Operation	Remarks	Related section
Basic Ethernet Port Configuration	Optional	1.1.1
Combo Port Configuration	Optional	1.1.2
Configuring Flow Control on an Ethernet	Optional	1.1.3
Configuring Loopback Testing on an Ethernet Port	Optional	1.1.4
Configuring a Port Group	Optional	1.1.5
Configuring Storm Suppression Ratio on an Ethernet Port	Optional	1.1.6
Copying Configurations from a Specified Port to Other Ports	Optional	1.1.7
Enabling the Forwarding of Jumbo Frames	Optional	1.1.8
Configuring an Ethernet Port to Perform Loopback Detection	Optional	1.1.9
Configuring port MDI attribute on an Ethernet Port	Optional	1.1.10
Ethernet Port Cable Testing	Optional	1.1.11
Configuring the Interval to Perform Statistical Analysis on Port Traffic	Optional	1.1.12

1.1.1 Basic Ethernet Port Configuration

Three types of duplex modes exist for Ethernet ports:

l Full-duplex mode (full): in this mode, the sending and receiving of data packets happen simultaneously;

l Half-duplex mode (half): in this mode, at a particular time, either the sending or receiving of data packets is allowed, but not both;

l Autonegotiation mode (auto): in this mode, the transmission mode is negotiated between peer Ethernet ports.

Follow these steps to make basic Ethernet port configurations:

To do...	Use the command	Remarks
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Enable an Ethernet port	undo shutdown	Optional Enabled by default. Use the shutdown command to disable a port.
Configure the description for an Ethernet port	description text	Optional Default to the port name. For example “GigabitEthernet1/0/1 Interface”
Configure the duplex mode for an Ethernet port	duplex { auto \| full \| half }	Optional Default to “auto”.
Configure the transmission rate for an Ethernet port	speed { 10 \| 100 \| 1000 \| auto }	Optional Default to “auto”.
Configure the link type of port	port link-type { access \| hybrid \| trunk }	Optional Default to “access”.

& Note:

l For the double combo port, the optical port goes up when you use the undo shutdown command on it, and the electrical port in pairs goes down, and vice versa.

l The mdi and virtual-cable-test commands are not available on the optical combo port.

l The optical combo port cannot work in half-duplex mode, only supports two speed options: 1000 Mbps and auto.

l When the port works at 1000 Mbps, you cannot configure it in half-duplex mode, and vice versa.

1.1.2 Combo Port Configuration

I. Introduction to Combo port

A Combo port refers to two Ethernet interfaces in a device panel (normally one is an optical port and the other is an electrical port). Inside the device there is only one forwarding interface. Combo port and its corresponding electrical port work in a TX/SFP mode. Users can choose one to use depending on the actual network requirements, but not two simultaneously. When one port is working, the other is disabled, and vice versa.

A Combo port is a logical port with two physical connections, one is called optical port, the other electrical port. The Combo port corresponds to a single forwarding port inside the device. Only one port can be active at a time. When one is active, the other will be automatically deactivated.

For ease of management, a Combo port can be categorized into one of the two following types:

l Single Combo port: the two Ethernet interfaces in the device panel correspond to only one interface view, in which the state on the two interfaces can be realized. A single Combo port can be a Layer 2 Ethernet interface or a Layer 3 Ethernet interface.

l Double Combo port: the two Ethernet interfaces in the device panel correspond to two interface views. The state switchover can be realized in user’s own interfaces view. A double Combo port can only be a layer 2 Ethernet interface.

& Note:

Currently, the S5500-SI series switches support double combo ports.

II. Combo ports and corresponding electric ports on S5500-SI series

Table 1-2 Combo ports and corresponding electric ports on S5500-SI series switches

Switch	Combo port	Corresponding port
S5500-28C-SI S5500-28C-PWR-SI	GigabitEthernet1/0/25	GigabitEthernet1/0/22
	GigabitEthernet1/0/26	GigabitEthernet1/0/24
	GigabitEthernet1/0/27	GigabitEthernet1/0/21
	GigabitEthernet1/0/28	GigabitEthernet1/0/23
S5500-52C-SI S5500-52C-PWR-SI	GigabitEthernet1/0/49	GigabitEthernet1/0/46
	GigabitEthernet1/0/50	GigabitEthernet1/0/48
	GigabitEthernet1/0/51	GigabitEthernet1/0/45
	GigabitEthernet1/0/52	GigabitEthernet1/0/47

III. Configuring Combo port state

Follow these steps to configure a double Combo port state:

To do...	Use the command	Remarks
Enter system view	system-view	—
Enter Ethernet interface view	interface interface-type interface-number	—
Enable a specified double Combo port	undo shutdown	Optional By default, out of the two ports in a Combo port, the one with a smaller port ID is enabled. The port with the smaller port ID is of electrical type.

