11-VLAN Commands
Chapters Download (136.52 KB)
Table of Contents
display interface vlan-interface
Port-Based VLAN Configuration Commands
uni vlan-mode translation pvid
Protocol-Based VLAN Configuration Commands
display protocol-vlan interface
Syntax
description text
undo description
View
VLAN view, VLAN interface view, OLT port view , ONU port view
Default Level
2: System level
Parameters
text: Case-sensitive string that describes the current VLAN or VLAN interface. Spaces can be included in the description.
l For a VLAN, this is a string of 1 to 32 characters.
l For a VLAN interface, this is a string of 1 to 80 characters.
Description
Use the description command to configure the description of the current VLAN or VLAN interface.
Use the undo description command to restore the default.
For a VLAN, the default description is the VLAN ID, for example, VLAN 0001; for a VLAN interface, the default description is the name of the interface, for example, Vlan-interface 1 Interface.
You can configure a description to describe the function or connection of a VLAN or VLAN interface for management sake.
Examples
# Configure the description of VLAN 1 as RESEARCH.
<Sysname> system-view
[Sysname] vlan 1
[Sysname-vlan1] description RESEARCH
# Configure the description of VLAN-interface 2 as VLAN-INTERFACE-2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] description VLAN-INTERFACE-2
Syntax
display interface vlan-interface [ vlan-interface-id ]
View
Any view
Default Level
1: Monitor level
Parameters
vlan-interface-id: VLAN interface number.
Description
Use the display interface vlan-interface command to display information about a specified or all VLAN interfaces if no interface is specified.
Related commands: interface vlan-interface.
Examples
# Display the information of VLAN-interface 2.
<Sysname> display interface vlan-interface 2
Vlan-interface2 current state: DOWN
Line protocol current state: DOWN
Description: Vlan-interface2 Interface
The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-e249-8050
Last 300 seconds input: 0 bytes/sec 0 packets/sec
Last 300 seconds output: 0 bytes/sec 0 packets/sec
0 packets input, 0 bytes, 0 drops
0 packets output, 0 bytes, 0 drops
Table 1-1 display interface vlan-interface command output description
|
Field |
Description |
|
Vlan-interface2 current state |
The physical state of the VLAN interface, which can be one of the following: l Administratively DOWN: The administrative state of the VLAN interface is down because it has been manually shut down with the shutdown command. l DOWN: The administrative state of this VLAN interface is up, but its physical state is down. It indicates that the VLAN corresponding to this interface does not contain any port in the UP state (possibly because the ports are not well connected or the lines have failed). l UP: both the administrative state and the physical state of this VLAN interface are up. |
|
Line protocol current state |
The link layer protocol state of a VLAN interface, which can be one of the following: l DOWN: The protocol state of this VLAN interface is down, usually because no IP address is configured. l UP: The protocol state of this VLAN interface is up. |
|
Description |
The description string of a VLAN interface |
|
The Maximum Transmit Unit |
The MTU of a VLAN interface |
|
Internet protocol processing : |
IP packets processing ability. Disabled indicates that the interface is not configured with an IP address. |
|
IP Packet Frame Type |
IPv4 outgoing frame format |
|
Hardware address |
MAC address corresponding to a VLAN interface |
|
Last 300 seconds input: 0 bytes/sec 0 packets/sec Last 300 seconds output: 0 bytes/sec 0 packets/sec |
Average rate of input packets and output packets in the last 300 seconds (in bps and pps) |
|
0 packets input, 0 bytes, 0 drops |
Total number and size (in bytes) of the received packets of the interface and the number of the dropped packets |
|
0 packets output, 0 bytes, 0 drops |
Total number and size (in bytes) of the transmitted packets of the interface and the number of the dropped packets |
Syntax
display vlan [ vlan-id1 [ to vlan-id2 ] | all | dynamic | reserved | static ]
View
Any view
Default Level
1: Monitor level
Parameters
vlan-id1: Displays the information of a VLAN specified by VLAN ID in the range of 1 to 4094.
vlan-id1 to vlan-id2: Displays the information of a range of VLANs specified by a VLAN ID range.
all: Displays all current VLAN information except for the reserved VLANs.
dynamic: Displays the number of dynamic VLANs and the ID of each dynamic VLAN. Dynamic VLANs refer to VLANs that are generated through GVRP or those distributed by a RADIUS server.
reserved: Displays information of the reserved VLANs. Protocol modules determine which VLANs are reserved VLANs according to function implementation, and reserved VLANs serve protocol modules. You cannot do any configuration on reserved VLANs.
static: Displays the number of static VLANs and the ID of each static VLAN. Static VLANs refer to VLANs manually created.
Description
Use the display vlan command to display VLAN information.
Related commands: vlan.
