04 Layer 2 - LAN Switching

HomeSupportReference GuidesCommand ReferencesH3C Access Controllers Command References(R5228P01)-6W10204 Layer 2 - LAN Switching
Table of Contents
Related Documents
01-Text
Title Size Download
01-Text 739.02 KB

Contents

MAC address table commands· 1

display mac-address· 1

display mac-address aging-time· 2

display mac-address mac-learning· 3

display mac-address mac-move· 3

mac-address (interface view) 4

mac-address (system view) 6

mac-address mac-learning enable· 7

mac-address mac-learning priority· 8

mac-address max-mac-count 9

mac-address max-mac-count enable-forwarding· 10

mac-address notification mac-move· 10

mac-address notification mac-move suppression (interface view) 12

mac-address notification mac-move suppression (system view) 12

mac-address timer 13

snmp-agent trap enable mac-address· 14

Ethernet link aggregation commands· 16

bandwidth· 16

default 16

description· 17

display interface· 17

display lacp system-id· 20

display link-aggregation load-sharing mode· 21

display link-aggregation member-port 22

display link-aggregation summary· 24

display link-aggregation verbose· 25

interface bridge-aggregation· 28

lacp mode· 29

lacp period short 29

lacp system-priority· 30

link-aggregation global load-sharing mode· 30

link-aggregation lacp traffic-redirect-notification enable· 31

link-aggregation load-sharing mode· 32

link-aggregation load-sharing mode local-first 32

link-aggregation mode· 33

link-aggregation port-priority· 34

link-aggregation selected-port maximum·· 34

link-aggregation selected-port minimum·· 35

port link-aggregation group· 36

reset counters interface· 37

reset lacp statistics· 38

shutdown· 38

VLAN commands· 40

Basic VLAN commands· 40

bandwidth· 40

default 40

description· 41

display interface vlan-interface· 42

display vlan· 45

display vlan brief 47

interface vlan-interface· 47

mtu· 48

name· 49

reset counters interface vlan-interface· 50

service· 50

service standby· 51

shutdown· 52

vlan· 53

Port-based VLAN commands· 54

display port 54

port 55

port access vlan· 55

port hybrid pvid· 56

port hybrid vlan· 57

port link-type· 58

port trunk permit vlan· 58

port trunk pvid· 59

VLAN group commands· 60

display vlan-group· 60

vlan-group· 61

vlan-list 62

Loop detection commands· 63

display loopback-detection· 63

loopback-detection action· 64

loopback-detection enable· 65

loopback-detection global action· 65

loopback-detection global enable· 66

loopback-detection interval-time· 67

Spanning tree commands· 68

active region-configuration· 68

check region-configuration· 68

display stp· 70

display stp abnormal-port 76

display stp bpdu-statistics· 77

display stp down-port 80

display stp history· 80

display stp region-configuration· 82

display stp root 83

display stp tc· 84

instance· 85

region-name· 86

reset stp· 87

revision-level 87

snmp-agent trap enable stp· 88

stp bpdu-protection· 89

stp bridge-diameter 89

stp compliance· 90

stp config-digest-snooping· 91

stp cost 92

stp edged-port 93

stp enable· 94

stp global config-digest-snooping· 95

stp global enable· 96

stp global mcheck· 96

stp ignore-pvid-inconsistency· 97

stp loop-protection· 98

stp max-hops· 98

stp mcheck· 99

stp mode· 100

stp no-agreement-check· 101

stp pathcost-standard· 101

stp point-to-point 102

stp port priority· 103

stp port-log· 104

stp priority· 105

stp pvst-bpdu-protection· 106

stp region-configuration· 107

stp role-restriction· 107

stp root primary· 108

stp root secondary· 109

stp root-protection· 110

stp tc-protection· 110

stp tc-protection threshold· 111

stp tc-restriction· 112

stp tc-snooping· 112

stp timer forward-delay· 113

stp timer hello· 114

stp timer max-age· 115

stp timer-factor 116

stp transmit-limit 116

stp vlan enable· 117

vlan-mapping modulo· 118

LLDP commands· 120

display lldp local-information· 120

display lldp neighbor-information· 126

display lldp statistics· 137

display lldp status· 139

display lldp tlv-config· 142

lldp admin-status· 145

lldp check-change-interval 146

lldp enable· 147

lldp encapsulation snap· 147

lldp fast-count 148

lldp global enable· 148

lldp hold-multiplier 149

lldp ignore-pvid-inconsistency· 150

lldp management-address-format string· 150

lldp max-credit 151

lldp mode· 152

lldp notification med-topology-change enable· 152

lldp notification remote-change enable· 153

lldp timer fast-interval 154

lldp timer notification-interval 154

lldp timer reinit-delay· 155

lldp timer tx-interval 155

lldp tlv-enable· 156

Layer 2 forwarding commands· 161

Normal Layer 2 forwarding commands· 161

display mac-forwarding statistics· 161

reset mac-forwarding statistics· 163

Fast Layer 2 forwarding commands· 163

display mac-forwarding cache ip· 163

display mac-forwarding cache ip fragment 164

display mac-forwarding cache ipv6· 165

VLAN termination commands· 167

second-dot1q· 167

vlan-termination broadcast enable· 169

vlan-type dot1q default 170

vlan-type dot1q untagged· 170

vlan-type dot1q vid· 171

vlan-type dot1q vid second-dot1q· 172

Port isolation commands· 174

display port-isolate group· 174

port-isolate enable· 174

Index· 176

 


MAC address table commands

The WX1800H series access controllers do not support the slot keyword or the slot-number argument.

This document covers the configuration of MAC address entries, including static, dynamic, and blackhole MAC address entries.

display mac-address

Use display mac-address to display MAC address entries.

Syntax

display mac-address [ mac-address [ vlan vlan-id ] | [ [ dynamic | static ] [ interface interface-type interface-number ] | blackhole ] [ vlan vlan-id ] [ count ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

mac-address: Specifies a MAC address in the format of H-H-H. When entering a MAC address, you can omit the leading zeros in each H section. For example, enter f-e2-1 for 000f-00e2-0001.

vlan vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094.

dynamic: Displays dynamic MAC address entries.

static: Displays static MAC address entries.

interface interface-type interface-number: Specifies an interface by its type and number.

blackhole: Displays blackhole MAC address entries.

count: Displays only the number of MAC address entries that match all entry attributes you specify in the command. Detailed information about MAC address entries is not displayed. For example, you can use the display mac-address vlan 20 dynamic count command to display the number of dynamic entries for VLAN 20. If you do not specify an entry attribute, the command displays the number of entries in the MAC address table. If you do not specify this keyword, the command displays detailed information about the specified MAC address entries.

Usage guidelines

A MAC address entry includes a destination MAC address, an outgoing interface, and a VLAN ID.

If you do not specify any parameters, the command displays all MAC address entries.

This command displays dynamic MAC address entries for an aggregate interface only when the aggregate interface has a minimum of one Selected member port.

Examples

# Display MAC address entries for VLAN 100.

<Sysname> display mac-address vlan 100

MAC Address      VLAN ID    State            Port/NickName            Aging

0033-0033-0033   100        Blackhole        N/A                      N

0000-0000-0002   100        Static           GE1/0/3                  N

00e0-fc00-5829   100        Learned          GE1/0/4                  Y

# Display the number of MAC address entries.

<Sysname> display mac-address count

1 mac address(es) found.

Table 1 Command output

Field

Description

VLAN ID

ID of the VLAN to which the outgoing interface of the MAC address entry belongs.

State

MAC address entry state:

·         StaticStatic MAC address entry.

·         LearnedDynamic MAC address entry. Dynamic entries can be learned or manually configured.

·         BlackholeBlackhole MAC address entry.

Port/NickName

The outgoing interface for packets that are destined for the MAC address. This field displays N/A for a blackhole MAC address entry.

Aging

Whether the entry can age out:

·         Y—The entry can age out.

·         N—The entry never ages out.

mac address(es) found

Number of matching MAC address entries.

 

Related commands

·          mac-address

·          mac-address timer

display mac-address aging-time

Use display mac-address aging-time to display the aging timer for dynamic MAC address entries.

Syntax

display mac-address aging-time

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the aging timer for dynamic MAC address entries.

<Sysname> display mac-address aging-time

MAC address aging time: 300s.

Related commands

mac-address timer

display mac-address mac-learning

Use display mac-address mac-learning to display the global MAC address learning status and the MAC learning status of the specified interface or all interfaces.

Syntax

display mac-address mac-learning [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, the command displays the global MAC address learning status and the MAC address learning status of all interfaces.

Examples

# Display the global MAC address learning status and the MAC learning status of all interfaces.

<Sysname> display mac-address mac-learning

Global MAC address learning status: Enabled.

 

Port                         Learning Status

GE1/0/1                      Enabled

GE1/0/2                      Enabled

GE1/0/3                      Enabled

GE1/0/4                      Enabled

Table 2 Command output

Field

Description

Global MAC address learning status

Global MAC address learning status:

·         Enabled.

·         Disabled.

Learning Status

MAC address learning status of an interface:

·         Enabled.

·         Disabled.

 

Related commands

mac-address mac-learning enable

display mac-address mac-move

Use display mac-address mac-move to display the MAC address move records after the device is started.

Syntax

display mac-address mac-move [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, the command displays MAC address move records for all IRF member devices.

Usage guidelines

When a MAC address frequently moves between the specified two interfaces, Layer 2 loops might occur in the network. To discover and locate loops, you can view the MAC address move records.

·          In the MAC address move records, records with the same MAC address, VLAN, source port, and current port are considered to be one record.

·          A device can save a maximum of 20 MAC address move records. When the number of MAC address move records exceeds 20, the most recent record will override the oldest record based on the last MAC address move time. (IRF-incapable devices.)

·          An IRF member device can save a maximum of 20 MAC address move records. When the number of MAC address move records exceeds 20, the most recent record will override the oldest record based on the last MAC address move time. (IRF-capable devices.)

Examples

# Display the MAC address move records on IRF member device 1.

<Sysname> display mac-address mac-move slot 1

MAC address    VLAN Current port   Source port    Last time           Times

0000-0001-002c 1    GE1/0/1        GE1/0/2        2013-05-20 13:40:52 1

0000-0001-002c 1    GE1/0/2        GE1/0/1        2013-05-20 13:41:30 1

---  2 MAC address moving records found  ---

Table 3 Command output

Field

Description

VLAN

VLAN to which the outgoing interface of the MAC address entry belongs.

Current port

Interface to which the MAC address was moved.

Source port

Interface from which the MAC address was moved.

Last time

Last time when the MAC address was moved.

Times

Number of MAC address moves after the device is started. For a MAC address record, the number of MAC address moves is increased by 1 when a new MAC address move has the same MAC address, VLAN, Current Port, and Source Port fields as the MAC address record.

 

Related commands

mac-address notification mac-move

mac-address (interface view)

Use mac-address to add or modify a MAC address entry on an interface.

Use undo mac-address to delete a MAC address entry on an interface.

Syntax

mac-address { dynamic | static } mac-address vlan vlan-id

undo mac-address { dynamic | static } mac-address vlan vlan-id

Default

An interface is not configured with MAC address entries.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

dynamic: Specifies dynamic MAC address entries.

static: Specifies static MAC address entries.

mac-address: Specifies a MAC address in the format of H-H-H, excluding multicast, all-zero, and all-F MAC addresses. When entering a MAC address, you can omit the leading zeros in each H section. For example, enter f-e2-1 for 000f-00e2-0001.

vlan vlan-id: Specifies an existing VLAN to which the specified interface belongs. The value range for the vlan-id argument is 1 to 4094.

Usage guidelines

Typically, the device automatically builds the MAC address table by learning the source MAC addresses of incoming frames on each interface. However, you can manually configure static MAC address entries. For a MAC address, a manually configured static entry takes precedence over a dynamically learned entry. To improve the security for the user device connected to an interface, manually configure a static entry to bind the user device to the interface. Then, the frames destined for the user device (for example, Host A) are always sent out of the interface. Other hosts using the forged MAC address of Host A cannot obtain the frames destined for Host A.

The MAC address entry configuration cannot survive a reboot unless you save it. The dynamic MAC address entries, however, are lost upon reboot whether or not you save the configuration.

Examples

# Add a static entry for MAC address 000f-e201-0101 on interface GigabitEthernet 1/0/1 that belongs to VLAN 2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] mac-address static 000f-e201-0101 vlan 2

# Add a static entry for MAC address 000f-e201-0101 on Layer 2 aggregate interface Bridge-Aggregation 1 that belongs to VLAN 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] mac-address static 000f-e201-0102 vlan 1

Related commands

·          display mac-address

·          mac-address (system view)

mac-address (system view)

Use mac-address to add or modify a MAC address entry.

Use undo mac-address to delete one or all MAC address entries.

Syntax

mac-address { dynamic | static } mac-address interface interface-type interface-number vlan vlan-id

mac-address blackhole mac-address vlan vlan-id

undo mac-address [ [ dynamic | static ] mac-address interface interface-type interface-number vlan vlan-id ]

undo mac-address [ blackhole | dynamic | static ] [ mac-address ] vlan vlan-id

undo mac-address [ dynamic | static ] interface interface-type interface-number

Default

The system is not configured with MAC address entries.

Views

System view

Predefined user roles

network-admin

Parameters

dynamic: Specifies dynamic MAC address entries.

static: Specifies static MAC address entries.

blackhole: Specifies blackhole MAC address entries. Packets whose destination MAC addresses match blackhole MAC address entries are dropped.

mac-address: Specifies a MAC address in the format of H-H-H, excluding multicast, all-zero, and all-F MAC addresses. When entering a MAC address, you can omit the leading zeros in each H section. For example, enter f-e2-1 for 000f-00e2-0001.

vlan vlan-id: Specifies an existing VLAN to which the interface belongs. The value range for the vlan-id argument is 1 to 4094.

interface interface-type interface-number: Specifies an outgoing interface by its type and number.

Usage guidelines

Typically, the device automatically builds the MAC address table by learning the source MAC addresses of incoming frames on each interface. However, you can manually configure static MAC address entries. For a MAC address, a manually configured static entry takes precedence over a dynamically learned entry. To improve the security for the user device connected to an interface, manually configure a static entry to bind the user device to the interface. Then, the frames destined for the user device (for example, Host A) are always sent out of the interface. Other hosts using the forged MAC address of Host A cannot obtain the frames destined for Host A.

To drop frames with the specified destination MAC addresses, you can configure blackhole MAC address entries.

A static or blackhole MAC address entry can overwrite a dynamic MAC address entry, but not vice versa.

If you execute the undo mac-address command without specifying any parameters, this command deletes all MAC address entries.

You can delete all the MAC address entries of the specified VLAN. You can also delete only one type (dynamic, static, or blackhole) of MAC address entries. You can single out an interface and delete the corresponding MAC address entries.

The MAC address entry configuration cannot survive a reboot unless you save it. The dynamic MAC address entries, however, are lost upon reboot whether or not you save the configuration.

Examples

# Add a static entry for MAC address 000f-e201-0101. Then, all frames that are destined for this MAC address are sent out of interface GigabitEthernet 1/0/1, which belongs to VLAN 2.

<Sysname> system-view

[Sysname] mac-address static 000f-e201-0101 interface gigabitethernet 1/0/1 vlan 2

Related commands

·          display mac-address

·          mac-address (interface view)

mac-address mac-learning enable

Use mac-address mac-learning enable to enable MAC address learning globally or on an interface.

Use undo mac-address mac-learning enable to disable MAC address learning globally or on an interface.

Syntax

mac-address mac-learning enable

undo mac-address mac-learning enable

Default

MAC address learning is enabled.

Views

System view

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Usage guidelines

To prevent the MAC address table from becoming saturated, you can disable MAC address learning.

For example, a number of packets with different source MAC addresses reaching a device can affect the MAC address table update. To avoid such attacks, you can disable MAC address learning by following these guidelines:

·          You can disable MAC address learning on a per-interface basis. If you disable MAC address learning globally, MAC address learning is disabled for all interfaces. The device then stops learning MAC addresses and cannot dynamically update the MAC address table.

·          Because disabling MAC address learning can result in broadcast storms, enable broadcast storm suppression after you disable MAC address learning on an interface. For more information about broadcast storm suppression, see Interface Configuration Guide.

·          With MAC address learning enabled globally, you can disable MAC address learning for an interface.

After MAC address learning is disabled, existing dynamic MAC address entries will age out.

Examples

# Disable MAC address learning globally.

<Sysname> system-view

[Sysname] undo mac-address mac-learning enable

# Disable MAC address learning on interface GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] undo mac-address mac-learning enable

# Disable MAC address learning on interface Bridge-Aggregation 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] undo mac-address mac-learning enable

Related commands

display mac-address mac-learning

mac-address mac-learning priority

Use mac-address mac-learning priority to assign MAC learning priority to an interface.

Use undo mac-address mac-learning priority to restore the default.

Syntax

mac-address mac-learning priority { high | low }

undo mac-address mac-learning priority

Default

Low MAC address learning priority is used.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

high: Assigns high MAC learning priority.

low: Assigns low MAC learning priority.

Usage guidelines

The MAC address learning priority values can be high and low. An interface with high MAC address learning priority can learn any MAC address. An interface with low MAC address learning priority can learn only the MAC addresses that have not been learned by high-priority interfaces.

The MAC learning priority mechanism can help defend your network against MAC address spoofing attacks. To prevent the downlink interface from learning the MAC address of an upper layer device (for example, the gateway), you can perform the following tasks:

·          Assign high MAC learning priority to an uplink interface.

·          Assign low MAC learning priority to a downlink interface.

Examples

# Assign high MAC learning priority to interface GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] mac-address mac-learning priority high

# Assign high MAC learning priority to interface Bridge-Aggregation 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] mac-address mac-learning priority high

mac-address max-mac-count

Use mac-address max-mac-count to set the MAC learning limit on an interface.

Use undo mac-address max-mac-count to restore the default.

Syntax

mac-address max-mac-count count

undo mac-address max-mac-count

Default

The MAC learning limit is the device-specific maximum value for the count argument.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

count: Sets the maximum number of MAC addresses that can be learned on an interface. When the argument is set to 0, the interface is not allowed to learn MAC addresses.

The following matrix shows the value ranges for the count argument:

 

Hardware series

Model

Value range

WX1800H series

WX1804H

0 to 512

WX1810H

0 to 2048

WX1820H

0 to 2048

WX1840H

0 to 2560

WX3800H series

WX3820H

0 to 32768

WX3840H

0 to 40960

WX5800H series

WX5860H

0 to 32768

 

Usage guidelines

This command limits the number of MAC address entries to limit the MAC address table size. A large MAC address table will degrade forwarding performance. When the number of MAC address entries learned by an interface reaches the limit, the interface stops learning MAC address entries.

Examples

# Configure interface GigabitEthernet 1/0/1 to learn a maximum of 600 MAC address entries.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] mac-address max-mac-count 600

Related commands

·          mac-address

·          mac-address max-mac-count enable-forwarding

mac-address max-mac-count enable-forwarding

Use mac-address max-mac-count enable-forwarding to enable the device to forward unknown frames received on an interface after the MAC learning limit on the interface is reached.

Use undo mac-address max-mac-count enable-forwarding to disable the device from forwarding unknown frames received on an interface after the MAC learning limit on the interface is reached.

Syntax

mac-address max-mac-count enable-forwarding

undo mac-address max-mac-count enable-forwarding

Default

When the MAC learning limit on an interface is reached, the device can forward unknown frames received on the interface.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Usage guidelines

In this document, unknown frames refer to frames whose source MAC addresses are not in the MAC address table.

Examples

# Configure GigabitEthernet 1/0/1 to learn a maximum of 600 MAC address entries.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] mac-address max-mac-count 600

# Disable the device from forwarding unknown frames received on GigabitEthernet 1/0/1 after the MAC learning limit on GigabitEthernet 1/0/1 is reached.

[Sysname-GigabitEthernet1/0/1] undo mac-address max-mac-count enable-forwarding

Related commands

·          mac-address

·          mac-address max-mac-count

mac-address notification mac-move

Use mac-address notification mac-move to enable MAC address move notifications and optionally specify a MAC move detection interval.

Use undo mac-address notification mac-move to restore the default.

Syntax

mac-address notification mac-move [ interval interval-value ]

undo mac-address notification mac-move

Default

MAC address move notifications are disabled.

Views

System view

Predefined user roles

network-admin

Parameters

interval interval-value: Sets the interval for detecting MAC address moves, in the range of 1 to 60 minutes. If you do not specify this option, the default setting of 1 minute is used.

Usage guidelines

With MAC address move notifications enabled, the system displays the MAC address move logs when it detects MAC address moves. Each record of the MAC address move logs contains the following information:

·          MAC address.

·          VLAN ID of the MAC address entry.

·          Current port and source port of the MAC address moves.

·          Number of MAC address moves within a detection interval.

A MAC address can only have one MAC address move record.

After you execute this command, the system sends only syslog messages to the information center module. If the snmp-agent trap enable mac-address command is also executed, the system also sends SNMP notifications to the SNMP module.

Within a detection interval, the device can generate a maximum of 20 MAC address move records. The device deletes MAC address move records of other MAC addresses when the limit is exceeded. In the next detection interval, a new MAC address move record will overwrite the earliest one generated in the previous detection interval. (IRF-incapable devices.)

Within a detection interval, an IRF member device can generate a maximum of 20 MAC address move records. The device deletes MAC address move records of other MAC addresses when the limit is exceeded. In the next detection interval, a new MAC address move record will overwrite the earliest one generated in the previous detection interval. (IRF-capable devices.)

Examples

# Enable MAC address move notifications.

<Sysname> system-view

[Sysname] mac-address notification mac-move

[Sysname]

%May 14 17:16:45:688 2013 Sysname MAC/4/MAC_FLAPPING: MAC address 0000-0012-0034 in VLAN 500 has moved from port GE1/0/1 to port GE1/0/2 for 1 times

The output shows that:

·          The VLAN ID of MAC address 0000-0012-0034 is VLAN 500.

·          The MAC address moved from port GigabitEthernet 1/0/1 to port GigabitEthernet 1/0/2.

·          The MAC address has moved once within a MAC move detection interval.

Related commands

display mac-address mac-move

mac-address notification mac-move suppression (interface view)

Use mac-address notification mac-move suppression to enable MAC address move suppression on an interface.

Use undo mac-address notification mac-move suppression to restore the default.

Syntax

mac-address notification mac-move suppression

undo mac-address notification mac-move suppression

Default

MAC address moves are not suppressed.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

This feature shuts an interface down when a MAC address has been moved to or from the interface more than the suppression threshold within a MAC move detection interval. The shutdown interface automatically goes up after a suppression interval. Also, you can use the shutdown command and then the undo shutdown command to bring up the interface.

When MAC address move suppression shuts an interface down, the system sends only syslog messages to the information center module. If the snmp-agent trap enable mac-address command is also executed, the system also sends SNMP notifications to the SNMP module.

Examples

# Enable MAC address move suppression on GigabitEthernet 1/0/1.

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] mac-address notification mac-move suppression

Related commands

mac-address notification mac-move suppression (system view)

mac-address notification mac-move suppression (system view)

Use mac-address notification mac-move suppression to set the suppression interval or the suppression threshold.

Use undo mac-address notification mac-move suppression to restore the default.

Syntax

mac-address notification mac-move suppression { interval interval-value | threshold threshold-value }

undo mac-address notification mac-move suppression { interval | threshold }

Default

The suppression interval is 30 seconds. The suppression threshold is 3.

Views

System view

Predefined user roles

network-admin

Parameters

interval interval-value: Sets the MAC address move suppression interval during which a suppressed interface stays down. The value range for the interval-value argument is 30 to 86400 seconds. If you do not specify this option, the default suppression interval of 30 seconds is used.

threshold threshold-value: Sets the suppression threshold for MAC address moves sourced from or destined for an interface within a MAC move detection interval. The value range for this argument is 0 to 1024. If you do not specify this option, the default suppression threshold of 3 is used.

Usage guidelines

For this command to take effect on an interface, you must also enable MAC address move suppression on the interface.

If you set the suppression interval or suppression threshold multiple times, the most recent configuration applies. The suppression interval setting is independent of the suppression threshold setting.

Examples

# Set the suppression interval to 40 seconds and the suppression threshold to 1 for MAC address moves.

<Sysname> system-view

[Sysname] mac-address notification mac-move suppression interval 40

[Sysname] mac-address notification mac-move suppression threshold 1

Related commands

mac-address notification mac-move suppression (interface view)

mac-address timer

Use mac-address timer to set the aging timer for dynamic MAC address entries.

Use undo mac-address timer to restore the default.

Syntax

mac-address timer { aging seconds | no-aging }

undo mac-address timer

Default

The aging timer is 300 seconds for dynamic MAC address entries.

Views

System view

Predefined user roles

network-admin

Parameters

aging seconds: Sets an aging timer (in seconds) for dynamic MAC address entries.

The following matrix shows the value ranges for the seconds argument:

 

Hardware series

Model

Value range

WX1800H series

WX1804H

100 to 630

WX1810H

10 to 630

WX1820H

10 to 630

WX1840H

10 to 1400

WX3800H series

WX3820H

WX3840H

100 to 1400

WX5800H series

WX5860H

100 to 1400

 

no-aging: Configures dynamic MAC address entries not to age.

Usage guidelines

To set the aging timer appropriately, follow these guidelines:

·          A long aging interval causes the MAC address table to retain outdated entries and fail to accommodate the most recent network changes.

·          A short aging interval results in removal of valid entries. Then, unnecessary broadcast packets appear and affect device performance.

Examples

# Set the aging time to 500 seconds for dynamic MAC address entries.

<Sysname> system-view

[Sysname] mac-address timer aging 500

Related commands

display mac-address aging-time

snmp-agent trap enable mac-address

Use snmp-agent trap enable mac-address to enable SNMP notifications for the MAC address table.

Use undo snmp-agent trap enable mac-address to disable SNMP notifications for the MAC address table.

Syntax

snmp-agent trap enable mac-address [ mac-move ]

undo snmp-agent trap enable mac-address [ mac-move ]

Default

SNMP notifications are enabled for the MAC address table.

Views

System view

Predefined user roles

network-admin

Parameters

mac-move: Enables SNMP notifications about the MAC address moves for the MAC address table. If you do not specify this keyword, the command enables all types of SNMP notifications for the MAC address table.

Usage guidelines

When SNMP notifications are disabled for the MAC address table, MAC address moves are reported only in syslog messages.

The MAC address table supports only SNMP notifications about MAC address moves. When you enable or disable SNMP notifications about MAC address moves, you enable or disable all types of SNMP notifications for the MAC address table.

Examples

# Disable SNMP notifications about MAC address moves for the MAC address table.

<Sysname> system-view

[Sysname] undo snmp-agent trap enable mac-address mac-move

Related commands

mac-address notification mac-move


Ethernet link aggregation commands

bandwidth

Use bandwidth to set the expected bandwidth for an interface.

Use undo bandwidth to restore the default.

Syntax

bandwidth bandwidth-value

undo bandwidth

Default

The expected bandwidth (in kbps) is the interface baud rate divided by 1000.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.

Usage guidelines

The expected bandwidth is an informational parameter used only by higher-layer protocols for calculation. You cannot adjust the actual bandwidth of an interface by using this command.

Examples

# Set the expected bandwidth to 10000 kbps for Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] bandwidth 10000

default

Use default to restore the default settings for an aggregate interface.

