Page 1 H3C S5830V2 & S5820V2 Switch Series Layer 2 LAN Switching Configuration Guide — Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 23xx Document version: 6W102-20150315...
Page 2 Copyright © 2014-2015, Hangzhou H3C Technologies Co., Ltd. and its licensors All rights reserved No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of Hangzhou H3C Technologies Co., Ltd.
Page 3 The H3C S5830V2 & S5820V2 documentation set includes 16 configuration guides. These guides describe the software features for the H3C S5830V2 & S5820V2 Switch Series and guide you through the software configuration procedures. These guides also provide configuration examples to help you apply software features to different network scenarios.
Page 4 Configuration guide Added and modified features Service loopback group Modified features: Configuring service loopback groups. Release 2310 contains the following changes to LAN switching features over Release 2307: Configuration guide Added and modified features MAC address table Modified features: Enabling MAC address move notifications. Added features: Configuring many-to-one VLAN mapping in a VLAN mapping network with static IP address assignment.
Page 5 Configuration guide Added and modified features Added features: • Configuring the expected bandwidth of an interface. • Configuring Layer 3 aggregate group. • Configuring an edge aggregate interface. • Configuring LACP operating mode. • Configuring Layer 3 aggregate subinterface. Ethernet link aggregation •...
Page 6: Command Conventions
Configuration guide Added and modified features Added features: • Configuring the LLDP bridge mode. • Configuring the token bucket size for sending LLDPDUs. • Setting the interval for fast LLDPDU transmission. • Configuring LLDP in Layer 2 aggregate interface view, Layer 3 aggregate interface view, Layer 3 Ethernet interface view, or management Ethernet interface view.
Page 7: Documentation Set
Port numbering in examples The port numbers in this document are for illustration only and might be unavailable on your switch. About the H3C S5830V2 & S5820V2 documentation set The H3C S5830V2 & S5820V2 documentation set includes: Category Documents Purposes...
Page 8: Obtaining Documentation
Category Documents Purposes Provides a complete guide to hardware installation Installation guide and hardware specifications. H3C LSWM1HFANSC & Provides the physical views, specifications, LSWM1HFANSCB Fan installation procedures, and removal procedures for Assemblies Installation hot-swappable fan assemblies. H3C LSVM1FANSC & Provides the physical views, specifications,...
Page 9: Documentation Feedback
Documentation feedback You can e-mail your comments about product documentation to info@h3c.com. We appreciate your comments.
Page 10: Table Of Contents
Contents Configuring Ethernet interfaces ··································································································································· 1 Configuring a management Ethernet interface ·············································································································· 1 Ethernet interface naming conventions ··························································································································· 1 Configuring common Ethernet interface settings ··········································································································· 1 Splitting a 40-GE interface and combining 10-GE breakout interfaces ····························································· 2 ...
Page 11 Configuring the aging timer for dynamic MAC address entries ··············································································· 28 Configuring the MAC learning limit on an interface·································································································· 29 Configuring the device to forward unknown frames after the MAC learning limit on an interface is reached ··· 29 ...
Page 12 Configuring load sharing for link aggregation groups ······························································································ 59 Setting load sharing modes for link aggregation groups ················································································· 59 Enabling local-first load sharing for link aggregation ······················································································· 60 Configuring per-flow load sharing algorithm settings for Ethernet link aggregation ····································· 61 ...
Page 13 Configuration procedure ···································································································································· 102 Setting the timeout factor ············································································································································· 102 Configuring the BPDU transmission rate ···················································································································· 103 Configuring edge ports ··············································································································································· 103 Configuration restrictions and guidelines ········································································································· 103 Configuration procedure ···································································································································· 104 Configuring path costs of ports ·································································································································· 104 ...
Page 14 Loop protection actions ······································································································································· 131 Port status auto recovery ····································································································································· 132 Loop detection configuration task list ························································································································· 132 Enabling loop detection ·············································································································································· 132 Enabling loop detection globally ······················································································································· 132 Enabling loop detection on a port ····················································································································· 132 ...
Page 15 Private VLAN configuration examples ······················································································································· 165 Private VLAN configuration example in promiscuous mode ·········································································· 165 Private VLAN configuration example in trunk promiscuous mode ································································· 168 Private VLAN configuration example in trunk promiscuous and trunk secondary modes ··························· 171 ...
Page 16 Configuring many-to-one VLAN mapping in a network with static IP address assignment ························· 215 Configuring one-to-two VLAN mapping ···················································································································· 217 Configuring two-to-two VLAN mapping ····················································································································· 218 Displaying and maintaining VLAN mapping ············································································································ 219 VLAN mapping configuration examples ··················································································································· 219 ...
Page 17 Configuring APP parameters ······························································································································ 255 Configuring ETS parameters ······························································································································ 257 Configuring PFC parameters ······························································································································ 258 Configuring the DCBX version ··························································································································· 259 Configuring LLDP trapping and LLDP-MED trapping ································································································ 260 Displaying and maintaining LLDP ······························································································································· 261 ...
Page 18: Configuring Ethernet Interfaces
Configuring Ethernet interfaces The switch series supports Ethernet interfaces, management Ethernet interfaces, Console interfaces, and USB interfaces. For the interface types and the number of interfaces supported by a switch model, see the installation guide. This document describes how to configure management Ethernet interfaces and Ethernet interfaces. Configuring a management Ethernet interface A management interface uses an RJ-45 connector.
Page 19: Splitting A 40-Ge Interface And Combining 10-Ge Breakout Interfaces
Splitting a 40-GE interface and combining 10-GE breakout interfaces Splitting a 40-GE QSFP+ interface into four 10-GE breakout interfaces You can use a 40-GE QSFP+ interface as a single interface. To improve port density, reduce costs, and improve network flexibility, you can also split a 40-GE QSFP+ interface into four 10-GE breakout interfaces.
Page 20: Configuring Basic Settings Of An Ethernet Interface
Step Command Remarks After creating the 40-GE interface, the system removes the four 10-GE breakout interfaces. After you combine the four 10-GE breakout interfaces, replace the Reboot the device. dedicated 1-to-4 cable with a dedicated 1-to-1 cable or a 40-GE transceiver module.
Page 21: Configuring The Link Mode Of An Ethernet Interface
Step Command Remarks Create an Ethernet interface interface-type subinterface and enter interface-number.subnumber its view. The default setting is in the format of interface-name Interface. For Set the subinterface description text example, description. Ten-GigabitEthernet1/0/1.1 Interface. Restore the default settings for the Ethernet default subinterface.
Page 22: Configuring Physical State Change Suppression On An Ethernet Interface
Forwards jumbo frames within the specified length. Discards jumbo frames exceeding the specified length without further processing. To configure jumbo frame support in interface view: Step Command Remarks Enter system view. system-view Enter Ethernet interface interface interface-type view. interface-number By default, the device allows jumbo Configure jumbo frame jumboframe enable [ value ] frames within 10000 bytes to pass...
Page 23: Performing A Loopback Test On An Ethernet Interface
Step Command Remarks By default, the link-down or link-up event is Configure physical immediately reported to the CPU. state change link-delay delay-time If you configure this command multiple times on an suppression on the [ mode { up | updown }] Ethernet interface, the most recent configuration interface.
Page 24: Configuring Pfc On An Ethernet Interface
With Rx flow mode generic control enabled, an interface can receive flow control frames, but it • cannot send flow control frames. When the interface receives a flow control frame from its peer, it suspends sending packets to the peer. When congestion occurs, the interface cannot send flow control frames to the peer.
Page 25: Enabling Energy Saving Features On An Ethernet Interface
To perform PFC on a network port of an IRF member device, configure PFC on both the network port and the IRF physical ports. For information about IRF, see IRF configuration Guide. To ensure correct operations of IRF and other protocols, H3C recommends not enabling PFC for •...
Page 26: Setting The Statistics Polling Interval
Step Command Remarks Enter system view. system-view interface interface-type Enter Ethernet interface view. interface-number By default, auto power-down is Enable auto power-down. port auto-power-down disabled. Enabling EEE energy saving for Ethernet interfaces in up state IMPORTANT: Fiber ports do not support this feature. With Energy Efficient Ethernet (EEE) energy saving, a link-up port enters the low power state if it has not received any packet for a certain period of time.
Page 27: Forcibly Bringing Up A Fiber Port
Forcibly bringing up a fiber port CAUTION: The following operations on a fiber port will cause link updown events before the port finally stays up: Configure the port up-mode command and the speed or duplex command at the same time. •...
Page 28: Configuring A Layer 2 Ethernet Interface
The port up-mode command is mutually exclusive with either of the shutdown and loopback • commands. A GE fiber port cannot correctly forward traffic if you configure the port up-mode command on the • port and install any of the following modules into the port: Electro-optical module.
Page 29: Configuring Storm Control On An Ethernet Interface
For the suppression threshold that takes effect, see the prompt on the device. Configuration procedure To set storm suppression thresholds on one or multiple Ethernet interfaces: Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet interface interface-type interface view. interface-number Enable broadcast suppression By default, broadcast traffic is...
Page 30: Setting The Mdix Mode Of An Ethernet Interface
Configuration guidelines For the same type of traffic, do not configure the storm constrain command together with any of the broadcast-suppression, multicast-suppression, and unicast-suppression commands. Otherwise, the traffic suppression result is not determined. For more information about the broadcast-suppression, multicast-suppression, and unicast-suppression commands, see "Configuring storm suppression."...
Page 31: Testing The Cable Connection Of An Ethernet Interface
MDI mode—Pins 1 and 2 are transmit pins and pins 3 and 6 are receive pins. • • AutoMDIX mode—The interface negotiates pin roles with its peer. To enable the interface to communicate with its peer, set the MDIX mode of the interface mode by using the following guidelines: Generally, set the MDIX mode of the interface to AutoMDIX.
Page 32: Configuring A Layer 3 Ethernet Interface Or Subinterface
Configuring a Layer 3 Ethernet interface or subinterface Setting the MTU for an Ethernet interface or subinterface The value of maximum transmission unit (MTU) affects the fragmentation and reassembly of IP packets. Typically, you do not need to modify the MTU of an interface. To set the MTU for an Ethernet interface or subinterface: Step Command...
Page 33 Task Command Clear the Ethernet statistics. reset ethernet statistics...
Page 34: Configuring Loopback, Null, And Inloopback Interfaces
Configuring loopback, null, and inloopback interfaces This chapter describes how to configure a loopback interface, a null interface, and an inloopback interface. Configuring a loopback interface A loopback interface is a virtual interface. The physical layer state of a loopback interface is always up unless the loopback interface is manually shut down.
Page 35: Configuring A Null Interface
Configuring a null interface A null interface is a virtual interface and is always up, but you can neither use it to forward data packets nor can you configure it with an IP address or link layer protocol. The null interface provides a simpler way to filter packets than ACL.
Page 36 Task Command Clear the statistics on the null interface. reset counters interface [ null [ 0 ] ]...
Page 37: Bulk Configuring Interfaces
The maximum number of interface range names is only limited by the system resources. To • guarantee bulk interface configuration performance, H3C recommends that you configure fewer than 1000 interface range names. If a command fails to be executed on the first interface in the interface range, the command is not •...
Page 38: Displaying And Maintaining Bulk Interface Configuration
Step Command Remarks • interface range { interface-type interface-number [ to Use either command. interface-type By using the interface range name interface-number ] } &<1-5> Enter interface range command, you assign a name to an • interface range name name view.
Page 39: Configuring The Mac Address Table
Configuring the MAC address table Overview An Ethernet device uses a MAC address table to forward frames. A MAC address entry includes a destination MAC address, an outgoing interface (or egress RB), and a VLAN ID. When the device receives a frame, it uses the destination MAC address of the frame to look for a match in the MAC address table.
Page 40: Types Of Mac Address Entries
of port A. Other hosts using the forged MAC address of Host A cannot obtain the frames destined for Host A. Types of MAC address entries A MAC address table can contain the following types of entries: Static entries—A static entry is manually added to forward frames with a specific destination MAC •...
Page 41: Configuring Mac Address Entries
Tasks at a glance (Optional.) Enabling MAC address synchronization (Optional.) Enable MAC address move notifications • Enable MAC address move notifications (for Release 2307) • Enable MAC address move notifications (for Release 2310 and later) (Optional.) Enabling ARP fast update for MAC address moves (Optional.) Enabling SNMP notifications for the MAC address table Configuring MAC address entries...
Page 42: Adding Or Modifying A Static Or Dynamic Mac Address Entry On An Interface
Step Command Remarks By default, no MAC address Add or modify a entry is configured globally. mac-address { dynamic | static } mac-address static or dynamic interface interface-type interface-number vlan Make sure you have created MAC address vlan-id the VLAN and assigned the entry.
Page 43: Adding Or Modifying A Multiport Unicast Mac Address Entry
Adding or modifying a multiport unicast MAC address entry You can configure a multiport unicast MAC address entry to associate a unicast destination MAC address with multiple ports. The frame with a destination MAC address matching the entry is sent out of multiple ports.
Page 44: Disabling Mac Address Learning
Step Command Remarks • Enter Layer 2 Ethernet interface view: interface interface-type interface-number Enter interface view. • Enter Layer 2 aggregate interface view: interface bridge-aggregation interface-number By default, no multiport unicast MAC address entry is configured Add the interface to a on the interface.
Page 45: Disabling Mac Address Learning On A Vlan
Step Command Remarks Enter system view. system-view • Enter Layer 2 Ethernet interface view: interface interface-type interface-number • Enter Layer 2 aggregate interface view: interface bridge-aggregation interface-number Enter interface view. • Enter S-channel interface view: interface s-channel interface-number.channel-id • Enter S-channel aggregate interface view: interface schannel-aggregation interface-number:channel-id...
Page 46: Configuring The Mac Learning Limit On An Interface
An aging interval that is too long might cause the MAC address table to retains outdated entries. As a result, the MAC address table resources might be exhausted, and the MAC address table might fail to update to accommodate the latest network changes. An interval that is too short might result in removal of valid entries, which would cause unnecessary floods and possibly affect the device performance.
Page 47: Assigning Mac Learning Priority To An Interface
You can enable or disable forwarding of unknown frames after the MAC learning limit is reached. To enable the device to forward unknown frames after the MAC learning limit is reached: Step Command Remarks Enter system view. system-view • Enter Layer 2 Ethernet interface view.
Page 48: Enabling Mac Address Synchronization
Enabling MAC address synchronization To avoid unnecessary floods and improve forwarding speed, make sure all member devices have the same MAC address table. After you enable MAC address synchronization, each member device advertises learned MAC address entries to other member devices. As shown in Figure Device A and Device B form an IRF fabric enabled with MAC address synchronization.
Page 49: Enable Mac Address Move Notifications (For Release 2307)
Figure 4 MAC address tables of devices when Client A roams to AP D To enable MAC address synchronization: Step Command Remarks Enter system view. system-view Enable MAC address By default, MAC address mac-address mac-roaming enable synchronization. synchronization is disabled. Enable MAC address move notifications (for Release 2307) The outgoing interface for a MAC address entry learned on interface A is changed to interface B when...