1.1.3 Configuring Flow Control on an Ethernet Port

When flow control is turned on between peer Ethernet ports, if traffic congestion occurs at the ingress interface, it will send a Pause frame notifying the egress interface to temporarily suspend the sending of packets. The egress interface is expected to stop sending any new packets when it receives the Pause frame. In this way, flow controls helps to avoid the dropping of packets. Note that only after both the ingress and the egress interfaces have turned on their flow control will this be possible.

& Note:

l The S5500-SI series switches can only receive but not send pause frames.

l The S5500-SI series switches do not support to send jamming signal in half duplex mode.

Follow these steps to configure flow control on an Ethernet port:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Turn on flow control on an Ethernet port	flow-control	Required Turned off by default

1.1.4 Configuring Loopback Testing on an Ethernet Port

You can enable loopback testing to check whether the Ethernet port is functioning properly. Note that no data packets can be forwarded during the testing. Loopback testing falls into the following two categories:

l Internal loopback testing: The packets from a port go inside the switch and then back to the original port. If the internal loopback test succeeds, the port is OK.

l External loopback testing: a loopback plug needs to be plugged into an Ethernet port, if data packets sent from the port is received by the same port through the loopback plug, the external loopback testing is successful indicating that the port is functioning properly.

Follow the following steps to configure Ethernet port loopback testing:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Configure to enable loopback testing	loopback { external \| internal }	Optional Disabled by default

& Note:

l The loopback testing is not applicable when the port is in a shutdown state;

l The speed, duplex, mdi, and shutdown commands are not applicable during a loopback testing;

l An Ethernet port works in the full duplex mode when the port performs loopback testing. After the loopback testing is disabled on the port, the original duplex mode of the port is restored.

1.1.5 Configuring a Port Group

To make the configuration task easier for users, certain devices allow users to configure on a single port as well as on multiple ports in a port group. In port group view, the user only needs to input the configuration command once on one port and that configuration will apply to all ports in the port group. This effectively reduces redundant configurations.

A Port group could belong to one of the following two categories:

l Manual port group: manually created by users. Multiple Ethernet ports can be added to the same port group;

l Dynamic port group: dynamically created by system, currently mainly applied in link aggregation port groups. A link aggregation port group is automatically created together with the creation of a link aggregation group and cannot be created by users through command line input. Adding or deleting of ports in a link aggregation port group can only be achieved through operations on the link aggregation group.

Follow the following steps to enter port group view:

To do...		Use the command...	Remarks
Enter system view		system-view	—
Enter port group view	Enter manual port group view	port-group manual port-group-name	—
Enter port group view	Enter aggregation port group view	port-group aggregation agg-id	—

Follow the following steps to configure manual port group:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Create a manual port group, and enter manual port group view	port-group manual port-group-name	Required
Add an Ethernet port to a specified manual port group	group-member interface-list	Required

& Note:

l The manual port groups cannot survive a system rebooting.

l For details on configuring link aggregation port group, refer to Chapter 2 Link Aggregation Configuration

1.1.6 Configuring Storm Suppression Ratio on an Ethernet Port

You can use the following commands to suppress the broadcast/multicast/unknown unicast flow.

Traffic that has exceeded the configured threshold will be discarded so that it remains below the configured threshold. This effectively prevents storms, avoids network congestion, and ensures that the network functions properly.

Configure storm suppression ratio on an Ethernet port:

To do...		Use the command...	Remarks
Enter system view		system-view	—
Enter Ethernet port view or port group view	Enter Ethernet port view	interface interface-type interface-number	At least one required; Configurations made under Ethernet port view apply to the current port only whereas configurations made under port group view apply to all ports in the group.
Enter Ethernet port view or port group view	Enter port group view	port-group { manual port-group-name \| aggregation agg-id }
Configure broadcast storm suppression ratio		broadcast-suppression { ratio \| pps pps }	Optional Default to 100%, that is, broadcast traffic is not suppressed by default
Configure multicast storm suppression ratio		multicast-suppression { ratio \| pps max-pps }	Optional Default to 100%, that is, multicast traffic is not suppressed by default
Configure unknown unicast storm suppression ratio		unicast-suppression { ratio \| pps max-pps }	Optional Default to 100%, that is, unknown unicast traffic is not suppressed by default

1.1.7 Copying Configurations from a Specified Port to Other Ports

Using the copy configuration command you can easily copy configurations from a specified Ethernet port to other Ethernet ports provided that they all work in Layer 2 mode.

