Part No. NN46208-500 321717-C Rev 02 December 2008
4655 Great America Parkway Santa Clara, CA 95054
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI Ethernet Routing Switch 1600 Series, Software Release 2.1.5.0
*321717-C*
2
Copyright © 2005-2008 Nortel Networks. All rights reserved.
The information in this document is subject to change without notice. The statements, configurations, technical data, and recommendations in this document are believed to be accurate and reliable, but are presented without express or implied warranty. Users must take full responsibility for their applications of any products specified in this document. The information in this document is proprietary to Nortel Networks. The software described in this document is furnished under a license agreement and may be used only in accordance with the terms of that license. The software license agreement is included in this document.
Trademarks
*Nortel, Nortel Networks, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other products or services may be trademarks, registered trademarks, service marks, or registered service marks of their respective owners. The asterisk after a name denotes a trademarked item.
Restricted rights legend
Use, duplication, or disclosure by the United States Government is subject to restrictions as set forth in subparagraph (c)(1)(ii) of the Rights in Technical Data and Computer Software clause at DFARS 252.227-7013. Notwithstanding any other license agreement that may pertain to, or accompany the delivery of, this computer software, the rights of the United States Government regarding its use, reproduction, and disclosure are as set forth in the Commercial Computer Software-Restricted Rights clause at FAR 52.227-19.
Statement of conditions
In the interest of improving internal design, operational function, and/or reliability, Nortel Networks Inc. reserves the right to make changes to the products described in this document without notice. Nortel Networks Inc. does not assume any liability that may occur due to the use or application of the product(s) or circuit layout(s) described herein. Portions of the code in this software product may be Copyright © 1988, Regents of the University of California. All rights reserved. Redistribution and use in source and binary forms of such portions are permitted, provided that the above copyright notice and this paragraph are duplicated in all such forms and that any documentation, advertising materials, and other materials related to such distribution and use acknowledge that such portions of the software were developed by the University of California, Berkeley. The name of the University may not be used to endorse or promote products derived from such portions of the software without specific prior written permission. SUCH PORTIONS OF THE SOFTWARE ARE PROVIDED “AS IS” AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. In addition, the program and information contained herein are licensed only pursuant to a license agreement that contains restrictions on use and disclosure (that may incorporate by reference certain limitations and notices imposed by third parties).
Nortel Networks Inc. software license agreement
This Software License Agreement (“License Agreement”) is between you, the end-user (“Customer”) and Nortel Networks Corporation and its subsidiaries and affiliates (“Nortel Networks”). PLEASE READ THE FOLLOWING
NN46208-500
3
CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in the original shipping container, within 30 days of purchase to obtain a credit for the full purchase price. “Software” is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data, audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole or partial copies. Nortel Networks grants you a license to use the Software only in the country where you acquired the Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for the selection of the Software and for the installation of, use of, and results obtained from the Software. 1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the Software on only one machine at any one time or to the extent of the activation or authorized usage level, whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer furnished equipment (“CFE”), Customer is granted a nonexclusive license to use Software only on such hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as confidential information using the same care and discretion Customer uses with its own similar information that it does not wish to disclose, publish or disseminate. Customer will ensure that anyone who uses the Software does so only in compliance with the terms of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d) sublicense, rent or lease the Software. Licensors of intellectual property to Nortel Networks are beneficiaries of this provision. Upon termination or breach of the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptly return the Software to Nortel Networks or certify its destruction. Nortel Networks may audit by remote polling or other reasonable means to determine Customer’s Software activation or usage levels. If suppliers of third party software included in Software require Nortel Networks to include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks with respect to such third party software. 2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer, Software is provided “AS IS” without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in such event, the above exclusions may not apply. 3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR DAMAGE TO, CUSTOMER’S RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY. The foregoing limitations of remedies also apply to any developer and/or supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations or exclusions and, in such event, they may not apply. 4. General a. If Customer is the United States Government, the following paragraph shall apply: All Nortel Networks Software available under this License Agreement is commercial computer software and commercial computer software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
4
b. Customer may terminate the license at any time. Nortel Networks may terminate the license if Customer fails to comply with the terms and conditions of this license. In either event, upon termination, Customer must either return the Software to Nortel Networks or certify its destruction. c. Customer is responsible for payment of any taxes, including personal property taxes, resulting from Customer’s use of the Software. Customer agrees to comply with all applicable laws including all applicable export and import laws and regulations. d. Neither party may bring an action, regardless of form, more than two years after the cause of the action arose. e. The terms and conditions of this License Agreement form the complete and exclusive agreement between Customer and Nortel Networks. f. This License Agreement is governed by the laws of the country in which Customer acquires the Software. If the Software is acquired in the United States, then this License Agreement is governed by the laws of the state of New York.
NN46208-500
5 Contents
New in this release...... 19 Features ...... 19 Other changes ...... 19 Link Aggregation Control Protocol ...... 19
Preface ...... 21 Before you begin ...... 22 Text conventions ...... 23 Related information ...... 25 Publications ...... 25 How to get help ...... 26 Finding the latest updates on the Nortel web site ...... 26 Getting help from the Nortel web site ...... 26 Getting help over the phone from a Nortel Solutions Center ...... 26 Getting help from a specialist using an Express Routing Code ...... 27 Getting help through a Nortel distributor or reseller ...... 27
Chapter 1: VLANs, Spanning Tree, and Link Aggregation...... 29 VLANs ...... 29 VLAN ports ...... 30 Port-based VLANs ...... 31 Policy-based VLANs ...... 32 Protocol-based VLANs ...... 32 Example: IPX protocol-based VLAN ...... 33 User-defined protocol-based VLANs ...... 34 IP subnet-based VLANs ...... 35 Independent VLAN Learning (IVL) ...... 36 VLAN tagging and port types ...... 36 802.1Q tagged ports ...... 37
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
6 Contents
Treatment of tagged and untagged frames ...... 38 Virtual router interfaces ...... 38 VLAN implementation ...... 39 Default VLAN ...... 39 Unassigned VLAN ...... 39 Static multicast MAC filtering ...... 40 VLAN rules ...... 41 Spanning Tree Protocol ...... 41 Spanning Tree Groups ...... 42 Spanning Tree protocol controls ...... 42 Spanning Tree modes ...... 43 Spanning Tree FastStart ...... 43 Understanding STGs and VLANs ...... 44 Spanning Tree protocol topology change detection ...... 45 Topology change detection configuration rules ...... 45 Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol ...... 45 Multiple Spanning Tree Protocol ...... 46 Interoperability with legacy STP ...... 47 Differences in port roles ...... 47 Edge Port ...... 48 Path cost values ...... 48 Rapid convergence ...... 49 Negotiation Process ...... 49 Link aggregation ...... 51 Link aggregation traffic distribution ...... 52 Link aggregation rules ...... 53 Link aggregation examples ...... 53 Switch-to-switch link aggregation configuration ...... 53 Switch-to-server link aggregation configuration ...... 54 Client/server link aggregation configuration ...... 55 SMLT ...... 57 SMLT Overview ...... 57 Advantages of SMLT ...... 58 Single point of failure elimination ...... 58 SMLT compared to spanning tree protocol ...... 58
NN46208-500
Contents 7
Single port SMLT ...... 58 Using MLT-based SMLT with MLT ...... 59 SMLT and single port SMLT configuration steps ...... 61 VLAN, STG, and link aggregation feature support ...... 62 Link Aggregation Control Protocol ...... 63 LACP limitations ...... 63 LACP and MLT configuration considerations ...... 64 LACP and SMLT configuration considerations ...... 64 LACP and Spanning Tree configuration considerations ...... 65 LACP parameters ...... 66 LACP priority ...... 66 LACP keys ...... 66 LACP timers ...... 67 LACP modes ...... 67
Chapter 2: Configuring and managing VLANs ...... 69 Roadmap of VLAN commands ...... 70 Creating a port-based VLAN ...... 73 Creating protocol-based and user-defined VLANs ...... 75 Creating a VLAN in MSTP or RSTP mode ...... 78 Creating an IP subnet-based VLAN ...... 78 Configuring a VLAN ...... 79 Adding ports to a VLAN ...... 80 Removing ports from a VLAN ...... 81 Adding a link aggregation group to a VLAN ...... 82 Removing a link aggregation group from a VLAN ...... 83 Configuring a VLAN name ...... 83 Configuring a VLAN QoS level ...... 84 Updating the VLAN dynamic MAC QoS level ...... 85 Deleting a VLAN ...... 85 Configuring general VLAN action ...... 86 Assigning an IP address to a VLAN ...... 87 Deleting an IP address from a VLAN ...... 88 Enabling VLAN tagging on a port ...... 89 Configuring 802.1 VLAN tagging ...... 90
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
8 Contents
Configuring the forwarding database ...... 91 Configuring VLAN entries in the forwarding database ...... 91 Configuring VLAN forwarding database filters ...... 93 Configuring VLAN static forwarding database members ...... 95 Configuring static Multicast MAC entries ...... 97 Configuring a bridging counter ...... 99 Displaying VLAN information ...... 101 Displaying all information about a VLAN ...... 102 Displaying a basic VLAN configuration ...... 105 Displaying advanced VLAN information ...... 106 Displaying VLAN ARP information ...... 107 Displaying VLAN forwarding database information ...... 107 Displaying forwarding database filter information ...... 108 Displaying bridging counter statistics ...... 109 Displaying VLAN static MAC information ...... 110 Displaying VLAN IGMP information ...... 110 Displaying VLAN port member status ...... 111 Displaying VLAN static multicast information ...... 112 Displaying the PID range for a user-defined VLAN ...... 112 Displaying VLAN IP information ...... 113 Displaying VLAN RIP information ...... 114 Displaying VLAN DHCP relay information ...... 114 Displaying VLAN IGMP router discovery information ...... 114 Displaying VLAN OSPF information ...... 114 Displaying VLAN PIM information ...... 115 Displaying VLAN VRRP information ...... 115
Chapter 3: Configuring Spanning Tree Groups ...... 117 Roadmap of STG commands ...... 117 Spanning tree group commands ...... 121 Creating a spanning tree group ...... 123 Configuring STG global settings ...... 124 Configuring STG for a port ...... 125 Configuring STP topology change detection ...... 128 Monitoring port STP statistics ...... 129
NN46208-500
Contents 9
Displaying STG information ...... 131 Displaying STG configuration ...... 131 Displaying STG status ...... 132 Displaying basic port STG information ...... 134 Displaying additional port STG information ...... 136 Selecting the Spanning Tree mode ...... 137 Configuring RSTP ...... 137 Displaying RSTP configuration information ...... 139 Displaying RSTP statistics ...... 139 Displaying RSTP status information ...... 140 Displaying information for RSTP ports configuration ...... 141 Displaying statistics for RSTP ports ...... 141 Displaying the status of RSTP ports ...... 142 Displaying RSTP port role information ...... 143 Configuring RSTP on ports ...... 144 Configuring MSTP ...... 147 Configuring Common and Internal Spanning Tree ...... 147 Configuring Multiple Spanning Tree Instances ...... 148 Configuring the MSTP region ...... 149 Displaying MSTP configuration information ...... 150 Displaying MSTP instance status ...... 150 Displaying MSTP statistics ...... 151 Displaying status information for MSTP ...... 152 Displaying MSTP port information ...... 153 Configuring MSTP on ports ...... 156
Chapter 4: Configuring Link Aggregation ...... 159 Roadmap of link aggregation commands ...... 160 Configuring a link aggregation group ...... 162 Example: creating a link aggregation group ...... 162 Example: changing the NTSTG mode ...... 163 Adding VLANs and ports to an MLT ...... 164 Example: adding ports to an MLT ...... 165 Example: adding VLANs to an MLT ...... 165 Removing VLANs and ports from an MLT ...... 166
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
10 Contents
Example: removing ports from an MLT ...... 167 Example: removing VLANs from an MLT ...... 167 Configuring an Inter-Switch Trunk MLT ...... 168 Adding an MLT-based SMLT ...... 169 Configuring a single port SMLT...... 169 Configuring rate limiting ...... 170 Configuring tagging for a link aggregation group ...... 171 Deleting a link aggregation group ...... 172 Monitoring link aggregation interface statistics ...... 172 Displaying link aggregation group information ...... 174 Displaying all link aggregation group information ...... 175 Displaying information about collision errors ...... 176 Displaying information about Ethernet errors ...... 177 Displaying information about link aggregation interface utilization statistics . . . . 179 Displaying information about IST MLTs ...... 180 Displaying information about SMLTs ...... 182
Chapter 5: Configuring LACP on MLT ...... 183 Configuring LACP ...... 183 LACP limitations ...... 184 Roadmap of LACP commands ...... 184 Configuring LACP on an MLT ...... 186 Configure LACP globally ...... 187 Configuring LACP on a port ...... 188 LACP show commands ...... 190 Viewing MLT LACP configuration information for aggregators ...... 190 Viewing global LACP configuration information ...... 190 Viewing LACP configuration information ...... 191 Viewing LACP statistics information for each port ...... 192
Chapter 6: Configuration examples ...... 195 Configuring 802.1Q VLAN Tagging ...... 195 Configuring a Spanning Tree Group ...... 196 VLAN configuration example ...... 197 Configuration file - VLAN example ...... 199 Configuring a MAC address filter ...... 199
NN46208-500
Contents 11
Configuring rate limiting ...... 200 Setting unknown MAC discard ...... 201 Configuring unknown MAC discard ...... 203 Configuration file - Unknown MAC Discard ...... 205 Configuring MLT on the 1600 Series switch ...... 205 Configuring an MLT ...... 206 Configuration file - MLT example ...... 208 SMLT triangle configuration example ...... 209 Configure S2 ...... 209 Configure S3 ...... 210 Configure S1 ...... 211
Index ...... 213
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
12 Contents
NN46208-500
13 Figures
Figure 1 Port-based VLAN ...... 31 Figure 2 Over-lapping protocol-based VLAN ...... 34 Figure 3 VLAN tag insertion ...... 37 Figure 4 Multiple spanning tree groups ...... 42 Figure 5 Negotiation process ...... 51 Figure 6 Switch-to-switch link aggregation configuration ...... 54 Figure 7 Switch-to-server link aggregation configuration ...... 55 Figure 8 Client/Server link aggregation configuration ...... 56 Figure 9 Changing a split trunk from MLT-based SMLT to single port SMLT . . . . . 60 Figure 10 config vlan
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
14 Figures
Figure 30 show vlan info all command ...... 104 Figure 31 show vlan info basic command output ...... 105 Figure 32 show vlan info advance command output ...... 106 Figure 33 show vlan info arp command output ...... 107 Figure 34 show vlan info fdb-entry command output ...... 108 Figure 35 show vlan info fdb-filter command output ...... 108 Figure 36 show bridging-counter-set command output ...... 109 Figure 37 show vlan info fdb-static command output ...... 110 Figure 38 show vlan info igmp command output ...... 111 Figure 39 show vlan info ports command output ...... 111 Figure 40 show vlan info static-mcast command output ...... 112 Figure 41 show vlan info userdefined-advance command output ...... 113 Figure 42 show vlan info ip command output ...... 113 Figure 43 show vlan info rip command output ...... 114 Figure 44 config stg info command output ...... 124 Figure 45 config ethernet
NN46208-500
Figures 15
Figure 65 config mlt
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
16 Figures
NN46208-500
17 Tables
Table 1 Port membership for policy-based VLANS ...... 32 Table 2 PIDs not available for user-defined protocol-based VLANs ...... 34 Table 3 VLAN rules ...... 41 Table 4 Spanning Tree protocol topology change detection configuration rules . . 45 Table 5 Differences in port roles for STP and RSTP ...... 47 Table 6 Recommended path cost values ...... 48 Table 7 Link aggregation group rules ...... 53 Table 8 VLAN, STG, and link aggregation support ...... 62 Table 9 Roadmap of VLAN commands and parameters ...... 70 Table 10 config vlan
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
18 Tables
Table 30 config stg
NN46208-500
19 New in this release
The following sections detail what’s new in Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI for release 2.1.5.0.
• “Features” on page 19 • “Other changes” on page 19
Features
This release contains no new features for this document.
Other changes
See the following sections for information about changes that are not feature-related:
Link Aggregation Control Protocol
In this release, the LACP section is updated for the limitations, and the configuration considerations of LACP and SMLT. For more information, see "Link Aggregation Control Protocol".
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
20 New in this release
NN46208-500
21 Preface
The Ethernet Routing Switch 1600 Series is a fixed port, hardware-based Layer 3 routing switch that is available in three models:
• the Ethernet Routing Switch 1612G with 12 Small Form Factor (SFP) GBICs, which provides small to medium aggregation • the Ethernet Routing Switch 1624G with 24 SFP GBICs, which provides small to medium aggregation • the Ethernet Routing Switch 1648T with 48 10/100 ports and 4 SFP GBICs, which provides small edge concentration
The Ethernet Routing Switch 1600 Series Layer 3 routing switch can reside in the wiring closet (1648T) and in the data center or network core (1612G and 1624G):
• The Ethernet Routing Switch 1648T provides Layer 3 functionality in the wiring closet. • The Ethernet Routing Switch 1612G and 1624G provide gigabit Ethernet ports for wiring closet aggregation, as well as high-speed connections for servers and power users. These aggregation devices typically reside in the network core or data center, but can be placed anywhere.
This guide describes how to use the Command Line Interface (CLI) to configure VLANs, spanning tree, and link aggregation for the Ethernet Routing Switch 1600 Series.
To learn the basic structure and operation of the Ethernet Routing Switch 1600 Series CLI, refer to CLI Command Line Reference for the Ethernet Routing Switch 1600 Series (316862-D). This reference guide describes the function and syntax of each CLI command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
22 Preface
Before you begin
This guide is intended for network administrators who have the following background:
• basic knowledge of networks, Ethernet bridging, and IP routing • familiarity with networking concepts and terminology • experience with windowing systems or GUIs • basic knowledge of network topologies
Before using this guide, you must complete the following procedures. For a new switch:
1 Install the switch. For installation instructions, see Installing the Ethernet Routing Switch 1600 Series Switch (316860-D). 2 Connect the switch to the network.
Ensure that you are running the latest version of Nortel Ethernet Routing Switch 1600 Series software. For information about upgrading the 1600 Series switch, see Upgrading to Ethernet Routing Switch 1600 Series Software Release 2.1 (321327-B).
NN46208-500
Preface 23
Text conventions
This guide uses the following text conventions:
angle brackets (< >) Enter text based on the description inside the brackets. Do not type the brackets when entering the command. Example: If the command syntax is ping
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
24 Preface
italic text Variables in command syntax descriptions. Also indicates new terms and book titles. Where a variable is two or more words, the words are connected by an underscore. Example: If the command syntax is show at
NN46208-500
Preface 25
Related information
This section lists information sources that relate to this document.
Publications
Refer to the following publications for information on Ethernet Routing Switch 1600 Series, Software Release 2.1.5.0:
• Installing the Ethernet Routing Switch 1600 Series Switch (316860-D) • Upgrading to Ethernet Routing Switch 1600 Series Software Release 2.1 (321327-B) • Quick Start Guide (321819-A) • Getting Started (321821-A) • Installing and Using Device Manager (316857-C) • Configuring IP Routing and Multicast Operations using Device Manager (321712-B) • Configuring IP Routing and Multicast Operations using the CLI (321711-B) • Configuring QOS and Filters using the CLI and Device Manager (321822-A) • Configuring and Managing Security using Device Manager (321713-B) • Configuring and Managing Security using the CLI (321714-B) • Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI (321717-B) • Configuring VLANs, Spanning Tree, and Static Link Aggregation using Device Manager (321718-B) • CLI Command Line Reference for the Ethernet Routing Switch 1600 Series (316862-D) • Network Design Guidelines (321823-A) • Configuring Network Management using the CLI and Device Manager (321816-A) • Managing Platform Operations (321817-A) • System Messaging Platform Reference Guide (321820-A) • Release Notes for the Ethernet Routing Switch 1600 Series, Software Release 2.1 (316859-J)
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
26 Preface
How to get help
This section explains how to get help for Nortel products and services.
Finding the latest updates on the Nortel web site
The content of this documentation was current at the time the product was released. To check for updates to the latest documentation and software for the Ethernet Routing Switch 1600 Series, click one of the following links:
Latest Software Takes you directly to the Nortel page for Ethernet Routing Switch 1600 Series software Latest Documentation Takes you directly to the Nortel page for Ethernet Routing Switch 1600 Series documentation
Getting help from the Nortel web site
The best way to get technical support for Nortel products is from the Nortel Technical Support web site:
www.nortel.com/support
This site provides quick access to software, documentation, bulletins, and tools to address issues with Nortel products. From this site, you can:
• download software, documentation, and product bulletins • search the Technical Support Web site and the Nortel Knowledge Base for answers to technical issues • sign up for automatic notification of new software and documentation for Nortel equipment • open and manage technical support cases
Getting help over the phone from a Nortel Solutions Center
If you do not find the information you require on the Nortel Technical Support web site, and you have a Nortel support contract, you can also get help over the phone from a Nortel Solutions Center.
NN46208-500
Preface 27
In North America, call 1-800-4NORTEL (1-800-466-7835).
Outside North America, go to the following web site to obtain the phone number for your region:
www.nortel.com/callus
Getting help from a specialist using an Express Routing Code
To access some Nortel Technical Solutions Centers, you can use an Express Routing Code (ERC) to quickly route your call to a specialist in your Nortel product or service. To locate the ERC for your product or service, go to:
www.nortel.com/erc
Getting help through a Nortel distributor or reseller
If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
28 Preface
NN46208-500
29 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
This section describes Virtual LANs (VLAN), spanning tree groups, and link aggregation, and includes the following topics:
• “VLANs” on page 29 • “Spanning Tree Protocol” on page 41 • “Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol” on page 45 • “Link aggregation” on page 51 • “SMLT” on page 57 • “VLAN, STG, and link aggregation feature support” on page 62 • “Link Aggregation Control Protocol” on page 63
VLANs
A VLAN lets you divide your LAN into smaller groups without interfering with the physical network. You can use VLANs to:
• Create workgroups for common interest groups. • Create workgroups for specific types of network traffic. • Add, move, or delete members from these workgroups without making any physical changes to the network.
