Login
| Title | Size | Downloads |
|---|---|---|
| H3C S5120-SI Series Ethernet Switches Command Reference-Release 1101-6W105-VLAN Commands.pdf | 110.45 KB |
- Table of Contents
- Related Documents
-
| Title | Size | Download |
|---|---|---|
| 09-VLAN Commands | 110.45 KB |
Table of Contents
display interface vlan-interface
Port-Based VLAN Configuration Commands
2 Voice VLAN Configuration Commands
Voice VLAN Configuration Commands
VLAN Configuration Commands
description
Syntax
description text
undo description
View
VLAN view, VLAN interface view
Default Level
2: System level
Parameters
text: Description of a VLAN or VLAN interface. Currently, the device supports the following types of characters or symbols: standard English characters (numbers and case-sensitive letters), special English characters, spaces, and other characters or symbols that conform to the Unicode standard.
l For a VLAN, the description string contains 1 to 32 characters.
l For a VLAN interface, the description string contains 1 to 80 characters.
l A port description can be the mixture of English characters and other Unicode characters. The mixed description cannot exceed the specified length.
l To use a type of Unicode characters or symbols in a port description, you need to install the corresponding Input Method Editor (IME) and log in to the device through remote login software that supports this character type.
l Each Unicode character or symbol (non-English characters) takes the space of two regular characters. When the length of a description string reaches or exceeds the maximum line width on the terminal software, the software starts a new line, possibly breaking a Unicode character into two parts. As a result, garbled characters may be displayed at the end of a line.
Case-sensitive string that describes the current VLAN or VLAN interface. Spaces can be included in the description.
l For a VLAN, this is a string of 1 to 32 characters.
l For a VLAN interface, this is a string of 1 to 80 characters.
Description
Use the description command to configure the description of the current VLAN or VLAN interface.
Use the undo description command to restore the default.
For a VLAN, the default description is the VLAN ID, for example, VLAN 0001; for a VLAN interface, the default description is the name of the interface, for example, Vlan-interface 1 Interface.
You can configure a description to describe the function or connection of a VLAN or VLAN interface for management sake.
Examples
# Configure the description of VLAN 1 as RESEARCH.
<Sysname> system-view
[Sysname] vlan 1
[Sysname-vlan1] description RESEARCH
# Configure the description of VLAN-interface 2 as VLAN-INTERFACE-2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] description VLAN-INTERFACE-2
display interface vlan-interface
Syntax
display interface vlan-interface [ vlan-interface-id ]
View
Any view
Default Level
1: Monitor level
Parameters
vlan-interface-id: VLAN interface number.
Description
Use the display interface vlan-interface command to display information about a specified or all VLAN interfaces if no interface is specified.
Related commands: interface vlan-interface.
Examples
# Display the information of VLAN-interface 2.
<Sysname> display interface vlan-interface 2
Vlan-interface2 current state: DOWN
Line protocol current state: DOWN
Description: Vlan-interface2 Interface
The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Packet Frame Type: PKTFMT_ETHNT_2, Hardware Address: 000f-e249-8050
Last clearing of counters: Never
Last 300 seconds input: 0 bytes/sec 0 packets/sec
Last 300 seconds output: 0 bytes/sec 0 packets/sec
0 packets input, 0 bytes, 0 drops
0 packets output, 0 bytes, 0 drops
Table 1-1 display interface vlan-interface command output description
|
Field |
Description |
|
Vlan-interface2 current state |
The physical state of the VLAN interface, which can be one of the following: l DOWN ( Administratively ): The administrative state of the VLAN interface is down because it has been manually shut down with the shutdown command. l DOWN: The administrative state of this VLAN interface is up, but its physical state is down. It indicates that the VLAN corresponding to this interface does not contain any port in the UP state (possibly because the ports are not physical connected or the lines have failed). l UP: both the administrative state and the physical state of this VLAN interface are up. |
|
Line protocol current state |
The link layer protocol state of a VLAN interface, which can be one of the following: l DOWN: The protocol state of this VLAN interface is down, usually because no IP address is configured. l UP: The protocol state of this VLAN interface is up. |
|
Description |
The description string of a VLAN interface |
|
The Maximum Transmit Unit |
The MTU of a VLAN interface |
|
Internet protocol processing : |
IP packets processing ability. Disabled indicates that the interface is not configured with an IP address. |
|
IP Packet Frame Type |
IPv4 outgoing frame format |
|
Hardware address |
MAC address corresponding to a VLAN interface |
|
Last 300 seconds input: 0 bytes/sec 0 packets/sec Last 300 seconds output: 0 bytes/sec 0 packets/sec |
Average rate of input packets and output packets in the last 300 seconds (in bps and pps) |
|
0 packets input, 0 bytes, 0 drops |
Total number and size (in bytes) of the received packets of the interface and the number of the dropped packets |
|
0 packets output, 0 bytes, 0 drops |
Total number and size (in bytes) of the transmitted packets of the interface and the number of the dropped packets |
display vlan
Syntax
display vlan [ vlan-id1 [ to vlan-id2 ] | all | dynamic | reserved | static ]
View
Any view
Default Level
1: Monitor level
Parameters
vlan-id1: Displays the information of a VLAN specified by VLAN ID in the range of 1 to 4094.