Syntax

default

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

CAUTION

CAUTION:

The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you execute it on a live network.

 

This command might fail to restore the default settings for some commands for reasons such as command dependencies and system restrictions. Use the display this command in interface view to identify these commands, and then use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.

Examples

# Restore the default settings for Layer 2 aggregate interface 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] default

description

Use description to set a description for an interface.

Use undo description to restore the default.

Syntax

description text

undo description

Default

The description of an interface is interface-name Interface. For example, the default description of Bridge-Aggregation 1 is Bridge-Aggregation1 Interface.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

text: Specifies the interface description, a string of 1 to 255 characters.

Examples

# Set the description to connect to the lab for Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] description connect to the lab

display interface

Use display interface to display aggregate interface information.

Syntax

display interface bridge-aggregation [ interface-number ] [ brief [ description | down ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

bridge-aggregation: Specifies Layer 2 aggregate interfaces.

interface-number: Specifies an existing aggregate interface number.

brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.

description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of each interface description.

down: Displays information about interfaces in down state and the causes for the down state. If you do not specify this keyword, the command displays information about interfaces in all states.

Usage guidelines

If you do not specify the interface-number argument, the command displays information about all Layer 2 aggregate interfaces.

If you specify the bridge-aggregation interface-number option, the command displays information about the specified aggregate interface.

Examples

# Display detailed information about Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> display interface bridge-aggregation 1

Bridge-Aggregation1

Current state: UP

IP packet frame type: PKTFMT_ETHNT_2, hardware address: 000f-e207-f2e0

Description: Bridge-Aggregation1 Interface

Bandwidth: 1000kbps

2Gbps-speed mode, full-duplex mode

Link speed type is autonegotiation, link duplex type is autonegotiation

PVID: 1

Port link-type: Access

 Tagged VLANs:   None

 UnTagged VLANs: 1

Last clearing of counters:  Never

Last 300 second input:  6900 packets/sec 885160 bytes/sec    0%

Last 300 second output:  3150 packets/sec 404430 bytes/sec    0%

Input (total):  5364747 packets, 686688416 bytes

         2682273 unicasts, 1341137 broadcasts, 1341337 multicasts, 0 pauses

Input (normal):  5364747 packets, 686688416 bytes

         2682273 unicasts, 1341137 broadcasts, 1341337 multicasts, 0 pauses

Input:  0 input errors, 0 runts, 0 giants, 0 throttles

         0 CRC, 0 frame, 0 overruns, - aborts

         - ignored, - parity errors

Output (total): 1042508 packets, 133441832 bytes

         1042306 unicasts, 0 broadcasts, 202 multicasts, - pauses

Output (normal): 1042508 packets, 133441832 bytes

         1042306 unicasts, 0 broadcasts, 202 multicasts, 0 pauses

Output: 0 output errors, - underruns, - buffer failures

         0 aborts, 0 deferred, 0 collisions, 0 late collisions

         - lost carrier, - no carrier

# Display brief information about Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> display interface bridge-aggregation 1 brief

Brief information on interfaces in bridge mode:

Link: ADM - administratively down; Stby - standby

Speed: (a) – auto

Duplex: (a)/A - auto; H - half; F - full

Type: A - access; T - trunk; H - hybrid

Interface            Link Speed   Duplex Type PVID Description

BAGG1                UP   auto    A      A    1

Table 4 Command output

Field

Description

Bridge-Aggregation1

Layer 2 aggregate interface name.

Current state

Layer 2 aggregate interface status:

·         DOWN (Administratively down)—The interface is administratively shut down with the shutdown command.

·         DOWN—The interface is administratively up but physically down (possibly because no physical link exists or the link has failed).

·         UP—The interface is both administratively and physically up.

IP packet frame type

IPv4 packet frame format.

The value PKTFMT_ETHNT_2 indicates that packets are encapsulated in Ethernet II format.

Bandwidth

Expected bandwidth of the interface. This field is not displayed when the bandwidth is 0 kbps.

Unknown-speed mode, unknown-duplex mode

The interface speed and duplex mode are unknown.

Port link-type

Port link type:

·         Access.

·         Trunk.

·         Hybrid.

Tagged VLANs

VLAN whose packets are sent out of this interface with a tag.

Untagged VLANs

VLAN whose packets are sent out of this interface without a tag.

Last clearing of counters

Time when the reset counters interface command was last used to clear the interface statistics. This field displays Never if the reset counters interface command has never been used on the interface since device startup.

Last 300 second input/output rate

Average input or output rate over the last 300 seconds.

Input/Output (total)

Statistics of all packets received or sent on the interface.

Input/Output (normal)

Statistics of all normal packets received or sent on the interface.

Brief information on interfaces in bridge mode

Brief information about Layer 2 interfaces.

Link: ADM - administratively down; Stby - standby

Link status:

·         ADM—The interface has been administratively shut down. To recover its physical layer state, use the undo shutdown command.

·         Stby—The interface is operating as a backup interface.

Speed: (a) - auto

If the speed of an interface is automatically negotiated, the speed attribute of the interface includes the autonegotiation flag (the letter a in parentheses).

If an interface is configured to autonegotiate its speed but the autonegotiation has not started, its speed attribute is displayed as auto.

Duplex: (a)/A - auto; H - half; F - full

If the duplex mode of an interface is automatically negotiated, the duplex mode attribute of the interface includes the letter a in parentheses. H indicates the half duplex mode. F indicates the full duplex mode.

If an interface is configured to autonegotiate its duplex mode but the autonegotiation has not started, its duplex mode attribute is displayed as A.

Type: A - access; T - trunk; H - hybrid

Port link type options for interfaces.

Interface

Abbreviated interface name.

Link

Physical link state of the interface:

·         UP—The interface is physically up.

·         DOWN—The interface is physically down.

·         ADM—The interface has been administratively shut down. To bring up the interface, use the undo shutdown command.

·         Stby—The interface is operating as a backup interface.

Speed

Interface speed, in bps.

Description

Partial or complete interface description set by using the description command.

·         If you do not specify the description keyword in the display interface brief command, this field displays the first 27 characters of the description.

·         If you specify the description keyword in the display interface brief command, this field displays the complete description.

 

display lacp system-id

Use display lacp system-id to display the local system ID.

Syntax

display lacp system-id

Views

Any view

Predefined user roles

network-admin

network-operator

Usage guidelines

You can use the lacp system-priority command to change the LACP priority of the local system. The LACP priority value is specified in decimal format in the lacp system-priority command. However, it is displayed in hexadecimal format in the output from the display lacp system-id command.

Examples

# Display the local system ID.

<Sysname> display lacp system-id

Actor System ID: 0x8000, 0000-fc00-6504

Table 5 Command output

Field

Description

Actor System ID: 0x8000, 0000-fc00-6504

Local system ID, which contains the system LACP priority (0x8000 in this sample output) and the system MAC address (0000-FC00-6504 in this sample output).

 

Related commands

lacp system-priority

display link-aggregation load-sharing mode

Use display link-aggregation load-sharing mode to display global or group-specific link-aggregation load sharing modes.

Syntax

display link-aggregation load-sharing mode [ interface [ bridge-aggregation interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

bridge-aggregation: Specifies Layer 2 aggregate interfaces.

interface-number: Specifies an existing aggregate interface number.

Usage guidelines

If you do not specify the interface keyword, the command displays the global link-aggregation load sharing modes.

If you specify the interface keyword, but do not specify an interface, the command displays all group-specific load sharing modes.

The bridge-aggregation keyword is available only when Layer 2 aggregate interfaces exist on the device.

Examples

# Display the default global link-aggregation load sharing modes.

<Sysname> display link-aggregation load-sharing mode

Link-aggregation load-sharing mode:

Layer 2 traffic: packet type-based sharing

# Display the set global link-aggregation load sharing mode.

<Sysname> display link-aggregation load-sharing mode

Link-aggregation load-sharing mode:

destination-mac address, source-mac address

# Display the default link-aggregation load sharing modes of Layer 2 aggregation group 1.

<Sysname> display link-aggregation load-sharing mode interface bridge-aggregation 1

Bridge-Aggregation1 load-sharing mode:

Layer 2 traffic: packet type-based sharing

# Display the set link-aggregation load sharing mode of Layer 2 aggregation group 1.

<Sysname> display link-aggregation load-sharing mode interface bridge-aggregation 1

Bridge-Aggregation1 load-sharing mode:

destination-mac address, source-mac address

Table 6 Command output

Field

Description

Link-aggregation load-sharing mode

Global link-aggregation load sharing mode.

By default, this field displays the link-aggregation load sharing modes for Layer 2 traffic.

If you have set the global link-aggregation load sharing mode, this field displays the set mode.

Bridge-Aggregation1 load-sharing mode

Link-aggregation load sharing mode of Layer 2 aggregation group 1.

By default, this field displays the global link-aggregation load sharing modes.

If you have set a link-aggregation load sharing mode for this aggregation group, this field displays the set mode.

Layer 2 traffic: destination-mac address, source-mac address

Default link-aggregation load sharing mode for Layer 2 traffic. In this sample output, Layer 2 traffic is load shared based on source and destination MAC addresses.

Layer 2 traffic: packet type-based sharing

Default link-aggregation load sharing mode for Layer 2 traffic. In this sample output, the system automatically selects a load sharing mode for Layer 2 traffic.

destination-mac address, source-mac address

User-configured link-aggregation load sharing mode. In this sample output, traffic is load shared based on source and destination MAC addresses.

 

display link-aggregation member-port

Use display link-aggregation member-port to display detailed link aggregation information for the specified member ports.

Syntax

display link-aggregation member-port [ interface-list ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface-list: Specifies a list of link aggregation member ports, in the format interface-type interface-number [ to interface-type interface-number ]. The interface-type interface-number argument specifies an interface by its type and number.

Usage guidelines

A member port in a static aggregation group cannot obtain information about the peer group. For such member ports, the command displays the port number, port priority, and operational key of only the local end.

Examples

# Display detailed link aggregation information for GigabitEthernet 1/0/1, which is a member port of a static aggregation group.

<Sysname> display link-aggregation member-port gigabitethernet 1/0/1

Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

       D -- Synchronization, E -- Collecting, F -- Distributing,

       G -- Defaulted, H -- Expired

 

GigabitEthernet1/0/1:

Aggregate Interface: Bridge-Aggregation1

Port Number: 1

Port Priority: 32768

Oper-Key: 1

# Display detailed link aggregation information for GigabitEthernet 1/0/2, which is a member port of a dynamic aggregation group.

<Sysname> display link-aggregation member-port gigabitethernet 1/0/2

Flags: A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

       D -- Synchronization, E -- Collecting, F -- Distributing,

       G -- Defaulted, H -- Expired

 

GigabitEthernet1/0/2:

Aggregate Interface: Bridge-Aggregation1

Local:

    Port Number: 2

    Port Priority: 32768

    Oper-Key: 2

    Flag: {ACDEF}

Remote:

    System ID: 0x8000, 000f-e267-6c6a

    Port Number: 26

    Port Priority: 32768

    Oper-Key: 2

    Flag: {ACDEF}

Received LACP Packets: 5 packet(s)

Illegal: 0 packet(s)

Sent LACP Packets: 7 packet(s)

Table 7 Command output

Field

Description

Flags

LACP state flags. This field is one byte long, represented by ABCDEFGH from the least significant bit to the most significant bit. A letter appears when its bit is 1 and does not appear when its bit is 0.

·         AIndicates whether LACP is active on the port. 1 indicates active. 0 indicates passive.

·         B—Indicates the LACP timeout interval. 1 indicates the short timeout interval. 0 indicates the long timeout interval.

·         C—Indicates whether the sending system considers that the link is aggregatable. 1 indicates yes. 0 indicates no.

·         D—Indicates whether the sending system considers that the link has been aggregated. 1 indicates yes. 0 indicates no.

·         E—Indicates whether the sending system considers that the link can collect frames. 1 indicates yes. 0 indicates no.

·         F—Indicates whether the sending system considers that the link can distribute frames. 1 indicates yes. 0 indicates no.

·         G—Indicates whether the RX state machine of the sending system is in default state. 1 indicates yes. 0 indicates no.

·         H—Indicates whether the RX state machine of the sending system is in expired state. 1 indicates yes. 0 indicates no.

Aggregate Interface

Aggregate interface to which the member port belongs.

Local

Information about the local end.

Oper-key

Operational key.

Flag

LACP protocol state flag.

Remote

Information about the peer end.

System ID

Peer system ID, containing the system LACP priority and the system MAC address.

Received LACP Packets

Total number of LACP packets received.

Illegal

Total number of illegal packets.

Sent LACP Packets

Total number of LACP packets sent.

 

display link-aggregation summary

Use display link-aggregation summary to display brief information about all aggregation groups.

Syntax

display link-aggregation summary

Views

Any view

Predefined user roles

network-admin

network-operator

Usage guidelines

Static link aggregation groups cannot obtain information about the peer groups. As a result, the Partner ID field displays None or nothing for a static link aggregation group.

Examples

# Display brief information about all aggregation groups.

<Sysname> display link-aggregation summary

Aggregate Interface Type:

BAGG -- Bridge-Aggregation, BLAGG –- Blade-Aggregation, RAGG -- Route-Aggregation, SCH-B – Schannel-Bundle

Aggregation Mode: S -- Static, D -- Dynamic

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Actor System ID: 0x8000, 000f-e267-6c6a

 

AGG        AGG   Partner ID              Selected  Unselected  Individual  Share

Interface  Mode                          Ports     Ports       Ports       Type

--------------------------------------------------------------------------------

BAGG2      D     0x8000, 000f-e267-6c6a   2         0           0           Shar

Table 8 Command output

Field

Description

Aggregate Interface Type

Aggregate interface type:

·         BAGG—Layer 2.

·         RAGG—Layer 3. The device does not support this type in the current software version.

·         BLAGGBlade. The device does not support this type in the current software version.

·         SCH-BS-channel bundle. The device does not support this type in the current software version.

Aggregation Mode

Aggregation group type:

·         S—Static.

·         D—Dynamic.

Loadsharing Type

Load sharing type:

·         Shar—Load-sharing.

·         NonS—Non-load-sharing.

Actor System ID

Local system ID, which contains the local system LACP priority and the local system MAC address.

AGG Interface

Type and number of the aggregate interface.

AGG Mode

Aggregation group type.

Partner ID

System ID of the peer system, which contains the peer system LACP priority and the peer system MAC address.

Selected Ports

Total number of Selected ports.

Unselected Ports

Total number of Unselected ports.

Individual Ports

Total number of Individual ports.

Share Type

Load sharing type.

 

display link-aggregation verbose

Use display link-aggregation verbose to display detailed information about the aggregation groups that correspond to the specified aggregate interfaces.

Syntax

display link-aggregation verbose [ bridge-aggregation [ interface-number ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

bridge-aggregation: Specifies Layer 2 aggregate interfaces.

interface-number: Specifies an existing aggregate interface by its number.

Usage guidelines

If you specify only the bridge-aggregation keyword, the command displays detailed information about all Layer 2 aggregation groups.

If you do not specify the bridge-aggregation keyword, the command displays detailed information about all aggregation groups.

The bridge-aggregation keyword is available only when Layer 2 aggregate interfaces exist on the device.

Examples

# Display detailed information about Layer 2 aggregation group 1, which is a dynamic aggregation group.

<Sysname> display link-aggregation verbose bridge-aggregation 1

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation1

Aggregation Mode: Dynamic

Loadsharing Type: Shar

System ID: 0x8000, 000f-e267-6c6a

Local:

  Port             Status  Priority Oper-Key  Flag

--------------------------------------------------------------------------------

  GE1/0/1          S       32768    2         {ACDEF}

  GE1/0/2          S       32768    2         {ACDEF}

  GE1/0/3          S       32768    2         {AG}

Remote:

  Actor            Partner Priority Oper-Key  SystemID               Flag

--------------------------------------------------------------------------------

  GE1/0/1          1       32768    2         0x8000, 000f-e267-57ad {ACDEF}

  GE1/0/2          2       32768    2         0x8000, 000f-e267-57ad {ACDEF}

  GE1/0/3          0       32768    0         0x8000, 0000-0000-0000 {DEF}

# Display detailed information about Layer 2 aggregation group 2, which is a static aggregation group.

<Sysname> display link-aggregation verbose bridge-aggregation 2

Loadsharing Type: Shar -- Loadsharing, NonS -- Non-Loadsharing

Port Status: S -- Selected, U -- Unselected, I -- Individual

Flags:  A -- LACP_Activity, B -- LACP_Timeout, C -- Aggregation,

        D -- Synchronization, E -- Collecting, F -- Distributing,

        G -- Defaulted, H -- Expired

 

Aggregate Interface: Bridge-Aggregation2

Aggregation Mode: Static

Loadsharing Type: Shar

  Port             Status  Priority Oper-Key

--------------------------------------------------------------------------------

  GE1/0/1          U       32768    1

  GE1/0/2          U       32768    1

  GE1/0/3          U       32768    1

Table 9 Command output

Field

Description

Loadsharing Type

Load sharing type:

·         Shar—Load-sharing.

·         NonS—Non-load-sharing.

Port Status

Port state: Selected, Unselected, or Individual.

Flags

LACP state flags. This field is one byte long, represented by ABCDEFGH from the least significant bit to the most significant bit. A letter appears when its bit is 1 and does not appear when its bit is 0.

·         AIndicates whether LACP is active on the port. 1 indicates active. 0 indicates passive.

·         B—Indicates the LACP timeout interval. 1 indicates the short timeout interval. 0 indicates the long timeout interval.

·         C—Indicates whether the sending system considers that the link is aggregatable. 1 indicates yes. 0 indicates no.

·         D—Indicates whether the sending system considers that the link has been aggregated. 1 indicates yes. 0 indicates no.

·         E—Indicates whether the sending system considers that the link can collect frames. 1 indicates yes. 0 indicates no.

·         F—Indicates whether the sending system considers that the link can distribute frames. 1 indicates yes. 0 indicates no.

·         G—Indicates whether the RX state machine of the sending system is in default state. 1 indicates yes. 0 indicates no.

·         H—Indicates whether the RX state machine of the sending system is in expired state. 1 indicates yes. 0 indicates no.

Aggregate Interface

Name of the aggregate interface.

Aggregation Mode

Aggregation group type:

·         S—Static.

·         D—Dynamic.

System ID

Local system ID, containing the local system LACP priority and the local system MAC address.

Local

Information about the local end:

·         Port—Port type and number.

·         Status—Port state, which can be Selected, Unselected, or Individual.

·         Priority—Port priority.

·         Oper-Key—Operational key.

·         Flag—LACP state flag.

NOTE:

For static aggregation groups, the Flag field is not displayed.

Remote

Information about the peer end:

·         ActorType and number of the local port.

·         PartnerIndex of the peer port.

·         Priority—Priority of the peer port.

·         Oper-Key—Operational key of the peer port.

·         System IDSystem ID of the peer end.

·         FlagLACP state flag of the peer end.

 

interface bridge-aggregation

Use interface bridge-aggregation to create a Layer 2 aggregate interface and enter Layer 2 aggregate interface view.

Use undo interface bridge-aggregation to delete a Layer 2 aggregate interface.

Syntax

interface bridge-aggregation interface-number

undo interface bridge-aggregation interface-number

Default

No Layer 2 aggregate interface is created.

Views

System view

Predefined user roles

network-admin

Parameters

interface-number: Specifies a Layer 2 aggregate interface number.

The following matrix shows the values or value ranges for the interface-number argument:

 

Hardware series

Model

Value/value range

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

1

WX3800H series

WX3820H

WX3840H

1 to 4

WX5800H series

WX5860H

1 to 6

 

Usage guidelines

When you create a Layer 2 aggregate interface, the system automatically creates a Layer 2 aggregation group with the same number. The aggregation group operates in static aggregation mode by default.

Deleting a Layer 2 aggregate interface also deletes the Layer 2 aggregation group. At the same time, the member ports of the aggregation group, if any, leave the aggregation group.

Examples

# Create Layer 2 aggregate interface Bridge-Aggregation 1, and enter its view.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1]

lacp mode

Use lacp mode passive to configure LACP to operate in passive mode on a port.

Use undo lacp mode to restore the default.

Syntax

lacp mode passive

undo lacp mode

Default

LACP is operating in active mode on a port.

Views

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Usage guidelines

When LACP is operating in passive mode on a local member port and its peer port, both ports cannot send LACPDUs. When LACP is operating in active mode on either end of a link, both ports can send LACPDUs.

This command takes effect only on member ports of dynamic aggregation groups.

Examples

# Configure LACP to operate in passive mode on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lacp mode passive

lacp period short

Use lacp period short to set the short LACP timeout interval (3 seconds) on an interface.

Use undo lacp period to restore the default.

Syntax

lacp period short

undo lacp period

Default

The LACP timeout interval is the long timeout interval (90 seconds).

Views

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Examples

# Set the short LACP timeout interval (3 seconds) on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lacp period short

lacp system-priority

Use lacp system-priority to set the system LACP priority.

Use undo lacp system-priority to restore the default.

Syntax

lacp system-priority system-priority

undo lacp system-priority

Default

The system LACP priority is 32768.

Views

System view

Predefined user roles

network-admin

Parameters

system-priority: Specifies the system LACP priority in the range of 0 to 65535. The smaller the value, the higher the system LACP priority.

Examples

# Set the system LACP priority to 64.

<Sysname> system-view

[Sysname] lacp system-priority 64

Related commands

link-aggregation port-priority

link-aggregation global load-sharing mode

Use link-aggregation global load-sharing mode to set the global link-aggregation load sharing mode.

Use undo link-aggregation global load-sharing mode to restore the default.

Syntax

link-aggregation global load-sharing mode { destination-ip | destination-mac | source-ip | source-mac } *

undo link-aggregation global load-sharing mode

Default

Packets are distributed based on the source and destination IP addresses on aggregate links.

Views

System view

Predefined user roles

network-admin

Parameters

destination-ip: Distributes traffic based on destination IP addresses.

destination-mac: Distributes traffic based on destination MAC addresses.

source-ip: Distributes traffic based on source IP addresses.

source-mac: Distributes traffic based on source MAC addresses.

Usage guidelines

The load sharing mode that you set overwrites the previous mode.

If an unsupported load sharing mode is set, an error prompt appears.

Examples

# Set the global load sharing mode to load share packets based on destination MAC addresses.

<Sysname> system-view

[Sysname] link-aggregation global load-sharing mode destination-mac

Related commands

link-aggregation load-sharing mode

link-aggregation lacp traffic-redirect-notification enable

Use link-aggregation lacp traffic-redirect-notification enable to enable link-aggregation traffic redirection.

Use undo link-aggregation lacp traffic-redirect-notification enable to disable link-aggregation traffic redirection.

Syntax

link-aggregation lacp traffic-redirect-notification enable

undo link-aggregation lacp traffic-redirect-notification enable

Default

Link-aggregation traffic redirection is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

When you restart an IRF member device that contains Selected ports, this feature redirects traffic of the IRF member device to other IRF member devices. Zero packet loss is guaranteed for known unicast traffic, but not for unknown unicast traffic.

Link-aggregation traffic redirection applies only to dynamic link aggregation groups.

To prevent traffic interruption, enable link-aggregation traffic redirection on devices at both ends of the aggregate link.

Examples

# Enable link-aggregation traffic redirection.

<Sysname> system-view

[Sysname] link-aggregation lacp traffic-redirect-notification enable

link-aggregation load-sharing mode

Use link-aggregation load-sharing mode to set the link-aggregation load sharing mode.

Use undo link-aggregation load-sharing mode to restore the default.

Syntax

link-aggregation load-sharing mode { destination-ip | destination-mac | source-ip | source-mac } *

undo link-aggregation load-sharing mode

Default

An aggregation group uses the global link-aggregation load sharing mode.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

destination-ip: Distributes traffic based on destination IP addresses.

destination-mac: Distributes traffic based on destination MAC addresses.

source-ip: Distributes traffic based on source IP addresses.

source-mac: Distributes traffic based on source MAC addresses.

Usage guidelines

The load sharing mode that you set overwrites the previous mode.

If an unsupported load sharing mode is set, an error prompt appears.

Examples

# Configure Layer 2 aggregation group 1 to load share packets based on destination MAC addresses.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] link-aggregation load-sharing mode destination-mac

Related commands

link-aggregation global load-sharing mode

link-aggregation load-sharing mode local-first

Use link-aggregation load-sharing mode local-first to enable local-first load sharing for link aggregation.

Use undo link-aggregation load-sharing mode local-first to disable local-first load sharing for link aggregation.

Syntax

link-aggregation load-sharing mode local-first

undo link-aggregation load-sharing mode local-first

Default

Local-first load sharing is enabled for link aggregation.

Views

System view

Predefined user roles

network-admin

Usage guidelines

The following matrix shows the command and hardware compatibility:

 

Hardware series

Model

Command compatibility

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

No

WX3800H series

WX3820H

WX3840H

Yes

WX5800H series

WX5860H

Yes

 

After you disable local-first load sharing, the packets will be load shared among all Selected ports of the aggregate interface on all IRF member devices.

Examples

# Disable local-first load sharing for link aggregation.

<Sysname> system-view

[Sysname] undo link-aggregation load-sharing mode local-first

link-aggregation mode

Use link-aggregation mode dynamic to configure an aggregation group to operate in dynamic aggregation mode and enable LACP.

Use undo link-aggregation mode to restore the default.

Syntax

link-aggregation mode dynamic

undo link-aggregation mode

Default

An aggregation group operates in static aggregation mode.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Examples

# Configure Layer 2 aggregation group 1 to operate in dynamic aggregation mode.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] link-aggregation mode dynamic

link-aggregation port-priority

Use link-aggregation port-priority to set the port priority of an interface.

Use undo link-aggregation port-priority to restore the default.

Syntax

link-aggregation port-priority port-priority

undo link-aggregation port-priority

Default

The port priority of an interface is 32768.

Views

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

port-priority: Specifies the port priority in the range of 0 to 65535. The smaller the value, the higher the port priority.

Examples

# Set the port priority to 64 for Layer 2 Ethernet interface GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] link-aggregation port-priority 64

Related commands

lacp system-priority

link-aggregation selected-port maximum

Use link-aggregation selected-port maximum to set the maximum number of Selected ports allowed in an aggregation group.

Use undo link-aggregation selected-port maximum to restore the default.

Syntax

link-aggregation selected-port maximum number

undo link-aggregation selected-port maximum

Default

The maximum number of Selected ports allowed in an aggregation group depends on hardware limitation.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of Selected ports allowed in an aggregation group.

The following matrix shows the value ranges for the number argument:

 

Hardware series

Model

Value range

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

1 to 4

WX3800H series

WX3820H

WX3840H

1 to 8

WX5800H series

WX5860H

1 to 8

 

Usage guidelines

Executing this command might cause some of the Selected ports in an aggregation group to become Unselected ports.

The maximum number of Selected ports allowed in the aggregation groups must be the same for the local and peer ends.

The maximum number of Selected ports allowed in an aggregation group is limited by one of the following values, whichever value is smaller:

·          Maximum number set by using the link-aggregation selected-port maximum command.

·          Hardware limitation.

You can implement backup between two ports by performing the following tasks:

·          Assign two ports to an aggregation group.

·          Configure 1 as the maximum number of Selected ports allowed in the aggregation group.

