “Configuring SLPP on a port” on page 480
• “Showing SLPP information” on page 481
• “Showing SLPP port information” on page 482
To configure Simple Loop Prevention Protocol, use the following command:
config slpp
Note: SLPP does not support jumbo frames on the Ethernet Routing Switch 8600 v4.1
ERS-8606:5# show fdb fdb-filter =============================================== Global Fdb Filter =============================================== MAC ADDRESS -----------------------------------------------
00:11:11:11:11:11
00:e0:16:70:93:0f
00:e0:7b:bf:cc:00
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 479
This command has the following options:
Figure 214 on page 480 shows how to display the SLPP transmission list and operation state.
config slpp
followed by:
add <vid> Adds a VLAN to a SLPP transmission list.• <vid> is the ID of the VLAN.
etherType <pid> Specifies the SLPP PDU Ether type.
• <pid> is the SLPP protocol ID in hexadecimal format.
remove <vid> Removes a VLAN from a SLPP transmission list.
• <vid> is the ID of the VLAN.
info Shows current level parameter settings and next level directories.
operation <enable|disable> Enables or disables the SLPP operation.Note: The SLPP packets transmit and receive process is active only when the SLPP operation is enabled. When the SLPP operation is disabled, no SLPP packet is sent out, and any received SLPP packet is discarded.
tx-interval <integer> Sets the SLPP packet transmit interval.• <integer> is the SLPP packet transmit
interval.
The range is 500 to 5000 s, and the default is 500 s.
Configuring VLANs, Spanning Tree, and Link Aggregation
480 Chapter 10 Configuring link aggregation using the CLI
Figure 214 Config slpp slpp info command
Configuring SLPP on a port
To configure SLPP on a port, use the following command:
config ethernet <portlist> slpp
where:portlist is the slot/port.
This command includes the following options:
The packet reception threshold specifies how many SLPP packets are received by the port before it is administratively disabled. Figure 215 on page 481 shows how to display the SLPP state on a port:
config ethernet <portlist> slpp
followed by:
packet-rx <enable|disable> Enables or disables SLPP packet reception on the listed ports
packet-rx-threshold <integer>
Specifies the SLPP reception threshold on the ports. The threshold is an integer.
info Shows current level parameter settings and next level directories.
ERS-8606:5# config slpp info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
add : 1 etherType (hex) : 0x8104 operation : disabled tx-interval : 500
ERS-8606:5#
314725-E Rev 00
Chapter 10 Configuring link aggregation using the CLI 481
Figure 215 Config ethernet command
Showing SLPP information
To show SLPP information, use the following command:
show slpp info
Figure 216 shows SLPP information.
Figure 216 Show slpp info command
For an SLPP configuration example, see “Single Port SMLT with SLPP configuration example” on page 505.
ERS-8606:5# config ethernet 4/1-4/2 slpp info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
Port 4/1 : packet-rx : disable packet-rx-threshold : 1
Port 4/2 : packet-rx : disable packet-rx-threshold : 1
ERS-8606:5#
ERS-8606:5# show slpp info
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
etherType (hex) : 0x8104 operation : enabled tx-interval : 500 vlan : 1,2,5
ERS-8606:5#
Configuring VLANs, Spanning Tree, and Link Aggregation
482 Chapter 10 Configuring link aggregation using the CLI
Showing SLPP port information
To show SLPP port information, use the following command:
show ports info slpp [port <value>]
where port <value> is the port list.
Figure 217 shows SLPP information, and Table 67 describes the fields.
Figure 217 Show ports info slpp command
Table 67 Show ports info slpp field descriptions
Field Description
PORT NUM Specifies the port number.
PKT-RX Specifies if SLPP is enabled or disabled.
PKT-RX THRESHOLD Specifies the threshold for packet reception as a range of 1 to 20. After the port reaches the packet threshold, it shuts down.
INCOMING VLAN ID VLAN ID of the classified packet on a port disabled by SLPP.
SLPP PDU ORIGINATOR Specifies the originator of the SLPP PDU.
ERS-8603:3# show ports info slpp
============================================================= Port Interface=============================================================
PORT PKT-RX PKT-RX INCOMING SLPP PDUNUM THRESHOLD VLAN ID ORIGINATOR-------------------------------------------------------------1/1 enabled 151/4 enabled 11/5 enabled 11/20 enabled 1
ERS-8603:3#
314725-E Rev 00
483
Chapter 11Configuring multiple DSAP and SSAP using the CLI
Release 3.5 introduced a feature used for the configuration of multiple DSAPs or SSAPs for SNA or user-defined VLAN types.
The base implementation of the SNA VLAN allows SNA 802.2 traffic to be classified into a SNA VLAN based on a 0x04 destination SAP or 0x04 source SAP. Some applications require changing these classifications to DSAP and to SSAP. The newly introduced feature allows this configuration and extends to support any user-defined VLANs with multiple SSAPs and DSAPs.
Using this feature, you can add 31 additional protocol IDs or DSAP/SSAP values (for a total of 32) when you create or reconfigure a SNA 802.2 VLAN or a user-defined VLAN.
This section includes the following sections:
Note: Hardware record usage increases considerably using this feature (see “Design aspects” on page 484).
Topic Page
Design aspects 484
Configuring multiple DSAP and SSAP with the CLI 487
Configuring VLANs, Spanning Tree, and Link Aggregation
484 Chapter 11 Configuring multiple DSAP and SSAP using the CLI
Design aspects
You can configure this feature using the CLI or Device Manager. You must first create the SNA or user-defined VLAN, then add the DSAPs or SSAPs for this VLAN.
For user-defined VLANs, DSAP/SSAP, additions can only be applied to VLANs created without any specific encapsulation type, or to VLANs with an encapsulation type of LLC. The addition of DSAP/SSAP is not allowed on user-defined VLANs created with an encapsulation type of Ethernet-ii or SNAP.
For each SNA 802.2 VLAN (which includes the 31 additional DSAP/SSAP values), 256 records are created, including:
• 8 IEEE VLAN records
• 31 * 8 = 248 protocol ID records
In this case, the default 0x04 record is always created on the switch.
For each user-defined VLAN created with no encapsulation specified, a total of 280 records are created, including:
• 8 IEEE VLAN records
• 3 * 8 = 24 protocol ID records for the base protocol ID (specified during VLAN creation). One record of each type—LLC, Ethernet-ii and SNAP—is created in this case.
• 31 * 8 = 248 protocol ID records for the additional DSAP/SSAP added
For each user-defined VLAN created with encapsulation set to LLC, 264 hardware records are created, including:
• 8 IEEE VLAN records
• 1 * 8 = 8 protocol ID records for the base protocol ID (specified during VLAN creation). Only the LLC record is created in this case.
• 31 * 8 = 248 protocol ID records for the additional DSAP/SSAP added
Nortel does not recommend using more than 10 of the user-defined VLANs, including 32 DSAP/SSAP values, due to the extensive hardware record usage which can affect overall system scalability.
314725-E Rev 00
Chapter 11 Configuring multiple DSAP and SSAP using the CLI 485
You can check for hardware record availability by executing the CLI command show/sys/record-reservation.
There is only one SNA VLAN allowed on an individual port. DSAP/SSAPs values can be configured, provided they are not the same as the reserved values listed in Table 68. An exception is 0x0800, which can be configured with encapsulation set to LLC.
Table 68 Reserved values for configuring SNA or user-defined VLANs
Protocol name Etype DSAP SSAP OUI PID
IP_ii 0x0800
ARP_ii 0x0806
RARP_ii 0x8035
IPX(old)_iiIPX_ii
0x81370x8138
IPX(old)_SNAP
IPX_SNAP
0x000000
0x000000
0x813
70x813
8
IPX_802.3 0xE0 0xE0
IPX_802.3 0xFF 0xFF
APPLE_ii
APPLE_SNAP
0x809B
0X80F3 0x08000
7
0x809B
0x80F
3
DEC_LAT 0x6004
DEC_ELSE 0x6000
-0x6003
0x6005
-
0x6009
DEC_BPDU 0x8038
SNA_ii 0x80D5
Configuring VLANs, Spanning Tree, and Link Aggregation
486 Chapter 11 Configuring multiple DSAP and SSAP using the CLI
SNA_LLC 0x04
XX
XX
0x04
NetBIOS 0xF0XX
XX0xF0
XNS
XNS_comp
0x0600
0x0807
Table 68 Reserved values for configuring SNA or user-defined VLANs
Protocol name Etype DSAP SSAP OUI PID
314725-E Rev 00
Chapter 11 Configuring multiple DSAP and SSAP using the CLI 487
Configuring multiple DSAP and SSAP with the CLI
The CLI command syntax you can use to create a protocol-based VLAN is shown in the following table.
config vlan <vid> create
followed by:
byprotocol <sid> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|declat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE>[<pid>] [name <value>] [color <value>] [encap <value>]
Creates a protocol-based VLAN.• <sid> is the spanning tree ID.
• <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> specifies the protocol.
• <pid> is a user-defined protocol ID number in hexadecimal.
• name <value> is the name of the VLAN from 0 to 20 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
• encap <value> is the frame encapsulation method.
byprotocol-mstprstp <instance-id> <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> [<pid>] [name <value>] [color <value>] [encap <value>]
Creates a VLAN by protocol.
• <instance-id> is the instance ID.
• <ip|ipx802dot3|ipx802dot2|ipxSnap|ipxEthernet2|appleTalk|decLat|decOther|sna802dot2|snaEthernet2|netBios|xns|vines|ipV6|usrDefined|rarp|PPPoE> is the protocol ID.
• <pid> is the user-defined PID number in hexadecimal.
• name <value> is the name of the VLAN from 0 to 64 characters.
• color <value> is the color of the VLAN (0 to 32). The color attribute is used by Optivity software to display the VLAN.
• encap <value> is the frame encapsulation with the values ethernet-ii, llc, or snap.
Configuring VLANs, Spanning Tree, and Link Aggregation
488 Chapter 11 Configuring multiple DSAP and SSAP using the CLI
You can add or remove DSAP or SSAP to or from the VLAN if byprotocol is sna802dot2 or usrDefined. Use the commands addDsapSsap and removeDsapSsap. For more information about these commands, see “Performing general VLAN operations” on page 313.
addDsapSsap <value> specifies the DSAP/SSAP values (values are in hexadecimal)
removeDsapSsap <value> specifies the DSAP/SSAP values} (values are in hexadecimal)
32 entries are allowed for sna802dot2 or usrDefined VLANs.
Example
ERS-8610:5/config/vlan/2# addDsapSsap 000fff
This adds DsapSsap 000fff to the SNA VLAN 2. This example assumes that VLAN 2 has already been created.
Figure 218 on page 489 shows the CLI commands which create VLAN 17, and add DDAP/SSAP 000fff to the VLAN.
314725-E Rev 00
Chapter 11 Configuring multiple DSAP and SSAP using the CLI 489
Figure 218 Config vlan create byprotocol commands
ERS-8610:5# config vlan 17 create byprotocol 1 sna802dot2 name kevvlan color 3ERS-8610:5# config vlan 17 addDsapSsap 000fffERS-8610:5# show vlan info all 17
=========================================================================== Vlan Basic===========================================================================VLAN STGID NAME TYPE ID PROTOCOLID SUBNETADDR SUBNETMASK
---------------------------------------------------------------------------17 kevvlan byProtocolId 1 sna802dot2 N/A N/A
=========================================================================== Vlan Port===========================================================================VLAN PORT ACTIVE STATIC NOT_ALLOWID MEMBER MEMBER MEMBER MEMBER---------------------------------------------------------------------------17
=========================================================================== Vlan ATM VPort===========================================================================VLAN ID PORT NUM PVC LIST
Configuring VLANs, Spanning Tree, and Link Aggregation
490 Chapter 11 Configuring multiple DSAP and SSAP using the CLI
314725-E Rev 00
491
Chapter 12Device Manager configuration examples
This chapter provides examples of common link aggregation configuration tasks using Device Manager.
• For conceptual information about VLANs and link aggregation, see Chapter 1, “Layer 2 operational concepts,” on page 37.
• For Device Manager link aggregation configuration information, see Chapter 5, “Configuring link aggregation using Device Manager,” on page 249.
This chapter includes the following topics:
LACP point to point LAG configuration example
Use this procedure to configure a link aggregation group (LAG) between two Ethernet Routing Switch 8600 devices with 4 link members. VLANs 10 and 20 are tagged across the LAG. Assume the following parameters: LACP key = 1, MLT ID = 1.VLAN 10 and 20 have already been created; ports 1/1 to 1/4 are tagging-enabled and are members of VLAN 10 and 20; and both switches are mirror images of each other. Figure 219 on page 492 shows the network topology.
Topic Page
LACP point to point LAG configuration example 491
SMLT and LACP configuration example 495
Single Port SMLT and LACP configuration example 500
Configuring VLANs, Spanning Tree, and Link Aggregation
492 Chapter 12 Device Manager configuration examples
Figure 219 Point to point LAG
1 In Device Manager, go to VLAN > MLT/LCAP.
The MLT_LACP box appears (Figure 220).
Figure 220 MLT LCAP
2 On the LACP Global tab, ensure that Enable is selected.
Accept the default values for the other parameters.
314725-E Rev 00
Chapter 12 Device Manager configuration examples 493
3 Click Apply.
4 Click the Multilink/LACP Trunks tab.
The Multilink/LACP Trunks box appears.
5 Click Insert.
The MLT_LACP, Insert Multilink/LACP Trunks box appears (Figure 221).
Figure 221 Insert Multilink/LACP Trunks
6 Configure parameters as shown in Figure 221.
7 Click Insert.
8 Go to VLAN > MLT/LACP > LACP.
The MLT_LACP box appears (Figure 222 on page 494).
Configuring VLANs, Spanning Tree, and Link Aggregation
494 Chapter 12 Device Manager configuration examples
Figure 222 MLT_LACP tab
9 Change the ActorAdminKey for the multilink trunk; this key must match the key on ports 1/1 to 1/4. Set ActorAdminKey to 1.
10 On each of ports 1/1 to 1/4, three fields must be changed in the order given:
a Click on the LAG port, and right-click.
b Select Edit General > LACP (see Figure 223 on page 495).
c Set ActorAdminKey equal to 1 and then click Apply.
d Set ActorAdminState to aggregation and then click Apply.
e Select AdminEnable and then click Apply.
314725-E Rev 00
Chapter 12 Device Manager configuration examples 495
Figure 223 Port LACP configuration
SMLT and LACP configuration example
The Ethernet Routing Switch 8600 fully supports the IEEE 802.3ad Link Aggregation Control Protocol. LACP is supported on MLT and DMLT links and extends to a pair of SMLT switches.