vlan-id1 to vlan-id2: Displays the information of a range of VLANs specified by a VLAN ID range.
all: Displays all current VLAN information except for the reserved VLANs.
dynamic: Displays the number of dynamic VLANs and the ID of each dynamic VLAN. Dynamic VLANs refer to VLANs that are generated through GVRP or those distributed by a RADIUS server.
reserved: Displays information of the reserved VLANs. Protocol modules determine which VLANs are reserved VLANs according to function implementation, and reserved VLANs serve protocol modules. You cannot do any configuration on reserved VLANs.
static: Displays the number of static VLANs and the ID of each static VLAN. Static VLANs refer to VLANs manually created.
Description
Use the display vlan command to display VLAN information.
Related commands: vlan.
Examples
# Display VLAN 2 information.
<Sysname> display vlan 2
VLAN ID: 2
VLAN Type: static
Route interface: not configured
Description: VLAN 0002
Name: VLAN 0002
Tagged Ports: none
Untagged Ports:
GigabitEthernet1/0/1 GigabitEthernet1/0/2 GigabitEthernet1/0/3
# Display VLAN 3 information.
<Sysname> display vlan 3
VLAN ID: 3
VLAN Type: static
Route Interface: configured
IP Address: 1.1.1.1
Subnet Mask: 255.255.255.0
Description: VLAN 0003
Name: VLAN 0003
Tagged Ports: none
Untagged Ports: none
Table 1-2 display vlan command output description
|
Field |
Description |
|
VLAN Type |
VLAN type (static or dynamic) |
|
Route interface |
Whether a VLAN interface is configured for the VLAN: not configured or configured |
|
Description |
Description of the VLAN |
|
Name |
Name configured for the VLAN |
|
IP Address |
Primary IP address of the VLAN interface (available only on a VLAN interface configured with an IP address). You can use the display interface vlan-interface command in any view or the display this command in VLAN interface view to display its secondary IP address(es), if any. |
|
Subnet Mask |
Subnet mask of the primary IP address (available only on a VLAN interface configured with an IP address) |
|
Tagged Ports |
Ports through which packets of the VLAN are sent tagged |
|
Untagged Ports |
Ports through which packets of the VLAN are sent untagged |
interface vlan-interface
Syntax
interface vlan-interface vlan-interface-id
undo interface vlan-interface vlan-interface-id
View
System view
Default Level
2: System level
Parameters
vlan-interface-id: VLAN interface number, in the range of 1 to 4094.
Description
Use the interface vlan-interface command to create a VLAN interface and enter its view or enter the view of an existing VLAN interface.
Before you can create the VLAN interface of a VLAN, create the VLAN first.
Use the undo interface vlan-interface command to remove the specified VLAN interface.
You can use the ip address command in VLAN interface view to configure an IP address for a VLAN interface to perform IP routing.
Related commands: display interface Vlan-interface.
Examples
# Create VLAN-interface 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2]
ip address
Syntax
ip address ip-address { mask | mask-length }
undo ip address [ ip-address { mask | mask-length } ]
View
VLAN interface view
Default Level
2: System level
Parameters
ip-address: IP address to be assigned to the current VLAN interface, in dotted decimal format.
mask: Subnet mask in dotted decimal notation.
mask-length: Subnet mask length, the number of consecutive ones in the mask. The value range is 0 to 32.
Description
Use the ip address command to assign an IP address and subnet mask to a VLAN interface.
Use the undo ip address command to remove the IP address and subnet mask for a VLAN interface.
By default, no IP address is assigned to any VLAN interface.
Related commands: display ip interface (IP Address Commands).