Page 50: Enable Mac Address Move Notifications (For Release 2310 And Later)
To enable MAC address move notifications: Step Command Remarks Enter system view. system-view By default, MAC address move notifications are disabled. After you execute this command: • If the device is configured with the snmp-agent trap Enable MAC address enable mac-address mac-address notification mac-move move notifications.
Page 51: Enabling Arp Fast Update For Mac Address Moves
Step Command Remarks Enter system view. system-view By default, MAC address move notifications are disabled. After you execute this command: • If the device is configured with the snmp-agent trap Enable MAC address mac-address notification mac-move enable mac-address move notifications. [ interval interval-value ] command, the system sends SNMP notifications to the...
Page 52: Enabling Snmp Notifications For The Mac Address Table
Figure 5 ARP fast update application scenario To enable ARP fast update for MAC address moves: Step Command Remarks Enter system view. system-view Enable ARP fast By default, ARP fast update for update for MAC mac-address mac-move fast-update MAC address moves is disabled. address moves.
Page 53: Mac Address Table Configuration Example
Task Command display mac-address [ mac-address [ vlan vlan-id ] | [ [ dynamic | Display MAC address table static ] [ interface interface-type interface-number ] | blackhole | information. multiport ] [ vlan vlan-id ] [ count ] ] Display the MAC address information of the egress RB specified by its display mac-address nickname nickname...
Page 54: Configuration Procedure
Configuration procedure # Add a static MAC address entry for MAC address 000f-e235-dc71 on Ten-GigabitEthernet 1/0/1 that belongs to VLAN 1. <Device> system-view [Device] mac-address static 000f-e235-dc71 interface ten-gigabitethernet 1/0/1 vlan 1 # Add a blackhole MAC address entry for MAC address 000f-e235-abcd that belongs to VLAN 1. [Device] mac-address blackhole 000f-e235-abcd vlan 1 # Set the aging timer to 500 seconds for dynamic MAC address entries.
Page 55: Configuring Mac Information
Configuring MAC Information The MAC Information feature can generate syslog messages or SNMP notifications when MAC address entries are learned or deleted. You can use these messages to monitor users leaving or joining the network and analyze network traffic. The MAC Information feature buffers the MAC change syslog messages or SNMP notifications in a queue.
Page 56: Configuring The Mac Change Notification Interval
Trap—The device sends SNMP notifications to notify MAC address changes. In this mode, the • device sends SNMP notifications to the NMS. For more information about SNMP, see Network Management and Monitoring Configuration Guide. To configure the MAC Information mode: Step Command Remarks...
Page 57: Configuration Guidelines
Figure 7 Network diagram Configuration guidelines When you edit the file /etc/syslog.conf, follow these guidelines: • Comments must be on a separate line and must begin with a pound sign (#). No redundant spaces are allowed after the file name. •...
Page 58 # mkdir /var/log/Device # touch /var/log/Device/info.log Edit the file syslog.conf in directory /etc/ and add the following contents: # Device configuration messages local4.info /var/log/Device/info.log In this configuration, local4 is the name of the logging facility that the log host uses to receive logs, and info is the informational level.
Page 59: Configuring Ethernet Link Aggregation
Configuring Ethernet link aggregation Ethernet link aggregation bundles multiple physical Ethernet links into one logical link, called an aggregate link. Link aggregation has the following benefits: • Increased bandwidth beyond the limits of any single link. In an aggregate link, traffic is distributed across the member ports.
Page 60: Aggregation States Of Member Ports In An Aggregation Group
The port rate of an aggregate interface equals the total rate of its member ports in Selected state, and its duplex mode is the same as that of the Selected member ports. For more information about the states of member ports in an aggregation group, see "Aggregation states of member ports in an aggregation group."...
Page 61: Link Aggregation Modes
Feature Considerations VLAN attribute configurations include: • Permitted VLAN IDs. • PVID. • Link type (trunk, hybrid, or access). VLAN • Operating mode (promiscuous, trunk promiscuous, host). • VLAN tagging mode. For information about VLAN, see "Configuring VLANs." Protocol configurations—Protocol configurations do not affect the aggregation state of the member •...
Page 62: Setting The Aggregation State Of Each Member Port
The candidate port at the top is chosen as the reference port. If two ports have the same port priority, duplex mode, and speed, the original Selected port is chosen. If more than one such original Selected port exists, the one with the lower port number is chosen. Setting the aggregation state of each member port After a static aggregation group reaches the limit on Selected ports, ports attempting to join the group are put in Unselected state.
Page 63: Lacp
LACP LACP uses LACPDUs to exchange aggregation information between LACP-enabled devices. Each member port in an LACP-enabled aggregation group exchanges information with its peer. When a member port receives an LACPDU, it compares the received information with information received on the other member ports.
Page 64: How Dynamic Link Aggregation Works
The LACP timeout interval also determines the LACPDU sending rate of the peer. You can configure the LACP timeout interval as the short timeout interval (3 seconds) or the long timeout interval (90 seconds). If you configure the short timeout interval, the peer sends LACPDUs fast (one LACPDU per second). If you configure the long timeout interval, the peer sends LACPDUs slowly (one LACPDU every 30 seconds).
Page 65 Figure 10 Setting the state of a member port in a dynamic aggregation group Meanwhile, the system with the higher system ID is aware of the aggregation state changes on the remote system. The system sets the aggregation state of local member ports the same as their peer ports. When you aggregate interfaces in dynamic mode, follow these guidelines: A dynamic link aggregation group preferably sets full-duplex ports as the Selected ports.
Page 66: Edge Aggregate Interface
After the Selected port limit has been reached, a port joining the aggregation group is put in • Selected state if it is more eligible than a current member port. For more information about configuring the maximum number of Selected ports in a dynamic aggregation group, see "Setting the minimum and maximum numbers of Selected ports for an aggregation...
Page 67: Configuring An Aggregation Group
Tasks at a glance (Optional.) Configuring an aggregate interface: • Configuring the description of an aggregate interface • Specifying ignored VLANs on a Layer 2 aggregate interface • Configuring the MTU of a Layer 3 aggregate interface • Setting the minimum and maximum numbers of Selected ports for an aggregation group •...
Page 68: Configuring A Static Aggregation Group
This switch series supports up to 128 aggregation groups. To ensure the operation of the service • loopback groups, H3C recommends configuring no more than 126 aggregation groups . Configuring a static aggregation group To guarantee a successful static aggregation, make sure that the ports at both ends of each link are in the same aggregation state.
Page 69: Configuring A Dynamic Aggregation Group
Step Command Remarks Enter Layer 3 Ethernet interface view: interface interface-type Repeat these two sub-steps to interface-number Assign an interface to the assign more Layer 3 Ethernet specified Layer 3 aggregation Assign the interface to the interfaces to the aggregation group.
Page 70 Step Command Remarks By default, the long LACP timeout interval (90 seconds) is adopted by the interface. The peer sends LACPDUs slowly. Configure the short LACP Do not configure the short LACP timeout interval (3 seconds) lacp period short timeout interval before performing on the interface.
Page 71: Configuring An Aggregate Interface
Step Command Remarks Configure the port priority for link-aggregation port-priority The default setting is 32768. the interface. port-priority By default, the long LACP timeout interval (90 seconds) is adopted by the interface. The peer sends LACPDUs slowly. Configure the short LACP Do not configure the short LACP timeout interval (3 seconds) lacp period short...
Page 72: Specifying Ignored Vlans On A Layer 2 Aggregate Interface
Specifying ignored VLANs on a Layer 2 aggregate interface By default, to become Selected ports, the member ports must have the same VLAN permit state and VLAN tagging mode as the corresponding Layer 2 aggregate interface. The system ignores the permit state and tagging mode of an ignored VLAN when choosing Selected ports.
Page 73: Configuring The Expected Bandwidth Of An Aggregate Interface
When the number of member ports eligible to be Selected is smaller than the minimum threshold: • All member ports change to the Unselected state. The link of the aggregate interface goes down. When the minimum threshold is reached, the eligible member ports change to the Selected state, •...
Page 74: Configuring An Edge Aggregate Interface
Step Command Remarks By default, the expected Configure the expected bandwidth bandwidth-value bandwidth (in kbps) is the interface bandwidth of the interface. baud rate divided by 1000. Configuring an edge aggregate interface When you configure an edge aggregate interface, follow these restrictions and guidelines: This configuration takes effect on only the aggregate interface corresponding to a dynamic •...
Page 75: Shutting Down An Aggregate Interface
BFD packets. When the link is recovered and the local port is placed in the Selected state again, the local port establishes a new session with the peer port. BFD notifies the Ethernet link aggregation module that the peer port is reachable. Because BFD provides fast failure detection, the local and peer systems of a dynamic aggregate link can negotiate the aggregation state of their member ports faster.
Page 76: Restoring The Default Settings For An Aggregate Interface
Restoring the default settings for an aggregate interface You can return all configurations on an aggregate interface to default settings. To restore the default settings for an aggregate interface: Step Command Enter system view. system-view • Enter Layer 2 aggregate interface view: interface bridge-aggregation interface-number Enter aggregate interface view.
Page 77: Enabling Local-First Load Sharing For Link Aggregation
Step Command Remarks • Enter Layer 2 aggregate interface view interface bridge-aggregation interface-number Enter aggregate interface view. • Enter Layer 3 aggregate interface view: interface route-aggregation interface-number Configure the load sharing link-aggregation load-sharing mode The default settings are the same mode for the aggregation { destination-ip | destination-mac | as the global load sharing mode.
Page 78: Configuring Per-Flow Load Sharing Algorithm Settings For Ethernet Link Aggregation
Step Command Remarks Enable local-first load sharing link-aggregation load-sharing By default, local-first load sharing for link aggregation. mode local-first for link aggregation is enabled. Configuring per-flow load sharing algorithm settings for Ethernet link aggregation This feature is available in Release 231 1P04 and later versions. Configure the per-flow load sharing algorithm and algorithm seed to optimize traffic distribution on aggregate links based on existing per-flow load sharing settings.
Page 79: Configuration Procedure
Link-aggregation traffic redirection applies only to dynamic link aggregation groups and takes • effect on only known unicast packets. To prevent traffic interruption, enable link-aggregation traffic redirection on devices at both ends of • the aggregate link. To prevent packet loss that might occur at a reboot, do not enable spanning tree together with •...
Page 80: Ethernet Link Aggregation Configuration Examples
Ethernet link aggregation configuration examples Layer 2 static aggregation configuration example Network requirements As shown in Figure 12, perform the following tasks: Configure a Layer 2 static aggregation group on both Device A and Device B. • Enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end. •...
Page 81: Layer 2 Dynamic Aggregation Configuration Example
[DeviceA-Ten-GigabitEthernet1/0/2] quit [DeviceA] interface ten-gigabitethernet 1/0/3 [DeviceA-Ten-GigabitEthernet1/0/3] port link-aggregation group 1 [DeviceA-Ten-GigabitEthernet1/0/3] quit # Configure Layer 2 aggregate interface Bridge-Aggregation 1 as a trunk port and assign it to VLANs 10 and 20. [DeviceA] interface bridge-aggregation 1 [DeviceA-Bridge-Aggregation1] port link-type trunk [DeviceA-Bridge-Aggregation1] port trunk permit vlan 10 20 [DeviceA-Bridge-Aggregation1] quit Configure Device B in the same way Device A is configured.
Page 82 Figure 13 Network diagram Configuration procedure Configure Device A: # Create VLAN 10, and assign the port Ten-GigabitEthernet 1/0/4 to VLAN 10. <DeviceA> system-view [DeviceA] vlan 10 [DeviceA-vlan10] port ten-gigabitethernet 1/0/4 [DeviceA-vlan10] quit # Create VLAN 20, and assign the port Ten-GigabitEthernet 1/0/5 to VLAN 20. [DeviceA] vlan 20 [DeviceA-vlan20] port ten-gigabitethernet 1/0/5 [DeviceA-vlan20] quit...
Page 83: Layer 2 Aggregation Load Sharing Configuration Example
[DeviceA-Bridge-Aggregation1] quit Configure Device B in the same way Device A is configured. (Details not shown.) Verifying the configuration # Display detailed information about all aggregation groups on Device A. [DeviceA] display link-aggregation verbose Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing Port Status: S -- Selected, U -- Unselected, I -- Individual Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,...
Page 84 Figure 14 Network diagram Configuration procedure Configure Device A: # Create VLAN 10, and assign the port Ten-GigabitEthernet 1/0/5 to VLAN 10. <DeviceA> system-view [DeviceA] vlan 10 [DeviceA-vlan10] port ten-gigabitethernet 1/0/5 [DeviceA-vlan10] quit # Create VLAN 20, and assign the port Ten-GigabitEthernet 1/0/6 to VLAN 20. [DeviceA] vlan 20 [DeviceA-vlan20] port ten-gigabitethernet 1/0/6 [DeviceA-vlan20] quit...
Page 85 [DeviceA] interface bridge-aggregation 2 # Configure the load sharing criterion for link aggregation group 2 as the destination MAC addresses of packets. [DeviceA-Bridge-Aggregation2] link-aggregation load-sharing mode destination-mac [DeviceA-Bridge-Aggregation2] quit # Assign ports Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to link aggregation group 2.
Page 86: Layer 2 Edge Aggregate Interface Configuration Example
Each aggregation group contains two Selected ports. • # Display all the group-specific load sharing modes on Device A. [DeviceA] display link-aggregation load-sharing mode interface Bridge-Aggregation1 Load-Sharing Mode: source-mac address Bridge-Aggregation2 Load-Sharing Mode: destination-mac address The output shows that: Link aggregation group 1 load shares packets based on source MAC addresses. •...
Page 87: Layer 3 Static Aggregation Configuration Example
Verifying the configuration # Display detailed information about all aggregation groups on the device when the server is not configured with dynamic link aggregation. [Device] display link-aggregation verbose Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing Port Status: S -- Selected, U -- Unselected, I -- Individual Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation, D -- Synchronization, E -- Collecting, F -- Distributing,...
Page 88: Layer 3 Dynamic Aggregation Configuration Example
[DeviceA] interface route-aggregation 1 [DeviceA-Route-Aggregation1] ip address 192.168.1.1 24 [DeviceA-Route-Aggregation1] quit # Assign Layer 3 Ethernet interfaces Ten-GigabitEthernet 1/0/1 through Ten-GigabitEthernet 1/0/3 to aggregation group 1. [DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] port link-aggregation group 1 [DeviceA-Ten-GigabitEthernet1/0/1] quit [DeviceA] interface ten-gigabitethernet 1/0/2 [DeviceA-Ten-GigabitEthernet1/0/2] port link-aggregation group 1 [DeviceA-Ten-GigabitEthernet1/0/2] quit [DeviceA] interface ten-gigabitethernet 1/0/3...