With this extension, the Ethernet Routing Switch 8600 provides a standardized external link aggregation interface to third party vendor IEEE 802.3ad implementations. With previous software versions, interoperability was provided through a static configuration; now a dynamic link aggregation mechanism is provided.
Configuring VLANs, Spanning Tree, and Link Aggregation
496 Chapter 12 Device Manager configuration examples
In this example, ERS 8600C is used as the SMLT client; any switch that supports LACP can be used as an LACP-enabled SMLT client.
Figure 224 shows the network topology.
Figure 224 SMLT and LACP configuration example
Assume the following:
• The interswitch trunk has already been created.
• User VLAN 100 has already been created on all three switches with the port membership as described in Figure 224 on page 496.
• ERS 8600 C is already configured as described in “LACP point to point LAG configuration example” on page 491, but instead uses ports 1/10 to 1/13. The LACP key on this switch does not need to match that of the SMLT core switches.
Note: Do not use 802.3ad on the interswitch trunk. The LACP keys on the SMLT core switches must match (ERS 8600 A, ERS 8600 B).
314725-E Rev 00
Chapter 12 Device Manager configuration examples 497
• The LACP key on both ERS 8600 A and ERS 8600 B must match.
The following configuration can be performed on both SMLT core switches.
1 Using Device Manager, go to VLAN > MLT/LACP.
The MLT_LACP box appears (Figure 220 on page 492).
2 On the LACP Global tab, ensure that Enable is selected.
Accept the default values for the other parameters.
3 Click Apply.
4 Click the Multilink/LACP Trunks tab.
The Multilink/LACP Trunks box appears.
5 Click Insert.
The MLT_LACP, Insert Multilink/LACP Trunks box appears (Figure 225 on page 498).
Configuring VLANs, Spanning Tree, and Link Aggregation
498 Chapter 12 Device Manager configuration examples
Figure 225 Insert Multilink/LACP Trunks box
6 Configure the parameters as shown in Figure 225.
7 Click Insert.
Figure 226 on page 499 shows how the port information appears after this step. (To view this information, go to VLAN > MLT/LACP > Multilink/LACP Trunks.)
314725-E Rev 00
Chapter 12 Device Manager configuration examples 499
Figure 226 MLT LACP information
8 Go to VLAN > MLT/LACP > LACP.
The MLT_LACP box appears.
9 Change the ActorAdminKey to 1; this is the same key number that will be applied to ports 1/10 and 1/11 (Figure 227).
Figure 227 MLT_LACP—LACP tab
10 On each LAG port, three fields must be changed in the order given:
a Click on the LAG port, and right-click.
b Select Edit General > LACP.
c Set ActorAdminKey equal to 1 and then click Apply.
d Set ActorAdminState to aggregation and then click Apply.
e Select AdminEnable and then click Apply.
Configuring VLANs, Spanning Tree, and Link Aggregation
500 Chapter 12 Device Manager configuration examples
Single Port SMLT and LACP configuration example
Single Port SMLT lets you configure a split multilink trunk using a single port. The Single Port SMLT behaves like an MLT-based SMLT and can coexist with SMLTs in the same system; however, an SMLT ID can belong to either an MLT-SMLT or a Single Port SMLT per chassis.With Single Port SMLT, you can scale the number of split multilink trunks on a switch to a maximum number of available ports.
This example highlights the steps used to configure Single Port SMLT using LACP to create the LAG. Any LACP-enabled device can be used as the LACP client. Figure 228 shows the network topology.
Figure 228 Network topology for Single Port SMLT example
Assume the following:
• The interswitch trunk has already been created as shown in Figure 228.
• User VLAN 10 has already been created on all three switches with the port membership described in Figure 228.
314725-E Rev 00
Chapter 12 Device Manager configuration examples 501
• The ERS8600C is configured using the same steps as described in “LACP point to point LAG configuration example” on page 491, but instead uses ports 1/1 to 1/2. The LACP key does not need to match that of the SMLT core switches.
• The LACP keys on both ERS8600A and ERS8600B must match.
The following configuration must be performed on both SMLT core switches:
1 In Device Manager, select the port to be configured and right-click.
2 Select Edit General > SMLT.
The Port box appears (Figure 229).
Figure 229 Port box
3 Click Insert.
The Insert SMLT box appears (Figure 230 on page 502).
Configuring VLANs, Spanning Tree, and Link Aggregation
502 Chapter 12 Device Manager configuration examples
Figure 230 Insert SMLT
4 Insert a new SMLT group ID. The ID must match on all ports on both SMLT core switches.
5 Click Insert.
6 Click the LACP tab and enable LACP by selecting the AdminEnable check box (Figure 231).
Figure 231 LACP enable
7 Click Apply.
314725-E Rev 00
503
Chapter 13CLI configuration examples
This chapter provides examples of common link aggregation configuration tasks, including the command line interface (CLI) commands you use to create the configuration.
• For conceptual information about VLANs and link aggregation, see Chapter 1, “Layer 2 operational concepts,” on page 37.
• For information about the commands used in these examples, see:
— Chapter 7, “Configuring and managing VLANs using the CLI,” on page 303
— Chapter 9, “Configuring STGs using the CLI,” on page 379
— Chapter 10, “Configuring link aggregation using the CLI,” on page 427
This chapter includes the following topics:
Topic Page
MultiLink Trunking configuration example 504
Single Port SMLT with SLPP configuration example 505
SMLT triangle with loop detection configuration example 508
Square SMLT configuration example 514
Full mesh SMLT configuration example 518
SMLT and VRRP configuration example 522
SMLT and multicast configuration example 525
Triangle SMLT and LACP configuration example 526
Single Port SMLT and LACP configuration example 528
SLPP, VRRP BackupMaster, and SMLT configuration example 532
Ping Snoop configuration example 540
LACP point to point LAG configuration example 541
Configuring VLANs, Spanning Tree, and Link Aggregation
504 Chapter 13 CLI configuration examples
MultiLink Trunking configuration example
This configuration example shows how to create a multilink trunk and a VLAN (VLAN 100) between two Ethernet Routing Switch 8600 devices. The network is used to carry user traffic (Figure 232).
Figure 232 MLT within a VLAN
The following sections provide step-by-step procedures that show how to configure switch S1 and S2 for this example.
Configuring S1
1 Create VLAN 100:
ERS-8606:5# config vlan 100 create byport 1
2 Create multilink trunk10:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 add ports 1/1,1/2,2/1,2/2ERS-8606:5# config mlt 10 add vlan 100
Enabling VLACP on Ethernet links configuration example 543
Per-VLAN Spanning Tree Plus (PVST+) configuration examples 544
Rapid Spanning Tree Protocol configuration example 554
Multiple Spanning Tree Protocol configuration example 559
Topic (continued) Page
314725-E Rev 00
Chapter 13 CLI configuration examples 505
Configuring S2
1 Create VLAN 100:
ERS-8606:5# config vlan 100 create byport 1
2 Create multilink trunk 10:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 add ports 1/1,1/2,2/1,2/2ERS-8606:5# config mlt 10 add vlan 100
Single Port SMLT with SLPP configuration example
The single port Split MultiLink Trunking (SMLT) design is similar to the triangle SMLT design. The only difference is that only a single port from each InterSwitch Trunking (IST) switch goes to the access server. Figure 233 shows the network topology.
Configuring VLANs, Spanning Tree, and Link Aggregation
506 Chapter 13 CLI configuration examples
Figure 233 Single Port SMLT
Configuring ERS8600B
1 Configure VLANs:
ERS8600-B:5# config vlan 1900 create byport 1ERS8600-B:5# config vlan 10 create byport 1
2 Enable SLPP and add VLAN 10:
ERS8600-B:5# config slpp add 10ERS8600-B:5# config slpp operation enable
3 Configure MLT 5 used for the IST link and add the IST VLAN:
ERS8600-B:5# config mlt 5 createERS8600-B:5# config mlt 5 add ports 2/1,3/1ERS8600-B:5# config vlan 1900 add-mlt 5
4 Configure the IP address and interswitch trunk. The IP address points to the partner interswitch trunk node:
ERS8600-B:5# config vlan 1900 ip create 1.1.1.1/30ERS8600-B:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
314725-E Rev 00
Chapter 13 CLI configuration examples 507
5 Configure Single Port SMLT:
ERS8600-B:5# config ether 1/1 smlt 1 create
6 Enable SLPP packet reception on port 1/1:
ERS8600-B:5# config ethernet 1/1 slpp packet-rx enable
Configuring ERS8600C
1 Configure VLANs:
ERS8600-C:5# config vlan 1900 create byport 1 ERS8600-C:5# config vlan 10 create byport 1
2 Enable SLPP:
ERS8600-C:5# config slpp add 10ERS8600-C:5# config slpp operation enable
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
5 Configure Single Port SMLT:
ERS-8606:5# config ether 1/1 smlt 1 create
6 Enable SLPP packet reception on port 1/1, and set the threshold to 1:
ERS8600-C:5# config ethernet 1/1 slpp packet-rx enableERS8610-C:5# config ethernet 1/1 slpp packet-rx-threshold 1
To view the status of all SMLT ports, and show SLPP configuration information, use the following commands:
ERS8610-B:5# show port info smlt port 1/1ERS8610-B:5# show slpp infoERS8610-B:5# show ports info slpp port 1/1ERS8600-B:5# show log file tail
Configuring VLANs, Spanning Tree, and Link Aggregation
508 Chapter 13 CLI configuration examples
If port 1/1 is disabled on either ERS8600B or ERS8600C because either switch received its own SLPP-PDU, a message is logged and a trap will be used.
SMLT triangle with loop detection configuration example
This configuration example shows how to create an SMLT triangle using three Ethernet Routing Switch 8600 devices and a VLAN (VLAN 10), which is used to carry user traffic (Figure 234). The following configuration example is based on a three node network where ERS8600A is the SMLT client. Although only one port is used to connect to the SMLT client from each SMLT aggregation switch in this example, up to 8 total links can be used to carry traffic between the two.
Figure 234 SMLT triangle configuration example
The following sections provide step-by-step procedures that show how to configure switches ERS8600A, ERS8600B, and ERS8600C for this example. The procedure configures:
314725-E Rev 00
Chapter 13 CLI configuration examples 509
• VLAN 1900 for the IST VLAN using MLT ID = 5
• VLAN 10 to the SMLT VLAN using MLT ID = 1
• SLPP packet receive threshold on ERS8600B (default) and ERS8600C (5)
Configuring ERS8600B
1 Configure VLANs:
ERS-8606-B:5# config vlan 1900 create byport 1ERS-8606-B:5# config vlan 10 create byport 1
2 Configure MLT 5 used for the IST link and add the IST VLAN. Disable the CP-Limit for ports 2/1 and 3/1:
ERS-8606-B:5# config mlt 5 createERS-8606-B:5# config mlt 5 add ports 2/1,3/1ERS-8606-B:5# config ether 2/1,3/1 cp-limit disableERS-8606-B:5# config vlan 1900 add-mlt 5
3 Configure the IST IP address and create the interswitch trunk using MLT 5. The IP address is the IP address of the remote partner IST node.
ERS-8606-B:5# config vlan 1900 ip create 1.1.1.1/30ERS-8606-B:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
4 Configure the SMLT link:
ERS-8606-B:5# config mlt 1 createERS-8606-B:5# config mlt 1 perform-tagging enableERS-8606-B:5# config mlt 1 add ports 1/1ERS-8606-B:5# config mlt 1 smlt create smlt-id 1
5 Add VLAN 10 to the interswitch trunk and SMLT VLANs:
ERS-8606-B:5# config vlan 10 add-mlt 1ERS-8606-B:5# config vlan 10 add-mlt 5
6 Enable loop detection on port 1/1. By default, the action will be set to portdown. This can be verified by using the show config module port or config ethernet 1/1 info command. The loop detect timers should be staggered between the ERS8600B and ERS8600C: change the default mac-flap-time-limit from the default setting of 500 ms to 700 ms.
ERS-8606-B:5# config ethernet 1/1 loop-detect enableERS-8606-B:5# config mac-flap-time-limit 700
Configuring VLANs, Spanning Tree, and Link Aggregation
510 Chapter 13 CLI configuration examples
Configuring ERS8600C
1 Configure VLANs:
ERS-8606-C:5# config vlan 1900 create byport 1ERS-8606-C:5# config vlan 10 create byport 1
2 Configure MLT 5 used for the IST link and add the IST VLAN. Disable CP-Limit for ports 2/1 and 3/1.
ERS-8606-C:5# config mlt 5 createERS-8606-C:5# config mlt 5 add ports 2/1,3/1ERS-8606-C:5# config ether 2/1,3/1 cp-limit disableERS-8606-C:5# config vlan 1900 add-mlt 5
3 Configure the IST IP address and create the interswitch trunk using MLT 5. The IP address used is the IP address of the remote partner IST node.
ERS-8606-C:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606-C:5# config mlt 5 create ip 1.1.1.1 vlan-id 1900
4 Configure the SMLT link:
ERS-8606-C:5# config mlt 1 createERS-8606-C:5# config mlt 1 perform-tagging enableERS-8606-C:5# config mlt 1 add ports 1/1ERS-8606-C:5# config mlt 1 smlt create smlt-id 1
5 Add VLAN 10 to the IST and SMLT VLANs:
ERS-8606-C:5# config vlan 10 add-mlt 1ERS-8606-C:5# config vlan 10 add-mlt 5
6 Enable loop detection on port 1/1:
ERS-8606-C:5# config ethernet 1/1 loop-detect enable
Configuring ERS8600A
1 Configure VLAN 10:
ERS-8606-A:5# config vlan 10 create byport 1ERS-8606-A:5# config vlan 10 ports add 2/1-2/5
2 Configure the MLT link:
ERS-8606-A:5# config mlt 1 createERS-8606-A:5# config mlt 1 perform-tagging enableERS-8606-A:5# config mlt 1 add ports 1/1,1/2ERS-8606-A:5# config vlan 10 add-mlt 1
314725-E Rev 00
Chapter 13 CLI configuration examples 511
3 Enable Spanning Tree fast start on ports 2/1 to 2/5:
ERS-8606-A:5# config ethernet 2/1-2/5 stg 1 faststart enable
Verifying network operations
Figure 235 to Figure 238 on page 514 show commands you can use to verify that the network is operating correctly.
Figure 235 Show mlt info output
The MLT CURRENT status for MLT-5 is ist. If this status is norm then the IST is not active; there may be a misconfiguration or the links are not active. The current MLT mode is smlt. If there is a misconfiguration or a link down in the network, the value of MLT CURRENT would be norm.