Examples
# Specify the IP address as 1.1.0.1, the subnet mask as 255.255.255.0 for VLAN-interface 1.
<Sysname> system-view
[Sysname] interface vlan-interface 1
[Sysname-Vlan-interface1] ip address 1.1.0.1 255.255.255.0
name
Syntax
name text
undo name
View
VLAN view
Default Level
2: System level
Parameters
text: VLAN name, a string of 1 to 32 characters. Spaces and special characters can be included in the name.
Description
Use the name command to configure a name for the current VLAN.
Use the undo name command to restore the default name of the VLAN.
The default name of a VLAN is its VLAN ID, VLAN 0001 for example.
When 802.1X or MAC address authentication is configured on a switch, you can use a RADIUS server to issue VLAN configuration to ports that have passed the authentication. Some servers can send IDs or names of the issued VLANs to the switch. When there are a large number of VLANs, you can use VLAN names rather than VLAN IDs to better locate VLANs.
Examples
# Configure the name of VLAN 2 as test vlan.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] name test vlan
shutdown
Syntax
shutdown
undo shutdown
View
VLAN interface view
Default Level
2: System level
Parameters
None
Description
Use the shutdown command to shut down a VLAN interface.
Use the undo shutdown command to bring up a VLAN interface.
By default, a VLAN interface is up except when all ports in the VLAN are down.
You can use the undo shutdown command to bring up a VLAN interface after configuring related parameters and protocols for the VLAN interface. When a VLAN interface fails, you can shut down the interface with the shutdown command and then bring it up with the undo shutdown command. In this way, the interface may resume.
The state of any Ethernet port in a VLAN is independent of the VLAN interface state.
Examples
# Shut down VLAN interface 2 and then bring it up.
<Sysname> system-view
[Sysname] interface vlan-interface 2
[Sysname-Vlan-interface2] shutdown
[Sysname-Vlan-interface2] undo shutdown
vlan
Syntax
vlan { vlan-id1 [ to vlan-id2 ] }
undo vlan { vlan-id1 [ to vlan-id2 ] | all }
View
System view
Default Level
2: System level
Parameters
vlan-id1, vlan-id2: VLAN ID, in the range 1 to 4094.
vlan-id1 to vlan-id2: Specifies a VLAN range. A VLAN ID is in the range 1 to 4094.
all: Creates or removes all VLANs except reserved VLANs.
Description
Use the vlan vlan-id command to create a VLAN and enter its view or enter the view of an existing VLAN.
Use the vlan vlan-id1 to vlan-id2 command to create a range of VLANs specified by vlan-id1 to vlan-id2, except reserved VLANs.
Use the undo vlan command to remove the specified VLAN(s).
l As the default VLAN, VLAN 1 cannot be created or removed.
l You cannot create/remove reserved VLANs reserved for specific functions.
l You cannot use the undo vlan command to directly remove reserved VLANs, voice VLANs, management VLANs, dynamic VLANs, VLANs configured with QoS policies, control VLANs configured for port mirroring. To remove these VLANs, you need to first remove related configurations.
Related commands: display vlan.
Examples
# Enter VLAN 2 view.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2]
# Create VLAN 4 through VLAN 100.
<Sysname> system-view
[Sysname] vlan 4 to 100
Please wait............. Done.
Port-Based VLAN Configuration Commands
display port
Syntax
display port { hybrid | trunk }
View
Any view
Default Level
1: Monitor level
Parameters
hybrid: Displays hybrid ports.
trunk: Displays trunk ports.
Description
Use the display port command to display information about the hybrid or trunk ports on the device, including the port names, default VLAN IDs, and allowed VLAN IDs.
Examples
# Display information about the hybrid ports in the system.
<Sysname> display port hybrid
Interface PVID VLAN passing
GE1/0/4 100 Tagged: 1000, 1002, 1500, 1600-1611, 2000,
2555-2558, 3000, 4000
Untagged:1, 10, 15, 18, 20-30, 44, 55, 67, 100,
150-160, 200, 255, 286, 300-302
# Display information about the trunk ports in the system.
<Sysname> display port trunk
Interface PVID VLAN passing
GE1/0/8 2 1-4, 6-100, 145, 177, 189-200, 244, 289, 400,
555, 600-611, 1000, 2006-2008
Table 1-3 display port command output description
|
Field |
Description |
|
Interface |
Port name |
|
PVID |
Default VLAN ID of the port |
|
VLAN passing |
VLANs whose packets are allowed to pass through the port. |
|
Tagged |
VLANs whose packets are required to pass through the port tagged. |
|
Untagged |
VLANs whose packets are required to pass through the port untagged. |
port
Syntax
port interface-list
undo port interface-list
View
VLAN view
Default Level
2: System level
Parameters
interface interface-list: Specifies an Ethernet port list or Layer 2 aggregate interface list, in the format of interface-list = { interface-type interface-number [ to interface-type interface-number ] }&<1-10>, where &<1-10> indicates that you can specify up to 10 ports or port ranges.