Configurations that can be copied include VLAN, QoS, STP, and port configurations, as illustrated below:

l Port configuration: link type, rate, duplex mode.

l GVRP configurations, including GVRP enabling/disabling, GVRP registration type, and Hold/Join/Leave timer length of a port.

l STP configuration: STP enabled/disabled, link types (point-to-point or not), STP priority, route cost, rate limit, looping, root protection, edge ports or not.

l Port-isolate configurations, including configurations of the isolated group which the port belongs to.

l VLAN configurations: VLANs that are allowed to pass through the port, default VLAN ID;

l LACP configurations: LACP enabled/disabled.

l QoS configurations: rate limiting, port priority, default 802.1p priorities;

l QINQ configurations: QINQ enabled/disabled, Ethernet protocol type, mapping relation of outer VLAN ID and VLAN priority, BPDU TUNNEL configuration on the port.

Follow the following steps to copy configurations from a specified port to other ports:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Copy configurations on a specified Layer 2 Ethernet port to other Layer 2 Ethernet ports	copy configuration source interface-type interface-number destination interface-list	Required

1.1.8 Enabling the Forwarding of Jumbo Frames

Due to tremendous amount of traffic occurred in Ethernet, it is likely that some frames might have a frame size greater than the standard Ethernet frame size. By allowing such frames (called jumbo frames) to pass through Ethernet ports, you can forward frames with a size greater than the standard Ethernet frame size and yet still within the specified size range.

Follow the following steps to enable the forwarding of jumbo frames

To do...		Use the command...	Remarks
Enter system view		system-view	—
Enter Ethernet port view or port group view	Enter Ethernet port view	interface interface-type interface-number	At least one required
Enter Ethernet port view or port group view	Enter port group view	port-group { manual port-group-name \| aggregation agg-id }	At least one required
Enable the forwarding on a specified port		jumboframe enable	Required By default, frames that are not larger than 9216 bytes are allowed to pass through the Ethernet port.

1.1.9 Configuring an Ethernet Port to Perform Loopback Detection

The purpose of loopback detection is to detect loopbacks on a port.

When loopback detection is enabled on an Ethernet port, the device will routinely check whether the ports have any external loopback. If it detects a loopback on a port, the device will turn that port under loopback detection mode.

l If an Access port has been detected with loopbacks, it will be shutdown. A Trap message will be sent to the terminal and the corresponding MAC address forwarding entries will be deleted.

l If a Trunk port or Hybrid port has been detected with loopbacks, a Trunk message will be sent to the terminal. They will be shutdown if the loopback testing function is enabled on them. In addition, a Trap message will be sent to the terminal and the corresponding MAC address forwarding entries will be deleted.

Follow the following steps to configure loopback detection:

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enable global loopback detection	loopback-detection enable	Required Disabled by default
Configure time interval for external loopback detection	loopback-detection interval-time time	Optional Default to 30 seconds
Enter Ethernet port view	interface interface-type interface-number	—
Enable loopback detection on a specified port	loopback-detection enable	Required Disabled by default
Enable loopback detection on a Trunk port or a Hybrid port	loopback-detection control enable	Optional Disabled by default
Enable loopback detection in all VLANs with Trunk ports or Hybrid ports	loopback-detection per-vlan enable	Optional Enabled only in the default VLAN(s) with Trunk port or Hybrid ports
Display loopback detection information on a port	display loopback-detection	Available in any view

Caution:

l Loopback detection on a given port is enabled only after the loopback-detection enable command has been issued in both system view and the port view of the port.

l Loopback detection on all ports will be disabled after the issuing of the undo loopback-detection enable command under system view.

1.1.10 Configuring port MDI attribute on an Ethernet Port

Follow the following steps to configure port Medium Dependent Interface (MDI) attribute on Ethernet Port:

l across: Specifies a cross-over cable for the Ethernet port.

l auto: Configures the Ethernet port to be auto-sensing for the cable type.

l normal: Specifies straight-through cable for the Ethernet port.

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Configure the cable type for an Ethernet port	mdi { across \| auto \| normal }	Optional Defaults to auto, that is, system automatically detects the type of cable in use.

& Note:

l Combo optical port and 10GE port do not support mdi command

l For the mdi command, only auto mode can be successfully implemented on the S5500-SI series switches.

1.1.11 Ethernet Port Cable Testing

Follow the following steps to test the current working state of Ethernet port cables. System will return the testing result within five seconds, indicating the receiving direction (RX), the transmit direction (TX), any short cut or open cut, and the length of failed cables.