ERS8600-C:5# show mlt info============================================================================= Mlt Info============================================================================= PORT SVLAN MLT MLT PORT VLANMLTID IFINDEX NAME TYPE TYPE ADMIN CURRENT MEMBERS IDS1 4096 MLT-1 trunk normal smlt smlt 1/1 10 5 4100 MLT-5 trunk normal ist ist 2/1-2/2 1900 10
============================================================================= Mlt Info============================================================================= PORT SVLAN MLT MLT PORT VLANMLTID IFINDEX NAME TYPE TYPE ADMIN CURRENT MEMBERS IDS-----------------------------------------------------------------------------1 4096 MLT-1 trunk normal smlt smlt 1/1 105 4100 MLT-5 trunk normal ist ist 2/1-2/2 10 1900
MULTICAST DESIGNATED LACP LACPMLTID IFINDEX DISTRIBUTION NT-STG PORTS ADMIN OPER-----------------------------------------------------------------------------1 4096 disable enable 1/1 disable down5 4100 disable enable 2/1-2/2 disable down
Configuring VLANs, Spanning Tree, and Link Aggregation
512 Chapter 13 CLI configuration examples
Figure 236 Show mlt commands
ERS8600-C:5# show mlt ist info======================================================= Mlt IST Info=======================================================MLT IP VLAN ENABLE ISTID ADDRESS ID IST STATUS-------------------------------------------------------5 1.1.1.1 1900 true up
ERS8600-C:5# show mlt ist stat========================================================= Mlt IST Message Statistics=========================================================PROTOCOL MESSAGE COUNT---------------------------------------------------------Ist Down : 0Hello Sent : 63480Hello Recv : 63447Learn MAC Address Sent : 10Learn MAC Address Recv : 63837MAC Address AgeOut Sent : 6324MAC Address AgeOut Recv : 3MAC Address Expired Sent : 0MAC Address Expired Sent : 0Delete Mac Address Sent : 0Delete Mac Address Recv : 0Smlt Down Sent : 0Smlt Down Recv : 0Smlt Up Sent : 2Smlt Up Recv : 2Send MAC Address Sent : 131Send MAC Address Recv : 132IGMP Sent : 0IGMP Recv : 0Port Down Sent : 0Port Down Recv : 1Request MAC Table Sent : 0Request MAC Table Recv : 1Unknown Msg Type Recv : 0
314725-E Rev 00
Chapter 13 CLI configuration examples 513
Figure 237 Show mlt commands, part 2
ERS8600-C:5# show mlt ist info======================================================= Mlt IST Info=======================================================MLT IP VLAN ENABLE ISTID ADDRESS ID IST STATUS-------------------------------------------------------5 1.1.1.1 1900 true up
ERS8600-C:5# show mlt ist stat========================================================= Mlt IST Message Statistics=========================================================PROTOCOL MESSAGE COUNT---------------------------------------------------------Ist Down : 0Hello Sent : 63480Hello Recv : 63447Learn MAC Address Sent : 10Learn MAC Address Recv : 63837MAC Address AgeOut Sent : 6324MAC Address AgeOut Recv : 3MAC Address Expired Sent : 0MAC Address Expired Sent : 0Delete Mac Address Sent : 0Delete Mac Address Recv : 0Smlt Down Sent : 0Smlt Down Recv : 0Smlt Up Sent : 2Smlt Up Recv : 2Send MAC Address Sent : 131Send MAC Address Recv : 132IGMP Sent : 0IGMP Recv : 0Port Down Sent : 0Port Down Recv : 1Request MAC Table Sent : 0Request MAC Table Recv : 1Unknown Msg Type Recv : 0
ERS8600-B:5# show mlt smlt info============================================ Mlt SMLT Info============================================MLT SMLT ADMIN CURRENTID ID TYPE TYPE--------------------------------------------1 1 smlt smlt
Configuring VLANs, Spanning Tree, and Link Aggregation
514 Chapter 13 CLI configuration examples
Loop Detection
Suppose a loop is formed between ERS8600A, ERS8600B, and ERS8600C. The commands shown in Figure 238 on page 514 show commands you can use to display the MAC address that is looping.
Figure 238 Loop detection commands
Square SMLT configuration example
The main rule for a square configuration (see Figure 239 on page 515) is that the IST pairs, ERS8600A and D, and B and C, each must have matching SMLT IDs. However, these IDs can differ between the two IST pairs. The initial configuration creates the IST links between A and B, and C and D. Note that the IST IP addresses differ; Nortel recommends that you use a different subnet for the IST IP addresses between the pairs.
ERS8600-C:5# show ports info loop-detected vlan 10============================================================================= Port Loop-Detect =============================================================================PORT VLAN MAC LOOP DETECT SMLT REMOTE ACTION -----------------------------------------------------------------------------1/1 10 00:00:02:00:00:01 PORT-DOWN false
ERS8600-C:5# show log file tail
CPU5 [02/17/06 15:16:28] SNMP INFO Smlt Link Down Trap(SmltId=10)CPU5 [02/17/06 15:16:28] MLT INFO SMLT 1 DOWN CPU5 [02/17/06 15:16:28] SNMP INFO Port 1/1 is a trunk portCPU5 [02/17/06 15:16:28] SNMP INFO Link Down(1/1) due to loop detectCPU5 [02/17/06 15:16:28] SNMP INFO Loop detected on port 1/1.Port is disabled
314725-E Rev 00
Chapter 13 CLI configuration examples 515
Figure 239 Square SMLT
Configuring VLANs, Spanning Tree, and Link Aggregation
516 Chapter 13 CLI configuration examples
Configuring ERS8600B
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure the IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 1.1.1.1/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
Configuring ERS8600C
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
314725-E Rev 00
Chapter 13 CLI configuration examples 517
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
Configuring ERS8600A
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 2.2.2.1/30ERS-8606:5# config mlt 5 ist create ip 2.2.2.2 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
Configuring ERS8600D
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
Configuring VLANs, Spanning Tree, and Link Aggregation
518 Chapter 13 CLI configuration examples
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 2.2.2.2/30ERS-8606:5# config mlt 5 ist create ip 2.2.2.1 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
Use the show mlt info and the show smlt info commands to verify the status of the multilink trunks.
Full mesh SMLT configuration example
The full mesh SMLT design is similar to the square SMLT, except more links are added to fully mesh the four nodes (see Figure 240 on page 519). As with the square configuration, it is imperative that all links within the SMLT group contain the same SMLT ID, however, this ID need not be the same between each IST pair.
314725-E Rev 00
Chapter 13 CLI configuration examples 519
Figure 240 Full mesh SMLT
Configuring VLANs, Spanning Tree, and Link Aggregation
520 Chapter 13 CLI configuration examples
Configuring ERS8600B
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 1.1.1.1/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1,1/17
Configuring ERS8600C
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
314725-E Rev 00
Chapter 13 CLI configuration examples 521
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1,1/17
Configuring ERS8600A
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure the IP address and IST. The IP address points to the partner interswitch trunk node:
ERS-8606:5# config vlan 1900 ip create 2.2.2.1/30ERS-8606:5# config mlt 5 ist create ip 2.2.2.2 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each IST pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1,1/17
Configuring ERS8600D
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
Configuring VLANs, Spanning Tree, and Link Aggregation
522 Chapter 13 CLI configuration examples
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the IST (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node:
ERS-8606:5# config vlan 1900 ip create 2.2.2.2/30ERS-8606:5# config mlt 5 ist create ip 2.2.2.1 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical for each interswitch trunk pair:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1,1/17
Use the show mlt info and the show smlt info commands to verify the status of the multilink trunks.
SMLT and VRRP configuration example
In cases in which the Ethernet Routing Switch is providing the next-hop gateway, and is in Virtual Router Redundancy Protocol (VRRP) mode, the Ethernet Routing Switch can provide additional VRRP benefits. In this example (see Figure 241 on page 523), ERS8600A is acting solely as a Layer 2 switch, with a single VLAN 10 configured. The server in this example has a next-hop gateway configured for the VRRP IP.
314725-E Rev 00
Chapter 13 CLI configuration examples 523
Figure 241 Network topology for SMLT and VRRP
Configuring ERS8600B
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node.
ERS-8606:5# config vlan 1900 ip create 1.1.1.1/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
Configuring VLANs, Spanning Tree, and Link Aggregation
524 Chapter 13 CLI configuration examples
5 Configure SMLT. The SMLT ID must be identical on both nodes:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
6 VRRP configuration. These commands add the VRRP virtual IP address of 10.10.10.1 to VLAN 10 with BackupMaster enabled so that both ERS8600B and ERS8600C can respond to ARP.
ERS-8606:5# config vlan 10 ip create 10.10.10.2/24ERS-8606:5# config vlan 10 ip vrrp 1 address 10.10.10.1ERS-8606:5# config vlan 10 ip vrrp 1 backup-master enableERS-8606:5# config vlan 10 ip vrrp 1 holddown-timer 60ERS-8606:5# config vlan 10 ip vrrp 1 enable
Configuring ERS8600C
1 Disable CP-Limit on IST ports:
ERS-8606:5# config ether 2/1,3/1 cp-limit disable
2 Configure VLANs:
ERS-8606:5# config vlan 1900 create byport 1 ERS-8606:5# config vlan 10 create byport 1
3 Configure MLT. VLAN 10 must be spanned across the interswitch trunk (MLT-5):
ERS-8606:5# config mlt 5 createERS-8606:5# config mlt 5 add ports 2/1,3/1ERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config mlt 5 add vlan 10
4 Configure IP address and IST. The IP address points to the partner IST node.
ERS-8606:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
5 Configure SMLT. The SMLT ID must be identical on both nodes:
ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 smlt create smlt-id 1ERS-8606:5# config mlt 1 add vlan 10ERS-8606:5# config mlt 1 add ports 1/1
314725-E Rev 00
Chapter 13 CLI configuration examples 525
6 VRRP configuration. These commands add the VRRP virtual IP address of 10.10.10.1 to VLAN 10 with BackupMaster enabled so that both ERS8600B and ERS8600C can respond to ARP.
ERS-8606:5# config vlan 10 ip create 10.10.10.3/24ERS-8606:5# config vlan 10 ip vrrp 1 address 10.10.10.1ERS-8606:5# config vlan 10 ip vrrp 1 backup-master enableERS-8606:5# config vlan 10 ip vrrp 1 holddown-timer 65ERS-8606:5# config vlan 10 ip vrrp 1 enable
Configuring ERS8600A
1 Configure MLT on A:
ERS-8606:5# config vlan 10 create byport 1ERS-8606:5# config mlt 1 createERS-8606:5# config mlt 1 add ports 1/1,1/17ERS-8606:5# config mlt 1 add vlan 10
The status of VRRP can be seen using the command show ip vrrp info.
SMLT and multicast configuration example
Use the following steps to configure multicast distribution over a MLT group:
1 Configure multicast distribution globally:
ERS-8606:5# config sys mcast-mlt-distribution enable
2 Configure multicast distribution on each MLT group:
ERS-8606:5# config mlt 1 mcast-distribution enable
The default settings allow all sources and groups to be distributed over MLT (when enabled). Distribution can be controlled by controlling the source/group masks:
ERS-8606:5# config sys mcast-mlt-distribution grp-mask 0.0.0.255ERS-8606:5# config sys mcast-mlt-distribution src-mask 0.0.255.255
Configuring VLANs, Spanning Tree, and Link Aggregation
526 Chapter 13 CLI configuration examples
Triangle SMLT and LACP configuration example
This configuration example shows how to build and configure a triangle SMLT network using LACP to enable the dynamic set up of SMLT links (Figure 242).
Figure 242 SMLT and IEEE 802.3ad configuration example
The following sections provide step-by-step procedures that show how to configure switch S1, S2, and S3 for this example.
Configuring S1
1 Create IST VLAN 1900:
ERS-8606:5# config vlan 1900 create byport 1ERS-8606:5# config mlt 5 create ERS-8606:5# config mlt 5 add ports 1/1,2/1ERS-8606:5# config mlt 5 perform-tagging enableERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config vlan 1900 ip create 1.1.1.1/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
314725-E Rev 00
Chapter 13 CLI configuration examples 527
2 Create the SMLT VLAN and add ports:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config vlan 100 ports add 3/1,3/2ERS-8606:5# config vlan 100 add-mlt 5
3 Configure LACP on ports:
ERS-8606:5# config ether 3/1,3/2 lacp key 10ERS-8606:5# config ether 3/1,3/2 lacp aggregation trueERS-8606:5# config ether 3/1,3/2 lacp enable
4 Create SMLT and configure LACP. Ensure keys match port and keys are same for both SMLT aggregation switches:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 smlt create smlt-id 10ERS-8606:5# config mlt 10 perform-tagging enableERS-8606:5# config mlt 10 lacp key 10ERS-8606:5# config mlt 10 lacp enableERS-8606:5# config ether 3/1,3/2 discard-untagged-frames enable
Configuring S2
1 Create IST VLAN 1900:
ERS-8606:5# config vlan 1900 create byport 1ERS-8606:5# config mlt 5 create ERS-8606:5# config mlt 5 add ports 1/1,2/1ERS-8606:5# config mlt 5 perform-tagging enableERS-8606:5# config mlt 5 add vlan 1900ERS-8606:5# config vlan 1900 ip create 1.1.1.2/30ERS-8606:5# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
2 Create the SMLT VLAN and add ports:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config vlan 100 ports add 3/1,3/2ERS-8606:5# config vlan 100 add-mlt 5
3 Configure LACP on ports:
ERS-8606:5# config ether 3/1,3/2 lacp key 10ERS-8606:5# config ether 3/1,3/2 lacp aggregation trueERS-8606:5# config ether 3/1,3/2 lacp enable
Configuring VLANs, Spanning Tree, and Link Aggregation
528 Chapter 13 CLI configuration examples
4 Create SMLT and configure LACP. Ensure keys match: port and keys must be the same for both SMLT aggregation switches:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 smlt create smlt-id 10ERS-8606:5# config mlt 10 perform-tagging enableERS-8606:5# config mlt 10 lacp key 10ERS-8606:5# config mlt 10 lacp enableERS-8606:5# config ether 3/1,3/2 discard-untagged-frames enable
Configuring S3
1 Create VLAN 100 and add ports:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config vlan 100 ports add 3/1-3/4
2 Configure LACP on ports:
ERS-8606:5# config ether 3/1-3/4 lacp key 20ERS-8606:5# config ether 3/1-3/4 lacp aggregation trueERS-8606:5# config ether 3/1-3/4 lacp enable
3 Create MLT 10 and configure LACP. Ensure keys match: port and keys must be the same for both SMLT aggregation switches:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 perform-tagging enableERS-8606:5# config mlt 10 lacp key 10ERS-8606:5# config mlt 10 lacp enableERS-8606:5# config ether 3/1-3/4 discard-untagged-frames enable
Single Port SMLT and LACP configuration example
Single Port SMLT lets you configure a split multilink trunk using a single port. The single port split multilink trunk behaves just like an MLT-based SMLT and can coexist with SMLTs in the same system; however, an SMLT ID can belong to either an MLT-SMLT or a single port split multilink trunk per chassis. With Single Port SMLT, you can scale the number of split multilink trunks on a switch to a maximum number of available ports.