Examples
# Display VLAN 2 information.
<Sysname> display vlan 2
VLAN ID: 2
VLAN Type: static
Route interface: not configured
Description: VLAN 0002
Name: VLAN 0002
Broadcast MAX-ratio: 100%
Tagged Ports: none
Untagged Ports:
GigabitEthernet1/1/1 GigabitEthernet1/1/3
# Display VLAN 3 information.
<Sysname> display vlan 3
VLAN ID: 3
VLAN Type: static
Route Interface: configured
IP Address: 1.1.1.1
Subnet Mask: 255.255.255.0
Description: VLAN 0003
Name: VLAN 0003
Tagged Ports: none
Untagged Ports: none
Table 1-2 display vlan command output description
|
Field |
Description |
|
VLAN Type |
VLAN type (static or dynamic) |
|
Route interface |
Whether a VLAN interface is configured for the VLAN: not configured or configured |
|
Description |
Description of the VLAN |
|
Name |
Name configured for the VLAN |
|
Broadcast MAX-ratio |
Broadcast traffic threshold (available only on the devices supporting the broadcast-suppression command) |
|
IP Address |
Primary IP address of the VLAN interface (available only on a VLAN interface configured with an IP address). You can use the display interface vlan-interface command in any view or the display this command in VLAN interface view to display its secondary IP address(es), if any. |
|
Subnet Mask |
Subnet mask of the primary IP address (available only on a VLAN interface configured with an IP address) |
|
Tagged Ports |
Ports through which packets of the VLAN are sent tagged |
|
Untagged Ports |
Ports through which packets of the VLAN are sent untagged |
Syntax
interface vlan-interface vlan-interface-id
undo interface vlan-interface vlan-interface-id
View
System view
Default Level
2: System level
Parameters
vlan-interface-id: VLAN interface number, in the range of 1 to 4094.
Description
Use the interface vlan-interface command to create a VLAN interface and enter its view or enter the view of an existing VLAN interface.
Before you can create the VLAN interface of a VLAN, create the VLAN first.
Use the undo interface vlan-interface command to remove the specified VLAN interface.
You can use the ip address command in VLAN interface view to configure an IP address for a VLAN interface to perform IP routing.
Related commands: display interface Vlan-interface.
Examples
# Create VLAN-interface 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2]
Syntax
ip address ip-address { mask | mask-length } [ sub ]
undo ip address [ ip-address { mask | mask-length } [ sub ] ]
View
VLAN interface view, ONU port view
Default Level
2: System level
Parameters
ip-address: IP address to be assigned to the current VLAN interface, in dotted decimal format.
mask: Subnet mask in dotted decimal notation.
mask-length: Subnet mask length, the number of consecutive ones in the mask. The value range is 0 to 32.
sub: Indicates the address is a secondary IP address.
Description
Use the ip address command to assign an IP address and subnet mask to a VLAN interface.
Use the undo ip address command to remove the IP address and subnet mask for a VLAN interface.
By default, no IP address is assigned to any VLAN interface.
In general conditions, you need to assign only one IP address for a VLAN interface. For a VLAN to connect to multiple subnets, you need to assign multiple IP addresses for the VLAN interface. Among these IP addresses, one is primary and the others are secondary. On an S7500E series Ethernet switch, you can assign up to eight IP addresses to a VLAN interface.Among these IP addresses, one is primary and the others are secondary.
When configuring IP addresses for a VLAN interface, consider the following:
l You can assign only one primary IP address to an interface.
l Before removing the primary IP address, remove all secondary IP addresses.
l To remove all IP addresses, use the undo ip address command without any parameter.
l To remove the primary IP address, use the undo ip address ip-address { mask | mask-length } command.
l To remove a secondary IP address, use the undo ip address ip-address { mask | mask-length } sub command.
Related commands: display ip interface (IP Address Commands in the IP Services Volume).
Examples
# Specify the IP address as 1.1.0.1, the subnet mask as 255.255.255.0 for VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address 1.1.0.1 255.255.255.0
Syntax
name text
undo name
View
VLAN interface view
Default Level
2: System level
Parameters
text: VLAN name, a string of 1 to 32 characters. Spaces and special characters can be included in the name.
Description
Use the name command to configure a name for the current VLAN.
Use the undo name command to restore the default name of the VLAN.
The default name of a VLAN is its VLAN ID, VLAN 0001 for example.
Examples
# Configure the name of VLAN 2 as test vlan.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] name test vlan
Syntax
shutdown
undo shutdown
View
VLAN interface view, OLT port view , ONU port view
Default Level
2: System level
Parameters
None
Description
Use the shutdown command to shut down a VLAN interface.
Use the undo shutdown command to bring up a VLAN interface.
By default, a VLAN interface is up except when all ports in the VLAN are down.
You can use the undo shutdown command to bring up a VLAN interface after configuring related parameters and protocols for the VLAN interface. When a VLAN interface fails, you can shut down the interface with the shutdown command and then bring it up with the undo shutdown command. In this way, the interface may resume.
The state of any Ethernet port in a VLAN is independent of the VLAN interface state.