To do...	Use the command...	Remarks
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Test the current working state of Ethernet port cables	virtual-cable-test	Required By default, virtual cable test is disabled.

& Note:

l The virtual-cable-test command is not supported in a Combo optical port or 10GE port.

l When the cable is functioning properly, the cable length in the test result represents no meaning

l When the cable is not functioning properly, the cable length in the test result represents the length from the current interface to the failed position.

l Currently S5500-SI Series Switches only support the testing of cable status and cable length.

1.1.12 Configuring the Interval to Perform Statistical Analysis on Port Traffic

By performing the following configuration, you can set the interval to perform statistical analysis on the traffic of a port.

When you use the display interface interface-type interface-number command to display the information of a port, the system performs statistical analysis on the traffic flow passing through the port during the specified interval and displays the average rates in the interval. For example, if you set this interval to 100 seconds, the displayed information is as follows:

Last 100 seconds input: 0 packets/sec 0 bytes/sec

Last 100 seconds output: 0 packets/sec 0 bytes/sec

Set the interval to perform statistical analysis on port traffic

Operation	Command	Description
Enter system view	system-view	—
Enter Ethernet port view	interface interface-type interface-number	—
Set the interval to perform statistical analysis on port traffic	flow-interval interval	Optional By default, this interval is 300 seconds.

1.2 Maintaining and Displaying an Ethernet Port

After the above configurations, you can execute the display commands in any view to display information about Ethernet ports, so as to verify your configurations.

You can execute the reset counters command in user view to clear the statistics of Ethernet ports.

To do...	Use the command...
Display the current state of a specified port and related information	display interface [ interface-type [ interface-number ] ]
Display a summary of a specified port	display brief interface [ interface-type [ interface-number ] ] [ \| { begin \| include \| exclude} regular-expression ]
Display the current ports of a specified type	display port { hybrid \| trunk I combo }
Display information for a specified port group or all manual port groups	display port-group manual [ name port-group-name \| all ]
Reset the statistics of a specified port	reset counters interface [ interface-type [ interface-number ] ]

Chapter 2 Link Aggregation Configuration

Link aggregation aggregates multiple physical Ethernet ports into one logical link, also called a logical group, to increase reliability and bandwidth.

When configuring this feature, use the following table to identify where to go for interested information:

If you need to…	Go to…
Know how link aggregation functions, what protocol is involved, and what approaches are adopted to link aggregation	Link Aggregation Overview
Configure link aggregation	Configuring Link Aggregation
Consult the display and reset commands available for verifying and maintaining link aggregation configuration	Displaying and Maintaining Link Aggregation
See how to configure link aggregation in typical scenarios	Link Aggregation Configuration Example

2.1 Link Aggregation Overview

2.1.1 Configuring a Manual Link Aggregation Group

Link aggregation is used to groups multiple Ethernet ports together to form an aggregate. An upper layer entity adopting link aggregation service considers multiple physical links in an aggregation group as one logical link.

Link aggregation allows you to increase bandwidth by distributing incoming/outgoing traffic on the member ports in an aggregation group. In addition, it provides reliable connectivity because these member ports can dynamically back up each other.

To get more information about link aggregation, go to these topics:

l Consistency Considerations for Ports in an Aggregation

l LACP

l Approaches to Link Aggregation

l Load Sharing in a Link Aggregation Group

l Aggregation Port Group

2.1.2 LACP

The link aggregation control protocol (LACP) is defined in IEEE 802.3ad. Link aggregation control protocol data unit (LACPDU) is used for exchanging information among LACP-enabled devices.

After LACP is enabled on a port, the port sends LACPDUs to notify the remote system of its system LACP priority, system MAC address, port LACP priority, port number, and operational key. Upon receipt of an LACPDU, the remote system compares the received information with the information received on other ports to determine the ports that can operate as selected ports. This allows the two systems to reach agreement on the states of the related ports

When aggregating ports, link aggregation control automatically assigns each port an operational key based on its rate, duplex mode, and other basic configurations. In an aggregation group, the selected ports share the same operational key.

2.1.3 Consistency Considerations for Ports in an Aggregation

To participate in traffic sharing, member ports in an aggregation must use consistent configurations with respect to STP, QoS, BPDU TUNNEL, GVRP, QinQ, VLAN, and port attribute, as shown below.