314725-E Rev 00
Chapter 13 CLI configuration examples 529
When SMLT is enabled on a port, its key becomes default and aggregation becomes true. The selection logic selects the default aggregator for the SMLT port. When SMLT is disabled on a port, aggregation becomes false. This example highlights the steps in configuring Single Port SMLT using LACP to create the LAG. Although an Ethernet Routing Switch 8600 is used for the SMLT client, any LACP enabled device can be used.
Figure 243 on page 530 shows the network topology for this configuration example.
Configuring VLANs, Spanning Tree, and Link Aggregation
530 Chapter 13 CLI configuration examples
Figure 243 Network topology
Configuring ERS8600A
1 To create the interswitch trunk, enter the following commands:
ERS-8606:5# conf vlan 1900 create byport 1ERS-8606:5# conf mlt 5 createERS-8606:5# conf mlt 5 add ports 1/1,2/1ERS-8606:5# conf mlt 5 perform-tagging enableERS-8606:5# conf mlt 5 add vlan 1900ERS-8606:5# conf vlan 1900 ip create 1.1.1.1/30ERS-8606:5# conf mlt 5 ist create ip 1.1.1.2 vlan-id 1900
2 To create the user VLAN, enter the following commands:
ERS-8606:5# conf vlan 10 create byport 1ERS-8606:5# conf vlan 10 ports add 1/10
3 To create the single port split multilink trunk, enter the following command:
ERS-8606:5# conf ether 1/10 smlt 1 create
314725-E Rev 00
Chapter 13 CLI configuration examples 531
4 To enable LACP on each port, enter the following command. No key is required. The default key is used:
ERS-8606:5# conf ether 1/10 lacp enable
Configuring ERS8600B
1 To create the interswitch trunk, enter the following commands:
ERS-8606:5# conf vlan 1900 create byport 1ERS-8606:5# conf mlt 5 createERS-8606:5# conf mlt 5 add ports 1/1,2/1ERS-8606:5# conf mlt 5 perform-tagging enableERS-8606:5# conf mlt 5 add vlan 1900ERS-8606:5# conf vlan 1900 ip create 1.1.1.2/30ERS-8606:5# conf mlt 5 ist create ip 1.1.1.1 vlan-id 1900
2 To create the user VLAN, enter the following commands:
ERS-8606:5# conf vlan 10 create byport 1ERS-8606:5# conf vlan 10 ports add 1/10
3 To create the single port split multilink trunk, enter the following command:
ERS-8606:5# conf ether 1/10 smlt 1 create
4 To enable LACP on each port, enter the following command. No key is required. The default key is used:
ERS-8606:5# conf ether 1/10 lacp enable
Configuring ERS8600C
1 To create the multilink trunk, enter the following commands:
ERS-8606:5# conf mlt 10 createERS-8606:5# conf mlt 10 lacp key 10ERS-8606:5# conf mlt 10 lacp enable
2 To create the user VLAN and add ports, enter the following commands:
ERS-8606:5# conf vlan 10 create byport 1ERS-8606:5# conf vlan 10 ports add 1/1-1/2
3 To configure LACP on the ports, enter the following commands:
ERS-8606:5# conf ether 1/1-1/2 lacp key 10ERS-8606:5# conf ether 1/1-1/2 lacp aggregation true
Configuring VLANs, Spanning Tree, and Link Aggregation
532 Chapter 13 CLI configuration examples
4 To enable LACP on each port, enter the following command. No key is required. The default key is used:
ERS-8606:5# conf ether 1/1-1/2 lacp enable
SLPP, VRRP BackupMaster, and SMLT configuration example
In this configuration example, a SMLT with ID 2 is configured on ERS8600A and ERS8600B with a VRRPBackupMaster, as illustrated in Figure 244 on page 533. Simple Loop Prevention Protocol (SLPP) is used to detect loops in the network.
The edge switch, ERS3510, is configured for IP routing with a trunk VLAN 260 (which has an IP address of 10.1.4.5/20). Port members 21 to 24 on ERS3510 are added to an access MLT. Under normal operations, traffic can flow over any trunk ports from 21 to 24 on the ERS3510.
314725-E Rev 00
Chapter 13 CLI configuration examples 533
Figure 244 SLPP example network
Because the trunk VLAN is not tagged, if the ERS3510 switch is replaced with a factory default switch or if the MLT configuration is not enabled or defective, this causes a loop in the SMLT core. To detect this loop, configure SLPP on ERS8600B to shut down all SMLT ports. This occurs if ERS8600B receives SLPP-PDUs on port 7/15 or 7/16.
The following procedure configures SLPP on the network shown in Figure 244. To configure the ERS8600A, ERS8600B, and the ERS3510, see Figure 250 on page 537 to Figure 252 on page 539 at the end of this section.
To configure SLPP on the ERS8600B, do the following:
1 Enable SLPP and add VLAN 260. To do this, enter the following commands:
ERS8600-B:6# config slpp add 260ERS8600-B:6# config slpp operation enable
2 Enable SLPP on port 7/15 and 7/16:
ERS8600-B:6# config ethernet 7/15,7/16 slpp packet-rx enable
Configuring VLANs, Spanning Tree, and Link Aggregation
534 Chapter 13 CLI configuration examples
3 View the SLPP configuration on ERS8600B to ensure SLPP is configured correctly. To view the SLPP configuration, enter the following command:
a ERS8600-B:6# show slpp
Figure 245 Show slpp results
b ERS8600-B:6# show ports info slpp port 7/15,7/16
Figure 246 Show ports info
4 If MLT is broken on the ERS3510 switch, the following commands can be used to check which ports belonging to SMLT 2 are down. If something is broken on the ERS3510 switch, SLPP disables all SMLT ports. Use the following command:
ERS-8600-B:6# show port info interface port 7/15,7/16
ERS-8600-B:6# show slpp
Sub-Context: clear config dump monitor show test trace wsm asfm samCurrent Context:
etherType (hex) : 0x8104 operation : enabled tx-interval : 500 vlan : 260
ERS-8600-B:6#
ERS-8600-B:6# show ports info slpp port 7/15,7/16
================================================Port Interface
================================================PORT PKT-RX PKT-RXNUM THRESHOLD------------------------------------------------7/15 enabled 17/16 enabled 1
314725-E Rev 00
Chapter 13 CLI configuration examples 535
Figure 247 Show ports info interface port
If logging to the local interface is enabled, you should see messages indicating that SLPP caused the SMLT 2 port to go down. Use the following command:
ERS8600-B:6# show log file tail
Figure 248 Show log file tail for ERS8600B after port disabled
5 If the MLT problem is corrected on the ERS3510 switch, you must re-enable all SMLT ports on ERS8600A and ERS8600B. Use the commands shown in Figure 249 on page 536.
ERS-8600-B:6# show ports info interface port 7/15,7/16==========================================================================
Port Interface==========================================================================PORT LINK PORT PHYSICAL STATUSNUM INDEX DESCRIPTION TRAP LOCK MTU ADDRESS ADMIN OPERATE--------------------------------------------------------------------------7/15 462 GbicSx true false 1950 00:e0:7b:bc:21:14 down down7/16 463 GbicSx true false 1950 00:e0:7b:bc:21:15 down down
ERS-8600-B:6#
ERS8600-B:6# show log file tailCPU5 [01/25/06 12:54:42] SNMP INFO Smlt Link Down Trap(SmltId=2)CPU5 [01/25/06 12:54:42] SNMP INFO Slpp port down(SlppRxPort = 463, SlppRxVlan =260, SlppIncomingVlanId = 260, SlppSrcMacAddress = 00:e0:7b:bc:20:00)CPU5 [01/25/06 12:54:42] MLT INFO SMLT 2 DOWNCPU5 [01/25/06 12:54:42] SNMP INFO Port 7/16 is an access portCPU5 [01/25/06 12:54:42] SNMP INFO Link Down(7/16)CPU5 [01/25/06 12:54:42] SNMP INFO Port 7/15 is an access portCPU5 [01/25/06 12:54:42] SNMP INFO Link Down(7/15)CPU5 [01/25/06 12:54:42] SW WARNING slppRx: SLERS packet received Rx-Vlan 260, Rx-Port 7/16, PDU-Vlan 260, SRC-Mac 00:e0:7b:bc:20:00
Configuring VLANs, Spanning Tree, and Link Aggregation
536 Chapter 13 CLI configuration examples
Figure 249 Enabling SMLT and show log file tail after port enabled
The following figures contain the CLI commands used to configure the network of Figure 244 on page 533.
ERS8600-B:6# config ethernet 7/15,7/16 state enableERS8600-A:6# config ethernet 4/15,4/16 state enableERS8600-B:6# show log file tail
CPU5 [01/25/06 12:59:50] SNMP INFO Smlt Link Up Trap(SmltId=2)CPU5 [01/25/06 12:59:50] MLT INFO SMLT 2 UPCPU5 [01/25/06 12:59:16] SNMP INFO Link Up(7/16)CPU5 [01/25/06 12:59:15] SNMP INFO Link Up(7/15)
314725-E Rev 00
Chapter 13 CLI configuration examples 537
Figure 250 Commands to configure the 8600A MLT, VLAN, ports
## MLT CONFIGURATION#mlt 2 createmlt 2 add ports 4/15-4/16mlt 2 smlt create smlt-id 2mlt 5 createmlt 5 add ports 2/1,3/1mlt 5 perform-tagging enablemlt 5 ist create ip 2.1.1.2 vlan-id 1900mlt 5 ist enable
# VLAN CONFIGURATION
vlan 260 create byport 1 color 2vlan 260 add-mlt 2vlan 260 add-mlt 5vlan 260 ports add 2/1,3/1,4/15-4/16 member portmembervlan 260 ip create 10.1.4.2/255.255.255.240 mac_offset 6vlan 260 ip ospf interface-type passivevlan 260 ip ospf enablevlan 260 ip vrrp 5 address 10.1.4.1vlan 260 ip vrrp 5 backup-master enablevlan 260 ip vrrp 5 fast-adv-enable enablevlan 260 ip vrrp 5 enablevlan 1900 create byport 1vlan 1900 add-mlt 5vlan 1900 ports add 2/1,3/1 member portmembervlan 1900 ip create 2.1.1.1/255.255.255.252 mac_offset 4
# PORT CONFIGURATION - PHASE II
ethernet 2/1 default-vlan-id 1900ethernet 2/1 stg 1 stp disableethernet 3/1 default-vlan-id 1900ethernet 3/1 stg 1 stp disableethernet 4/15 stg 1 stp disableethernet 4/16 stg 1 stp disable
# OSPF CONFIGURATION#ip ospf admin-state enableip ospf enable
Configuring VLANs, Spanning Tree, and Link Aggregation
538 Chapter 13 CLI configuration examples
Figure 251 Commands to configure the 8600B MLT, VLAN, ports
# MLT CONFIGURATION#mlt 2 createmlt 2 add ports 7/15-7/16mlt 2 smlt create smlt-id 2mlt 5 createmlt 5 add ports 2/1,3/1mlt 5 perform-tagging enablemlt 5 ist create ip 2.1.1.2 vlan-id 1900mlt 5 ist enable## VLAN CONFIGURATION
vlan 260 create byport 1 color 2vlan 260 add-mlt 2vlan 260 add-mlt 5vlan 260 ports add 2/1,3/1,7/15-7/16 member portmembervlan 260 ip create 10.1.4.2/255.255.255.240 mac_offset 6vlan 260 ip ospf interface-type passivevlan 260 ip ospf enablevlan 260 ip vrrp 5 address 10.1.4.1vlan 260 ip vrrp 5 backup-master enablevlan 260 ip vrrp 5 fast-adv-enable enablevlan 260 ip vrrp 5 enablevlan 1900 create byport 1vlan 1900 add-mlt 5vlan 1900 ports add 2/1,3/1 member portmembervlan 1900 ip create 2.1.1.1/255.255.255.252 mac_offset 4
# PORT CONFIGURATION - PHASE II
ethernet 2/1 default-vlan-id 1900ethernet 2/1 stg 1 stp disableethernet 3/1 default-vlan-id 1900ethernet 3/1 stg 1 stp disableethernet 7/15 stg 1 stp disableethernet 7/16 stg 1 stp disable
# OSPF CONFIGURATION
ip ospf admin-state enableip ospf enable
314725-E Rev 00
Chapter 13 CLI configuration examples 539
Figure 252 Commands used to configure the ERS 3510 VLAN
! *** VLAN ***!auto-pvidvlan name 1 "VLAN #1"vlan create 99 name "Voice_VLAN" type portvlan create 200 name "Data_VLAN" type portvlan create 260 name "Trunk" type portvlan ports 1-4 tagging unTagAll filter-untagged-frame disable filter-unregistered-frames disable priority 0vlan ports 5-11 tagging unTagPvidOnly filter-untagged-frame disable filter-unregistered-frames disable priority 0vlan ports 12-24 tagging unTagAll filter-untagged-frame disable filter-unregistered-frames disable priority 0vlan members 1 NONEvlan members 99 1,5-11vlan members 200 5-11vlan members 260 21-24vlan ports 1 pvid 99vlan ports 2-4 pvid 1vlan ports 5-11 pvid 200vlan ports 12-20 pvid 1vlan ports 21-24 pvid 260vlan igmp unknown-mcast-no-flood disablevlan mgmt 1!! *** STP ***!spanning-tree stp 1 priority 8000spanning-tree stp 1 hello-time 2spanning-tree stp 1 max-age 20spanning-tree stp 1 forward-time 15spanning-tree stp 1 tagged-bpdu disable tagged-bpdu-vid 4001spanning-tree stp 1 multicast-address 01:80:c2:00:00:00interface FastEthernet ALLspanning-tree port 1-24 learning disableexitspanning-tree stp 1 add-vlan 1spanning-tree stp 1 add-vlan 99spanning-tree stp 1 add-vlan 200spanning-tree stp 1 add-vlan 260interface FastEthernet ALLexit
Configuring VLANs, Spanning Tree, and Link Aggregation
540 Chapter 13 CLI configuration examples
Ping Snoop configuration example
You can use the Ping Snoop feature to troubleshoot MultiLink Trunk (MLT) and Split MultiLink Trunk (SMLT) networks. This feature displays the route that IP traffic takes over an MLT or SMLT path. Ping Snoop enables a filter that copies Internet Control Message Protocol (ICMP) messages to the CPU. The CPU then monitors the ICMP stream. The console displays the port that is used for each IP traffic flow from source to destination station. There is no mechanism to prevent line rate ICMP traffic from going to the CPU as a result of enabling Ping Snoop.