By dividing the network into separate VLANs, you can create separate broadcast domains. This conserves bandwidth, especially in networks supporting broadcast and multicast applications that flood the network with traffic. A VLAN workgroup can include members from a number of dispersed physical segments on the network, improving traffic flow between them.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
30 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
The Ethernet Routing Switch 1600 Series performs the Layer 2 switching functions necessary to transmit information within VLANs, as well as the Layer 3 routing functions necessary for VLANs to communicate with one another. A VLAN can be defined for a single switch, or it can span multiple switches. A port can be a member of multiple VLANs.
The 1600 Series switch supports port-based VLANs and policy-based VLANs.
This section includes the following topics:
• “VLAN ports” on page 30 • “Port-based VLANs” on page 31 • “Policy-based VLANs” on page 32 • “VLAN tagging and port types” on page 36 • “Virtual router interfaces” on page 38 • “VLAN implementation” on page 39 • “VLAN rules” on page 41
VLAN ports
A VLAN is made up of a group of ports that define a logical broadcast domain. These ports can belong to a single switch, or they can be spread across multiple switches. In a VLAN-aware switch, every frame received on a port is classified as belonging to one and only one VLAN. Whenever a broadcast, multicast, or unknown destination frame needs to be flooded by a VLAN-aware switch, the frame is sent out only through all the other active ports that are members of this VLAN.
The default switch configuration groups all ports into the port-based default VLAN 1. This VLAN cannot be deleted from the system, and is statically bound to the default Spanning Tree Group (STG).
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 31
Port-based VLANs
A port-based VLAN is a VLAN whose ports are explicitly configured as members. In port-based VLANs, all ports are always static members. When creating a port-based VLAN, you assign a VLAN identification number (VID) and specify which ports belong to the VLAN. The VID is used to coordinate VLANs across multiple switches.
The example in Figure 1 shows two port-based VLANs: one for the marketing department and one for the sales department. Ports are assigned to each port-based VLAN. A change in the sales area can move the sales representative at port 31 to the marketing department without moving cables. With a port-based VLAN, you only need to indicate in the Device Manager or the CLI that port 31 in the sales VLAN now is a member of the marketing VLAN.
Figure 1 Port-based VLAN
Marketing Sales VLAN VLAN
Port members of the Marketing 2, 5, 6, 7 31, 32, 33, 34 and Sales VLANs
Marketing Sales VLAN VLAN
2, 5, 6, 7, 31 32, 33, 34
Port 31 is moved from the Sales VLAN to the Marketing VLAN
9587EA
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
32 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Policy-based VLANs
The 1600 Series switch supports a total of 24 unique policy-based VLANS. However, there are restrictions on the number of types of policy-based VLANs.
In a policy-based VLAN, a port is designated as “always a member” or “never a member”. Table 1 describes these port memberships.
Table 1 Port membership for policy-based VLANS
Membership type Description Static Static members are always active members of the VLAN (Always a member) once configured as belonging to that VLAN. This membership type is used in policy-based and port-based VLANs. • In policy-based VLANs, all ports are usually configured as static members. • In port-based VLANs, all ports are always static members. Not allowed to join The ERS 1600 does not support Not Allowed To join (Never a member) membership. Port membership in policy-based VLANs are always static members.
Note: A non-tagged port can belong to multiple VLANs, as long as the VLANs are not of the same type, and are in the same spanning tree group.
Protocol-based VLANs
Protocol-based VLANs are an effective way to segment your network into broadcast domains according to the network protocols in use. Traffic generated by any network protocol — IPX, Appletalk, and so forth — can be automatically confined to its own VLAN.
Port tagging is not required for a port to be a member of multiple protocol-based VLANs.
The 1600 Series switch supports the following protocol-based VLANs:
• IP version 4 (ip) • Novell IPX on Ethernet 802.3 frames (ipx802dot3)
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 33
• Novell IPX on IEEE 802.2 frames (ipx802dot2) • Novell IPX on Ethernet SNAP frames (ipxSnap) • Novell IPX on Ethernet Type 2 frames (ipxEthernet2) • AppleTalk on Ethernet Type 2 and Ethernet SNAP frames (AppleTalk) • DEC LAT Protocol (decLat) • Other DEC protocols (decOther) • IBM SNA on IEEE 802.2 frames (sna802dot2) • IBM SNA on Ethernet Type 2 frames (snaEthernet2) • NetBIOS Protocol (netBIOS) •Xerox XNS (xns) • Banyan VINES (vines) • IP version 6 (ipv6) • Reverse Address Resolution Protocol (RARP) • User-defined protocols
Example: IPX protocol-based VLAN
You can create a VLAN for the IPX protocol and place ports carrying substantial IPX traffic into this new VLAN. In Figure 2 on page 34, the network manager has placed ports 7, 31, and 32 in an IPX VLAN. These ports still belong to their respective marketing and sales VLANs, but they are also new members of the IPX VLAN. This arrangement localizes traffic and ensures that only three ports are flooded with IPX broadcast packets.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
34 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Figure 2 Over-lapping protocol-based VLAN
IPX VLAN
Marketing Sales VLAN VLAN
Port members of the Marketing 1 5 6 7 31 32 33 34 and Sales VLANs
Members of the over-lapping IPX VLAN 7817EA
User-defined protocol-based VLANs
You can create user-defined protocol-based VLANs to support networks with non-standard protocols. For user-defined protocol-based VLANs, you can specify the Protocol Identifier (PID) for the VLAN. The PID is a range of hexadecimal identifiers separated by a comma (,) or a dash (-), or some combination of the two. You can provide a maximum of eight PIDs in this range.
Frames that match the specified PID for the following are assigned to that user-defined VLAN:
• The ethertype for Ethernet Version 2 frames • The PID in Ethernet SNAP frames • The DSAP or SSAP value in Ethernet 802.2 frames
Table 2 lists the reserved, predefined policy-based PIDs that cannot be used as user-defined PIDs.
Table 2 PIDs not available for user-defined protocol-based VLANs
PID (hex) Description
FFFF Novell IPX on Ethernet 802.3 frames (ipx802dot3) 6000, 6004 DEC LAT Protocol (decLat)
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 35
Table 2 PIDs not available for user-defined protocol-based VLANs (continued)
PID (hex) Description
6000–6003, 6005–6009 Other DEC protocols (decOther) E0xx, xxE0 Novell IPX on IEEE 802.2 frames (ipx802dot2) 04xx, xx04 sna802dot2 F0xx, xxF0 netBIOS 0000-05DC Overlaps with 802.3 frame length 0600, 0807 xns 0BAD VINES 4242 IEEE 802.1D BPDUs 0800 IP 0806 ARP 8035 RARP 809B, 80F3 AppleTalk 8100 Reserved by IEEE 802.1Q for tagged frames 8137, 8138 ipxEthernet2 and ipxSnap 80D5 snaEthernet2 86DD ipv6 8808 IEEE 802.3x pause frames 9000 Used by diagnostic loopback frames 0x05DC < type < 0x0600 Invalid length type
IP subnet-based VLANs
IP subnet-based VLANs classify IPv4 packets according to the source IP subnet in its IP header thereby classifing traffic coming from multiple subnets.
Creating a new IP subnet-based VLAN automatically creates an internal ARP protocol-based VLAN (with id 4091) and adds all the ports of the subnet VLAN as static members of the ARP protocol-based VLAN. This is required for the correct classification and processing of ARP requests originating on that subnet.
Only one ARP protocol based VLAN is created irrespective of the number of IP subnet-based VLANs configured. All ports of all subnet-based VLANs are added to the same ARP VLAN.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
36 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Since IP subnet-based VLANs have a higher precedence than IP protocol-based VLANs, untagged ingress packets are first checked for an IP subnet match and if found the packet is then associated with correct IP subnet-based VLAN. If there is not an IP subnet match, the packets are placed into an existing IP protocol-based or port-based VLAN. If there are no existing IP protocol-based or port-based VLANs, the packets are dropped. An IP subnet match is not checked for tagged ingress packets (on tagged ports), a classification that is based upon the VID in the tag only, whether or not it is an IP subnet-based VLAN. For IP subnet-based VLAN usage on a tagged port, disable the untagged packet discard to ensure that the untagged ARP packets work properly.
Limitations • IP-subnet based VLANs do not support an externally attached router. • IP-subnet based VLANs do not support DHCP operation within the VLAN.
Independent VLAN Learning (IVL)
In the Ethernet Routing Switch 1600 Series, each VLAN has its own, independent, forwarding database. That is, the same MAC address can be learned in different VLANs; and, based on the VLAN receiving traffic for this address, the switch will be able to forward to this MAC address without any confusion. This means that before the switch can look up the source or destination MAC address in a received frame, or before it can decide whether to bridge or to route a frame, it must first determine which VLAN the frame belongs to. The IVL mode is used to learn MAC addresses in the context of the VLAN to which they belong.
VLAN tagging and port types
The 1600 Series switch uses IEEE 802.1Q tagging of frames and coordinates VLANs across multiple switches. Figure 3 shows the additional 4-octet (tag) header that is inserted into a frame after the source address and before the frame type. The tag contains the VLAN ID associated with the frame.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 37
Figure 3 VLAN tag insertion
6 octets6 octets 4 octets 2 octets 64-1500 octets 4 octets
Destination Source VLAN header: Protocol Data FCS MAC address MAC address (TPID + TCI) Type TR-encap RESET
9701EA
802.1Q tagged ports
Tagging a frame adds four octets to a frame, making it bigger than the traditional maximum frame size. These frames are sometimes referred to as “baby giant” frames. If a device does not support IEEE 802.1Q tagging, it can have problems interpreting tagged frames and receiving baby giant frames.
In the 1600 Series switch, your port level configuration determines whether tagged frames are sent and received. Tagging is set as true or false for the port and is applied to all VLANs on that port.
Note: When you enable tagging on an untagged port, the previous configuration of VLANs and STGs on the port is lost. In addition, the port resets and runs Spanning Tree Protocol, thus breaking connectivity while the protocol goes through the normal listening and learning states before the forwarding state.
A 1600 Series switch port with tagging enabled sends frames explicitly tagged with a VLAN ID. Tagged ports are typically used to multiplex traffic belonging to multiple VLANs to other IEEE-802.1Q-compliant devices.
If tagging is disabled on a 1600 Series switch port, it does not send tagged frames. A nontagged port connects a 1600 Series switch to devices that do not support IEEE 802.1Q tagging. If a tagged frame is forwarded out a port on which tagging is set to false, the switch removes the tag from the frame before sending it out the port.
If a port is set for tagging on a 1600 Series switch, and the port is also a member of an untagged multilink trunk (MLT), or the reverse is true, the port settings on the MLT override.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
38 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Treatment of tagged and untagged frames
A 1600 Series switch associates a frame with a VLAN based on the data content of the frame and the configuration of the destination port. Whether the frame is tagged or untagged dictates how that frame is treated.
If a tagged frame is received on a tagged port, with a VLAN ID specified in the tag, the 1600 Series switch directs it to that VLAN, if it is present.
For untagged frames, VLAN membership is implied from the content of the frame itself. For untagged frames received on a tagged port, you can configure the port to either discard or accept the frame. If you configure a tagged port to accept untagged frames, the port must be assigned to a port-based VLAN.
On the 1600 Series switch, you have the option to configure tagged ports to send untagged frames on the default VLAN of the port.
A frame is forwarded based on the VLAN on which the frame is received and on the forwarding options available for that VLAN. The 1600 Series switch tries to associate untagged frames with a VLAN in the following order:
• Does the frame belong to a protocol-based VLAN? • What is the port-based VLAN of the receiving port?
If the frame meets none of the criteria listed above, it is discarded.
Virtual router interfaces
Virtual router interfaces correspond to routing on a virtual port that is associated with a VLAN. This type of routing is the routing of IP traffic to and from a VLAN. Because a given port can belong to multiple VLANs (some of which are configured for routing on the switch and some of which are not), there is not a one-to-one correspondence between the physical port and the router interface. For VLAN routing, the router interface for the VLAN is called a virtual router interface because the IP address is assigned to an interface on the routing entity in the switch. This initial interface has a one-to-one correspondence with a VLAN on any given switch.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 39
VLAN implementation
This section describes how to implement VLANs on a 1600 Series switch and includes the following topics:
• “Default VLAN,” next • “Unassigned VLAN” on page 39 • “VLAN rules” on page 41
Default VLAN
The 1600 Series switch is factory-configured with all ports residing in the default port-based VLAN and Spanning Tree Group (STG) 1. With all ports in this default VLAN, the switch behaves like a layer 2 switch. The VLAN ID of this default VLAN is always 1, and it is always a port-based VLAN. The default VLAN cannot be deleted.
Unassigned VLAN
The unassigned VLAN is a port-based VLAN that acts as a placeholder for ports that are removed from other port-based VLANs. Ports can belong to policy-based VLANs and to the unassigned VLAN. If a frame does not meet any policy criteria and there is no underlying port-based VLAN, the port belongs to the unassigned VLAN and the frame is dropped. Ports in the unassigned VLAN have no STG association, therefore, they do not participate in Spanning Tree Protocol negotiation (that is, no Bridge Protocol Data Units [BPDU] are sent out of ports in the unassigned VLAN).
The unassigned VLAN cannot be deleted or viewed. If a user-defined STG is deleted, the ports are moved to the unassigned VLAN and can later be assigned to another STG. Moving the ports to the unassigned VLAN avoids creating unwanted loops and duplicate connections. If routing is disabled in these ports, the port is completely isolated and no Layer 2 or Layer 3 functionality is provided.
The unassigned VLAN is useful for security reasons, or when using a port for monitoring a mirrored port.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
40 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Static multicast MAC filtering
Some network applications, such as mirroring, rely on a Layer 2 multicast MAC mechanism to send a frame to multiple hosts for processing. Multicast MAC filtering lets you direct MAC multicast flooding to a specific set of ports. Basically, the multicast MAC is defined as any MAC address in which the least significant bit of the most significant byte is set to 1.
In Layer 2, a multicast MAC address generally floods to all ports in the VLAN. With multicast MAC filtering, you can define a separate flooding domain for a given multicast MAC address, which is a subset of the ports on a VLAN. The maximum number of multicast MAC addresses that you can configure is 100, but, depending on the overall configuration of your switch, you may be limited to fewer addresses.
Note: You can configure multicast MAC filtering only for local addresses to a switch. You cannot use this feature as a means to route traffic between switches (that is, configure it to forward for interfaces that are not local).
To perform multicast MAC filtering, you create the VLAN normally and then manually define a flooding domain (that is, MAC address and port list) for a specific multicast address. When specifying the multicast MAC flooding domain, indicate which ports or link aggregation groups are to be considered for multicast traffic. The actual flooding is then based on whether the specified ports are active members in the VLAN.
For information about configuring static multicast MAC filters, see “Configuring static Multicast MAC entries” on page 97.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 41
VLAN rules
Table 3 shows the VLAN rules for the 1600 Series switch.
Table 3 VLAN rules
• The factory defaulted 1600 Series switch supports 2047 VLANs (this includes VLAN 1, the default VLAN). VLAN IDs range in value from 1 to 4000. When PIM is enabled, or if you intend to enable PIM as part of your switch configuration, the total number of possible VLANs is 2046. See note 1 also. • If you enable tagging on a port that is in a VLAN, the STG configuration for that port is lost. To preserve VLAN assignment of ports, enable tagging on the ports before you assign the ports to VLANs. • Tagged ports can belong to multiple VLANs and multiple STGs. When a tagged port belongs to multiple STGs, the BPDUs are tagged for all STGs except for STG 1. Under the default configuration, the default is STG 1. • An untagged port can belong to one and only one port-based VLAN. A port in a port-based VLAN can belong to other policy-based VLANs. • An untagged port can belong to one and only one policy-based VLAN for a given protocol. For example, a port can belong to only one policy-based VLAN where the policy is IPX802dot2 protocol. • A VLAN cannot span multiple STGs; that is, the ports in the VLAN must all be within one STG. STG IDs can range in value from 1 to 64. See note 1. • The VLAN membership of a frame is determined by the following order of precedence: 1. VLAN ID in the VLAN tag of the frame 2. protocol-based VLAN 3. port-based VLAN
1 See your release notes for the exact number of VLANs and STGs supported in a specific release.
Spanning Tree Protocol
The operation of the Spanning Tree Protocol (STP) is defined in the IEEE Standard 802.1D. The STP detects and eliminates logical loops in a bridged or switched network. When multiple paths exist, the spanning tree algorithm configures the network so that a bridge or switch uses only the most efficient path. If that path fails, the protocol automatically reconfigures the network to make another path active. The process maintains network operations. You can control path redundancy for VLANs by implementing STP.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
42 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
A network can include multiple instances of STP. The collection of ports in one spanning tree instance is called a Spanning Tree Group (STG).
Spanning Tree Groups
Each STG consists of a collection of ports that belong to the same instance of the STP. These STP instances are completely independent from each other (for example, they send their own BPDUs, they have their own timers, and so on).
Multiple STGs are possible within the same switch; that is, the routing switch can participate in the negotiation for multiple spanning trees.
Figure 4 shows multiple spanning tree groups.
Figure 4 Multiple spanning tree groups
Tagged port
VLAN B
VLAN A VLAN C
VLAN D
Spanning tree Spanning tree group 1 group 2 Access port 9579EA
Spanning Tree protocol controls
The ports associated with a VLAN and VLANs themselves must be contained within a single STG to prevents problems with spanning tree blocking ports and loss of connectivity within the VLAN.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 43
Each untagged port can belong to one and only one STG, while tagged ports can belong to more than one STG. When a tagged port belongs to more than one STG, the spanning tree bridge protocol data units (BPDUs) are tagged to distinguish those of one STG from those of another STG. BPDUs from STG 1 are not tagged. The tagged BPDUs are transmitted using a multicast MAC address as tagged frames with a VLAN ID. Because tagged BPDUs are not part of the IEEE 802.1D standard, not all devices can interpret tagged BPDUs.
You can enable or disable the Spanning Tree Protocol at the port or at the spanning tree group level. If you disable the protocol at the group level, received BPDUs are handled like a MAC-level multicast and flooded out the other ports of the STG. Note that an STG can contain one or more VLANs. Remember that MAC broadcasts are flooded out on all ports of a VLAN; a BPDU is a MAC-level message, but the BPDU is flooded out all ports on the STG, which can encompass many VLANs.
When STP is globally enabled on the STG, BPDU handling depends on the STP setting of the port:
• When STP is enabled on the port, received BPDUs are processed in accordance with STP. • When STP is disabled on the port, the port stays in a forwarding state, received BPDUs are dropped and not processed, and no BPDU is generated.
Spanning Tree modes
By default, the Nortel STG (NTSTG) is enabled, and all BPDUs are sent on every MLT link. To use the Cisco-compatible Spanning Tree mode, disable NTSTG — BPDUs are sent on only one link of the aggregation group. See “Example: changing the NTSTG mode” on page 163 for configuration instructions.
Spanning Tree FastStart
When enabled on a port with no other bridges, Spanning Tree FastStart brings the port up more quickly following switch initialization or a spanning tree change. The port goes through the normal blocking and learning states before the forwarding state, but the hold times for these states is the bridge hello timer (2 seconds by default) instead of the bridge forward delay timer (15 seconds by
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
44 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
default). Thus, if FastStart is enabled on a port that is using the defaults of 2 seconds for Hello time and 15 seconds for Forward Delay time, it goes into the forwarding state in 4 seconds, instead of the usual 30 seconds. If the port sees a BPDU, it will revert to regular behavior.
Instead of disabling STP on a port, Nortel recommends enabling FastStart on the port as an alternative.
FastStart is intended for access ports where only one device is connected to the switch (as in workstations with no other spanning tree devices). It may not be desirable to wait the usual 30 to 35 seconds for spanning tree initialization and bridge learning.
Note: Use Spanning Tree FastStart with caution. This procedure is contrary to that specified in the IEEE 802.1D standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when the port is enabled through configuration.
Understanding STGs and VLANs
AVLAN can include all the ports in a given STG, and there can be multiple VLANs in an STG, but a VLAN will never have more ports than exist in the STG. The recommended practice is to plan STGs and then create VLANs.
In the 1600 Series switch default configuration, a single STG encompasses all the ports in the switch. For most applications, this configuration is sufficient. The default STG is assigned ID 1 (STG1).
If a VLAN spans multiple switches, it must be within the same STG across all switches; that is, the ID of the STG in which it is defined must be the same across all devices.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 45
Spanning Tree protocol topology change detection
Change detection enables the detection of topology changes and sends a topology change notification (TCN) to the Root on a per port basis. Change detection is enabled by default. When change detection is enabled and a topology change occurs, a trap is sent containing the following information so that you can identify the device:
• the MAC address of the STG sending the TCN • the port number •the STG ID
You can disable change detection on ports where a single end station is connected, and where powering that end station on and off would trigger the TCN. Change detection is referenced in IEEE STD 802.1D.
Topology change detection configuration rules
The following rules apply to the Spanning Tree topology change detection setting.
Table 4 Spanning Tree protocol topology change detection configuration rules
• You can configure change detection only on access ports. This also applies to link aggregation ports. • If you disable change detection and then change the port from access to tagging-enabled, the switch automatically sets change-detection to enabled for the port. This also applies to link aggregation ports. • In a link aggregation group with access ports, modifications to change detection for a member port are automatically applied to the remaining member ports.