Page 89 Figure 17 Network diagram Configuration procedure Configure Device A: # Create Layer 3 aggregate interface Route-Aggregation 1. <DeviceA> system-view [DeviceA] interface route-aggregation 1 # Set the link aggregation mode to dynamic. [DeviceA-Route-Aggregation1] link-aggregation mode dynamic # Configure an IP address and subnet mask for Route-Aggregation 1. [DeviceA-Route-Aggregation1] ip address 192.168.1.1 24 [DeviceA-Route-Aggregation1] quit # Assign Layer 3 Ethernet interfaces Ten-GigabitEthernet 1/0/1 through Ten-GigabitEthernet...
Page 90: Layer 3 Edge Aggregate Interface Configuration Example
XGE1/0/3 32768 {ACDEF} Remote: Actor Partner Priority Oper-Key SystemID Flag -------------------------------------------------------------------------------- XGE1/0/1 32768 0x8000, 000f-e267-57ad {ACDEF} XGE1/0/2 32768 0x8000, 000f-e267-57ad {ACDEF} XGE1/0/3 32768 0x8000, 000f-e267-57ad {ACDEF} The output shows that: • Link aggregation group 1 is a non-load-shared Layer 3 dynamic aggregation group. The aggregation group contains three Selected ports.
Page 91 Verifying the configuration # Display detailed information about all aggregation groups on the device when the server is not configured with dynamic link aggregation. [Device] display link-aggregation verbose Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing Port Status: S -- Selected, U -- Unselected, I -- Individual Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation, D -- Synchronization, E -- Collecting, F -- Distributing,...
Page 92: Configuring Port Isolation
Configuring port isolation The port isolation feature isolates Layer 2 traffic for data privacy and security without using VLANs. Ports in an isolation group cannot communicate with each other, but they can communicate with ports outside the isolation group. Assigning a port to an isolation group The device supports multiple isolation groups, which can be configured manually.
Page 93: Port Isolation Configuration Example
Task Command Display isolation group information. display port-isolate group [ group-number ] Port isolation configuration example Network requirements As shown in Figure 19, configure port isolation on the device so that the hosts can access the Internet but cannot communicate with each other at Layer 2. Figure 19 Network diagram Configuration procedure # Create isolation group 2.
Page 94 [Device] display port-isolate group 2 Port isolation group information: Group ID: 2 Group members: Ten-GigabitEthernet1/0/1 Ten-GigabitEthernet1/0/2 Ten-GigabitEthernet1/0/3 The output shows that interfaces Ten-GigabitEthernet 1/0/1, Ten-GigabitEthernet 1/0/2, and Ten-GigabitEthernet 1/0/3 are assigned to isolation group 2, so that Host A, Host B, and Host C are isolated from each other at layer 2.
Page 95: Configuring Spanning Tree Protocols
Configuring spanning tree protocols Spanning tree protocols eliminate loops in a physical link-redundant network by selectively blocking redundant links and putting them in a standby state. The recent versions of STP include the Rapid Spanning Tree Protocol (RSTP), the Per-VLAN Spanning Tree (PVST), and the Multiple Spanning Tree Protocol (MSTP).
Page 96: Basic Concepts In Stp
Basic concepts in STP Root bridge A tree network must have a root bridge. The entire network contains only one root bridge, and all the other bridges in the network are called "leaf nodes". The root bridge is not permanent, but can change with changes of the network topology.
Page 97: Calculation Process Of The Stp Algorithm
Path cost Path cost is a reference value used for link selection in STP. To prune the network into a loop-free tree, STP calculates path costs to select the most robust links and block redundant links that are less robust. Calculation process of the STP algorithm The spanning tree calculation process described in the following sections is a simplified process for example only.
Page 98 Table 5 Selection of the optimum configuration BPDU Step Actions Upon receiving a configuration BPDU on a port, the device compares the priority of the received configuration BPDU with that of the configuration BPDU generated by the port: • If the former priority is lower, the device discards the received configuration BPDU and keeps the configuration BPDU the port generated.
Page 99 Table 6, each configuration BPDU contains the following fields: root bridge ID, root path cost, designated bridge ID, and designated port ID. Table 6 Initial state of each device Configuration BPDU on the Device Port name port Port A1 {0, 0, 0, Port A1} Device A Port A2 {0, 0, 0, Port A2}...
Page 100 Configuration BPDU on Device Comparison process ports after comparison Port B1 performs the following actions: Receives the configuration BPDU of Port A1 {0, 0, 0, Port A1}. Determines that the received configuration BPDU is superior to its existing configuration BPDU {1, 0, 1, Port •...
Page 101 Configuration BPDU on Device Comparison process ports after comparison Device C performs the following actions: Compares the configuration BPDUs of all its ports. Decides that the configuration BPDU of Port C1 is the optimum. Selects Port C1 as the root port with the configuration •...
Page 102 After the comparison processes described in Table 7, a spanning tree with Device A as the root bridge is established, as shown in Figure Figure 22 The final calculated spanning tree The configuration BPDU forwarding mechanism of STP The configuration BPDUs of STP are forwarded according to these guidelines: Upon network initiation, every device regards itself as the root bridge, generates configuration •...
Page 103: Rstp
Because each VLAN runs STP or RSTP independently, a spanning tree only serves its VLAN. A PVST-enabled H3C device can communicate with a third-party device that is running Rapid PVST or PVST. The PVST-enabled H3C device supports fast network convergence like RSTP when connected to PVST-enabled H3C devices or third-party devices enabled with Rapid PVST.
Page 104: Mstp Features
PVST limitations—Because each VLAN has its spanning tree, the amount of PVST BPDUs is • proportional to the number of VLANs on a trunk port. When the trunk port permits too many VLANs, both resources and calculations for maintaining the VLAN spanning trees increase dramatically. If a status change occurs on the trunk port that permits multiple VLANs, the device CPU will be overburdened with recalculation of the affected spanning trees.
Page 105 Figure 23 Basic concepts in MSTP VLAN 1 MSTI 1 VLAN 1 MSTI 1 VLAN 2 MSTI 2 VLAN 2 MSTI 2 Other VLANs MSTI 0 Other VLANs MSTI 0 MST region 1 MST region 4 MST region 2 MST region 3 VLAN 1 MSTI 1 VLAN 1...
Page 106 Same VLAN-to-instance mapping configuration • • Same MSTP revision level Physically linked together • Multiple MST regions can exist in a switched network. You can assign multiple devices to the same MST region. Figure The switched network comprises four MST regions, MST region 1 through MST region 4. •...
Page 107 The regional root of MSTI 1 is Device B. • • The regional root of MSTI 2 is Device C. The regional root of MSTI 0 (also known as the IST) is Device A. • Common root bridge The common root bridge is the root bridge of the CIST. Figure 23, the common root bridge is a device in MST region 1.
Page 108: How Mstp Works
Master port—Serves as a port on the shortest path from the local MST region to the common root • bridge. The master port is not always located on the regional root. It is a root port on the IST or CIST and still a master port on the other MSTIs.
Page 109: Mstp Implementation On Devices
MSTI calculation Within an MST region, MSTP generates different MSTIs for different VLANs based on the VLAN-to-instance mappings. For each spanning tree, MSTP performs a separate calculation process similar to spanning tree calculation in STP. For more information, see "Calculation process of the STP algorithm."...
Page 110: Stp Configuration Task List
To connect a spanning tree network to a TRILL network, make sure the following requirements are • met: The spanning tree protocol is disabled on the TRILL network. An edge port is used to connect the spanning tree network to the TRILL network. The edge port can quickly transit to the forwarding state.
Page 111: Rstp Configuration Task List
Tasks at a glance (Optional.) Configuring protection functions RSTP configuration task list Tasks at a glance Configuring the root bridge: • (Required.) Setting the spanning tree mode • (Optional.) Configuring the root bridge or a secondary root bridge • (Optional.) Configuring the device priority •...
Page 112: Pvst Configuration Task List
PVST configuration task list Tasks at a glance Configuring the root bridge: • (Required.) Setting the spanning tree mode • (Optional.) Configuring the root bridge or a secondary root bridge • (Optional.) Configuring the device priority • (Optional.) Configuring the network diameter of a switched network •...
Page 113: Mstp Configuration Task List
MSTP configuration task list Tasks at a glance Configuring the root bridge: • (Required.) Setting the spanning tree mode • (Required.) Configuring an MST region • (Optional.) Configuring the root bridge or a secondary root bridge • (Optional.) Configuring the device priority •...
Page 114: Configuration Restrictions And Guidelines
RSTP mode—All ports of the device send RSTP BPDUs. A port in this mode automatically transits to • the STP mode when it receives STP BPDUs from the peer device. A port in this mode does not transit to the MSTP mode when it receives MSTP BPDUs from the peer device. •...
Page 115: Configuring The Root Bridge Or A Secondary Root Bridge
MST region revision level. • • VLAN-to-instance mapping entries in the MST region. The configuration of MST region-related parameters (especially the VLAN-to-instance mapping table) might cause MSTP to begin a new spanning tree calculation. To reduce the possibility of topology instability, the MST region configuration takes effect only after you activate it by doing one of the following: •...
Page 116: Configuring The Current Device As The Root Bridge Of A Specific Spanning Tree
If you specify multiple secondary root bridges for the instance, the secondary root bridge with the • lowest MAC address is given priority. If you do not specify a secondary root bridge, a new root bridge is calculated. • You can specify one root bridge for each spanning tree, regardless of the device priority settings. Once you specify a device as the root bridge or a secondary root bridge, you cannot change its priority.
Page 117: Configuring The Maximum Hops Of An Mst Region
You can configure the maximum hops of an MST region based on the STP network size. H3C recommends that you configure the maximum hops to a value that is greater than the maximum hops of each edge device to the root bridge.
Page 118: Setting Spanning Tree Timers
• Max age ≥ 2 × (hello time + 1 second) H3C recommends not manually setting the spanning tree timers. H3C recommends that you specify the network diameter and letting spanning tree protocols automatically calculate the timers based on the network diameter.
Page 119: Configuration Procedure
H3C recommends that you use the automatically calculated value. An appropriate hello time setting enables the device to promptly detect link failures on the network • without using excessive network resources. If the hello time is too long, the device mistakes packet loss for a link failure and triggers a new spanning tree calculation process.
Page 120: Configuring The Bpdu Transmission Rate
By setting an appropriate BPDU transmission rate, you can limit the rate at which the port sends BPDUs. Setting an appropriate rate also prevents spanning tree protocols from using excessive network resources when the network topology changes. H3C recommends that you use the default setting.
Page 121: Configuration Procedure
Configuration procedure To configure a port as an edge port: Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet or interface interface-type interface-number aggregate interface view. Configure the current ports as By default, all ports are stp edged-port edge ports.
Page 122 To specify a standard for the device to use when it calculates the default path cost: Step Command Remarks Enter system view. system-view Specify a standard for the device to use when it stp pathcost-standard The default setting is legacy. calculates the default path { dot1d-1998 | dot1t | legacy } costs of its ports.
Page 123 Path cost Link speed Port type IEEE IEEE 802.1t Private standard 802.1d-1998 Aggregate interface containing two Selected 1000 ports Aggregate interface containing three Selected ports Aggregate interface containing four Selected ports Single port 1000 Aggregate interface containing two Selected ports Aggregate interface 20 Gbps containing three Selected...
Page 124: Configuring Path Costs Of Ports
Configuring path costs of ports When the path cost of a port changes, the system re-calculates the role of the port and initiates a state transition. To configure the path cost of a port: Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet or interface interface-type interface-number...
Page 125: Configuring The Port Link Type
You can configure the link type as point-to-point for a Layer 2 aggregate interface or a port that • operates in full duplex mode. H3C recommends that you use the default setting and letting the device automatically detect the port link type.
Page 126: Configuring The Mode A Port Uses To Recognize And Send Mstp Packets
Configuring the mode a port uses to recognize and send MSTP packets A port can receive and send MSTP packets in the following formats: dot1s—802.1s-compliant standard format • legacy—Compatible format • By default, the packet format recognition mode of a port is auto. The port automatically distinguishes the two MSTP packet formats, and determines the format of packets that it will send based on the recognized format.
Page 127: Enabling The Spanning Tree Feature
Enabling the spanning tree feature You must enable the spanning tree feature for the device before any other spanning tree related configurations can take effect. In STP, RSTP, or MSTP mode, make sure the spanning tree feature is enabled globally and on the desired ports. In PVST mode, make sure the spanning tree feature is enabled globally, in the desired VLANs, and on the desired ports.
Page 128: Performing Mcheck
• which causes the peer port to transit to STP mode. When you disable TRILL and enable STP on a port, H3C recommends that you perform mCheck on both the port and the peer port. Configuration procedure Performing mCheck globally...
Page 129: Configuring Digest Snooping
The devices of different vendors in the same MST region cannot communicate with each other. To enable communication between an H3C device and a third-party device in the same MST region, enable Digest Snooping on the H3C device port connecting them.
Page 130: Configuration Procedure
Configuration procedure Use this feature when your H3C device is connected to a third-party device that uses its private key to calculate the configuration digest. To configure Digest Snooping: Step Command Remarks Enter system view. system-view Enter Layer 2 Ethernet or interface interface-type aggregate interface view.
Page 131: Configuring No Agreement Check
[DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] stp config-digest-snooping [DeviceA-Ten-GigabitEthernet1/0/1] quit [DeviceA] stp global config-digest-snooping # Enable Digest Snooping on Ten-GigabitEthernet 1/0/1 of Device B and enable global Digest Snooping on Device B. <DeviceB> system-view [DeviceB] interface ten-gigabitethernet 1/0/1 [DeviceB-Ten-GigabitEthernet1/0/1] stp config-digest-snooping [DeviceB-Ten-GigabitEthernet1/0/1] quit [DeviceB] stp global config-digest-snooping Configuring No Agreement Check...
Page 132: Configuration Prerequisites
Figure 28 Rapid state transition of an RSTP designated port If the upstream device is a third-party device, the rapid state transition implementation might be limited. For example: The upstream device uses a rapid transition mechanism similar to that of RSTP. •...
Page 133: No Agreement Check Configuration Example
No Agreement Check configuration example Network requirements As shown in Figure Device A connects to a third-party device that has a different spanning tree implementation. Both • devices are in the same region. The third-party device (Device B) is the regional root bridge, and Device A is the downstream •...
Page 134: Configuration Restrictions And Guidelines
Figure 30 TC Snooping application scenario To avoid traffic interruption, you can enable TC Snooping on the IRF fabric. After receiving a TC-BPDU through a port, the IRF fabric updates MAC address table and ARP table entries associated with the port's VLAN.
Page 135: Configuring Protection Functions
Configuring protection functions A spanning tree device supports the following protection functions: • BPDU guard Root guard • Loop guard • Port role restriction • TC-BPDU transmission restriction • • TC-BPDU guard BPDU drop • Enabling BPDU guard For access layer devices, the access ports can directly connect to the user terminals (such as PCs) or file servers.