For more information about configuring Ping Snoop, including instructions for Device Manager and CLI for both legacy and R modules, see Using Diagnostic Tools.
Configuring Ping Snoop
1 Create the Ping Snoop filter. Create a filter to capture ICMP packets from the 30.30.30.0 network to another device in the same network. (You can also configure a filter for single addresses by using a 32 bit mask 30.30.30.10/32 or 30.30.30.3/32.):
ERS-8606:5# config diag ping-snoop create src-ip 30.30.30.0/24 dst-ip 30.30.30.0/24
2 Add ports to filter:
ERS-8606:5# config diag ping-snoop add-port 1/47
3 Enable Ping Snoop:
ERS-8606:5# config diag ping-snoop enable true
Note: If you have an R module installed in the Ethernet Routing Switch 8600 and wish to configure Ping Snoop, you must use an ACL filter option. For more information about the ACL filter, see Configuring QoS and Filtering for Ethernet Routing Switch 8600 R Modules.
314725-E Rev 00
Chapter 13 CLI configuration examples 541
This is a sample output:
ICMP Request received on port 1/47 with Src=30.30.30.10 Dst=30.30.30.3 ICMP Request received on port 1/47 with Src=30.30.30.10 Dst=30.30.30.3ICMP Request received on port 1/47 with Src=30.30.30.10 Dst=30.30.30.3 ICMP Request received on port 1/47 with Src=30.30.30.10 Dst=30.30.30.3
By adding all the MLT/SMLT ports to this filter on a per-switch basis, the user can determine the exact path that traffic takes.
LACP point to point LAG configuration example
This configuration example shows how to configure and enable a point-to-point link aggregation group (LAG) using LACP (Figure 253).
Figure 253 LACP configuration example
The following sections provide step-by-step procedures that show how to configure switch S1 and S2 for the example shown in Figure 253.
Note: You must configure all aggregatable ports in MLT 10 to use the same key used for MLT 10.
Configuring VLANs, Spanning Tree, and Link Aggregation
542 Chapter 13 CLI configuration examples
Configuring S1
1 Create VLAN 100 and add ports to the VLAN:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config vlan 100 ports add 1/1-1/2,2/1-2/2
2 Configure LACP on S1 switch ports:
ERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp key 10ERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp aggregation trueERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp enable
3 Create MLT 10 and configure LACP. Ensure the LACP key is the same as that configured in step 2:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 lacp key 10ERS-8606:5# config mlt 10 lacp enable
Configuring S2
1 Create VLAN 100 and add ports to the VLAN:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config vlan 100 ports add 1/1-1/2,2/1-2/2
2 Configure LACP on S2 switch ports:
ERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp key 10ERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp aggregation trueERS-8606:5# config ether 1/1-1/2,2/1-2/2 lacp enable
3 Create MLT 10 and configure LACP. Ensure the LACP key is the same as that configured in step 2:
ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 lacp key 10ERS-8606:5# config mlt 10 lacp enable
314725-E Rev 00
Chapter 13 CLI configuration examples 543
Enabling VLACP on Ethernet links configuration example
This configuration example shows how to enable VLACP on Ethernet links to ensure that link failures are propagated through the service provider optical network (Figure 254).
Figure 254 Enabling VLACP on Ethernet links configuration example
The following sections provide step-by-step procedures that show how to configure switch S1, and S2 for this example.
Configuring S1
1 Configure MLT 10 and add VLAN 100:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 add ports 3/1,3/2ERS-8606:5# config mlt 10 add vlan 100
2 Enable VLACP on both Ethernet ports:
ERS-8606:5# config ethernet 3/1-3/2 vlacp enable
Configuring S2
1 Configure MLT 10 and add VLAN 100:
ERS-8606:5# config vlan 100 create byport 1ERS-8606:5# config mlt 10 createERS-8606:5# config mlt 10 add ports 3/1,3/2
Configuring VLANs, Spanning Tree, and Link Aggregation
544 Chapter 13 CLI configuration examples
ERS-8606:5# config mlt 10 add vlan 100
2 Enable VLACP on both Ethernet ports:
ERS-8606:5# config ethernet 3/1-3/2 vlacp enable
Per-VLAN Spanning Tree Plus (PVST+) configuration examples
PVST+ is an extension of the Cisco System PVST with support for IEEE 802.1Q standard, and is the default spanning tree protocol used on Cisco System switches. PVST+ uses a separate spanning tree instance for each configured VLAN and supports the IEEE 802.1Q STP across IEEE 802.1Q regions.
When you configure PVST+, it uses, by default, IEEE 802.1Q single STP BPDUs on VLAN 1 and PVST+ BPDUs for other VLANs. This allows a PVST+ switch to connect to a switch using IEEE 802.1Q spanning tree as a tunnel for PVST+. PVST+ BPDUs are tunneled across the 802.1Q VLAN region as multicast data.
The single STP is addressed to the well-known STP MAC address 01-80-C2-00-00-00. The PVST+ BPDUs for other VLANs are addressed to multicast address 01-00-0C-CC-CC-CD.
PVST+ can be used to load balance the VLANs by changing the VLAN bridge priority.
For conceptual information about PVST+, refer to “Per-VLAN spanning tree” on page 71.
This section includes the following topics:
• “Configuring PVST+ on an Ethernet Routing Switch 8600”
• “Configuration example—basic PVST+ setup” on page 545
Configuring PVST+ on an Ethernet Routing Switch 8600
You can configure a PVST+ instance under the Ethernet Routing Switch 8600 spanning tree group (STG) level for each VLAN that connects to a Cisco System switch running PVST+.
314725-E Rev 00
Chapter 13 CLI configuration examples 545
Use the following commands to configure PVST+ on the Ethernet Routing Switch 8600:
ERS-8606:5# config stg <1-64> create <ports> vlan <1-4094> ntstg disable
The ntstg parameter is enabled by default, which provides the default group STP operation. When you set the ntstg parameter to disable, PVST+ is enabled for this particular VLAN.
To view spanning tree forwarding state, enter the following command:
ERS-8606:5# show ports info stg main <port number>
To view the spanning tree configuration, enter the following command:
ERS-8606:5# show stg info config
To view the spanning tree status, enter the following command:
ERS-8606:5# show stg info status
Configuration example—basic PVST+ setup
Figure 255 on page 546 shows a basic configuration example in which a single Ethernet Routing Switch 8600 is using PVST+ to connect to two Cisco Systems switches.
The following sections provide step-by-step procedures that show how to configure PVST+ on Ethernet Routing Switch 8600 S1 for this example.
Configuring VLANs, Spanning Tree, and Link Aggregation
546 Chapter 13 CLI configuration examples
Figure 255 Basic setup configuration example
Configuring Ethernet Routing Switch 8600 S1
1 Configure ports 1/20 and 1/30 with VLAN tagging:
ERS-8606:5# config ethernet 1/20,1/30 perform-tagging enable
2 Configure a PVST+ STG instance for each VLAN:
ERS-8606:5# config stg 20 create 1/5,1/20,1/30 vlan 100 ntstg disableERS-8606:5# config stg 21 create 1/6,1/20,1/30 vlan 101 ntstg disableERS-8606:5# config stg 22 create 1/7,1/20,1/30 vlan 102 ntstg disable
3 Create VLAN 100:
ERS-8606:5# config vlan 100 create byport 20ERS-8606:5# config vlan 100 ports add 1/5,1/20,1/30
4 Create VLAN 101:
ERS-8606:5# config vlan 101 create byport 21ERS-8606:5# config vlan 101 ports add 1/6,1/20,1/30
5 Create VLAN 102:
ERS-8606:5# config vlan 102 create byport 22ERS-8606:5# config vlan 102 ports add 1/7,1/20,1/30
314725-E Rev 00
Chapter 13 CLI configuration examples 547
Configuring Cisco C2950 switches S2 and S3
By default, PVST+ is enabled on the switches. The only configuration requirement is for you to add the VLANs (through the VLAN database), and then add the ports to each VLAN:
version 12.1!interface FastEthernet0/17 switchport access vlan 100 switchport mode access no ip address!interface FastEthernet0/18 switchport access vlan 101 switchport mode access no ip address!interface FastEthernet0/19 switchport access vlan 102 switchport mode access no ip address!interface FastEthernet0/20 switchport trunk allowed vlan 100-102 switchport mode trunk no ip address!interface FastEthernet0/21 switchport trunk allowed vlan 100-102 switchport mode trunk no ip address!
Configuration example—load balancing with the Ethernet Routing Switch 8600 as a distribution switch
This configuration example shows how to perform load balancing with the Ethernet Routing Switch 8600 (S1 and S2) acting as a distribution switch, and the Cisco C2950 switch (S3) acting as an access switch (Figure 256 on page 548).
Configuring VLANs, Spanning Tree, and Link Aggregation
548 Chapter 13 CLI configuration examples
Figure 256 Load balancing configuration example
This configuration example shows how to complete the following tasks:
• Configure the Cisco C2950 switch as an access switch.
• Configure the Ethernet Routing Switch 8600 (S1 and S2) as distribution switches.
• Forward all even number VLANs from C2950-A (S3) to Ethernet Routing Switch 8600 S1. Forwarding is accomplished by configuring the STG bridge priority. By default, all STG groups have a bridge priority of 32768. To increase the STG priority, you can lower the STG priority to a lower value for all even number VLANs (for this example, use 4096).
• Forward all odd number VLANs from C2950-A (S3) to Ethernet Routing Switch 8600 S2.
To increase the STG priority, you can lower the STG priority to a lower value for all odd number VLANs (for this example, use 4096).
For the configuration files used for Ethernet Routing Switch 8600s S1 and S2 in this configuration example, see “Configuration files for S1 and S2” on page 550.
The following sections provide step-by-step procedures that show how to perform load balancing with the Ethernet Routing Switch 8600 (S1 and S2) as distribution switches, and the Cisco C2950 switch (S3) as an access switch for this example.
314725-E Rev 00
Chapter 13 CLI configuration examples 549
Configuring Ethernet Routing Switch 8600 S1
1 Configure ports 1/20 and 2/1 with VLAN tagging:
ERS-8606:5# config ethernet 1/20,2/1 perform-tagging enable
2 Configure a PVST+ STG instance for each VLAN:
ERS-8606:5# config stg 20 create 1/5,1/20,2/1 vlan 100 ntstg disableERS-8606:5# config stg 21 create 1/6,1/20,2/1 vlan 101 ntstg disableERS-8606:5# config stg 22 create 1/7,1/20,2/1 vlan 102 ntstg disable
3 Configure bridge priority for each even number VLAN STG group:
ERS-8606:5# config stg 20 priority 4096ERS-8606:5# config stg 22 priority 4096
4 Create VLAN 100:
ERS-8606:5# config vlan 100 create byport 20ERS-8606:5# config vlan 100 ports add 1/5,1/20,2/1
5 Create VLAN 101:
ERS-8606:5# config vlan 101 create byport 21ERS-8606:5# config vlan 101 ports add 1/6,1/20,2/1
6 Create VLAN 102:
ERS-8606:5# config vlan 102 create byport 22ERS-8606:5# config vlan 102 ports add 1/7,1/20,2/1
Configuring Ethernet Routing Switch 8600 S2
1 Configure ports 1/20 and 2/1 with VLAN tagging:
ERS-8606:5# config ethernet 1/20,2/1 perform-tagging enable
2 Configure a PVST+ STG instance for each VLAN:
ERS-8606:5# config stg 20 create 1/5,1/20,2/1 vlan 100 ntstg disableERS-8606:5# config stg 21 create 1/6,1/20,2/1 vlan 101 ntstg disableERS-8606:5# config stg 22 create 1/7,1/20,2/1 vlan 102 ntstg disable
Configuring VLANs, Spanning Tree, and Link Aggregation
550 Chapter 13 CLI configuration examples
3 Configure bridge priority for each odd number VLAN STG group:
ERS-8606:5# config stg 21 priority 4096
4 Create VLAN 100:
ERS-8606:5# config vlan 100 create byport 20ERS-8606:5# config vlan 100 ports add 1/5,1/20,2/1
5 Create VLAN 101:
ERS-8606:5# config vlan 101 create byport 21ERS-8606:5# config vlan 101 ports add 1/6,1/20, 2/1
6 Create VLAN 102:
ERS-8606:5# config vlan 102 create byport 22ERS-8606:5# config vlan 102 ports add 1/7,1/20, 2/1
Configuration files for S1 and S2
The following sections provide the configuration files used for Ethernet Routing Switch 8600 S1 and S2 in the configuration example shown Figure 256 on page 548.
S1 configuration file
## PORT CONFIGURATION - PHASE I#ethernet 1/20 perform-tagging enableethernet 2/1 perform-tagging enable## STG CONFIGURATION#stg 20 create vlan 100 mac 01:00:0c:cc:cc:cd ntstg disable stg 20 add ports 1/5,1/20,2/1stg 20 priority 4096stg 21 create vlan 101 mac 01:00:0c:cc:cc:cd ntstg disable stg 21 add ports 1/6,1/20,2/1stg 22 create vlan 102 mac 01:00:0c:cc:cc:cd ntstg disable stg 22 add ports 1/7,1/20,2/1stg 22 priority 4096## VLAN CONFIGURATION#vlan 100 create byport 20
314725-E Rev 00
Chapter 13 CLI configuration examples 551
vlan 100 ports remove 1/1-1/4,1/6-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 100 ports add 1/5,1/20,2/1 member portmembervlan 101 create byport 21vlan 101 ports remove 1/1-1/5,1/7-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 101 ports add 1/6,1/20,2/1 member portmembervlan 102 create byport 22vlan 102 ports remove 1/1-1/6,1/8-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 102 ports add 1/7,1/20,2/1 member portmember
S2 configuration file
## PORT CONFIGURATION - PHASE Iethernet 1/20 perform-tagging enableethernet 2/1 perform-tagging enable## STG CONFIGURATION#stg 20 create vlan 100 mac 01:00:0c:cc:cc:cd ntstg disable stg 20 add ports 1/5,1/20,2/1stg 21 create vlan 101 mac 01:00:0c:cc:cc:cd ntstg disable stg 21 add ports 1/6,1/20,2/1stg 21 priority 4096stg 22 create vlan 102 mac 01:00:0c:cc:cc:cd ntstg disable stg 22 add ports 1/7,1/20,2/1## VLAN CONFIGURATION#vlan 100 create byport 20vlan 100 ports remove 1/1-1/4,1/6-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 100 ports add 1/5,1/20,2/1 member portmembervlan 101 create byport 21vlan 101 ports remove 1/1-1/5,1/7-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 101 ports add 1/6,1/20,2/1 member portmembervlan 102 create byport 22vlan 102 ports remove 1/1-1/6,1/8-1/19,1/21-1/48,2/2-2/8,3/1-3/8 member portmembervlan 102 ports add 1/7,1/20,2/1 member portmember
Configuring VLANs, Spanning Tree, and Link Aggregation
552 Chapter 13 CLI configuration examples
Configuration example—load balancing with the Cisco System switch as a distribution switch
This configuration example shows how to perform load balancing with the Cisco C2950 switches (S2 and S3) as distribution switches, and the Ethernet Routing Switch 8600 (S1) as an access switch (see Figure 255 on page 546).