Consistency considerations for ports in an aggregation

Item	Considerations
STP	Enable/disable state of port-level STP Attribute of the link (point-to-point or otherwise) connected to the port Port route metrics STP priority Maximum transmission rate Enable/disable state of loop protection Enable/disable state of root protection Whether the port is an edge port
QoS	Traffic policing, traffic shaping, SP queueing, WRR queue scheduling, packet priority trust mode, traffic policies, traffic-template
GVRP	GVRP enable/disable state, GVRP registration type, GVRP timer value
QinQ	QinQ enable/disable state, external VLAN tag policy, mapping relationship between outer and inner VLAN priorities, policy to add outer VLAN tags against different inner VLAN IDs, and replacement of inner VLAN IDs
BPDU Tunnel	BPDU Tunnel on the port enable/disable state BPDU Tunnel of STP on the port enable/disable state
VLAN	VLANs carried on the port Default VLAN ID on the port Link type of the port, which can be trunk, hybrid, or access Tagged VLAN packet or not
Port attribute	Port rate Duplex mode Up/down state of the link Inside the isolate group or not Broadcast/Multicast/Unicast suppression ration Jumbo frame enable/disable state
MAC address learning	Whether limit the number of the MAC address learning

2.2 Approaches to Link Aggregation

2.2.1 Manual link aggregation

I. Overview

Manual aggregations are created manually. Member ports in a manual aggregation are LACP-disabled.

II. Port states in a manual aggregation group

In a manual aggregation group, ports can be selected or unselected, where selected ports can receive and transmit data frames whereas unselected ones cannot.

The port in the Selected state and with the least port ID is the master port of the aggregation group, and other ports in the aggregation group are member ports.

When setting the state of the ports in a manual aggregation group, the system performs the following:

l When ports in up state are present in the group, select a master port in the order of full duplex/high speed, full duplex/low speed, half duplex/high speed, and half duplex/low speed, with the full duplex/high speed being the most preferred. When two ports with the same duplex mode/speed pair are present, the one with the lower port number wins out. Then, place those ports with the same speed/duplex pair, link state and basic configuration in selected state and others in unselected state.

l When all ports in the group are down, select the port with the lowest port number as the master port and set all ports (including the master) in unselected state.

l Place the ports that cannot aggregate with the master in unselected state.

Manual aggregation limits the number of selected ports in an aggregation group. When the limit is exceeded, the system changes the state of selected ports with greater port numbers to unselected until the number of selected ports drops under the limit.

In addition, to ensure the ongoing service on current selected ports, a port that joins the group after the limit is reached will not be placed in selected state as it should be in normal cases.

In addition, unless the master port should be selected, a port that joins the group after the limit is reached will not be placed in selected state even if it should be in normal cases. This is to prevent the ongoing service on selected ports from being interrupted. You need to avoid the situation however as the selected/unselected state of a port may become different after a reboot.

III. Port Configuration Considerations in manual aggregation

As mentioned above, in a manual aggregation group, only ports with configurations consistent with those of the master port can become selected. These configurations include port rate, duplex mode, link state and other basic configurations described in section “2.1.3 Consistency Considerations for Ports in an Aggregation”

You need to maintain the basic configurations of these ports manually to ensure consistency. As one configuration change may involve multiple ports, this can become troublesome if you need to do that port by port. As a solution, you may add the ports into 2.2.4 Aggregation Port Group where you can make configuration for all member ports.

When the configuration of some port in a manual aggregation group changes, the system does not remove the aggregation as it does in a aggregation group; instead, it re-sets the selected/unselected state of the member ports and re-selects a master port.

& Note:

l Currently S5500-SI series switches support up to twelve valid aggregation groups, each contains up to eight GE ports or two 10GE ports in Selected condition.

l A aggregation group can be valid only when the selcected member ports more than one.

2.2.2 Static LACP link aggregation

I. Overview

Static aggregations are created manually. After you add a port to a static aggregation, LACP is enabled on it automatically.

II. Port states in a static aggregation group

In a static aggregation group, ports can be selected or unselected, where both can receive and transmit LACPDUs but only selected ports can receive and transmit data frames. The selected port with the lowest port number is the master port.

All member ports that cannot aggregate with the master are placed in unselected state. These ports include those using the basic configurations different from the master port ..

Member ports in up state can be selected if they have the configuration same as that of the master port. The number of selected ports however, is limited in a static aggregation group. When the limit is exceeded, the local and remote systems negotiate the state of their ports as follows:

1) Compare the actor and partner system IDs that each comprises a two-byte system LACP priority plus a six-byte system MAC address as follow:

l First compare the system LACP priorities.

l If they are the same, compare the MAC addresses. The system with the smaller ID has higher priority.