Examples
# Shut down VLAN interface 2 and then bring it up.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] shutdown
[Sysname-Vlan-interface2] undo shutdown
Syntax
vlan { vlan-id1 [ to vlan-id2 ] | all }
undo vlan { vlan-id1 [ to vlan-id2 ] | all }
View
System view
Default Level
2: System level
Parameters
vlan-id1, vlan-id2: VLAN ID, in the range 1 to 4094.
vlan-id1 to vlan-id2: Specifies a VLAN range. A VLAN ID is in the range 1 to 4094.
all: Creates or removes all VLANs except reserved VLANs. The keyword is not supported when the maximum number of VLANs that can be created on a device is less than 4094.
Description
Use the vlan vlan-id command to create a VLAN and enter its view or enter the view of an existing VLAN.
Use the vlan vlan-id1 to vlan-id2 command to create a range of VLANs specified by vlan-id1 to vlan-id2, except reserved VLANs.
Use the undo vlan command to remove the specified VLAN(s).
l As the default VLAN, VLAN 1 cannot be created or removed.
l You cannot create/remove reserved VLANs reserved for specific functions.
l You cannot use the undo vlan command to directly remove reserved VLANs, voice VLANs, management VLANs, dynamic VLANs, VLANs configured with QoS policies, control VLANs configured for smart link, or remote probe VLANs configured for port mirroring. To remove these VLANs, you need to first remove related configurations.
Related commands: display vlan.
Examples
# Enter VLAN 2 view.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2]
# Create VLAN 4 through VLAN 100.
<Sysname> system-view
[Sysname] vlan 4 to 100
Please wait............. Done.
Syntax
display port { hybrid | trunk }
View
Any view
Default Level
1: Monitor level
Parameters
hybrid: Displays hybrid ports.
trunk: Displays trunk ports.
Description
Use the display port command to display information about the hybrid or trunk ports on the device, including the port names, default VLAN IDs, and allowed VLAN IDs.
Examples
# Display information about the hybrid ports in the system.
<Sysname> display port hybrid
Interface PVID VLAN passing
GE1/1/1 100 Tagged: 1000, 1002, 1500, 1600-1611, 2000,
2555-2558, 3000, 4000
Untagged:1, 10, 15, 18, 20-30, 44, 55, 67, 100,
150-160, 200, 255, 286, 300-302
# Display information about the trunk ports in the system.
<Sysname> display port trunk
Interface PVID VLAN passing
GE1/1/3 2 1-4, 6-100, 145, 177, 189-200, 244, 289, 400,
555, 600-611, 1000, 2006-2008
Table 1-3 display port command output description
|
Field |
Description |
|
Interface |
Port name |
|
PVID |
Default VLAN ID of the port |
|
VLAN passing |
VLANs whose packets are allowed to pass through the port. |
|
Tagged |
VLANs whose packets are required to pass through the port tagged. |
|
Untagged |
VLANs whose packets are required to pass through the port untagged. |
Syntax
port interface-list
undo port interface-list
View
VLAN view
Default Level
2: System level
Parameters
interface interface-list: Specifies an Ethernet port list or Layer-2 aggregate interface list, in the format of interface-list = { interface-type interface-number [ to interface-type interface-number ] }&<1-10>, where &<1-10> indicates that you can specify up to 10 ports or port ranges.
Description
Use the port command to assign the specified access port(s) to the current VLAN.
Use the undo port command to remove the specified access port(s) from the current VLAN.
By default, all ports are in VLAN 1.
Note that:
l This command is only applicable on access ports.
l All ports are access ports by default. However, you can manually configure the port type. For more information, refer to port link-type.
l If you use this command to assign a Layer-2 aggregate interface to a VLAN, this command assigns the Layer-2 aggregate interface but not its member ports to the current VLAN. For detailed information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
Related commands: display vlan.
Examples
# Assign GigabitEthernet1/1/1 to VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] port gigabitethernet1/1/1
# Assign Onu 1/0/1:2 through Onu 1/0/1:6 to VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] port onu 1/0/1:2 to onu 1/0/1:6
Syntax
port access vlan vlan-id
undo port access vlan
View
Ethernet interface view, port group view, Layer-2 aggregate interface view, ONU port view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094. Be sure that the VLAN specified by the VLAN ID already exists.
Description
Use the port access vlan command to assign the current access port(s) to the specified VLAN.
Use the undo port access vlan command to restore the default.
By default, all access ports belong to VLAN 1.
You can assign an access port to only one VLAN. When doing that, note the following:
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
Examples
# Assign GigabitEthernet1/1/1 to VLAN 3.
<Sysname> system-view
[Sysname] vlan 3
[Sysname-vlan3] quit
[Sysname] interface GigabitEthernet1/1/1
[Sysname-GigabitEthernet1/1/1] port access vlan 3
# Assign Layer-2 aggregate interface Bridge-aggregation 1 and its member ports to VLAN 3.
<Sysname> system-view
[Sysname] vlan 3
[Sysname-vlan3] quit
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port access vlan 3
Syntax
port hybrid pvid vlan vlan-id
undo port hybrid pvid
View
Ethernet interface view, port group view, Layer-2 aggregate interface view, OLT port view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094.