This configuration example shows how to complete the following tasks:
• Configure the Ethernet Routing Switch 8600 (S1) as an access switch.
• Configure Cisco C2950 switches (S2 and S3) as distribution switches.
• Forward all even number VLANs from Ethernet Routing Switch 8600 (S1) to Cisco C2950 switch S2.
• Forward all odd number VLANs from Ethernet Routing Switch 8600 (S1) to Cisco C2950 switch S3.
To load balance traffic in this manner, you can configure the Cisco C2950 switch S2 as the root for all even number VLANs and the Cisco C2950 switch S3 as the root for all odd number VLANs.
To do this, enter the following commands:
1 Configure C2950 S2 as the root from all even number VLANs:
Cat2950-A(config)# spanning-tree vlan 100 root primaryCat2950-A(config)# spanning-tree vlan 102 root primary
2 Configure C2950 S3 as the root for all odd number VLANs:
Cat2950-B(config)# spanning-tree vlan 101 root primary
(The Cisco System root command changes the bridge priority to 24576.)
314725-E Rev 00
Chapter 13 CLI configuration examples 553
Cisco Systems default spanning tree settings
The section shows the default PVST+ settings used with Cisco Systems switches.
Setting the PVST+ bridge ID priority
• The bridge ID priority is the priority of a VLAN when the switch is inPVST+ mode.
• When the switch is in PVST+ mode without MAC address reduction enabled, you can enter a bridge priority value between 0 and 65535. The bridge priority value you enter also becomes the VLAN bridge ID priority for that VLAN.
• When the switch is in PVST+ mode with MAC address reduction enabled, you can enter one of 16 bridge priority values: 0, 4096, 8192, 12 288, 16 384, 20 480, 24 576, 28 672, 32 768, 36 864, 40 960, 45 056, 49 152, 53 248, 57 344, or 61 440.
• The bridge priority is combined with the system ID extension (that is, the ID of the VLAN) to create the bridge ID priority for the VLAN.
Feature Default Value
VLAN 1 All ports assigned to VLAN 1
Enable state PVST+ enabled for all VLANs
Bridge priority 32768
Port priority 32
Port cost • Gigabit Ethernet: 4 • Fast Ethernet: 19
• Ethernet: 100
Port VLAN priority Same as port priority, but configurable on a per-VLAN basis in PVST+.
Port VLAN cost Same as port cost, but configurable on a per-VLAN basis in PVST+.
Bridge Priority 0, 4096, 8192, 12 288, 16 384, 20480, 28 672, 32 768, 36 864, 40960, 45 056, 49 152, 53 248, 57 344, or 61 440.
Configuring VLANs, Spanning Tree, and Link Aggregation
554 Chapter 13 CLI configuration examples
Rapid Spanning Tree Protocol configuration example
In this configuration example, you can accomplish the following:
• Configure the bridge priority as shown in Figure 257 on page 555. This configuration results in traffic flow as shown with the dashed lines because B1 becomes the RSTP root bridge. If B1 fails, then B2 becomes the root bridge based on priority settings.
• Set the bridge port priory on B1 such that the Gigabit Ethernet (GbE) interface 2/1 is used.
314725-E Rev 00
Chapter 13 CLI configuration examples 555
Figure 257 RSTP topology
Configuring VLANs, Spanning Tree, and Link Aggregation
556 Chapter 13 CLI configuration examples
Configuring ERS8600 B1
To configure switch B1:
1 Set the switch to use RSTP mode. This requires you to save the configuration and boot the switch. Enter the following commands:
ERS8600-B1:6# config bootconfig flags spanning-tree-mode rstpERS8600-B1:6# save bootconfigERS8600-B1:6# boot -y
2 Add VLAN 3. Enter the following commands:
ERS8600-B1:6# config vlan 3 create byport-mstprstp 0ERS8600-B1:6# config vlan 3 ports add 2/1,2/2,2/4,2/5,1/15
3 Change the RSTP bridge priority. Enter the following command:
ERS8600-B1:6# config rstp priority 4096
4 Configure port 1/15 as an RSTP edge port:
ERS8600-B1:6# config ethernet 1/15 rstp edge-port true
5 Configure port 2/1 with a RSTP port priority of 16 so that it is used as the RSTP root path:
ERS8600-B1:6# config ethernet 2/1 rstp priority 16
Configuring ERS8600 B2
1 Set the switch to use RSTP mode. This requires you to save the configuration and boot the switch. Enter the following commands:
ERS8600-B2:6# config bootconfig flags spanning-tree-mode rstpERS8600-B2:6# save bootconfigERS8600-B2:6# boot -y
2 Add VLAN 3. Enter the following commands:
ERS8600-B2:6# config vlan 3 create byport-mstprstp 0ERS8600-B2:6# config vlan 3 ports add 4/1,4/2,4/4,4/5,3/15
3 Change the RSTP bridge priority. Enter the following command:
ERS8600-B2:6# config rstp priority 8192
4 Configure port 3/15 as an RSTP edge port:
ERS8600-B2:6## config ethernet 3/15 rstp edge-port true
314725-E Rev 00
Chapter 13 CLI configuration examples 557
Configuring ERS1600 B3
1 Set the switch to use RSTP mode. Enter the following command:
ERS1624G-B3:4# config stp version rstp
2 Change the RSTP bridge priority:
ERS1624G-B3:4# config stp priority 12288
3 Add VLAN 3:
ERS1624G-B3:4# create vlan 3 vid 3 type portERS1624G-B3:4# config vlan 3 add untagged 1,3,5,7,10
4 Configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces:
ERS1624G-B3:4# config ports 1,3 speed 1000_full
Configuring ERS1600 B4
1 Set the switch to use RSTP mode. Enter the following command:
ERS1612G-B4:4# config stp version rstp
2 Change RSTP bridge priority:
ERS1612G-B4:4# config stp priority 16384
3 Add VLAN 3
ERS1612G-B4:4# create vlan 3 vid 3 type portERS1612G-B4:4# config vlan 3 add untagged 1,3,5,7,10
4 Configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces:
ERS1612G-B4:4# config ports 1,3 speed 1000_full
Configuring ES 470 B5
By default, with BOSS 3.5, Auto-PVID is enabled. Auto-PVID will automatically assign the VLAN PVID to all port members.
Note: If you disable Auto-PVID, you will have to assign the PVID to each VLAN port member by using the command vlan ports <port list> pvid <1-4094>
Configuring VLANs, Spanning Tree, and Link Aggregation
558 Chapter 13 CLI configuration examples
1 Change spanning tree operating mode to RSTP and reboot the switch:
ES470_48(config)# spanning-tree op-mode rstpES470_48(config)# bootReboot the unit(s) (y/n) ? y
2 Add VLAN 3:
ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
3 Remove VLAN port members from the default VLAN:
ES470_48(config)# vlan members remove 1 15,47,48
4 Change the RSTP bridge priority:
ES470_48(config)# spanning-tree rstp priority 5000
5 Configure port 15 as a RSTP edge port:
ES470_48(config)# interface fastEthernet 15ES470_48(config-if)# spanning-tree rstp edge-port true
Configuring ES470 B6
1 Change spanning tree operating mode to RSTP and reboot the switch:
ES470_48(config)# spanning-tree op-mode rstpES470_48(config)# bootReboot the unit(s) (y/n) ? y
Note: When you use RSTP, if you remove a port from the default VLAN prior to configuring VLAN 3, the STP participation is disabled for that port. In this case, you must enable STP participation for each removed port. This can be avoided if you remove ports from the default VLAN (VLAN 1) after VLAN 3 is created.
If you first remove the port(s) from VLAN 1, RSTP can be enabled again by using the following commands: interface fastEthernet <port> spanning-tree rstp learning enable and spanning-tree rstp learning enable
Note: The bridge priority value is in hexadecimal. 20480 in decimal equals 5000 in hexadecimal.
314725-E Rev 00
Chapter 13 CLI configuration examples 559
2 Add VLAN 3:
ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
3 Remove VLAN port members from the default VLAN:
ES470_48(config)# vlan members remove 1 15,47,48
4 Change the RSTP bridge priority:
ES470_48(config)# spanning-tree rstp priority 6000
5 Configure port 15 as a RSTP edge port:
ES470_48(config)# interface fastEthernet 15ES470_48(config-if)# spanning-tree rstp edge-port true
Multiple Spanning Tree Protocol configuration example
The following section gives an example using MSTP. The topology is given in Figure 258 on page 560. This network has the following parameters:
Configuring VLANs, Spanning Tree, and Link Aggregation
560 Chapter 13 CLI configuration examples
Figure 258 Multiple spanning tree topology
• Switches B1 and B2 are in multiple spanning tree region 2.
• B1 is configured so that it becomes the CIST root; it has the lowest CIST priority of 4096.
• B2 is configured so that it becomes the CIST backup; it has the next highest CIST priority of 8192.
• There are two MSTI instances; MSTI 1 for VLAN 3 and MSTI 2 for VLAN 4.
• B1 GbE interface 2/2 is configured with a MSTI 2 priority of 16, while B2 GbE interface 4/1 is configured with a MSTI 1 priority of 16. This results in VLAN load balancing.
• Switches B3, B4, B5, and B6 are in multiple spanning tree region 1.
314725-E Rev 00
Chapter 13 CLI configuration examples 561
• B3 is configured so that it becomes the CIST regional root; it has a CIST priority of 12288. B4 becomes the backup CIST regional root; it has a priority of 16384.
• There are two MSTI instances; MSTI 1 for VLAN 3, and MSTI 2 for VLAN 4.
• B4 is configured so that it is the MSTI root for VLAN 3 and the backup MSTI root for VLAN 4. Configure the MSTI priority for MSTI 1 to 4096, and the MSTI priority for MSTI 2 to 8192.
• B3 is configured so that it is the MSTI root for VLAN 4 and the backup MSTI root for VLAN 3. Configure the MSTI priority for MSTI 1 to 8192, and the MSTI priority for MSTI 2 to 4096.