Page 136: Enabling Loop Guard
supersedes the current legal root bridge, causing an undesired change of the network topology. The traffic that should go over high-speed links is switched to low-speed links, resulting in network congestion. To prevent this situation, MSTP provides the root guard function. If root guard is enabled on a port of a root bridge, this port plays the role of designated port on all MSTIs.
Page 137: Configuring Port Role Restriction
Step Command Remarks Enable the loop guard By default, loop guard is stp loop-protection function for the ports. disabled. Configuring port role restriction CAUTION: Use this feature with caution, because enabling port role restriction on a port might affect the connectivity of the spanning tree topology.
Page 138: Enabling Tc-Bpdu Guard
10 seconds after the device receives the first TC-BPDU. For TC-BPDUs received in excess of the limit, the device performs a forwarding address entry flush when the time period expires. This prevents frequent flushing of forwarding address entries. H3C recommends that you enable TC-BPDU guard.
Page 139: Displaying And Maintaining The Spanning Tree
Displaying and maintaining the spanning tree Execute display commands in any view and reset command in user view. Task Command Display information about ports blocked by spanning tree display stp abnormal-port protection functions. display stp bpdu-statistics [ interface interface-type interface-number [ instance Display BPDU statistics on ports.
Page 140: Configuration Procedure
Figure 31 Network diagram Configuration procedure Configure VLANs and VLAN member ports: (Details not shown.) Create VLAN 10, VLAN 20, and VLAN 30 on both Device A and Device B. Create VLAN 10, VLAN 20, and VLAN 40 on Device C. Create VLAN 20, VLAN 30, and VLAN 40 on Device D.
Page 141 <DeviceB> system-view [DeviceB] stp region-configuration [DeviceB-mst-region] region-name example # Map VLAN 10, VLAN 30, and VLAN 40 to MSTI 1, MSTI 3, and MSTI 4, respectively. [DeviceB-mst-region] instance 1 vlan 10 [DeviceB-mst-region] instance 3 vlan 30 [DeviceB-mst-region] instance 4 vlan 40 # Configure the revision level of the MST region as 0.
Page 142: Verifying The Configuration
# Activate MST region configuration. [DeviceD-mst-region] active region-configuration [DeviceD-mst-region] quit # Enable the spanning tree feature globally. [DeviceD] stp global enable Verifying the configuration In this example, Device B has the lowest root bridge ID. As a result, Device B is elected as the root bridge in MSTI 0.
Page 143: Pvst Configuration Example
Ten-GigabitEthernet1/0/2 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/3 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/1 ROOT FORWARDING NONE Ten-GigabitEthernet1/0/2 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/3 ROOT FORWARDING NONE Based on the output, you can draw each MSTI mapped to each VLAN, as shown in Figure Figure 32 MSTIs mapped to different VLANs MSTI 1 mapped to VLAN 10 MSTI 0 mapped to VLAN 20 MSTI 3 mapped to VLAN 30...
Page 144: Configuration Procedure
Figure 33 Network diagram Device A Device B Permit: all VLAN XGE1/0/3 XGE1/0/3 Permit: VLAN 10, 20 Permit: VLAN 20, 30 XGE1/0/3 XGE1/0/3 Permit: VLAN 20, 40 Device C Device D Configuration procedure Configure VLANs and VLAN member ports: (Details not shown.) Create VLAN 10, VLAN 20, and VLAN 30 on both Device A and Device B.
Page 145: Verifying The Configuration
# Configure the device as the root bridge of VLAN 40. [DeviceC] stp vlan 40 root primary # Enable the spanning tree feature globally and in VLAN 10, VLAN 20, and VLAN 40. [DeviceC] stp global enable [DeviceC] stp vlan 10 20 40 enable Configure Device D: # Set the spanning tree mode to PVST.
Page 146 # Display brief spanning tree information on Device D. [DeviceD] display stp brief VLAN ID Port Role STP State Protection Ten-GigabitEthernet1/0/1 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/2 ROOT FORWARDING NONE Ten-GigabitEthernet1/0/3 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/1 ROOT FORWARDING NONE Ten-GigabitEthernet1/0/2 ALTE DISCARDING NONE Ten-GigabitEthernet1/0/3 ROOT FORWARDING...
Page 147: Configuring Loop Detection
Configuring loop detection Overview Incorrect network connections or configurations can create Layer 2 loops, which results in repeated transmission of broadcasts, multicasts, or unknown unicasts, waste network resources, and sometimes even paralyze networks. The loop detection mechanism immediately generates a log when a loop occurs so that you are promptly notified to adjust network connections and configurations.
Page 148: Loop Detection Interval
Figure 36 Inner frame header for loop detection The inner frame header for loop detection contains the following fields: Code—Protocol sub-type, which is 0x0001, indicating the loop detection protocol. • • Version—Protocol version, which is always 0x0000. Length—Length of the frame. The value includes the inner header, but excludes the Ethernet header. •...
Page 149: Port Status Auto Recovery
VLAN. The per-port configuration applies to the individual port only when the port belongs to the specified VLAN. Per-port configurations take precedence over global configurations. H3C recommends not enabling loop detection on TRILL ports, because TRILL networks prevent loops from being generated. For information more about TRILL, see TRILL Configuration Guide.
Page 150: Configuring The Loop Protection Action
Step Command Remarks Enter Layer 2 Ethernet interface interface interface-type view or Layer 2 aggregate interface-number interface view. Enable loop detection on the loopback-detection enable vlan Disabled by default. port. { vlan-list | all } Configuring the loop protection action You can configure the loop protection action globally or on specific ports.
Page 151: Setting The Loop Detection Interval
Step Command Remarks By default, the switch generates Configure the loop protection loopback-detection action a log but performs no action on action on the interface. shutdown the port on which a loop is detected. Setting the loop detection interval With loop detection enabled, the switch sends loop detection frames at a specified interval. A shorter interval offers more sensitive detection but consumes more resources.
Page 152: Configuration Procedure
Figure 37 Network diagram Device A XGE1/0/1 XGE1/0/2 Device B Device C VLAN 100 Configuration procedure Configure Device A: # Create VLAN 100, and globally enable loop detection for the VLAN. <DeviceA> system-view [DeviceA] vlan 100 [DeviceA-vlan100] quit [DeviceA] loopback-detection global enable vlan 100 # Configure Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 as trunk ports, and assign them to VLAN 100.
Page 153: Verifying The Configuration
# Configure Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 as trunk ports, and assign them to VLAN 100. [DeviceB] interface ten-gigabitethernet 1/0/1 [DeviceB-Ten-GigabitEthernet1/0/1] port link-type trunk [DeviceB-Ten-GigabitEthernet1/0/1] port trunk permit vlan 100 [DeviceB-Ten-GigabitEthernet1/0/1] quit [DeviceB] interface ten-gigabitethernet 1/0/2 [DeviceB-Ten-GigabitEthernet1/0/2] port link-type trunk [DeviceB-Ten-GigabitEthernet1/0/2] port trunk permit vlan 100 [DeviceB-Ten-GigabitEthernet1/0/2] quit Configure Device C:...
Page 154 The output shows that the device has removed the loops from Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 according to the shutdown action. Use the display interface command to display the status of Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 on Device A. # Display the status of Ten-GigabitEthernet 1/0/1 on Device A. [DeviceA] display interface ten-gigabitethernet 1/0/1 Ten-GigabitEthernet1/0/1 current state: DOWN (Loop detection down) # Display the status of Ten-GigabitEthernet 1/0/2 on Device A.
Page 155: Configuring Vlans
Configuring VLANs This chapter provides an overview of VLANs and explains how to configure them. Overview Ethernet is a family of shared-media LAN technologies based on the CSMA/CD mechanism. An Ethernet LAN is both a collision domain and a broadcast domain. As the medium is shared, collisions and broadcasts are common in an Ethernet LAN.
Page 156: Protocols And Standards
Figure 39 VLAN tag placement and format A VLAN tag includes the following fields: TPID—16-bit tag protocol identifier that indicates whether a frame is VLAN-tagged. By default, the • TPID value is 0x8100, indicating that the frame is VLAN-tagged. However, device vendors can set TPID to different values.
Page 157: Configuring Basic Settings Of A Vlan Interface
Step Command Remarks The default setting is VLAN vlan-id, which is Configure the the ID of the VLAN. For example, the description text description of the VLAN. description of VLAN 100 is VLAN 0100 by default. NOTE: • As the system default VLAN, VLAN 1 cannot be created or deleted. You cannot use the undo vlan command to delete a dynamic VLAN, a VLAN with a QoS policy •...
Page 158: Configuring Port-Based Vlans
Step Command Remarks Configure the MTU for the mtu size The default setting is 1500 bytes. VLAN interface. By default, the expected bandwidth (in Configure the expected bandwidth bandwidth-value kbps) is the interface baud rate divided bandwidth of the interface. by 1000.
Page 159: Assigning An Access Port To A Vlan
For a hybrid or trunk port, the PVID setting of the port does not change. You can use a nonexistent VLAN as the PVID for a hybrid or trunk port, but not for an access port. H3C recommends that you set the same PVID for local and remote ports. •...
Page 160: Assigning A Trunk Port To A Vlan
Step Command Remarks • The configuration made in Layer 2 Ethernet interface view applies only to the port. • Enter Layer 2 Ethernet • The configuration made in Layer 2 interface view: aggregate interface view applies interface interface-type to the aggregate interface and its interface-number aggregation member ports.
Page 161: Assigning A Hybrid Port To A Vlan
Step Command Remarks • The configuration made in Layer 2 Ethernet interface view applies only to the port. • The configuration made in • Enter Layer 2 Ethernet interface Layer 2 aggregate interface view: view applies to the aggregate interface interface-type interface and its aggregation interface-number member ports.
Page 162: Configuring Ip Subnet-Based Vlans
Step Command Remarks • The configuration made in Layer 2 Ethernet interface view applies only to the port. • The configuration made in • Enter Layer 2 Ethernet interface Layer 2 aggregate interface view: view applies to the aggregate interface interface-type interface and its aggregation interface-number member ports.
Page 163: Configuring An Ip Subnet-Based Vlan
Configuring an IP subnet-based VLAN Task Command Remarks Enter system view. system-view If the specified VLAN does not exist, this Enter VLAN view. vlan vlan-id command first creates the VLAN and enters VLAN view of this VLAN. By default, a VLAN is not associated with any IP subnets or IP addresses.
Page 164: Configuring Protocol-Based Vlans
Configuring protocol-based VLANs Introduction The protocol-based VLAN feature assigns inbound packets to different VLANs based on their protocol types and encapsulation formats. The protocols available for VLAN assignment include IP, IPX, and AT. The encapsulation formats include Ethernet II, 802.3 raw, 802.2 LLC, and 802.2 SNAP. A protocol template defines a protocol type and an encapsulation format.
Page 165: Displaying And Maintaining Vlans
Step Command Remarks • The configurations made in Layer 2 Ethernet interface view apply only to the port. • Enter Layer 2 Ethernet • The configurations made in Layer 2 interface view: aggregate interface view apply to the interface interface-type aggregate interface and its interface-number aggregation member ports.
Page 166: Vlan Configuration Examples
VLAN configuration examples Port-based VLAN configuration example Network requirements As shown in Figure Host A and Host C belong to Department A. VLAN 100 is assigned to Department A. • Host B and Host D belong to Department B. VLAN 200 is assigned to Department B. •...
Page 167: Ip Subnet-Based Vlan Configuration Example
Verifying the configuration # Verify that Host A and Host C can ping each other, but they both fail to ping Host B. (Details not shown.) # Verify that Host B and Host D can ping each other, but they both fail to ping Host A. (Details not shown.) # Verify that VLANs 100 and 200 are correctly configured on Device A.
Page 168 Figure 41 Network diagram Configuration procedure Configuring Device C: # Associate IP subnet 192.168.5.0/24 with VLAN 100. <DeviceC> system-view [DeviceC] vlan 100 [DeviceC-vlan100] ip-subnet-vlan ip 192.168.5.0 255.255.255.0 [DeviceC-vlan100] quit # Associate IP subnet 192.168.50.0/24 with VLAN 200. [DeviceC] vlan 200 [DeviceC-vlan200] ip-subnet-vlan ip 192.168.50.0 255.255.255.0 [DeviceC-vlan200] quit # Configure Ten-GigabitEthernet 1/0/11 to permit packets from VLAN 100 to pass through.
Page 169: Protocol-Based Vlan Configuration Example
[DeviceC-Ten-GigabitEthernet1/0/1] port hybrid vlan 100 200 untagged [DeviceC-Ten-GigabitEthernet1/0/1] port hybrid ip-subnet-vlan vlan 100 [DeviceC-Ten-GigabitEthernet1/0/1] port hybrid ip-subnet-vlan vlan 200 [DeviceC-Ten-GigabitEthernet1/0/1] quit Configure Device A and Device B to allow packets from VLANs 100 and 200 to pass through, respectively. (Details not shown.) Verifying the configuration # Display information about all IP subnet-based VLANs.
Page 170 Figure 42 Network diagram VLAN 100 VLAN 200 IPv4 server IPv6 server XGE1/0/11 XGE1/0/12 XGE1/0/1 XGE1/0/2 Device L2 Switch A L2 Switch B IPv4 Host A IPv6 Host A IPv4 Host B IPv6 Host B VLAN 100 VLAN 200 VLAN 100 VLAN 200 Configuration procedure In this example, L2 Switch A and L2 Switch B use the factory configuration.
Page 171 [Device-vlan100] protocol-vlan 2 mode ethernetii etype 0806 [Device-vlan100] quit # Configure Ten-GigabitEthernet 1/0/1 as a hybrid port to forward packets from VLANs 100 and 200 untagged. [Device] interface ten-gigabitethernet 1/0/1 [Device-Ten-GigabitEthernet1/0/1] port link-type hybrid [Device-Ten-GigabitEthernet1/0/1] port hybrid vlan 100 200 untagged # Associate Ten-GigabitEthernet 1/0/1 with the IPv4 and ARP protocol templates of VLAN 100 and the IPv6 protocol template of VLAN 200.
Page 172 IPv6 # Display protocol-based VLANs on the ports of Device. [Device] display protocol-vlan interface all Interface: Ten-GigabitEthernet1/0/1 VLAN ID Protocol index Protocol type Status IPv4 Active Ethernet II Etype 0x0806 Active IPv6 Active Interface: Ten-GigabitEthernet 1/0/2 VLAN ID Protocol index Protocol type Status IPv4...
Page 173: Configuring Super Vlans
Configuring super VLANs Super VLAN, also called "VLAN aggregation," was introduced to save IP address space. A super VLAN is associated with multiple sub VLANs. These sub VLANs use the VLAN interface of the super VLAN (also known as a super VLAN interface) as the gateway for Layer 3 communication. Sub VLANs are isolated at Layer 2.