Then, only one Selected port is allowed in the aggregation group at any point in time, while the Unselected port acts as a backup port.

Examples

# Set the maximum number of Selected ports to 5 for Layer 2 aggregation group 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] link-aggregation selected-port maximum 5

Related commands

link-aggregation selected-port minimum

link-aggregation selected-port minimum

Use link-aggregation selected-port minimum to set the minimum number of Selected ports in an aggregation group.

Use undo link-aggregation selected-port minimum to restore the default.

Syntax

link-aggregation selected-port minimum number

undo link-aggregation selected-port minimum

Default

The minimum number of Selected ports in an aggregation group is not specified.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

number: Specifies the minimum number of Selected ports in an aggregation group required to bring up the aggregate interface.

The following matrix shows the values or value ranges for the number argument:

 

Hardware series

Model

Value/value range

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

1

WX3800H series

WX3820H

WX3840H

1 to 8

WX5800H series

WX5860H

1 to 8

 

Usage guidelines

Executing this command might cause all member ports in the aggregation group to become Unselected ports.

The minimum number of Selected ports allowed in the aggregation groups must be the same for the local and peer ends.

Examples

# Set the minimum number of Selected ports to 3 for Layer 2 aggregation group 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] link-aggregation selected-port minimum 3

Related commands

link-aggregation selected-port maximum

port link-aggregation group

Use port link-aggregation group to assign an Ethernet interface to an aggregation group.

Use undo port link-aggregation group to remove an Ethernet interface from the aggregation group to which it belongs.

Syntax

port link-aggregation group number

undo port link-aggregation group

Default

An Ethernet interface does not belong to any aggregation group.

Views

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

number: Specifies an aggregation group by its aggregate interface number.

The following matrix shows the values or value ranges for the number argument:

 

Hardware series

Model

Value/value range

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

1

WX3800H series

WX3820H

WX3840H

1 to 4

WX5800H series

WX5860H

1 to 6

 

Usage guidelines

An Ethernet interface can belong to only one aggregation group.

Examples

# Assign Layer 2 Ethernet interface GigabitEthernet 1/0/1 to Layer 2 aggregation group 1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-aggregation group 1

reset counters interface

Use reset counters interface to clear statistics for the specified aggregate interfaces.

Syntax

reset counters interface [ bridge-aggregation [ interface-number ] ]

Views

User view

Predefined user roles

network-admin

Parameters

bridge-aggregation: Specifies Layer 2 aggregate interfaces.

interface-number: Specifies an aggregate interface number.

Usage guidelines

Use this command to clear history statistics before you collect traffic statistics for a time period.

If you do not specify any parameters, the command clears statistics for all interfaces in the system.

If you specify only the bridge-aggregation keyword, the command clears statistics for all Layer 2 aggregate interfaces.

If you specify the bridge-aggregation interface-number option, the command clears statistics for the specified aggregate interface.

The bridge-aggregation keyword is available only when Layer 2 aggregate interfaces exist on the device.

Examples

# Clear statistics for Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> reset counters interface bridge-aggregation 1

reset lacp statistics

Use reset lacp statistics to clear LACP statistics for the specified link aggregation member ports.

Syntax

reset lacp statistics [ interface interface-list ]

Views

User view

Predefined user roles

network-admin

Parameters

interface interface-list: Specifies a list of link aggregation member ports, in the format interface-type interface-number [ to interface-type interface-number ]. The interface-type interface-number argument specifies an interface by its type and number. If you do not specify any member ports, the command clears LACP statistics for all member ports.

Examples

# Clear LACP statistics for all link aggregation member ports.

<Sysname> reset lacp statistics

Related commands

display link-aggregation member-port

shutdown

Use shutdown to shut down an aggregate interface.

Use undo shutdown to bring up an aggregate interface.

Syntax

shutdown

undo shutdown

Default

A Layer 2 aggregate interface is up.

Views

Layer 2 aggregate interface view

Predefined user roles

network-admin

Examples

# Bring up Layer 2 aggregate interface Bridge-Aggregation 1.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] undo shutdown


VLAN commands

Basic VLAN commands

bandwidth

Use bandwidth to set the expected bandwidth of an interface.

Use undo bandwidth to restore the default.

Syntax

bandwidth bandwidth-value

undo bandwidth

Default

The expected bandwidth (in kbps) is the interface baud rate divided by 1000.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

bandwidth-value: Specifies the expected bandwidth in the range of 1 to 400000000 kbps.

Usage guidelines

The expected bandwidth is an informational parameter used only by higher-layer protocols for calculation. You cannot adjust the actual bandwidth of an interface by using this command.

Examples

# Set the expected bandwidth to 10000 kbps for VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] bandwidth 10000

default

Use default to restore the default settings for a VLAN interface.

Syntax

default

Views

VLAN interface view

Predefined user roles

network-admin

Usage guidelines

CAUTION

CAUTION:

The default command might interrupt ongoing network services. Make sure you are fully aware of the impacts of this command when you use it on a live network.

 

This command might fail to restore the default settings for some commands for reasons such as command dependencies or system restrictions. Use the display this command in interface view to identify these commands, and then use their undo forms or follow the command reference to restore their default settings. If your restoration attempt still fails, follow the error message instructions to resolve the problem.

Examples

# Restore the default settings for VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] default

description

Use description to set the description for a VLAN or VLAN interface.

Use undo description to restore the default.

Syntax

description text

undo description

Default

For a VLAN, the description is VLAN vlan-id. The vlan-id argument specifies the VLAN ID in a four-digit format. If the VLAN ID has fewer than four digits, leading zeros are added. For example, the default description of VLAN 100 is VLAN 0100.

For a VLAN interface, the description is the name of the interface. For example, Vlan-interface1 Interface.

Views

VLAN view

VLAN interface view

Predefined user roles

network-admin

Parameters

text: Specifies a description for a VLAN or VLAN interface, a string of 1 to 255 characters. The string can include case-sensitive letters, digits, special symbols (see Table 10), spaces, and other Unicode characters and symbols.

Table 10 Special symbols

Name

Symbol

Name

Symbol

Tilde

~

Left angle bracket

Exclamation point

!

Right angle bracket

At sign

@

Hyphen

-

Pound sign

#

Underscore

_

Dollar sign

$

Plus sign

+

Percent sign

%

Equal sign

=

Caret

^

Vertical bar

|

Ampersand sign

&

Backslash

\

Asterisk

*

Colon

:

Left brace

{

Semi-colon

;

Right brace

}

Quotation marks

"

Left parenthesis

(

Apostrophe

'

Right parenthesis

)

Comma

,

Left bracket

[

Dot

.

Right bracket

]

Slash

/

 

Usage guidelines

You can configure a description to describe the function or connection of a VLAN or VLAN interface. The descriptions are helpful when a large number of VLANs and VLAN interfaces are created on the device.

Examples

# Set the description of VLAN 2 to sales-private.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] description sales-private

# Set the description of VLAN-interface 2 to linktoPC56.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] description linktoPC56

Related commands

·          display interface vlan-interface

·          display vlan

display interface vlan-interface

Use display interface vlan-interface to display VLAN interface information.

Syntax

display interface vlan-interface [ interface-number ] [ brief [ description | down ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vlan-interface: Specifies VLAN interfaces.

interface-number: Specifies a VLAN interface number. If you do not specify this argument, the command displays information about all VLAN interfaces.

brief: Displays brief interface information. If you do not specify this keyword, the command displays detailed interface information.

description: Displays complete interface descriptions. If you do not specify this keyword, the command displays only the first 27 characters of each interface description.

down: Displays VLAN interfaces in down state and their down causes. If you do not specify this keyword, the command displays information about VLAN interfaces in all states.

Examples

# Display information about VLAN-interface 2.

<Sysname> display interface vlan-interface 2

Vlan-interface2

Current state: DOWN

Line protocol state: DOWN

Description: Vlan-interface2 Interface

Bandwidth: 100000kbps

Maximum transmission unit: 1500

Internet protocol processing : Disabled

IP packet frame type: PKTFMT_ETHNT_2, hardware address: 000f-e249-8050

IPv6 packet frame type: PKTFMT_ETHNT_2, hardware address: 000f-e249-8050

Last clearing of counters: Never

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Input: 0 packets, 0 bytes, 0 drops

Output: 0 packets, 0 bytes, 0 drops

# Display brief information about VLAN-interface 2.

<Sysname> display interface vlan-interface 2 brief

Brief information on interfaces in route mode:

Link: ADM - administratively down; Stby - standby

Protocol: (s) - spoofing

Interface            Link Protocol Primary IP         Description

Vlan2                DOWN DOWN     --

Table 11 Command output

Field

Description

Vlan-interface2

VLAN interface name.

Current state

Physical state of the VLAN interface:

·         DOWN ( Administratively )—The administrative state of the VLAN interface is down, because it has been shut down by using the shutdown command.

·         DOWN—The administrative state of the VLAN interface is up, but its physical state is down. The VLAN of this VLAN interface does not contain any physical ports in up state. The ports might not be connected correctly or the lines might have failed.

·         UPBoth the administrative state and the physical state of the VLAN interface are up.

Line protocol state

Link layer protocol state of the VLAN interface:

·         DOWN—The link layer protocol state of the VLAN interface is down.

·         UP—The link layer protocol state of the VLAN interface is up.

Description

Partial or complete VLAN interface description configured by using the description command:

·         If you do not specify the description keyword in the display interface brief command, this field displays the first 27 characters of the interface description.

·         If you specify the description keyword in the display interface brief command, this field displays the complete interface description.

Bandwidth

Expected bandwidth of the VLAN interface.

Maximum transmission unit

MTU of the VLAN interface.

Internet protocol processing : Disabled

The VLAN interface is not assigned an IP address and cannot process IP packets.

Internet address is 192.168.1.54/24 (primary)

The primary IP address of the interface is 192.168.1.54/24. This field is displayed only when the primary IP address is configured for the interface.

IP packet frame type

Framing format of sent IPv4 packets.

hardware address

MAC address of the VLAN interface.

IPv6 packet frame type

Framing format of sent IPv6 packets.

Last clearing of counters

The most recent time that the reset counters interface command was executed. This field displays Never if you have never executed this command.

Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec

Average rates of input packets and output packets in the last 300 seconds (in Bps, bps and pps).

Input: 0 packets, 0 bytes, 0 drops

Total number and size (in bytes) of the received packets of the interface and the number of the dropped packets.

Output: 0 packets, 0 bytes, 0 drops

Total number and size (in bytes) of the sent packets of the interface and the number of the dropped packets.

Brief information on interfaces in route mode

Brief information about Layer 3 interfaces.

Link: ADM - administratively down; Stby – standby

Link layer state of the interface:

·         ADM—The interface has been administratively shut down. To bring up the interface, use the undo shutdown command.

·         Stby—The interface is operating as a backup interface. To see the primary interface, use the display interface-backup state command.

Protocol: (s) - spoofing

The protocol attribute of an interface includes the spoofing flag (the letter s in parentheses) when the following conditions exist:

·         The data link layer protocol state of an interface is shown as UP.

·         Its link is an on-demand link or is not present.

Interface

Abbreviated interface name.

Link

Physical link state of the interface:

·         UP—The interface is physically up.

·         DOWN—The interface  is physically down.

·         ADM—The interface has been administratively shut down. To bring up the interface, use the undo shutdown command.

·         Stby—The interface is operating as a backup interface.

Protocol

Data link layer protocol state of the interface:

·         UP—The data link layer protocol state of the interface is up.

·         DOWN—The data link layer protocol state of the interface is down.

·         UP(s)—The data link layer protocol of the interface is up, but the link is an on-demand link or does not exist. The (s) attribute represents the spoofing flag.

Primary IP

Primary IP address of the interface.

 

Related commands

reset counters interface vlan-interface

display vlan

Use display vlan to display VLAN information.

Syntax

display vlan [ vlan-id1 [ to vlan-id2 ] | all | dynamic | static ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vlan-id1: Specifies a VLAN by its ID in the range of 1 to 4094.

vlan-id1 to vlan-id2: Specifies a VLAN ID range. Both the vlan-id1 and the vlan-id2 arguments are in the range of 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

all: Specifies all created VLANs.

dynamic: Specifies dynamic VLANs. If you specify this keyword, the command displays the number of dynamic VLANs and the ID for each dynamic VLAN. Dynamic VLANs are assigned by a RADIUS server.

static: Specifies static VLANs. If you specify this keyword, the command displays the number of static VLANs and the ID for each static VLAN. Static VLANs are manually created.

Examples

# Display VLAN 2 information.

<Sysname> display vlan 2

 VLAN ID: 2

 VLAN type: Static

 Route interface: Not configured

 Description: VLAN 0002

 Name: VLAN 0002

 Tagged ports:   None

 Untagged ports:

    GigabitEthernet1/0/1  GigabitEthernet1/0/2  GigabitEthernet1/0/3

# Display VLAN 3 information.

<Sysname> display vlan 3

 VLAN ID: 3

 VLAN type: static

 Route interface: Configured

 IPv4 address: 1.1.1.1

 IPv4 subnet mask: 255.255.255.0

 Description: VLAN 0003

 Name: VLAN 0003

 Tagged ports:   None

 Untagged ports: None

Table 12 Command output

Field

Description

VLAN type

VLAN type, static or dynamic.

Route interface

Whether the VLAN interface is configured for the VLAN.

·         Not configured.

·         Configured.

Description

Description of the VLAN.

Name

VLAN name.

IP address

Primary IPv4 address of the VLAN interface. This field is displayed only when an IPv4 address is configured for the VLAN interface.

When the VLAN interface is also configured with secondary IPv4 addresses, you can view them by using one of the following commands:

·         display interface vlan-interface.

·         display this (VLAN interface view).

Subnet mask

Subnet mask of the primary IP address. This field is available only when an IP address is configured for the VLAN interface.

Tagged ports

Tagged members of the VLAN.

Untagged ports

Untagged members of the VLAN.

 

Related commands

vlan

display vlan brief

Use display vlan brief to display brief VLAN information.

Syntax

display vlan brief

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display brief VLAN information.

<Sysname> display vlan brief

Brief information about all VLANs:

Supported Minimum VLAN ID: 1

Supported Maximum VLAN ID: 4094

Default VLAN ID: 1

VLAN ID   Name                             Port

1         VLAN 0001                        GE1/0/1  GE1/0/2  GE1/0/3  GE1/0/4

                                           GE1/0/5  GE1/0/6  GE1/0/7  GE1/0/8

                                           GE1/0/9  GE1/0/10

2         VLAN 0002

3         VLAN 0003

Table 13 Command output

Field

Description

Default VLAN ID

System default VLAN ID.

Name

VLAN name.

Port

Ports that allow packets from the VLAN to pass through.

 

interface vlan-interface

Use interface vlan-interface to create a VLAN interface and enter its view or to enter the view of an existing VLAN interface.

Use undo interface vlan-interface to delete a VLAN interface.

Syntax

interface vlan-interface interface-number

undo interface vlan-interface interface-number

Default

No VLAN interface is created.

Views

System view

Predefined user roles

network-admin

Parameters

interface-number: Specifies a VLAN interface number in the range of 1 to 4094. The following matrix shows the maximum number of supported VLAN interfaces:

 

Hardware series

Model

Maximum number of supported VLAN interfaces

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

4: WX1804H

10: WX1810H

16: WX1820H

40: WX1840H

WX3800H series

WX3820H

WX3840H

512: WX3820H

1024: WX3840H

WX5800H series

WX5860H

4094

 

Usage guidelines

Create the VLAN before you create the VLAN interface for a VLAN.

Examples

# Create VLAN-interface 2, and enter its view.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2]

Related commands

display interface vlan-interface

mtu

Use mtu to set the MTU for a VLAN interface.

Use undo mtu to restore the default.

Syntax

mtu size

undo mtu

Default

The MTU of a VLAN interface is 1500 bytes.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

size: Sets the MTU in bytes. The following matrix shows the value ranges for the size argument:

 

Hardware series

Model

Value range

WX1800H series

WX1804H

WX1810H

WX1820H

WX1840H

46 to 1748

WX3800H series

WX3820H

WX3840H

46 to 1748

WX5800H series

WX5860H

46 to 1748

 

Usage guidelines

If you configure both the mtu and ip mtu commands on a VLAN interface, the MTU set by the ip mtu command is used for fragmentation. For more information about the ip mtu command, see Layer 3—IP Services Command Reference.

Examples

# Set the MTU to 1492 bytes for VLAN-interface 1.

<Sysname> system-view

[Sysname] interface vlan-interface 1

[Sysname-Vlan-interface1] mtu 1492

Related commands

display interface vlan-interface

name

Use name to set a name for a VLAN.

Use undo name to restore the default.

Syntax

name text

undo name

Default

The name of a VLAN is VLAN vlan-id. The vlan-id argument specifies the VLAN ID in a four-digit format. If the VLAN ID has fewer than four digits, leading zeros are added. For example, the name of VLAN 100 is VLAN 0100.

Views

VLAN view

Predefined user roles

network-admin

Parameters

text: Specifies a VLAN name, a string of 1 to 32 characters. The string can include case-sensitive letters, digits, special symbols (see Table 10), spaces, and other Unicode characters and symbols.

Usage guidelines

When 802.1X or MAC authentication is configured on a device, you can specify authorization VLANs by their names or IDs. If a large number of VLANs are configured on the RADIUS sever, use VLAN names to identify them.

Examples

# Set the name of VLAN 2 to test vlan.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] name test vlan

Related commands

display vlan

reset counters interface vlan-interface

Use reset counters interface vlan-interface to clear statistics on a VLAN interface.

Syntax

reset counters interface vlan-interface [ interface-number ]

Views

User view

Predefined user roles

network-admin

Parameters

interface-number: Specifies a VLAN interface by its number.

Usage guidelines

Use this command to clear the history statistics before you collect statistics within a time period.

If you do not specify the interface-number argument, this command clears statistics on all VLAN interfaces.

If you specify the interface-number argument, this command clears statistics on the specified VLAN interface.

Examples

# Clear statistics on VLAN-interface 2.

<Sysname> reset counters interface vlan-interface 2

Related commands

display interface vlan-interface

service

Use service to specify a primary traffic processing slot for an interface.

Use undo service to restore the default.

Syntax

service slot slot-number

undo service slot

Default

No primary traffic processing slot is specified for an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

slot slot-number: Specifies an IRF member device by its member ID.

Usage guidelines

Specify a traffic processing slot for a VLAN interface if all traffic on the VLAN interface must be processed on the same slot.

For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.

To avoid processing slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.

If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:

·          The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. The switchover will not occur until the backup slot becomes unavailable.

·          When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.

If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.

Examples

# Specify a primary traffic processing slot for VLAN-interface 2.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] service slot 2

Related commands

service standby

service standby

Use service standby to specify a backup traffic processing slot for an interface.

Use undo service standby to restore the default.

Syntax

service standby slot slot-number

undo service standby slot

Default

No backup traffic processing slot is specified for an interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

slot slot-number: Specifies an IRF member device by its member ID.

Usage guidelines

Specify a traffic processing slot for a VLAN interface if all traffic on the VLAN interface must be processed on the same slot.

For high availability, you can specify one primary and one backup traffic processing slot by using the service command and the service standby command, respectively.

To avoid processing slot switchover, specify the primary slot before specifying the backup slot. If you specify the backup slot before specifying the primary slot, traffic is switched over to the primary slot immediately after you specify the primary slot.

If you specify both primary and backup slots for an interface, traffic on that interface is processed as follows:

·          The backup slot takes over when the primary slot becomes unavailable. The backup slot continues to process traffic for the interface after the primary slot becomes available again. The switchover will not occur until the backup slot becomes unavailable.

·          When no specified traffic processing slots are available, the traffic is processed on the slot at which it arrives. Then, the processing slot that first becomes available again takes over.

If you do not specify a primary or a backup traffic processing slot for an interface, traffic on that interface is processed on the slot at which the traffic arrives.

Examples

# Specify a primary and a backup traffic processing slot for VLAN-interface 2.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] quit

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] service slot 2

[Sysname-Vlan-interface2] service standby slot 3

Related commands

service

shutdown

Use shutdown to shut down a VLAN interface.

Use undo shutdown to bring up a VLAN interface.

Syntax

shutdown

undo shutdown

Default

A VLAN interface is not manually shut down.

Views

VLAN interface view

Predefined user roles

network-admin

Usage guidelines

When a VLAN interface is not manually shut down, the following guidelines apply to the interface state:

·          The VLAN interface is down if all ports in the VLAN are down.

·          The VLAN interface is up if one or more ports in the VLAN are up.

When you use this command to shut down a VLAN interface, the VLAN interface remains in DOWN (Administratively) state. In this case, the VLAN interface state is not affected by the state of the ports in the VLAN.

Before you configure parameters for a VLAN interface, use this command to shut it down to prevent the configuration from affecting the network. After you complete the VLAN interface configuration, use the undo shutdown command to make the settings take effect.

To troubleshoot a failed interface, you can use the shutdown command and then the undo shutdown command on the interface to see whether it recovers.

In a VLAN, the state of each Ethernet port is independent of the state of the VLAN interface.

Examples

# Shut down VLAN-interface 2, and then bring it up.

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] shutdown

[Sysname-Vlan-interface2] undo shutdown

vlan

Use vlan vlan-id to create a VLAN and enter its view or to enter the view of an existing VLAN.

Use vlan vlan-id1 to vlan-id2 to create VLANs vlan-id1 through vlan-id2.

Use vlan all to create VLANs 1 through 4094.

Use undo vlan to delete the specified VLANs.

Syntax

vlan { vlan-id1 [ to vlan-id2 ] | all }

undo vlan { vlan-id1 [ to vlan-id2 ] | all }

Default

VLAN 1 (system default VLAN) exists.

Views

System view

Predefined user roles

network-admin

Parameters

vlan-id1, vlan-id2: Specifies a VLAN ID in the range of 1 to 4094.

vlan-id1 to vlan-id2: Specifies a VLAN range. The vlan-id1 and vlan-id2 arguments specify VLAN IDs. The value range for each of the two arguments is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

all: Specifies VLANs 1 through 4094.

Usage guidelines

You cannot create or delete the system default VLAN (VLAN 1).

Before you delete a dynamic VLAN or a VLAN locked by an application, you must first remove the configuration from the VLAN.

Examples

# Create VLAN 2 and enter its view.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2]

# Create VLANs 4 through 100.

<Sysname> system-view

[Sysname] vlan 4 to 100

Related commands

display vlan

Port-based VLAN commands

display port

Use display port to display information about hybrid or trunk ports.

Syntax

display port { hybrid | trunk }

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

hybrid: Specifies hybrid ports.

trunk: Specifies trunk ports.

Examples

# Display information about hybrid ports.

<Sysname> display port hybrid

Interface            PVID  VLAN Passing

GE1/0/4               100   Tagged:  1000, 1002, 1500, 1600-1611, 2000,

                                    2555-2558, 3000, 4000

                           Untagged:1, 10, 15, 18, 20-30, 44, 55, 67, 100,

                                    150-160, 200, 255, 286, 300-302

# Display information about trunk ports.

<Sysname> display port trunk

Interface            PVID  VLAN Passing

GE1/0/8               2     1-4, 6-100, 145, 177, 189-200, 244, 289, 400,

                           555, 600-611, 1000, 2006-2008

Table 14 Command output

Field

Description

Interface

Interface name.

PVID

Port VLAN ID.

VLAN Passing

Existing VLANs allowed on the port.

Tagged

VLANs from which the port sends packets without removing VLAN tags.

Untagged

VLANs from which the port sends packets after removing VLAN tags.

 

port

Use port to assign the specified access ports to a VLAN.

Use undo port to remove the specified access ports from a VLAN.

Syntax

port interface-list

undo port interface-list

Default

All ports are in VLAN 1.

Views

VLAN view

Predefined user roles

network-admin

Parameters

interface-list: Specifies a space-separated list of up to 10 Ethernet interface items. Each item specifies an Ethernet interface or a range of Ethernet interfaces in the form of interface-type interface-number1 to interface-type interface-number2. The value for the interface-number2 argument must be equal to or greater than the value for the interface-number1 argument.

Usage guidelines

This command is applicable only to access ports.

By default, all ports are access ports. You can manually configure the port link type. For more information, see "port link-type."

Examples

# Assign GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3 to VLAN 2.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] port gigabitethernet 1/0/1 to gigabitethernet 1/0/3

Related commands

display vlan

port access vlan

Use port access vlan to assign an access port to the specified VLAN.

Use undo port access vlan to restore the default.

Syntax

port access vlan vlan-id

undo port access vlan

Default

All access ports belong to VLAN 1.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094.

Usage guidelines

Before assigning an access port to a VLAN, make sure the VLAN has been created.

Examples

# Assign GigabitEthernet 1/0/1 to VLAN 3.

<Sysname> system-view

[Sysname] vlan 3

[Sysname-vlan3] quit

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port access vlan 3

port hybrid pvid

Use port hybrid pvid to set the PVID of a hybrid port.

Use undo port hybrid pvid to set the PVID of a hybrid port to 1.

Syntax

port hybrid pvid vlan vlan-id

undo port hybrid pvid

Default

The PVID of a hybrid port is the ID of the VLAN to which the port belongs when its link type is access.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094.

Usage guidelines

You can use a nonexistent VLAN as the PVID of a hybrid port. When you delete the PVID of a hybrid port by using the undo vlan command, the PVID setting of the port does not change.

For correct packet transmission, set the same PVID for a local hybrid port and its peer.

To enable a hybrid port to transmit packets from its PVID, you must assign the hybrid port to the PVID by using the port hybrid vlan command.

Examples

# Set the PVID of the hybrid port GigabitEthernet 1/0/1 to VLAN 100, and assign GigabitEthernet 1/0/1 to VLAN 100 as an untagged member.

<Sysname> system-view

[Sysname] vlan 100

[Sysname-vlan100] quit

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-type hybrid

[Sysname-GigabitEthernet1/0/1] port hybrid pvid vlan 100

[Sysname-GigabitEthernet1/0/1] port hybrid vlan 100 untagged

Related commands

·          port hybrid vlan

·          port link-type

port hybrid vlan

Use port hybrid vlan to assign a hybrid port to the specified VLANs.

Use undo port hybrid vlan to remove a hybrid port from the specified VLANs.

Syntax

port hybrid vlan vlan-id-list { tagged | untagged }

undo port hybrid vlan vlan-id-list

Default

A hybrid port is an untagged member of the VLAN to which the port belongs when its link type is access.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

tagged: Configures the port as a tagged member of the specified VLANs. A tagged member of a VLAN sends packets from the VLAN without removing VLAN tags.

untagged: Configures the port as an untagged member of the specified VLANs. An untagged member of a VLAN sends packets from the VLAN after removing VLAN tags.

Usage guidelines

A hybrid port can allow multiple VLANs. If you execute this command multiple times on a hybrid port, the hybrid port allows the VLANs specified by the vlan-id-list argument in each execution.

Examples

# Configure GigabitEthernet 1/0/1 as a hybrid port, and assign it to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100 as a tagged member.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-type hybrid

[Sysname-GigabitEthernet1/0/1] port hybrid vlan 2 4 50 to 100 tagged

Related commands

port link-type

port link-type

Use port link-type to set the link type of a port.

Use undo port link-type to restore the default link type of a port.

Syntax

port link-type { access | hybrid | trunk }

undo port link-type

Default

Each port is an access port.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

access: Sets the port link type to access.

hybrid: Sets the port link type to hybrid.

trunk: Sets the port link type to trunk.