Rapid Spanning Tree Protocol and Multiple Spanning Tree Protocol
The current Spanning Tree implementation in the 1600 Series switch is based on IEEE 802.1d, which is slow to respond to a topology change in the network (such as a dysfunctional link in a network). The Rapid Spanning Tree Protocol (RSTP or IEEE 802.1w) reduces the recovery time after a network breakdown. In certain configurations, the recovery time of RSTP can be reduced to less than 1 second. It
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
46 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
also maintains a backward compatibility with the IEEE 802.1d, which was the Spanning Tree implementation prior to RSTP. The backward compatibility can be maintained by configuring a port to be in the STP compatible mode. A port operating in the STP compatible mode transmits and receives only STP BPDUs and drops any RSTP BPDUs.
RSTP also reduces the amount of flooding in the network by enhancing the way the Topology Change Notification (TCN) packet is generated.
Multiple Spanning Tree Protocol
The Multiple Spanning Tree Protocol (MSTP or IEEE 802.1s) allows the user to configure multiple instances of RSTP on the same switch. Each RSTP instance can include one or more VLANs. The operation of the MSTP is similar to the current Nortel proprietary STG.
RSTP and MSTP enable the 1600 Series switch to achieve the following:
• converging time reduced from 30 seconds to less than 1 or 2 seconds when there is topology change in the network (that is, the port going up or down) • elimination of unnecessary flushing of the MAC database and flooding of traffic to the network • backward compatibility with other switches that are running legacy 802.1d STP • support for eight instances of RSTP running simultaneously (under MSTP mode) • Instance 0 or CIST is the default group, which includes default VLAN 1. Instances 1-7 are called MSTIs 1-7. You create each MSTI group using the following three steps: — Create the MSTI group. — Add VLAN and port membership. — Enable the MSTI group. • ability to run NTSTG, RSTP, or MSTP configuration.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 47
Interoperability with legacy STP
RSTP provides a new parameter — ForceVersion — for backward compatibility with legacy STP. You can configure a port in either STP compatible mode or RSTP mode.
• An STP-compatible port transmits and receives only STP BPDUs. Any RSTP BPDU that the port receives in this mode will be discarded. • An RSTP-compatible port transmits and receives only RSTP BPDUs. If an RSTP port receives an STP BPDU it will become an STP port. User intervention is required to bring this port back to RSTP mode. This process is called Port Protocol Migration.
Differences in port roles
RSTP is an enhanced version of STP. These two protocols have a very similar set of parameters.
Table 5 lists the differences in port roles for STP and RSTP. STP supports two port roles, while RSTP supports four port roles.
Table 5 Differences in port roles for STP and RSTP
Port Role STP RSTP Description Root Yes Yes This port is receiving a better BPDU than its own and it has the best path to reach the Root. Root port is in Forwarding state. Designated Yes Yes This port has the best BPDU on the segment. Designated port is in Forwarding state.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
48 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Table 5 Differences in port roles for STP and RSTP
Port Role STP RSTP Description Alternate No Yes This port is receiving a better BPDU than its own BPDU and there is a Root port within the same switch. Alternate port is in Discarding state. Backup No Yes This port is receiving a better BPDU than its own BPDU and this BPDU is from another port within the same switch. Backup port is in Discarding state.
Edge Port
Edge port is a new parameter that is supported by RSTP. When a port is connected to a non-switch device such as a PC or a workstation, it must be configured as an Edge port. An active Edge port goes directly to Forwarding state without any delay. An Edge port becomes a non-Edge port if it receives a BPDU.
Path cost values
RSTP and MSTP recommend new path cost values that support a wide range of link speeds. Table 6 lists the recommended path cost values.
Table 6 Recommended path cost values
Link speed Recommended value
Less than or equal 100Kb/s 200 000 000 1 Mb/s 20 000 000 10 Mb/s 2 000 000 100 Mb/s 200 000 1 Gb/s 20 000 10 Gb/s 2 000 100 Gb/s 200 1 Tb/s 20 10 Tb/s 2
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 49
Rapid convergence
In RSTP and MSTP, the environment root port or the designated port can ask its peer for permission to go to the Forwarding State. If the peer agrees, then the root port can move to the Forwarding State without any delay. This procedure is called Negotiation Process.
RSTP and MSTP also allow information received on a port to be sent immediately if the port becomes dysfunctional, instead of waiting for the Maximum Age time.
The following example (see Figure 5 on page 51) illustrates how an RSTP port moves rapidly to Forwarding state without the risk of creating a loop in the network.
Switch A: ports 1 and 2 are in full duplex. Port 2 is an Edge port
Switch B: ports 1, 2 and 3 are in full duplex. Port 2 is an Edge port.
Switch C: ports 1 and 2 are in full duplex. Port 2 is an Edge port
Switch A is the Root.
Negotiation Process
After power up, all ports assume the role as Designated ports. All ports are in the Discarding state except Edge ports. Edge ports go directly to Forwarding state without delay.
Switch A, port 1 and switch B, port 1 exchange BPDUs. Switch A knows that it is the Root and that switch A, port 1 is the Designated port. Switch B learns that switch A has better priority. Switch B, port 1 becomes Root port. Both switch A, port 1 and switch B, port 1 are still in Discarding state.
Switch A starts the negotiation process by sending BPDU with the proposal bit set.
Switch B receives the proposal BPDU and sets its non-Edge ports to Discarding state. This operation is the sync process.
Switch B sends a BPDU with the agreement bit set to switch A.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
50 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Switch A sets port 1 to Forwarding and switch B sets port 1 to Forwarding state. PC 1 and PC 2 can talk to each other.
• The negotiation process now moves down to switch B, port 3 and its partner port. • PC 3 cannot talk to either PC 1 or PC 2 until the negotiation process between switch B and switch C complete.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 51
Figure 5 Negotiation process
Link aggregation
The information in this section applies to link aggregation through MLT and to MLT with LACP/802.3ad.
Software release 2.1.5.0 introduces Link Aggregation Control Protocol (LACP) to the Ethernet Routing Switch 1600 enabling dynamic link aggregation.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
52 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
You can now choose either MLT or MLT with LACP on the Ethernet Routing Switch 1600 with software release 2.1.5.0. For more information on LACP, see “Link Aggregation Control Protocol” on page 63.
Prior to Ethernet Routing Switch 1600 software release 2.1.5.0, support was provided for Multi Link Trunking (MLT) but it was not compliant with the IEEE standard. With the introduction of LACP/ 802.3ad, a standard compliance solution is provided for MLT. Link Aggregation aggregates one or more links into a Link Aggregation Group (LAG), thereby allowing a MAC client to treat the Link Aggregation Group as if it were a single link. The Link Aggregation comprises of an optional sublayer between a MAC client and the MAC (or optional MAC Control sublayer).
LACP/802.3ad link aggregation is a point-to-point connection that aggregates multiple ports so that they logically act like a single port with the aggregated bandwidth. Grouping multiple ports into a logical link provides higher aggregate throughput on a switch-to-switch or switch-to-server application. Link aggregation also provides media redundancy.
Link aggregation traffic distribution
Aggregation groups can be used to aggregate bandwidth between two switches. The 1600 Series switch distributes traffic by determining which active port in a link aggregation group should be used for each outgoing packet. Link aggregation group algorithms are intended to provide load sharing, not load balancing, while ensuring that packets do not arrive out of sequence.
The 1600 Series switch determines through which port a packet is transmitted using the following methods:
• Out of sequence packet behavior is never seen as all L2 or L3 sessions or flows are always associated with the same link in the group. • Tabulating the trunks and their active assigned port members for each link aggregation group. Ports defined as trunk members are written to the table in the order in which they were activated. If a link goes down, the table is re-written with one less trunk member. • Using a selected index, based on traffic type and hashing algorithm.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 53
Link aggregation rules
Table 7 describes the rules for the link aggregation groups in the 1600 Series switch.
Table 7 Link aggregation group rules
• Link aggregation is supported on 10BASE-T, 100BASE-TX, and Gigabit Ethernet ports. • All ports in a link aggregation group must be of the same media type (copper or fiber) and have the same speed and duplex settings. • A physical port cannot belong to more than one link aggregation group. • Link aggregation is compatible with the Spanning Tree Protocol. • IEEE 802.1Q tagging is supported on a link aggregation group. • All ports in a link aggregation group must be in the same STG unless they are tagged. If tagged, they can belong to multiple STGs. • The 1600 Series switch supports up to 7 link aggregation groups. See note1. • The factory defaulted 1600 Series switch supports 2047 VLANs (this includes VLAN 1, the default VLAN). VLAN IDs range in value from 1 to 4000. When PIM is enabled, or if you intend to enable PIM as part of your switch configuration, the total number of possible VLANs is 2046. • Bridged packet traffic (except for IP distribution) is distributed across the link aggregation group using a source and destination MAC address-based algorithm. • Bridged and routed IP traffic is distributed across the link aggregation group using a source and destination IP address-based algorithm.
1 See Release Notes for the Ethernet Routing Switch 1600 Series, Software Release 2.1 (316859-J) for the exact number of ports supported for each group.
Link aggregation examples
Link aggregation lets you group switch ports together to form a link to another switch or server, thus increasing aggregate throughput of the interconnection between the devices. When the Spanning Tree Protocol is enabled, Link aggregation software detects misconfigured or broken trunk links and removes the port from the link aggregation group.
Switch-to-switch link aggregation configuration
Figure 6 on page 54 shows two trunks (T1 and T2) connecting switch S1 to switches S2 and S3.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
54 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Figure 6 Switch-to-switch link aggregation configuration
S1
T1
T2
S2
S3
9050EA
Each of the trunks shown in Figure 6 can be configured with multiple switch ports to increase bandwidth and redundancy. When traffic between switch-to-switch connections approaches single port bandwidth limitations, creating a link aggregation group can supply the additional bandwidth required to improve performance.
Switch-to-server link aggregation configuration
Figure 7 on page 55 shows a typical switch-to-server trunk configuration. In this example, file server FS1 utilizes dual MAC addresses, using one MAC address for each network interface card (NIC). No link aggregation group is configured to FS1. FS2 is a single MAC server (with a 4-port NIC) and is set up as trunk configuration T1.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 55
Figure 7 Switch-to-server link aggregation configuration
FS1 FS2 00:80:2d:01:f0:00 00:80:2d:01:f0:01
T1
Ethernet Routing S1 Switch1600
9051EB
Client/server link aggregation configuration
Figure 8 on page 56 shows an example of how link aggregation can be used in a client/server configuration. In this example, both servers are connected directly to switch S1. FS2 is connected through a trunk configuration (T1). The switch-to-switch connections are through trunks (T2, T3, T4, and T5). Clients accessing data from the servers (FS1 and FS2) are provided with maximized bandwidth through trunks T1, T2, T3, T4, and T5.
With spanning tree enabled, and trunks T2 and T3 in the same spanning tree group, one of the trunks (T2 or T3) acts as a redundant (backup) trunk to switch S2, and STP will block one of the trunks. With spanning tree disabled, neither trunk T2 nor trunk T3 is blocked; they must be configured into separate STGs to avoid a loop in the network.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
56 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Figure 8 Client/Server link aggregation configuration
FS1 FS2
T1
S1
T2 T3 T4 T5
S2 S3 S4
9052EB
With spanning tree enabled, ports that belong to the same link aggregation group operate as follows. All ports in the group must belong to the same spanning tree group if spanning tree is enabled. Identical bridge protocol data units (BPDUs) are sent out of each port. The group port ID is the ID of the lowest numbered port. If identical BPDUs are received on all ports, the link aggregation mode is forwarding. If no BPDU is received on a port or if BPDU tagging and port tagging do not match, the individual port is taken offline. Path cost is inversely proportional to the active link aggregation bandwidth.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 57
SMLT
This section provides an overview of the Split MultiLink Trunking (SMLT) feature.
SMLT Overview
Link Aggregation technologies have become popular for improving link bandwidth and/or to protect against link failures. IEEE 802.3ad is the standardized link aggregation protocol, although various vendors have developed their own proprietary implementations. IEEE 802.3ad is defined for point-to-point applications, however, it was not designed to recover around nodal failure.
Split MultiLink Trunking (SMLT) is an extension to Link Aggregation, which improves the level of Layer 2/Layer 3 resiliency by providing nodal protection in addition to link failure protection and flexible bandwidth scaling. SMLT achieves this by allowing edge switches using IEEE 802.3ad to dual-home to two SMLT aggregation switches. SMLT is transparent to those attached devices supporting IEEE 802.3ad.
Because SMLT inherently avoids loops due to its enhanced link aggregation control protocol, when designing networks using SMLT, it is not necessary to use the IEEE 802.1D/w Spanning Tree protocols to enable loop-free triangle topologies.
This is accomplished by implementing a method that allows two aggregation switches to appear as a single device to edge switches, which are dual-homed to the aggregation switches. The aggregation switches are interconnected using an Inter-Switch Trunk (IST), which allows them to exchange addressing and state information (permitting rapid fault detection and forwarding path modification). Although SMLT is primarily designed for Layer 2, it also provides benefits for Layer 3 networks, as well.
Note: Layer 2 edge switches must support some form of link aggregation (such as MLT) to allow communications with an SMLT aggregation switch.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
58 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Advantages of SMLT
SMLT improves the reliability of Layer 2 networks that operate between user access switches and the network center aggregation switch by providing:
• load sharing among all links • fast failover in case of link failures • elimination of single point of failure • fast recovery in case of nodal failure • a transparent and interoperable solution • elimination of STP convergence issues
These advantages are described in more detail in the sections that follow.
Single point of failure elimination
SMLT helps eliminate all single points of failure and create multiple paths from all user access switches to the core of the network. In case of failure, SMLT recovers as quickly as possible so that no unused capacity is created. Finally, SMLT provides a transparent and interoperable solution that requires no modification on the part of the majority of existing user access devices.
SMLT compared to spanning tree protocol
Networks that are designed to have user access switches dual-homed to two aggregation switches and have VLANs spanning two or more user access switches experience the following design constraints:
• Spanning Tree must be used to detect loops • no load sharing exists over redundant links • slow network convergence in case of failure
Single port SMLT
Single port SMLT lets you configure a split multilink trunk using a single port. The single port SMLT behaves just like an MLT-based SMLT and can coexist with SMLTs in the same system. Single port SMLT lets you scale the number of split multilink trunks on a switch to a maximum number of available ports.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 59
Split MLT links can exist in the following combinations on the SMLT aggregation switch pair:
• MLT-based SMLT + MLT-based SMLT • MLT-based SMLT + single link SMLT • single link SMLT + single link SMLT
Rules for configuring single port SMLT:
• The dual-homed device connecting to the aggregation switches must be capable of supporting MLT. • Each single port SMLT is assigned an SMLT ID from 1 to 512. • Single port SMLT ports can be designated as Access or Trunk (that is, IEEE 802.1Q tagged or not), and changing the type does not affect their behavior. • You cannot change a single port SMLT into an MLT-based SMLT by adding more ports. You must delete the single port SMLT, and then reconfigure the port as SMLT/MLT. • You cannot change an MLT-based SMLT into a single port SMLT by deleting all ports but one. You must first remove the SMLT/MLT and then reconfigure the port as single port SMLT. • A port cannot be configured as MLT-based SMLT and as single port SMLT at the same time.
Using MLT-based SMLT with MLT
You can configure a split trunk with single port SMLT on one side and an MLT-based SMLT on the other. Both must have the same SMLT ID. In addition to general use, Figure 9 on page 60 shows how this configuration can be used for upgrading an MLT-based SMLT to single port SMLT without taking down the split trunk.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
60 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
Figure 9 Changing a split trunk from MLT-based SMLT to single port SMLT
Switch A Switch B Switch A Switch B
IST IST
MLT-based MLT-based MLT-based SMLT ID 10 SMLT ID 10 SMLT ID 10
Switches A and B are configured with Delete MLT-based SMLT 10 on switch B. 1 2 MLT-based SMLTs. All traffic switches over SMLT 10 on switch A.
Switch A Switch B Switch A Switch B
IST IST
MLT-based Single port Single port SMLT ID 10 SMLT ID 10 SMLT ID 10
Configure single port SMLT 10 on switch B. Delete MLT-based SMLT 10 on switch A. 3 4 Traffic switches over both sides of split trunk. All traffic switches over single port SMLT 10 on switch B.
Switch A Switch B
IST
Single port Single port SMLT ID 10 SMLT ID 10
Configure single port SMLT 10 on switch A. 5 Traffic switches over both sides of split trunk.
Legend
Ethernet Routing Switch 1600 Series
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 61
Note: When you perform the steps listed in Figure 9 on page 60, and you remove the MLT-based SMLTs (steps 2 and 4), physically disable the ports either by removing the cables or shutting them down using the CLI. Otherwise, because STP is disabled on the ports, a loop can form as soon as the SMLT is removed.
SMLT and single port SMLT configuration steps
To enable SMLTs, ISTs, and single port SMLTs on the 1600 Series switch, you must complete the following steps in the order provided:
1 Configure VLANs, including port membership and port tagging. 2 Configure STP groups: a Create STP groups. b Assign VLAN membership. c Enable STP groups. d Set STP port participation. 3 If the switches are to be used for Layer 3 routing, enable VRRP on the units (required for Layer 3 only). 4 Configure MLTs on the devices: a Create MLT groups. b Assign members and STP participation. 5 Configure SMLTs on the devices: a Configure IST MLTs, including Peer IP and VLAN IDs. b Create the SMLTs. c Create the single port SMLTs (if applicable). d Enable ISTs. 6 Make connections.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
62 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
VLAN, STG, and link aggregation feature support
Table 8 summarizes the features supported on the 1600 Series switch.
Note: This table is subject to change. See Release Notes for the Ethernet Routing Switch 1600 Series, Software Release 2.1 (316859-J) to obtain the latest scalability information.
Table 8 VLAN, STG, and link aggregation support
Feature Ethernet Routing Switch 1600 Series capabilities Number of VLANs 2047 (includes the default VLAN) Port-based VLANs Supported Policy-based VLANs • Protocol-based Supported • Source MAC-based Unsupported IEEE 802.1Q tagging Supported IP routing and VLANs Supported IPX routing Unsupported IPX VLANs Unsupported Special VLANs • Default VLAN Supported • Unassigned VLAN Supported • Brouter ports Unsupported Number of spanning tree groups 64 (proprietary) Spanning Tree FastStart Supported MSTP Supported Number of MSTP groups 1Nortel supports 8 (including CIST) for Software Release 2.1 RSTP Supported Link aggregation groups 7 Number of links per link 4 aggregation group
1 Nortel provides support for 8 MSTP groups (including CIST) for Software Release 2.1, although the 1600 Series switch allows you to configure up to 64.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 63
Link Aggregation Control Protocol
Link Aggregation group (LAG) enables trunk groups to be controlled and configured automatically with the Link Aggregation Control Protocol (LACP) for dynamic Link Aggregation. The LACP, defined by the IEEE 802.3ad standard, enables the Ethernet Routing Switch 1600 to learn the presence and capabilities of a remote switch by exchanging information with the remote switch before a trunk group is formed. Either switch can accept or reject the aggregation request on per port basis. A link that cannot join a trunk group operates as an individual link.
Trunk groups that are formed by Link Aggregation are referred to as a Link Aggregation group (LAG) and trunk groups that are formed by Ethernet Routing Switch 1600 Multilink Trunking are Multilink trunk (MLT) groups.
Ethernet Routing Switch 1600 software supports Link Aggregation groups and Multi Link trunks. By default Link Aggregation is set to off on all ports.
LACP limitations
The Ethernet Routing Switch 1600 LAG has the following limitations:
• The maximum number of active links per LAG is 4 and the maximum number of LAGs is 7. • All ports in the same MLT or LA group must be of the same media type (copper or fiber) and have same settings (speed and duplex). • An MLT or LA group cannot belong to multiple STGs unless tagging is enabled on the group. • A physical port cannot belong to more than one MLT or LA groups. • Both ends of the MLT or LA must support compatible STP algorithm. • Standby link operation is not supported.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
64 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
LACP and MLT configuration considerations
When you configure standard-based link aggregation, you must enable the aggregation parameter. After you enable the aggregation parameter, the LACP aggregator maps one-to-one to the specified MultiLink trunk.
Warning: Disable STP on Ethernet Routing Switch 1600 ports when configuring SMLT MLTs or LACP LAGs, in the MLT or LAG (either triangle or square configurations), to achieve proper SMLT failovers. This can also include the edge switches in a triangle configuration.
Perform the following steps to configure an LAG:
1 Assign a numeric key to the ports you want to include in the LAG. 2 Configure the LAG for aggregation. 3 Enable LACP on the port. 4 Create an MultiLink trunk and assign the same key as in step 1 to it. The MultiLink trunk/LAG only aggregates ports whose key matches its own.
The newly created MultiLink trunk/LAG adopts the VLAN membership of its member ports when the first port is attached to the aggregator associated with this LAG. When a port detaches from an aggregator, the associated LAG port deletes the member from its list.
After the MultiLink trunk is configured for aggregation, you cannot add or delete ports or VLANs manually.
To enable tagging on ports belonging to a LAG, disable LACP on the port and then enable tagging and LACP on the port.
To perform configuration LACP procedures on the Ethernet Routing Switch 1600, see Chapter 5, “Configuring LACP on MLT,” on page 183
LACP and SMLT configuration considerations
The LACP is supported on single port Split MultiLinkTrunks and MultiLink trunks. Follow these guidelines when you use LACP and SMLT:
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 65
• When you set the LACP system ID for SMLT, configure the same LACP SMLT system ID on both aggregation switches to avoid the loss of data. Nortel recommends that you configure the SmltSysId so that it matches the base MAC address of one of the chassis. • If you use LACP in an SMLT square configuration, the LACP ports must have the same keys for that SMLT LAG; otherwise, the aggregation can fail if a switch fails. • If an SMLT aggregation switch has LACP enabled on some of its MultiLink trunks, do not change the LACP system priority. If some ports do not enter the desired MultiLink trunk after a dynamic configuration change, enter the following CLI command: conf mlt
Use the SMLT system ID (smlt-sys-id) to allow you to use a third-party switch as a wiring closet switch in an SMLT configuration. This enhancement provides an option for the administrator to configure the system ID on the aggregation switch. The actor system priority of the actor system ID (LACP_DEFAULT_SYS_PRIO), configured by the user, and an actor key equal to the SMLT-ID or SLT-ID, is sent to the wiring closet switch. Ensure that you configure the same system ID value on both aggregation switches.