Description
Use the port command to assign the specified access port(s) to the current VLAN.
Use the undo port command to remove the specified access port(s) from the current VLAN.
By default, all ports are in VLAN 1.
Note that:
l This command is only applicable on access ports.
l All ports are access ports by default. However, you can manually configure the port type. For more information, refer to port link-type.
l If you use this command to assign a Layer 2 aggregate interface to a VLAN, this command assigns the Layer 2 aggregate interface but not its member ports to the current VLAN. For detailed information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
Related commands: display vlan.
Examples
# Assign GigabitEthernet1/0/1 through GigabitEthernet1/0/3 to VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] port gigabitethernet 1/0/1 to gigabitethernet 1/0/3
# Assign Layer 2 aggregate interface Bridge-aggregation 1 to VLAN 2.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] port bridge-aggregation 1
port access vlan
Syntax
port access vlan vlan-id
undo port access vlan
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094. Be sure that the VLAN specified by the VLAN ID already exists.
Description
Use the port access vlan command to assign the current access port(s) to the specified VLAN.
Use the undo port access vlan command to restore the default.
By default, all access ports belong to VLAN 1.
You can assign an access port to only one VLAN. When doing that, note the following:
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
Examples
# Assign GigabitEthernet1/0/1 to VLAN 3.
<Sysname> system-view
[Sysname] vlan 3
[Sysname-vlan3] quit
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port access vlan 3
# Assign Layer 2 aggregate interface Bridge-aggregation 1 and its member ports to VLAN 3.
<Sysname> system-view
[Sysname] vlan 3
[Sysname-vlan3] quit
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port access vlan 3
port hybrid pvid
Syntax
port hybrid pvid vlan vlan-id
undo port hybrid pvid
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094.
Description
Use the port hybrid pvid command to configure the default VLAN ID of the hybrid port.
Use the undo port hybrid pvid command to restore the default.
By default, the default VLAN of a hybrid port is VLAN 1.
You can use a nonexistent VLAN as the default VLAN for a hybrid port. Removing the default VLAN of a hybrid port with the undo vlan command does not affect the setting of the default VLAN on the port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
l You are recommended to set the same default VLAN ID for the local and remote hybrid ports.
l After configuring the default VLAN for a hybrid port, you must use the port hybrid vlan command to configure the hybrid port to allow packets from the default VLAN to pass through, so that the port can forward packets from the default VLAN.
Related commands: port link-type, port hybrid vlan.
Examples
# Configure VLAN 100 as the default VLAN of the hybrid port GigabitEthernet1/0/1.
<Sysname> system-view
[Sysname] vlan 100
[Sysname-vlan100] quit
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type hybrid
[Sysname-GigabitEthernet1/0/1] port hybrid pvid vlan 100
# Configure VLAN 100 as the default VLAN of the hybrid Layer 2 aggregate interface Bridge-aggregation 1.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
[Sysname-Bridge-Aggregation1] port hybrid pvid vlan 100
port hybrid vlan
Syntax
port hybrid vlan vlan-id-list { tagged | untagged }
undo port hybrid vlan vlan-id-list
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
vlan-id-list: VLANs that the hybrid ports will be assigned to. This argument is expressed in the format of [ vlan-id1 [ to vlan-id2 ] ]&<1-10>, where vlan-id ranges from 1 to 4094 and &<1-10> indicates that you can specify up to 10 VLAN IDs or VLAN ID ranges. Be sure that the specified VLANs already exist.
tagged: Configures the port(s) to send the packets of the specified VLAN(s) with the tags kept.
untagged: Configures the port to send the packets of the specified VLAN(s) with the tags removed.
Description
Use the port hybrid vlan command to assign the current hybrid port(s) to the specified VLAN(s).
Use the undo port hybrid vlan command to remove the current hybrid port(s) from the specified VLAN(s).
By default, a hybrid port only allows packets from VLAN 1 to pass through untagged.