Description
Use the port hybrid pvid vlan command to configure the default VLAN ID of the hybrid port.
Use the undo port hybrid pvid command to restore the default.
By default, the default VLAN of a hybrid port is VLAN 1.
You can use a nonexistent VLAN as the default VLAN for a hybrid port. Removing the default VLAN of a hybrid port with the undo vlan command does not affect the setting of the default VLAN on the port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
l The local and remote hybrid ports must use the same default VLAN ID for the traffic of the default VLAN to be transmitted properly.
l After configuring the default VLAN for a hybrid port, you must use the port trunk permit vlan command to configure the hybrid port to allow packets from the default VLAN to pass through, so that the port can forward packets from the default VLAN.
Related commands: port link-type, port hybrid vlan.
Examples
# Configure VLAN 100 as the default VLAN of the hybrid port GigabitEthernet1/1/1.
<Sysname> system-view
[Sysname] vlan 100
[Sysname-vlan100] quit
[Sysname] interface GigabitEthernet1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type hybrid tagged 100
[Sysname-GigabitEthernet1/1/1] port hybrid pvid vlan 100
# Configure VLAN 100 as the default VLAN of the hybrid Layer-2 aggregate interface Bridge-aggregation 1.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port hybrid pvid vlan 100
Syntax
port hybrid vlan vlan-id-list { tagged | untagged }
undo port hybrid vlan vlan-id-list
View
Ethernet interface view, port group view, Layer-2 aggregate interface view, OLT port view
Default Level
2: System level
Parameters
vlan-id-list: VLANs that the hybrid ports will be assigned to. This argument is expressed in the format of [ vlan-id1 [ to vlan-id2 ] ]&<1-10>, where vlan-id ranges from 1 to 4094 and &<1-10> indicates that you can specify up to 10 VLAN IDs or VLAN ID ranges. Be sure that the specified VLANs already exist.
tagged: Configures the port(s) to send the packets of the specified VLAN(s) with the tags kept.
untagged: Configures the port to send the packets of the specified VLAN(s) with the tags removed.
Description
Use the port hybrid vlan command to assign the current hybrid port(s) to the specified VLAN(s).
Use the undo port hybrid vlan command to remove the current hybrid port(s) from the specified VLAN(s).
By default, a hybrid port only allows packets from VLAN 1 to pass through untagged.
A hybrid port can carry multiple VLANs. If you execute the port hybrid vlan command multiple times, the VLANs the hybrid port carries are the set of VLANs specified by vlan-id-list in each execution.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
Related commands: port link-type.
Examples
# Assign the hybrid port GigabitEthernet1/1/1 to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100, and configure GigabitEthernet1/1/1 to send packets of these VLANs with tags kept.
<Sysname> system-view
[Sysname] interface GigabitEthernet1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type hybrid
[Sysname-GigabitEthernet1/1/1] port hybrid vlan 2 4 50 to 100 tagged
# Assign hybrid ports in port group 2 to VLAN 2, and configure these hybrid ports to send packets of VLAN 2 with VLAN tags removed.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] port-group manual 2
[Sysname-port-group-manual-2] group-member GigabitEthernet1/1/1 GigabitEthernet 1/1/3
[Sysname-port-group-manual-2] port link-type hybrid
[Sysname-port-group-manual-2] port hybrid vlan 2 untagged
Configuring GigabitEthernet1/1/1... Done.
Configuring GigabitEthernet1/1/3... Done.
# Assign the hybrid Layer-2 aggregate interface Bridge-aggregation 1 and its member ports to VLAN 2, and configure them to send packets of VLAN 2 with tags removed.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
[Sysname-Bridge-Aggregation1] port hybrid vlan 2 untagged
Please wait... Done.
Configuring GigabitEthernet1/1/1... Done.
Configuring GigabitEthernet1/1/3... Done.
Note that GigabitEthernet1/1/1 and GigabitEthernet1/1/3 are the member ports of the aggregation group corresponding to Bridge-aggregation 1.
Syntax
port link-type { access | hybrid | trunk }
undo port link-type
View
Ethernet interface view, port group view, Layer-2 aggregate interface view, OLT port view, ONU port view
Default Level
2: System level
Parameters
access: Configures the link type of a port as access.
hybrid: Configures the link type of a port as hybrid.
trunk: Configures the link type of a port as trunk.
Description
Use the port link-type command to configure the link type of a port.
Use the undo port link-type command to restore the default link type of a port.
By default, any port is an access port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
To change the link type of a port from trunk to hybrid or vice versa, you must set the link type to access first.