LACP and Spanning Tree configuration considerations
LACP module operation is affected by the physical link state or its LACP peer status affects LACP module operation. When a link is enabled or disabled, an LACP module is notified. STP forwarding state does not affect LACP module operation. LACPDUs can be sent if the port is in an STP blocking state.
Unlike legacy MultiLink trunks, configuration changes (such as speed and duplex mode) to a LAG member port are not applied to all member ports in the MultiLink trunks. The changed port is removed from the LAG and the corresponding aggregator, and the user is alerted when the configuration is created.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
66 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
In contrast to MLT, IEEE 802.3ad-based link aggregation does not expect BPDUs to be replicated over all ports in the trunk group. Therefore, you must enter the ntstg disable command to disable the parameter on the Spanning Tree Group (STG) for LACP-based link aggregation.
ntstg disable parameter is applicable to all trunk groups that are members of the STG. This is applicable when internetworking with devices only send BPDUs out of one port of the LAG.
LACP parameters
You can configure priorities, keys, modes, and timers for the LACP.
LACP priority
You can configure LACP priority at the system and port level as follows:
• Port priority—determines which ports are aggregated into the LAG that has more than four ports configured to it. • System priority—generates the switch ID when communicating with other switches. For SMLT applications, use a system priority to determine a master–slave relationship between the SMLT switches.
Nortel recommends that you use the default value. If you need to change it, first disable the LACP and then enable it again after you change the value.
LACP keys
LACP keys are used to determine which ports are eligible for LAG aggregation. The LACP keys are defined by the ports when the MultiLink trunk is configured. The ports key which match the MLT key can be aggregated into that MultiLink trunk.
• Keys do not have to match between two LACP peers. • Keys do not have to match on SMLT core switches when you use LACP with SMLT.
NN46208-500
Chapter 1 VLANs, Spanning Tree, and Link Aggregation 67
LACP timers
You can customize failover times by changing the LACP timer attributes (fast periodic time, slow periodic time, and aggregate wait time). Values are set by default to match the IEEE 802.3ad values. If you change the values, they must match on the ports participating in aggregation between two devices.
Changes to LACP timer values at the global level are reflected on all ports. However, you can change the LACP timer values for each port level. When you change an LACP timer globally, this value is set on all ports. The global timer value overwrites the local port value irrespective of the LACP state.
You must configure any port values that differ from the global values. You can use the fast or slow timer, that which is set on the port level. By default, the Ethernet Routing Switch 1600 uses the long timer. LACP uses the following timers:
• fast-periodic timer—200 to 20000 milliseconds (ms); default 1000 ms • slow-periodic timer—10000 to 30000 ms; default 30000 ms • aggregation-wait timer—200 to 2000; default 2000
You cannot aggregate a link if it does not receive an LACPDU for a period of timeout x slow periodic time = 3 x 30 seconds = 90 seconds. If you use the fast periodic time, the timeout period is 3 x 1000 ms = 3 seconds. You must make timer changes to all ports participating in link aggregation and to the ports on the partnering node.
Configuration changes to the LACP timers are not reflected immediately. LACP timers do not reset until the next time you restart LACP globally or on a port, ensuring consistency with peer switches. When you enable LACP on a port, the timer values are set at the port level. You must toggle the LACP status when timer values change. Existing ports are not impacted unless you toggle the LACP status on the port.
LACP modes
LACP uses two active and passive modes.
• Active mode—ports initiate the aggregation process. Active mode ports aggregate with other active mode ports or passive mode ports.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
68 Chapter 1 VLANs, Spanning Tree, and Link Aggregation
• Passive mode—ports participate in LACP but do not initiate the aggregation process. Passive mode ports must be partnered with active mode ports for aggregation to occur.
NN46208-500
69 Chapter 2 Configuring and managing VLANs
This chapter includes the following topics:
• “Roadmap of VLAN commands” on page 70 • “Creating a port-based VLAN” on page 73 • “Creating protocol-based and user-defined VLANs” on page 75 • “Configuring a VLAN” on page 79 • “Configuring the forwarding database” on page 91 • “Assigning an IP address to a VLAN” on page 87 • “Assigning an IP address to a VLAN” on page 87 • “Displaying VLAN information” on page 101
For conceptual information about VLANs, see “VLANs” on page 29.
For instructions to configure IP Proxy Address Resolution Protocol (ARP), refer to Configuring IP Routing and Multicast Operations using the CLI (321711-B).
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
70 Chapter 2 Configuring and managing VLANs
Roadmap of VLAN commands
The following are links to the VLAN commands and parameters in this chapter.
Table 9 Roadmap of VLAN commands and parameters
Command Parameter config vlan
NN46208-500
Chapter 2 Configuring and managing VLANs 71
Table 9 Roadmap of VLAN commands and parameters (continued)
Command Parameter
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
72 Chapter 2 Configuring and managing VLANs
Table 9 Roadmap of VLAN commands and parameters (continued)
Command Parameter
NN46208-500
Chapter 2 Configuring and managing VLANs 73
Table 9 Roadmap of VLAN commands and parameters (continued)
Command Parameter delete info show vlan info all [
Creating a port-based VLAN
To create a port-based VLAN, use the following command:
config vlan
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
74 Chapter 2 Configuring and managing VLANs
where vid is a value (1 to 4000) that uniquely identifies the VLAN you are creating. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 10 defines the parameters used with this command.
Table 10 config vlan
Parameter Definition
In Figure 10, a port-based VLAN is created, added to STG 1, and named, Sales. The configuration is then saved and displayed.
Figure 10 config vlan
PP1648T:1# config vlan 4 create byport 1 name Sales PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 4 create info
Sub-Context: clear config monitor show test trace Current Context:
byport : sid - 1 name - Sales color - 0 (white)
PP1648T:1#
NN46208-500
Chapter 2 Configuring and managing VLANs 75
Creating protocol-based and user-defined VLANs
To create a protocol-based VLAN, use the following command:
config vlan
To create a VLAN based on a user-defined protocol, add the usrDefined parameter and enter the following:
config vlan
In both commands,
Table 11 defines the parameters used in both of these commands.
Table 11 config vlan
Parameter Definition
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
76 Chapter 2 Configuring and managing VLANs
Table 11 config vlan
Parameter Definition
In Figure 11 on page 77, a VLAN is created, based on IP protocol, and added to STG 1. The configuration is then saved and displayed. Since a name was not given to the VLAN, the switch assigns the name, VLAN-6.
NN46208-500
Chapter 2 Configuring and managing VLANs 77
Figure 11 config vlan
PP1648T:1# config vlan 6 create byprotocol 1 ip PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 6 create info
Sub-Context: clear config monitor show test trace Current Context:
byprotocol : protocol pid - ip sid - 1 name - VLAN-6 color - 0 (white)
In Figure 12, VLAN 7 is created, based on a user-defined protocol with a protocol identifier of 0x115c. The VLAN is added to STG 1. The configuration is then saved and displayed. Since a name was not given to the VLAN, the switch assigns the name, VLAN-7.
Figure 12 config vlan
PP1648T:1# config vlan 7 create byprotocol 1 usrDefined 0x115c PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 7 create info
Sub-Context: clear config monitor show test trace Current Context:
byprotocol : usrDefined pid (hex) - 0x115c sid - 1 name - VLAN-7 color - 0 (white)
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
78 Chapter 2 Configuring and managing VLANs
Creating a VLAN in MSTP or RSTP mode
To create a port-based VLAN in MSTP or RSTP mode, use the following command:
config vlan
To create a protocol-based VLAN in MSTP or RSTP mode, use the following command:
config vlan
Note: The
Creating an IP subnet-based VLAN
An ARP classification VLAN is automatically created whenever the first IP subnet-based VLAN is created.
To create an IP subnet-based VLAN, use the following commands:
config vlan
config vlan
NN46208-500
Chapter 2 Configuring and managing VLANs 79
Table 12 defines the parameters used in this command.
Table 12 IP subnet-based command
Parameter Definition
Configuring a VLAN
This section includes the following topics:
• “Adding ports to a VLAN” on page 80 • “Removing ports from a VLAN” on page 81 • “Adding a link aggregation group to a VLAN” on page 82 • “Configuring a VLAN name” on page 83 • “Configuring a VLAN QoS level” on page 84 • “Deleting a VLAN” on page 85 • “Configuring general VLAN action” on page 86 • “Assigning an IP address to a VLAN” on page 87 • “Deleting an IP address from a VLAN” on page 88 • “Enabling VLAN tagging on a port” on page 89 • “Configuring 802.1 VLAN tagging” on page 90
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
80 Chapter 2 Configuring and managing VLANs
Adding ports to a VLAN
To add ports to a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 13 defines the parameters used with this command.
Table 13 config vlan
Parameter Description
In Figure 13, port 1/1 is added to previously created VLAN 4. The configuration is then saved and displayed. Since a member type is not specified, the switch configures it as a port member.
NN46208-500
Chapter 2 Configuring and managing VLANs 81
Figure 13 config vlan ports add command output
PP1648T:1# config vlan 4 ports add 1/1 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 4 ports info
Sub-Context: clear config monitor show test trace Current Context:
add : portmember - 1/1 activemember - 1/1 staticmember - notallowtojoin - remove : N/A
Removing ports from a VLAN
To remove ports from a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 14 defines the parameters used with this command.
Table 14 config vlan
Parameter Description
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
82 Chapter 2 Configuring and managing VLANs
In Figure 14, port 1/1 is removed from previously-created VLAN 4. The configuration is then saved and displayed.
Figure 14 config vlan ports remove command output
PP1648T:1# config vlan 4 ports remove 1/1 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 4 ports info
Sub-Context: clear config monitor show test trace Current Context:
add : portmember - activemember - staticmember - notallowtojoin - remove : N/A
Adding a link aggregation group to a VLAN
To add a link aggregation group to a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies an existing VLAN. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 15 defines the parameter used with this command.
Table 15 config vlan
Parameter Description
In Figure 15 on page 83, MLT-1 is added to previously-created VLAN 4. The configuration is then saved and displayed.
NN46208-500
Chapter 2 Configuring and managing VLANs 83
Figure 15 config vlan
PP1648T:1# config vlan 4 add-mlt 1 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 4 info
Sub-Context: clear config monitor show test trace Current Context:
action : N/A add-mlt : 1 delete : N/A qoslevel : 1 dynamic-mac-qoslevel : disable name : VLAN-4
Removing a link aggregation group from a VLAN
To remove a link aggregation group from a VLAN, use the following command:
config vlan
Valid entries for the MLT ID (that is, entries for
Configuring a VLAN name
To configure a VLAN name, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies an existing Virtual LAN. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 16 defines the parameter used with this command.
Table 16 config vlan
Parameter Description
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
84 Chapter 2 Configuring and managing VLANs
In Figure 16 on page 84, the name “Security” is configured for the previously-created VLAN 5. The configuration is then saved and displayed.
Figure 16 config vlan
PP1648T:1# config vlan 5 name Security PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 5 info
Sub-Context: clear config monitor show test trace Current Context:
action : N/A add-mlt : delete : N/A remove-mlt: N/A qoslevel : 1 dynamic-mac-qoslevel : disable name : Security
Configuring a VLAN QoS level
A QoS level can only be configured on protocol VLANs. They can not be defined on port based VLANs.
To configure a VLAN QoS level, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies an existing Virtual LAN. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 17 defines the parameter used with this command.
Table 17 config vlan
Parameter Description
NN46208-500
Chapter 2 Configuring and managing VLANs 85
In Figure 17, a QoS level of 6 is configured for the previously-created VLAN 5. The configuration is then saved and displayed.
Figure 17 config vlan
PP1648T:1# config vlan 5 qos-level 6 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 5 info
Sub-Context: clear config monitor show test trace Current Context:
action : N/A add-mlt : delete : N/A remove-mlt: N/A qoslevel : 6 dynamic-mac-qoslevel : disable name : Security
Updating the VLAN dynamic MAC QoS level
To update the VLAN dynamic MAC QoS level, use the following command:
config vlan
where:
•
Deleting a VLAN
To delete a VLAN, use the following command:
config vlan
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
86 Chapter 2 Configuring and managing VLANs
where vid is a value (1 to 4000) that uniquely identifies an existing Virtual LAN. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
In Figure 18 on page 86, VLAN 4 is deleted. The configuration is then saved and displayed.
Figure 18 config vlan
PP1648T:1# config vlan 4 delete PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 4 info
Sub-Context: clear config monitor show test trace Current Context:
Vlan 4 is not created
Configuring general VLAN action
To configure general VLAN action, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies an existing Virtual LAN. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 18 defines the parameters used with this command.
Table 18 config vlan
Parameter Description
NN46208-500
Chapter 2 Configuring and managing VLANs 87
Table 18 config vlan
Parameter Description
In Figure 19, the learned MAC addresses are removed from the forwarding database for VLAN 5.
Figure 19 config vlan
PP1648T:1# config vlan 5 action flushMacFdb PP1648T:1# config vlan 5 fdb-entry info
Sub-Context: clear config monitor show test trace Current Context:
aging-time : 300 flush : N/A
Assigning an IP address to a VLAN
To assign an IP address to a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
88 Chapter 2 Configuring and managing VLANs
Table 19 defines the parameters used with this command.
Table 19 config vlan
Parameter Description
In Figure 20, IP address/network mask 1.2.3.4/8 is assigned to VLAN 5; and the configuration is saved and displayed.
Figure 20 config vlan
PP1648T:1# config vlan 5 ip create 1.2.3.4/8 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# show vlan info ip 5
======Vlan Ip ======VLAN IP NET BCASTADDR REASM ID ADDRESS MASK FORMAT MAXSIZE ------5 1.2.3.4 255.0.0.0 ones 1500
Deleting an IP address from a VLAN
To delete an IP address from a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
NN46208-500
Chapter 2 Configuring and managing VLANs 89
Table 20 defines the parameters used with this command.
Table 20 config vlan
Parameter Description
In Figure 21, IP address 1.2.3.4 is deleted from VLAN 5; and the configuration is saved and displayed.
Figure 21 config vlan
PP1648T:1# config vlan 5 ip delete 1.2.3.4 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# show vlan info ip 5
======Vlan Ip ======VLAN IP NET BCASTADDR REASM ID ADDRESS MASK FORMAT MAXSIZE ------
Enabling VLAN tagging on a port
On the 1600 Series switch you have the option to configure a tagged port to send out untagged frames on the default VLAN of a port. This feature is not supported on MLT ports and is disabled when a port is added to an MLT. VLAN port tagging is not allowed on access ports. Ports are disabled by default.
To enable VLAN tagging on a tagged port, use the following command:
config ethernet
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
90 Chapter 2 Configuring and managing VLANs
Table 21 defines the parameters used with this command.
Table 21 config ethernet
Parameter Description
In Figure 22, the untag-port-default for port 1/5 is set to enable; and the configuration is displayed.
Figure 22 config ethernet
PP1648T:1# config ethernet 1/5 untag-port-default-vlan enable
PP1648T:1# config ethernet 1/5 info
======Port Transmit Queue ======PORT QUEUE TRAFFIC TX BUFFER SCHED WEIGHT SHAPER SHAPER BURST NUM ID CLASS ENABLE SIZE GROUP ENABLE RATE SIZE ------1/5 0 0 enable 32 DWRR1 3 disable 10 4 1/5 1 1 enable 32 DWRR1 3 disable 10 4 1/5 2 2 enable 32 DWRR1 6 disable 10 4 1/5 3 3 enable 32 DWRR1 8 disable 10 4 1/5 4 4 enable 16 DWRR1 10 disable 10 4 1/5 5 5 enable 16 DWRR1 12 disable 10 4 1/5 6 6 enable 16 DWRR1 36 disable 10 4 1/5 7 7 enable 16 Priority N/A disable 10 4
Configuring 802.1 VLAN tagging
Configuring 802.1 VLAN tagging on the 1600 Series switch is done on a per port basis.
To enable 802.1 VLAN tagging on a port, use the following command:
config ethernet
NN46208-500
Chapter 2 Configuring and managing VLANs 91
Table 22 defines the parameters used with this command.
Table 22 config ethernet
Parameter Description
In Figure 23, perform-tagging for port 1/33 is set to enabled; and the configuration is displayed.
Figure 23 config ethernet
PP1648T:1# config ethernet 1/33 perform-tagging enable PP1648T:1# show ports info vlan 1/33
======Port Vlans ======PORT DISCARD DEFAULT UNTAG VLAN NUM TAGGING UNTAGFRAM VLANID DEFVLAN IDS ------1/33 enable disable 1 disable 1
Configuring the forwarding database
This section includes the following topics:
• “Configuring VLAN entries in the forwarding database,” next • “Configuring VLAN forwarding database filters” on page 93 • “Configuring VLAN static forwarding database members” on page 95
Configuring VLAN entries in the forwarding database
To configure VLAN entries in the forwarding database, use the following command:
config vlan
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
92 Chapter 2 Configuring and managing VLANs
where vid is a value (1 to 4000) that uniquely identifies the VLAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 23 defines the parameters used with this command.
Table 23 config vlan
Parameter Description aging-time
NN46208-500
Chapter 2 Configuring and managing VLANs 93
In Figure 24, the forwarding timer, which sets the time after which unused entries are removed from the forwarding database, is set to 600 seconds. The configuration is then saved and displayed.
Figure 24 config vlan fdb-entry aging-time command output
PP1648T:1# config vlan 2 fdb-entry aging-time 600 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 2 fdb-entry info
Sub-Context: clear config monitor show test trace Current Context:
aging-time : 600 flush : N/A
Configuring VLAN forwarding database filters
To configure VLAN forwarding database filters, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
94 Chapter 2 Configuring and managing VLANs
Table 24 defines the parameters used with this command.
Table 24 config vlan
Parameter Description add
NN46208-500
Chapter 2 Configuring and managing VLANs 95
In Figure 25, a filter is created, for VLAN 2 on port 1/2, to find and drop any destination packets with MAC address 01:02:03:04:05:06. Since a QoS level is not specified, the switch defaults to QoS level 1. The configuration is saved and displayed.
Figure 25 config vlan
PP1648T:1# config vlan 2 fdb-filter add 01:02:03:04:05:06 port 1/2 drop dstOnly PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 2 fdb-filter info
Sub-Context: clear config monitor show test trace Current Context:
add : mac - 01:02:03:04:05:06 port - 1/2 drop - dstOnly qos - 1 remove : N/A
Configuring VLAN static forwarding database members
To configure VLAN static forwarding database members, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
96 Chapter 2 Configuring and managing VLANs
Table 25 defines the options used with this command.
Table 25 config vlan
Parameter Description add
In Figure 26, a static entry is added to the forwarding database for VLAN 5 on port 1/1. Since a QoS level is not specified, the switch defaults to QoS level 1. The configuration is saved and then displayed.
Figure 26 config vlan fdb-static info command output
PP1648T:1# config vlan 5 fdb-static add 00:01:81:2c:92:01 port 1/1 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 5 fdb-static info
Sub-Context: clear config monitor show test trace Current Context:
add :
mac - 00:01:81:2c:92:01 port - 1/1 status - permanent Qos Level - 1 remove : N/A
NN46208-500
Chapter 2 Configuring and managing VLANs 97
Configuring static Multicast MAC entries
To configure static multicast MAC entries for a VLAN, use the following command:
config vlan
where vid is a value (1 to 4000) that uniquely identifies the Virtual LAN you are configuring. The VID corresponds to the lower 12 bits in the IEEE 802.1Q VLAN Tag. The default VLAN ID is 1.
Table 26 defines the parameters used with this command:
Table 26 config vlan
Parameter Description add mac
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
98 Chapter 2 Configuring and managing VLANs
Table 26 config vlan
Parameter Description delete-mlt
For more information, see “Static multicast MAC filtering” on page 40
In Figure 27 on page 99, the commands described above are used to do the following:
• Add multicast MAC address 01:02:03:04:05:06 as a static MAC in VLAN 3. • Add ports and an MLT group so that traffic destined for the MAC address is forwarded to port 1/5 and MLT 2, instead of being flooded to all VLAN 3 ports. • Save and display the configuration.
NN46208-500
Chapter 2 Configuring and managing VLANs 99
Figure 27 config vlan
PP1648T:1# config vlan 3 static-mcastmac add mac 01:02:03:04:05:06 port 1/5 mlt 2 PP1648T:1# save config Save config to file config.cfg successful. PP1648T:1# config vlan 3 static-mcastmac info
Sub-Context: clear config monitor show test trace Current Context:
add : macaddress - 01:02:03:04:05:06 portmembers - 1/5 mltgroups - 2
remove : N/A
Configuring a bridging counter
To configure a counter set (port and VLAN) to collect bridging statistics, use the following command:
config bridging-counter-set
where
Table 27 defines the parameters used with this command:
Table 27 config bridging-counter-set command
Parameter Description create [port Creates a counter set.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
100 Chapter 2 Configuring and managing VLANs
Table 27 config bridging-counter-set command (continued)
Parameter Description delete Deletes a counter set. info Displays general information for the counter set you specify.