Page 174: Configuring A Super Vlan Interface
VLAN. Configuring a super VLAN interface H3C recommends not configuring VRRP for the VLAN interface of a super VLAN, because the configuration affects network performance. For more information about VRRP, see High Availability Configuration Guide.
Page 175: Displaying And Maintaining Super Vlans
Displaying and maintaining super VLANs Execute the display command in any view. Task Command Display information about super VLANs and all sub display supervlan [ supervlan-id ] VLANs associated with each super VLAN. Super VLAN configuration example Network requirements As shown in Figure Create super VLAN 10, and configure its VLAN interface IP address as 10.0.0.1/24.
Page 176: Verifying The Configuration
# Create VLAN 2, and assign Ten-GigabitEthernet 1/0/1 and Ten-GigabitEthernet 1/0/2 to the VLAN. [Sysname] vlan 2 [Sysname-vlan2] port ten-gigabitethernet 1/0/1 ten-gigabitethernet 1/0/2 [Sysname-vlan2] quit # Create VLAN 3, and assign Ten-GigabitEthernet 1/0/3 and Ten-GigabitEthernet 1/0/4 to the VLAN. [Sysname] vlan 3 [Sysname-vlan3] port ten-gigabitethernet 1/0/3 ten-gigabitethernet 1/0/4 [Sysname-vlan3] quit # Create VLAN 5, and assign Ten-GigabitEthernet 1/0/5 and Ten-GigabitEthernet 1/0/6 to the VLAN.
Page 177 Untagged ports: Ten-GigabitEthernet1/0/1 Ten-GigabitEthernet1/0/2 VLAN ID: 3 VLAN type: Static It is a sub VLAN. Route interface: Configured Ipv4 address: 10.0.0.1 Ipv4 subnet mask: 255.255.255.0 Description: VLAN 0003 Name: VLAN 0003 Tagged ports: none Untagged ports: Ten-GigabitEthernet1/0/3 Ten-GigabitEthernet1/0/4 VLAN ID: 5 VLAN type: static It is a sub VLAN.
Page 178: Configuring The Private Vlan
Configuring the private VLAN The private VLAN feature uses a two-tier VLAN structure, including a primary VLAN and secondary VLANs. This feature simplifies the network configuration and saves VLAN resources. A primary VLAN is used for upstream data exchange. A primary VLAN can be associated with multiple secondary VLANs.
Page 179: Configuration Restrictions And Guidelines
Configure a downlink port, for example, the port connecting Device B to a host in Figure 38, to operate in host mode. The downlink port can be automatically assigned to the secondary VLAN and its associated primary VLAN. If a downlink port allows multiple secondary VLANs, configure the port to operate in trunk secondary mode.
Page 180 Step Command Remarks Use either command. By default, ports in the same secondary VLAN can communicate with each other at Enable Layer 2 Layer 2. • undo private-vlan isolated communication for ports in the This configuration takes effect only • private-vlan community same secondary VLAN.
Page 181 Step Command Remarks Enter Layer 2 Ethernet interface interface-type interface view or Layer 2 interface-number aggregate interface view. • Configure the downlink port to operate in host mode: port private-vlan host Configure the downlink port By default, an interface does not •...
Page 182: Displaying And Maintaining The Private Vlan
Displaying and maintaining the private VLAN Execute the display command in any view. Task Command Display information about primary VLANs and the display private-vlan [ primary-vlan-id ] secondary VLANs associated with each primary VLAN. Private VLAN configuration examples Private VLAN configuration example in promiscuous mode Network requirements As shown in Figure...
Page 183 # Create VLANs 2 and 3, which are to be configured as secondary VLANs. [DeviceB] vlan 2 to 3 # Configure the uplink port Ten-GigabitEthernet 1/0/5 to operate in promiscuous mode in VLAN [DeviceB] interface ten-gigabitethernet 1/0/5 [DeviceB-Ten-GigabitEthernet1/0/5] port private-vlan 5 promiscuous [DeviceB-Ten-GigabitEthernet1/0/5] quit # Assign the downlink port Ten-GigabitEthernet 1/0/1 to VLAN 3, and configure the port to operate in host mode.
Page 184 [DeviceC-Ten-GigabitEthernet1/0/4] port private-vlan host [DeviceC-Ten-GigabitEthernet1/0/4] quit # Associate the secondary VLANs 3 and 4 with the primary VLAN 6. [DeviceC] vlan 6 [DeviceC-vlan6] private-vlan secondary 3 to 4 [DeviceC-vlan6] quit Verifying the configuration # Display the private VLAN configuration on Device B. [DeviceB] display private-vlan Primary VLAN ID: 5 Secondary VLAN ID: 2-3...
Page 185: Private Vlan Configuration Example In Trunk Promiscuous Mode
Private VLAN configuration example in trunk promiscuous mode Network requirements As shown in Figure VLAN 5 and VLAN 10 are primary VLANs on Device B. The uplink port Ten-GigabitEthernet 1/0/1 • permits the packets from VLAN 5 and VLAN 10 to pass through tagged. On Device B, the downlink port Ten-GigabitEthernet 1/0/2 permits secondary VLAN 2, and the •...
Page 186 [DeviceB] vlan 6 [DeviceB-vlan6] quit [DeviceB] vlan 8 [DeviceB-vlan8] quit # Configure the uplink port Ten-GigabitEthernet 1/0/1 to operate in trunk promiscuous mode in VLANs 5 and 10. [DeviceB] interface ten-gigabitethernet 1/0/1 [DeviceB-Ten-GigabitEthernet1/0/1] port private-vlan 5 10 trunk promiscuous [DeviceB-Ten-GigabitEthernet1/0/1] quit # Assign the downlink port Ten-GigabitEthernet 1/0/2 to VLAN 2, and configure the port to operate in host mode.
Page 187 # Configure Ten-GigabitEthernet 1/0/1 as a hybrid port, and configure the port to permit packets from VLAN 5 and VLAN 10 to pass through tagged. [DeviceA] interface ten-gigabitethernet 1/0/1 [DeviceA-Ten-GigabitEthernet1/0/1] port link-type hybrid [DeviceA-Ten-GigabitEthernet1/0/1] port hybrid vlan 5 10 tagged [DeviceA-Ten-GigabitEthernet1/0/1] quit Verifying the configuration # Verify configurations of the primary VLANs, for example, VLAN 5, on Device B.
Page 188: Private Vlan Configuration Example In Trunk Promiscuous And Trunk Secondary Modes
Private VLAN configuration example in trunk promiscuous and trunk secondary modes Network requirements As shown in Figure VLAN 10 and VLAN 20 are primary VLANs on Device A. The uplink port Ten-GigabitEthernet • 1/0/5 permits the packets from VLAN 10 and VLAN 20 to pass through tagged. VLAN 1 1, VLAN 12, VLAN 21, and VLAN 22 are secondary VLANs on Device A.
Page 189 [DeviceA] vlan 11 to 12 [DeviceA] vlan 21 to 22 # Associate the secondary VLANs 11 and 12 with the primary VLAN 10. [DeviceA] vlan 10 [DeviceA-vlan10] private-vlan secondary 11 12 [DeviceA-vlan10] quit # Associate the secondary VLANs 21 and 22 with the primary VLAN 20. [DeviceA] vlan 20 [DeviceA-vlan20] private-vlan secondary 21 22 [DeviceA-vlan20] quit...
Page 190 [DeviceB] interface ten-gigabitethernet 1/0/4 [DeviceB-Ten-GigabitEthernet1/0/4] port access vlan 11 [DeviceB-Ten-GigabitEthernet1/0/4] quit # Assign the port Ten-GigabitEthernet 1/0/3 to VLAN 21. [DeviceB] interface ten-gigabitethernet 1/0/3 [DeviceB-Ten-GigabitEthernet1/0/3] port access vlan 21 [DeviceB-Ten-GigabitEthernet1/0/3] quit Configure Device C: # Create VLAN 10 and VLAN 20. <DeviceC>...
Page 191 VLAN ID: 12 VLAN type: Static Private-vlan type: Secondary Route interface: Not configured Description: VLAN 0012 Name: VLAN 0012 Tagged ports: Ten-GigabitEthernet1/0/5 Untagged ports: Ten-GigabitEthernet1/0/3 # Display the configuration of primary VLAN 20 on Device A. [DeviceA] display private-vlan 20 Primary VLAN ID: 20 Secondary VLAN ID: 21-22 VLAN ID: 20...
Page 192: Secondary Vlan Layer 3 Communication Configuration Example
Secondary VLANs 1 1 and 12 are associated with primary VLAN 10. • • Secondary VLANs 21 and 22 are associated with primary VLAN 20. Secondary VLAN Layer 3 communication configuration example Network requirements As shown in Figure Primary VLAN 10 on Device B is associated with secondary VLANs 2 and 3. •...
Page 193: Host Mode
[DeviceB] interface ten-gigabitethernet 1/0/2 [DeviceB-Ten-GigabitEthernet1/0/2] port access vlan 2 [DeviceB-Ten-GigabitEthernet1/0/2] port private-vlan host [DeviceB-Ten-GigabitEthernet1/0/2] quit # Assign the downlink port Ten-GigabitEthernet 1/0/3 to VLAN 3, and configure the port to operate in host mode. [DeviceB] interface ten-gigabitethernet 1/0/3 [DeviceB-Ten-GigabitEthernet1/0/3] port access vlan 3 [DeviceB-Ten-GigabitEthernet1/0/3] port private-vlan host [DeviceB-Ten-GigabitEthernet1/0/3] quit # Enable Layer 3 communication between secondary VLANs 2 and 3 that are associated with primary...
Page 194 Name: VLAN 0002 Tagged ports: None Untagged ports: Ten-GigabitEthernet1/0/1 Ten-GigabitEthernet1/0/2 VLAN ID: 3 VLAN type: Static Private VLAN type: Secondary Route interface: Configured IPv4 address: 192.168.1.1 IPv4 subnet mask: 255.255.255.0 Description: VLAN 0003 Name: VLAN 0003 Tagged ports: None Untagged ports: Ten-GigabitEthernet1/0/1 Ten-GigabitEthernet1/0/3 The Route interface field in the output is Configured, indicating that secondary VLANs 2 and 3 are...
Page 195: Configuring Mvrp
Configuring MVRP Multiple Registration Protocol (MRP) is an attribute registration protocol used to transmit attribute messages. Multiple VLAN Registration Protocol (MVRP) is a typical MRP application. It synchronizes VLAN information among devices. MVRP propagates local VLAN information to other devices, receives VLAN information from other devices, and dynamically updates local VLAN information.
Page 196: Mrp Messages
MRP messages MRP messages include Join, New, Leave, and LeaveAll. Join and New messages are declarations, and Leave and LeaveAll messages are withdrawals. Join message An MRP participant sends a Join message to request the peer participant to register the specific attribute. When receiving a Join message from the peer participant, an MRP participant registers the specific attribute and propagates the Join message to all other participants on the device.
Page 197: Mrp Timers
MRP deregisters all attributes that have not been re-registered to periodically clear useless attributes in the network. MRP timers MRP uses the following timers to control message transmission. Periodic timer The Periodic timer controls the transmission of MRP messages. An MRP participant starts its own Periodic timer upon startup, and stores MRP messages to be sent before the Periodic timer expires.
Page 198: Protocols And Standards
Normal An MVRP participant in normal registration mode performs dynamic VLAN registrations and deregistrations. Fixed An MVRP participant in fixed registration mode disables deregistering dynamic VLANs and drops received MVRP packets. The MVRP participant does not deregister or register dynamic VLANs. Forbidden An MVRP participant in forbidden registration mode disables registering dynamic VLANs and drops received MVRP packets.
Page 199: Configuration Prerequisites
Configuration prerequisites Before configuring MVRP, perform the following tasks: • Make sure all MSTIs in the network are effective and each MSTI is mapped to an existing VLAN on each device in the network, because MVRP runs on a per-MSTI basis. Configure the involved ports as trunk ports, because MVRP takes effect only on trunk ports.
Page 200: Configuring Mrp Timers
Step Command Remarks Enter Layer 2 Ethernet interface interface-type interface view or Layer 2 interface-number aggregate interface view. Optional. Configure an MVRP mvrp registration { fixed | The default setting is normal registration mode. forbidden | normal } registration mode. Configuring MRP timers To avoid frequent VLAN registrations and deregistrations, use the same MRP timers throughout the network.
Page 201: Enabling Gvrp Compatibility
To restore the default settings of the timers, H3C recommends restoring the Join timer first, followed • by the Leave and LeaveAll timers. Table 11 Dependencies of the Join, Leave, and LeaveAll timers Timer Lower limit Upper limit Join 20 centiseconds...
Page 202: Mvrp Configuration Example
MVRP configuration example Network requirements As shown in Figure 50, create VLAN 10 on Device A and VLAN 20 on Device B. Configure MSTP, map VLAN 10 to MSTI 1, map VLAN 20 to MSTI 2, and map the other VLANs to MSTI 0. Configure MVRP and set the MVRP registration mode to normal, so that Device A, Device B, Device C, and Device D can register and deregister dynamic VLANs and keep identical VLAN configuration for each MSTI.
Page 203 # Configure the MST region name, VLAN-to-instance mappings, and revision level. [DeviceA-mst-region] region-name example [DeviceA-mst-region] instance 1 vlan 10 [DeviceA-mst-region] instance 2 vlan 20 [DeviceA-mst-region] revision-level 0 # Manually activate the MST region configuration. [DeviceA-mst-region] active region-configuration [DeviceA-mst-region] quit # Configure Device A as the primary root bridge of MSTI 1. [DeviceA] stp instance 1 root primary # Globally enable the spanning tree feature.
Page 204 [DeviceB-mst-region] region-name example [DeviceB-mst-region] instance 1 vlan 10 [DeviceB-mst-region] instance 2 vlan 20 [DeviceB-mst-region] revision-level 0 # Manually activate the MST region configuration. [DeviceB-mst-region] active region-configuration [DeviceB-mst-region] quit # Configure Device B as the primary root bridge of MSTI 2. [DeviceB] stp instance 2 root primary # Globally enable the spanning tree feature.
Page 205 [DeviceC-mst-region] region-name example [DeviceC-mst-region] instance 1 vlan 10 [DeviceC-mst-region] instance 2 vlan 20 [DeviceC-mst-region] revision-level 0 # Manually activate the MST region configuration. [DeviceC-mst-region] active region-configuration [DeviceC-mst-region] quit # Configure Device C as the root bridge of MSTI 0. [DeviceC] stp instance 0 root primary # Globally enable the spanning tree feature.