Examples
# Configure GigabitEthernet1/1/1 as a trunk port.
<Sysname> system-view
[Sysname] interface GigabitEthernet1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type trunk
# Configure all the ports in the manual port group group1 as hybrid ports.
<Sysname> system-view
[Sysname] port-group manual group1
[Sysname-port-group manual group1] group-member gigabitEthernet 1/1/1
[Sysname-port-group manual group1] group-member gigabitEthernet 1/1/3
[Sysname-port-group manual group1] port link-type hybrid
# Configure Layer-2 aggregate interface Bridge-aggregation 1 and its member ports as hybrid ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
Syntax
port trunk permit vlan { vlan-id-list | all }
undo port trunk permit vlan { vlan-id-list | all }
View
Ethernet interface view, port group view, Layer-2 aggregate interface view,
Default Level
2: System level
Parameters
vlan-id-list: VLANs that the trunk port(s) will be assigned to. This argument is expressed in the format of [vlan-id1 [ to vlan-id2 ] ]&<1-10>, where vlan-id ranges from 1 to 4094 and &<1-10> indicates that you can specify up to 10 VLAN IDs or VLAN ID ranges.
all: Permits all VLANs to pass through the trunk port(s). On GVRP-enabled trunk ports, you must configure the port trunk permit vlan all command to ensure that the traffic of all dynamically registered VLANs can pass through. However, When GVRP is disabled on a port, you are discouraged to configure the command on the port. This is to prevent users of unauthorized VLANs from accessing restricted resources through the port.
Description
Use the port trunk permit vlan command to assign the current trunk port(s) to the specified VLAN(s).
Use the undo port trunk permit vlan command to remove the trunk port(s) from the specified VLANs.
By default, a trunk port allows only packets from VLAN 1 to pass through.
A trunk port can carry multiple VLANs. If you execute the port trunk permit vlan command multiple times, the VLANs the trunk port carries are the set of VLANs specified by vlan-id-list in each execution.
Note that on a trunk port, only traffic of the default VLAN can pass through untagged.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
Related commands: port link-type.
Examples
# Assign the trunk port GigabitEthernet1/1/1 to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100.
<Sysname> system-view
[Sysname] interface GigabitEthernet 1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type trunk
[Sysname-GigabitEthernet1/1/1] port trunk permit vlan 2 4 50 to 100
Please wait........... Done.
# Assign the trunk Layer-2 aggregate interface Bridge-aggregation 1 to VLAN 2, assuming that Bridge-aggregation 1 does not have member ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port trunk permit vlan 2
Please wait... Done.
# Assign the trunk Layer-2 aggregate interface Bridge-aggregation 1 to VLAN 13 and VLAN 15. Among the member ports of the aggregation group corresponding to Bridge-aggregation 1, GigabitEthernet1/1/1 is an access port, and GigabitEthernet1/1/3 is a trunk port.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port trunk permit vlan 13 15
Please wait... Done.
Error: Failed to configure on interface GigabitEthernet1/1/1! This port is not a Trunk port!
Configuring GigabitEthernet1/1/3... Done.
Among the output fields above, the message “Please wait... Done” indicates that the configuration on Bridge-aggregation 1 succeeded; “Error: Failed to configure on interface GigabitEthernet1/1/1! This port is not a Trunk port!” indicates that the configuration failed on GigabitEthernet1/1/1 because GigabitEthernet1/1/1 was not a trunk port; “Configuring GigabitEthernet1/1/3... Done” indicates that the configuration on GigabitEthernet1/1/3 succeeded.
Syntax
port trunk pvid vlan vlan-id
undo port trunk pvid
View
Ethernet interface view, port group view, Layer-2 aggregate interface view,ONU port view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094
Description
Use the port trunk pvid vlan command to configure the default VLAN ID for the trunk port.
Use the undo port trunk pvid command to restore the default.
By default, the default VLAN of a trunk port is VLAN 1.
You can use a nonexistent VLAN as the default VLAN for a trunk port. Removing the default VLAN of a trunk port with the undo vlan command does not affect the setting of the default VLAN on the port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
l The local and remote trunk ports must use the same default VLAN ID for the traffic of the default VLAN to be transmitted properly.
l After configuring the default VLAN for a trunk port, you must use the port trunk permit vlan command to configure the trunk port to allow packets from the default VLAN to pass through, so that the port can forward packets from the default VLAN.
Related commands: port link-type, port trunk permit vlan.
Examples
# Configure VLAN 100 as the default VLAN of the trunk port GigabitEthernet1/1/1.
<Sysname> system-view
[Sysname] interface GigabitEthernet1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type trunk
[Sysname-GigabitEthernet1/1/1] port trunk pvid vlan 100
# Configure VLAN 100 as the default VLAN of the trunk Layer-2 aggregate interface Bridge-aggregation 1, assuming Bridge-aggregation 1 does not have member ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port trunk pvid vlan 100
# Configure VLAN 100 as the default VLAN of the trunk Layer-2 aggregate interface Bridge-aggregation 1. Among the member ports of the aggregation group corresponding to Bridge-aggregation 1, GigabitEthernet1/1/1 is an access port and GigabitEthernet1/1/3 is a trunk port.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port trunk pvid vlan 100
Error: Failed to configure on interface GigabitEthernet1/1/1! This port is not a Trunk port!