You can set the counter to collect statistics in one of four possible configurations:
1 monitor all the ports irrespective of the VLAN (config bridging-counter-set
In Figure 28, the commands described above are used to do the following:
• Create a bridging counter set for VLAN 3 • View information about the counter set
NN46208-500
Chapter 2 Configuring and managing VLANs 101
Figure 28 config bridging-counter-set command
PP1648T:1# config bridging-counter-set 1 create vlan 3 PP1648T:1# config bridging-counter-set 1 info
======Bridging Counter Set ======ID PORT VLAN MONITOR MONITOR NUM ID ALL PORTs ALL VLANs ------1 N/A 3 enable disable SJ_PP1648T:1#
See “Displaying bridging counter statistics” on page 109 for information on viewing bridging statistics.
Displaying VLAN information
This section includes the following topics:
• “Displaying all information about a VLAN” on page 102 • “Displaying a basic VLAN configuration” on page 105 • “Displaying advanced VLAN information” on page 106 • “Displaying VLAN ARP information” on page 107 • “Displaying VLAN forwarding database information” on page 107 • “Displaying forwarding database filter information” on page 108 • “Displaying VLAN static MAC information” on page 110 • “Displaying VLAN IGMP information” on page 110 • “Displaying VLAN port member status” on page 111 • “Displaying VLAN static multicast information” on page 112 • “Displaying the PID range for a user-defined VLAN” on page 112 • “Displaying VLAN IP information” on page 113
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
102 Chapter 2 Configuring and managing VLANs
• “Displaying VLAN RIP information” on page 114
Displaying all information about a VLAN
To display information about a specific VLAN, or all VLANs, use the following command.
show vlan info all [
where: by
Figure 29 and Figure 30 on page 104 show sample output from this command.
NN46208-500
Chapter 2 Configuring and managing VLANs 103
Figure 29 show vlan info all command
PP1648T:1# show vlan info all
======Vlan Basic ======VLAN VLAN STG ID NAME TYPE ID PROTOCOLID SUBNETADDR SUBNETMASK ------1 Default byPort 1 none N/A N/A 2 VLAN-2 byPort 1 none N/A N/A 3 VLAN-3 byProtocolId 1 ip N/A N/A 5 Security byProtocolId 1 ip N/A N/A 6 VLAN-6 byProtocolId 1 ip N/A N/A 7 VLAN-7 byProtocolId 1 userDefined N/A N/A
======Vlan Port ======VLAN PORT ACTIVE STATIC NOT_ALLOW ID MEMBER MEMBER MEMBER MEMBER ------1 1/2-1/48 1/2-1/48 2 3 1/1-1/8 1/1-1/8 1/1-1/8 5 1/1-1/4 1/1-1/4 1/1-1/4 6 7 1/8-1/16 1/1-1/48 1/8-1/16
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
104 Chapter 2 Configuring and managing VLANs
Figure 30 show vlan info all command
======Vlan Advance ======VLAN IF QOS MAC USER DYNAMIC- ID NAME INDEX LVL ADDRESS ACTION RESULT DEFINE MAC- PID QOSLEVEL ENCAP ------1 Default 2049 1 00:00:00: none none 0x0 disable 00:00:00 2 VLAN-2 2050 1 00:00:00: none none 0x1234 disable 00:00:00 3 VLAN-3 2051 1 00:00:00: none none 0x100 disable 00:00:00 5 Security2053 6 00:00:00: none none 0x115c disable 00:00:00
======Vlan Arp ======VLAN ID DOPROXY DORESP ------1 false true 2 false true 3 false true 5 false true 6 false true 7 false true ======Vlan Fdb ======VLAN MAC QOS ID STATUS ADDRESS INTERFACE MONITOR LEVEL ------2 mgmt 01:02:03:04:05:06 Port-1/2 true 1 3 mgmt 00:80:2d:83:be:de Port-1/4 true 1 3 mgmt 01:02:03:04:05:06 Port-1/32 true 0 5 mgmt 00:01:81:2c:92:01 Port-1/1 true 1
4 out of 4 entries in all fdb(s) displayed. ======Vlan Filter --More-- (q = quit)
NN46208-500
Chapter 2 Configuring and managing VLANs 105
Displaying a basic VLAN configuration
To display the basic configuration for all VLANs or a specific VLAN, use the following command.
show vlan info basic [
Figure 31 shows sample output for this command.
Figure 31 show vlan info basic command output
PP1648T:1# show vlan info basic
======Vlan Basic ======VLAN STG ID NAME TYPE ID PROTOCOLID SUBNETADDR SUBNETMASK ------1 Default byPort 1 none N/A N/A 2 VLAN-2 byPort 1 none N/A N/A 3 VLAN-3 byProtocolId 1 ip N/A N/A 5 Security byProtocolId 1 ip N/A N/A 6 VLAN-6 byProtocolId 1 ip N/A N/A 7 VLAN-7 byProtocolId 1 userDefined N/A N/A
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
106 Chapter 2 Configuring and managing VLANs
Displaying advanced VLAN information
To display additional parameters for a specific VLAN or all VLANs, enter the following command.
show vlan info advance [
If the MAC ADDRESS column for a VLAN displays all zeros, then no IP address is associated with that VLAN.
Figure 32 shows sample output for this command.
Figure 32 show vlan info advance command output
PP1648T:1# show vlan info advance
======Vlan Advance ======VLAN IF QOS MAC USER DYNAMIC- ID NAME INDEX LVL ADDRESS ACTION RESULT DEFINE MAC- ENCAP PID QOSLEVEL ------1 Default 2049 1 00:00:00:00:00:00 none none 0x0 disable 2 VLAN-2 2050 1 00:00:00:00:00:00 none none 0x1234 disable 3 VLAN-3 2051 1 00:00:00:00:00:00 none none 0x1000 disable llc 5 VLAN-5 2053 6 00:00:00:00:00:00 none none 0x115c disable all
NN46208-500
Chapter 2 Configuring and managing VLANs 107
Displaying VLAN ARP information
To display the ARP information for a specific VLAN, use the following command.
show vlan info arp [
Figure 33 shows sample output for this command.
Figure 33 show vlan info arp command output
PP1648T:1# show vlan info arp ======Vlan Arp ======VLAN ID DOPROXY DORESP ------1 false true 2 false true 3 false true 5 false true 6 false true 7 false true
Displaying VLAN forwarding database information
To display forwarding database information for the specified VLAN, enter the following command:
show vlan info fdb-entry
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
108 Chapter 2 Configuring and managing VLANs
Figure 34 shows sample output for this command.
Figure 34 show vlan info fdb-entry command output
PP1648T:1# show vlan info fdb-entry 5
======Vlan Fdb ======VLAN MAC QOS SMLT ID STATUS ADDRESS INTERFACE LEVEL REMOTE ------5 mgmt 00:01:81:2c:92:01 Port-1/1 1 true
1 out of 4 entries in all fdb(s) displayed.
Displaying forwarding database filter information
To display the forwarding database filters for a specific VLAN, use the following command.
show vlan info fdb-filter
Figure 35 shows sample output for this command.
Figure 35 show vlan info fdb-filter command output
PP1648T:1# show vlan info fdb-filter 3
======Vlan Filter ======VLAN MAC ID STATUS ADDRESS PORT DROP QOS ------3 permanent 01:02:03:04:05:06 1/6 dstOnly 1 PP1648T:1#
NN46208-500
Chapter 2 Configuring and managing VLANs 109
Displaying bridging counter statistics
To display bridging counter set statistics, use the following command:
show bridging-counter-set [
where
Bridging statistics contain the following information:
1 The total number of incoming packets. 2 The number of packets that are ingress filtered. This information appears only when you have specified a source port. 3 The number of packets that are security filtered (MAC SA/DA filtering, Locked port, MAC Range Filtering, Invalid SA). 4 The number of packets that are bridge filtered (packet is local to receive port, broadcast rate filtering, IP multicast filtering). This information appears only when you have specified a source port, or specified a source port and a VLAN.
Figure 36 shows sample output for this command.
Figure 36 show bridging-counter-set command output
PP1648T:1# config bridging-counter-set 2 create vlan 123 PP1648T:1# show bridging-counter-set 2
======Bridging Counter Set Statistics ======BRGIN VLAN ING SEC FIL LOC PROP FRAMES FIL DISC DISC DISC ------5990262 671 0 29405
SJ_PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
110 Chapter 2 Configuring and managing VLANs
Displaying VLAN static MAC information
To display static MAC information for a specific VLAN, use the following command:
show vlan info fdb-static
Figure 37 shows sample output for this command.
Figure 37 show vlan info fdb-static command output
PP1648T:1# show vlan info fdb-static 3
======Vlan Static ======VLAN MAC QOS ID STATUS ADDRESS PORT LEVEL ------3 permanent 00:01:81:2c:92:01 1/7 1
Displaying VLAN IGMP information
To display IGMP information for all VLANs or for a specific VLAN, use the following command.
show vlan info igmp [
NN46208-500
Chapter 2 Configuring and managing VLANs 111
Figure 38 shows sample output for this command.
Figure 38 show vlan info igmp command output
PP1648T:1# show vlan info igmp 6
======Vlan Ip Igmp ======VLAN QUERY ROBUST VERSION PROXY SNOOP FAST FAST ID INTVL SNOOP ENABLE LEAVE LEAVE ENABLE ENABLE PORTS ------6 125 2 2 false false false
PP1648T:1#
Displaying VLAN port member status
To display the status of port members for all VLANs on the switch or for a specific VLAN, use the following command.
show vlan info ports [
Figure 39 shows sample output for this command.
Figure 39 show vlan info ports command output
PP1648T:1# show vlan info ports 3
======Vlan Port ======VLAN VLAN PORT ACTIVE STATIC NOT_ALLOW ID NAME MEMBER MEMBER MEMBER MEMBER ------3 VLAN-3 1/6-1/7 1/6-1/7
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
112 Chapter 2 Configuring and managing VLANs
Displaying VLAN static multicast information
To display static multicast information for all VLANs or for a specific
VLAN, use the following command:
show vlan info static-mcast [
Figure 40 shows sample output for this command.
Figure 40 show vlan info static-mcast command output
PP1648T:1# show vlan info static-mcast
======Vlan Mcastmac ======VLAN_ID MAC_ADDRESS PORT_LIST MLT_GROUPS ------3 01:02:03:04:05:06 1/5 2
Total Entries: 1
Displaying the PID range for a user-defined VLAN
To display the PID range for a user-defined VLAN, use the following command:
show vlan info userdefined-advance [
NN46208-500
Chapter 2 Configuring and managing VLANs 113
Figure 41 shows sample output for this command.
Figure 41 show vlan info userdefined-advance command output
PP1648T:1# show vlan info userdefined-advance
======Vlan Advance User Defined ======VLAN ID PROTOCOL ID USER DEFINED PID RANGE ------10 UserDefined None
Number of protocol records used 3 Number of protocol records available 9
Displaying VLAN IP information
To display IP values for a VLAN, use the following command:
show vlan info ip
Figure 42 shows sample output for this command.
Figure 42 show vlan info ip command output
PP1648T:1# show vlan info ip 4
======Vlan Ip ======VLAN IP NET BCASTADDR REASM ID ADDRESS MASK FORMAT MAXSIZE ------4 192.20.20.20 255.255.255.0 ones 1500
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
114 Chapter 2 Configuring and managing VLANs
Displaying VLAN RIP information
To display RIP information for a VLAN, use the following command:
show vlan info rip
Figure 43 shows sample output for this command.
Figure 43 show vlan info rip command output
PP1648T:1# show vlan info rip 4
======Vlan Rip ======VLAN DEFAULT DEFAULT TRIGGERED AUTOAGG id ENABLE SUPPLY LISTEN UPDATE ENABLE SUPPLY LISTEN POISON ------4 false false false false false true true false
Displaying VLAN DHCP relay information
To display DHCP relay information for a VLAN, use the following command:
show vlan info dhcp-relay [
Displaying VLAN IGMP router discovery information
To display IGMP router discovery information for a VLAN, use the following command:
show vlan info igmp-mrdisc [
Displaying VLAN OSPF information
To display the OSPF configuration for all VLANs or for a specific VLAN, use the following command:
show vlan info ospf [
NN46208-500
Chapter 2 Configuring and managing VLANs 115
Displaying VLAN PIM information
To display information about the PIM-SM interface configuration for VLANs, use the following command:
show vlan info pim [
Displaying VLAN VRRP information
To display the VLAN VRRP information, use the following command:
show vlan info vrrp main [
To display the extended VRRP configuration for one specific VLAN or all VLANs, use the following command:
show vlan info vrrp extended [
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
116 Chapter 2 Configuring and managing VLANs
NN46208-500
117 Chapter 3 Configuring Spanning Tree Groups
This chapter contains information about configuring Spanning Tree Group (STG), and includes the following topics.
• “Roadmap of STG commands” on page 117 • “Spanning tree group commands” on page 121 • “Configuring STG for a port” on page 125 • “Monitoring port STP statistics” on page 129 • “Displaying STG information” on page 131 • “Selecting the Spanning Tree mode” on page 137 • “Configuring RSTP” on page 137 • “Configuring MSTP” on page 147
Roadmap of STG commands
The following are links to the STG commands used in this chapter.
Table 28 Roadmap of STG commands and parameters
Command Parameter config stg
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
118 Chapter 3 Configuring Spanning Tree Groups
Table 28 Roadmap of STG commands and parameters (continued)
Command Parameter info hello-interval
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 119
Table 28 Roadmap of STG commands and parameters (continued)
Command Parameter protocol-migration
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
120 Chapter 3 Configuring Spanning Tree Groups
Table 28 Roadmap of STG commands and parameters (continued)
Command Parameter msti
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 121
Spanning tree group commands
To configure a spanning tree group, use the following command:
config stg
Table 29 describes the parameters used with this command.
Table 29 config stg
Parameter Description
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
122 Chapter 3 Configuring Spanning Tree Groups
Table 29 config stg
Parameter Description forward-delay
Note: Disabling the Spanning Tree Protocol can reduce CPU overhead slightly. However, unless you are using the switch in a simple network with little possibility of having loops, Nortel recommends that you leave the Spanning Tree Protocol enabled.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 123
Creating a spanning tree group
To create a spanning tree group, use the following command:
config stg
Table 30 describes the parameters used with this command.
Table 30 config stg
Parameter Description
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
124 Chapter 3 Configuring Spanning Tree Groups
In Figure 44, spanning tree group 2 is created and associated with ports 1/1-1/4. STP is automatically enabled on all ports in the group by default. All other default STG settings are applied. The configuration is saved and then displayed.
Figure 44 config stg info command output
Passport-1648T:1# config stg 3 create 1/1-1/4 Passport-1648T:1# save config Save config to file config.cfg successful. Passport-1648T:1# config stg 3 info
Sub-Context: clear config monitor show test trace Current Context:
add ports : 1/1-1/4 create : 3 delete : N/A forward-delay : 1500 group-stp : true hello-interval : 200 max-age : 2000 priority : 32768 remove ports : N/A trap-stp : true type : normal tagged-bpdu-mac-address : 02:60:c2:00:00:00 nt-stg : enable
Passport-1648T:1#
Configuring STG global settings
To change the default MAC address from which BPDUs are sent, use the following command:
config sys set bpdu-mac-address-range
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 125
Table 31 describes the parameters used with this command.
Table 31 config sys set bpdu-mac-address-range command
Parameter Description
Configuring STG for a port
Ports must have tagging enabled to belong to multiple spanning tree groups.
Note: Nortel recommends that you enable FastStart as an alternative to disabling Spanning Tree Protocol on an individual port.
To configure spanning tree group port parameters, enter the following command:
config ethernet
Table 32 defines the parameters used with this command.
Table 32 config ethernet
Parameter Description ethernet
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
126 Chapter 3 Configuring Spanning Tree Groups
Table 32 config ethernet
Parameter Description faststart Enables or disables FastStart. When FastStart
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 127
In Figure 45, Fast Start is enabled on ports 1/1-1/4 in STG 3. The configuration is saved and then displayed.
Figure 45 config ethernet
Passport-1648T:1# config ethernet 1/1-1/4 stg 3 faststart enable Passport-1648T:1# save config Save config to file config.cfg successful. Passport-1648T:1# config ethernet 1/1-1/4 stg 3 info
Sub-Context: clear config monitor show test trace Current Context:
Port 1/1 : change-detection : enable faststart : enable pathcost : 100 priority : 128 stp : enable Port 1/2 : change-detection : enable faststart : enable pathcost : 100 priority : 128 stp : enable Port 1/3 : change-detection : enable faststart : enable pathcost : 100 priority : 128 stp : enable Port 1/4 : change-detection : enable faststart : enable pathcost : 100 priority : 128 stp : enable Passport-1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
128 Chapter 3 Configuring Spanning Tree Groups
Configuring STP topology change detection
Spanning Tree protocol Topology Change Detection is enabled by default so that, when a topology change occurs, a trap is sent containing the following information to aid in identifying the device:
• the MAC address of the STG sending the topology change notification (TCN) • the port number •the STG ID
For more information, see “Spanning Tree protocol topology change detection” on page 45.
To configure topology change detection, use the following command:
config ethernet
Table 33 defines the parameters used with this command.
Table 33 config ethernet stg change detection command
Parameter Description
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 129
In Figure 46, STP topology change detection is disabled on port 1/1 in STG 3. The configuration is saved and then displayed.
Figure 46 config ethernet
Passport-1648T:1# config ethernet 1/1 stg 3 change-detection disable Passport-1648T:1# save config Save config to file config.cfg successful. Passport-1648T:1# config ethernet 1/1 stg 3 info
Sub-Context: clear config monitor show test trace Current Context:
Port 1/1 : change-detection : disable faststart : enable pathcost : 100 priority : 128 stp : enable
Passport-1648T:1#
Monitoring port STP statistics
To monitor the real time Spanning Tree protocol statistics for a port, a group of ports, or all ports, use the following command:
show ports stats stg [
Figure 47 on page 130 shows sample output for this command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
130 Chapter 3 Configuring Spanning Tree Groups
Figure 47 show ports stats stg command output
Passport-1648T:1# show port stats stg 1/1-1/4
======Port Stats Stg ======PORT IN_CONFIG IN_TCN IN_BAD OUT_CONFIG OUT_TCN NUM BPDU BPDU BPDU BPDU BPDU ------1/1 0 0 0 0 0 1/2 0 0 0 0 0 1/3 0 0 0 0 0 1/4 0 0 0 0 0
Passport-1648T:1#
Table 34 describes the port Spanning Tree protocol statistics.
Table 34 Port Spanning Tree protocol statistics
Field Description Port Number The port number of the port for which this entry contains Spanning Tree Protocol management information In Config Bpdus The number of Config BPDUs received. In Tcn Bpdus The number of Topology Change Notification BPDUs received. In Bad Bpdus The number of unknown or malformed BPDUs received. Out Config Bpdus The number of Config BPDUs transmitted. Out Tcn Bpdus The number of Topology Change Notification BPDUs transmitted.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 131
Displaying STG information
This section includes the following topics:
• “Displaying STG configuration” on page 131 • “Displaying STG status” on page 132 • “Displaying basic port STG information” on page 134 • “Displaying additional port STG information” on page 136
Displaying STG configuration
To display STG configuration for a specific STG or all STGs, enter the following command:
show stg info config [
Figure 48 shows sample output for this command.
Figure 48 show stg info config command output
Passport-1648T:1# show stg info config
======Stg Config ======STG BRIDGE BRIDGE FORWARD ENABLE STPTRAP ID PRIORITY MAX_AGE HELLO_TIME DELAY STP TRAP NT-STG ------1 32768 2000 200 1500 true true enable 2 32768 2000 200 1500 true true enable 3 32768 2000 200 1500 true true enable
STG TAGGBPDU TAGGBPDU STG PORT ID ADDRESS VLAN_ID TYPE MEMBER ------1 01:80:c2:00:00:00 0 normal 1/1-1/15 2 01:80:c2:00:00:00 4002 normal 1/16-1/20 3 01:80:c2:00:00:00 4003 normal 1/21-1/25
Total number of STGs : 3 Passport-1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
132 Chapter 3 Configuring Spanning Tree Groups
Displaying STG status
To display the STG status for a specific STG or all STGs, use the following command.
show stg info status [
Figure 49 shows sample output for this command.
Figure 49 show stg info status command output
Passport-1648T:1# show stg info status
======Stg Status ======STG BRIDGE NUM PROTOCOL TOP ID ADDRESS PORTS SPECIFICATION CHANGES ------1 00:80:2d:df:90:01 40 ieee8021d 0 2 00:80:2d:df:90:02 8 ieee8021d 0 3 00:80:2d:df:90:03 4 ieee8021d 0
STG DESIGNATED ROOT ROOT MAX HELLO HOLD FORWARD ID ROOT COST PORT AGE TIME TIME DELAY ------1 80:00:00:80:2d:df:90:01 0 cpp 2000 200 100 1500 2 80:00:00:80:2d:df:90:02 0 cpp 2000 200 100 1500 3 80:00:00:80:2d:df:90:03 0 cpp 2000 200 100 1500
Total number of STGs : 3 Passport-1648T:1#
Table 35 describes the STG status fields.
Table 35 STG status fields
Field Description Bridge Address The MAC address used by this bridge when it must be referred to in a unique fashion. Num Ports The number of ports controlled by this bridging entity.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 133
Table 35 STG status fields (continued)
Field Description Protocol Specification An indication of what version of the Spanning Tree Protocol is being run. The IEEE 802.1d implementations will return ieee8021d. Top Changes A topology change trap is sent by a bridge when any of its configured ports transitions from the Learning state to the Forwarding state, or from the Forwarding state to the Blocking state. The trap is not sent if a new root trap is sent for the same transition. Implementation of this trap is optional. Designated Root The bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol as executed by this node. This value is used as the Root Identifier parameter in all Configuration Bridge PDUs originated by this node. Root Cost The cost of the path to the root as seen from this bridge. Root Port The port number of the port that offers the lowest cost path from this bridge to the root bridge. Max Age The maximum age of Spanning Tree Protocol information learned from the network on any port before it is discarded, in units of hundredths of a second. This is the actual value that this bridge is currently using. Hello Time The amount of time in hundredths of a second between transmission of config BPDUs by this node on any port when it is the root of the spanning tree. The default value is 200 (2 seconds). Hold Time The time interval in hundredths of a second during which no more than two Configuration bridge PDUs shall be transmitted by this node. The default value is 100 (1 second). Forward Delay The time interval in hundredths of a second that controls how fast a port changes its spanning state when moving toward the Forwarding state. The value determines how long the port stays in each of the Listening and Learning states, which precede the Forwarding state. This value is also used when a topology change has been detected and is under way, to age all dynamic entries in the Forwarding Database. [Note that this value is the one this bridge is currently using, in contrast to rcStgBridgeForwardDelay, which is the value that this bridge and all others would start using if/when this bridge were to become the root.] The default value is 1500 (15 seconds).