Configuring ERS8600 B1
1 Set the switch to use MSTP mode. This requires you to save the configuration and boot the switch. Enter the following commands:
ERS8600-B1:6# config bootconfig flags spanning-tree-mode mstpERS8600-B1:6# save bootconfigERS8600-B1:6# boot -y
2 Configure the MSTP region:
ERS8600-B1:6# config mstp region config-id-sel 2ERS8600-B1:6# config mstp region name region2ERS8600-B1:6# config mstp region revision 1
3 Configure GbE ports 2/1, 2/2, 2/4, and 2/4 as tagged ports:
ERS8600-B1:6# config ethernet 2/1,2/2,2/4,2/5 perform-tagging enable
4 Add VLAN 3:
ERS8600-B1:6# config vlan 3 create byport-mstprstp 1ERS8600-B1:6# config vlan 3 ports add 2/1,2/2,2/4,2/5,1/15
5 Add VLAN 4:
ERS8600-B1:6# config vlan 4 create byport-mstprstp 2ERS8600-B1:6# config vlan 4 ports add 2/1,2/2,2/4,2/5,1/16
6 Change the MSTP CIST bridge priority:
ERS8600-B1:6# config mstp cist priority 4096
Configuring VLANs, Spanning Tree, and Link Aggregation
562 Chapter 13 CLI configuration examples
7 Configure the MSTP 2 priority:
ERS8600-B1:6# config ethernet 2/2 mstp msti 2 priority 16
8 Configure ports 1/15 and 1/16 as a MSTP edge ports:
ERS8600-B1:6# config ethernet 1/15,1/16 mstp cist edge-port true
Configuring ERS8600 B2
1 Set the switch to use MSTP mode. This requires you to save the configuration and boot the switch. Enter the following commands:
ERS8600-B2:6# config bootconfig flags spanning-tree-mode mstpERS8600-B2:6# save bootconfigERS8600-B2:6# boot -y
2 Configure MSTP region:
ERS8600-B2:6# config mstp region config-id-sel 2ERS8600-B2:6# config mstp region name region2ERS8600-B2:6# config mstp region revision 1
3 Configure GbE ports 4/1, 4/2, 4/4, and 4/5 as tagged ports:
ERS8600-B2:6# config ethernet 4/1,4/2,4/4,4/5 perform-tagging enable
4 Add VLAN 3:
ERS8600-B2:6# config vlan 3 create byport-mstprstp 1ERS8600-B2:6# config vlan 3 ports add 4/1,4/2,4/4,4/5,3/15
5 Add VLAN 4:
ERS8600-B2:6# config vlan 4 create byport-mstprstp 2ERS8600-B2:6# config vlan 4 ports add 4/1,4/2,4/4,4/5,3/16
6 Change the MSTP CIST bridge priority:
ERS8600-B2:6# config mstp cist priority 8192
7 Configure the MSTP 1 priority:
ERS8600-B2:6# config ethernet 4/1 mstp msti 1 priority 16
8 Configure ports as MSTP edge ports:
ERS8600-B2:6# config ethernet 3/15,3/16 mstp cist edge-port true
314725-E Rev 00
Chapter 13 CLI configuration examples 563
Configuring ERS1600 B3
1 Enable the MSTP mode:
ERS1624G-B3:4# config stp version mstp
2 Change MSTP bridge priority:
ERS1624G-B3:4# config stp instance_id 0 priority 12288
3 Add VLAN 3:
ERS1624G-B3:4# create vlan 3 vid 3 type portERS1624G-B3:4# config vlan 3 add untagged 10ERS1624G-B3:4# config vlan 3 add tagged 1,3,5,7
4 Add VLAN 4:
ERS1624G-B3:4# create vlan 4 vid 4 type portERS1624G-B3:4# config vlan 4 add untagged 11ERS1624G-B3:4# config vlan 4 add tagged 1,3,5,7
5 Configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces:
ERS1624G-B3:4# config ports 1,3 speed 1000_full
6 Configure the MSTP region and revision:
ERS1624G-B3:4# config stp region name region1ERS1624G-B3:4# config stp region mstconfigidsel 1ERS1624G-B3:4# config stp region revision 1
7 Add MSTI 1, change the MSTI priority, and add VLAN 3:
ERS1624G-B3:4# create stp instance_id 1ERS1624G-B3:4# config stp instance_id 2 priority 8192ERS1624G-B3:4# config stp_vlan instance_id 1 add 3
8 Add MSTI 2, change the MSTI priority, and add VLAN 4:
ERS1624G-B3:4# create stp instance_id 2ERS1624G-B3:4# config stp instance_id 2 priority 4096ERS1624G-B3:4# config stp_vlan instance_id 2 add 4
Configuring ERS1600 B4
1 Enable MSTP mode:
ERS1624G-B4:4# config stp version mstp
2 Change MSTP bridge priority:
ERS1624G-B4:4# config stp instance_id 0 priority 12288
Configuring VLANs, Spanning Tree, and Link Aggregation
564 Chapter 13 CLI configuration examples
3 Add VLAN 3:
ERS1624G-B4:4# create vlan 3 vid 3 type portERS1624G-B4:4# config vlan 3 add untagged 10ERS1624G-B4:4# config vlan 3 add tagged 1,3,5,7
4 Add VLAN 4:
ERS1624G-B4:4# create vlan 4 vid 4 type portERS1624G-B4:4# config vlan 4 add untagged 11ERS1624G-B4:4# config vlan 4 add tagged 1,3,5,7
5 Configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces:
ERS1624G-B4:4# config ports 1,3 speed 1000_full
6 Configure the MSTP region and version:
ERS1624G-B4:4# config stp region name region1ERS1624G-B4:4# config stp region mstconfigidsel 1ERS1624G-B4:4# config stp region revision 1
7 Add MSTI 1, change the MSTI priority, and add VLAN 3:
ERS1624G-B4:4# create stp instance_id 1ERS1612G-B4:4# config stp instance_id 1 priority 4096ERS1624G-B4:4# config stp_vlan instance_id 1 add 3
8 Add MSTI 2, change the MSTI priority, and add VLAN 4:
ERS1624G-B4:4# create stp instance_id 2ERS1624G-B4:4# config stp instance_id 2 priority 8192ERS1624G-B4:4# config stp_vlan instance_id 2 add 4
Configuring ES 470 B5
1 Change spanning tree operation mode to MSTP and reboot the switch:
ES470_48(config)# spanning-tree op-mode mstpES470_48(config)# bootReboot the unit(s) (y/n) ? y
2 Add tagging:
ES470_48(config)# vlan ports 47,48 tagging tagall
3 Add VLAN 3 and members:
ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
314725-E Rev 00
Chapter 13 CLI configuration examples 565
4 Remove VLAN port member from the default VLAN:
ES470_48(config)# vlan members remove 1 15,47,48
5 Add VLAN 4 and port members:
ES470_48(config)# vlan create 4 type port ES470_48(config)# vlan members add 4 16,47,48
6 Remove VLAN port members from the default VLAN:
ES470_48(config)# vlan members remove 1 16
7 Configure the MSTP region and version:
ES470_48(config)# spanning-tree mstp region config-id-sel 1 region-name region1 region-version 1
8 Add MSTP MSTI 1 and add VLAN 3:
ES470_48(config)# spanning-tree mstp msti 1ES470_48(config)# spanning-tree mstp msti 1 add-vlan 3
9 Add MSTP MSTI 2 and add VLAN 4:
ES470_48(config)# spanning-tree mstp msti 2ES470_48(config)# spanning-tree mstp msti 2 add-vlan 4
10 Configure ports 6 and 7 as MSTP edge ports:
ES470_48(config)# interface fastEthernet 15,16ES470_48(config-if)# spanning-tree mstp edge-port true
Configuring ES 470 B6
1 Change spanning tree operation mode to MSTP and reboot the switch:
ES470_48(config)# spanning-tree op-mode mstpES470_48(config)# bootReboot the unit(s) (y/n) ? y
2 Add tagging:
ES470_48(config)# vlan ports 47,48 tagging tagall
Note: If an error message appears stating that you cannot modify settings and nontagged ports cannot span multiple STPGs, then ensure that all appropriate ports have tagging enabled. In this example, this applies to ports 47 and 48.
Configuring VLANs, Spanning Tree, and Link Aggregation
566 Chapter 13 CLI configuration examples
3 Add VLAN 3 and port members:
ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
4 Remove VLAN port members from the default VLAN:
ES470_48(config)# vlan members remove 1 15,47,48
5 Add VLAN 4 and port members:
ES470_48(config)# vlan create 4 type port ES470_48(config)# vlan members add 4 16,47,48
6 Remove VLAN port members from the default VLAN:
ES470_48(config)# vlan members remove 1 16
7 Configure the MSTP region and version:
ES470_48(config)# spanning-tree mstp region config-id-sel 1 region-name region1 region-version 1
8 Add MSTP MSTI 1 and add VLAN 3:
ES470_48(config)# spanning-tree mstp msti 1ES470_48(config)# spanning-tree mstp msti 1 add-vlan 3
9 Add MSTP MSTI 2 and add VLAN 4:
ES470_48(config)# spanning-tree mstp msti 2ES470_48(config)# spanning-tree mstp msti 2 add-vlan 4
10 Configure ports 6 and 7 as MSTP edge ports:
ES470_48(config)# interface fastEthernet 15,16ES470_48(config-if)# spanning-tree mstp edge-port true
314725-E Rev 00
567
Appendix ATap and OctaPID assignment (Release 3.x feature set)
The switch fabric in the Ethernet Routing Switch 8600 module has nine switching taps, one for each of the eight I/O slots (1 to 4 and 7 to 10), and one for the CPU slots (5 and 6). Taps 0 to 7 map to the eight I/O slots and can support up to eight OctaPIDs. Each OctaPID can support up to eight ports.
In the Ethernet Routing Switch 8600, a physical port number is 10 bits long and has the following format:
9 6 5 3 2 0 +-----+----+----+ | | | | +-----+----+----+
bits 9–6: Tap number (0–15)
bits 5–3: OctaPID number (0–7)
bits 2–0: MAC port number (0–7)
The tap number bits and the OctaPID number bits combined (bits 9–3) are usually referred to as the OctaPID ID.
Configuring VLANs, Spanning Tree, and Link Aggregation
568 Appendix A Tap and OctaPID assignment (Release 3.x feature set)
Table 69 lists the module types that are currently available, along with the associated OctaPID ID assignments for each module.
Table 69 Available module types and OctapPID ID assignments
Module type Port typeOctaPID ID assignment
8608GBE and 8608GBM Modules 1000BASE-SX Table 70 next
1000BASE-LX
1000BASE-ZX
1000BASE-XD
8608GTE and 8608GTM Modules 1000BASE-T Table 70 next
8608SXE Module 1000BASE-SX Table 70 next
8616SXE Module 1000BASE-SX Table 71 on page 569
8624FXE Module 100BASE-FX Table 72 on page 570
8632TXE and 8632TXM Modules 10BASE-T/100BASE-TX Table 73 on page 570
1000BASE-SX
1000BASE-LX
1000BASE-ZX
1000BASE-XD
8648TXE and 8648TXM Modules 10/100 Mb/s Table 74 on page 570
8672ATME and 8672ATMM Modules
OC-3c MDA Table 75 on page 571
OC-12c MDA
DS3
8681XLR Module 10GBASE-LR Table 76 on page 571
8681XLW Module 10GBASE-LW Table 77 on page 572
8683POSM Module OC-3c MDA Table 78 on page 572
OC-12c MDA
314725-E Rev 00
Appendix A Tap and OctaPID assignment (Release 3.x feature set) 569
Table 70 describes the OctaPID ID and port assignments for the 8608GBE, 8608GBM, 8608GTE, 8608GTM, and 8608SXE modules.
Table 71 describes the OctaPID ID and port assignments for the 8616SXE Module.
Table 70 8608GBE/8608GBM/8608GTE/8608GTM/8608SXE modules
OctaPID ID assignment Port assignment
OctaPID ID: 0 Port 1
OctaPID ID: 1 Port 2
OctaPID ID: 2 Port 3
OctaPID ID: 3 Port 4
OctaPID ID: 4 Port 5
OctaPID ID: 5 Port 6
OctaPID ID: 6 Port 7
OctaPID ID: 7 Port 8
Table 71 8616SXE module
OctaPID ID assignment Port assignment
OctaPID ID: 0 Ports 1 and 2
OctaPID ID: 1 Ports 3 and 4
OctaPID ID: 2 Ports 5 and 6
OctaPID ID: 3 Ports 7 and 8
OctaPID ID: 4 Ports 9 and 10
OctaPID ID: 5 Ports 11 and 12
OctaPID ID: 6 Ports 13 and 14
OctaPID ID: 7 Ports 15 and 16
Configuring VLANs, Spanning Tree, and Link Aggregation
570 Appendix A Tap and OctaPID assignment (Release 3.x feature set)
Table 72 describes the OctaPID ID and port assignments for the 8624FXE Module.
Table 73 describes the OctaPID ID and port assignments for the 8632TXE and 8632TXM modules.
Table 74 describes the OctaPID ID and port assignments for the 8648TXE and 8648TXM Modules.
Table 72 8624FXE module
OctaPID ID assignment Port assignment
OctaPID ID: 0 Ports 1 through 8
OctaPID ID: 1 Ports 9 through 16
OctaPID ID: 2 Ports 17 through 24
Table 73 8632TXE and 8632TZM modules
OctaPID ID assignment Port assignment
OctaPID ID: 0 Ports 1 through 8
OctaPID ID: 1 Ports 9 through 16
OctaPID ID: 2 Ports 17 through 24
– –
– –
OctaPID ID: 5 Ports 25 through 32
OctaPID ID: 6 Port 33 (GBIC port)
OctaPID ID: 7 Port 34 (GBIC port)
Table 74 8648TXE and 8648TXM modules
OctaPID ID assignment Port assignment
OctaPID ID: 0 Ports 1 through 8
OctaPID ID: 1 Ports 9 through 16
OctaPID ID: 2 Ports 17 through 24
– –
– –
314725-E Rev 00
Appendix A Tap and OctaPID assignment (Release 3.x feature set) 571
Table 75 describes the OctaPID ID and port assignments for the 8672ATME and 8672ATMM Modules.
Table 76 describes the OctaPID ID and port assignments for the 8681XLR Module.
OctaPID ID: 5 Ports 25 through 32
OctaPID ID: 6 Ports 33 through 40
OctaPID ID: 7 Ports 41 through 48
Table 75 8672ATME and 8672ATMM modules
OctaPID ID assignment Port assignment
OctaPID ID: 0 • Ports 1 through 4 (with OC-3c MDA)• Port 1 (with OC-12c MDA)
• Ports 1 through 2 (with DS-3 MDA)
OctaPID ID: 1 • Ports 5 through 8 (with OC-3c MDA)• Port 5 (with OC-12c MDA)
• Ports 5 through 6 (with DS-3 MDA)
OctaPID ID: 2 Not used
Table 76 8681XLR module
OctaPID ID assignment Port assignment
OctaPID ID: 0 Port 1
OctaPID ID: 1
OctaPID ID: 2
OctaPID ID: 3
OctaPID ID: 4
OctaPID ID: 5
OctaPID ID: 6
OctaPID ID: 7
Table 74 8648TXE and 8648TXM modules (continued)
OctaPID ID assignment Port assignment
Configuring VLANs, Spanning Tree, and Link Aggregation
572 Appendix A Tap and OctaPID assignment (Release 3.x feature set)
Table 77 describes the OctaPID ID and port assignments for the 8681XLW Module.
Table 78 describes the OctaPID ID and port assignments for the 8683POSM Module.
Table 77 8681XLW module
OctaPID ID assignment Port assignment
OctaPID ID: 0 Port 1
OctaPID ID: 1
OctaPID ID: 2
OctaPID ID: 3
OctaPID ID: 4
OctaPID ID: 5
OctaPID ID: 6
OctaPID ID: 7
Table 78 8683POSM module
OctaPID ID assignment Port assignment
OctaPID ID: 0 • Ports 1 and 2 (with OC-3c MDA)
• Port 1 (with OC-12c MDA)
OctaPID ID: 1 • Ports 3 and 4 (with OC-3c MDA)• Port 3 (with OC-12c MDA)
OctaPID ID: 2 • Ports 5 and 6 (with OC-3c MDA)
• Port 5 (with OC-12c MDA)
314725-E Rev 00
573
Glossary
aggregation switch
A switch that aggregates multiple user access switches and provides core connections.
boundary port
A bridge port that attaches a multiple spanning tree bridge to a LAN that is not in the same region.
Common and Internal Spanning Tree (CIST)
The single spanning tree calculated by STP and RSTP together with the logical continuation of that connectivity through MST bridges and regions, calculated by MSTP to ensure that all LANs in the bridged LAN are simply and fully connected.
Common Spanning Tree (CST)
The single spanning tree calculated by STP, RSTP, and MSTP to connect multiple spanning tree regions.
Internal spanning tree (IST)
An internal spanning tree that operates in a given multiple spanning tree region. Within a multiple spanning tree region, multiple spanning instances can be configured. Instance 0 within a region is known as the Internal Spanning Tree (IST).
Interswitch trunk
A parallel point to point link that connects two aggregation switches together. The two aggregation switches use this channel to share information so that they can operate as a single logical switch. There can be only one interswitch trunk per SMLT aggregation switch.
Configuring VLANs, Spanning Tree, and Link Aggregation
574 Glossary
Interswitch Trunking (IST)
A method of link aggregation that allows two aggregation switches to connect. The two aggregation switches use this channel to share information so that they can operate as a single logical switch. There can be only one interswitch trunk per SMLT aggregation switch.
MultiLink Trunking (MLT)
MultiLink trunking is a method of link aggregation that allows multiple Ethernet trunks to be aggregated together to provide a single logical trunk. A multilink trunk provides the combined bandwidth of the multiple links, as well as the physical layer protection against the failure of any single link.
Multiple Spanning Tree Instance (MSTI)
One of a number of spanning trees calculated by MSTP within a multiple spanning tree region. The instance provides a fully connected active topology for frames classified as belonging to a VLAN that is mapped to the MSTI by the MST configuration table used by the multiple spanning tree bridges of the MST region.