The output above shows that the configuration on Bridge-aggregation 1 and the member port GigabitEthernet1/1/3 succeeded; the configuration on GigabitEthernet1/1/1 failed because GigabitEthernet1/1/1 was not a trunk port.
Syntax
uni uni-number vlan-mode tag pvid pvid [ priority priority-value ]
undo uni uni-number vlan-mode
View
ONU port view
Default Level
2: System level
Parameters
uni-number: UNI number, in the range 1 to the number of current ONU UNIs. The maximum number of UNI ports supported is 80.
Value: 802.1p precedence value of a packet, in the range of 0 to 7.
pvid: Default VLAN ID, in the range 1 to 4094.
Description
Use the uni vlan-mode tag pvid command to configure the VLAN operation mode of the specified UNI as the VLAN tag mode and set the related parameters.
Use the undo uni vlan-mode command to restore the default VLAN operation mode of the UNI.
By default, the VLAN operation mode of a UNI is VLAN transparent transmission mode.
Related command: uni vlan-mode translation pvid, uni vlan-mode transparent.
l If a UNI of an ET254-L ONU is added to an isolation group, the operation mode of the UNI port can be set to the transparent transmission mode only, but not VLAN tag mode or VLAN translation mode.
l If all ONU ports under an OLT port are access ports, to make sure that the packets received on the ONU port and PC are untagged packets, the VLAN operation mode of a UNI can only be configured as the transparent transmission mode.
Examples
# Configure the VLAN operation mode of UNI 1 as VLAN tag mode, add the VLAN 100 tag to the untagged packets received on the port, and set the 802.1p precedence of the packets to 3.
<Sysname> system-view
[Sysname] interface onu 1/0/1:1
[Sysname-Onu1/0/1:1] uni 1 vlan-mode tag pvid 100 priority 3
Syntax
uni uni-number vlan-mode translation pvid pvid [ priority priority-value ] { oldvid to newvid } &<1-15>
undo uni uni-number vlan-mode
View
ONU port view
Default Level
2: System level
Parameters
uni-number: UNI number, in the range 1 to the number of UNI ports of the current ONU. The number of UNIs can be up to 80.
priority-value: 802.1p precedence for packets, in the range 0 to 7.
pvid: VLAN ID, in the range 1 to 4094.
oldvid: Original VLAN ID, in the range 1 to 4094.
newvid: New VLAN ID, in the range 1 to 4094.
&<1-15>: Means that you can specify up to 15 VLAN IDs for the corresponding argument.
Description
Use the uni vlan-mode translation pvid command to configure the VLAN operation mode of the specified UNI as the VLAN translation mode and set the related parameters.
Use the undo uni vlan-mode command to restore the default VLAN operation mode of the UNI.
By default, the VLAN operation mode of a UNI is VLAN transparent transmission mode.
Related commands: uni vlan-mode tag pvid, uni vlan-mode transparent.
l If a UNI port of an ET254-L ONU is added to an isolation group, the operation mode of the UNI port can be set to the transparent transmission mode only, but not VLAN tag mode or VLAN Translation mode.
l When all the ONU ports under an OLT port are Access ports, the operation mode of the UNI port can be set to the transparent transmission mode only to ensure the ONU ports and user PCs receive untagged packets.
Examples
# Configure the VLAN operation mode of UNI 1 as VLAN translation mode, add the VLAN 100 tag to the untagged packets received on the port, map VLAN ID 2 to VLAN ID 5, and set the 802.1p precedence for the packets to 3.
<Sysname> system-view
[Sysname] interface onu 1/0/1:1
[Sysname-Onu1/0/1:1] uni 1 vlan-mode translation pvid 100 priority 3 2 to 5
Syntax
uni uni-number vlan-mode transparent
undo uni uni-number vlan-mode
View
ONU port view
Default Level
2: System level
Parameters
uni-number: UNI number, in the range 1 to the number of current ONU UNIs. The maximum number of UNI ports supported is 80.
Description
Use the uni vlan-mode transparent command to configure the VLAN operation mode of a UNI as VLAN transparent transmission mode.
Use the undo uni vlan-mode command to restore the default VLAN operation mode of the UNI.
By default, the VLAN operation mode of a UNI is VLAN transparent transmission mode.
Related command: uni vlan-mode tag pvid, uni vlan-mode translation pvid.
l If a UNI port of an ET254-L ONU is added to an isolation group, the operation mode of the UNI port can be set to the transparent transmission mode only, but not VLAN tag mode or VLAN Translation mode.
l If all ONU ports under an OLT port are access ports, to make sure that the packets received on the ONU port and PC are untagged packets, the VLAN operation mode of a UNI can only be configured as the transparent mode.