A hybrid port can carry multiple VLANs. If you execute the port hybrid vlan command multiple times, the VLANs the hybrid port carries are the set of VLANs specified by vlan-id-list in each execution.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
Related commands: port link-type.
Examples
# Assign the hybrid port GigabitEthernet1/0/1 to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100, and configure GigabitEthernet1/0/1 to send packets of these VLANs with tags kept.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type hybrid
[Sysname-GigabitEthernet1/0/1] port hybrid vlan 2 4 50 to 100 tagged
# Assign hybrid ports in port group 2 to VLAN 2, and configure these hybrid ports to send packets of VLAN 2 with VLAN tags removed.
<Sysname> system-view
[Sysname] vlan 2
[Sysname-vlan2] quit
[Sysname] port-group manual 2
[Sysname-port-group-manual-2] group-member gigabitethernet 1/0/1 to gigabitethernet 1/0/6
[Sysname-port-group-manual-2] port link-type hybrid
[Sysname-port-group-manual-2] port hybrid vlan 2 untagged
Configuring GigabitEthernet1/0/1... Done.
Configuring GigabitEthernet1/0/2... Done.
Configuring GigabitEthernet1/0/3... Done.
Configuring GigabitEthernet1/0/4... Done.
Configuring GigabitEthernet1/0/5... Done.
Configuring GigabitEthernet1/0/6... Done.
# Assign the hybrid Layer 2 aggregate interface Bridge-aggregation 1 and its member ports to VLAN 2, and configure them to send packets of VLAN 2 with tags removed.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
[Sysname-Bridge-Aggregation1] port hybrid vlan 2 untagged
Please wait... Done.
Configuring GigabitEthernet1/0/2... Done.
Configuring GigabitEthernet1/0/3... Done.
Note that GigabitEthernet1/0/2 and GigabitEthernet1/0/3 are the member ports of the aggregation group corresponding to Bridge-aggregation 1.
port link-type
Syntax
port link-type { access | hybrid | trunk }
undo port link-type
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
access: Configures the link type of a port as access.
hybrid: Configures the link type of a port as hybrid.
trunk: Configures the link type of a port as trunk.
Description
Use the port link-type command to configure the link type of a port.
Use the undo port link-type command to restore the default link type of a port.
By default, any port is an access port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
To change the link type of a port from trunk to hybrid or vice versa, you must set the link type to access first.
Examples
# Configure GigabitEthernet1/0/1 as a trunk port.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type trunk
# Configure all the ports in the manual port group group1 as hybrid ports.
<Sysname> system-view
[Sysname] port-group manual group1
[Sysname-port-group manual group1] group-member gigabitethernet 1/0/10
[Sysname-port-group manual group1] group-member gigabitethernet 1/0/11
[Sysname-port-group manual group1] port link-type hybrid
# Configure Layer 2 aggregate interface Bridge-aggregation 1 and its member ports as hybrid ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type hybrid
port trunk permit vlan
Syntax
port trunk permit vlan { vlan-id-list | all }
undo port trunk permit vlan { vlan-id-list | all }
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
vlan-id-list: VLANs that the trunk port(s) will be assigned to. This argument is expressed in the format of [vlan-id1 [ to vlan-id2 ] ]&<1-10>, where vlan-id ranges from 1 to 4094 and &<1-10> indicates that you can specify up to 10 VLAN IDs or VLAN ID ranges.
all: Permits all VLANs to pass through the trunk port(s). On GVRP-enabled trunk ports, you must configure the port trunk permit vlan all command to ensure that the traffic of all dynamically registered VLANs can pass through. However, When GVRP is disabled on a port, you are discouraged to configure the command on the port. This is to prevent users of unauthorized VLANs from accessing restricted resources through the port.
Description
Use the port trunk permit vlan command to assign the current trunk port(s) to the specified VLAN(s).
Use the undo port trunk permit vlan command to remove the trunk port(s) from the specified VLANs.
By default, a trunk port allows only packets from VLAN 1 to pass through.
A trunk port can carry multiple VLANs. If you execute the port trunk permit vlan command multiple times, the VLANs the trunk port carries are the set of VLANs specified by vlan-id-list in each execution.
Note that on a trunk port, only traffic of the default VLAN can pass through untagged.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
Related commands: port link-type.
Examples
# Assign the trunk port GigabitEthernet1/0/1 to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type trunk
[Sysname-GigabitEthernet1/0/1] port trunk permit vlan 2 4 50 to 100
Please wait........... Done.