MST bridge
A bridge capable of supporting the CST, and one or more MSTIs, and of selectively mapping frames classified in any given VLAN to the CST or a given MSTI.
MST region
A set of LANs and MST bridges, physically connected via ports on those MST bridges, where each LAN CIST designated bridge is an MST bridge. Each port is either the designated port on one of the LANs, or else a non-designated port of an MST bridge that is connected to one of the LANs. The port MCID matches the MCID of the designated bridge of that LAN.
peer IP address
The IP address of the neighbor IST switch VLAN that is chosen for configuring the interswitch trunk. Note that the peer IP address is the IP address of the IST VLAN on the other aggregation switch. You need only configure one VLAN with an IP address for the IST protocol to work. All other VLANs on the interswitch trunk do not require an IP address if you choose not to have VLAN routing enabled.
314725-E Rev 00
Glossary 575
Single Port SMLT
A multilink trunk where one or both ends are split between two aggregation switches; however only one port can be configured on each aggregation switch per SMLT ID.
Single Spanning Tree (SST) bridge
A bridge capable of supporting only a single spanning tree: the CST. The SST may be supported by the Spanning Tree Protocol (STP) defined in IEEE 802.1d-1998, or by the Rapid Spanning Tree Protocol (RSTP), defined in IEEE 802.1w-2001.
SMLT aggregation switches
The two switches that share an IST link.
Typically, one or more switches that connect to multiple wiring closet switches, edge switches or CPE devices, usually within a single building.
SMLT client
A switch located at the edge of the network, such as in a wiring closet or CPE. An SMLT client switch must be able to perform link aggregation (such as with MLT or some other compatible method) but does not require any SMLT intelligence.
SMLT ID
The identification number used to specify the corresponding pair of SMLT links. This number is identified between the two aggregation switches and must be paired on each aggregation switch.
SMLT set
Two SMLT aggregation switches and their directly connected SMLT clients.
SMLT square
A pair of SMLT aggregation switches connected as SMLT clients to another pair of SMLT aggregation switches.
SMLT triangle
A configuration where an SMLT client and the two aggregation switches form a triangle.
Configuring VLANs, Spanning Tree, and Link Aggregation
576 Glossary
Spanning tree
A simply and fully connected active topology formed from the arbitrary physical topology of connected bridged LAN components by relaying frames through selected bridge ports. The STP parameters and states are used and exchanged to facilitate the calculation of that active topology and to control the bridge relay function.
Spanning tree group
A collection of ports in one spanning tree instance.
Split multilink trunk
A multilink trunk where one or both ends are split between two aggregation switches, thus forming what is typically referred to as an SMLT triangle or SMLT square.
user access switch
A switch located at the edge of the network. End stations typically connect directly to a user access switch.
314725-E Rev 00
577
Index
Aacronyms 31
ActiveMembers field 137
AgingTime field 157, 162
algorithm, MLT traffic distribution 80
AlignmentErrors field 263
auto-recovery 329
Bbaby giant frames 48
BackupMaster 129
BridgeAddress field 220
BridgeForwardDelay field 216
BridgeHelloTime field 216
BridgeMaxAge field 216
bridgingMAC-layer 64, 185viewing filters 186VLAN 177
brouter port, description 54
CCarrierSenseErrors field 263
change detectionabout 70configure (CLI) 389configure (DM) 225rules 70
collision errors, MLT 467
Color field 136
config ethernet commandscp-limit 459info 375stg 387
config mlt commandsconfig mlt add 435config mlt ist 456config mlt remove 437config mlt smlt 455options 433
config stg commandsconfig stg 376create mac 378info 378options 385sid 378
config vlan commandsinfo 369ip 362options 313
configurationadvanced VLAN features 160direct broadcast on a VLAN 175Enhanced Operation mode 326MultiLink Trunks 253protocol-based VLAN 147single port SMLT 461source IP subnet-based VLAN 146source MAC-address based VLAN 154source MAC-based VLAN 158spanning tree group 213
configuring SMLTconfig mlt ist commands
delete 460enable/disable 458
Configuring VLANs, Spanning Tree, and Link Aggregation
578 Index
config mlt ist, create ip vlan-id 457
configuring SMLT using DM 276adding an SMLT 276adding ports to an SMLT 279configuring an IST MLT 281viewing IST statistics 283
control packet rate limit 112, 459
CP-Limit 112, 459
DDeferredTransmissions field 264
DesignatedBridge field 223
DesignatedCost field 223
DesignatedPort field 223
DesignatedRoot field 220, 223
directed broadcast 175
Displaying defined VLANs 135
EEnableStp field 216, 223
Enhanced Operation mode 55, 56, 58, 191, 326about 56configure (CLI) 326configure (DM) 191
Ethernet errors 467
ExcessiveCollisions field 264
FFastStart field 223
FastStart, enabling 388
FCSErrors field 263
FdbAging 178
flap time limit 328
ForwardDelay field 221
forwarding database, flushing 180
ForwardTransitions field 224
FrameTooLongs field 264
GGlobal MAC filtering 64, 189
HHelloTime field 221
HoldTime field 221
IId field 256
IEEE, 802.1Q tagging 48
IfIndex field 161
InBroadcastPkt field 261
InMulticastPkts field 260
InOctets field 260
InternalMacReceiveErrors field 263
InternalMacTransmitErrors field 263
Inter-switch trunk (IST)about 112configure (CLI) 456configure (DM) 281
InUcastPkts field 260
IP commands, configure 326
IP routingIP protocol-based VLAN 52multicast 47source IP subnet-based VLAN 52source MAC-based VLAN 52unicast 46
IP spoofing 64
IP subnet-based VLAN, creating 309
IPX routing802.2-RAW 52802.3-SNAP 52port-based VLANs 53protocol-based VLANs 53
314725-E Rev 00
Index 579
ISTabout 112about CP-Limit and 112aggregation switch processes 112configure (CLI) 456configure (DM) 281connectivity recommendations 112disabling CP-Limit for 459single point of failure 112
Ist MLT dialog box 282
Ist/SMLT Stats tab field descriptions 284
Ist/SMLT tab 284
ISTs 111
LLACP 94, 250
configure using Device Manager 250configuring a port using device manager 267,
271viewing information in Device Manager 265viewing statisticst using device manager 273
LACP and MLT 97
LACP and Routing 98
LACP and SMLT 98
LACP and spanning tree interaction 100
LACP Keys 99
LACP Priority 98
LACPDU Timers 99
LateCollisions field 264
LCAP modes 100
limiting MAC learning 321
loop detection 65, 173, 327
MMAC address auto-learning 170
MAC filters 64, 186
MAC level security 46
MacAddress field 162, 179, 185, 189
MACAddress, auto-learned 172
MAC-layer bridging 64, 185
MaxAge field 221
MLTBPDUs 90client/server configuration 89description 83distributing multicast flow over 83distribution algorithm 84E-module support 83IEEE 802.1Q tagging 82media type 82port aggregation 79rules 82show all (CLI) 463span modules 83STP 82supported media 82switch-to-server configuration 89traffic distribution algorithm 80
MltType field 257, 279
Monitor field 180, 185
MSTI Bridges, configuring 235
MSTP 73, 211
MSTP CIST port, viewing statistics 233
MSTP CIST Ports, configuring 230
MSTP MSTI Bridges, configuring 235
MSTP MSTI port statistics, viewing 238
MSTP MSTI Ports, configuring 236
MSTP, configuring globally 226
multicastE-module support for MLT 83flow distribution over MLT 83flow distribution over MLT traffic redistribution
86MLT distribution algorithm 84
Multicast Distribution field, MultiLink Trunks 257
MultiLink Trunk dialog box 259
MultiLink Trunking. See MLT
Configuring VLANs, Spanning Tree, and Link Aggregation
580 Index
multinetting 46
Multiple Spanning Tree Protocol, configuration example 559
MultipleCollisionFrames field 264
NName field 136, 256
Network Load Balancer unicast support 325
NewEnhancedOperMode field 192
NNI ports 62add to STG (CLI) 378configure (CLI) 373configure (DM) 202
nontagged ports 49
NotAllowToJoin field 137
NumPorts field 220
OOctaPID
ID description 567on UNI and NNI ports 60, 205, 373port mirroring assignment 568Tap and OctaPID assignment 567
OutBroadcast field 261
OutMulticast field 261
OutOctets field 260
OutUcastPkts field 260
PPathCost field 223
PIDDSAP value 44Ethernet SNAP 44Ethernet type 2 44invalid for user-defined protocol VLAN 45, 151
port commandsconfig ethernet info 375
Port field 185, 189, 222
Port Members field 217
port mirroringOctaPID ID and port assignments 568
port-based VLANabout 39, 138create (CLI) 310create (DM) 138
PortMembers field 137, 257
PortType field 256
PPPoE protocol-based VLAN, about 43
Priority field 216, 222
Protocol Identifier. See PID
protocol-based VLANabout 41create (CLI) 310, 487create (DM) 147
ProtocolId field 137
ProtocolSpecification field 220
publicationshard copy 34
QQoS (quality of service) level, setting 314
QosLevel field 163
RRapid Spanning Tree Protocol, configuration
example 554
rate limit, control packet 112, 459
Result field 163
RIP update, triggering 313
RootCost field 221
RootPort field 221
RSMLT 106, 130, 276, 455
RSTP 73, 211
RSTP convergence time 78
RSTP Edge port 75
314725-E Rev 00
Index 581
RSTP ForceVersion 73
RSTP Ports, configuring 243
RSTP Status statistics 246
RSTP Status, configuring 245
RSTP, configuring globally 240
Ssample command output
config mlt ist create ip vlan-id 458config mlt ist enable/disable 459
show mlt commandserror collision 467error main 467info 468, 469show-all 463stats 472
show ports commandsinfo
stg extended 399stg main 398
stats, stg 401
show stg commandsinfo config 397info status 398show-all 393
show vlan info commandsadvance 350all 333arp 351basic 352brouter-port 353fdb-entry 347, 476fdb-filter 348fdb-static 349ip 355ports 356srcmac 357
Simple Loop Protection Protocolconfigure by port using Device Manger 293configure by VLAN using Device Manger 291configure globally using Device Manger 290
configure using Device Manger 290
single port SMLTabout 119create (CLI) 460delete (DM) 289view all ports (CLI) 471view one port (CLI) 471
SingleCollisionFrames field 264
SMLTadvantages 107
reroutes failures quickly 108transparent and interoperable solution 108
configuration example 111end station configuration example 114IST 112, 573, 574peer IP address 574recommendations for IST connectivity 112single point of failure elimination 108single port
about 119create (CLI) 460delete (DM) 289view all ports (CLI) 471view one port (CLI) 471
STP convergence resolution 108traffic flow examples 114troubleshooting
IST problems 474single user problems 476
VRRP enhancement 128
SMLT and VRRP 128
SMLT Full-Mesh 124
SMLT Square 123
SMLT square 98
SMLT Triangle 122
SMLT, Single port 121
SmltId field 257
SMLT-on-Single-CPU 118
source IP-subnet-based VLAN 146
source MAC-address based VLAN 158
Configuring VLANs, Spanning Tree, and Link Aggregation
582 Index
source MAC-based VLAN 154
source MAC-based VLAN, creating 311
spanning treebridge forward delay 216bridge hello time 216bridge priority 216enable/disable STP fields 216enabling SNMP traps 216port group membership 217
spanning tree group. See STG commands
spanning tree groupschanging 217creating 213deleting 217editing 217limitations 70viewing status 219with VLANs 70
Spanning Tree Protocolconfiguring topology change detection 389querying the change detection setting 390
Spanning Tree Protocol. See STP
Split MultiLink Trunking 107
SQETestErrors field 264
stacked VLANsabout 59configure Ethertype and switch level (CLI) 370configure Ethertype and switch level (DM) 200configure port type (CLI) 373configure port type (DM) 202configure STG (CLI) 376configure STG (DM) 207create (CLI) 368create (DM) 196levels 60rules 60specifications 60UNI and NNI ports 62
State field 223
StaticMembers field 137
statistics
MLT (CLI) 472MLT (DM) 259, 261
Status field 180, 185
STG commandsconfigure 378configure ports 387show 401show-all 393
StgId field 137, 222
STGs. See spanning tree groups
STP 67blocking state 68bridge forward delay timer 69bridge hello timer 69bridge protocol data units (BPDUs) 68disabling 68enabling 68IEEE 802.1D standard 67, 385multiple spanning tree groups 67spanning tree algorithm 67, 385Spanning Tree FastStart 69spanning tree groups 67, 213tagged BPDUs 68topology change detection
about 70configure (CLI) 389configure (DM) 225rules 70
StpTrapEnable field 216
SubnetAddr field 137
SubnetMask field 137
sVLANabout 59configure Ethertype and switch level (CLI) 370configure Ethertype and switch level (DM) 200configure port type (CLI) 373configure port type (DM) 202configure STG (CLI) 376configure STG (DM) 207create (CLI) 368create (DM) 196levels 60
314725-E Rev 00
Index 583
rules 60specifications 60UNI and NNI ports 62
SvlanPortType field, MLT 256
Ttable, flushing 313
tagged port 49
TaggedBpduAddress field 216
TaggedBpduVlanID field 217
tagging, on MLT ports 434
Tap and OctaPID assignment 567
technical publications 34
TimeSinceTopologyChange field 220
TopChanges field 220
topology change detectionabout 70configure (CLI) 389configure (DM) 225rules 70
traffic distribution algorithm, MLT 80
transit network 55
UUNI ports 62
add to STG (CLI) 378configure (CLI) 373configure (DM) 202
Untagging Default VLAN on a Tagged Port 169, 325
user-defined protocol-based VLANabout 44create (CLI) 310, 487
UserDefinedPid field 163
UserPriority field 163
Vviewing static forwarding information 183
VLACP 101, 252
VLANcoordinated across multiple switches 48default 53enabling tagging 54ID 48, 54IP routing 52IPX protocol 42IPX routing 52multiplex traffic 49overview 37policy-based 40port-based 39, 138potential member 40protocol-based 41rules 54, 56source IP subnet-based 46source MAC-based 45spanning multiple switches 38tagged port 54tagging 48timing out 40untagged port 54
VLAN commandsconfigure 308configure IP 362show 333, 358show IP 355
VLAN Operation Action field 163
VlanId field 136
VlanIds field 257
VLANsbridging 177configuring advanced VLAN features 160direct broadcast 175displaying 135in spanning tree groups 70managing 158protocol-based 147source IP-subnet-based 146
Configuring VLANs, Spanning Tree, and Link Aggregation
584 Index
source MAC-address based 154, 158
VRRP backup master 129
314725-E Rev 00