Examples
# Configure the VLAN operation mode of UNI 1 as VLAN transparent transmission mode.
<Sysname> system-view
[Sysname] interface onu 1/0/1:1
[Sysname-Onu1/0/1:1] uni 1 vlan-mode transparen
Syntax
display protocol-vlan interface { interface-type interface-number1 [ to interface-type interface-number2 ] | all }
View
Any view
Default Level
2: System level
Parameters
interface-type interface-number1: Specifies an interface by its type and number.
interface-type interface-number1 to interface-type interface-number2: Specifies an interface range.
all: Displays information about protocol-based VLANs on all ports.
Description
Use the display protocol-vlan interface command to display information about protocol-based VLANs for the specified port(s).
Examples
# Display protocol-based VLAN information on GigabitEthernet1/1/1.
[Sysname] display protocol-vlan interface gigabitethernet1/1/1
Interface: GigabitEthernet1/1/1
VLAN ID Protocol Index Protocol Type
======================================================
2 0 at
3 0 ipv4
The sample output shows that untagged packets received on GigabitEthernet1/1/1 will be tagged with VLAN ID 2 if they carry AppleTalk packets or with VLAN ID 3 if they carry IPv4 packets.
Table 1-4 display protocol-vlan interface command output description
|
Field |
Description |
|
Interface |
Interface of which you want to view the information |
|
VLAN ID |
ID of the protocol-based VLAN bound with the port |
|
Protocol Index |
Protocol template index |
|
Protocol Type |
Protocol type specified by the protocol template |
Syntax
display protocol-vlan vlan { vlan-id1 [ to vlan-id2 ] | all }
View
Any view
Default Level
2: System level
Parameters
vlan-id1: ID of the protocol-based VLAN for which information is to be displayed, in the range of 1 to 4094.
vlan-id1 to vlan-id2: Displays protocol-based VLAN information of a VLAN range from vlan-id1 to vlan-id2. The vlan-id2 argument specifies a protocol-based VLAN ID in the range of 1 to 4094, but you must ensure that its value is greater than or equal to that of vlan-id1.
all: Displays information about all protocol-based VLANs.
Description
Use the display protocol-vlan vlan command to display the protocols and protocol indexes configured on the specified VLAN(s).
Related commands: display vlan.
Examples
# Display the protocols and protocol indexes configured on all protocol-based-VLANs.
<Sysname> display protocol-vlan vlan all
VLAN ID:2
Protocol Index Protocol Type
======================================================
0 ipv4
3 at
VLAN ID:3
Protocol Index Protocol Type
======================================================
0 ipv4
1 ipx snap
Refer to Table 1-4 for description of the output.
Syntax
port hybrid protocol-vlan vlan vlan-id { protocol-index [ to protocol-end ] | all }
undo port hybrid protocol-vlan { vlan vlan-id { protocol-index [ to protocol-end ] | all } | all }
View
Ethernet interface view, port group view, Layer-2 aggregate interface view
Default Level
2: System level
Parameters
vlan vlan-id: Specifies a VLAN ID, in the range 1 to 4094.
protocol-index: Protocol index, specified by the users or assigned by the system automatically when the protocol-based VLAN is created. You can use the display protocol-vlan vlan all command to display the protocol indexes. The range of this argument varies with device models.
to protocol-end: Specifies the end protocol index. The protocol-end argument must be greater than or equal to the beginning protocol index. The range of the protocol-end argument varies with device models.
all: Specifies all protocols bound with vlan-id.
Description
Use the port hybrid protocol-vlan vlan command to associate the hybrid port(s) with a protocol-based VLAN.
Use the undo port hybrid protocol-vlan command to remove the association.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration in the Access Volume.
l In Layer-2 aggregate interface view, this command applies to the Layer-2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer-2 aggregate interfaces, refer to Link Aggregation Configuration in the Access Volume.
Before issuing this command, make sure that you have made the following configurations:
l Create a VLAN and associate it with specified protocols.
l Configure the link type as hybrid.
l Configure the port to allow the protocol-based VLAN to pass through.
Related commands: display protocol-vlan interface.