Usage guidelines

To change the link type of a port from trunk to hybrid or vice versa, first set the link type to access.

Examples

# Configure GigabitEthernet 1/0/1 as a trunk port.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-type trunk

port trunk permit vlan

Use port trunk permit vlan to assign a trunk port to the specified VLANs.

Use undo port trunk permit vlan to remove a trunk port from the specified VLANs.

Syntax

port trunk permit vlan { vlan-id-list | all }

undo port trunk permit vlan { vlan-id-list | all }

Default

A trunk port allows packets only from VLAN 1 to pass through.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

all: Specifies all VLANs. To prevent unauthorized VLAN users from accessing restricted resources through a port, use the port trunk permit vlan all command with caution.

Usage guidelines

A trunk port can allow multiple VLANs. If you execute this command multiple times on a trunk port, the trunk port allows the VLANs specified by the vlan-id-list argument in each execution.

On a trunk port, packets only from the PVID can pass through untagged.

Examples

# Configure GigabitEthernet 1/0/1 as a trunk port, and assign it to VLAN 2, VLAN 4, and VLAN 50 through VLAN 100.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-type trunk

[Sysname-GigabitEthernet1/0/1] port trunk permit vlan 2 4 50 to 100

Related commands

port link-type

port trunk pvid

Use port trunk pvid to set the PVID for a trunk port.

Use undo port trunk pvid to restore the default.

Syntax

port trunk pvid vlan vlan-id

undo port trunk pvid

Default

The PVID of a trunk port is VLAN 1.

Views

Layer 2 aggregate interface view

Layer 2 Ethernet interface view

Predefined user roles

network-admin

Parameters

vlan-id: Specifies a VLAN by its ID in the range of 1 to 4094.

Usage guidelines

You can use a nonexistent VLAN as the PVID for a trunk port. When you delete the PVID of a trunk port by using the undo vlan command, the PVID setting of the port does not change.

For correct packet transmission, set the same PVID for a local trunk port and its peer.

To enable a trunk port to transmit packets from its PVID, you must assign the trunk port to the PVID by using the port trunk permit vlan command.

Examples

# Set the PVID of the trunk port GigabitEthernet 1/0/1 to VLAN 100, and assign GigabitEthernet 1/0/1 to VLAN 100.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-type trunk

[Sysname-GigabitEthernet1/0/1] port trunk pvid vlan 100

[Sysname-GigabitEthernet1/0/1] port trunk permit vlan 100

Related commands

·          port link-type

·          port trunk permit vlan

VLAN group commands

display vlan-group

Use display vlan-group to display VLAN group information.

Syntax

display vlan-group [ group-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

group-name: Specifies a VLAN group by its name, a case-sensitive string of 1 to 31 characters. The first character must be an alphabetical character. If you do not specify this argument, the command displays information about all VLAN groups.

Examples

# Display information about the VLAN group test001.

<Sysname> display vlan-group test001

VLAN group: test001

     VLAN list: 2-4 100 200

# Display information about all VLAN groups.

<Sysname> display vlan-group

VLAN group: test001

     VLAN list: 2-4 100 200

VLAN group: rnd

     VLAN list: Null

Table 15 Command output

Field

Description

VLAN group

Name of the VLAN group.

VLAN list

VLAN list in the VLAN group.

 

Related commands

·          vlan-group

·          vlan-list

vlan-group

Use vlan-group to create a VLAN group and enter VLAN group view.

Use undo vlan-group to delete a VLAN group.

Syntax

vlan-group group-name

undo vlan-group group-name

Default

No VLAN group exists.

Views

System view

Predefined user roles

network-admin

Parameters

group-name: Specifies a VLAN group by its name, a case-sensitive string of 1 to 31 characters. The first character must be an alphabetical character.

Usage guidelines

A VLAN group includes a set of VLANs. You can add multiple VLAN lists to a VLAN group.

Examples

# Create a VLAN group named test001 and enter VLAN group view.

<Sysname> system-view

[Sysname] vlan-group test001

[Sysname-vlan-group-test001]

Related commands

vlan-list

vlan-list

Use vlan-list to add VLANs to a VLAN group.

Use undo vlan-list to remove VLANs from a VLAN group.

Syntax

vlan-list vlan-id-list

undo vlan-list vlan-id-list

Default

No VLANs exist in a VLAN group.

Views

VLAN group view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

Examples

# Add VLAN 2 through VLAN 4, VLAN 100, and VLAN 200 to the VLAN group test001.

<Sysname> system-view

[Sysname] vlan-group test001

[Sysname-vlan-group-test001] vlan-list 2 to 4 100 200

Related commands

vlan-group


Loop detection commands

display loopback-detection

Use display loopback-detection to display the loop detection configuration and status.

Syntax

display loopback-detection

Views

Any view

Predefined user roles

network-admin

network-operator

Example

# Display the loop detection configuration and status.

<Sysname> display loopback-detection

Loopback detection is enabled.

Loopback detection interval is 30 second(s).

Loopback is detected on following interfaces:

 Interface                Action mode

 GigabitEthernet1/0/1     Block

 GigabitEthernet1/0/2     Shutdown

 GigabitEthernet1/0/3     None

 GigabitEthernet1/0/4     No-learning

Table 16 Command output

Field

Description

Action mode

Loop protection action:

·         BlockWhen a loop is detected on a port, the device performs the following operations:

?  Generates a log.

?  Disables the port from learning MAC addresses.

?  Blocks inbound traffic on the port.

·         NoneWhen a loop is detected on a port, the device generates a log but performs no action on the port.

·         No-learningWhen a loop is detected on a port, the device generates a log and disables the port from learning MAC addresses.

·         ShutdownWhen a loop is detected on a port, the device performs the following operations:

?  Generates a log.

?  Shuts down the port to disable the port from receiving or sending frames. The device automatically sets the port to the forwarding state after a time interval. Set the time interval by using the shutdown-interval command (see Fundamentals Command Reference).

 

loopback-detection action

Use loopback-detection action to set the loop protection action on a per-port basis.

Use undo loopback-detection action to restore the default.

Syntax

In Layer 2 Ethernet interface view:

loopback-detection action { block | no-learning | shutdown }

undo loopback-detection action

In Layer 2 aggregate interface view:

loopback-detection action shutdown

undo loopback-detection action

Default

When the device detects a loop on a port, it generates a log but performs no action on the port.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

block: Enables the block mode. If a loop is detected, the device performs the following operations:

·          Generates a log.

·          Disables MAC address learning.

·          Blocks the port.

Layer 2 aggregate interfaces do not support this keyword.

no-learning: Enables the no-learning mode. If a loop is detected, the device generates a log and disables MAC address learning on the port. Layer 2 aggregate interfaces do not support this keyword.

shutdown: Enables the shutdown mode. If a loop is detected, the device generates a log and shuts down the port. The device automatically sets the port to the forwarding state after the time interval set by using the shutdown-interval command (see Fundamentals Command Reference).

Usage guidelines

To set the loop protection action globally, use the loopback-detection global action command.

The global configuration applies to all ports. The per-port configuration applies to the individual ports. The per-port configuration takes precedence over the global configuration.

Example

# Set the loop protection action to shutdown on port GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[System-GigabitEthernet1/0/1] loopback-detection action shutdown

Related commands

·          display loopback-detection

·          loopback-detection global action

loopback-detection enable

Use loopback-detection enable to enable loop detection on a per-port basis.

Use undo loopback-detection enable to disable loop detection on a port.

Syntax

loopback-detection enable vlan { vlan-id-list | all }

undo loopback-detection enable vlan { vlan-id-list | all }

Default

The loop detection feature is disabled on ports.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The ID for vlan-id2 must be no less than the ID for vlan-id1.

all: Specifies all existing VLANs.

Usage guidelines

The per-port loop detection configuration takes effect only after you enable loop detection globally. To enable loop detection globally, use the loopback-detection global enable command.

The global configuration applies to all ports in the specified VLAN. The per-port configuration applies to the individual port only when the port belongs to the specified VLAN. The per-port configuration takes precedence over the global configuration.

Example

# Enable loop detection on port GigabitEthernet 1/0/1 for VLAN 10 through VLAN 20.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[System-GigabitEthernet1/0/1] loopback-detection enable vlan 10 to 20

Related commands

·          display loopback-detection

·          loopback-detection global enable

loopback-detection global action

Use loopback-detection global action to set the global loop protection action.

Use undo loopback-detection global action to restore the default.

Syntax

loopback-detection global action shutdown

undo loopback-detection global action

Default

When the device detects a loop on a port, it generates a log but performs no action on the port.

Views

System view

Predefined user roles

network-admin

Parameters

shutdown: Enables the shutdown mode. If a loop is detected, the device generates a log and shuts down the port. The device automatically sets the port to the forwarding state after the time interval set by using the shutdown-interval command (see Fundamentals Command Reference).

Usage guidelines

To set the loop protection action on a per-port basis, use the loopback-detection action command in interface view.

The global configuration applies to all ports. The per-port configuration applies to the individual ports. The per-port configuration takes precedence over the global configuration.

Example

# Set the global loop protection action to shutdown.

<Sysname> system-view

[System] loopback-detection global action shutdown

Related commands

·          display loopback-detection

·          loopback-detection action

loopback-detection global enable

Use loopback-detection global enable to enable loop detection globally.

Use undo loopback-detection global enable to disable loop detection globally.

Syntax

loopback-detection global enable vlan { vlan-id-list | all }

undo loopback-detection global enable vlan { vlan-id-list | all }

Default

The loop detection feature is globally disabled.

Views

System view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The ID for vlan-id2 must be equal to or greater than the ID for vlan-id1.

all: Specifies all existing VLANs.

Usage guidelines

To enable loop detection on a per-port basis, use the loopback-detection enable command in interface view.

The global configuration applies to all ports in the specified VLAN. The per-port configuration applies to the individual port only when the port belongs to the specified VLAN. The per-port configuration takes precedence over the global configuration.

Example

# Globally enable loop detection for VLAN 10 through VLAN 20.

<Sysname> system-view

[System] loopback-detection global enable vlan 10 to 20

Related commands

·          display loopback-detection

·          loopback-detection enable

loopback-detection interval-time

Use loopback-detection interval-time to set the loop detection interval.

Use undo loopback-detection interval-time to restore the default.

Syntax

loopback-detection interval-time interval

undo loopback-detection interval-time

Default

The loop detection interval is 30 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Sets the loop detection interval in the range of 1 to 300 seconds.

Usage guidelines

With loop detection enabled, the device sends loop detection frames at the specified interval. A shorter interval offers more sensitive detection but consumes more resources. Consider the system performance and loop detection speed when you set the loop detection interval.

Example

# Set the loop detection interval to 10 seconds.

<Sysname> system-view

[Sysname] loopback-detection interval-time 10

Related commands

display loopback-detection


Spanning tree commands

The WX1800H series access controllers do not support the slot keyword or the slot-number argument.

active region-configuration

Use active region-configuration to activate your MST region configuration.

Syntax

active region-configuration

Views

MST region view

Predefined user roles

network-admin

Usage guidelines

When you configure MST region parameters, MSTP launches a new spanning tree calculation process that might cause network topology instability. This is most likely to occur when you configure the VLAN-to-instance mapping table. The launch occurs after you execute the active region-configuration command or the stp global enable command.

H3C recommends that you use the check region-configuration command to determine whether the MST region configurations to be activated are correct. Run this command only when they are correct.

Examples

# Map VLAN 2 to MSTI 1 and manually activate the MST region configuration.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] instance 1 vlan 2

[Sysname-mst-region] active region-configuration

Related commands

·          check region-configuration

·          instance

·          region-name

·          revision-level

·          stp global enable

·          vlan-mapping modulo

check region-configuration

Use check region-configuration to display MST region pre-configuration information, including the region name, revision level, and VLAN-to-instance mapping settings.

Syntax

check region-configuration

Views

MST region view

Predefined user roles

network-admin

Usage guidelines

Spanning tree devices belong to the same MST region only when they are connected through a physical link and configured with the same details as follows:

·          Format selector (0 by default and not configurable).

·          MST region name.

·          MST region revision level.

·          VLAN-to-instance mapping entries in the MST region.

H3C recommends that you use this command to determine whether the MST region configurations to be activated are correct. Activate them only when they are correct.

Examples

# Display MST region pre-configurations.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] check region-configuration

 Admin Configuration

   Format selector      : 0

   Region name          : 001122334400

   Revision level       : 0

   Configuration digest : 0x3ab68794d602fdf43b21c0b37ac3bca8

 

   Instance  VLANs Mapped

   0         1, 3 to 4094

   15        2

Table 17 Command output

Field

Description

Format selector

Format selector of the MST region, which is 0 (not configurable).

Region name

MST region name.

Revision level

Revision level of the MST region.

Instance   VLANs Mapped

VLAN-to-instance mappings in the MST region.

 

Related commands

·          active region-configuration

·          instance

·          region-name

·          revision-level

·          vlan-mapping modulo

display stp

Use display stp to display spanning tree status and statistics. Based on the information, you can analyze and maintain the network topology or determine whether the spanning tree is working correctly.

Syntax

display stp [ instance instance-list | vlan vlan-id-list ] [ interface interface-list | slot slot-number ] [ brief ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1.

interface interface-list: Specifies a space-separated list of up to 10 interface items. Each item specifies an interface or a range of interfaces in the form of interface-type interface-number 1 [ to interface-type interface-number 2 ]. The interface number for interface-number 2 must be equal to or greater than the interface number for interface-number 1.

brief: Displays brief information. If this keyword is not specified, the command displays detailed information.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for all member devices.

Usage guidelines

In STP or RSTP mode, the command output is sorted by port name.

·          If you do not specify a port, this command applies to all ports.

·          If you specify a port list, this command applies to the specified ports.

In PVST mode, the command output is sorted by VLAN ID and by port name in each VLAN.

·          If you do not specify a VLAN or port, this command applies to all ports in all VLANs.

·          If you only specify a VLAN list but not a port, this command applies to all ports in the specified VLANs.

·          If you only specify a port list but not a VLAN, this command applies to the specified ports in all VLANs.

·          If you specify both a VLAN list and a port list, this command applies to the ports in the specified VLANs.

In MSTP mode, the command output is sorted by MSTI ID and by port name in each MSTI.

·          If you do not specify an MSTI or port, this command applies to all MSTIs on all ports.

·          If you specify an MSTI list but not a port, this command applies to all ports in the specified MSTIs.

·          If you specify a port list but not an MSTI, this command applies to all MSTIs on the specified ports.

·          If you specify both an MSTI list and a port list, this command applies to the specified ports in the specified MSTIs.

Examples

# In MSTP mode, display the brief spanning tree status and statistics for MSTI 0 on ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/4.

<Sysname> display stp instance 0 interface gigabitethernet 1/0/1 to gigabitethernet 1/0/4 brief

 MST ID      Port                         Role  STP State     Protection

 0           GigabitEthernet1/0/1         ALTE  DISCARDING    LOOP

 0           GigabitEthernet1/0/2         DESI  FORWARDING    NONE

 0           GigabitEthernet1/0/3         DESI  FORWARDING    NONE

 0           GigabitEthernet1/0/4         DESI  FORWARDING    NONE

# In PVST mode, display the brief spanning tree status and statistics for VLAN 2 on ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/4.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] display stp vlan 2 interface gigabitethernet 1/0/1 to gigabitethernet 1/0/4 brief

 VLAN ID     Port                         Role  STP State     Protection

 2           GigabitEthernet1/0/1         ALTE  DISCARDING    LOOP

 2           GigabitEthernet1/0/2         DESI  FORWARDING    NONE

 2           GigabitEthernet1/0/3         DESI  FORWARDING    NONE

 2           GigabitEthernet1/0/4         DESI  FORWARDING    NONE

Table 18 Command output

Field

Description

MST ID

MSTI ID in the MST region.

Port

Port name, corresponding to each MSTI or VLAN.

Role

Port role:

·         ALTE—The port is an alternate port.

·         BACK—The port is a backup port.

·         ROOT—The port is a root port.

·         DESI—The port is a designated port.

·         MAST—The port is a master port.

·         DISA—The port is disabled.

STP State

Spanning tree status on the port:

·         FORWARDING—The port can receive and send BPDUs and also forward user traffic.

·         DISCARDING—The port can receive and send BPDUs but cannot forward user traffic.

·         LEARNING—The port is in a transitional state. It can receive and send BPDUs but cannot forward user traffic.

Protection

Effective spanning tree protection feature on the port:

·         ROOT—Root guard.

·         LOOP—Loop guard.

·         BPDU—BPDU guard.

If no spanning tree protection feature is configured or spanning tree protection is not triggered, this field displays NONE.

 

# In MSTP mode, display the detailed spanning tree status and statistics for all MSTIs on all ports.

<Sysname> display stp

-------[CIST Global Info][Mode MSTP]-------

 Bridge ID           : 32768.0001-0000-0000

 Bridge times        : Hello 2s MaxAge 20s FwdDelay 15s MaxHops 20

 Root ID/ERPC        : 32768.0001-0000-0000, 0

 RegRoot ID/IRPC     : 32768.0001-0000-0000, 0

 RootPort ID         : 0.0

 BPDU-Protection     : Disabled

 Bridge Config-

 Digest-Snooping     : Disabled

 TC or TCN received  : 2

 Time since last TC  : 0 days 0h:0m:58s

 

----[Port3(GigabitEthernet1/0/2)][FORWARDING]----

 Port protocol       : Enabled

 Port role           : Designated Port (Boundary)

 Port ID             : 128.3

 Port cost(Legacy)   : Config=auto, Active=200

 Desg.bridge/port    : 32768.0001-0000-0000, 128.3

 Port edged          : Config=disabled, Active=disabled

 Point-to-Point      : Config=auto, Active=true

 Transmit limit      : 10 packets/hello-time

 TC-Restriction      : Disabled

 Role-Restriction    : Disabled

 Protection type     : Config=none, Active=none

 MST BPDU format     : Config=auto, Active=802.1s

 Port Config-

 Digest-Snooping     : Disabled

 Rapid transition    : True

 Num of VLANs mapped : 0

 Port times          : Hello 2s MaxAge 20s FwdDelay 15s MsgAge 0s RemHops 20

 BPDU sent           : 32

          TCN: 0, Config: 0, RST: 0, MST: 32

 BPDU received       : 2

          TCN: 0, Config: 0, RST: 0, MST: 2

 

-------[MSTI 1 Global Info]-------

 Bridge ID           : 32768.0001-0000-0000

 RegRoot ID/IRPC     : 32768.0001-0000-0000, 0

 RootPort ID         : 0.0

 Master bridge       : 32768.0001-0000-0000

 Cost to master      : 0

 TC received         : 0

 

----[Port3(GigabitEthernet1/0/2)][FORWARDING]----

 Port protocol       : Enabled

 Port role           : Designated Port (Boundary)

 Port ID             : 128.3

 Port cost(Legacy)   : Config=auto, Active=200

 Desg.bridge/port    : 32768.0001-0000-0000, 128.3

 Protection type     : Config=none, Active=none

 Rapid transition    : True

 Num of VLANs mapped : 64

 Port times          : RemHops 20

# In PVST mode, display the spanning tree status and statistics for all ports in all VLANs.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] display stp

-------[VLAN 1 Global Info]-------

Protocol status     : Enabled

Bridge ID           : 32768.000f-e200-2200

Bridge times        : Hello 2s MaxAge 20s FwdDelay 15s

VlanRoot ID/RPC     : 0.00e0-fc0e-6554, 200200

RootPort ID         : 128.48

BPDU-Protection     : Disabled

TC or TCN received  : 2

Time since last TC  : 0 days 0h:5m:42s

 

 ----[Port1(GigabitEthernet1/0/1)][FORWARDING]----

 Port protocol       : Enabled

 Port role           : Designated Port

 Port ID             : 128.153

 Port cost(Legacy)   : Config=auto, Active=200

 Desg. bridge/port   : 32768.000f-e200-2200, 128.2

 Port edged          : Config=disabled, Active=disabled

 Point-to-Point      : Config=auto, Active=true

 Transmit limit      : 10 packets/hello-time

 Protection type     : Config=none, Active=none

 Rapid transition    : False

 Port times          : Hello 2s MaxAge 20s FwdDelay 15s MsgAge 2s

 

-------[VLAN 2 Global Info]-------

Protocol status      : Enabled

Bridge ID            : 32768.000f-e200-2200

Bridge times         : Hello 2s MaxAge 20s FwDly 15s

VlanRoot ID/RPC      : 0.00e0-fc0e-6554, 200200

RootPort ID          : 128.48

BPDU-Protection      : Disabled

TC or TCN received   : 2

Time since last TC   : 0 days 0h:5m:42s

# In MSTP mode, display the spanning tree status and statistics when the spanning tree feature is disabled. If the spanning tree feature is not globally enabled, the command displays STP is not configured.

<Sysname> display stp

 Protocol status    : Disabled

 Protocol Std.      : IEEE 802.1s

 Version            : 3

 Bridge-Prio.       : 32768

 MAC address        : 000f-e200-8048

 Max age(s)         : 20

 Forward delay(s)   : 15

 Hello time(s)      : 2

 Max hops           : 20

 TC Snooping        : Disabled

# In PVST mode, display the spanning tree status and statistics when the spanning tree feature is disabled.

<Sysname> display stp

 Protocol status    : Disabled

 Protocol Std.      : IEEE 802.1w (pvst)

 Version            : 2

 Bridge-Prio.       : 32768

 MAC address        : 3822-d69f-0800

 Max age(s)         : 20

 Forward delay(s)   : 15

 Hello time(s)      : 2

 TC Snooping        : Disabled

Table 19 Command output

Field

Description

Bridge ID

Bridge ID, which contains the device's priority and its MAC address. For example, in output 32768.000f-e200-2200, the value preceding the dot is the device's priority. The value following the dot is the device's MAC address.

Bridge times

Major parameters for the bridge:

·         Hello—Hello timer.

·         MaxAgeMaximum age timer.

·         FwdDelay—Forward delay timer.

·         MaxHopsMaximum hops within the MST region.

Root ID/ERPC

CIST root ID and external path cost (the path cost from the device to the CIST root).

RegRoot ID/IRPC

CIST regional root ID and internal path cost (the path cost from the device to the CIST regional root).

VlanRoot ID/RPC

VLAN root ID and root path cost (the path cost from the device to the VLAN root bridge).

RootPort ID

Root port ID. The value 0.0 indicates that the device is the root and there is no root port.

BPDU-Protection

Global status of the BPDU guard feature.

Bridge Config-

Digest-Snooping

Global status of Digest Snooping.

TC or TCN received

Number of TC/TCN BPDUs received in the MSTI or VLAN.

Time since last TC

Time since the latest topology change in the MSTI or VLAN.

[FORWARDING]

The port is in forwarding state.

[DISCARDING]

The port is in discarding state.

[LEARNING]

The port is in learning state.

Port protocol

Status of the spanning tree feature on the port.

Port role

Port role:

·         Alternate.

·         Backup.

·         Root.

·         Designated.

·         Master.

·         Disabled.

(Boundary)

The port is a regional boundary port.

Port cost(Legacy)

Path cost of the port. The field in parentheses indicates the standard (legacy, dot1d-1998, or dot1t) used for port path cost calculation.

·         Config—Configured value.

·         Active—Actual value.

Desg.bridge/port

Designated bridge ID and port ID of the port.

The port ID displayed is insignificant for a port which does not support port priority.

Port edged

The port is an edge port or non-edge port.

·         Config—Configured value.

·         Active—Actual value.

Point-to-Point

The port is connected to a point-to-point link or not.

·         Config—Configured value.

·         Active—Actual value.

Transmit limit

Number of BPDUs sent within each hello time.

Protection type

Whether spanning tree protection is configured on the port:

·         Config—Configured spanning tree protection feature.

·         Active—Effective spanning tree protection feature.

Spanning tree protection features are as follows:

·         ROOT—Root guard.

·         LOOP—Loop guard.

·         BPDU—BPDU guard.

·         PVST BPDU—PVST BPDU guard.

If no spanning tree protection feature is configured or spanning tree protection is not triggered, this field displays NONE.

TC-Restriction

Status of TC transmission restriction on the port.

Role-Restriction

Status of port role restriction on the port.

MST BPDU format

Format of the MST BPDUs that the port can send:

·         Config—Configured value (legacy or 802.1s).

·         Active—Actual value (legacy or 802.1s).

Port Config-

Digest-Snooping

Status of Digest Snooping on the port.

Rapid transition

Indicates whether the port rapidly transits to the forwarding state in the MSTI or VLAN.

Num of VLANs mapped

Number of VLANs that are mapped to the MSTI.

Port times

Major parameters for the port:

·         Hello—Hello timer.

·         MaxAgeMaximum age timer.

·         FwdDelay—Forward delay timer.

·         MsgAge—Message age timer.

·         RemHops—Remaining hops.

BPDU sent

Statistics on sent BPDUs.

BPDU received

Statistics on received BPDUs.

RegRoot ID/IRPC

MSTI regional root/internal path cost.

Root Type

MSTI root type:

·         Primary root.

·         Secondary root.

Master bridge

MSTI root bridge ID.

Cost to master

Path cost from the MSTI to the master bridge.

TC received

Number of received TC BPDUs.

Protocol status

Spanning tree protocol status.

Protocol Std.

Spanning tree protocol standard.

Version

Spanning tree protocol version.

Bridge-Prio.

·         In MSTP mode: Device's priority in the CIST.

·         In PVST mode: Device's priority in VLAN 1.

Max age(s)

Aging timer for BPDUs (in seconds, which is the same as the aging timer for VLAN 1 in PVST mode).

Forward delay(s)

Port state transition delay (in seconds, which is the same as the port state transition delay for VLAN 1 in PVST mode).

Hello time(s)

Interval for the root bridge to send BPDUs (in seconds, which is the same as the interval for VLAN 1 in PVST mode).

Max hops

Maximum hops in the MSTI.

TC Snooping

Status of TC Snooping, which can be Enabled or Disabled.

 

Related commands

reset stp

display stp abnormal-port

Use display stp abnormal-port to display information about ports that are blocked by spanning tree protection features.

Syntax

display stp abnormal-port

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# In MSTP mode, display information about ports that are blocked by spanning tree protection features.

<Sysname> display stp abnormal-port

 MST ID      Blocked Port                 Reason

 1           GigabitEthernet1/0/1         Root-Protected

 2           GigabitEthernet1/0/2         Loop-Protected

 12          GigabitEthernet1/0/3         Loopback-Protected

# In PVST mode, display information about ports that are blocked by spanning tree protection features.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] display stp abnormal-port

 VLAN ID      Blocked Port                 Reason

 1            GigabitEthernet1/0/1         Root-Protected

 2            GigabitEthernet1/0/2         Loop-Protected

 2            GigabitEthernet1/0/3         Loopback-Protected

Table 20 Command output

Field

Description

MST ID

MSTI of the blocked port.

VLAN ID

VLAN of the blocked port.

Blocked Port

Name of a blocked port.

Reason

Reason that the port was blocked:

·         Root-Protected—Root guard feature.

·         Loop-Protected—Loop guard feature.

·         Loopback-Protected—Self-loop protection. A port in the MSTI receives a BPDU that it sends.

·         Disputed—Dispute protection. A port receives a low-priority BPDU from a non-blocked designated port.

·         InconsistentPortType-Protected—Inconsistent port type protection.