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
134 Chapter 3 Configuring Spanning Tree Groups
Displaying basic port STG information
To display basic port STG information about specific port(s) or about all ports, use the following command.
show ports info stg main [
Figure 50 shows sample output for this command.
Figure 50 show ports info stg main command output
Passport-1648T:1# show port info stg main 1/1-1/4
======Port Stg ======ENABLE FORWARD CHANGE SID PORT_NUM PRIO STATE STP FASTSTART PATHCOST TRANSITION DETECTION ------3 1/1 128 disabled true true 100 0 false 3 1/2 128 disabled true true 100 0 true 3 1/3 128 disabled true true 100 0 true 3 1/4 128 disabled true true 100 0 true
Passport-1648T:1#
See also“Displaying additional port STG information” on page 136.
Table 36 describes the STG Ports fields.
Table 36 Port STG fields
Field Description SID The STG identifier assigned to this port. Port Number The port number of the port for which this entry contains Spanning Tree Protocol management information. Priority The value of the priority field which is contained in the first octet of the (2 octet long) Port ID. The other octet of the Port ID is given by the value of rcStgPort.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 135
Table 36 Port STG fields (continued)
Field Description State The port’s current state as defined by the application of the Spanning Tree Protocol. • disabled (1) • blocking (2) • listening (3) • learning (4) • forwarding (5) • broken (6) This state controls what action a port takes on reception of the frame. If the bridge detects a malfunctioning port, it places that port into the Broken (6) state. EnableStp The STP state of the port. • Enabled—BPDUs are processed in accordance with STP. • Disabled—The port stays in a forwarding state, received BPDUs are dropped and not processed, and no BPDU is generated. FastStart When this flag is set, the port is moved straight to the Forwarding (5) state upon being enabled. • true (enables FastStart for the port) • false (default, disables FastStart for the port) Note: This setting is contrary to that specified in the IEEE 802.1D standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when the port is enabled through configuration. PathCost The contribution of this port to the path cost of paths toward the spanning tree root that includes this port. The 802.1D-1990 protocol recommends that the default value of this parameter be in inverse proportion to the speed of the attached LAN. ForwardTransitions The number of times this port has transitioned from the Learning state to the Forwarding state. ChangeDetection The change detection setting (true or false) for this port. Can only be configured on Access ports. If you enable change detection on an MLT with access ports, the setting is automatically applied to all ports in the MLT. See “Spanning Tree protocol topology change detection” on page 45.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
136 Chapter 3 Configuring Spanning Tree Groups
Displaying additional port STG information
To display additional port STG information about a specific port or about all ports, use the following command.
show ports info stg extended [
Figure 51 shows sample output for this command.
Figure 51 show ports info stg extended command output
Passport-1648T:1# show ports info stg extended 1/1-1/4
======Port Stg Extended ======
------DESIGNATED------SID PORT_NUM ROOT COST BRIDGE PORT ------3 1/1 00:00:00:00:00:00:00:00 0 00:00:00:00:00:00:00:00 00:00 3 1/2 00:00:00:00:00:00:00:00 0 00:00:00:00:00:00:00:00 00:00 3 1/3 00:00:00:00:00:00:00:00 0 00:00:00:00:00:00:00:00 00:00 3 1/4 00:00:00:00:00:00:00:00 0 00:00:00:00:00:00:00:00 00:00
Passport-1648T:1#
This information is less often used in switch monitoring than the information obtained with the command, “show ports info stg main [
Table 37 describes the STG Ports fields.
Table 37 Ports STG extended fields
Field Description SID The STG identifier assigned to this port. Port Number The port number of the port for which this entry contains Spanning Tree Protocol management information. Root The unique Bridge Identifier of the Bridge recorded as the Root in the Configuration BPDUs transmitted by the Designated Bridge for the segment to which the port is attached.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 137
Table 37 Ports STG extended fields (continued)
Field Description Cost The path cost of the Designated Port of the segment connected to this port. This value is compared to the Root Path Cost field in received bridge PDUs. Bridge The Bridge Identifier of the bridge that this port considers to be the Designated Bridge for this port’s segment. Port The Port Identifier of the port on the Designated Bridge for this port’s segment.
Selecting the Spanning Tree mode
There are three Spanning Tree modes:
• default (legacy) •RSTP •MSTP
Use the following command to set the Spanning Tree mode:
config bootconfig flags spanning-tree-mode
where: mstp|rstp|default are the Spanning Tree modes.
Configuring RSTP
To configure RSTP, use the following command:
config rstp
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
138 Chapter 3 Configuring Spanning Tree Groups
Table 38 describes the parameters associated with this command:
Table 38 config rstp command
Parameter Description force-version Maintains a backward compatibility with the IEEE 802.1d
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 139
Displaying RSTP configuration information
To display the RSTP-related configuration details, use the following command:
show rstp config
Figure 52 displays sample output from the show rstp config command.
Figure 52 show rstp config command
Passport-1648T:1# show rstp config
======RSTP Configuration ======Rstp Module Status : Enabled Priority : 32768 (0x8000) Stp Version : rstp Mode Bridge Max Age : 20 seconds Bridge Hello Time : 2 seconds Bridge Forward Delay Time : 15 seconds Tx Hold Count : 3 PathCost Default Type : 32-bit
Passport-1648T:1#
Displaying RSTP statistics
To display RSTP-related statistics, use the following command:
show rstp stats
Figure 53 on page 140 displays sample output from the show rstp stats command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
140 Chapter 3 Configuring Spanning Tree Groups
Figure 53 show rstp stats command
Passport-1648T:1# show rstp stats
======RSTP Statistics ======Rstp UP Count : 1 Rstp Down Count : 0 Count of Root Bridge Changes : 1 Stp Time since Topology change: 855 seconds Total No. of topology changes : 1 Passport-1648T:1#
Displaying RSTP status information
To display RSTP-related status information, use the following command:
show rstp status
Figure 54 displays sample output from the show rstp status command.
Figure 54 show rstp status command
Passport-1648T:1# show rstp status
======RSTP Status Information ======Designated Root : 80:00:00:80:2d:c0:90:01 Stp Root Cost : 200010 Stp Root Port : 1/48 Stp Max Age : 20 seconds Stp Hello Time : 2 seconds Stp Forward Delay Time : 15 seconds Passport-1648T:1#
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 141
Displaying information for RSTP ports configuration
To display RSTP-related port-level configuration details, use the following command:
show ports info rstp config
where:
Figure 55 displays sample output from the show ports info rstp config command.
Figure 55 show ports info rstp config command output
Passport-1648T:1# show ports info rstp config
======RSTP Port Configurations ======Port Number : 1/1 Port Priority : 128 (0x80) Port PathCost : 200000000 Port Protocol Migration : False Port Admin Edge Status : False Port Oper Edge Status : False Port Admin P2P Status : Auto Port Oper P2P Status : True Port Oper Protocol Version : Rstp
Displaying statistics for RSTP ports
To display RSTP-related port-level statistics, use the following command:
show ports info rstp stats
where:
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
142 Chapter 3 Configuring Spanning Tree Groups
Figure 56 displays sample output from the show ports info rstp stats command.
Figure 56 show ports info rstp stats command
Passport-1648T:1# show ports info rstp stats
======RSTP Port Statistics ======Port Number : 1/1 Number of Fwd Transitions : 1 Rx RST BPDUs Count : 0 Rx Config BPDU Count : 0 Rx TCN BPDU Count : 0 Tx RST BPDUs Count : 737 Tx Config BPDU Count : 0 Tx TCN BPDU Count : 0 Invalid RST BPDUs Rx Count : 0 Invalid Config BPDU Rx Count : 0 Invalid TCN BPDU Rx Count : 0 Protocol Migration Count : 0
Displaying the status of RSTP ports
To display RSTP-related status information for a port, or list of ports, use the following command:
show ports info rstp status
where: show ports info rstp status
Figure 57 on page 143 displays sample output from the show ports info rstp status command.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 143
Figure 57 show ports info rstp status command
Passport-1648T:1# show ports info rstp status
======RSTP Port Status (Port Priority Vector) ======Port Number : 1/1 Port Designated Root : 80:00:00:80:2d:c0:90:01 Port Designated Cost : 0 Port Designated Bridge : 80:00:00:80:2d:c0:90:01 Port Designated Port : 80:40
Displaying RSTP port role information
To display the role of RSTP ports, use the following command
show ports info rstp role
where:
Figure 58 on page 144 shows the output of the show ports info rstp role command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
144 Chapter 3 Configuring Spanning Tree Groups
Figure 58 show ports info rstp role command
Passport-1648T:1# show ports info rstp role 1/5-1/10
======RSTP Port Roles and States ======
Port-Index Port-Role Port-State PortSTPStatus PortOperStatus ------1/5 Disabled Discarding Enabled Disabled 1/6 Disabled Discarding Enabled Disabled 1/7 Disabled Discarding Enabled Disabled 1/8 Disabled Discarding Enabled Disabled 1/9 Disabled Discarding Enabled Disabled 1/10 Disabled Discarding Enabled Disabled
Passport-1648T:1#
Configuring RSTP on ports
To set the RSTP configuration for the port, use the following command:
config eth
where:
This command includes the following options:
config eth
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 145 config eth
Entering forcefalse indicates that the ports cannot be P2P ports.
Entering auto allows the ports to have P2P status whenever possible and operate as if their P2P status were true. If the ports cannot maintain this status (if the port is forced into half-duplex operation, for example) the port’s P2P status changes to operate as false.
The default setting for this parameter is auto. priority
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
146 Chapter 3 Configuring Spanning Tree Groups
config eth
RSTP and MSTP can interoperate with standard STP, however the benefits of RSTP and MSTP are not realized on ports where an 802.1d STP network connects to an 802.1w RSTP or 802.1s MSTP enabled network. Set protocol migration to true on ports that are connected to network segments that are capable of being upgraded to 802.1w RSTP or 802.1s MSTP on all, or some portion, of that network segment. stp
Figure 59 displays sample output from the config eth
Figure 59 config eth
PP1648T:1# config eth 1/5 rstp info Port 1/5 : edge-port : false p2p : auto protocol-migration : false priority : 128 (0x80) pathcost : 200000000 stp : enable
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 147
Configuring MSTP
To configure MSTP, use the following command:
config mstp
Table 39 describes the parameters associated with this command:
Table 39 config mstp command
Parameter Description hop-count
Configuring Common and Internal Spanning Tree
To configure MSTP CIST, use the following command:
config mstp cist
Table 40 describes the parameters associated with this command:
Table 40 config mstp cist command
Parameter Description force-version Specifies the Spanning Tree mode.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
148 Chapter 3 Configuring Spanning Tree Groups
Table 40 config mstp cist command (continued)
Parameter Description forward-delay This value controls how fast a port changes its spanning
Note: When using the force-version feature on switch A, changing from STP-compatible to either RSTP or MSTP results in switch A waiting to receive RSTP or MSTP BPDUs from switch B before sending back the corresponding RSTP or MSTP BPDUs. It continues to send STP-compatible BPDUs until it receives different RSTP or MSTP BPDUs from switch B. This is not the case for changing to other settings (such as MSTP to RSTP, RSTP to STP-compatible, and so on), where the correct BPDUs are sent out as soon as the change is done. If you want to force switch A to send out the new BPDU types immediately, the protocol-migration flag must be set to true.
Configuring Multiple Spanning Tree Instances
To configure MSTP MSTIs, use the following command:
config mstp msti
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 149
Table 41 describes the parameters associated with this command:
Table 41 config mstp msti command
Parameter Description info Displays current level parameter settings and next level directories. priority
Configuring the MSTP region
To configure the MSTP region on the switch, use the following command:
config mstp region
Table 42 describes the parameters associated with this command:
Table 42 config mstp region command
Parameter Description config-id-sel This is the Configuration Identifier Format Selector in use
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
150 Chapter 3 Configuring Spanning Tree Groups
Displaying MSTP configuration information
To display the MSTP-related VLAN, bridge-level, and region information, use the following command:
show mstp config
Figure 60 shows sample output of this command.
Figure 60 show mstp config
PP1648T:1# show mstp config
======MSTP Configurations ======Mstp Module Status : Enabled Number of Msti Supported : 64 Cist Bridge priority : 32768 (0x8000) Stp Version : Mstp Mode Cist Bridge Max Age : 20 seconds Cist Bridge Forward Delay : 15 seconds Tx Hold Count : 3 PathCost Default Type : 32-bit Max Hop Count : 2000 Msti Config Id Selector : 0 Msti Region Name : 00:80:2d:c0:90:01 Msti Region Version : 0 Msti Config Digest : ac:36:17:7f:50:28:3c:d4:b8:38:21:d8:ab:26:de:62
PP1648T:1#
Displaying MSTP instance status
To display the status of an MSTP instance, use the following command:
show mstp instance [
where [
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 151
Figure 61 shows sample output from this command.
Figure 61 show mstp instance command
PP1648T:1# show mstp instance
======MSTP Instance Status ======Instance Id : 5 Msti Bridge Regional Root : 80:00:00:0e:c0:83:10:01 Msti Bridge Priority : 32768 (0x8000) Msti Root Cost : 0 Msti Root Port : cpp Msti Instance Vlan Mapped : 125 Msti Instance Vlan Mapped2k : Msti Instance Vlan Mapped3k : Msti Instance Vlan Mapped4k : PP1648T:1#
Displaying MSTP statistics
To display statistics for MSTP, use the following command:
show mstp stats
Figure 62 on page 152 shows sample output from this command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
152 Chapter 3 Configuring Spanning Tree Groups
Figure 62 show mstp stats
PP1648T:1# show mstp stats
======MSTP Bridge Statistics ======Mstp UP Count : 1 Mstp Down Count : 0 Region Config Change Count : 0 Time since topology change : 6183 seconds Topology change count : 1 New Root Bridge Count : 2
PP1648T:1#
Displaying status information for MSTP
To display status information for MSTP, use the following command:
show mstp status
Figure 63 on page 153 shows sample output from this command.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 153
Figure 63 show mstp status command
PP1648T:1# show mstp status
======MSTP Status ======------Bridge Address : 00:0e:c0:83:10:01 Cist Root : 80:00:00:04:38:d5:9a:81 Cist Regional Root : 80:00:00:0e:c0:83:10:01 Cist Root Port : 1/48 Cist Root Cost : 200010 Cist Regional Root Cost : 0 Cist Instance Vlan Mapped : 1-1024 Cist Instance Vlan Mapped2k : 1025-2048 Cist Instance Vlan Mapped3k : 2049-3072 Cist Instance Vlan Mapped4k : 3073-4094 Cist Max Age : 20 seconds Cist Forward Delay : 15 seconds PP1648T:1#
Displaying MSTP port information
To display the MSTP CIST port, and MSTI port information, use the following command:
show port info mstp
This command includes the following parameters:
show port info mstp followed by: cistinfo [
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
154 Chapter 3 Configuring Spanning Tree Groups
show port info mstp followed by: ciststat [
Figure 64 on page 155 shows sample output of this command.
Note: Use the show port info mstp cistinfo and the show port info mstp mstiinfo commands to display the port priority vector. The port priority vector is the priority vector held for the port when the reception of BPDUs and any pending update of information is complete. The message priority vector is the priority vector conveyed in a received Configuration Message. If the message priority vector received in a Configuration Message from a Designated Port is superior, it replaces the current port priority vector. Therefore, when you show the port priority vector for a root port, the port priority of its corresponding Designated port (if superior) appears. To display information for the Bridge Regional RootId and the Root cost, use the show mstp status command.
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 155
Figure 64 show port info mstp command output
PP1648T:1# show port info mstp cistinfo 1/1
======MSTP Cist Port Information (Port Priority Vector) ======Port Number : 1/1 Cist Port Priority : 128 (0x80) Cist Port Designated Root : 80:00:00:0e:c0:83:10:01 Cist Port Designated Cost : 0 Cist Port Designated Bridge : 80:00:00:0e:c0:83:10:01 Cist Port Designated Port : 80:40 Cist Port Regional Root : 80:00:00:0e:c0:83:10:01 Cist Port Regional PathCost : 0 Cist Port Protocol Migration : False Cist Port Admin Edge Status : False Cist Port Oper Edge Status : False Cist Port Admin P2P Status : Auto Cist Port Oper P2P Status : True Cist Port Hello Time : 2 Cist Port Oper Proto-Version : Mstp
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
156 Chapter 3 Configuring Spanning Tree Groups
Configuring MSTP on ports
To configure the MSTP command on the port, use the following command:
config eth
where:
This command includes the following options:
config eth
NN46208-500
Chapter 3 Configuring Spanning Tree Groups 157 config eth
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
158 Chapter 3 Configuring Spanning Tree Groups
config eth
NN46208-500
159 Chapter 4 Configuring Link Aggregation
The 1600 Series switch supports both Multilink Trunking (MLT) and Distributed Multilink Trunking (DMLT). The MLT algorithm is supported on most of the Ethernet Routing Switch family of switches.
You can configure the Ethernet Routing Switch 1600 to use either MLT or MLT with LACP. To configure with MLT with LACP, see Chapter 5, “Configuring LACP on MLT,” on page 183.
This chapter describes the link aggregation (link aggregation) commands.
• “Roadmap of link aggregation commands” on page 160 • “Configuring a link aggregation group” on page 162 • “Adding VLANs and ports to an MLT” on page 164 • “Configuring rate limiting” on page 170 • “Configuring tagging for a link aggregation group” on page 171 • “Deleting a link aggregation group” on page 172 • “Monitoring link aggregation interface statistics” on page 172 • “Displaying link aggregation group information” on page 174
For a compete CLI command reference, see the publication, CLI Command Line Reference for the Ethernet Routing Switch 1600 Series (316862-D).
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
160 Chapter 4 Configuring Link Aggregation Roadmap of link aggregation commands
The following are commands described in this chapter for configuring link aggregation.
Command Parameter config mlt
NN46208-500
Chapter 4 Configuring Link Aggregation 161
Command Parameter config ethernet
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
162 Chapter 4 Configuring Link Aggregation
Configuring a link aggregation group
To configure a link aggregation group, use the following command:
config mlt
Table 43 describes the parameters used with this command.
Table 43 config mlt
Parameter Description
Example: creating a link aggregation group
To create a link aggregation group, use the following command:
config mlt
where
In Figure 65 on page 163, a link aggregation group is created and assigned MLT ID 1. Since a name is not assigned to the group, the switch assigns the default MLT name of MLT-1. The new link aggregation group is then saved and displayed.
NN46208-500
Chapter 4 Configuring Link Aggregation 163
Figure 65 config mlt
PP1648T:1# config mlt 1 create PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config mlt 1 info
Sub-Context: clear config monitor show test trace Current Context:
create : 1 delete : N/A name : MLT-1 nt-stg : enable perform-tagging : disable portmember :
PP1648T:1#
Example: changing the NTSTG mode
To enable the Cisco-compatible Spanning Tree mode, you must disable the NTSTG mode using the following command:
config mlt
where mid is a value that uniquely identifies the link aggregation group. When the NTSTG mode is disabled, the Cisco-compatible mode is automatically enabled.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
164 Chapter 4 Configuring Link Aggregation
Figure 66 shows the config mlt
Figure 66 config mlt
PP1648T:1# config mlt 1 ntstg disable PP1648T:1# config mlt 1 info
Sub-Context: clear config monitor show test trace Current Context:
create : 1 delete : N/A name : MLT-1 nt-stg : disable perform-tagging : disable portmember :
PP1648T:1#
Adding VLANs and ports to an MLT
To add a VLAN or port to an MLT, use the following command:
config mlt
Table 44 describes the parameters used with this command:
Table 44 config mlt
Parameter Description vlan
NN46208-500
Chapter 4 Configuring Link Aggregation 165
Example: adding ports to an MLT
In Figure 67, ports 1/1-1/4 are added to the previously created MLT-1, and the configuration is saved and displayed.
Figure 67 config mlt
PP1648T:1# config mlt 1 add ports 1/1-1/4 PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config mlt 1 info
Sub-Context: clear config monitor show test trace Current Context:
create : 1 delete : N/A name : MLT-1 nt-stg : enable perform-tagging : disable portmember : 1/1-1/4
PP1648T:1#
Example: adding VLANs to an MLT
In Figure 68 on page 166, VLAN 2 is added to previously created MLT-1, and the configuration is saved and displayed.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
166 Chapter 4 Configuring Link Aggregation
Figure 68 config mlt
PP1648T:1# config mlt 1 add vlan 2 PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config vlan 2 info
Sub-Context: clear config show test trace Current Context:
action : N/A add-mlt : 1 delete : N/A qoslevel : 1 dynamic-mac-qoslevel : disable name : Sales
PP1648T:1#
Removing VLANs and ports from an MLT
To remove a VLAN or port from an MLT, use the following command:
config mlt
Table 45 describes the parameters used with this command:
Table 45 config mlt
Parameter Description vlan
NN46208-500
Chapter 4 Configuring Link Aggregation 167
Example: removing ports from an MLT
In Figure 69, port 1/1 is removed from previously created MLT-1, and the configuration is saved and displayed.