# Assign the trunk Layer 2 aggregate interface Bridge-aggregation 1 to VLAN 2, assuming that Bridge-aggregation 1 does not have member ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type trunk
[Sysname-Bridge-Aggregation1] port trunk permit vlan 2
Please wait... Done.
# Assign the trunk Layer 2 aggregate interface Bridge-aggregation 1 to VLAN 13 and VLAN 15. Among the member ports of the aggregation group corresponding to Bridge-aggregation 1, GigabitEthernet1/0/2 is an access port, and GigabitEthernet1/0/3 is a trunk port.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type trunk
[Sysname-Bridge-Aggregation1] port trunk permit vlan 13 15
Please wait... Done.
Error: Failed to configure on interface GigabitEthernet1/0/2! This port is not a Trunk port!
Configuring GigabitEthernet1/0/3... Done.
Among the output fields above, the message “Please wait... Done” indicates that the configuration on Bridge-aggregation 1 succeeded; “Error: Failed to configure on interface GigabitEthernet1/0/2! This port is not a Trunk port!” indicates that the configuration failed on GigabitEthernet1/0/2 because GigabitEthernet1/0/2 was not a trunk port; “Configuring GigabitEthernet1/0/3... Done” indicates that the configuration on GigabitEthernet1/0/3 succeeded.
port trunk pvid
Syntax
port trunk pvid vlan vlan-id
undo port trunk pvid
View
Ethernet interface view, port group view, Layer 2 aggregate interface view
Default Level
2: System level
Parameters
vlan-id: VLAN ID, in the range of 1 to 4094
Description
Use the port trunk pvid command to configure the default VLAN ID for the trunk port.
Use the undo port trunk pvid command to restore the default.
By default, the default VLAN of a trunk port is VLAN 1.
You can use a nonexistent VLAN as the default VLAN for a trunk port. Removing the default VLAN of a trunk port with the undo vlan command does not affect the setting of the default VLAN on the port.
l In port group view, this command applies to all ports in the port group. For information about port groups, refer to Ethernet Interface Configuration.
l In Layer 2 aggregate interface view, this command applies to the Layer 2 aggregate interface and all its member ports. After you perform the configuration, the system starts applying the configuration to the aggregate interface and its aggregation member ports. If the system fails to do that on the aggregate interface, it stops applying the configuration to the aggregation member ports. If it fails to do that on an aggregation member port, it simply skips the port and moves to the next port. For information about Layer 2 aggregate interfaces, refer to Link Aggregation Configuration.
l The local and remote trunk ports must use the same default VLAN ID for the traffic of the default VLAN to be transmitted properly.
l After configuring the default VLAN for a trunk port, you must use the port trunk permit vlan command to configure the trunk port to allow packets from the default VLAN to pass through, so that the port can forward packets from the default VLAN.
Related commands: port link-type, port trunk permit vlan.
Examples
# Configure VLAN 100 as the default VLAN of the trunk port GigabitEthernet1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] port link-type trunk
[Sysname-GigabitEthernet1/0/1] port trunk pvid vlan 100
# Configure VLAN 100 as the default VLAN of the trunk Layer 2 aggregate interface Bridge-aggregation 1, assuming Bridge-aggregation 1 does not have member ports.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type trunk
[Sysname-Bridge-Aggregation1] port trunk pvid vlan 100
# Configure VLAN 100 as the default VLAN of the trunk Layer 2 aggregate interface Bridge-aggregation 1. Among the member ports of the aggregation group corresponding to Bridge-aggregation 1, GigabitEthernet1/0/2 is an access port and GigabitEthernet1/0/3 is a trunk port.
<Sysname> system-view
[Sysname] interface bridge-aggregation 1
[Sysname-Bridge-Aggregation1] port link-type trunk
[Sysname-Bridge-Aggregation1] port trunk pvid vlan 100
Error: Failed to configure on interface GigabitEthernet1/0/2! This port is not a Trunk port!
The output above shows that the configuration on Bridge-aggregation 1 and the member port GigabitEthernet1/0/3 succeeded; the configuration on GigabitEthernet1/0/2 failed because GigabitEthernet1/0/2 was not a trunk port.
Voice VLAN Configuration Commands
display voice vlan oui
Syntax
display voice vlan oui
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display voice vlan oui command to display the currently supported organizationally unique identifier (OUI) addresses, the OUI address masks, and the description strings.
Related commands: voice vlan mac-address.