2) Compare the port IDs that each comprises a two-byte port LACP priority and a two-byte port number on the system with higher ID as follows:

l Compare the port LACP priorities. The port with lower port LACP priority wins out.

l If two ports with the same port LACP priority are present, compare their port numbers. The state of the ports with lower IDs then change to selected and the state of the ports with higher IDs to unselected, so does the state of their corresponding remote ports. (the lower the LACP priority, the smaller the port number, and the smaller the port ID)

III. Port configuration considerations in static aggregation

Like in a manual aggregation group, in a static LACP aggregation group, only ports with configurations consistent with those of the master port can become selected. These configurations include port rate, duplex mode, link state and other basic configurations described in section “2.1.3 Consistency Considerations for Ports in an Aggregation.”

You need to maintain the basic configurations of these ports manually to ensure consistency. As one configuration change may involve multiple ports, this can become troublesome if you need to do that port by port. As a solution, you may add the ports into an 2.2.4 Aggregation Port Group where you can make configuration for all member ports.

When the configuration of some port in a static aggregation group changes, the system does not remove the aggregation as it does in a aggregation group; instead, it re-sets the selected/unselected state of the member ports and re-selects a master port.

& Note:

l Currently, the S5500-SI series Ethernet switches support up to 12 valid aggregation groups, each supporting up to eight GE ports or two 10 GE ports to be in selected state. When there are more than 12 aggregation groups, the device will select 12 valid aggregation groups by the aggregation group IDs.

l An aggregation group takes effect only when there are more than one member ports that are in selected state.

2.2.3 Load Sharing in a Link Aggregation Group

Link aggregation groups fall into load sharing aggregation groups and non-load sharing aggregation groups depending on their support to load sharing.

Link aggregation groups perform load sharing depending on availability of hardware resources. When hardware resources are available, link aggregation groups created containing at least two ports perform load sharing; and link aggregation groups created with only one port perform non-load sharing. After hardware resources become depleted, link aggregation groups work in non-load sharing mode.

Note that:

l When only one single port is left in an aggregation group, the group will be become non-load sharing.

l A load-sharing aggregation group contains at least two selected ports, but a non-load-sharing aggregation group can only have one selected port at most, while others are unselected ports.

l The newly created aggregation group will be non-load sharing one when the valid aggregation groups more than twelve.

l When you delete an existing valid aggregation group, a new valid aggregation group may be created automatically from the non-load sharing ones according to the port speed and duplex, and the Selected ports in this aggregation group may be chosen again.

l Currently S5500-SI series switches support up to twelve valid aggregation groups.

2.2.4 Aggregation Port Group

As mentioned earlier, in a manual or static aggregation group, a port can be selected only when its configuration is the same as that of the master port in terms of duplex/speed pair, link state, and other basic configurations. Their configuration consistency requires administrative maintenance, which is troublesome after you change some configuration.

To simplify configuration, port-groups are provided allowing you to configure for all ports in individual groups at one time. One example of port-groups is aggregation port group.

Upon creation or removal of a link aggregation group, an aggregation port-group which cannot be administratively created or removed is automatically created or removed. In addition, you can only assign/remove a member port to/from an aggregation port-group by assigning/removing it from the corresponding link aggregation group.

For more information about port-groups, refer to the “1.1.5 Configuring a Port Group” part in this manual.

2.3 Configuring Link Aggregation

Caution:

l When you change the configurations for a member port of an aggregation group in the port view, the change will not be synchronized to other member ports of the group; to realize configuration synchronization, you must make configuration in port group view.

l For two connected ports, they must both in the aggregation group.

2.3.1 Configuring a Manual Link Aggregation Group

Follow these steps to configure a manual aggregation group:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Create a manual aggregation group	link-aggregation group agg-id mode manual	Required
Enter Ethernet port view	interface interface-type interface-number	––
Assign the Ethernet port to the aggregation group	port link-aggregation group agg-id	Required

Note that:

l You may create a manual aggregation group by changing the type of a static aggregation group that has existed. If the specified group contains ports, its group type changes to manual with LACP disabled on its member ports; if not, its group type directly changes to manual.

l An aggregation group cannot include ports with static MAC addresses, or 802.1x-enabled ports.

l You can remove all ports in a manual aggregation group by removing the group. If this group contains only one port, you can remove the port only by removing the group.

& Note:

To guarantee a successful aggregation, ensure that the ports at the two ends of each link to be aggregated are consistent in selected/unselected state.