·         InconsistentPvid-Protected—Inconsistent PVID protection.

 

display stp bpdu-statistics

Use display stp bpdu-statistics to display the BPDU statistics for ports.

Syntax

display stp bpdu-statistics [ interface interface-type interface-number [ instance instance-list ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

Usage guidelines

In MSTP mode, the command output is sorted by port name and by MSTI ID on each port.

·          If you do not specify an MSTI or port, this command applies to all MSTIs on all ports.

·          If you specify a port but not an MSTI, this command applies to all MSTIs on the port.

·          If you specify both an MSTI ID and a port, this command applies to the specified MSTI on the port.

In STP, RSTP, or PVST mode, the command output is sorted by port name.

·          If you do not specify a port, this command applies to all ports.

·          If you specify a port, this command applies to the port.

Examples

# In MSTP mode, display the BPDU statistics for all MSTIs on GigabitEthernet 1/0/1.

<Sysname> display stp bpdu-statistics interface gigabitethernet 1/0/1

 Port: GigabitEthernet1/0/1

 

 Instance-Independent:

 

 Type                        Count      Last Updated

 --------------------------- ---------- -----------------

 Invalid BPDUs               0

 Looped-back BPDUs           0

 Max-aged BPDUs              0

 TCN sent                    0

 TCN received                0

 TCA sent                    0

 TCA received                2          10:33:12 01/13/2011

 Config sent                 0

 Config received             0

 RST sent                    0

 RST received                0

 MST sent                    4          10:33:11 01/13/2011

 MST received                151        10:37:43 01/13/2011

 

 Instance 0:

 Type                        Count      Last Updated

 --------------------------- ---------- -----------------

 Timeout BPDUs               0

 Max-hoped BPDUs             0

 TC detected                 1          10:32:40 01/13/2011

 TC sent                     3          10:33:11 01/13/2011

 TC received                 0

# In PVST mode, display the BPDU statistics for GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] display stp bpdu-statistics interface gigabitethernet 1/0/1

 Port: GigabitEthernet1/0/1

 

 Type                        Count      Last Updated

 --------------------------- ---------- -----------------

 Invalid BPDUs               0

 Looped-back BPDUs           0

 Max-aged BPDUs              0

 TCN sent                    0

 TCN received                0

 TCA sent                    0

 TCA received                2           10:33:12 01/13/2010

 Config sent                 0

 Config received             0

 RST sent                    0

 RST received                0

 MST sent                    4           10:33:11 01/13/2010

 MST received                151         10:37:43 01/13/2010

 Timeout BPDUs               0

 Max-hoped BPDUs             0

 TC detected                 511         10:32:40 01/13/2010

 TC sent                     8844        10:33:11 01/13/2010

 TC received                 1426        10:33:32 01/13/2010

 PVID inconsistency BPDUs    0

Table 21 Command output

Field

Description

Port

Port name.

Instance-Independent

Statistics not related to any particular MSTI.

Type

Statistical item.

Looped-back BPDUs

Number of BPDUs sent and then received by the same port.

Max-aged BPDUs

Number of BPDUs whose max age was exceeded.

TCN sent

Number of sent TCN BPDUs.

TCN received

Number of received TCN BPDUs.

TCA sent

Number of sent TCA BPDUs.

TCA received

Number of received TCA BPDUs.

Config sent

Number of sent configuration BPDUs.

Config received

Number of received configuration BPDUs.

RST sent

Number of sent RSTP BPDUs.

RST received

Number of received RSTP BPDUs.

MST sent

Number of sent MSTP BPDUs.

MST received

Number of received MSTP BPDUs.

Instance

Statistical information for a particular MSTI.

Timeout BPDUs

Number of expired BPDUs.

Max-hoped BPDUs

Number of BPDUs whose maximum hops were exceeded.

TC detected

Number of detected topology changes.

TC sent

Number of sent TC BPDUs.

TC received

Number of received TC BPDUs.

PVID inconsistency BPDUs

Number of received PVST BPDUs with a PVID inconsistent with the incoming port.

 

display stp down-port

Use display stp down-port to display information about ports that were shut down by spanning tree protection features.

Syntax

display stp down-port

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display information about ports that were shut down by spanning tree protection features.

<Sysname> display stp down-port

 Down Port                     Reason

 GigabitEthernet1/0/1          BPDU protection

Table 22 Command output

Field

Description

Down Port

Name of a port that was shut down by the spanning tree protection features.

Reason

Reason that the port was shut down:

·         BPDU protectionIndicates the BPDU guard feature.

·         PVST BPDU protectionIndicates the PVST BPDU guard feature.

 

display stp history

Use display stp history to display port role calculation history.

Syntax

display stp [ instance instance-list | vlan vlan-id-list ] history [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for all member devices.

Usage guidelines

In STP or RSTP mode, the command output is sorted by port role calculation time.

In PVST mode, the command output is sorted by VLAN ID and by port role calculation time in each VLAN.

·          If you do not specify a VLAN, this command applies to all VLANs.

·          If you specify a VLAN list, this command applies to the specified VLANs.

In MSTP mode, the command output is sorted by MSTI ID and by port role calculation time in each MSTI.

·          If you do not specify an MSTI, this command applies to all MSTIs.

·          If you specify an MSTI list, this command applies to the specified MSTIs.

Examples

# In MSTP mode, display the port role calculation history for IRF member device 1 in MSTI 2.

<Sysname> display stp instance 2 history slot 1

 --------------- STP slot 1 history trace ---------------

 -------------------  Instance 2   ---------------------

Port GigabitEthernet1/0/1

   Role change         : ROOT->DESI (Aged)

   Time                : 2009/02/08 00:22:56

   Port priority       : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.1

   Designated priority : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.1

 Port GigabitEthernet1/0/2

   Role change         : ALTER->ROOT

   Time                : 2009/02/08 00:22:56

   Port priority       : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.2

                         128.153

   Designated priority : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.2

                         128.153

# In PVST mode, display the port role calculation history for IRF member device 1 in VLAN 2.

<Sysname> display stp vlan 2 history slot 1

 --------------- STP slot 1 history trace ---------------

 -------------------  VLAN 2   ---------------------

 Port GigabitEthernet1/0/1

   Role change         : ROOT->DESI (Aged)

   Time                : 2009/02/08 00:22:56

   Port priority       : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.1

   Designated priority : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.1

 Port GigabitEthernet1/0/2

   Role change         : ALTER->ROOT

   Time                : 2009/02/08 00:22:56

   Port priority       : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.2

   Designated priority : 0.00e0-fc01-6510 0 0.00e0-fc01-6510 128.2

Table 23 Command output

Field

Description

Port

Port name.

Role change

Role change of the port (Aged means that the change was caused by expiration of the received configuration BPDU).

Time

Time of port role calculation.

 

display stp region-configuration

Use display stp region-configuration to display effective MST region configuration, including the following information:

·          Region name.

·          Revision level.

·          User-configured VLAN-to-instance mappings.

Syntax

display stp region-configuration

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# In MSTP mode, display effective MST region configuration.

<Sysname> display stp region-configuration

 Oper Configuration

   Format selector      : 0

   Region name          : hello

   Revision level       : 0

   Configuration digest : 0x5f762d9a46311effb7a488a3267fca9f

 

   Instance   VLANs Mapped

   0          21 to 4094

   1          1 to 10

   2          11 to 20

Table 24 Command output

Field

Description

Format selector

Format selector that is defined by the spanning tree protocol. The default value is 0, and the selector cannot be configured.

Region name

MST region name.

Revision level

Revision level of the MST region. The default value is 0, and the level can be configured by using the revision-level command.

VLANs Mapped

VLANs mapped to the MSTI.

 

Related commands

·          instance

·          region-name

·          revision-level

·          vlan-mapping modulo

display stp root

Use display stp root to display the root bridge information of spanning trees.

Syntax

display stp root

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# In MSTP mode, display the root bridge information of all spanning trees.

<Sysname> display stp root

 MST ID  Root Bridge ID        ExtPathCost IntPathCost Root Port

 0       0.00e0-fc0e-6554      200200      0           GigabitEthernet1/0/1

# In PVST mode, display the root bridge information of all spanning trees.

<Sysname> display stp root

 VLAN ID  Root Bridge ID        ExtPathCost IntPathCost Root Port

 1        0.00e0-fc0e-6554      200200      0           GigabitEthernet1/0/1

Table 25 Command output

Field

Description

ExtPathCost

External path cost. The device automatically calculates the default path cost of a port. Or, you can use the stp cost command to configure the path cost of a port.

IntPathCost

Internal path cost. The device automatically calculates the default path cost of a port. Or, you can use the stp cost command to configure the path cost of a port.

Root Port

Root port name (displayed only if a port of the device is the root port of MSTIs).

 

display stp tc

Use display stp tc to display the incoming and outgoing TC/TCN BPDU statistics for ports.

Syntax

display stp [ instance instance-list | vlan vlan-id-list ] tc [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays information for all member devices.

Usage guidelines

In STP or RSTP mode, the command output is sorted by port name.

In PVST mode, the command output is sorted by VLAN ID and by port name in each VLAN.

·          If you do not specify a VLAN, this command applies to all VLANs.

·          If you specify a VLAN list, this command applies to the specified VLANs.

In MSTP mode, the command output is sorted by MSTI ID and by port name in each MSTI.

·          If you do not specify an MSTI, this command applies to all MSTIs.

·          If you specify an MSTI list, this command applies to the specified MSTIs.

Examples

# In MSTP mode, display the incoming and outgoing TC/TCN BPDU statistics for all ports on IRF member device 1 in MSTI 0.

<Sysname> display stp instance 0 tc slot 1

 -------------- STP slot 1 TC or TCN count -------------

 MST ID      Port                       Receive      Send

 0           GigabitEthernet1/0/1       6            4

 0           GigabitEthernet1/0/2       0            2

# In PVST mode, display the incoming and outgoing TC/TCN BPDU statistics for all ports on slot 1 of IRF member device 1 in VLAN 2.

<Sysname> display stp vlan 2 tc chassis 1 slot 1

 --------- STP chassis 1 slot 1 TC or TCN count --------

 VLAN ID     Port                       Receive      Send

 2           GigabitEthernet1/0/1       6            4

 2           GigabitEthernet1/0/2       0            2

Table 26 Command output

Field

Description

Port

Port name.

Receive

Number of TC/TCN BPDUs received on each port.

Send

Number of TC/TCN BPDUs sent by each port.

 

instance

Use instance to map a list of VLANs to an MSTI.

Use undo instance to remap the specified VLAN or all VLANs to the CIST (MSTI 0).

Syntax

instance instance-id vlan vlan-id-list

undo instance instance-id [ vlan vlan-id-list ]

Default

All VLANs are mapped to the CIST.

Views

MST region view

Predefined user roles

network-admin

Parameters

instance-id: Specifies an MSTI ID in the range of 0 to 4094. A value of 0 represents the CIST. The value range for the instance-id argument is 1 to 4094 for the undo instance command.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1.

Usage guidelines

CAUTION

CAUTION:

Use caution with global Digest Snooping in the following situations:

·      When you modify the VLAN-to-instance mappings.

·      When you restore the default MST region configuration.

If the local device has different VLAN-to-instance mappings than its neighboring devices, loops or traffic interruption will occur.

 

If you specify no VLAN in the undo instance command, all VLANs mapped to the specified MSTI are remapped to the CIST.

You cannot map the same VLAN to different MSTIs. If you map a VLAN that has been mapped to an MSTI to a new MSTI, the old mapping is automatically removed.

You can configure VLAN-to-instance mapping for up to 65 MSTIs.

After configuring this command, run the active region-configuration command to activate the VLAN-to-instance mapping.

Examples

# Map VLAN 2 to MSTI 1.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] instance 1 vlan 2

Related commands

·          active region-configuration

·          check region-configuration

·          display stp region-configuration

region-name

Use region-name to configure the MST region name.

Use undo region-name to restore the default MST region name.

Syntax

region-name name

undo region-name

Default

The MST region name of a device is its MAC address.

Views

MST region view

Predefined user roles

network-admin

Parameters

name: Specifies the MST region name, a string of 1 to 32 characters.

Usage guidelines

The MST region name, the VLAN-to-instance mapping table, and the MSTP revision level of a device determine the device's MST region.

After configuring this command, run the active region-configuration command to activate the configured MST region name.

Examples

# Set the MST region name of the device to hello.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] region-name hello

Related commands

·          active region-configuration

·          check region-configuration

·          display stp region-configuration

·          instance

·          revision-level

·          vlan-mapping modulo

reset stp

Use reset stp to clear spanning tree statistics. The spanning tree statistics include the numbers of TCN BPDUs, configuration BPDUs, RST BPDUs, and MST BPDUs that are sent and received through the specified ports.

Syntax

reset stp [ interface interface-list ]

Views

User view

Predefined user roles

network-admin

Parameters

interface interface-list: Specifies a space-separated list of up to 10 interface items. Each item specifies an interface or a range of interfaces in the form of interface-type interface-number 1 [ to interface-type interface-number 2 ]. The interface number for interface-number 2 must be equal to or greater than the interface number for interface-number 1. If you do not specify this option, this command clears the spanning tree statistics on all ports.

Examples

# Clear the spanning tree statistics on ports GigabitEthernet 1/0/1 through GigabitEthernet 1/0/3.

<Sysname> reset stp interface gigabitethernet 1/0/1 to gigabitethernet 1/0/3

Related commands

display stp

revision-level

Use revision-level to configure the MSTP revision level.

Use undo revision-level to restore the default MSTP revision level.

Syntax

revision-level level

undo revision-level

Default

The MSTP revision level is 0.

Views

MST region view

Predefined user roles

network-admin

Parameters

level: Specifies an MSTP revision level in the range of 0 to 65535.

Usage guidelines

The MSTP revision level, the MST region name, and the VLAN-to-instance mapping table of a device determine the device's MST region.

After configuring this command, run the active region-configuration command to activate the configured MST region level.

Examples

# Set the MSTP revision level of the MST region to 5.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] revision-level 5

Related commands

·          active region-configuration

·          check region-configuration

·          display stp region-configuration

·          instance

·          region-name

·          vlan-mapping modulo

snmp-agent trap enable stp

Use snmp-agent trap enable stp to enable SNMP notifications for new-root election events or spanning tree topology changes.

Use undo snmp-agent trap enable stp to disable SNMP notifications for new-root election events or spanning tree topology changes.

Syntax

snmp-agent trap enable stp [ new-root | tc ]

undo snmp-agent trap enable stp [ new-root | tc ]

Default

SNMP notifications are disabled for new-root election events.

In PVST mode, SNMP notifications are disabled for spanning tree topology changes in all VLANs.

In MSTP mode, SNMP notifications are enabled in MSTI 0 and disabled in other MSTIs for spanning tree topology changes.

Views

System view

Predefined user roles

network-admin

Parameters

new-root: Enables the device to send SNMP notifications if the device is elected as a new root bridge. This keyword applies only to STP, MSTP, and RSTP modes.

tc: Enables the device to send SNMP notifications if the device receives TCN BPDUs. This keyword applies only to PVST mode.

Usage guidelines

If no keyword is specified, the snmp-agent trap enable stp command applies to SNMP notifications for different events as follows:

·          In STP, MSTP, and RSTP modes, the command applies to SNMP notifications for new-root election events.

·          In PVST mode, the command applies to SNMP notifications for spanning tree topology changes.

Examples

# Enable SNMP notifications for new-root election events.

<Sysname> system-view

[Sysname] snmp-agent trap enable stp new-root

stp bpdu-protection

Use stp bpdu-protection to enable the BPDU guard feature.

Use undo stp bpdu-protection to disable the BPDU guard feature.

Syntax

stp bpdu-protection

undo stp bpdu-protection

Default

The BPDU guard feature is disabled.

Views

System view

Predefined user roles

network-admin

Examples

# Enable the BPDU guard feature.

<Sysname> system-view

[Sysname] stp bpdu-protection

stp bridge-diameter

Use stp bridge-diameter to set the network diameter.

Use undo stp bridge-diameter to restore the default.

Syntax

stp [ vlan vlan-id-list ] bridge-diameter diameter

undo stp [ vlan vlan-id-list ] bridge-diameter

Default

The network diameter of the switched network is 7.

Views

System view

Predefined user roles

network-admin

Parameters

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094. If you set the STP, RSTP, or MSTP switched network diameter, do not specify this option.

diameter: Specifies the switched network diameter in the range of 2 to 7.

Usage guidelines

The switched network diameter refers to the maximum number of devices on the path for an edge device to reach another through the root bridge.

An appropriate setting of hello time, forward delay, and max age can speed up network convergence. The values of these timers are related to the network size, and you can set the timers by setting the network diameter. With the network diameter set to 7 (the default), the three timers are also set to their defaults.

In STP, RSTP, or MSTP mode, each MST region is considered as a device. The configured network diameter of the switched network takes effect only on the CIST (or the common root bridge).

In PVST mode, the configured network diameter takes effect only on the root bridges of the specified VLANs.

Examples

# In MSTP mode, set the network diameter of the switched network to 5.

<Sysname> system-view

[Sysname] stp bridge-diameter 5

# In PVST mode, set the network diameter of VLAN 2 in the switched network to 5.

<Sysname> system-view

[Sysname] stp vlan 2 bridge-diameter 5

Related commands

·          stp timer forward-delay

·          stp timer hello

·          stp timer max-age

stp compliance

Use stp compliance to configure the mode a port uses to recognize and send MSTP BPDUs.

Use undo stp compliance to restore the default.

Syntax

stp compliance { auto | dot1s | legacy }

undo stp compliance

Default

A port automatically recognizes the formats of received MSTP packets and determines the formats of MSTP packets to be sent based on the recognized formats.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

auto: Configures the port to recognize the MSTP BPDU format automatically and determine the format of MSTP BPDUs to send.

dot1s: Configures the port to receive and send only standard-format (802.1s-compliant) MSTP BPDUs.

legacy: Configures the port to receive and send only compatible-format MSTP BPDUs.

Usage guidelines

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Configure GigabitEthernet 1/0/1 to send only standard-format (802.1s) MSTP packets.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp compliance dot1s

stp config-digest-snooping

Use stp config-digest-snooping to enable Digest Snooping.

Use undo stp config-digest-snooping to disable Digest Snooping.

Syntax

stp config-digest-snooping

undo stp config-digest-snooping

Default

The feature is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

Enable this feature both globally and on ports connected to other vendors' devices. To minimize impact, enable the feature on all associated ports before you enable it globally.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable Digest Snooping on GigabitEthernet 1/0/1 and then globally.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp config-digest-snooping

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] stp global config-digest-snooping

Related commands

·          display stp

·          stp global config-digest-snooping

stp cost

Use stp cost to set the path cost of a port.

Use undo stp cost to restore the default.

Syntax

stp [ instance instance-list | vlan vlan-id-list ] cost cost

undo stp [ instance instance-list | vlan vlan-id-list ] cost

Default

The device automatically calculates the path costs of ports in each spanning tree based on the corresponding standard.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

cost: Specifies the path cost of the port, with an effective range that varies by path cost calculation standard that is used.

·          When the IEEE 802.1d-1998 standard is selected for path cost calculation, the value range for the cost argument is 1 to 65535.

·          When the IEEE 802.1t standard is selected for path cost calculation, the value range for the cost argument is 1 to 200000000.

·          When the private standard is selected for path cost calculation, the value range for the cost argument is 1 to 200000.

Usage guidelines

Path cost is an important factor in spanning tree calculation. Setting different path costs for a port in MSTIs allows VLAN traffic flows to be forwarded along different physical links. This results in VLAN-based load balancing.

The path cost setting of a port can affect the role selection of the port. When the path cost of a port is changed, the system calculates the role of the port and initiates a state transition.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, is takes effect only after the port leaves the aggregation group.

If you do not specify an MSTI or VLAN, this command sets the path cost of the port in the MSTP CIST or in the STP or RSTP spanning tree.

Examples

# In MSTP mode, set the path cost of port GigabitEthernet 1/0/3 in MSTI 2 to 200.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/3

[Sysname-GigabitEthernet1/0/3] stp instance 2 cost 200

# In PVST mode, set the path cost of port GigabitEthernet 1/0/3 in VLAN 2 to 200.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/3

[Sysname-GigabitEthernet1/0/3] stp vlan 2 cost 200

Related commands

·          display stp

·          stp pathcost-standard

stp edged-port

Use stp edged-port to configure a port as an edge port.

Use undo stp edged-port to configure a port as a non-edge port.

Syntax

stp edged-port

undo stp edged-port

Default

All ports are non-edge ports.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

A port directly connecting to a user terminal rather than another device or a shared LAN segment can be configured as an edge port. In case the network topology changes, an edge port does not cause a temporary loop. You can enable the port to transit to the forwarding state rapidly by configuring it as an edge port. H3C recommends that you configure ports that directly connect to user terminals as edge ports.

Typically, configuration BPDUs from other devices cannot reach an edge port, because the edge port does not connect to any other device. When BPDU guard is disabled, a port configured as an edge port functions as a non-edge port if it receives configuration BPDUs.

On a port, the loop guard feature and the edge port setting are mutually exclusive.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Configure GigabitEthernet 1/0/1 as an edge port.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp edged-port

Related commands

·          stp bpdu-protection

·          stp loop-protection

·          stp root-protection

stp enable

Use stp enable to enable the spanning tree feature.

Use undo stp enable to disable the spanning tree feature.

Syntax

stp enable

undo stp enable

Default

The spanning tree feature is enabled on all ports.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

When you enable the spanning tree feature, the device operates in STP, RSTP, PVST, or MSTP mode, depending on the spanning tree mode setting.

When you enable the spanning tree feature, the device dynamically maintains the spanning tree status of VLANs, based on received configuration BPDUs.

When you disable the spanning tree feature, the device stops maintaining the spanning tree status.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# In MSTP mode, disable the spanning tree feature on port GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] undo stp enable

Related commands

·          stp global enable

·          stp mode

·          stp vlan enable

stp global config-digest-snooping

Use stp global config-digest-snooping to enable Digest Snooping globally.

Use undo stp global config-digest-snooping to disable Digest Snooping globally.

Syntax

stp global config-digest-snooping

undo stp global config-digest-snooping

Default

The feature is disabled globally.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Enable this feature both globally and on ports connected to other vendors' devices. To minimize impact, enable the feature on all associated ports before you enable it globally.

Examples

# Enable Digest Snooping on GigabitEthernet 1/0/1 and then globally.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp config-digest-snooping

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] stp global config-digest-snooping

Related commands

·          display stp

·          stp config-digest-snooping

stp global enable

Use stp global enable to enable the spanning tree feature globally.

Use undo stp global enable to disable the spanning tree feature globally.

Syntax

stp global enable

undo stp global enable

Default

The spanning tree feature is globally disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

When you enable the spanning tree feature, the device operates in STP, RSTP, PVST, or MSTP mode, depending on the spanning tree mode setting.

When the spanning tree feature is enabled, the device dynamically maintains the spanning tree status of VLANs based on received configuration BPDUs. When the spanning tree feature is disabled, the device stops maintaining the spanning tree status.

Examples

# Enable the spanning tree feature globally.

<Sysname> system-view

[Sysname] stp global enable

Related commands

·          stp enable

·          stp mode

stp global mcheck

Use stp global mcheck to perform the mCheck operation globally.

Syntax

stp global mcheck

Views

System view

Predefined user roles

network-admin

Usage guidelines

When a port on an MSTP, RSTP, or PVST device connects to an STP device and receives STP BPDUs, the port automatically transits to the STP mode. However, the port cannot automatically transit back to the original mode when the following conditions exist:

·          The peer STP device is shut down or removed.

·          The port cannot detect the change.

In this case, you can perform an mCheck operation to forcibly transit the port to operate in the original mode.

The device operates in STP, RSTP, PVST, or MSTP mode, depending on the spanning tree mode setting.

The stp global mcheck command takes effect only when the device operates in MSTP, RSTP, or PVST mode.

Examples

# Perform mCheck globally.

<Sysname> system-view

[Sysname] stp global mcheck

Related commands

·          stp mcheck

·          stp mode

stp ignore-pvid-inconsistency

Use stp ignore-pvid-inconsistency to disable the inconsistent PVID protection feature.

Use undo stp ignore-pvid-inconsistency to restore the default.

Syntax

stp ignore-pvid-inconsistency

undo stp ignore-pvid-inconsistency

Default

The inconsistent PVID protection feature is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only when the device is operating in PVST mode.

Disabling inconsistent PVID protection might cause spanning tree calculation errors. To avoid such errors, make sure the following requirements are met:

·          Make sure the VLANs on one device do not use the same ID as the PVID of its peer port (except the default VLAN) on another device.

·          If the local port or its peer is a hybrid port, do not configure the local and peer ports as untagged members of the same VLAN.

·          Disable inconsistent PVID protection on both the local device and the peer device.

Examples

# In PVST mode, disable the inconsistent PVID protection feature.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] stp ignore-pvid-inconsistency

stp loop-protection

Use stp loop-protection to enable the loop guard feature on a port.

Use undo stp loop-protection to disable the loop guard feature on a port.

Syntax

stp loop-protection

undo stp loop-protection

Default

The loop guard feature is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

On a port, the loop guard feature is mutually exclusive with the root guard feature or the edge port setting.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable the loop guard feature on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp loop-protection

Related commands

·          stp edged-port

·          stp root-protection

stp max-hops

Use stp max-hops to set the maximum number of hops for an MST region.

Use undo stp max-hops to restore the default.

Syntax

stp max-hops hops

undo stp max-hops

Default

The maximum number of hops for an MST region is 20.

Views

System view

Predefined user roles

network-admin

Parameters

hops: Specifies the maximum hops in the range of 1 to 40.

Examples

# Set the maximum hops of the MST region to 35.

<Sysname> system-view

[Sysname] stp max-hops 35

Related commands

display stp

stp mcheck

Use stp mcheck to perform the mCheck operation on a port.

Syntax

stp mcheck

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

When a port on an MSTP, RSTP, or PVST device connects to an STP device and receives STP BPDUs, the port automatically transits to the STP mode. However, the port cannot automatically transit back to the original mode when the following conditions exist:

·          The peer STP device is shut down or removed.

·          The port cannot detect the change.

In this case, you can perform an mCheck operation to forcibly transit the port to operation in the original mode.

For example, Device A, Device B, and Device C are connected in sequence. Device A runs STP, Device B does not run any spanning tree protocol, and Device C runs RSTP, MSTP, or PVST. When Device C receives an STP BPDU transparently transmitted by Device B, the receiving port transits to the STP mode. If you configure Device B to run RSTP, MSTP, or PVST with Device C, perform mCheck operations on the ports that connect Device B and Device C.

The device operates in STP, RSTP, PVST, or MSTP mode, depending on the spanning tree mode setting.

The stp mcheck command takes effect only when the device operates in MSTP, RSTP, or PVST mode.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Perform mCheck on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp mcheck

Related commands

·          stp global mcheck

·          stp mode

stp mode

Use stp mode to configure the spanning tree operating mode.

Use undo stp mode to restore the default.

Syntax

stp mode { mstp | pvst | rstp | stp }

undo stp mode

Default

A spanning tree device operates in MSTP mode.

Views

System view

Predefined user roles

network-admin

Parameters

mstp: Configures the spanning tree device to operate in MSTP mode.

pvst: Configures the spanning tree device to operate in PVST mode.

rstp: Configures the spanning tree device to operate in RSTP mode.

stp: Configures the spanning tree device to operate in STP mode.