In general, as the first 24 bits of a MAC address (in binary format), an OUI address is a globally unique identifier assigned to a vendor by IEEE. OUI addresses mentioned in this document, however, are different from those in common sense. OUI addresses in this document are used to determine whether a received packet is a voice packet. They are the results of the AND operation of the two arguments mac-address and oui-mask in the voice vlan mac-address command.
Examples
# Display the currently supported OUI addresses.
<Sysname> display voice vlan oui
Oui Address Mask Description
0001-e300-0000 ffff-ff00-0000 Siemens phone
0003-6b00-0000 ffff-ff00-0000 Cisco phone
0004-0d00-0000 ffff-ff00-0000 Avaya phone
00d0-1e00-0000 ffff-ff00-0000 Pingtel phone
0060-b900-0000 ffff-ff00-0000 Philips/NEC phone
00e0-7500-0000 ffff-ff00-0000 Polycom phone
00e0-bb00-0000 ffff-ff00-0000 3com phone
Table 2-1 display voice vlan oui command output description
|
Field |
Description |
|
Oui Address |
OUI addresses supported |
|
Mask |
Masks of the OUI addresses supported |
|
Description |
Description strings of the OUI addresses supported |
display voice vlan state
Syntax
display voice vlan state
View
Any view
Default Level
1: Monitor level
Parameters
None
Description
Use the display voice vlan state command to display voice VLAN configuration.
Related commands: voice vlan vlan-id enable, voice vlan enable, voice vlan qos cos-value dscp-value, voice vlan qos trust.
Examples
# Display voice VLAN configurations.
<Sysname> display voice vlan state
Maximum of Voice VLANs: 1
Current Voice VLANs: 1
Voice VLAN security mode: Security
Voice VLAN aging time: 1440 minutes
Voice VLAN enabled port and its mode:
PORT VLAN MODE
-----------------------------------------------
GigabitEthernet1/0/1 2 AUTO
GigabitEthernet1/0/2 2 AUTO
Table 2-2 display voice vlan state command output description
|
Field |
Description |
|
Voice VLAN system capacity |
Maximum number of voice VLANs supported by the system |
|
Current Voice VLAN Count |
Number of existing voice VLANs |
|
Voice VLAN security mode |
Security mode of the voice VLAN: Security for security mode; Normal for normal mode |
|
Voice VLAN aging time |
Aging time of the voice VLAN |
|
Current voice vlan enabled port and its mode |
Voice VLAN-enabled port and its voice VLAN assignment mode |
|
PORT |
Voice VLAN-enabled port name |
|
VLAN |
ID of the voice VLAN enabled on the port |
|
MODE |
Voice VLAN assignment mode of the port: manual or automatic. |
voice vlan aging
Syntax
voice vlan aging minutes
undo voice vlan aging
View
System view
Default Level
2: System level
Parameters
minutes: Voice VLAN aging time, in the range 5 to 43200 minutes.
Description
Use the voice vlan aging command to configure the voice VLAN aging time.
Use the undo voice vlan aging command to restore the default.
By default, the voice VLAN aging time is 1440 minutes.
When a port in automatic voice VLAN assignment mode receives a voice packet, the system decides whether to assign the port to the voice VLAN based on the source MAC address of the voice packet. Upon assigning the port to the voice VLAN, the system starts the aging timer. If no voice packets are received on the port until the aging time expires, the system automatically removes the port from the voice VLAN. This aging time only applies to the ports in automatic voice VLAN assignment mode.
Related commands: display voice vlan state.
Examples
# Configure the voice VLAN aging time as 100 minutes.
<Sysname> system-view
[Sysname] voice vlan aging 100
voice vlan enable
Syntax
voice vlan vlan-id enable
undo voice vlan enable
View
Ethernet interface view
Default Level
2: System level
Parameters
vlan-id: VLAN to be configured as the voice VLAN for the current port.
Description
Use the voice vlan enable command to enable the voice VLAN feature and configure a VLAN as the voice VLAN for the current Ethernet port.
Use the undo voice vlan enable command to disable the voice VLAN feature on an Ethernet port.
By default, the voice VLAN feature is disabled on ports.
You can enable the voice VLAN feature on a hybrid or trunk port operating in automatic voice VLAN assignment mode but not on an access port operating in automatic voice VLAN assignment mode.