Page 206: Verifying The Configuration
# Configure port Ten-GigabitEthernet 1/0/1 as a trunk port, and configure it to permit VLANs 20 and [DeviceD] interface ten-gigabitethernet 1/0/1 [DeviceD-Ten-GigabitEthernet1/0/1] port link-type trunk [DeviceD-Ten-GigabitEthernet1/0/1] port trunk permit vlan 20 40 # Enable MVRP on port Ten-GigabitEthernet 1/0/1. [DeviceD-Ten-GigabitEthernet1/0/1] mvrp enable [DeviceD-Ten-GigabitEthernet1/0/1] quit # Configure port Ten-GigabitEthernet 1/0/2 as a trunk port, and configure it to permit VLAN 40.
Page 207 Periodic Timer : 100 (centiseconds) LeaveAll Timer : 1000 (centiseconds) Registration Type : Normal Registered VLANs : None Declared VLANs : 1(default) Propagated VLANs : None ----[Ten-GigabitEthernet1/0/3]---- Config Status : Enabled Running Status : Enabled Join Timer : 20 (centiseconds) Leave Timer : 60 (centiseconds) Periodic Timer...
Page 208 1(default), 20 Propagated VLANs : 1(default) ----[Ten-GigabitEthernet1/0/2]---- Config Status : Enabled Running Status : Enabled Join Timer : 20 (centiseconds) Leave Timer : 60 (centiseconds) Periodic Timer : 100 (centiseconds) LeaveAll Timer : 1000 (centiseconds) Registration Type : Normal Registered VLANs : 1(default), 10 Declared VLANs : 1(default), 20...
Page 209 Running Status : Enabled Join Timer : 20 (centiseconds) Leave Timer : 60 (centiseconds) Periodic Timer : 100 (centiseconds) LeaveAll Timer : 1000 (centiseconds) Registration Type : Normal Registered VLANs : 1(default), 10, 20 Declared VLANs : 1(default) Propagated VLANs : 1(default), 10 ----[Ten-GigabitEthernet1/0/2]---- Config...
Page 210 Declared VLANs : 1(default) Propagated VLANs : 1(default), 20 ----[Ten-GigabitEthernet1/0/2]---- Config Status : Enabled Running Status : Enabled Join Timer : 20 (centiseconds) Leave Timer : 60 (centiseconds) Periodic Timer : 100 (centiseconds) LeaveAll Timer : 1000 (centiseconds) Registration Type : Normal Registered VLANs : 1(default)
Page 211 Declared VLANs : Propagated VLANs : The output shows that the VLAN information on Ten-GigabitEthernet 1/0/3 is not changed after you set the MVRP registration mode to fixed on Ten-GigabitEthernet 1/0/3. # Delete VLAN 10 on Device A. [DeviceA] undo vlan 10 # Display the local MVRP VLAN information on Ten-GigabitEthernet 1/0/3.
Page 212: Configuring Qinq
Configuring QinQ This document uses the following terms: CVLAN—Customer network VLANs, also called inner VLANs, refer to VLANs that a customer uses • on the private network. SVLAN—Service provider network VLANs, also called outer VLANs, refer to VLANs that a service •...
Page 213: Qinq Implementations
As shown in Figure 52, customer A has remote sites CE 1 and CE 4. Customer B has remote sites CE 2 and CE 3. The CVLANs of the two customers overlap. The service provider assigns SVLANs 3 and 4 to customer networks A and B, respectively.
Page 214: Restrictions And Guidelines
The inner 802.1Q tag of QinQ frames is treated as part of payload. For correct transmission of QinQ frames, H3C recommends that you set the MTU to a minimum of 1504 bytes for each port on the forwarding path of QinQ frames. This value is the sum of the default Ethernet interface MTU (1500 bytes) and a VLAN tag's size (4 bytes).
Page 215: Configuring The Tpid In Vlan Tags
Step Command Remarks By default, the link type of Configure the port link type. port link-type { hybrid | trunk } ports is access. • For hybrid ports: By default, trunk ports allow port hybrid vlan vlan-id-list { tagged Configure the port to allow only packets from VLAN 1 to | untagged } packets from its PVID and the...
Page 216: Configuring The Cvlan Tpid
Protocol type Value IPX/SPX 0x8137 IS-IS 0x8000 LACP 0x8809 802.1X 0x888E LLDP 0x88CC 802.1ag 0x8902 Cluster 0x88A7 Reserved 0xFFFD/0xFFFE/0xFFFF Configuring the CVLAN TPID Step Command Remarks Enter system view. system-view Configure the TPID value for qinq ethernet-type customer-tag The default setting is 0x8100 for CVLAN tags.
Page 217 Alternatively, you can configure a QoS policy to set the 802.1p priority in the SVLAN by using one of the following methods: Sets an 802.1p priority value in the SVLAN tag depending on the VLAN ID or 802.1p priority in the •...
Page 218: Displaying And Maintaining Qinq
Step Command Remarks By default, the device does not trust the 802.1p priority carried in frames. Configure the port to trust the 802.1p priority in qos trust dot1p Skip this step if the incoming frames. remark dot1p customer-dot1p-trust command is configured. Enable QinQ.
Page 219: Configuration Procedure
Figure 53 Network diagram VLANs 30 to 90 VLANs 10 to 70 CE 3 CE 4 Site 3 Site 2 Company B Company A XGE1/0/3 XGE1/0/3 XGE1/0/2 XGE1/0/2 VLANs 100 and 200 PE 1 PE 2 TPID = 0x8200 XGE1/0/1 XGE1/0/1 Service provider network Company A...
Page 220 [PE1-Ten-GigabitEthernet1/0/3] port link-type trunk [PE1-Ten-GigabitEthernet1/0/3] port trunk permit vlan 200 30 to 90 # Configure VLAN 200 as the PVID for the port. [PE1-Ten-GigabitEthernet1/0/3] port trunk pvid vlan 200 # Enable QinQ on the port. [PE1-Ten-GigabitEthernet1/0/3] qinq enable [PE1-Ten-GigabitEthernet1/0/3] quit Configuring PE 2 Configure Ten-GigabitEthernet 1/0/1: # Configure the port as a trunk port, and assign it to VLAN 200 and VLANs 30 through 90.
Page 221: Vlan Transparent Transmission Configuration Example
VLAN transparent transmission configuration example Network requirements As shown in Figure The service provider assigns VLAN 100 to a company's VLANs 10 through 50. • VLAN 3000 is the dedicated VLAN of the company on the service provider network. • Configure QinQ on PE 1 and PE 2 to provide Layer 2 connectivity for CVLANs 10 through 50 over the service provider network.
Page 222 [PE1-Ten-GigabitEthernet1/0/1] quit Configure Ten-GigabitEthernet 1/0/2 as a trunk port, and assign it to VLANs 100 and 3000. [PE1] interface ten-gigabitethernet 1/0/2 [PE1-Ten-GigabitEthernet1/0/2] port link-type trunk [PE1-Ten-GigabitEthernet1/0/2] port trunk permit vlan 100 3000 [PE1-Ten-GigabitEthernet1/0/2] quit Configuring PE 2 Configure Ten-GigabitEthernet 1/0/1: # Configure the port as a trunk port, and assign it to VLANs 10 through 50, 100, and 3000.
Page 223: Configuring Vlan Mapping
Configuring VLAN mapping Overview VLAN mapping re-marks VLAN tagged traffic with new VLAN IDs. H3C provides the following types of VLAN mapping: • One-to-one VLAN mapping—Replaces one VLAN tag with another. Many-to-one VLAN mapping—Replaces multiple VLAN tags with the same VLAN tag.
Page 224 Figure 55 Application scenario of one-to-one and many-to-one VLAN mapping Figure 55, the network is planned as follows: Each home gateway uses different VLANs to transmit the PC, VoD, and VoIP services. • To further sub-classify each type of traffic by customer, configure one-to-one VLAN mapping on the •...
Page 225: Application Scenario Of One-To-Two And Two-To-Two Vlan Mapping
Application scenario of one-to-two and two-to-two VLAN mapping Figure 56 shows a typical application scenario of one-to-two and two-to-two VLAN mapping. In this scenario, the two remote sites of the same VPN must communicate across two SP networks. Figure 56 Application scenario of one-to-two and two-to-two VLAN mapping Site 1 and Site 2 are in VLAN 2 and VLAN 3, respectively.
Page 226 Figure 57 Basic VLAN mapping concepts Network-side port Customer-side port Uplink traffic Downlink traffic One-to-one VLAN mapping Figure 58, one-to-one VLAN mapping is implemented on the customer-side port and replaces VLAN tags as follows: Replaces the CVLAN with the SVLAN for the uplink traffic. •...
Page 227 Figure 59 Many-to-one VLAN mapping implementation One-to-two VLAN mapping Figure 60, one-to-two VLAN mapping is implemented on the customer-side port to add the SVLAN tag for the uplink traffic. For the downlink traffic to be correctly sent to the customer network, make sure the SVLAN tag is removed on the customer-side port before transmission.
Page 228: General Configuration Restrictions And Guidelines
Figure 61 Two-to-two VLAN mapping implementation Two-to-two VLAN mapping SVLAN CVLAN Data SVLAN’ CVLAN’ Data Customer SP network network SVLAN CVLAN Data SVLAN’ CVLAN’ Data Uplink traffic Downlink traffic Network-side port Customer-side port General configuration restrictions and guidelines When you configure VLAN mapping, follow these restrictions and guidelines: When you configure one-to-two VLAN mapping on a QinQ-enabled port, the switch operates as •...
Page 229: Configuring One-To-One Vlan Mapping
Tasks at a glance Remarks Configuring many-to-one VLAN mapping: Configure many-to-one VLAN mapping on the campus • Configuring many-to-one VLAN mapping in a switch as shown in Figure network with dynamic IP address assignment Complete one of the tasks based on the IP address •...
Page 230: Configuring Many-To-One Vlan Mapping
Configuring many-to-one VLAN mapping Configure many-to-one VLAN mapping on campus switches (see Figure 55) to transmit the same type of traffic from different users in one VLAN. Configuring many-to-one VLAN mapping in a network with dynamic IP address assignment In a network where IP addresses are dynamically assigned, configure many-to-one VLAN mapping with DHCP snooping.
Page 231 To enable ARP detection: Step Command Remarks Enter system view. system-view Enter VLAN view. vlan vlan-id By default, ARP detection is disabled. For more information about ARP detection Enable ARP detection. arp detection enable configuration commands, see Security Command Reference. Configuring the customer-side port Step Command...
Page 232: Configuring Many-To-One Vlan Mapping In A Network With Static Ip Address Assignment
Step Command Remarks • Configure the port as a trunk port: port link-type trunk By default, the link type of a port is Set the link type of the port. • access. Configure the port as a hybrid port: port link-type hybrid By default: •...
Page 233 Use the reset arp snooping command to clear this ARP snooping entry by specifying the ip ip-address option. Wait for this ARP snooping entry to be aged out. Customer-side many-to-one VLAN mapping is not supported on Layer 2 aggregate interfaces. •...
Page 234: Configuring One-To-Two Vlan Mapping
Step Command Remarks By default: • A trunk port allows only packets • port trunk permit vlan Assign the port to the original from VLAN 1 to pass through. vlan-id-list VLANs and the translated • A hybrid port is an untagged •...
Page 235: Configuring Two-To-Two Vlan Mapping
The MTU of an interface is 1500 bytes by default. After a VLAN tag is added to a packet, the packet length is added by 4 bytes. When you configure one-to-two VLAN mapping, H3C recommends that you set the MTU to a minimum of 1504 bytes on interfaces in the service provider network.
Page 236: Displaying And Maintaining Vlan Mapping
Step Command Remarks Enter system view. system-view • Enter Layer 2 Ethernet interface view: interface interface-type Enter Layer 2 Ethernet interface-number interface view or Layer 2 • Enter Layer 2 aggregate interface aggregate interface view. view: interface bridge-aggregation interface-number • Configure the port as a trunk port: port link-type trunk By default, the link type of a...
Page 237 Each household subscribes to PC, VoD, and VoIP services, and obtains the IP address through • DHCP. On the home gateways, VLANs 1, 2, and 3 are assigned to PC, VoD, and VoIP traffic, respectively. • To isolate traffic of the same service type from different households, configure one-to-one VLAN mappings on the wiring-closet switches.
Page 238 Figure 62 Network diagram Configuration procedure Configure Switch A: # Create the original VLANs. <SwitchA> system-view [SwitchA] vlan 2 to 3 # Create the translated VLANs. [SwitchA] vlan 101 to 102 [SwitchA] vlan 201 to 202 [SwitchA] vlan 301 to 302 # Configure the customer-side port Ten-GigabitEthernet 1/0/1 as a trunk port, and assign the port to all original VLANs and translated VLANs.
Page 239: Enable Dhcp Snooping
[SwitchA-Ten-GigabitEthernet1/0/1] port trunk permit vlan 1 2 3 101 201 301 # Configure one-to-one VLAN mappings on Ten-GigabitEthernet 1/0/1 to map VLANs 1, 2, and 3 to VLANs 101, 201, and 301, respectively. [SwitchA-Ten-GigabitEthernet1/0/1] vlan mapping 1 translated-vlan 101 [SwitchA-Ten-GigabitEthernet1/0/1] vlan mapping 2 translated-vlan 201 [SwitchA-Ten-GigabitEthernet1/0/1] vlan mapping 3 translated-vlan 301 [SwitchA-Ten-GigabitEthernet1/0/1] quit # Configure the customer-side port Ten-GigabitEthernet 1/0/2 as a trunk port, and assign the port...
Page 240 [SwitchC-vlan303] arp detection enable [SwitchC-vlan303] vlan 104 [SwitchC-vlan104] arp detection enable [SwitchC-vlan104] vlan 204 [SwitchC-vlan204] arp detection enable [SwitchC-vlan204] vlan 304 [SwitchC-vlan304] arp detection enable [SwitchC-vlan304] vlan 501 [SwitchC-vlan501] arp detection enable [SwitchC-vlan501] vlan 502 [SwitchC-vlan502] arp detection enable [SwitchC-vlan502] vlan 503 [SwitchC-vlan503] arp detection enable [SwitchC-vlan503] quit # Configure the customer-side port Ten-GigabitEthernet 1/0/1 as a trunk port, and assign the port...
Page 241 # Configure the network-side port Ten-GigabitEthernet 1/0/3 to use the original VLAN tags of the many-to-one mappings to replace the VLAN tags of the packets destinated to the user network. [SwitchC] interface ten-gigabitethernet 1/0/3 [SwitchC-Ten-GigabitEthernet1/0/3] vlan mapping nni # Configure Ten-GigabitEthernet 1/0/3 as a trunk port, and assign the port to the translated VLANs.
Page 242: One-To-Two And Two-To-Two Vlan Mapping Configuration Example
303-304 One-to-two and two-to-two VLAN mapping configuration example Network requirements As shown in Figure Two VPN A branches, Site 1 and Site 2, are in VLAN 5 and VLAN 6, respectively. • • The two sites use different VPN access services from different service providers, SP 1 and SP 2. SP 1 assigns VLAN 100 to Site 1 and Site 2.