Usage guidelines

The MSTP mode is compatible with the RSTP mode, and the RSTP mode is compatible with the STP mode.

The PVST mode's compatibility with other modes is as follows:

·          Access portThe PVST mode is compatible with other modes in any VLAN.

·          Trunk or hybrid portThe PVST mode is compatible with other modes only in the default VLAN.

Examples

# Configure the spanning tree device to operate in STP mode.

<Sysname> system-view

[Sysname] stp mode stp

Related commands

·          stp enable

·          stp global enable

·          stp global mcheck

·          stp mcheck

·          stp vlan enable.

stp no-agreement-check

Use stp no-agreement-check to enable No Agreement Check on a port.

Use undo stp no-agreement-check to disable No Agreement Check on a port.

Syntax

stp no-agreement-check

undo stp no-agreement-check

Default

No Agreement Check is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only after you enable it on the root port.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable No Agreement Check on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp no-agreement-check

stp pathcost-standard

Use stp pathcost-standard to specify a standard for the device to use when calculating the default path costs for ports.

Use undo stp pathcost-standard to restore the default.

Syntax

stp pathcost-standard { dot1d-1998 | dot1t | legacy }

undo stp pathcost-standard

Default

The device uses dot1t when it calculates the default path costs of its ports.

Views

System view

Predefined user roles

network-admin

Parameters

dot1d-1998: Configures the device to calculate the default path cost for ports based on IEEE 802.1d-1998.

dot1t: Configures the device to calculate the default path cost for ports based on IEEE 802.1t.

legacy: Configures the device to calculate the default path cost for ports based on a private standard.

Usage guidelines

If you change the standard that the device uses in calculating the default path costs, you restore the path costs to the default.

Examples

# Configure the device to calculate the default path cost for ports based on IEEE 802.1d-1998.

<Sysname> system-view

[Sysname] stp pathcost-standard dot1d-1998

Related commands

·          display stp

·          stp cost

stp point-to-point

Use stp point-to-point to configure the link type of a port.

Use undo stp point-to-point to restore the default.

Syntax

stp point-to-point { auto | force-false | force-true }

undo stp point-to-point

Default

The default setting is auto, and the spanning tree device automatically detects whether a port connects to a point-to-point link.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

auto: Specifies automatic detection of the link type.

force-false: Specifies the non-point-to-point link type.

force-true: Specifies the point-to-point link type.

Usage guidelines

When connecting to a non-point-to-point link, a port is incapable of rapid state transition.

You can configure the link type as point-to-point for a Layer 2 aggregate interface or a port that operates in full duplex mode. H3C recommends that you use the default setting, which lets the device automatically detect the port link type.

The stp point-to-point force-false or stp point-to-point force-true command configured on a port in MSTP mode takes effect on all MSTIs or VLANs.

If you configure a non-point-to-point link as a point-to-point link, a temporary loop might occur.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Configure the link that connects GigabitEthernet 1/0/3 as a point-to-point link.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/3

[Sysname-GigabitEthernet1/0/3] stp point-to-point force-true

Related commands

display stp

stp port priority

Use stp port priority to set the priority of a port. The port priority affects the role of a port in a spanning tree.

Use undo stp port priority to restore the default.

Syntax

stp [ instance instance-list | vlan vlan-id-list ] port priority priority

undo stp [ instance instance-list | vlan vlan-id-list ] port priority

Default

The port priority is 128.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

priority: Specifies the port priority in the range of 0 to 240 in increments of 16 (as in 0, 16, 32).

Usage guidelines

The smaller the value, the higher the port priority. If all ports on your device use the same priority value, the port priority depends on the port index. The smaller the index, the higher the priority.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

If you do not specify an MSTI or VLAN, this command configures the priority of the ports in the MSTP CIST or in the STP or RSTP spanning tree.

Examples

# In MSTP mode, set the priority of port GigabitEthernet 1/0/3 to 16 in MSTI 2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/3

[Sysname-GigabitEthernet1/0/3] stp instance 2 port priority 16

# In PVST mode, set the priority of port GigabitEthernet 1/0/3 to 16 in VLAN 2.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/3

[Sysname-GigabitEthernet1/0/3] stp vlan 2 port priority 16

Related commands

display stp

stp port-log

Use stp port-log to enable outputting port state transition information.

Use undo stp port-log to disable outputting port state transition information.

Syntax

stp port-log { all | instance instance-list | vlan vlan-id-list }

undo stp port-log { all | instance instance-list | vlan vlan-id-list }

Default

This feature is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

all: Specifies all MSTIs or VLANs.

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

Examples

# In MSTP mode, enable outputting port state transition information for MSTI 2.

<Sysname> system-view

[Sysname] stp port-log instance 2

%Aug 16 00:49:41:856 2011 Sysname STP/3/STP_DISCARDING: Instance 2's port GigabitEthernet1/0/1 has been set to discarding state.

%Aug 16 00:49:41:856 2011 Sysname STP/3/STP_FORWARDING: Instance 2's port GigabitEthernet1/0/2 has been set to forwarding state.

The output shows that GigabitEthernet 1/0/1 in MSTI 2 transited to the discarding state and GigabitEthernet 1/0/2 in MSTI 2 transited to the forwarding state.

# In PVST mode, enable outputting port state transition information for VLAN 1 through VLAN 4094.

<Sysname> system-view

[Sysname] stp port-log vlan 1 to 4094

%Aug 16 00:49:41:856 2006 Sysname STP/3/STP_DISCARDING: VLAN 2's GigabitEthernet1/0/1 has been set to discarding state.

%Aug 16 00:49:41:856 2006 Sysname STP/3/STP_FORWARDING: VLAN 2's GigabitEthernet1/0/2 has been set to forwarding state.

The output shows that GigabitEthernet 1/0/1 in VLAN 2 transited to the discarding state and GigabitEthernet 1/0/2 in VLAN 2 transited to the forwarding state.

stp priority

Use stp priority to set the priority of the device.

Use undo stp priority to restore the default priority.

Syntax

stp [ instance instance-list | vlan vlan-id-list ] priority priority

undo stp [ instance instance-list | vlan vlan-id-list ] priority

Default

The device priority is 32768.

Views

System view

Predefined user roles

network-admin

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

priority: Specifies the device priority in the range of 0 to 61440 in increments of 4096 (as in 0, 4096, 8192). You can set up to 16 priority values on the device. The smaller the value, the higher the device priority.

Usage guidelines

If you do not specify an MSTI or VLAN, this command configures the priority of the device in the MSTP CIST or in the STP or RSTP spanning tree.

Examples

# In MSTP mode, set the device priority to 4096 in MSTI 1.

<Sysname> system-view

[Sysname] stp instance 1 priority 4096

# In PVST mode, set the device priority to 4096 in VLAN 1.

<Sysname> system-view

[Sysname] stp vlan 1 priority 4096

stp pvst-bpdu-protection

Use stp pvst-bpdu-protection to enable the PVST BPDU guard feature.

Use undo stp pvst-bpdu-protection to restore the default.

Syntax

stp pvst-bpdu-protection

undo stp pvst-bpdu-protection

Default

The PVST BPDU guard feature is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

PVST BPDU guard enables an MSTP-enabled device to shut down a port if the port receives PVST BPDUs. The shutdown port is brought up after a detection timer expires. To set the detection timer, use the shutdown-interval command.

Examples

# In MSTP mode, enable PVST BPDU guard.

<Sysname> system-view

[Sysname] stp pvst-bpdu-protection

Related commands

shutdown-interval (For more information, see Fundamentals Command Reference.)

stp region-configuration

Use stp region-configuration to enter MST region view.

Use undo stp region-configuration to restore the default MST region configurations.

Syntax

stp region-configuration

undo stp region-configuration

Default

The default settings for the MST region are as follows:

·          The MST region name of the device is the MAC address of the device.

·          All VLANs are mapped to the CIST.

·          The MSTP revision level is 0.

Views

System view

Predefined user roles

network-admin

Usage guidelines

After you enter MST region view, you can configure MST region parameters, including the region name, VLAN-to-instance mappings, and revision level.

Examples

# Enter MST region view.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region]

stp role-restriction

Use stp role-restriction to enable port role restriction.

Use undo stp role-restriction to disable port role restriction.

Syntax

stp role-restriction

undo stp role-restriction

Default

Port role restriction is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

When port role restriction is enabled on a port, the port cannot become a root port.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable port role restriction on interface GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp role-restriction

stp root primary

Use stp root primary to configure the device as the root bridge.

Use undo stp root to restore the default.

Syntax

stp [ instance instance-list | vlan vlan-id-list ] root primary

undo stp [ instance instance-list | vlan vlan-id-list ] root

Default

A device is not a root bridge.

Views

System view

Predefined user roles

network-admin

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

Usage guidelines

Once you specify the device as the root bridge, you cannot change the priority of the device.

If you do not specify an MSTI or VLAN, this command configures the device as the root bridge of the MSTP CIST or of the STP or RSTP spanning tree.

Examples

# In MSTP mode, specify the device as the root bridge of MSTI 1.

<Sysname> system-view

[Sysname] stp instance 1 root primary

# In PVST mode, specify the device as the root bridge of VLAN 1.

<Sysname> system-view

[Sysname] stp vlan 1 root primary

Related commands

·          stp priority

·          stp root secondary

stp root secondary

Use stp root secondary to configure the device as a secondary root bridge.

Use undo stp root to restore the default.

Syntax

stp [ instance instance-list | vlan vlan-id-list ] root secondary

undo stp [ instance instance-list | vlan vlan-id-list ] root

Default

A device is not a secondary root bridge.

Views

System view

Predefined user roles

network-admin

Parameters

instance instance-list: Specifies a space-separated list of up to 10 MSTI items. Each item specifies an MSTI or a range of MSTIs in the form of instance-id1 [ to instance-id2 ]. The value for instance-id2 must be equal to or greater than the value for instance-id1. The value range for the instance-id argument is 0 to 4094, and the value 0 represents the CIST.

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094.

Usage guidelines

Once you specify the device as a secondary root bridge, you cannot change the priority of the device.

If you do not specify an MSTI or VLAN, this command configures a secondary root bridge for the MSTP CIST or the STP or RSTP spanning tree.

Examples

# In MSTP mode, specify the device as a secondary root bridge in MSTI 1.

<Sysname> system-view

[Sysname] stp instance 1 root secondary

# In PVST mode, specify the device as a secondary root bridge in VLAN 1.

<Sysname> system-view

[Sysname] stp vlan 1 root secondary

Related commands

·          stp priority

·          stp root primary

stp root-protection

Use stp root-protection to enable the root guard feature on a port.

Use undo stp root-protection to disable the root guard feature on a port.

Syntax

stp root-protection

undo stp root-protection

Default

The root guard feature is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

On a port, the loop guard feature and the root guard feature are mutually exclusive.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable the root guard feature for GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp root-protection

Related commands

·          stp edged-port

·          stp loop-protection

stp tc-protection

Use stp tc-protection to enable the TC-BPDU attack guard feature for the device.

Use undo stp tc-protection to disable the TC-BPDU attack guard feature for the device.

Syntax

stp tc-protection

undo stp tc-protection

Default

The TC-BPDU attack guard feature is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

With TC-BPDU guard, you can set the maximum number of immediate forwarding address entry flushes that the device can perform every 10 seconds. For TC-BPDUs received that exceed the limit, the device performs a forwarding address entry flush when the interval elapses. This prevents frequent flushing of forwarding address entries.

Examples

# Disable the TC-BPDU attack guard feature for the device.

<Sysname> system-view

[Sysname] undo stp tc-protection

Related commands

stp tc-protection threshold

stp tc-protection threshold

Use stp tc-protection threshold to set the maximum number of forwarding address entry flushes that the device can perform every 10 seconds.

Use undo stp tc-protection threshold to restore the default.

Syntax

stp tc-protection threshold number

undo stp tc-protection threshold

Default

By default, the device can perform a maximum of six forwarding address entry flushes every 10 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

number: Specifies the maximum number of immediate forwarding address entry flushes that the device can perform every 10 seconds. The value is in the range of 1 to 255.

Examples

# Configure the device to perform up to 10 forwarding address entry flushes every 10 seconds.

<Sysname> system-view

[Sysname] stp tc-protection threshold 10

Related commands

stp tc-protection

stp tc-restriction

Use stp tc-restriction to enable TC-BPDU transmission restriction.

Use undo stp tc-restriction to disable TC-BPDU transmission restriction.

Syntax

stp tc-restriction

undo stp tc-restriction

Default

TC-BPDU transmission restriction is disabled.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

When TC-BPDU transmission restriction is enabled on a port, the port does not send TC-BPDUs to other ports. It also does not delete MAC address entries.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Enable TC-BPDU transmission restriction on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp tc-restriction

stp tc-snooping

Use stp tc-snooping to enable TC Snooping.

Use undo stp tc-snooping to disable TC Snooping.

Syntax

stp tc-snooping

undo stp tc-snooping

Default

TC Snooping is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

TC Snooping and the spanning tree feature are mutually exclusive. You must globally disable the spanning tree feature before enabling TC Snooping.

Examples

# Globally disable the spanning tree feature and enable TC Snooping.

<Sysname> system-view

[Sysname] undo stp global enable

[Sysname] stp tc-snooping

Related commands

stp global enable

stp timer forward-delay

Use stp timer forward-delay to set the forward delay timer.

Use undo stp timer forward-delay to restore the default.

Syntax

stp [ vlan vlan-id-list ] timer forward-delay time

undo stp [ vlan vlan-id-list ] timer forward-delay

Default

The forward delay timer is 1500 centiseconds.

Views

System view

Predefined user roles

network-admin

Parameters

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094. If you set the STP, RSTP, or MSTP forward delay, do not specify this option.

time: Specifies the forward delay in centiseconds, in the range of 400 to 3000 in increments of 100 (as in 400, 500, 600).

Usage guidelines

The forward delay timer determines the time interval of state transition. To prevent temporary loops, a spanning tree port goes through the learning (intermediate) state before it transits from the discarding state to the forwarding state. To stay synchronized with the remote device, the port has a wait period that is determined by the forward delay timer between transition states.

H3C recommends not setting the forward delay with this command. Instead, you can specify the network diameter of the switched network by using the stp bridge-diameter command. This command makes the spanning tree protocols automatically calculate the optimal settings for the forward delay timer. If the network diameter uses the default value, the forward delay timer also uses the default value.

Examples

# In MSTP mode, set the forward delay timer to 2000 centiseconds.

<Sysname> system-view

[Sysname] stp timer forward-delay 2000

# In PVST mode, set the forward delay timer for VLAN 2 to 2000 centiseconds.

<Sysname> system-view

[Sysname] stp vlan 2 timer forward-delay 2000

Related commands

·          stp bridge-diameter

·          stp timer hello

·          stp timer max-age

stp timer hello

Use stp timer hello to set the hello time.

Use undo stp timer hello to restore the default.

Syntax

stp [ vlan vlan-id-list ] timer hello time

undo stp [ vlan vlan-id-list ] timer hello

Default

The hello time is 200 centiseconds.

Views

System view

Predefined user roles

network-admin

Parameters

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094. If you set the STP, RSTP, or MSTP hello time, do not specify this option.

time: Specifies the hello time in centiseconds, in the range of 100 to 1000 in increments of 100 (as in 100, 200, 300).

Usage guidelines

Hello time is the interval at which spanning tree devices send configuration BPDUs to maintain the spanning tree. If a device fails to receive configuration BPDUs within the set period of time, a new spanning tree calculation process is triggered.

H3C recommends not setting the hello time with this command. Instead, you can specify the network diameter of the switched network by using the stp bridge-diameter command. This command makes the spanning tree protocols automatically calculate the optimal settings for the hello timer. If the network diameter uses the default value, the hello timer also uses the default value.

Examples

# In MSTP mode, set the hello time to 400 centiseconds.

<Sysname> system-view

[Sysname] stp timer hello 400

# In PVST mode, set the hello time for VLAN 2 to 400 centiseconds.

<Sysname> system-view

[Sysname] stp vlan 2 timer hello 400

Related commands

·          stp bridge-diameter

·          stp timer forward-delay

·          stp timer max-age

stp timer max-age

Use stp timer max-age to set the max age timer.

Use undo stp timer max-age to restore the default.

Syntax

stp [ vlan vlan-id-list ] timer max-age time

undo stp [ vlan vlan-id-list ] timer max-age

Default

The max age is 2000 centiseconds.

Views

System view

Predefined user roles

network-admin

Parameters

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094. If you set the STP, RSTP, or MSTP max age, do not specify this option.

time: Specifies the max age in centiseconds, in the range of 600 to 4000 in increments of 100 (as in 600, 700, 800).

Usage guidelines

In the CIST of an MSTP network, the device determines whether a configuration BPDU received on a port has expired based on the max age timer. If the configuration BPDU has expired, a new spanning tree calculation process starts. The max age timer takes effect only on the CIST (or MSTI 0).

H3C recommends not setting the max age timer with this command. Instead, you can specify the network diameter of the switched network by using the stp bridge-diameter command. This command makes the spanning tree protocols automatically calculate the optimal settings for the max age timer. If the network diameter uses the default value, the max age timer also uses the default value.

Examples

# In MSTP mode, set the max age timer to 1000 centiseconds.

<Sysname> system-view

[Sysname] stp timer max-age 1000

# In PVST mode, set the max age timer for VLAN 2 to 1000 centiseconds.

<Sysname> system-view

[Sysname] stp vlan 2 timer max-age 1000

Related commands

·          stp bridge-diameter

·          stp timer forward-delay

·          stp timer hello

stp timer-factor

Use stp timer-factor to configure the timeout period by setting the timeout factor.

Timeout period = timeout factor × 3 × hello time.

Use undo stp timer-factor to restore the default.

Syntax

stp timer-factor factor

undo stp timer-factor

Default

The timeout factor of a device is set to 3.

Views

System view

Predefined user roles

network-admin

Parameters

factor: Specifies the timeout factor in the range of 1 to 20.

Usage guidelines

In a stable network, each non-root-bridge forwards configuration BPDUs to surrounding devices at the interval of hello time to determine whether any link fails. If a device does not receive a BPDU from the upstream device within nine times of the hello time, it assumes that the upstream device has failed. Then it will start a new spanning tree calculation process.

In a stable network, this type of spanning tree calculation might occur because the upstream device is busy. You can avoid such unwanted spanning tree calculations by lengthening the timeout period to save network resources. H3C recommends that you set the timeout factor to 5, 6, or 7 for a stable network.

Examples

# Set the timeout factor of the device to 7.

<Sysname> system-view

[Sysname] stp timer-factor 7

Related commands

stp timer hello

stp transmit-limit

Use stp transmit-limit to set the BPDU transmission rate of a port.

Use undo stp transmit-limit to restore the default.

Syntax

stp transmit-limit limit

undo stp transmit-limit

Default

The BPDU transmission rate of all ports is 10. Each port can send 10 BPDUs within each hello time.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Parameters

limit: Specifies the BPDU transmission rate in the range of 1 to 255.

Usage guidelines

The maximum number of BPDUs a port can send within each hello time equals the BPDU transmission rate plus the hello timer value.

A larger BPDU transmission rate value requires more system resources. An appropriate BPDU transmission rate setting can prevent spanning tree protocols from using excessive bandwidth resources during network topology changes. H3C recommends that you use the default value.

When the setting is configured in Layer 2 Ethernet interface view, it takes effect only on that interface.

When the setting is configured in Layer 2 aggregate interface view, it takes effect only on the aggregate interface.

When the setting is configured on a member port in an aggregation group, it takes effect only after the port leaves the aggregation group.

Examples

# Set the BPDU transmission rate of port GigabitEthernet 1/0/1 to 5.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] stp transmit-limit 5

stp vlan enable

Use stp vlan enable to enable the spanning tree feature for VLANs.

Use undo stp enable to disable the spanning tree feature for VLANs.

Syntax

stp vlan vlan-id-list enable

undo stp vlan vlan-id-list enable

Default

The spanning tree feature is enabled in VLANs.

Views

System view

Predefined user roles

network-admin

Parameters

vlan vlan-id-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN or a range of VLANs in the form of vlan-id1 [ to vlan-id2 ]. The value for vlan-id2 must be equal to or greater than the value for vlan-id1. The value range for the vlan-id argument is 1 to 4094. If you do not specify this option, this command globally enables or disables the spanning tree feature (VLANs are not included).

Usage guidelines

When you enable the spanning tree feature, the device operates in STP, RSTP, PVST, or MSTP mode, depending on the spanning tree mode setting.

When you enable the spanning tree feature, the device dynamically maintains the spanning tree status of VLANs, based on received configuration BPDUs. When you disable the spanning tree feature, the device stops maintaining the spanning tree status.

Examples

# In PVST mode, globally enable the spanning tree feature and then enable the spanning tree feature for VLAN 2.

<Sysname> system-view

[Sysname] stp mode pvst

[Sysname] stp global enable

[Sysname] stp vlan 2 enable

Related commands

·          stp enable

·          stp global enable

·          stp mode

vlan-mapping modulo

Use vlan-mapping modulo to map VLANs in an MST region to MSTIs according to the specified modulo value and quickly create a VLAN-to-instance mapping table.

Syntax

vlan-mapping modulo modulo

Default

All VLANs are mapped to the CIST (MSTI 0).

Views

MST region view

Predefined user roles

network-admin

Parameters

modulo: Specifies the modulo value. The value range for the modulo argument is 1 to 64.

Usage guidelines

You cannot map a VLAN to different MSTIs. If you map a VLAN that has been mapped to an MSTI to a new MSTI, the old mapping is automatically removed.

This command maps each VLAN to the MSTI with ID (VLAN ID – 1) % modulo + 1. (VLAN ID – 1) % modulo is the modulo operation for (VLAN ID – 1). If the modulo value is 15, then VLAN 1 is mapped to MSTI 1, VLAN 2 to MSTI 2, …, VLAN 15 to MSTI 15, VLAN 16 to MSTI 16, and so on.

Examples

# Map VLANs to MSTIs as per modulo 8.

<Sysname> system-view

[Sysname] stp region-configuration

[Sysname-mst-region] vlan-mapping modulo 8

Related commands

·          active region-configuration

·          check region-configuration

·          display stp region-configuration

·          region-name

·          revision-level

 


LLDP commands

Support for interfaces of different types varies by device model. For more information, see Ethernet interface configuration in Interface Configuration Guide.

display lldp local-information

Use display lldp local-information to display local LLDP information, which will be contained in the advertisable LLDP TLVs and sent to neighboring devices.

Syntax

display lldp local-information [ global | interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

global: Displays the global local LLDP information.

interface interface-type interface-number: Specifies a port by its type and number.

Usage guidelines

If you do not specify any keywords or arguments, the command displays all local LLDP information, which includes the following:

·          The global LLDP information.

·          The LLDP information about the LLDP-enabled ports in up state.

Examples

# Display all local LLDP information.

<Sysname> display lldp local-information

Global LLDP local-information:                                                 

 Chassis ID          : 70f9-6d81-1327                                          

 System name         : Sysname

 System description  : H3C Comware Platform Software, Software Version 7.1.064,

                       ESS 5108                                                

                       H3C WX5510E                                             

                       Copyright (c) 2004-2015 New H3C Technologies Co., Ltd. All

                       rights reserved.                                                

 System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge

 System capabilities enabled   : Bridge, Router, Customer Bridge               

                                                                                

 MED information:                                                              

 Device class               : Connectivity device                              

 MED inventory information of master board:                                    

 HardwareRev                : Ver.c                                            

 FirmwareRev                : 3.00                                             

 SoftwareRev                : 7.1.064                                          

 SerialNum                  : 210235A0Y2f080840111                             

 Manufacturer name          : H3C                                               

 Model name                 : WX5510E                                         

 Asset tracking identifier  : Unknown                                          

                                                                               

LLDP local-information of port 1[GigabitEthernet1/0/1]:                         

 Port ID type        : Interface name                                          

 Port ID             : GigabitEthernet1/0/1                                    

 Port description    : GigabitEthernet1/0/1 Interface                           

 LLDP agent nearest-bridge management address:                                 

 Management address type           : IPv4                                      

 Management address                : 110.0.0.30                                

 Management address interface type : IfIndex                                   

 Management address interface ID   : 198                                       

 Management address OID            : 0                                         

 LLDP agent nearest-nontpmr management address:                                

 Management address type           : IPv4                                      

 Management address                : 110.0.0.30                                

 Management address interface type : IfIndex                                   

 Management address interface ID   : 198                                       

 Management address OID            : 0                                         

 LLDP agent nearest-customer management address:                               

 Management address type           : IPv4                                      

 Management address                : 110.0.0.30                                

 Management address interface type : IfIndex                                   

 Management address interface ID   : 198                                       

 Management address OID            : 0                                         

 DCBX Control info:                                                             

  Oper version       : Standard                                                

 DCBX PFC info:                                                                

  P0-0     P1-0     P2-0     P3-0     P4-0     P5-0     P6-0     P7-0          

  Number of traffic classes supported: 8                                       

  Value of MBC: 0                                                              

 Port VLAN ID(PVID)  : 1                                                        

 Port and protocol VLAN ID(PPVID)  : 0                                         

 Port and protocol VLAN supported  : No                                        

 Port and protocol VLAN enabled    : No                                         

 VLAN name of VLAN 1        : VLAN 0001                                        

 Management VLAN ID  : 0                                                       

 Link aggregation supported : Yes                                              

 Link aggregation enabled   : Yes                                              

 Aggregation port ID        : 1                                                

 Auto-negotiation supported : Yes                                              

 Auto-negotiation enabled   : No                                               

 OperMau                    : Speed(1000)/Duplex(Full)                         

 Power port class           : PD                                               

 PSE power supported        : No                                                

 PSE power enabled          : No                                               

 PSE pairs control ability  : No                                               

 Power pairs                : Signal                                           

 Port power classification  : Class 0                                          

 Maximum frame size         : 4096                                             

 Transmit Tw                : 0 us                                             

 Receive Tw                 : 0 us                                             

 Fallback Tw                : 0 us                                             

 Echo Transmit Tw           : 0 us                                             

 Echo Receive Tw            : 0 us                                             

 PoE PSE power source       : Unknown                                          

 Port PSE priority          : Unknown                                           

 Port available power value : 0.0 w                                             

                                                                                

LLDP local-information of port 4[Bridge-Aggregation1]:                         

 Port ID type        : Interface name                                          

 Port ID             : Bridge-Aggregation1                                     

 Port description    : Bridge-Aggregation1 Interface                           

 LLDP agent nearest-nontpmr management address:                                

 Management address type           : IPv4                                      

 Management address                : 110.0.0.30                                

 Management address interface type : IfIndex                                   

 Management address interface ID   : 198                                       

 Management address OID            : 0                                          

 LLDP agent nearest-customer management address:                               

 Management address type           : IPv4                                      

 Management address                : 110.0.0.30                                 

 Management address interface type : IfIndex                                   

 Management address interface ID   : 198                                       

 Management address OID            : 0                                         

 Port VLAN ID(PVID)  : 1                                                       

 Port and protocol VLAN ID(PPVID)  : 0                                         

 Port and protocol VLAN supported  : No                                        

 Port and protocol VLAN enabled    : No                                        

 VLAN name of VLAN 1        : VLAN 0001                                        

 Management VLAN ID  : 0 

 Link aggregation supported : Yes                                              

 Link aggregation enabled   : No                                               

 Aggregation port ID        : 0                                                

 Auto-negotiation supported : Yes                                              

 Auto-negotiation enabled   : Yes                                              

 OperMau                    : Speed(1000)/Duplex(Full)                        

 Power port class           : PSE                                             

 PSE power supported        : Yes                                             

 PSE power enabled          : No                                              

 PSE pairs control ability  : No                                               

 Power pairs                : Signal                                          

 Port power classification  : Class 0                                         

 Power type                 : Type 2 PSE                                       

 Power source               : Primary                                         

 Power priority             : Low                                             

 PD requested power value   : 0.0 w                                            

 PSE allocated power value  : 29.5 w                                          

 Maximum frame size         : 4000                                            

 Transmit Tw                : 0 us                                            

 Receive Tw                 : 0 us                                            

 Fallback Tw                : 0 us                                            

 Echo Transmit Tw           : 0 us                                            

 Echo Receive Tw            : 0 us                                            

 PoE PSE power source       : Primary                                         

 Port PSE priority          : Low                                             

 Port available power value : 36.0 w                                          

Table 27 Command output

Field

Description

Chassis ID

Bridge MAC address of the device.