Examples
# Enable the voice VLAN feature on GigabitEthernet1/0/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] voice vlan 2 enable
voice vlan mac-address
Syntax
voice vlan mac-address mac-address mask oui-mask [ description text ]
undo voice vlan mac-address oui
View
System view
Default Level
2: System level
Parameters
mac-address: Source MAC address of voice traffic, in the format of H-H-H, such as 1234-1234-1234.
mask oui-mask: Specifies the valid length of the OUI address by a mask in the format of H-H-H, formed by consecutive fs and 0s, for example, ffff-0000-0000. To filter the voice device of a specific vendor, set the mask to ffff-ff00-0000.
description text: Specifies a string that describes the OUI address. The string is of 1 to 30 case-sensitive characters.
oui: Specifies the OUI address to be removed, in the format of H-H-H, such as 1234-1200-0000. An OUI address is the logic AND result of mac-address and oui-mask. An OUI address cannot be a broadcast address, a multicast address, or an address of all 0s. You can use the display voice vlan oui command to display the OUI addresses supported currently.
Description
Use the voice vlan mac-address command to add a recognizable OUI address.
Use the undo voice vlan mac-address command to remove a recognizable OUI address.
The system supports up to 16 OUI addresses.
By default, the system is configured with the default OUI addresses, as illustrated in Table 2-3. You can remove the default OUI addresses and then add recognizable OUI addresses manually.
Table 2-3 Default OUI addresses
|
Number |
OUI |
Vendor |
|
1 |
0001-e300-0000 |
Siemens phone |
|
2 |
0003-6b00-0000 |
Cisco phone |
|
3 |
0004-0d00-0000 |
Avaya phone |
|
4 |
00d0-1e00-0000 |
Pingtel phone |
|
5 |
0060-b900-0000 |
Philips/NEC phone |
|
6 |
00e0-7500-0000 |
Polycom phone |
|
7 |
00e0-bb00-0000 |
3com phone |
Related commands: display voice vlan oui.
Examples
# Add a recognizable OUI address 1234-1200-0000 by specifying the MAC address as 1234-1234-1234 and the mask as fff-ff00-0000, and configure its description string as PhoneA.
<Sysname> system-view
[Sysname] voice vlan mac-address 1234-1234-1234 mask ffff-ff00-0000 description PhoneA
# Display the supported OUI addresses to verify the above configuration.
<Sysname> display voice vlan oui
Oui Address Mask Description
0001-e300-0000 ffff-ff00-0000 Siemens phone
0003-6b00-0000 ffff-ff00-0000 Cisco phone
0004-0d00-0000 ffff-ff00-0000 Avaya phone
00d0-1e00-0000 ffff-ff00-0000 Pingtel phone
0060-b900-0000 ffff-ff00-0000 Philips/NEC phone
00e0-7500-0000 ffff-ff00-0000 Polycom phone
00e0-bb00-0000 ffff-ff00-0000 3com phone
1234-1200-0000 ffff-ff00-0000 PhoneA
# Remove the OUI address 1234-1200-0000.
<Sysname> system-view
[Sysname] undo voice vlan mac-address 1234-1200-0000
voice vlan mode auto
Syntax
voice vlan mode auto
undo voice vlan mode auto
View
Ethernet interface view
Default Level
2: System level
Parameters
None
Description
Use the voice vlan mode auto command to configure the current port to operate in automatic voice VLAN assignment mode.
Use the undo voice vlan mode auto command to configure the current port to operate in manual voice VLAN assignment mode.
By default, a port operates in automatic voice VLAN assignment mode.
The voice VLAN modes of different ports are independent of one another.
To make voice VLAN take effect on a port which is enabled with voice VLAN and operates in manual voice VLAN assignment mode, you need to assign the port to the voice VLAN manually.
Examples
# Configure GigabitEthernet1/0/1 to operate in manual voice VLAN assignment mode.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] undo voice vlan mode auto
voice vlan security enable
Syntax
voice vlan security enable
undo voice vlan security enable
View
System view
Default Level
2: System level
Parameters
None
Description
Use the voice vlan security enable command to enable voice VLAN security mode.
Use the undo voice vlan security enable command to disable voice VLAN security mode.
After you enable the security mode for a voice VLAN, only voice traffic can be transmitted in the voice VLAN. The device matches the source MAC addresses of the packets against the supported OUI addresses to determine whether they are voice traffic and filters all non-voice traffic, guaranteeing high priority and high quality for voice traffic. On the other hand, when a voice VLAN operates in common mode, other service traffic is also allow to be transmitted in the voice VLAN.
By default, voice VLAN security mode is not enabled.
Examples
# Disable voice VLAN security mode.
<Sysname> system-view