2.3.2 Configuring a Static LACP Link Aggregation Group

Follow these steps to configure a static aggregation group:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Configure the system LACP priority	lacp system-priority system-priority-value	Optional 32768 by default
Create a static LACP aggregation group	link-aggregation group agg-id mode static	Required
Enter Ethernet port view	interface interface-type interface-number	––
Configure the port LACP priority	lacp port-priority port-priority-value	Optional 32768 by default
Assign the Ethernet port to the aggregation group	port link-aggregation group agg-id	Required

Note that:

l You can create a static aggregation group by changing the type of an existing manual link aggregation group that contains no port.

l An aggregation group cannot include ports with static MAC addresses, or 802.1x-enabled ports.

l After a static aggregation group is removed, all the member ports leave the aggregation group, and LACP is disabled on these ports.

l For a LACP aggregation group that contains only one port, you can remove the port from the aggregation group only by removing the aggregation group.

& Note:

When making configuration, be aware that after a load-balancing aggregation group changes to a non-load balancing group due to resources exhaustion, either of the following may happen:

l Forwarding anomaly resulted from inconsistency of the two ends in the number of selected ports.

l Some protocols such as GVRP malfunction because the state of the remote port connected to the master port is unselected.

2.3.3 Configuring an Aggregation Group Name

Follow these steps to configure a name for an aggregation group:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Configure a name for a link aggregation group	link-aggregation group agg-id description agg-name	Required None is configured by default.

To do…

Use the command…

Remarks

Enter system view

system-view

––

Configure a name for a link aggregation group

link-aggregation group agg-id description agg-name

Required

None is configured by default.

Caution:

l When configuring a name for a link aggregation group, make sure that the group has existed. You may check for existing link aggregation groups with the display link-aggregation summary command or the display link-aggregation interface command.

l If you save the current configuration using the save command, the manual/static aggregation configuration (including aggregation groups created and aggregation group names) remain valid even if the device restarts.

2.3.4 Entering Aggregation Port Group View

In aggregation port group view, you can configure for all the member ports in a link aggregation group at one time.

Follow these steps to enter aggregation port group view:

To do…	Use the command…	Remarks
Enter system view	system-view	––
Enter aggregation port group view	port-group aggregation agg-id	––

Caution:

In aggregation port group view, you can configure aggregation related settings such as STP, VLAN, QoS, GVRP, QinQ, BPDU tunnel, multicast, but cannot add or remove member ports.

2.4 Displaying and Maintaining Link Aggregation

To do…	Use the command	Remarks
Display the local system ID	display lacp system-id	Available in any view
Display detailed information on link aggregation for the specified port or ports	display link-aggregation interface interface-type interface-number [ to interface-type interface-number ]
Display summaries for all link aggregation groups	display link-aggregation summary
Display detailed information about specified or all link aggregation groups	display link-aggregation verbose [ agg-id ]
Clear the statistics about LACP for specified or all ports	reset lacp statistics [ interface interface-type interface-number [ to interface-type interface-number ] ]	Available in user view

2.5 Link Aggregation Configuration Example

I. Network requirements

Switch A aggregates ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to form one link connected to Switch B, achieving load sharing among these ports.

II. Network diagram

Figure 2-1 Network diagram for link aggregation

III. Configuration procedure

& Note:

This example only describes how to configure on Switch A. To achieve link aggregation, do the same on Switch B.

1) In manual aggregation approach

# Create manual aggregation group 1.

<H3C> system-view

[H3C] sysname SwitchA

[SwitchA] link-aggregation group 1 mode manual

# Assign ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to the group.

[SwitchA] interface GigabitEthernet 1/0/1

[SwitchA-GigabitEthernet1/0/1] port link-aggregation group 1

[SwitchA-GigabitEthernet1/0/1] quit

[SwitchA] interface GigabitEthernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] port link-aggregation group 1

[SwitchA-GigabitEthernet1/0/2] quit

[SwitchA] interface GigabitEthernet 1/0/3

[SwitchA-GigabitEthernet1/0/3] port link-aggregation group 1

2) In static aggregation approach

# Create static aggregation group 1.

<SwitchA> system-view

[SwitchA] link-aggregation group 1 mode static

# Assign ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to the group.

[SwitchA] interface GigabitEthernet 1/0/1

[SwitchA-GigabitEthernet1/0/1] port link-aggregation group 1

[SwitchA-GigabitEthernet1/0/1] quit

[SwitchA] interface GigabitEthernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] port link-aggregation group 1

[SwitchA-GigabitEthernet1/0/2] quit

[SwitchA] interface GigabitEthernet 1/0/3

[SwitchA-GigabitEthernet1/0/3] port link-aggregation group 1

Chapter 3 Port Isolation Configuration

3.1 Port Isolation Overview

Through the port isolation feature, you can add the ports to be controlled into an isolation group to isolate the Layer 2 and Layer 3 data between each port in the isolation group. Thus, you can improve the network security and network in a more flexible way.