Page 243 [PE1-Ten-GigabitEthernet1/0/2] port trunk permit vlan 100 [PE1-Ten-GigabitEthernet1/0/2] quit Configure PE 2: # Configure Ten-GigabitEthernet 1/0/1 as a trunk port, and assign the port to VLAN 100. <PE2> system-view [PE2] interface ten-gigabitethernet 1/0/1 [PE2-Ten-GigabitEthernet1/0/1] port link-type trunk [PE2-Ten-GigabitEthernet1/0/1] port trunk permit vlan 100 [PE2-Ten-GigabitEthernet1/0/1] quit # Configure Ten-GigabitEthernet 1/0/2 as a trunk port, and assign the port to VLAN 100.
Page 244 [PE4-Ten-GigabitEthernet1/0/2] vlan mapping nest single 6 nested-vlan 200 [PE4-Ten-GigabitEthernet1/0/2] quit Verifying the configuration # Verify the VLAN mappings on PE 1. [PE1] display vlan mapping Interface Ten-GigabitEthernet1/0/1: Outer VLAN Inner VLAN Translated Outer VLAN Translated Inner VLAN # Verify the VLAN mappings on PE 3. [PE3] display vlan mapping Interface Ten-GigabitEthernet1/0/1: Outer VLAN...
Page 245: Configuring Pbb
Configuring PBB Overview IEEE 802.1ah Provider Backbone Bridge (PBB) is a MAC-in-MAC Layer 2 VPN technology. It interconnects multiple provider bridged networks to build a large-scale end-to-end Layer 2 provider bridged network. PBB network model As shown in Figure 64, the PBB network includes backbone edge bridges and backbone core bridges. Backbone edge bridges connect customer sites or provider bridge networks to the PBB network.
Page 246: Pbb Frame Format
A provider bridge network (PBN) connects a PBBN to a customer network. A customer network can connect to a PBBN directly or through a PBN. A backbone edge bridge (BEB) is an edge device in a PBBN. A BEB encapsulates frames from a customer network by using PBB.
Page 247 Table 14 describes key fields in the frame. Table 14 PBB frame fields Field Full name Description Destination B-MAC, outer destination MAC address in a PBB Backbone destination MAC frame. It is the MAC address of the BEB at the destination end B-DA address of the PBBN tunnel.
Page 248: Pbb Frame Forwarding
PBB is not available on S5820V2-52QF switches labeled with the product code LS-5820V2-52QF-H5. The product code label is located on the rear panel. For more information about the product code location, see H3C S5830V2&S5820V2 Switch Series Installation Guide. PBB configuration task list You need to configure PBB only on BEBs.
Page 249: Enabling L2Vpn
Tasks at a glance (Required.) Configuring a B-VLAN for a PBB VSI (Required.) Configuring an uplink port (Required.) Configuring a downlink port Enabling L2VPN Step Command Remarks Enter system view. system-view Enable L2VPN. l2vpn enable By default, L2VPN is disabled. Creating a PBB VSI You must assign a unique I-SID to each PBB VSI for identification.
Page 250: Configuring A B-Vlan For A Pbb Vsi
Step Command Remarks Enter VSI view. vsi vsi-name Configure the VSI as a PBB VSI, specify a PBB I-SID for the pbb i-sid i-sid PBB VSI, and enter PBB VSI view. Specify an encapsulation type By default, the VLAN encapsulation encapsulation { ethernet | vlan } for the PBB VSI.
Page 251: Configuring A Downlink Port
Step Command Remarks Specify the port as the uplink By default, a port is not configured port for the specified or all pbb uplink { all | vsi vsi-name-list } as the uplink port of any PBB VSI. PBB VSIs. Configuring a downlink port On the BEB, frames from the customer network are mapped to a PBB VSI based on match criteria configured on downlink ports.
Page 252: Pbb Configuration Example
Task Command display l2vpn minm forwarding [ vsi vsi-name ] [ slot Display MAC-in-MAC forwarding entries. slot-number ] Display VSI information. display l2vpn vsi [ name vsi-name ] [ verbose ] reset pbb connection [ bvlan vlan-id | interface Clear the PBB VSI uplink connection information. interface-type interface-number ] * PBB configuration example Network requirements...
Page 253: Verifying The Configuration
# Specify B-VLAN 20 for the PBB VSI. [BEB1-vsi-aaa-1] bvlan 20 [BEB1-vsi-aaa-1] quit [BEB1-vsi-aaa] quit # Configure Ten-GigabitEthernet 1/0/1 as a trunk port, assign it to VLAN 20, and configure it as an uplink port of the PBB VSI. [BEB1] interface ten-gigabitethernet 1/0/1 [BEB1-Ten-GigabitEthernet1/0/1] port link-type trunk [BEB1-Ten-GigabitEthernet1/0/1] port trunk permit vlan 20 [BEB1-Ten-GigabitEthernet1/0/1] pbb uplink vsi aaa...
Page 254: Solution
Use the display vlan all command to verify that the following settings are configured on all BCBs: The B-VLAN is created on each BCB. All ports on the path between the BEBs are assigned to the B-VLAN. If the problem persists, contact H3C Support.
Page 255: Configuring Lldp
Configuring LLDP You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see "Configuring Ethernet interfaces"). Overview In a heterogeneous network, a standard configuration exchange platform ensures that different types of network devices from different vendors can discover one another and exchange configuration. The Link Layer Discovery Protocol (LLDP) is specified in IEEE 802.1AB.
Page 256 Figure 68 LLDP neighbor relationships Nearest Nearest customer customer bridge bridge Nearest non- Nearest non- Nearest non- Nearest non- TPMR bridge TPMR bridge TPMR bridge TPMR bridge Nearest bridge Nearest bridge Nearest bridge Nearest bridge XGE1/0/1 XGE1/0/2 XGE1/0/3 XGE1/0/4 CB 1 SB 1 CB 2 LLDP frame formats...
Page 257 LLDP frame encapsulated in SNAP • Figure 70 SNAP-encapsulated LLDP frame Table 16 Fields in a SNAP-encapsulated LLDP frame Field Description MAC address to which the LLDP frame is advertised. It is the same as that Destination MAC address for Ethernet II-encapsulated LLDP frames. Source MAC address MAC address of the sending port.
Page 258 Organizationally specific TLVs and LLDP-MED TLVs are used for enhanced device management. They are defined by standardization or other organizations and are optional for LLDPDUs. Basic management TLVs • Table 17 lists the basic management TLV types. Some of them are mandatory for LLDPDUs. Table 17 Basic management TLVs Type Description...
Page 259 ETS Recommendation ETS recommendation. Priority-based Flow Control. Application protocol. NOTE: H3C devices support only receiving protocol identity TLVs and VID usage digest TLVs. • Layer 3 Ethernet ports support only link aggregation TLVs. • IEEE 802.3 organizationally specific TLVs •...
Page 260: Working Mechanism
Type Description Allows a network device or terminal device to advertise the VLAN Network Policy ID of a port, the VLAN type, and the Layer 2 and Layer 3 priorities for applications. Allows a network device or terminal device to advertise power Extended Power-via-MDI supply capability.
Page 261: Protocols And Standards
Transmitting LLDP frames An LLDP agent operating in TxRx mode or Tx mode sends LLDP frames to its directly connected devices both periodically and when the local configuration changes. To prevent LLDP frames from overwhelming the network during times of frequent changes to local device information, LLDP uses the token bucket mechanism to rate limit LLDP frames.
Page 262: Configuring Lldp Basics
To use LLDP together with OpenFlow, you must enable LLDP globally on OpenFlow switches. To prevent LLDP from affecting topology discovery of OpenFlow controllers, H3C recommends that you disable LLDP on ports of OpenFlow instances. For more information about OpenFlow, see OpenFlow Configuration Guide.
Page 263: Setting The Lldp Operating Mode
Service bridge mode—LLDP supports nearest bridge agents and nearest non-TPMR bridge agents. • LLDP processes the LLDP frames with destination MAC addresses for these agents and transparently transmits the LLDP frames with other destination MAC addresses in the VLAN. • Customer bridge mode—LLDP supports nearest bridge agents, nearest non-TPMR bridge agents, and nearest customer bridge agents.
Page 264: Setting The Lldp Re-Initialization Delay
Setting the LLDP re-initialization delay When the LLDP operating mode changes on a port, the port initializes the protocol state machines after an LLDP re-initialization delay. By adjusting the delay, you can avoid frequent initializations caused by frequent changes to the LLDP operating mode on a port. To set the LLDP re-initialization delay for ports: Step Command...
Page 265 Step Command Remarks Enter Layer 2/Layer 3 Ethernet interface view, management Ethernet interface interface-type interface-number interface view, or Layer 2/Layer 3 aggregate interface view. • lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | By default: management-address-tlv [ ip-address ] } | dot1-tlv { all | port-vlan-id |...
Page 266: Configuring The Management Address And Its Encoding Format
Step Command Remarks By default: • Nearest non-TPMR • lldp agent nearest-nontpmr tlv-enable bridge agents can { basic-tlv { all | management-address-tlv advertise only EVB [ ip-address ] | port-description | TLVs. system-capability | system-description | • Nearest customer system-name } | dot1-tlv { all | evb | bridge agents can port-vlan-id } } advertise basic TLVs...
Page 267: Setting Other Lldp Parameters
Step Command Remarks • In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view: By default: lldp [ agent { nearest-customer | nearest-nontpmr } ] • Nearest bridge agents and tlv-enable basic-tlv Allow LLDP to advertise the nearest customer bridge agents management-address-tlv management address in LLDP can advertise the management...
Page 268: Setting An Encapsulation Format For Lldp Frames
Step Command Remarks Set the token bucket size for lldp max-credit credit-value The default setting is 5. sending LLDP frames. Set the LLDP frame lldp timer tx-delay delay The default setting is 2 seconds. transmission delay. Set the number of LLDP frames sent each time fast LLDP frame lldp fast-count count The default setting is 4.
Page 269: Configuration Prerequisites
CDP compatibility enables a switch to use LLDP to perform the following tasks: • Receive and recognize the CDP packets from the directly-connected device. Send CDP packets to the directly-connected device. • The packets that the switch sends to the neighboring CDP device carry the device ID, the ID of the port connecting to the neighboring device, the port IP address, the PVID, and the TTL.
Page 270: Configuring Dcbx
Detects configuration errors on peer devices. Remotely configures the peer device if the peer device accepts the configuration. • NOTE: H3C devices support only the remote configuration function. Figure 72 DCBX application scenario DCBX enables lossless packet transmission on DCE networks. As shown in...
Page 271: Dcbx Configuration Task List
In IEEE Std 802.1Qaz-201 1: • ETS Configuration ETS Recommendation H3C devices can send these types of DCBX information to a server's or disk device's adapter supporting FCoE, but they cannot accept them. DCBX configuration task list Tasks at a glance (Required.)
Page 272: Configuring App Parameters
Step Command Remarks Enter Layer 2 Ethernet interface interface-type interface-number interface view. By default, LLDP is enabled on Enable LLDP. lldp enable an interface. By default, DCBX TLV Enable the interface to lldp tlv-enable dot1-tlv dcbx advertising is disabled on an advertise DCBX TLVs.
Page 273 Step Command Remarks An Ethernet frame header ACL number is in the range of 4000 to 4999. An IPv4 advanced ACL number is in the range of 3000 to Create an Ethernet frame 3999. acl number acl-number [ name header ACL or an IPv4 acl-name ] [ match-order { auto | DCBX Rev 1.00 supports only advanced ACL and enter ACL...
Page 274: Configuring Ets Parameters
Step Command Remarks • (Method 1) To the outgoing traffic of all ports: qos apply policy policy-name global outbound • (Method 2) To the outgoing • Configurations made in system traffic of a Layer 2 Ethernet view take effect on all ports. interface: Apply the QoS policy.
Page 275: Configuring Pfc Parameters
For more information about the qos map-table, qos map-table color, and import commands, see ACL and QoS Command Reference. Configuring group-based WRR queuing You can configure group-based WRR queuing to allocate bandwidth. To configure group-based WRR queuing: Step Command Remarks Enter system view.
Page 276: Configuring The Dcbx Version
Step Command Remarks By default, PFC is disabled for all 802.1p priorities. H3C recommends that you enable Enable PFC for the specified priority-flow-control no-drop PFC for the 802.1p priority of 802.1p priorities. dot1p dot1p-list FCoE traffic. If you enable PFC for multiple 802.1p priorities, packet...
Page 277: Configuring Lldp Trapping And Lldp-Med Trapping
Step Command Remarks By default, the DCBX version is not configured. It is autonegotiated by the Configure the DCBX dcbx version { rev100 | rev101 | local port and the peer port. IEEE Std version. standard } 802.1Qaz-2011 (standard version) is used as the initial version for negotiation at the local end.
Page 278: Displaying And Maintaining Lldp
Displaying and maintaining LLDP Execute display commands in any view. Task Command display lldp local-information [ global | interface interface-type Display local LLDP information. interface-number ] Display the information contained display lldp neighbor-information [ [ [ interface interface-type in the LLDP TLVs sent from interface-number ] [ agent { nearest-bridge | nearest-customer | neighboring devices.
Page 279 # Enable LLDP on Ten-GigabitEthernet 1/0/1. By default, LLDP is enabled on ports. [SwitchA] interface ten-gigabitethernet 1/0/1 [SwitchA-Ten-GigabitEthernet1/0/1] lldp enable # Set the LLDP operating mode to Rx on Ten-GigabitEthernet 1/0/1. [SwitchA-Ten-GigabitEthernet1/0/1] lldp admin-status rx [SwitchA-Ten-GigabitEthernet1/0/1] quit # Enable LLDP on Ten-GigabitEthernet 1/0/2. By default, LLDP is enabled on ports. [SwitchA] interface ten-gigabitethernet 1/0/2 [SwitchA-Ten-GigabitEthernet1/0/2] lldp enable # Set the LLDP operating mode to Rx on Ten-GigabitEthernet 1/0/2.
Page 280 Trap flag : No MED trap flag : No Polling interval : 0s Number of LLDP neighbors Number of MED neighbors Number of CDP neighbors Number of sent optional TLV : 21 Number of received unknown TLV : 0 LLDP agent nearest-customer: Port status of LLDP : Enable Admin status...
Page 281 Admin status : Disable Trap flag : No MED trap flag : No Polling interval : 0s Number of LLDP neighbors Number of MED neighbors Number of CDP neighbors Number of sent optional TLV : 16 Number of received unknown TLV : 0 # Remove the link between Switch A and Switch B.
Page 282: Dcbx Configuration Example
LLDP status information of port 2 [Ten-GigabitEthernet1/0/2]: LLDP agent nearest-bridge: Port status of LLDP : Enable Admin status : RX_Only Trap flag : No MED trap flag : No Polling interval : 0s Number of LLDP neighbors Number of MED neighbors Number of CDP neighbors Number of sent optional TLV Number of received unknown TLV : 0...
