Configuring Digest Snooping - H3C SR8800 Configuration Manual

10g core routers layer 2 - lan switching

Hide thumbs Also See for SR8800:

Command reference manual (107 pages)

Manual (5 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

page of 159

/ 159
Contents
Table of Contents
Bookmarks

Table of Contents

As shown in

Device A and Device B are directly connected.

GigabitEthernet 3/1/1 on Device A and GigabitEthernet 3/1/1 on Device B allow the traffic

of VLAN 1 to pass through. GigabitEthernet 3/1/2 on Device A and GigabitEthernet 3/1/2

on Device B allow the traffic of VLAN 2 to pass through.

Device A is the root bridge, and Device A and Device B both run a spanning tree protocol.

GigabitEthernet 3/1/2 on Device B is blocked, causing traffic of VLAN 2 to be blocked.

Configure VLAN Ignore to keep GigabitEthernet 3/1/2 of Device B in the forwarding state.

Figure 16 Network diagram

Root

bridge

GE3/1/1

GE3/1/2

Device A

Root port

Normal link

Configuration procedure

# Enable VLAN Ignore for VLAN 2 on Device B.

<DeviceB> system-view

[DeviceB] stp ignored vlan 2

# Display the VLAN Ignore-enabled VLAN.

[DeviceB] display stp ignored-vlan

STP-Ignored VLAN: 2

Configuring Digest Snooping

As defined in IEEE 802.1s, interconnected devices are in the same region only when the MST

region-related configurations (region name, revision level, VLAN-to-instance mappings) on them are

identical. A spanning tree device identifies devices in the same MST region by checking the configuration

ID in BPDU packets. The configuration ID includes the region name, revision level, configuration digest

that is in 16-byte length and is the result calculated via the HMAC-MD5 algorithm based on

VLAN-to-instance mappings.

Spanning tree implementations vary with vendors, and the configuration digests calculated using private

keys is different. As a result, devices of different vendors in the same MST region cannot communicate

with each other.

To enable communication between an H3C router and a third-party device, enable the Digest Snooping

feature on the port connecting the H3C router to the third-party device in the same MST region.

NOTE:

Before enabling Digest Snooping, make sure that associated devices of different vendors are connected

and run spanning tree protocols.

Figure

16:

VLAN 1

GE3/1/1

GE3/1/2

VLAN 2

Designated port

Device B

Blocked port

Blocked link

Table of Contents

Configuring Digest Snooping - H3C SR8800 Configuration Manual

Configuring Digest Snooping

Related Manuals for H3C SR8800

Related Content for H3C SR8800

Table of Contents