Figure 69 config mlt
PP1648T:1# config mlt 1 remove ports 1/1 PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config mlt 1 info
Sub-Context: clear config monitor show test trace Current Context:
create : 1 delete : N/A name : MLT-1 nt-stg : enable perform-tagging : disable portmember : 1/2-1/4
PP1648T:1#
Example: removing VLANs from an MLT
In Figure 70 on page 168, VLAN 2 is removed from previously created MLT-1, and the configuration is saved and displayed.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
168 Chapter 4 Configuring Link Aggregation
Figure 70 config mlt
PP1648T:1# config mlt 1 remove vlan 2 PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config vlan 2 info
Sub-Context: clear config monitor show test trace Current Context:
action : N/A add-mlt : delete : N/A qoslevel : 1 dynamic-mac-qoslevel : disable name : Sales
PP1648T:1#
Configuring an Inter-Switch Trunk MLT
To configure an IST MLT, use the following commands:
config mlt
Table 46 describes the parameters used with this command:
Table 46 config mlt
Parameter Description create ip
NN46208-500
Chapter 4 Configuring Link Aggregation 169
Adding an MLT-based SMLT
.
Warning: Disable STP on Ethernet Routing Switch 1600 ports when configuring SMLT MLTs or LACP LAGs, in the MLT or LAG ( either triangle or square configurations), to achieve proper SMLT failovers. This can also include the edge switches in a triangle configuration.
To configure SMLT, use the following commands:
config mlt
Table 47 describes the parameters used with this command:
Table 47 config mlt
Parameter Description create smlt-id Creates a Split MLT.
Configuring a single port SMLT.
Warning: Disable STP on Ethernet Routing Switch 1600 ports when configuring SMLT MLTs or LACP LAGs, in the MLT or LAG (either triangle or square configurations), to achieve proper SMLT failovers. This can also include the edge switches in a triangle configuration.
Ports that are already configured as MLT or MLT-based SMLT cannot be configured as single port SMLT. You must first remove the split trunk and then reconfigure the ports as a single port SMLT.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
170 Chapter 4 Configuring Link Aggregation
To configure a single port SMLT, use the following command:
config ethernet
Table 48 describes the parameters used with this command:
Table 48 config ethernet
Parameter Description create Creates a single port SMLT. delete Deletes the single port SMLT you specify. info Displays information for the single port SMLT you specify.
Configuring rate limiting
In the 1600 Series switch, L2 broadcast and multicast rate limiting is supported on a per port basis and always includes both multicast and broadcast traffic. Broadcast and multicast traffic received on a given port is discarded when it exceeds the configured limit. On the 1600 Series switch, you can set the limit in a percentage of total link bandwidth from 1 to 100 percent of total traffic for both multicast and broadcast traffic individually. If rate limiting is enabled on an MLT port, the same settings will be applied to all ports in the MLT. Rate limiting counts broadcast and multicast together; there is no possibility to count them separately.
To enable rate limiting on a port, enter the following command:
config ethernet
Table 49 defines the parameters used with this command.
Table 49 Rate limiting command
Parameter Description
NN46208-500
Chapter 4 Configuring Link Aggregation 171
Configuring tagging for a link aggregation group
To configure tagging for the ports in a link aggregation group, use the following command:
config mlt
Table 50 defines the parameters used with this command.
Table 50 config mlt
Parameters Description
In Figure 71, tagging is enabled for the ports in previously-created MLT-1, and the configuration is saved and displayed.
Figure 71 config mlt
PP1648T:1# config mlt 1 perform-tagging enable PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config mlt 1 info
Sub-Context: clear config monitor show test trace Current Context:
create : 1 delete : N/A name : MLT-1 nt-stg : enable perform-tagging : enable portmember : 1/2-1/4
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
172 Chapter 4 Configuring Link Aggregation
Deleting a link aggregation group
To delete a link aggregation group, use the following command:
config mlt
where
In Figure 72, MLT 2 is deleted, and the configuration is saved and displayed.
Figure 72 config mlt
PP1648T:1# config mlt 2 delete PP1648T:1# save config Save config to file /flash/config.cfg successful. PP1648T:1# config mlt 2 info
Sub-Context: clear config monitor show test trace Current Context:
Mlt 2 is not created
PP1648T:1#
Monitoring link aggregation interface statistics
To monitor link aggregation interface statistics, use the following command.
show mlt stats [
Figure 73 on page 173 shows sample output for this command.
NN46208-500
Chapter 4 Configuring Link Aggregation 173
Figure 73 show mlt stats command output
PP1648T:1# show mlt stats
======Mlt Interface ======ID IN-OCTETS OUT-OCTETS IN-UNICST OUT-UNICST ------1 0 0 0 0 2 0 0 0 0 3 0 0 0 0
ID IN-MULTICST OUT-MULTICST IN-BROADCST OUT-BROADCST MT ------1 0 0 0 0 E 2 0 0 0 0 E 3 0 0 0 0 E
NOTE 1: MT - MLT Type, E - Ethernet
PP1648T:1#
Table 51 defines the link aggregation interface statistics displayed in Figure 73.
Table 51 MLT Interface Statistics definitions
Field Description In Octets The total number of octets received on the MLT interface, including framing characters. Out Octets The total number of octets transmitted out of the MLT interface, including framing characters. In Unicast The number of packets delivered by this MLT to higher level protocols that were not addressed to a multicast or broadcast address at this sublayer. Out Unicast The number of packets that higher-level protocols requested be transmitted and that were not addressed to a multicast address at this MLT. This total number includes those packets discarded or unsent. In Multicast The number of packets delivered to this MLT that were addressed to a multicast address at this sublayer. For a MAC layer protocol, this number includes both Group and Functional addresses.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
174 Chapter 4 Configuring Link Aggregation
Table 51 MLT Interface Statistics definitions (continued)
Field Description Out Multicast The total number of packets that higher-level protocols requested be transmitted, and that were addressed to a multicast address at this MLT, including those that were discarded or not sent. For a MAC layer protocol, this number includes both Group and Functional addresses. In Broadcast The number of packets delivered to this MLT that were addressed to a broadcast address at this sublayer. Out Broadcast The total number of packets that higher-level protocols requested be transmitted, and that were addressed to a broadcast address at this MLT, including those that were discarded or not sent.
Displaying link aggregation group information
This section describes link aggregation group show commands and includes the following topics:
• “Displaying all link aggregation group information” on page 175 • “Displaying information about collision errors” on page 176 • “Displaying information about Ethernet errors” on page 177 • “Displaying information about link aggregation interface utilization statistics” on page 179 • “Displaying information about IST MLTs” on page 180 • “Displaying information about SMLTs” on page 182
NN46208-500
Chapter 4 Configuring Link Aggregation 175
Displaying all link aggregation group information
To display information about all link aggregation groups, use the following command:
show mlt info
Figure 74 shows sample output for this command.
Figure 74 show mlt info command output
PP1648T:1# show mlt info
======Mlt Info ======MLT PORT MLT MLT PORT VLAN ID IFINDEX NAME TYPE ADMIN CURRENT MEMBERS IDS ------1 6144 MLT-1 access norm 1/1-1/4
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
176 Chapter 4 Configuring Link Aggregation
Displaying information about collision errors
To display information about collision errors, use the following command:
show mlt error collision [
Figure 75 shows sample output for this command.
Figure 75 show mlt error collision command output
PP1648T:1# show mlt error collision
======Mlt Collision Error ======MLT ------COLLISIONS------ID SINGLE MULTIPLE LATE EXCESSIVE ------1 0 0 0 0 2 0 0 0 0 3 0 0 0 0
PP1648T:1#
Table 52 defines the link aggregation collision errors.
Table 52 MLT collision errors
Collision Description Single A count of successfully transmitted frames on a particular MLT for which transmission is inhibited by exactly one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts object, the ifOutMulticastPkts object, or the ifOutBroadcastPkts object, and is not counted by the corresponding instance of the MultipleCollisionFrames object. Multiple A count of successfully transmitted frames on a particular MLT for which transmission is inhibited by more than one collision. A frame that is counted by an instance of this object is also counted by the corresponding instance of either the ifOutUcastPkts object, the ifOutMulticastPkts object, or the ifOutBroadcastPkts object, and is not counted by the corresponding instance of the SingleCollisionFrames object.
NN46208-500
Chapter 4 Configuring Link Aggregation 177
Table 52 MLT collision errors (continued)
Collision Description Late The number of times that a collision is detected on a particular MLT later than 512 bit-times into the transmission of a packet; 512 corresponds to 51.2 microseconds on a 10 Mb/s system. A (late) collision included in a count represented by an instance of this object is also considered as a (generic) collision for purposes of other collision-related statistics. Excessive A count of frames for which transmission on a particular MLT fails due to excessive collisions.
Displaying information about Ethernet errors
To display information about the types of Ethernet errors sent and received by a specific link aggregation group or all link aggregation groups, use the following command:
show mlt error main [
Figure 76 shows sample output for this command.
Figure 76 show mlt error main command
PP1648T:1# show mlt error main
======Mlt Ethernet Error ======MLT ALIGN FCS IMAC IMAC CARRIER FRAMES SQETEST DEFER ID ERROR ERROR TRNSMIT RECEIVE SENSE TOOLONG ERROR TRNSMSS ------1 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 3 0 0 0 0 0 0 0 0
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
178 Chapter 4 Configuring Link Aggregation
Table 53 defines the link aggregation Ethernet errors.
Table 53 MLT Ethernet Errors
Field Description Alignment Errors A count of frames received on a particular MLT that are not an integral number of octets in length and do not pass the FCS check. The count represented by an instance of this object is incremented when the alignmentError status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC. FCS Errors A count of frames received on an MLT that are an integral number of octets in length but do not pass the FCS check. The count represented by an instance of this object is incremented when the frameCheckError status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC. IMacTransmit Error A count of frames for which transmission on a particular MLT fails due to an internal MAC sublayer transmit error. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the LateCollisions object, the ExcessiveCollisions object, or the CarrierSenseErrors object. IMac Receive Error A count of frames for which reception on a particular MLT fails due to an internal MAC sublayer receive error. A frame is only counted by an instance of this object if it is not counted by the corresponding instance of either the FrameTooLongs object, the AlignmentErrors object, or the FCSErrors object. The precise meaning of the count represented by an instance of this object is implementation specific. In particular, an instance of this object may represent a count of receive errors on a particular interface that are not otherwise counted. Carrier Sense Error The number of times that the carrier sense condition was lost or never asserted when attempting to transmit a frame on a particular MLT. The count represented by an instance of this object is incremented at most once per transmission attempt, even if the carrier sense condition fluctuates during a transmission attempt.
NN46208-500
Chapter 4 Configuring Link Aggregation 179
Table 53 MLT Ethernet Errors (continued)
Field Description Frame Too Long A count of frames received on a particular MLT that exceed the maximum permitted frame size. The count represented by an instance of this object is incremented when the frameTooLong status is returned by the MAC service to the LLC (or other MAC user). Received frames for which multiple error conditions occur are, according to the conventions of IEEE 802.3 Layer Management, counted exclusively according to the error status presented to the LLC. SQE Test Errors A count of times that the SQE TEST ERROR message is generated by the PLS sublayer for a particular MLT. The SQE TEST ERROR message is defined in section 7.2.2.2.4 of ANSI/IEEE 802.3-1985 and its generation is described in section 7.2.4.6 of the same document. DeferredTransmissions A count of frames for which the first transmission attempt on a particular MLT is delayed because the medium is busy. The count represented by an instance of this object does not include frames involved in collisions.
Displaying information about link aggregation interface utilization statistics
To display link aggregation interface utilization statistics, use the following command:
monitor mlt stats interface utilization [
Figure 77 on page 180 shows sample output for this command.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
180 Chapter 4 Configuring Link Aggregation
Figure 77 monitor mlt stats interface utilization command
PP1648T:1# monitor mlt stats interface utilization
MLT INTERFACE UTILIZATION Monitor Interval: 5sec | Monitor Duration: 300sec ======MLT_ID IN_OCTETS OUT_OCTETS IN_UTIL(%) OUT_UTIL(%) ------1 0 0 0 0 2 0 0 0 0 3 0 0 0 0
PP1648T:1#
Table 54 defines the link aggregation interface utilization statistics.
Table 54 MLT interface utilization errors
Collision Description In Octets The total number of octets received on the MLT interface, including framing characters. Out Octets The number of packets delivered by this MLT to higher level protocols that were not addressed to a multicast or broadcast address at this sublayer. In Utilization Percentage of MLT interface in use for incoming data during the specified interval. Out Utilization Percentage of MLT interface in use for outgoing data during the specified interval.
Displaying information about IST MLTs
To display information about IST MLTs, use the following command:
show mlt ist info
To display information about IST MLT statistics, use the following command:
show mlt ist stat
NN46208-500
Chapter 4 Configuring Link Aggregation 181
Figure 78 shows sample output for this command.
Figure 78 show mlt ist stat command
PP1648T:1# show mlt ist stat ======Mlt IST Message Statistics ======PROTOCOL MESSAGE COUNT ------
Ist Down : 0 Hello Sent : 0 Hello Recv : 0 Learn MAC Address Sent : 0 Learn MAC Address Recv : 0 MAC Address AgeOut Sent : 0 MAC Address AgeOut Recv : 0 MAC Address Expired Sent : 0 MAC Address Expired Sent : 0 Delete Mac Address Sent : 0 Delete Mac Address Recv : 0 Smlt Down Sent : 0 Smlt Down Recv : 0 Smlt Up Sent : 0 Smlt Up Recv : 0 Send MAC Address Sent : 0
Send MAC Address Recv : 0 IGMP Sent : 0 IGMP Recv : 0 Port Down Sent : 0 Port Down Recv : 0 Request MAC Table Sent : 0 Request MAC Table Recv : 0 Unknown Msg Type Recv : 0
PP1648T:1#
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
182 Chapter 4 Configuring Link Aggregation
Displaying information about SMLTs
To display information about SMLTs, use the following command:
show mlt smlt info
Figure 79 shows sample output for this command.
Figure 79 show mlt smlt command
PP1648T:1# show mlt smlt info
======Mlt SMLT Info ======MLT SMLT ADMIN CURRENT ID ID TYPE TYPE ------3 3 smlt norm
PP1648T:1#
NN46208-500
183 Chapter 5 Configuring LACP on MLT
This chapter describes how to configure and manage the Link Aggregation Control Protocol (LACP) using the Command Line Interface (CLI).
You can configure the Ethernet Routing Switch 1600 to use either MLT or MLT with LACP. To configure with MLT only, see Chapter 4, “Configuring Link Aggregation,” on page 159.
Java Device Manager is not supported for LACP in software release 2.1.5.0. The commands for this feature are only available through CLI.
For conceptual information about VLANs, see See “Link Aggregation Control Protocol” on page 63.
Configuring LACP
• “Roadmap of LACP commands” on page 184 • “Configuring LACP on an MLT” on page 186 • “Configuring LACP on a port” on page 188
Configure the LACP to allow bundling of physical ports to form a single logical channel. This section describes how to configure global LACP parameters so you can enable or disable the LACP.
Changes to LACP made at the global level overrides and resets all port level settings.When the LACP system priority is set globally, it applies to all LACP-enabled aggregators and ports. When LACP is enabled on an aggregator or port, it uses the global system priority value.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
184 Chapter 5 Configuring LACP on MLT
LACP can be described in terms of link aggregation operations within a single system. You can configure a single piece of equipment so it contains more than one system (from the point of view of the link aggregation operation).
Configuration changes to LACP timers are not reflected immediately. LACP timers are not reset until the next time LACP is restarted globally or on a port. This ensures consistency with peer switches.
LACP limitations
The Ethernet Routing Switch 1600 LAG has the following limitations:
• A port can not be in two different trunk groups (LAG or MLT) simultaneously. • A port that is member of a MLT trunk will have Link Aggregation disabled. • A port that has Link Aggregation enable can not be member of a MLT trunk group • The maximum number of active links per LAG is 4. • All ports in the same MLT or LA group must be of the same media type (copper or fiber) and have same settings (speed and duplex). • An MLT or LA group cannot belong to multiple STGs unless tagging is enabled on the group. • A physical port cannot belong to more than one MLT or LA groups. • Both ends of the MLT or LA must support compatible STP algorithm.
Roadmap of LACP commands
The following are commands described in this chapter for configuring LACP.
Command Parameter config lacp info enable disable aggr-wait-time
NN46208-500
Chapter 5 Configuring LACP on MLT 185
Command Parameter system-priority
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
186 Chapter 5 Configuring LACP on MLT
Command Parameter key
Configuring LACP on an MLT
Warning: Disable STP on Ethernet Routing Switch 1600 ports when configuring SMLT MLTs or LACP LAGs, in the MLT or LAG (either triangle or square configurations), to achieve proper SMLT failovers. This can also include the edge switches in a triangle configuration.
Configure the LACP on an MLT to disable and enable LACP on the MLT.
Attach ports to an aggregator only if their system priorities are the same; otherwise, consider them to be operating in two different switches. You can attach ports to an aggregator only if their keys are the same.
To configure LACP on an MLT, use the following command:
config mlt
NN46208-500
Chapter 5 Configuring LACP on MLT 187
Table 55 describes the parameters used with this command.
Table 55 config mlt
Parameter Description clear-link-aggrgate Clears link aggregation information for a specific MLT. disable Disables LACP for a specific MLT. enable Enables LACP for a specific MLT. info Shows current level parameter settingsand next level directories. key
Configure LACP globally
To enable or disable LACP globally, use the following command:
config lacp
Table 56 describes the parameters used with this command.
Table 56 Config lacp command
Parameter Description info Shows the current level parameter settings and next level directories. enable Enables LACP. disable Disables LACP. aggr-wait-time Sets the aggregation wait time (in milliseconds) for a specific
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
188 Chapter 5 Configuring LACP on MLT
Table 56 Config lacp command
Parameter Description smlt-sys-id
Configuring LACP on a port
Configure LACP on a port to enable or disable LACP on the selected ports.
Changes made at the global level override and reset all port level settings. You can enable or disable LACP on selected ports. A port can operate in active or passive mode. You can configure LACP to use long timeout or short timeout. You can configure a port to be an individual or an aggregateable link.
To configure LACP on a port, use the following command:
config
Table 57 describes the parameters used with this command.
Table 57 config
Parameter Description aggregation Sets individual port or aggregation for a specific port type.
NN46208-500
Chapter 5 Configuring LACP on MLT 189
Table 57 config
Parameter Description fast-periodic-time Sets the fast-periodic time (in milliseconds) for a specific port type.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
190 Chapter 5 Configuring LACP on MLT
Table 57 config
Parameter Description system-priority Sets system priority for a specific port-type.
LACP show commands
LACP show commands displays LACP information.
• “Viewing MLT LACP configuration information for aggregators” on page 190 • “Viewing global LACP configuration information” on page 190 • “Viewing LACP configuration information” on page 191 • “Viewing LACP statistics information for each port” on page 192
Viewing MLT LACP configuration information for aggregators
View the MLT LACP configuration information per aggregator to obtain LACP configuration information per aggregator.
To view MLT LACP configuration information per aggregator, use the following command:
show mlt lacp info
Viewing global LACP configuration information
View global LACP configuration information so that you can display global LACP configuration information.
To view global LACP configuration information, use the following command:
show lacp info
NN46208-500
Chapter 5 Configuring LACP on MLT 191
Figure 80 shows sample output for this command.
Figure 80 Show lacp info command output
PP1648T:1/config# show lacp info
======Lacp Global Information ======SystemId: 00:0e:c0:83:10:00 SmltSystemId: 00:00:00:00:00:00 Lacp: enable system-priority: 32768 timeout: 3 fast-periodic-time: 1000 slow-periodic-time: 30000 aggr-wait-time: 2000
Viewing LACP configuration information
View LACP configuration information to determine the LACP parameters and to ensure your configuration is correct.
To view LACP configuration information, use the following command:
show ports info lacp
Table 58 describes the parameters used with this command.
Table 58 Show ports info lacp command
Parameter Description actor-admin [port
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
192 Chapter 5 Configuring LACP on MLT
Table 58 Show ports info lacp command
Parameter Description partner-admin [port Shows port LACP partner administrative information.
Viewing LACP statistics information for each port
View LACP statistics for each port to monitor LACP performance of the port.
To view LACP statistics information per port, use the following command:
show ports stats lacp [port
Table 59 describes the parameters used with this command.
Table 59 Show ports stats lacp command
Parameter Description PORT NUM Specifies the port number. port
NN46208-500
Chapter 5 Configuring LACP on MLT 193
Table 59 Show ports stats lacp command
Parameter Description TX MARKER PDU Specifies the number of marker PDUs transmitted on this aggregation port. TX MARKERRESPPDU Specifies the number of marker response PDUs transmitted on this aggregation port.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
194 Chapter 5 Configuring LACP on MLT
NN46208-500
195 Chapter 6 Configuration examples
This chapter provides configuration examples for common VLAN, spanning tree, and link aggregation tasks and includes the CLI commands you use to create the example configurations.
Note: For a complete description of the CLI commands you can use to configure specific VLAN, spanning tree, and link aggregation tasks, including those shown in this chapter, see the appropriate CLI chapters in this guide.
This chapter includes the following topics:
Topic Page Configuring 802.1Q VLAN Tagging 195 Configuring a Spanning Tree Group 196 VLAN configuration example 197 Configuring a MAC address filter 199 Setting unknown MAC discard 201 Configuring unknown MAC discard 203 Configuring MLT on the 1600 Series switch 205
Configuring 802.1Q VLAN Tagging
Configuring VLAN tagging on the 1600 Series switch is done on a per interface level. You can enable VLAN tagging by entering the following command:
• Passport-1648T:1# config ethernet
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
196 Chapter 6 Configuration examples
Figure 81 Configuring 802.1Q Tagging
Ethernet Routing Switch VLAN 2 1600 Series 3 Egress VLAN 3 Port 1 5 Q-tagged 7
VLAN 4
In this example, we will enable 802.1Q VLAN tagging on port 1/1 as it will be used as a trunk port for VLAN 2, 3 and 4 (see Figure 81).