Examples
# Associate the hybrid port GigabitEthernet1/1/1 with protocol 0 (AppleTalk) in VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-Vlan2] protocol-vlan at
[Sysname-Vlan2] quit
[Sysname] interface GigabitEthernet 1/1/1
[Sysname-GigabitEthernet1/1/1] port link-type hybrid
[Sysname-GigabitEthernet1/1/1] port hybrid vlan 2 untagged
Please wait... Done
[Sysname-GigabitEthernet1/1/1] port hybrid protocol-vlan vlan 2 0
# Associate the hybrid Layer-2 aggregate interface Bridge-aggregation 1 with protocol 0 in VLAN 2, assuming that Bridge-aggregation 1 does not have member ports.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-Vlan2] protocol-vlan at
[Sysname-Vlan2] quit
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
[Sysname-Bridge-Aggregation1] port hybrid vlan 2 untagged
Please wait... Done
[Sysname-Bridge-Aggregation1] port hybrid protocol-vlan vlan 2 0
# Associate the hybrid Layer-2 aggregate interface Bridge-aggregation 1 with protocol 0 in VLAN 2. Among the member ports of the aggregation group corresponding to Bridge-aggregation 1, GigabitEthernet1/1/1 is an access port and GigabitEthernet1/1/3 is a trunk port.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-Vlan2] protocol-vlan at
[Sysname-Vlan2] quit
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation2] port link-type access
Please wait... Done.
Configuring GigabitEthernet1/1/1... Done.
Configuring GigabitEthernet1/1/3........................................... Done.
[Sysname-Bridge-Aggregation1] port link-type hybrid
[Sysname-Bridge-Aggregation1] port hybrid vlan 2 untagged
Please wait... Done.
Configuring GigabitEthernet1/1/1... Done.
Configuring GigabitEthernet1/1/3... Done.
[Sysname-Bridge-Aggregation1] port hybrid protocol-vlan vlan 2 0
Syntax
protocol-vlan [ protocol-index ] { at | ipv4 | ipv6 | ipx { ethernetii | llc | raw | snap } | mode { ethernetii etype etype-id | llc { dsap dsap-id [ ssap ssap-id ] | ssap ssap-id } | snap etype etype-id } }
undo protocol-vlan { protocol-index [ to protocol-end ] | all }
View
VLAN view
Default Level
2: System level
Parameters
at: Specifies the AppleTalk based VLAN.
ipv4: Specifies the IPv4 based VLAN.
ipv6: Specifies the IPv6 based VLAN.
ipx: Specifies the IPX based VLAN. The keywords ethernetii, llc, raw, and snap are encapsulation formats for IPX.
mode: Configures a user-defined protocol template for the VLAN, which could also have four encapsulation formats, namely, ethernetii, llc, raw, and snap.
ethernetii etype etype-id: Specifies to match Ethernet II encapsulation format and the corresponding protocol type values. The etype-id argument is the protocol type ID of inbound packets, in the range 0x0600 to 0xffff (excluding 0x0800, 0x809b, 0x8137, and 0x86dd).
llc: Specifies to match the llc encapsulation format.
dsap dsap-id: Specifies the destination service access point, in the range of 00 to 0xff.
ssap ssap-id: Specifies the source service access point, in the range of 00 to 0xff.
snap etype etype-id: Specifies to match SNAP encapsulation format and the corresponding protocol type values. The etype-id argument is the Ethernet type of inbound packets, in the range 0x0600 to 0xffff (excluding ipx snap under the snap encapsulation format).
protocol-index: Protocol index, which specifies the protocol template to be bound with the current VLAN. Its range varies by device. System will automatically assign an index if this parameter is not specified.
to protocol-end: Specifies the end protocol index, whose range varies by device. The protocol-end argument must be greater than or equal to the protocol-index argument.
all: Specifies to remove all the protocols bound with the current VLAN.
l Do not configure both the dsap-id and ssap-id arguments in the protocol-vlan command as 0xe0 or 0xff when configuring the user-defined template for llc encapsulation. Otherwise, the encapsulation format of the matching packets will be the same as that of the ipx llc or ipx raw packets respectively. When either of the dsap-id and ssap-id arguments is configured, the system assigns aa to the other argument.
l When you use the mode keyword to configure a user-defined protocol template, do not set etype-id in ethernetii etype etype-id to 0x0800, 0x8137, 0x809b, or 0x86dd. Otherwise, the encapsulation format of the matching packets will be the same as that of the IPv4, IPX, AppleTalk, and IPv6 packets respectively.
Description
Use the protocol-vlan command to configure the VLAN as a protocol based VLAN and configure the protocol template for the VLAN.
Use the undo protocol-vlan command to remove the configured protocol template.
By default, no VLAN is bound with any protocol template.
Related commands: display protocol-vlan vlan.
Do not configure a VLAN as both a protocol-based VLAN and a voice VLAN.
Examples
# Configure VLAN 3 as an IPv4 based VLAN.
<Sysname> system-view
[Sysname] vlan 3
[Sysname-vlan3] protocol-vlan ipv4
Because IP depends on ARP for address resolution in Ethernet, you are recommended to configure the IP and ARP templates in the same VLAN and associate them with the same port to prevent communication failure.
# Create an ARP protocol template for VLAN 3 (ARP code is 0x0806) to make VLAN 3 transmit ARP packets.
l To use Ethernet encapsulation, use the command:
[Sysname-vlan3] protocol-vlan mode ethernetii etype 0806
l To use 802.3 encapsulation, use the command:
[Sysname-vlan3] protocol-vlan mode snap etype 0806