System capabilities supported

Supported capabilities:

·         Bridge—Switching is supported.

·         Router—Routing is supported.

·         WlanAccessPointThe local device can act as a wireless AP.

·         Repeater—Signal repeating is supported.

·         TelephoneThe local device can act as a telephone.

·         DocsisCableDeviceThe local device can act as a DOCSIS-compliant cable device.

·         StationOnlyThe local device can act as a station only.

·         Customer BridgeThe customer bridge feature is supported.

·         Service BridgeThe service bridge feature is supported.

·         TPMRThe TPMR feature is supported.

·         OtherFeatures other than those listed above are supported.

System capabilities enabled

Enabled capabilities:

·         Bridge—Switching is enabled.

·         Router—Routing is enabled.

·         WlanAccessPointThe local device is acting as a wireless AP.

·         Repeater—Signal repeating is enabled.

·         TelephoneThe local device is acting as a telephone.

·         DocsisCableDeviceThe local device is acting as a DOCSIS-compliant cable device.

·         StationOnlyThe local device is acting as a station only.

·         Customer BridgeThe customer bridge feature is enabled.

·         Service BridgeThe service bridge feature is enabled.

·         TPMRThe TPMR feature is enabled.

·         OtherFeatures other than those listed above are enabled.

Device class

MED device class:

·         Connectivity device—Network device.

·         Class I—Normal terminal device. It requires the basic LLDP discovery services.

·         Class II—Media terminal device. It supports media streams, and can also act as a normal terminal device.

·         Class III—Communication terminal device. It supports the IP communication systems of end users, and can also act as a normal terminal device or media terminal device.

HardwareRev

Hardware version.

FirmwareRev

Firmware version.

SoftwareRev

Software version.

SerialNum

Serial number.

Manufacturer name

Device manufacturer.

Model name

Device model.

Port ID type

Port ID type:

·         MAC address.

·         Interface name.

Port ID

Port ID, the value of which depends on the port ID type.

Management address interface type

Numbering type of the interface identified by the management address.

Management address interface ID

Index of the interface identified by the management address.

Management address OID

Management address object ID.

DCBX control info

Displayed as version information in IEEE Std 802.1Qaz-2011.

The device does not support this field in the current software version.

Oper version

DCBX version number.

P0-   P1-   P2-   P3-   P4-   P5-   P6-   P7-

Number of supported priorities configured by using the priority-flow-control no-drop dot1p dot1p-list command at the local end.

Number of traffic classes supported

Number of traffic classes supported by PFC (displayed only in Rev 1.01).

DCBX PFC info

The device does not support this field in the current software version.

Value of MBC

MBC indicates the ability of packets to bypass MACsec. It is 1-bit long.

·         0—Packets can bypass MACsec when MACsec is disabled.

·         1—Packets cannot bypass MACsec when MACsec is disabled.

Link aggregation supported

Indicates whether link aggregation is supported on the port.

Link aggregation enabled

Indicates whether link aggregation is enabled on the port.

Aggregation port ID

ID of the port in the aggregation group. The ID is 0 when link aggregation is disabled

Auto-negotiation supported

Indicates whether autonegotiation is supported on the port.

Auto-negotiation enabled

Indicates whether autonegotiation is enabled on the port.

OperMau

Speed and duplex state of the port.

Power port class

PoE port class:

·         PSE—Power sourcing equipment.

·         PD—Powered device.

PSE power supported

Indicates whether the device can operate as a PSE.

PSE power enabled

Indicates whether the device is operating as a PSE.

PSE pairs control ability

Indicates whether the pair selection ability is available.

Power pairs

Power supply mode:

·         SignalUses data pairs to supply power.

·         SpareUses spare pairs to supply power.

Port power classification

Power class of the PD:

·         Class 0.

·         Class 1.

·         Class 2.

·         Class 3.

·         Class 4.

Power type

Power supply type:

·         Type 1 PD.

·         Type 2 PD.

·         Type 1 PSE.

·         Type 2 PSE.

Power source

Power source:

·         When the power supply type is PSE, options are:

?  Unknown—Unknown power supply.

?  Primary—Primary power supply.

?  Backup—Backup power supply.

?  Reserved.

·         When the power supply type is PD, options are:

?  Unknown—Unknown power supply.

?  PSE—PSE power supply.

?  Local—Local power supply.

?  PSE and local—PSE and local power supplies.

Power priority

·         Unknown.

·         Critical.

·         High.

·         Low.

PD requested power value

PD requested power in watts.

PSE allocated power value

PSE allocated power in watts.

PoE PSE power source

PSE power source type:

·         Unknown—Unknown power supply.

·         Primary—Primary power supply.

·         Backup—Backup power supply.

Port PSE priority

PoE power supply priority of PSE ports:

·         Unknown.

·         Critical.

·         High.

·         Low.

Port available power value

Available PoE power on PSE ports, or power needed on PD ports, in watts.

Transmit Tw

Sleep time of the local client, in μs.

Receive Tw

Sleep time of the peer client expected by the local client, in μs.

Fallback Tw

Candidate sleep time of the peer client expected by the local client, in μs.

Echo Transmit Tw

Sleep time of the peer client, in μs. This field displays zero when one of the following cases occurs:

·         The local client has not received the sleep time of the peer client.

·         The sleep time of the peer client is 0 μs.

Echo Receive Tw

Sleep time of the local client expected by the peer client, in μs. This field displays zero when one of the following cases occurs:

·         The local client has not received the expected sleep time from the peer client.

·         The sleep time of the local client expected by the peer client is 0 μs.

 

display lldp neighbor-information

Use display lldp neighbor-information to display the LLDP information carried in LLDP TLVs that the local device receives from the neighboring devices.

Syntax

display lldp neighbor-information [ [ [ interface interface-type interface-number ] [ agent { nearest-bridge | nearest-customer | nearest-nontpmr } ] [ verbose ] ] | list [ system-name system-name ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies a port by its type and number. If you do not specify this option, the command displays the LLDP information that all ports receive from the neighboring devices.

agent: Specifies an agent type. If you do not specify an agent type, the command displays the LLDP information that all LLDP agents receive from the neighboring devices.

nearest-bridge: Specifies nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

verbose: Displays the detailed LLDP information that the local device receives from the neighboring devices. If you do not specify this keyword, the command displays the brief LLDP information that the local device receives from the neighboring devices.

list: Displays the LLDP information that the local device receives from the neighboring devices in the form of a list.

system-name system-name: Displays the LLDP information that the local device receives from a neighboring device specified by its system name. The system-name argument is a string of 1 to 255 characters. If you do not specify this option, the command displays the LLDP information that the local device receives from all neighboring devices in a list.

Examples

# Display the detailed LLDP information that the nearest bridge agents on all ports received from the neighboring devices.

<Sysname> display lldp neighbor-information agent nearest-bridge verbose

LLDP neighbor-information of port 1[GigabitEthernet1/0/1]:

LLDP agent nearest-bridge:

 LLDP Neighbor index : 1

 Update time         : 0 days, 0 hours, 1 minutes, 1 seconds

 LLDP mac type       : Nearest Bridge

 Chassis type        : MAC address

 Chassis ID          : 000f-0055-0002

 Port ID type        : Interface name

 Port ID             : GigabitEthernet1/0/1

 Time to live        : 121

 Port description    : GigabitEthernet1/0/1 Interface

 System name         : Sysname

 System description  : H3C Comware Platform Software

 System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge

 System capabilities enabled   : Bridge, Router, Customer Bridge

 Management address type           : IPv4

 Management address                : 192.168.1.55

 Management address interface type : IfIndex

 Management address interface ID   : Unknown

 Management address OID            : 0

Port VLAN ID(PVID): 1

 Port and protocol VLAN ID(PPVID) : 12

 Port and protocol VLAN supported : Yes

 Port and protocol VLAN enabled   : Yes

 VLAN name of VLAN 12: VLAN 0012

 Management VLAN ID  : 5

 Auto-negotiation supported : Yes

 Auto-negotiation enabled   : Yes

 OperMau                    : Speed(1000)/Duplex(Full)

 Power port class           : PD

 PSE power supported        : Yes

 PSE power enabled          : Yes

 PSE pairs control ability  : Yes

 Power pairs                : Signal

 Port power classification  : Class 0

 Power type                 : Type 2 PD

 Power source               : PSE and local

 Power priority             : High

 PD requested power value   : 21.1 w

 PSE allocated power value  : 15.3 w

 Link aggregation supported : Yes

 Link aggregation enabled   : Yes

 Aggregation port ID        : 52

Maximum frame size         : 1500

 Transmit Tw                : 100 us

 Receive Tw                 : 90 us

 Fallback Tw                : 90 us

 Echo Transmit Tw           : 0 us

 Echo Receive Tw            : 0 us

 MED information:

 Device class               : Connectivity device

 Media policy type          : Unknown

 Unknown policy             : No

 VLAN tagged                : No

 Media policy VLAN ID       : 1000

 Media policy L2 priority   : 6

 Media policy DSCP          : 10

 Location format       : Civic Address LCI

 Location information  :

  What(1)  Country(CN)

  CA type  CA value

  0        Chinese

  1        Zhejiang

  2        Hangzhou

 MED port information:

  Media policy type          : Unknown

  Unknown policy             : No

  VLAN tagged                : No

  Media policy VLANID        : 1000

  Media policy L2 priority   : 6

  Media policy DSCP          : 10

 PoE PSE power source       : Primary

 Port PSE priority          : Low

 Port available power value : 2.2 w

 Unknown basic TLV:

  TLV type           : 23

  TLV information    : 0x00140014

 Unknown organizationally-defined TLV:

  TLV OUI            : 00-12-bb

  TLV subtype        : 21

  Index              : 1

  TLV information    : 0x556e6b6e 6f776e

# Display the detailed LLDP information that all LLDP agents on all ports received from the neighboring devices.

<Sysname> display lldp neighbor-information verbose

LLDP neighbor-information of port 1[GigabitEthernet1/0/1]:

LLDP agent nearest-bridge:

 LLDP Neighbor index : 1

 Update time         : 0 days, 0 hours, 1 minutes, 1 seconds

 LLDP mac type       : Nearest Bridge

 Chassis type        : MAC address

 Chassis ID          : 000f-0055-0002

 Port ID type        : Interface name

 Port ID             : GigabitEthernet1/0/1

 Time to live        : 121

 Port description    : GigabitEthernet1/0/1 Interface

 System name         : Sysname

 System description  : H3C Comware Platform Software

 System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge

 System capabilities enabled   : Bridge, Router, Customer Bridge

 Management address type           : IPv4

 Management address                : 192.168.1.55

 Management address interface type : IfIndex

 Management address interface ID   : Unknown

 Management address OID            : 0

Port VLAN ID(PVID): 1

 Port and protocol VLAN ID(PPVID) : 12

 Port and protocol VLAN supported : Yes

 Port and protocol VLAN enabled   : Yes

 VLAN name of VLAN 12: VLAN 0012

 Management VLAN ID  : 5

 Auto-negotiation supported : Yes

 Auto-negotiation enabled   : Yes

 OperMau                    : Speed(1000)/Duplex(Full)

 Power port class           : PD

 PSE power supported        : Yes

 PSE power enabled          : Yes

 PSE pairs control ability  : Yes

 Power pairs                : Signal

 Port power classification  : Class 0

 Power type                 : Type 2 PD

 Power source               : PSE and local

 Power priority             : High

 PD requested power value   : 21.1 w

 PSE allocated power value  : 15.3 w

 Link aggregation supported : Yes

 Link aggregation enabled   : Yes

 Aggregation port ID        : 52

 Maximum frame size         : 1500

 Transmit Tw                : 100 us

 Receive Tw                 : 90 us

 Fallback Tw                : 90 us

 Echo Transmit Tw           : 0 us

 Echo Receive Tw            : 0 us

 Device class               : Connectivity device

 HardwareRev               : Unknown

 FirmwareRev               : Unknown

 SoftwareRev               : Unknown

 SerialNum                 : Unknown

 Manufacturer name         : Unknown

 Model name                : Unknown

 Asset tracking identifier : Unknown

 Location format       : Civic Address LCI

 Location information  :

  What(1)  Country(CN)

  CA type  CA value

  0        Chinese

  1        Zhejiang

  2        Hangzhou

 MED port information:

  Media policy type          : Unknown

  Unknown policy             : No

  VLAN tagged                : No

  Media policy VLANID        : 1000

  Media policy L2 priority   : 6

  Media policy DSCP          : 10

 PoE PSE power source       : Primary

 Port PSE priority          : Low

 Port available power value : 2.2 w

 Unknown basic TLV:

  TLV type           : 23

  TLV information    : 0x00140014

 Unknown organizationally-defined TLV:

  TLV OUI            : 00-12-bb

  TLV subtype        : 21

  Index              : 1

  TLV information    : 0x556e6b6e 6f776e

 

LLDP neighbor-information of port 1[GigabitEthernet1/0/1]:

LLDP agent nearest-nontpmr:

 LLDP Neighbor index : 1

 Update time         : 0 days, 0 hours, 1 minutes, 1 seconds

 Chassis type        : MAC address

 Chassis ID          : 000f-0055-0002

 Port ID type        : Interface name

 Port ID             : GigabitEthernet1/0/1

 Time to live        : 121

 Port description    : GigabitEthernet1/0/1 Interface

 System name         : Sysname

 System description  : H3C Comware Platform Software

 System capabilities supported : Bridge, Router, Customer Bridge, Service Bridge

 System capabilities enabled   : Bridge, Router, Customer Bridge

 Management address type           : IPv4

 Management address                : 192.168.1.55

 Management address interface type : IfIndex

 Management address interface ID   : Unknown

 Management address OID            : 0

 Port VLAN ID(PVID): 1

 Port and protocol VLAN ID(PPVID) : 12

 Port and protocol VLAN supported : Yes

 Port and protocol VLAN enabled   : Yes

 VLAN name of VLAN 12: VLAN 0012

 Auto-negotiation supported : Yes

 Auto-negotiation enabled   : Yes

 OperMau                    : Speed(1000)/Duplex(Full)

 Power port class           : PD

 PSE power supported        : Yes

 PSE power enabled          : Yes

 PSE pairs control ability  : Yes

 Power pairs                : Signal

 Port power classification  : Class 0

 Power type                 : Type 2 PD

 Power source               : PSE and local

 Power priority             : High

 PD requested power value   : 21.1 w

 PSE allocated power value  : 15.3 w

 Link aggregation supported : Yes

 Link aggregation enabled   : Yes

 Aggregation port ID        : 52

Maximum frame size         : 1500

 Transmit Tw                : 100 us

 Receive Tw                 : 90 us

 Fallback Tw                : 90 us

 Echo Transmit Tw           : 0 us

 Echo Receive Tw            : 0 us

 Device class              : Connectivity device

 HardwareRev               : Unknown

 FirmwareRev               : Unknown

 SoftwareRev               : Unknown

 SerialNum                 : Unknown

 Manufacturer name         : Unknown

 Model name                : Unknown

 Asset tracking identifier : Unknown

 Location format       : Civic Address LCI

 Location information  :

  What(1)  Country(CN)

  CA type  CA value

  0        Chinese

  1        Zhejiang

  2        Hangzhou

 MED port information:

  Media policy type          : Unknown

  Unknown policy             : No

  VLAN tagged                : No

  Media policy VLANID        : 1000

  Media policy L2 priority   : 6

  Media policy DSCP          : 10

PoE PSE power source      : Primary

Port PSE priority         : Low

Port available power value: 2.2 w

Unknown basic TLV:

  TLV type           : 23

  TLV information    : 0x00140014

 Unknown organizationally-defined TLV:

  TLV OUI            : 00-12-bb

  TLV subtype        : 21

  Index              : 1

  TLV information    : 0x556e6b6e 6f776e

# Display the brief LLDP information that all LLDP agents on all ports received from the neighboring devices.

<Sysname> display lldp neighbor-information

LLDP neighbor-information of port 52[GigabitEthernet1/0/3]:

LLDP agent nearest-bridge:

 LLDP neighbor index : 3

 LLDP mac type       : Nearest Bridge

 ChassisID/subtype   : 0011-2233-4400/MAC address

 PortID/subtype      : 000c-29f5-c71f/MAC address

 Capabilities        : Bridge, Router, Customer Bridge

 

 LLDP neighbor index : 6

 LLDP mac type       : Nearest Bridge

 ChassisID/subtype   : 0011-2233-4400/MAC address

 PortID/subtype      : 000c-29f5-c715/MAC address

 Capabilities        : None

 

LLDP neighbor-information of port 52[GigabitEthernet1/0/3]:

LLDP agent nearest-nontpmr:

 LLDP neighbor index : 6

 ChassisID/subtype   : 0011-2233-4400/MAC address

 PortID/subtype      : 000c-29f5-c715/MAC address

 Capabilities        : None

# Display the brief LLDP information that all LLDP agents received from all neighboring devices in a list.

<Sysname> display lldp neighbor-information list

Chassis ID : * -- --Nearest nontpmr bridge neighbor

             # -- --Nearest customer bridge neighbor

             Default -- -- Nearest bridge neighbor

System Name          Local Interface   Chassis ID       Port ID

System1              GE1/0/1           000f-e25d-ee91   GigabitEthernet1/0/5

System2              GE1/0/2           000f-e25d-ee92*  GigabitEthernet1/0/6

System3              GE1/0/3           000f-e25d-ee93#  GigabitEthernet1/0/7

Table 28 Command output

Field

Description

 

LLDP neighbor-information of port 1

LLDP information received through port 1.

 

Update time

Time when LLDP information about a neighboring device was last updated.

 

LLDP mac type

Type of the neighbor MAC address:

·         Nearest bridge.

·         Nearest customer bridge.

·         Nearest non-TPMR bridge.

 

Chassis type

Chassis ID type:

·         Chassis component.

·         Interface alias.

·         Port component.

·         MAC address.

·         Network address (ipv4).

·         Interface name.

·         Locally assignedLocally-defined chassis type other than those listed above.

 

Chassis ID

ID that identifies the LLDP sending device, which can be a MAC address, a network address, an interface, or some other value, depending on the chassis ID type of the neighboring device.

 

Port ID type

Port ID type:

·         Interface alias.

·         Port component.

·         MAC address.

·         Network address (ipv4).

·         Interface name.

·         Agent circuit ID.

·         Locally assignedLocally-defined port ID type other than those listed above.

 

Port ID

Value of the type of the port ID.

 

System name

System name of the neighboring device.

 

System description

System description of the neighboring device.

 

System capabilities supported

Capabilities supported on the neighboring device:

·         Repeater—Signal repeating is supported.

·         Bridge—Switching is supported.

·         WlanAccessPointThe neighboring device can act as a wireless AP.

·         Router—Routing is supported.

·         TelephoneThe neighboring device can act as a telephone.

·         DocsisCableDeviceThe neighboring device can act as a DOCSIS-compliant cable device.

·         StationOnlyThe neighboring device can act as a station only.

·         Customer BridgeThe customer bridge feature is enabled.

·         Service BridgeThe service bridge feature is enabled.

·         TPMRThe TPMR feature is enabled.

·         OtherFeatures other than those listed above are supported.

 

System capabilities enabled

Capabilities enabled on the neighboring device:

·         Repeater—Signal repeating is enabled.

·         Bridge—Switching is enabled.

·         WlanAccessPointThe neighboring device is acting as a wireless AP.

·         Router—Routing is enabled.

·         TelephoneThe neighboring device is acting as a telephone.

·         DocsisCableDeviceThe neighboring device is acting as a DOCSIS-compliant cable device.

·         StationOnlyThe neighboring device is acting as a station only.

·         Customer BridgeThe customer bridge feature is enabled.

·         Service BridgeThe service bridge feature is enabled.

·         TPMRThe TPMR feature is enabled.

·         OtherFeatures other than those listed above are supported.

 

Management address OID

Management address object ID.

 

Port and protocol VLAN ID(PPVID)

Port protocol VLAN ID.

 

Port and protocol VLAN supported

Indicates whether protocol VLAN is supported on the port.

 

Port and protocol VLAN enabled

Indicates whether protocol VLAN is enabled on the port.

 

VLAN name of VLAN 12

Name of VLAN 12.

 

Auto-negotiation supported

Indicates whether autonegotiation is supported on the port.

 

Auto-negotiation enabled

Indicates whether autonegotiation is enabled on the port.

 

OperMau

Speed and duplex state on the port.

 

Power port class

PoE port class:

·         PSE—Power sourcing equipment.

·         PD—Powered device.

 

PSE power supported

Indicates whether the device can operate as a PSE.

 

PSE power enabled

Indicates whether the device is operating as a PSE.

 

PSE pairs control ability

Indicates whether the pair selection ability is available.

 

Power pairs

Power supply mode:

·         SignalUses data pairs to supply power.

·         SpareUses spare pairs to supply power.

 

Port power classification

Power class of the PD:

·         Class 0.

·         Class 1.

·         Class 2.

·         Class 3.

·         Class 4.

 

Power type

Power supply type:

·         Type 1 PD.

·         Type 2 PD.

·         Type 1 PSE.

·         Type 2 PSE.

Power source

Power source:

·         When the power supply type is PSE, options are:

?  Unknown—Unknown power supply.

?  Primary—Primary power supply.

?  Backup—Backup power supply.

?  Reserved.

·         When the power supply type is PD, options are::

?  Unknown—Unknown power supply.

?  PSE—PSE power supply.

?  LocalLocal power supply.

?  PSE and local—PSE and local power supplies.

Power priority

·         Unknown.

·         Critical.

·         High.

·         Low.

PD requested power value

PD requested power in watts.

PSE allocated power value

PSE allocated power in watts.

Link aggregation supported

Indicates whether link aggregation is supported.

 

Link aggregation enabled

Indicates whether link aggregation is enabled.

 

Device class

MED device class:

·         Connectivity device—Network device.

·         Class I—Normal terminal device.
It requires the basic LLDP discovery services.

·         Class II—Media terminal device.
It supports media streams, and can also act as a normal terminal device.

·         Class III—Communication terminal device.
It supports the IP communication systems of end users, and can also act as a normal terminal device or media terminal device.

 

Media policy type

Media policy type:

·         unknown.

·         voice.

·         voiceSignaling.

·         guestVoice.

·         guestVoiceSignaling.

·         softPhoneVoice.

·         videoconferencing.

·         streamingVideo.

·         videoSignaling.

 

Unknown policy

Indicates whether the media policy is unknown.

 

VLAN tagged

Indicates whether packets of the media VLAN are tagged.

 

Media policy VLAN ID

ID of the media VLAN.

 

Media policy L2 priority

Layer 2 priority.

 

Media policy DSCP

DSCP value.

 

Location format

Location information format:

·         Invalid—The location information is invalid.

·         Coordinate-based LCI—The location information is coordinate-based.

·         Civic Address LCI—Typical address information.

·         ECS ELIN—Telephone for urgencies.

 

PoE PSE power source

PSE power source type:

·         Unknown—Unknown power supply.

·         Primary—Primary power supply.

·         Backup—Backup power supply.

 

PoE PD power source

PD power source type:

·         Unknown—Unknown power supply.

·         PSE—PSE power supply.

·         Local—Local power supply.

·         PSE and local—PSE and local power supplies.

 

Port PSE priority

PoE power supply priority of PSE ports:

·         Unknown.

·         Critical.

·         High.

·         Low.

 

Port PD priority

PoE power receiving priority of PD ports:

·         Unknown.

·         Critical.

·         High.

·         Low.

 

Port available power value

Available PoE power on PSE ports, or power needed on PD ports, in watts.

 

HardwareRev

Hardware version.

 

FirmwareRev

Firmware version.

 

SoftwareRev

Software version.

 

SerialNum

Serial number.

 

Manufacturer name

Device manufacturer.

 

Model name

Device model.

 

TLV type

Unknown basic TLV type.

 

TLV information

Information contained in the unknown basic TLV type.

 

Unknown organizationally-defined TLV

Unknown organizationally specific TLV.

 

TLV OUI

OUI of the unknown organizationally specific TLV.

 

TLV subtype

Unknown organizationally specific TLV subtype.

 

Index

Unknown organization index.

 

Capabilities

Capabilities enabled on the neighboring device:

·         Repeater—Signal repeating is enabled.

·         Bridge—Switching is enabled.

·         WlanAccessPointThe neighboring device is acting as a wireless AP.

·         Router—Routing is enabled.

·         TelephoneThe neighboring device is acting as a telephone.

·         DocsisCableDeviceThe neighboring device is acting as a DOCSIS-compliant cable device.

·         StationOnlyThe neighboring device is acting as a station only.

·         OtherFeatures other than those listed above are supported.

·         NoneThe neighboring device does not advertise this TLV.

 

Local Interface

Local port that receives the LLDP information.

 

Chassis ID : * -- -- Nearest nontpmr bridge neighbor                              

                    #-- -- Nearest customer bridge neighbor

Chassis ID flag:

·         An asterisk (*) indicates the nearest non-TPMR bridge neighbor.

·         A pound sign (#) indicates the nearest customer bridge neighbor.

 

Transmit Tw

Sleep time of the local client, in μs.

 

Receive Tw

Expected sleep time for the peer client of the local client, in μs.

 

Fallback Tw

Candidate expected sleep time for the peer client of the local client, in μs.

 

Echo Transmit Tw

Sleep time of the peer client, in μs. This field displays zero when one of the following cases occurs:

·         The local client has not received the sleep time of the peer client.

·         The sleep time of the peer client is 0 μs.

 

Echo Receive Tw

Expected sleep time for the local client of the peer client, in μs. This field displays zero when one of the following cases occurs:

·         The local client has not received the expected sleep time of the peer client.

·         The expected sleep time of the peer client is 0 μs.

 

 

display lldp statistics

Use display lldp statistics to display the global LLDP statistics or the LLDP statistics of a port.

Syntax

display lldp statistics [ global | [ interface interface-type interface-number ] [ agent { nearest-bridge | nearest-customer | nearest-nontpmr } ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

global: Displays the global LLDP statistics.

interface interface-type interface-number: Specifies a port by its type and number.

agent: Specifies an LLDP agent type. If you do not specify an agent type, the command displays the statistics for all LLDP agents.

nearest-bridge: Specifies nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Usage guidelines

If you do not specify any keywords or arguments, the command displays the global LLDP statistics and the LLDP statistics of all ports.