To enable VLAN tagging on port 1/1, use the following command:
• Passport-1648T:1# config ethernet 1/1 perform-tagging enable
Configuring a Spanning Tree Group
The 1600 Series switch supports up to 64 STGs.
To add a new STG group, enter the following command:
• Passport-1648T:1# config stg <1-64> create
By default, the STG instance is enabled. If you want to disable an STG state, entering the following command:
• Passport-1648T:1# config stg <1-64> group-stp disable
To add new ports to the STG group, enter the following command:
• Passport-1648T:1# config stg <1-64> add ports
To remove ports from a STP group, enter the following command:
• Passport-1648T:1# config stg <1-64> remove ports
NN46208-500
Chapter 6 Configuration examples 197
To set the STP bridge priority, in decimal format, enter the following command (the range is 0 (highest) to 65535 (lowest priority), and the default is 32768):
• Passport-1648T:1# config stg <1-64> priority <0-65535>
Note: By default, the tagged BPDU VLAN ID for each STG instance is in the format '40xy' where xy is the STG instance number. For example, STG 23 will have a tagged BPDU VLAN ID of 4023.
VLAN configuration example
We will use the example in Figure 82 to accomplish the following:
• Configure VLAN 2 as a port-based VLAN with port members 1/1 and 1/3. • Configure VLAN 3 as an Appletalk protocol-based VLAN with port members 1/1 and 1/7. • Configure port 1/1 as a tagged port for VLANs 2 and 3. • Use the default STG 1 for VLAN 2. • Create a new STG 2 for VLAN 3.
Figure 82 VLAN configuration example
Ethernet Routing Switch VLAN 2 1600 Series 3
Port 1 Q-tagged 7
VLAN 3
Use the following commands:
To enable VLAN tagging on port 1/1, enter the following command:
• Passport-1648T:1# config ethernet 1/1 perform-tagging enable
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
198 Chapter 6 Configuration examples
Add VLAN 2.
1 Create VLAN 2 and add STG 1. Passport-1648T:1# config vlan 2 create byport 1 2 Add ports to VLAN 2. Passport-1648T:1# config vlan 2 ports add 1/1,1/3
Create STG 2 for VLAN 3.
1 Create STG 2. Passport-1648T:1# config stg 2 create
2 Add ports to STG 2. Passport-1648T:1# config stg 2 add ports 1/1,1/7
Add VLAN 3.
1 Create an Appletalk protocol-based VLAN 3, and add STG 2. Passport-1648T:1# config vlan 3 create byprotocol 2 appleTalk
2 Add ports to VLAN 3. Passport-1648T:1# config vlan 3 ports add 1/1,1/7
NN46208-500
Chapter 6 Configuration examples 199
Configuration file - VLAN example
The configuration file for the configuring VLANs example follows:
# PORT CONFIGURATION - PHASE I # ethernet 1/1 perform-tagging enable # # STG CONFIGURATION # stg 1 remove ports 1/7 stg 2 create stg 2 add ports 1/1,1/7 # # VLAN CONFIGURATION # vlan 1 ports remove 1/3,1/7 member portmember vlan 2 create byport 1 vlan 2 ports remove 1/1-1/2,1/4-1/48 member portmember vlan 2 ports add 1/1,1/3 member portmember vlan 3 create byprotocol 2 appleTalk vlan 3 ports remove 1/1-1/6,1/8-1/48 member portmember vlan 3 ports add 1/1,1/7 member portmember vlan 3 ports add 1/1,1/7 member static
Configuring a MAC address filter
We will use the example in Figure 83 on page 200 to accomplish the following:
• Drop the source MAC address 00:00:00:00:00:0a from VLAN 2. • Drop the destination MAC address 00:00:00:00:0b:01 from VLAN 3.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
200 Chapter 6 Configuration examples
Figure 83 MAC address configuration example
Ethernet Routing Switch VLAN 2 1600 Series 3
5 VLAN 3 7
VLAN 4
Use the follow commands:
1 Drop MAC source address from VLAN 2 on port 1/3. Passport-1648T:1# config vlan 2 fdb-filter add 00:00:00:00:00:0a port 1/3 drop srcOnly
2 Drop MAC destination address from VLAN 3 on port 1/5. Passport-1648T:1# config vlan 3 fdb-filter add 00:00:00:00:0b:01 port 1/5 drop dstOnly
Configuring rate limiting
In the example in Figure 84, we set the rate limit for traffic to 10 percent on port 1/3.
Figure 84 Rate limiting configuration example
Ethernet Routing Switch VLAN 2 1600 Series 3
5 VLAN 3 7
VLAN 4
NN46208-500
Chapter 6 Configuration examples 201
Use the following command:
• Passport-1648T:1# config ethernet 1/3 bcast-mcast-rate-limit 10 enable
Setting unknown MAC discard
On the 1600 Series switch, it is possible to set individual ports to discard packets that originate from a MAC address or are going to a MAC address that is not known to the switch. This feature is configured for each port using the following commands.
To activate unknown MAC discard, enter the following command:
• Passport-1648T:1# config ethernet
The number of MAC addresses can be specified by entering the following command:
• Passport-1648T:1# config ethernet
To manually learn unknown MAC addresses, enter the following command:
• Passport-1648T:1# config ethernet
To dynamically learn unknown MAC addresses, enter the following command:
• Passport-1648T:1# config ethernet
The MAC addresses can be learned in one of two ways:
1 The 1600 Series switch can learn the addresses, in “one shot”, until the table maximum is reached. Entries are never aged out.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
202 Chapter 6 Configuration examples
Passport-1648T:1# config ethernet
If you use the auto-learn mode, and after learning some addresses, the process can be enabled/disabled by the following command:
Passport-1648T:1# config ethernet
A MAC address can be removed from the address list using the following command:
Passport-1648T:1# config ethernet
In case of a violation, the port can be partitioned (disabled), using the following command:
Passport-1648T:1# config ethernet
In case of a violation, violation logging can be enabled using the following command:
Passport-1648T:1# config ethernet
NN46208-500
Chapter 6 Configuration examples 203
In case of a violation, an authentication trap can be sent using the following command:
Passport-1648T:1# config ethernet
Note: To bring the port back up, the selected port must be manually enabled, or the switch must be rebooted.
Configuring unknown MAC discard
We will use the example in Figure 85 to enable MAC security to allow servers 1–4 to accomplish the following:
• Use unknown MAC discard auto-learn to automatically learn the MAC addresses of servers 1–3. • Enter a static MAC entry for server 4. • Enable violation logging on port 1/1. • Enable send violation traps on port 1/1.
Figure 85 Unknown MAC discard configuration example
Server 1 (MAC: 00.00.00.00.00.0a) Ethernet Routing Server 2 (MAC: 00.00.0a.00.00.02) Switch Server 3 (MAC: 00.00.0a.00.00.03) 1600 Series 3
3
Server 4 (MAC: 00.00.0b.00.00.01)
Use the following configuration steps:
1 Set up MAC security for port 1/1 and activate unknown MAC discard:
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
204 Chapter 6 Configuration examples
Passport-1648T:1# config ethernet 1/1 unknown-mac-discard activation enable
2 Set unknown MAC discard to autolearn: Passport-1648T:1# config ethernet 1/1 unknown-mac-discard autolearn enable
3 Set the unknown MAC discard limit to three addresses: Passport-1648T:1# config ethernet 1/1 unknown-mac-discard max-mac-count 3
4 Enable unknown MAC discard logging: Passport-1648T:1# config ethernet 1/1 unknown-mac-discard violation-logging enable
5 Enable the sent violation trap: Passport-1648T:1# config ethernet 1/1 unknown-mac-discard violation-sendAuthenticationTrap enable
6 Once the MAC address has been learned, lock the MAC address learning: Passport-1648T:1# config ethernet 1/1 unknown-mac-discard lock-autolearn-mac enable
7 Set up MAC security for port 1/1, and activate unknown MAC discard: Passport-1648T:1# config ethernet 1/3 unknown-mac-discard activation enable
8 Set the unknown MAC discard static entry: Passport-1648T:1# config ethernet 1/3 unknown-mac-discard add-allow-mac 00:00:0b:00:00:01
NN46208-500
Chapter 6 Configuration examples 205
Configuration file - Unknown MAC Discard
The configuration file for configuring the unknown MAC discard example follows:
ethernet 1/1 unknown-mac-discard activation enable ethernet 1/1 unknown-mac-discard autolearn enable ethernet 1/1 unknown-mac-discard autolearn-mode one-shot ethernet 1/1 unknown-mac-discard lock-autolearn-mac enable ethernet 1/1 unknown-mac-discard violation-sendAuthenticationTrap enable ethernet 1/1 unknown-mac-discard max-mac-count 3 ethernet 1/1 unknown-mac-discard add-allow-mac 00:00:00:00:00:0a auto ethernet 1/1 unknown-mac-discard add-allow-mac 00:00:0a:00:00:02 auto ethernet 1/1 unknown-mac-discard add-allow-mac 00:00:0a:00:00:03 auto ethernet 1/3 unknown-mac-discard activation enable ethernet 1/3 unknown-mac-discard autolearn-mode one-shot ethernet 1/3 unknown-mac-discard max-mac-count 2048 ethernet 1/3 unknown-mac-discard add-allow-mac 00:00:0b:00:00:01
Configuring MLT on the 1600 Series switch
The 1600 Series switch supports the MLT algorithm. MLT can be used to connect to a server with a multiport Network Interface Card (NIC). It can also be used to connect to other switches supporting 802.1ad static mode or other proprietary aggregation methods such as EtherChannel. Up to four ports are supported for each link aggregation group, up to seven link aggregation groups for Gigabit Ethernet ports, and up to seven link aggregation groups for Fast Ethernet.
As with the Ethernet Routing Switch 8600, the 1600 Series switch has the following limitations:
• All ports in an MLT group must have the same media type and same settings (speed and duplex). • A physical port cannot belong to more than one MLT group. • All ports in an MLT must use the same STG if untagged; if tagged, they can belong to multiple STGs.
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
206 Chapter 6 Configuration examples
Configuring an MLT
We will use the example in Figure 86 to create the following:
• A trunk MLT group between the 1600 Series switch and the Ethernet Routing Switch 8600 with four GigE ports 1/49-1/52. • An access MLT group between the 1600 Series switch and the server with two Fast Ethernet ports 1/3 and 1/4. • VLAN 2 with STG 2 for all ports
Figure 86 MLT configuration example
Ethernet Routing Ethernet Routing Switch Server Switch 8600 1600 Series Port 49 50 3 51 4 52
Q-tagged Non-Q-tagged MLT Type = Trunk MLT Type = Access
Use the following commands:
To enable VLAN tagging on GigE ports 1/49-1/52, use the following command:
• Passport-1648T:1# config ethernet 1/49-1/52 perform-tagging enable
Add VLAN 2.
1 Create VLAN 2 and add STG 2. Passport-1648T:1# config vlan 2 create byport 2
2 Add ports to VLAN 2. Passport-1648T:1# config vlan 2 ports add 1/3,1/4,1/49-1/52
NN46208-500
Chapter 6 Configuration examples 207
Create an MLT Trunk group.
1 Create the MLT. Passport-1648T:1# config mlt 2 create
2 Add port and VLAN members to MLT 2. Passport-1648T:1# config mlt 2 add ports 1/49-1/52
Passport-1648T:1# config mlt 2 add vlan 2
3 Configure MLT 2 as a trunk. Passport-1648T:1# config mlt 2 perform-tagging enable
Create an MLT access group.
1 Create MLT 1 for the Server. Passport-1648T:1# config mlt 1 create
2 Add ports and VLAN members. Passport-1648T:1# config mlt 1 add ports 1/3,1/4
Passport-1648T:1# config mlt 1 add vlan 2
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
208 Chapter 6 Configuration examples
Configuration file - MLT example
The configuration file for the configuring the MLT example follows:
# # MLT CONFIGURATION # mlt 1 create mlt 1 add ports 1/3,1/4 mlt 2 create mlt 2 add ports 1/49-1/52 mlt 2 perform-tagging enable # # STG CONFIGURATION # spanning-tree stp 1 add-ports 1/3,1/4,1/49-1/52 # # VLAN CONFIGURATION # vlan 1 ports remove 1/3,1/4,1/49-1/52 member portmember vlan 2 create byport 1 vlan 2 add-mlt 1 vlan 2 add-mlt 2 vlan 2 ports remove 1/1-1/2,1/5-1/48 member portmember vlan 2 ports add 1/3,1/4,1/49-1/52 member portmember # # PORT CONFIGURATION - PHASE II # ethernet 1/49 default-vlan-id 2 ethernet 1/50 default-vlan-id 2 ethernet 1/51 default-vlan-id 2 ethernet 1/52 default-vlan-id 2 config terminal
NN46208-500
Chapter 6 Configuration examples 209
SMLT triangle configuration example
This configuration example shows how to create an SMLT triangle using three Ethernet Routing Switch 8300 Switch switches and a VLAN (VLAN 10), which is used to carry user traffic (see Figure 87).
Figure 87 SMLT triangle configuration example
S1
MLT 1 1/17 1/1 (SMLT ID = 1) SMLT
VLAN 10 VLAN 10 1/1 MLT 5 1/1 S2 S3 1/2,1/3 1/2,1/3
.1 1.1.1.0/30 .2
IST VLAN 1900 VLAN 10 Legend
Ethernet Routing Switch 1600 Series 11341GA
The following sections provide step-by-step procedures that show how to configure switch S1, S2, and S3 for this example.
Configure S2
1 Disable the control packet rate limit for ports 1/2 and 1/3: Passport-1648T:1# config ether 1/2,1/3 cp-limit disable
2 Create IST VLAN 1900: Passport-1648T:1# config vlan 1900 create byport 1
3 Create VLAN 10: Passport-1648T:1# config vlan 10 create byport 1
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
210 Chapter 6 Configuration examples
4 Create MLT 5 and add ports 1/2 and 1/3 as MLT port members: Passport-1648T:1# config mlt 5 create Passport-1648T:1# config mlt 5 add ports 1/2,1/3
5 Enable tagging on MLT 5: Passport-1648T:1# config mlt 5 perform-tagging enable
6 Add VLAN 1900 and VLAN 10 to MLT 5: Passport-1648T:1# config mlt 5 add vlan 1900 Passport-1648T:1# config mlt 5 add vlan 10
7 Configure a VLAN ID for VLAN 1900: Passport-1648T:1# config vlan 1900 ip create 1.1.1.1/30
8 Create IST MLT 5 and add VLAN 1900: Passport-1648T:1# config mlt 5 ist create ip 1.1.1.2 vlan-id 1900
9 Create an SMLT: Passport-1648T:1# config mlt 1 create Passport-1648T:1# config mlt 1 smlt create smlt-id 1 Passport-1648T:1# config mlt 1 perform-tagging enable Passport-1648T:1# config mlt 1 add vlan 10 Passport-1648T:1# config mlt 1 add ports 1/1 Passport-1648T:1# config ether 1/1 untagged-frames-discard enable
Configure S3
1 Disable the control packet rate limit for ports 1/2 and 1/3: Passport-1648T:1# config ether 1/2,1/3 cp-limit disable
2 Create IST VLAN 1900: Passport-1648T:1# config vlan 1900 create byport 1
3 Create VLAN 10: Passport-1648T:1# config vlan 10 create byport 1
NN46208-500
Chapter 6 Configuration examples 211
4 Create MLT 5 and add ports 1/2 and 1/3 as MLT port members: Passport-1648T:1# config mlt 5 create Passport-1648T:1# config mlt 5 add ports 1/2,1/3
5 Enable tagging on MLT 5: Passport-1648T:1# config mlt 5 perform-tagging enable
6 Add VLAN 1900 and VLAN 10 to MLT 5: Passport-1648T:1# config mlt 5 add vlan 1900 Passport-1648T:1# config mlt 5 add vlan 10
7 Configure a VLAN ID for VLAN 1900: Passport-1648T:1# config vlan 1900 ip create 1.1.1.2/30
8 Create IST MLT 5 and add VLAN 1900: Passport-1648T:1# config mlt 5 ist create ip 1.1.1.1 vlan-id 1900
9 Create an SMLT: Passport-1648T:1# config mlt 1 create Passport-1648T:1# config mlt 1 smlt create smlt-id 1 Passport-1648T:1# config mlt 1 perform-tagging enable Passport-1648T:1# config mlt 1 add vlan 10 Passport-1648T:1# config mlt 1 add ports 1/1 Passport-1648T:1# config ether 1/1 untagged-frames-discard enable
Configure S1
1 Create VLAN 10: Passport-1648T:1# config vlan 10 create byport 1
2 Create MLT 1 and add ports 1/1 and 1/17 as MLT port members: Passport-1648T:1# config mlt 1 create Passport-1648T:1# config mlt 1 add ports 1/1,1/17 Passport-1648T:1# config ether 1/1,1/17 untagged-frames-discard enabled
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
212 Chapter 6 Configuration examples
3 Add VLAN 10 to MLT 1: Passport-1648T:1# config mlt 1 add vlan 10
NN46208-500
213 Index
A DesignatedPort field 137 DesignatedRoot field 136 algorithm, link aggregation traffic distribution 52 AlignmentErrors field 178 E B EnableStp field 135 Ethernet errors 177 baby giant frames 37 ExcessiveCollisions field 177, 180 Bridge Address 132
C F FastStart field 135 CarrierSenseErrors field 178 FastStart, enabling 126 change detection about 45 FCSErrors field 178 configure (CLI) 128 Forward Delay 133 rules 45 ForwardTransitions field 135 collision errors, MLT 176 frame config ethernet commands protocol-based VLAN 38 stg 125 FrameTooLongs field 179 config mlt commands config mlt add 171 H config stg commands options 121, 123 Hello Time 133 config vlan commands Hold Time 133 ip 87, 88 conventions, text 23 I Id field, link aggregation group 162, 171 D IEEE DeferredTransmissions field 179 802.1D 41 802.1Q 37, 53 Designated Root 133 InBroadcastPkt field 174 DesignatedBridge field 137 InMulticastPkt field 173 DesignatedCost field 137
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
214 Index
InOctets field 173 O InternalMacReceiveErrors field 178 OutBroadcast field 174 InternalMacTransmitErrors field 178 OutMulticastPkt field 174 InUcastPkts field 173 OutOctets field 173 IP subnet-based VLANs 35, 78 OutUcastPkts field 173
L P LACP 63, 183 PathCost field 135 LACP on MLT 186 PID LateCollisions field 177, 180 DSAP value 34 legacy STP, interoperability 47 Ethernet SNAP 34 link aggregation Ethernet type 2 34 BPDUs 56 invalid for user-defined protocol VLAN 34 client/server configuration 55 policy-based VLAN, about 32 IEEE 802.1Q tagging 53 Port field 134, 136 IP addresses 53 port-based VLAN MAC addresses 53 about 31 media type 53 port aggregation 52 Priority field 134 rules 53 Protocol Identifier. See PID supported media 53 Protocol Specification 133 switch-to-server configuration 54 protocol-based VLAN switch-to-switch configuration 53 about 32 traffic distribution algorithm 52 Link Aggregation Control Protocol 63 Q M QoS (quality of service) level, setting 84 Max Age 133 R MLT, See link aggregation Rapid Spanning Tree Protocol 45 monitor mlt command link aggregation interface utilization 179 Root Cost 133 MSTP 46 Root Port 133 Multiple Spanning Tree Protocol 46 RSTP 45 MultipleCollisionFrames field 176, 180 S N show mlt commands error collision 175, 176 nontagged ports 37 error main 177 NumPorts field 132
NN46208-500
Index 215
stats 172 configure ports 125 show ports commands StgId field 134, 136 info STP 41 stg extended 136 blocking state 42 stg main 134 bridge forward delay timer 43 stats, stg 129 bridge hello timer 43 show stg commands bridge protocol data units (BPDUs) 43 info config 131 disabling 43 info status 132 enabling 43 show vlan info commands IEEE 802.1D standard 41 advance 106 multiple spanning tree groups 42 arp 107 overview 41 basic 105 spanning tree algorithm 41 fdb-entry 107 Spanning Tree FastStart 43 fdb-filter 108 spanning tree groups 42 ports 111, 112 tagged BPDUs 43 userdefined-advance 112 topology change detection about 45 single port SMLT configure (CLI) 128 about 58 rules 45 SingleCollisionFrames field 176, 180 SMLT T advantages 58 reroutes failures quickly 58 tagged frame 38 transparent and interoperable solution 58 tagged port 37 single point of failure elimination 58 tagging, on MLT ports 162 single port about 58 text conventions 23 STP convergence resolution 58 topology change detection spanning tree group. See STG commands about 45 configure (CLI) 128 spanning tree groups rules 45 limitations 44 with VLANs 44 Topology Changes 133 Spanning Tree Protocol traffic distribution algorithm, link aggregation 52 configuring topology change detection 128 Spanning Tree Protocol. See STP U SQETestErrors field 179 untagged frames 38 State field 135 user-defined protocol-based VLAN statistics about 34 STG 132 STG commands
Configuring VLANs, Spanning Tree, and Link Aggregation using the CLI
216 Index
V VLAN coordinated across multiple switches 36 default 39 enabling tagging 41 ID, in source frame tag 36 in spanning tree groups 44 IPX protocol 33 multiplex traffic 37 overview 29 policy-based, about 32 port-based, about 31 protocol-based, about 32 rules 41 spanning multiple switches 30 tagged port 41 tagging, about 36 unassigned 39 untagged port 41 user-defined about 34 invalid PIDs for 34 VLAN commands configure IP 87, 88
NN46208-500