Page 283 Figure 74 Network diagram Configuration procedure Enable LLDP and DCBX TLV advertising: # Enable LLDP globally. <SwitchA> system-view [SwitchA] lldp global enable # Enable LLDP and DCBX TLV advertising on interface Ten-GigabitEthernet 1/0/1. [SwitchA] interface ten-gigabitethernet 1/0/1 [SwitchA-Ten-GigabitEthernet1/0/1] lldp enable [SwitchA-Ten-GigabitEthernet1/0/1] lldp tlv-enable dot1-tlv dcbx Configure the DCBX version as Rev.
Page 284 [SwitchA-Ten-GigabitEthernet1/0/1] qos apply policy plcy outbound [SwitchA-Ten-GigabitEthernet1/0/1] quit Configure ETS parameters: # Configure the 802.1p-to-local priority mapping table to map 802.1p priority value 3 to local precedence 3. (This is the default mapping table. You can modify this configuration as needed.) [SwitchA] qos map-table dot1p-lp [SwitchA-maptbl-dot1p-lp] import 3 export 3 [SwitchA-maptbl-dot1p-lp] quit...
Page 285 Priority Group ID of Priority 3: 15 Priority Group ID of Priority 2: 1 Priority Group ID of Priority 5: 5 Priority Group ID of Priority 4: 4 Priority Group ID of Priority 7: 7 Priority Group ID of Priority 6: 6 Priority Group 0 Percentage: 2 Priority Group 1 Percentage: 4 Priority Group 2 Percentage: 6...
Page 286 Number of Traffic Classes Supported: 8 DCBX Parameter Information Parameter Type: Local Pad Byte Present: Yes DCBX Parameter Valid: Yes Reserved: 0 DCBX Parameter Data Priority Group ID of Priority 1: 0 Priority Group ID of Priority 0: 0 Priority Group ID of Priority 3: 1 Priority Group ID of Priority 2: 0 Priority Group ID of Priority 5: 0 Priority Group ID of Priority 4: 0...
Page 287 PFC Enabled on Priority 5: No PFC Enabled on Priority 6: No PFC Enabled on Priority 7: No Number of Traffic Classes Supported: 6 DCBX Parameter Information Parameter Type: Remote Pad Byte Present: No DCBX Parameter Valid: Yes Reserved: 0 DCBX Parameter Data PFC Enabled on Priority 0: No PFC Enabled on Priority 1: No...
Page 288: Configuring Service Loopback Groups
Configuring service loopback groups A service loopback group contains one or multiple Ethernet ports for looping packets sent out by the device back to the device. This feature must work with other features, such as GRE. A service loopback group provides one of the following services: Tunnel—Supports unicast tunnel traffic.
Page 289: Displaying And Maintaining Service Loopback Groups
Displaying and maintaining service loopback groups Execute display commands in any view. Task Command Display information about service loopback groups. display service-loopback group [ number ] Service loopback group configuration example Network requirements All Ethernet ports on Device A support the tunnel service. Assign Ten-GigabitEthernet 1/0/1 through Ten-GigabitEthernet 1/0/3 to a service loopback group to loop GRE packets sent out by the device back to the device.
Page 290: Configuring Cut-Through Layer 2 Forwarding
Configuring cut-through Layer 2 forwarding A cut-through forwarding-enabled device forwards a frame after it receives the first 64 bytes of the frame. This feature reduces the transmission time of a frame within the device, and enhances forwarding performance. To configure cut-through forwarding: Step Command Remarks...
Page 291: Index
Index Numerics LLDP advertisable TLV, LLDP+DCBX TLV advertisement, 10-GE interface aggregating combine, link. See Ethernet link aggregation 40-GE interface split, aging 802.x MAC address table timer, 802.3 LLDPDU TLV types, spanning tree max age timer, 802.X algorithm 802.1Q-in-802.1Q. Use QinQ STP calculation, 802.x alternate port (MST),...
Page 292 bridging PBB network model, backbone spanning tree root bridge, core bridge. See spanning tree root bridge (device), edge bridge. See BEBBCB spanning tree secondary root bridge (device), MAC address. See B-MAC bulk PBB core bridge network model, interface configuration, PBB edge bridge network model, interface configuration display, service instance identifier.
Page 293 Ethernet interface, Layer 3 Ethernet link aggregation group (static), Ethernet interface basic settings, 3, LLDP, 238, 244, Ethernet interface common settings, LLDP 802.1p-to-local priority mapping, Ethernet interface generic flow control, LLDP advertisable TLVs, Ethernet interface jumbo frame support, LLDP APP parameter, Ethernet interface link mode, LLDP basics, 245, Ethernet interface PFC,...
Page 294 private VLAN (trunk secondary), VLAN mapping (one-to-one), 212, protocol-based VLAN, 147, 147, VLAN mapping (one-to-two), 217, PVST, 95, VLAN mapping (two-to-two), 218, QinQ, 195, VLAN mapping many-to-one customer-side port (dynamic IP address assignment), QinQ CVLAN tag TPID value, VLAN mapping many-to-one customer-side port QinQ SVLAN tag TPID value, (static IP address assignment), QinQ VLAN tag TPID value,...
Page 295 LLDP+DCBX TLV advertisement, displaying default bulk interface configuration, Ethernet link aggregate interface default Ethernet interface, settings, Ethernet link aggregation, designated inloopback interface, MST port, LAN switching PBB, STP bridge, LLDP, STP port, loop detection, detecting loopback interface, Ethernet link aggregation group BFD, MAC address table, device MVRP,...
Page 296 MST, Energy Efficient Ethernet. See see EEE spanning tree, energy-saving functions, EEE energy saving, entry enabling ARP fast update enabling for MAC address move, ARP fast update for MAC address move, Ethernet Ethernet interface auto power-down, interface. See Ethernet interface Ethernet interface EEE energy saving, link aggregation.
Page 297 Ethernet interface interface configuration (expected bandwidth), 10-GE interfaces into 40-GE interface LACP, combine, Layer 2 aggregate interface (ignored 40-GE interface split, VLAN), 55, auto power-down enable, Layer 2 aggregation (dynamic), basic settings configuration, 3, Layer 2 aggregation (static), common settings configuration, Layer 2 aggregation load sharing, configuration, Layer 2 edge aggregate interface,...
Page 298 forcing Layer 2 Ethernet interface fiber port, Ethernet link aggregate group min/max number Selected ports, format Ethernet link aggregation group, LAN switching PBB frame format, Ethernet link aggregation group (dynamic), LLDP frame encapsulated in Ethernet II, Ethernet link aggregation group (static), LLDP frame encapsulated in SNAP format, Ethernet link aggregation group configuration, LLDP frame encapsulation format,...
Page 299 configuring null, LAN switching edge aggregate interface, edge aggregate interface configuration, edge aggregate interface configuration, Ethernet aggregate interface configuration, Ethernet aggregate interface (description), Ethernet link aggregation basic concepts, Ethernet aggregate interface configuration, Ethernet link aggregation configuration, 42, 49, Ethernet link aggregate interface default Ethernet link aggregation dynamic mode, settings, Ethernet link aggregation group (dynamic),...
Page 300 Ethernet link aggregate interface shutdown, QinQ VLAN transparent transmission configuration, Ethernet link aggregation (dynamic), super VLAN configuration, 156, 156, Ethernet link aggregation (static), super VLAN sub VLAN configuration, Ethernet link aggregation configuration, 42, 49, VLAN basic configuration, Ethernet link aggregation group VLAN configuration, 138, (dynamic), 52, VLAN interface basic configuration,...
Page 301 port-based VLAN access port assignment, agent, port-based VLAN access port assignment (in APP parameter configuration, interface view), basic concepts, port-based VLAN access port assignment (in basic configuration, 245, VLAN view), bridge mode configuration, port-based VLAN hybrid port assignment, CDP compatibility configuration, port-based VLAN trunk port assignment, configuration, 238, 244, private VLAN configuration,...
Page 302 transmitting, enable (port-specific), LLDPDU interval, LLDP configuration, interval setting, management address configuration, mechanisms, management address encoding format, port status auto recovery, management address TLV, protection action configuration, TLV basic management types, protection action configuration (global), TLV LLDP-MED types, protection action configuration (Layer 2 aggregate interface), TLV organization-specific types, protection action configuration (Layer 2 Ethernet...
Page 303 MAC change notification interval, MSTP VLAN-to-instance mapping table, MAC Information one-to-one VLAN mapping, configuration, 38, one-to-two VLAN mapping, enable, two-to-two VLAN mapping, mode configuration, master port (MST), queue length configuration, max age timer (STP), MAC relay (LLDP agent), maximum transmission unit. Use maintaining mCheck Ethernet interface,...
Page 304 LLDP TxRx, 243, protocols and standards, MAC Information syslog, regional root, MAC Information trap, relationships, MVRP registration fixed mode, spanning tree max age timer, MVRP registration forbidden mode, spanning tree port mode configuration, MVRP registration mode, VLAN-to-instance mapping table, MVRP registration normal mode, spanning tree mCheck, 1 1 1 Layer 3 Ethernet aggregate interface,...
Page 305 Ethernet link aggregation configuration port-based VLAN access port assignment (in types, interface view), Ethernet link aggregation dynamic mode, port-based VLAN access port assignment (in VLAN view), Ethernet link aggregation edge aggregate interface, port-based VLAN hybrid port assignment, Ethernet link aggregation LACP, port-based VLAN trunk port assignment, Ethernet link aggregation member port private VLAN configuration,...
Page 306 STP path cost, LLDP basic configuration, STP root bridge, LLDP basics configuration, STP root port, LLDP configuration, 238, 244, STP TC Snooping, 1 16 LLDP DCBX configuration, 253, super VLAN interface configuration, loop detection, VLAN configuration, loop detection configuration, 132, VLAN interface basic configuration, loopback interface configuration, VLAN mapping many-to-one customer-side port...
Page 307 displaying, LLDP PFC configuration, maintaining, parameter timeout factor, B-VLAN configuration, one-to-one VLAN mapping configuration, 228, 231, application scenario, displaying, configuration, 212, downlink port configuration, implementation, 208, feature compatibility, one-to-two VLAN mapping frame encapsulation type configuration, application scenario, frame format, configuration, 217, frame forwarding, implementation, 208, L2VPN enable,...
Page 308 Ethernet link aggregate interface (expected Layer 3 edge aggregate interface, bandwidth), Layer 3 Ethernet link aggregation (dynamic), Ethernet link aggregate interface default Layer 3 Ethernet link aggregation (static), settings, Layer 3 Ethernet link aggregation group Ethernet link aggregate interface shutdown, (dynamic), Ethernet link aggregation Layer 3 Ethernet link aggregation group (static),...
Page 309 spanning tree forward delay timer, 802.1p-to-local priority mapping, spanning tree loop guard, 1 19 Ethernet link aggregation LACP, spanning tree path cost calculation LLDP PFC 802.1p priority, standard, MAC address table learning priority, spanning tree path cost configuration, 104, QinQ SVLAN tag 802.1p priority, spanning tree port link type configuration, spanning tree device priority, spanning tree port mode configuration,...
Page 310 configuring Ethernet interface jumbo frame configuring Layer 2 Ethernet link aggregation support, (static), configuring Ethernet interface link mode, configuring Layer 2 Ethernet link aggregation group (dynamic), configuring Ethernet interface PFC, configuring Layer 2 Ethernet link aggregation group configuring Ethernet interface physical state (static), change suppression, configuring Layer 2 Ethernet link aggregation load...
Page 311 configuring MAC address table dynamic aging configuring spanning tree Digest timer, Snooping, 1 13 configuring MAC address table entry, configuring spanning tree edge port, configuring MAC address table learning limit on configuring spanning tree No Agreement interface, Check, 1 16 configuring MAC address table unknown frame configuring spanning tree port link type, forwarding,...
Page 312 configuring VLAN mapping many-to-one enabling loop detection (port-specific), customer-side port (static IP address enabling MAC address move notification, 32, assignment), enabling MAC address synchronization configuring VLAN mapping many-to-one globally, network-side port (dynamic IP address enabling MAC Information, assignment), enabling MVRP, configuring VLAN mapping many-to-one enabling MVRP GVRP compatibility, network-side port (static IP address...
Page 313 setting 802.1p priority in QinQ SVLAN PVID (port-based VLAN), tags, PVST, 78, See also setting Ethernet interface statistics polling configuration, 95, interval, feature enable, 1 10 setting Ethernet link aggregate group min/max mode set, number Selected ports, port links, setting Ethernet link aggregation group load sharing mode, setting Layer 2 Ethernet interface MDIX QinQ...
Page 314 MST regional root, protocol-based VLAN configuration, 147, 147, registering RSTP, 78, See also MRP participant attribute value configuration, registration/deregistration, feature enable, 1 10 MVRP participant attribute value mode set, registration/deregistration, MSTP device implementation, MVRP registration fixed mode, network convergence, MVRP registration forbidden mode, rule MVRP registration mode, MAC address table unknown frame forwarding,...
Page 315 MAC Information configuration, 38, Layer 2 aggregate interface (ignored VLAN), snooping spanning tree port path cost calculation standard, spanning tree Digest Snooping, 1 13 splitting STP TC Snooping, 1 16 Ethernet 40-GE interface, spanning tree, 78, See also STP, RSTP, PVST, MSTP state BPDU drop, Ethernet interface state change suppression,...
Page 316 sub VLAN VLAN port-based configuration, 141, configuration, synchronizing subnet (IP subnet-based VLAN MAC addresses, configuration), 145, 146, system super VLAN interface bulk configuration, configuration, 156, 156, displaying, table interface configuration, LLDP priority mapping table, maintaining, MAC address, 22, 23, sub VLAN creation, MSTP VLAN-to-instance mapping table, suppressing Ethernet interface physical state change...
Page 317 MRP Join, configuration, 218, MRP Leave, implementation, 208, MRP LeaveAll, MRP Periodic, unicast MVRP configuration, MAC address table configuration, 22, 23, spanning tree forward delay, MAC address table multiport unicast entry, spanning tree hello, uplink port spanning tree max age, LAN switching PBB configuration, STP forward delay, STP hello,...
Page 318 QinQ configuration, 195, voice traffic QinQ CVLAN tag, LLDP CDP compatibility, QinQ CVLAN tag TPID value, QinQ implementation, LAN switching PBB configuration, QinQ SVLAN tag, QinQ configuration, 195, QinQ SVLAN tag 802.1p priority, QinQ VLAN transparent transmission configuration, QinQ SVLAN tag TPID value, QinQ transparent transmission, LAN switching PBB creation, QinQ VLAN tag TPID value,...

This manual is also suitable for:

S5820v2 series

H3C S5830V2 series Configuration Manual

Quick Links

Related Manuals for H3C S5830V2 series

Summary of Contents for H3C S5830V2 series