On the current device:

l A centralized device supports only one isolation group that is created automatically by the system as Isolation Group 1. The user can neither delete the isolation group nor create other isolation groups.

l There is no restriction on the number of ports to be added to an isolation group.

& Note:

l When a port in an isolation group is added to a summary group, other ports in the same isolation group will be added to the summary group.

l Port separation is valid for both Layer 2 and Layer 3 data.

l The port isolation function is independent of VLAN configuration.

3.2 Port Isolation Configuration

Figure 3-1lists the operations to add an Ethernet port to an isolation group

Configure port isolation

To do…		Use the command	Remarks
Enter system view		system-view	—
Enter Ethernet port view or port group view	Enter Ethernet port view	interface interface-type interface-number	At least one required; Configurations made under Ethernet interface view apply to the current port only whereas configurations made under port group view apply to all ports in the group.
Enter Ethernet port view or port group view	Enter port group view	port-group { manual port-group-name \| aggregation agg-id }
Add the Ethernet port to the isolation group		port-isolate enable	Required By default, an isolation group contains no port.

3.3 Displaying Port Isolation Configuration

After the above configuration, you can execute the display command in any view to display the running state after port isolation configuration. You can verify the configuration effect through checking the displayed information.

Display port isolation configuration

To do…	Use the command
Display the information about the Ethernet ports added to the isolation group	display port-isolate group

3.4 Port Isolation Configuration Example

I. Network requirements

l PC2, PC3 and PC4 are connected to GigabitEthernet1/0/2, GigabitEthernet1/0/3, and GigabitEthernet1/0/4 ports.

l It is desired that PC2, PC3 and PC4 cannot communicate with each other.

II. Network diagram

Figure 3-1 Network diagram for port isolation configuration

III. Configuration procedure

# Add GigabitEthernet1/0/2, GigabitEthernet1/0/3, and GigabitEthernet1/0/4 ports to the isolation group.

<H3C> system-view

[H3C] interface GigabitEthernet1/0/2

[H3C-GigabitEthernet1/0/2] port-isolate enable

[H3C-GigabitEthernet1/0/2] quit

[H3C] interface GigabitEthernet1/0/3

[H3C-GigabitEthernet1/0/3] port-isolate enable

[H3C-GigabitEthernet1/0/3] quit

[H3C] interface GigabitEthernet1/0/4

[H3C-GigabitEthernet1/0/4] port-isolate enable

# Display the information about the ports in the isolation group.

[Sysname-GigabitEthernet1/0/4] display port-isolate group

Port-isolate group information:

Uplink port support: NO

Group ID: 1

GigabitEthernet1/0/2 GigabitEthernet1/0/3 GigabitEthernet1/0/4

H3C S5500-SI Series Ethernet Switches Operation Manual-Release 1205-(V1.03)

Chapter 1 Ethernet Port Configuration

1.1 General Ethernet Port Configuration

I. Introduction to Combo port

II. Combo ports and corresponding electric ports on S5500-SI series

III. Configuring Combo port state

1.1.3 Configuring Flow Control on an Ethernet Port

1.1.4 Configuring Loopback Testing on an Ethernet Port

1.1.5 Configuring a Port Group

1.1.6 Configuring Storm Suppression Ratio on an Ethernet Port

1.1.10 Configuring port MDI attribute on an Ethernet Port

2.1 Link Aggregation Overview

2.1.2 LACP

2.1.3 Consistency Considerations for Ports in an Aggregation

2.2 Approaches to Link Aggregation

2.2.1 Manual link aggregation

I. Overview

II. Port states in a manual aggregation group

III. Port Configuration Considerations in manual aggregation

2.2.2 Static LACP link aggregation

I. Overview

II. Port states in a static aggregation group

III. Port configuration considerations in static aggregation

2.2.3 Load Sharing in a Link Aggregation Group

2.2.4 Aggregation Port Group

2.3 Configuring Link Aggregation

2.3.1 Configuring a Manual Link Aggregation Group

2.3.2 Configuring a Static LACP Link Aggregation Group

2.3.3 Configuring an Aggregation Group Name

2.3.4 Entering Aggregation Port Group View

2.4 Displaying and Maintaining Link Aggregation

2.5 Link Aggregation Configuration Example

I. Network requirements

II. Network diagram

III. Configuration procedure

3.2 Port Isolation Configuration

3.3 Displaying Port Isolation Configuration

I. Network requirements

II. Network diagram

III. Configuration procedure

Cloud & AI

InterConnect

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Contact Us