Examples

# Display the global LLDP statistics and the LLDP statistics of all ports.

<Sysname> display lldp statistics

LLDP statistics global information:

LLDP neighbor information last change time:0 days, 0 hours, 4 minutes, 40 seconds

The number of LLDP neighbor information inserted : 1

The number of LLDP neighbor information deleted  : 1

The number of LLDP neighbor information dropped  : 0

The number of LLDP neighbor information aged out : 1

 

LLDP statistics information of port 1 [GigabitEthernet1/0/1]:

LLDP agent nearest-bridge:

The number of LLDP frames transmitted            : 0

The number of LLDP frames received               : 0

The number of LLDP frames discarded              : 0

The number of LLDP error frames                  : 0

The number of LLDP TLVs discarded                : 0

The number of LLDP TLVs unrecognized             : 0

The number of LLDP neighbor information aged out : 0

The number of CDP frames transmitted             : 0

The number of CDP frames received                : 0

The number of CDP frames discarded               : 0

The number of CDP error frames                   : 0

 

LLDP agent nearest-nontpmr:

The number of LLDP frames transmitted            : 0

The number of LLDP frames received               : 0

The number of LLDP frames discarded              : 0

The number of LLDP error frames                  : 0

The number of LLDP TLVs discarded                : 0

The number of LLDP TLVs unrecognized             : 0

The number of LLDP neighbor information aged out : 0

The number of CDP frames transmitted             : 0

The number of CDP frames received                : 0

The number of CDP frames discarded               : 0

The number of CDP error frames                   : 0

 

LLDP agent nearest-customer:

The number of LLDP frames transmitted            : 0

The number of LLDP frames received               : 0

The number of LLDP frames discarded              : 0

The number of LLDP error frames                  : 0

The number of LLDP TLVs discarded                : 0

The number of LLDP TLVs unrecognized             : 0

The number of LLDP neighbor information aged out : 0

The number of CDP frames transmitted             : 0

The number of CDP frames received                : 0

The number of CDP frames discarded               : 0

The number of CDP error frames                   : 0

# Display the LLDP statistics for the nearest customer bridge agents on GigabitEthernet 1/0/1.

<Sysname> display lldp statistics interface GigabitEthernet1/0/1 agent nearest-customer

LLDP statistics information of port 1 [GigabitEthernet1/0/1]:

LLDP agent nearest-customer:

The number of LLDP frames transmitted            : 0

The number of LLDP frames received               : 0

The number of LLDP frames discarded              : 0

The number of LLDP error frames                  : 0

The number of LLDP TLVs discarded                : 0

The number of LLDP TLVs unrecognized             : 0

The number of LLDP neighbor information aged out : 0

The number of CDP frames transmitted             : 0

The number of CDP frames received                : 0

The number of CDP frames discarded               : 0

The number of CDP error frames                   : 0

Table 29 Command output

Field

Description

LLDP statistics global information

Global LLDP statistics.

LLDP neighbor information last change time

Time when the neighbor information was last updated.

The number of LLDP neighbor information inserted

Number of times neighbor information was added.

The number of LLDP neighbor information deleted

Number of times neighbor information was removed.

The number of LLDP neighbor information dropped

Number of times neighbor information was dropped due to lack of available memory space.

 

display lldp status

Use display lldp status to display LLDP status.

Syntax

display lldp status [ interface interface-type interface-number ] [ agent { nearest-bridge | nearest-customer | nearest-nontpmr } ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies a port by its type and number. If you do not specify this option, the command displays the global LLDP status and the LLDP status of all ports.

agent: Specifies an LLDP agent type. If you do not specify an agent type, the command displays the status information for all LLDP agents.

nearest-bridge: Specifies nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Examples

# Display the global LLDP status and the LLDP status of each port.

<Sysname> display lldp status

Global status of LLDP: Enable

Bridge mode of LLDP: customer-bridge

The current number of LLDP neighbors: 5

The current number of CDP neighbors: 0

LLDP neighbor information last changed time: 0 days, 0 hours, 4 minutes, 40 seconds

Transmit interval              : 30s

Fast transmit interval         : 1s

Transmit max credit            : 5

Hold multiplier                : 4

Reinit delay                   : 2s

Trap interval                  : 5s

Fast start times               : 3

 

LLDP status information of port 1 [GigabitEthernet1/0/1]:

LLDP agent  nearest-bridge:

Port status of LLDP            : Enable

Admin status                   : Tx_Rx

Trap flag                      : No

MED trap flag                  : No

Polling interval               : 0s

Number of LLDP neighbors       : 5

Number of MED neighbors        : 2

Number of CDP neighbors        : 0

Number of sent optional TLV    : 12

Number of received unknown TLV : 5

LLDP agent nearest-nontpmr:

Port status of LLDP            : Enable

Admin status                   : Tx_Rx

Trap flag                      : No

Polling interval               : 0s

Number of LLDP neighbors       : 5

Number of MED neighbors        : 2

Number of CDP neighbors        : 0

Number of sent optional TLV    : 12

Number of received unknown TLV : 5

 

LLDP agent nearest-customer:

Port status of LLDP            : Enable

Admin status                   : Tx_Rx

Trap flag                      : No

Polling interval               : 0s

Number of LLDP neighbors       : 5

Number of MED neighbors        : 2

Number of CDP neighbors        : 0

Number of sent optional TLV    : 12

Number of received unknown TLV : 5

Table 30 Command output

Field

Description

Bridge mode of LLDP

LLDP bridge mode: service-bridge or customer-bridge.

Global status of LLDP

Indicates whether LLDP is globally enabled.

LLDP neighbor information last changed time

Time when the neighbor information was last updated.

Transmit interval

LLDP frame transmission interval.

Hold multiplier

TTL multiplier.

Reinit delay

LLDP reinitialization delay.

Transmit max credit

Token bucket size for sending LLDP frames.

Trap interval

Trap transmission interval.

Fast start times

Number of LLDP frames sent each time fast LLDP frame transmission is triggered.

Port 1

LLDP status of port 1.

Port status of LLDP

Indicates whether LLDP is enabled on the port.

Admin status

LLDP operating mode of the port:

·         Tx_Rx—The port can send and receive LLDP frames.

·         Rx_Only—The port can only receive LLDP frames.

·         Tx_Only—The port can only send LLDP frames.

·         Disable—The port cannot send or receive LLDP frames.

Trap Flag

Indicates whether trapping is enabled.

Polling interval

LLDP polling interval, which is 0 when LLDP polling is disabled.

Number of neighbors

Number of LLDP neighbors connecting to the port.

Number of MED neighbors

Number of MED neighbors connecting to the port.

Number of CDP neighbors

Number of CDP neighbors connecting to the port.

Number of sent optional TLV

Number of optional TLVs contained in an LLDP frame sent through the port.

Number of received unknown TLV

Number of unknown TLVs contained in a received LLDP frame.

 

display lldp tlv-config

Use display lldp tlv-config to display the types of advertisable optional LLDP TLVs of a port.

Syntax

display lldp tlv-config [ interface interface-type interface-number ] [ agent { nearest-bridge | nearest-customer | nearest-nontpmr } ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies a port by its type and number. If you do not specify this option, the command displays the types of advertisable optional TLVs of all ports.

agent: Specifies an LLDP agent type. If you do not specify an agent type, the command displays the types of advertisable optional LLDP TLVs for all LLDP agents.

nearest-bridge: Specifies nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Examples

# Display the types of advertisable optional LLDP TLVs of interface GigabitEthernet 1/0/1.

<Sysname> display lldp tlv-config interface gigabitethernet 1/0/1

LLDP tlv-config of port 1[GigabitEthernet1/0/1]:

LLDP agent nearest-bridge:

NAME                              STATUS    DEFAULT

Basic optional TLV:

 Port Description TLV             YES       YES

 System Name TLV                  YES       YES

 System Description TLV           YES       YES

 System Capabilities TLV          YES       YES

 Management Address TLV           YES       YES

IEEE 802.1 extend TLV:

 Port VLAN ID TLV                 YES       YES

 Port And Protocol VLAN ID TLV    NO        NO

 VLAN Name TLV                    NO        NO

 DCBX TLV                         NO        NO

 EVB TLV                          NO        NO

 Link Aggregation TLV             YES       YES

 Management VID TLV               NO        NO

 Congestion notification TLV      NO        NO

IEEE 802.3 extend TLV:

 MAC-Physic TLV                   YES       YES

 Power via MDI TLV                YES       YES

 Maximum Frame Size TLV           YES       YES

LLDP-MED extend TLV:

 Capabilities TLV                 YES        YES

 Network Policy TLV               YES        YES

 Location Identification TLV      NO         NO

 Extended Power via MDI TLV       YES        YES

 Inventory TLV                    YES        YES

LLDP agent nearest-nontpmr:

NAME                              STATUS    DEFAULT

Basic optional TLV:

 Port Description TLV             YES       NO

 System Name TLV                  YES       NO

 System Description TLV           YES       NO

 System Capabilities TLV          YES       NO

 Management Address TLV           YES       NO

IEEE 802.1 extend TLV:

 Port VLAN ID TLV                 YES       NO

 Port And Protocol VLAN ID TLV    YES       NO

 VLAN Name TLV                    YES       NO

 DCBX TLV                         NO        NO

 EVB TLV                          YES       YES

 Link Aggregation TLV             YES       NO

 Management VID TLV               NO        NO

 Congestion notification TLV      NO        NO

IEEE 802.3 extend TLV:

 MAC-Physic TLV                   YES       NO

 Power via MDI TLV                YES       NO

 Maximum Frame Size TLV           YES       NO

LLDP-MED extend TLV:

 Capabilities TLV                 YES        NO

 Network Policy TLV               YES        NO

 Location Identification TLV      NO         NO

 Extended Power via MDI TLV       YES        NO

 Inventory TLV                    YES        NO

 

LLDP agent nearest-customer:

NAME                              STATUS    DEFAULT

Basic optional TLV:

 Port Description TLV             YES       YES

 System Name TLV                  YES       YES

 System Description TLV           YES       YES

 System Capabilities TLV          YES       YES

 Management Address TLV           YES       YES

IEEE 802.1 extend TLV:

 Port VLAN ID TLV                 YES       YES

 Port And Protocol VLAN ID TLV    NO        NO

 VLAN Name TLV                    NO        NO

 DCBX TLV                         NO        NO

 EVB TLV                          NO        NO

 Link Aggregation TLV             YES       YES

 Management VID TLV               YES       YES

 Congestion notification TLV      NO        NO

IEEE 802.3 extend TLV:

 MAC-Physic TLV                   YES       NO

 Power via MDI TLV                YES       NO

 Maximum Frame Size TLV           YES       NO

LLDP-MED extend TLV:

 Capabilities TLV                 NO         NO

 Network Policy TLV               NO         NO

 Location Identification TLV      NO         NO

 Extended Power via MDI TLV       YES        NO

 Inventory TLV                    NO        NO

Table 31 Command output

Field

Description

LLDP tlv-config of port 1

Advertisable optional TLVs of port 1.

NAME

TLV type.

STATUS

Indicates whether the type of TLV is sent through a port.

DEFAULT

Indicates whether the type of TLV is sent through a port by default.

Basic optional TLV

Basic optional TLVs:

·         Port Description TLV.

·         System Name TLV.

·         System Description TLV.

·         System Capabilities TLV.

·         Management Address TLV.

·         Congestion notification TLV.

IEEE 802.1 extended TLV

IEEE 802.1 organizationally specific TLVs:

·         Port VLAN ID TLV.

·         Port and protocol VLAN ID TLV.

·         VLAN name TLV.

·         DCBX TLV.

·         EVB TLV. (The device does not support the EVB TLV in the current software version.)

·         Management VID TLV.

IEEE 802.3 extended TLV

IEEE 802.3 organizationally specific TLVs:

·         MAC-Physic TLV.

·         Power via MDI TLV.

·         Link aggregation TLV.

·         Maximum frame size TLV.

LLDP-MED extend TLV

LLDP-MED TLVs:

·         Capabilities TLV.

·         Network Policy TLV.

·         Extended Power-via-MDI TLV.

·         Location Identification TLV.

·         Inventory TLV.

Inventory TLV

Inventory TLVs:

·         Hardware Revision TLV.

·         Firmware Revision TLV.

·         Software Revision TLV.

·         Serial Number TLV.

·         Manufacturer Name TLV.

·         Model name TLV.

·         Asset ID TLV.

 

lldp admin-status

Use lldp admin-status to set the LLDP operating mode.

Use undo lldp admin-status to restore the default.

Syntax

In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view:

lldp [ agent { nearest-customer | nearest-nontpmr } ] admin-status { disable | rx | tx | txrx }

undo lldp [ agent { nearest-customer | nearest-nontpmr } ] admin-status

In Layer 2 aggregate interface view:

lldp agent { nearest-customer | nearest-nontpmr } admin-status { disable | rx | tx | txrx }

undo lldp agent { nearest-customer | nearest-nontpmr } admin-status

Default

The nearest bridge agent operates in txrx mode, and the nearest customer bridge agent and nearest non-TPMR bridge agent operate in disable mode.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command sets the operating mode for nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

disable: Specifies the Disable mode. A port in this mode cannot send or receive LLDP frames.

rx: Specifies the Rx mode. A port in this mode can only receive LLDP frames.

tx: Specifies the Tx mode. A port in this mode can only send LLDP frames.

txrx: Specifies the TxRx mode. A port in this mode can send and receive LLDP frames.

Examples

# Set the LLDP operating mode to Rx for the nearest customer bridge agents on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp agent nearest-customer admin-status rx

lldp check-change-interval

Use lldp check-change-interval to enable LLDP polling and set the polling interval.

Use undo lldp check-change-interval to restore the default.

Syntax

In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view:

lldp [ agent { nearest-customer | nearest-nontpmr } ] check-change-interval interval

undo lldp [ agent { nearest-customer | nearest-nontpmr } ] check-change-interval

In Layer 2 aggregate interface view:

lldp agent { nearest-customer | nearest-nontpmr } check-change-interval interval

undo lldp agent { nearest-customer | nearest-nontpmr } check-change-interval

Default

LLDP polling is disabled.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command enables LLDP polling and sets the polling interval for nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

interval: Sets the LLDP polling interval in the range of 1 to 30 seconds.

Examples

# Enable LLDP polling and set the polling interval to 30 seconds for the nearest customer bridge agents on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp agent nearest-customer check-change-interval 30

lldp enable

Use lldp enable to enable LLDP on a port.

Use undo lldp enable to disable LLDP on a port.

Syntax

lldp enable

undo lldp enable

Default

LLDP is enabled on a port.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Usage guidelines

LLDP takes effect on a port only when LLDP is enabled both globally and on the port.

Examples

# Disable LLDP on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] undo lldp enable

Related commands

lldp global enable

lldp encapsulation snap

Use lldp encapsulation snap to set the encapsulation format for LLDP frames to SNAP.

Use undo lldp encapsulation to restore the default.

Syntax

In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view:

lldp [ agent { nearest-customer | nearest-nontpmr } ] encapsulation snap

undo lldp [ agent { nearest-customer | nearest-nontpmr } ] encapsulation

In Layer 2 aggregate interface view:

lldp agent { nearest-customer | nearest-nontpmr } encapsulation snap

undo lldp agent { nearest-customer | nearest-nontpmr } encapsulation

Default

The encapsulation format for LLDP frames is Ethernet II.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command sets the LLDP frame encapsulation format for nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Examples

# Set the encapsulation format for LLDP frames to SNAP on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp encapsulation snap

lldp fast-count

Use lldp fast-count to set the number of LLDP frames sent each time fast LLDP frame transmission is triggered.

Use undo lldp fast-count to restore the default.

Syntax

lldp fast-count count

undo lldp fast-count

Default

Four LLDP frames are sent each time fast LLDP frame transmission is triggered.

Views

System view

Predefined user roles

network-admin

Parameters

count: Sets the number of LLDP frames sent each time fast LLDP frame transmission is triggered. The value range is 1 to 8.

Examples

# Configure the device to send five LLDP frames each time fast LLDP frame transmission is triggered.

<Sysname> system-view

[Sysname] lldp fast-count 5

lldp global enable

Use lldp global enable to enable LLDP globally.

Use undo lldp global enable to disable LLDP globally.

Syntax

lldp global enable

undo lldp global enable

Default

LLDP is globally enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

LLDP takes effect on a port only when LLDP is enabled both globally and on the port.

Examples

# Disable LLDP globally.

<Sysname> system-view

[Sysname] undo lldp global enable

Related commands

lldp enable

lldp hold-multiplier

Use lldp hold-multiplier to set the TTL multiplier.

Use undo lldp hold-multiplier to restore the default.

Syntax

lldp hold-multiplier value

undo lldp hold-multiplier

Default

The TTL multiplier is 4.

Views

System view

Predefined user roles

network-admin

Parameters

value: Sets the TTL multiplier in the range of 2 to 10.

Usage guidelines

The TTL TLV carried in an LLDPDU determines how long the device information carried in the LLDPDU can be saved on a recipient device.

By setting the TTL multiplier, you can set the TTL of locally sent LLDP frames. The TTL is expressed by using the following formula:

TTL = Min (65535, (TTL multiplier × LLDP frame transmission interval + 1))

As the expression shows, the TTL can be up to 65535 seconds.

Examples

# Set the TTL multiplier to 6.

<Sysname> system-view

[Sysname] lldp hold-multiplier 6

Related commands

lldp timer tx-interval

lldp ignore-pvid-inconsistency

Use lldp ignore-pvid-inconsistency to disable LLDP PVID inconsistency check.

Use undo lldp ignore-pvid-inconsistency to enable LLDP PVID inconsistency check.

Syntax

lldp ignore-pvid-inconsistency

undo lldp ignore-pvid-inconsistency

Default

LLDP PVID inconsistency check is enabled.

Views

System view

Default command level

network-admin

Usage guidelines

By default, when the system receives an LLDP packet, it compares the PVID value contained in the packet with the PVID configured on the receiving interface. If the two PVIDs do not match, a log message will be printed to notify the user.

You can disable PVID inconsistency check if different PVIDs are required on a link.

Examples

# Disable LLDP PVID inconsistency check.

<Sysname> system-view

[Sysname] lldp ignore-pvid-inconsistency

lldp management-address-format string

Use lldp management-address-format string to set the encoding format of the management address to string.

Use undo lldp management-address-format to restore the default.

Syntax

In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view:

lldp [ agent { nearest-customer | nearest-nontpmr } ] management-address-format string

undo lldp [ agent { nearest-customer | nearest-nontpmr } ] management-address-format

In Layer 2 aggregate interface view:

lldp agent { nearest-customer | nearest-nontpmr } management-address-format string

undo lldp agent { nearest-customer | nearest-nontpmr } management-address-format

Default

The encoding format of the management address is numeric.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command sets the encoding format of the management address for nearest bridge agents.

nearest-bridge: Specifies nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Usage guidelines

LLDP neighbors must use the same encoding format for the management address.

Examples

# Set the encoding format of the management address to string for the nearest customer bridge agents on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp agent nearest-customer management-address-format string

lldp max-credit

Use lldp max-credit to set the token bucket size for sending LLDP frames.

Use undo lldp max-credit to restore the default.

Syntax

lldp max-credit credit-value

undo lldp max-credit

Default

The token bucket size for sending LLDP frames is 5.

Views

System view

Predefined user roles

network-admin

Parameters

credit-value: Specifies the token bucket size for sending LLDP frames, in the range of 1 to 100.

Examples

# Set the token bucket size for sending LLDP frames to 10.

<Sysname> system-view

[Sysname] lldp max-credit 10

lldp mode

Use lldp mode to configure LLDP to operate in service bridge mode.

Use undo lldp mode to restore the default.

Syntax

lldp mode service-bridge

undo lldp mode

Default

LLDP operates in customer bridge mode.

Views

System view

Predefined user roles

network-admin

Parameters

service-bridge: Specifies the service bridge mode.

Usage guidelines

The LLDP agent types supported by LLDP depend on the LLDP bridge mode:

·          Service bridge mode—LLDP supports nearest bridge agents and nearest non-TPMR bridge agents. LLDP processes the LLDP frames with destination MAC addresses for these agents and transparently transmits the LLDP frames with other destination MAC addresses in the VLAN.

·          Customer bridge mode—LLDP supports nearest bridge agents, nearest non-TPMR bridge agents, and nearest customer bridge agents. LLDP processes the LLDP frames with destination MAC addresses for these agents and transparently transmits the LLDP frames with other destination MAC addresses in the VLAN.

The bridge mode configuration takes effect only when LLDP is enabled globally. If LLDP is disabled globally, LLDP can only operate in customer bridge mode.

Examples

# Configure LLDP to operate in service bridge mode.

<Sysname> system-view

[Sysname] lldp mode service-bridge

Related commands

lldp global enable

lldp notification med-topology-change enable

Use lldp notification med-topology-change enable to enable LLDP-MED trapping.

Use undo lldp notification med-topology-change enable to disable LLDP-MED trapping.

Syntax

lldp notification med-topology-change enable

undo lldp notification med-topology-change enable

Default

LLDP-MED trapping is disabled on ports.

Views

Layer 2 Ethernet interface view

Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Examples

# Enable LLDP-MED trapping for GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp notification med-topology-change enable

lldp notification remote-change enable

Use lldp notification remote-change enable to enable LLDP trapping.

Use undo lldp notification remote-change enable to disable LLDP trapping.

Syntax

In Layer 2/Layer 3 Ethernet interface view or management Ethernet interface view:

lldp [ agent { nearest-customer | nearest-nontpmr } ] notification remote-change enable

undo lldp [ agent { nearest-customer | nearest-nontpmr } ] notification remote-change enable

In Layer 2 aggregate interface view:

lldp agent { nearest-customer | nearest-nontpmr } notification remote-change enable

undo lldp agent { nearest-customer | nearest-nontpmr } notification remote-change enable

Default

LLDP trapping is disabled on ports.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command enables LLDP trapping for nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

Examples

# Enable LLDP trapping for the nearest customer bridge agents on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface GigabitEthernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp agent nearest-customer notification remote-change enable

lldp timer fast-interval

Use lldp timer fast-interval to set an interval for fast LLDP frame transmission.

Use undo lldp timer fast-interval to restore the default.

Syntax

lldp timer fast-interval interval

undo lldp timer fast-interval

Default

The interval for fast LLDP frame transmission is 1 second.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Sets an interval for fast LLDP frame transmission, in the range of 1 to 3600 seconds.

Examples

# Set the interval for fast LLDP frame transmission to 2 seconds.

<Sysname> system-view

[Sysname] lldp timer fast-interval 2

lldp timer notification-interval

Use lldp timer notification-interval to set the LLDP trap and LLDP-MED trap transmission interval.

Use undo lldp timer notification-interval to restore the default.

Syntax

lldp timer notification-interval interval

undo lldp timer notification-interval

Default

The LLDP trap and LLDP-MED trap transmission interval is 30 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Sets the LLDP trap and LLDP-MED trap transmission interval in the range of 5 to 3600 seconds.

Examples

# Set both the LLDP trap and LLDP-MED trap transmission interval to 8 seconds.

<Sysname> system-view

[Sysname] lldp timer notification-interval 8

lldp timer reinit-delay

Use lldp timer reinit-delay to set the LLDP reinitialization delay.

Use undo lldp timer reinit-delay to restore the default.

Syntax

lldp timer reinit-delay delay

undo lldp timer reinit-delay

Default

The LLDP reinitialization delay is 2 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

delay: Sets the LLDP reinitialization delay in the range of 1 to 10 seconds.

Examples

# Set the LLDP reinitialization delay to 4 seconds.

<Sysname> system-view

[Sysname] lldp timer reinit-delay 4

lldp timer tx-interval

Use lldp timer tx-interval to set the LLDP frame transmission interval.

Use undo lldp timer tx-interval to restore the default.

Syntax

lldp timer tx-interval interval

undo lldp timer tx-interval

Default

The LLDP frame transmission interval is 30 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Sets the LLDP frame transmission interval in the range of 5 to 32768 seconds.

Examples

# Set the LLDP frame transmission interval to 20 seconds.

<Sysname> system-view

[Sysname] lldp timer tx-interval 20

lldp tlv-enable

Use lldp tlv-enable to configure the types of advertisable TLVs.

Use undo lldp tlv-enable to disable the advertising of the specified types of TLVs.

Syntax

In Layer 2 Ethernet interface view:

·          For nearest bridge agents:

lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation | protocol-vlan-id [ vlan-id ] | vlan-name [ vlan-id ] | management-vid [ mvlan-id ] } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | network-policy [ vlan-id ] | power-over-ethernet | location-id { civic-address device-type country-code { ca-type ca-value }&<1-10> | elin-address tel-number } } }

undo lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation | protocol-vlan-id | vlan-name | management-vid } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | network-policy [ vlan-id ] | power-over-ethernet | location-id } }

·          For nearest non-TPMR bridge agents:

lldp agent nearest-nontpmr tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation } }

undo lldp agent nearest-nontpmr tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation } }

·          For nearest customer bridge agents:

lldp agent nearest-customer tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation } }

undo lldp agent nearest-customer tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | port-vlan-id | link-aggregation } }

In Layer 3 Ethernet interface view:

·          lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ] } | dot1-tlv { all | link-aggregation } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | power-over-ethernet | location-id { civic-address device-type country-code { ca-type ca-value }&<1-10> | elin-address tel-number } } }

·          lldp agent { nearest-nontpmr | nearest-customer } tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } }

·          undo lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ] } | dot1-tlv { all | link-aggregation } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | power-over-ethernet | location-id } }

·          undo lldp agent { nearest-nontpmr | nearest-customer } tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } }

In management Ethernet interface view:

·          lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | power-over-ethernet | location-id { civic-address device-type country-code { ca-type ca-value }&<1-10> | elin-address tel-number } } }

·          lldp agent { nearest-nontpmr | nearest-customer } tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } }

·          undo lldp tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } | dot3-tlv { all | mac-physic | max-frame-size | power } | med-tlv { all | capability | inventory | power-over-ethernet | location-id } }

·          undo lldp agent { nearest-nontpmr | nearest-customer } tlv-enable { basic-tlv { all | port-description | system-capability | system-description | system-name | management-address-tlv [ ipv6 ] [ ip-address ] } | dot1-tlv { all | link-aggregation } }

In Layer 2 aggregate interface view:

·          lldp agent nearest-nontpmr tlv-enable { basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description | system-capability | system-description | system-name } | dot1-tlv { all | port-vlan-id } }

·          lldp agent nearest-customer tlv-enable { basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description | system-capability | system-description | system-name } | dot1-tlv { all | port-vlan-id } }

·          lldp tlv-enable dot1-tlv { protocol-vlan-id [ vlan-id ] | vlan-name [ vlan-id ] | management-vid [ mvlan-id ] }

·          undo lldp agent nearest-nontpmr tlv-enable { basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description | system-capability | system-description | system-name } | dot1-tlv { all | port-vlan-id } }

·          undo lldp agent nearest-customer tlv-enable { basic-tlv { all | management-address-tlv [ ipv6 ] [ ip-address ] | port-description | system-capability | system-description | system-name } | dot1-tlv { all | port-vlan-id } }

·          undo lldp tlv-enable dot1-tlv { protocol-vlan-id | vlan-name | management-vid }

Default

On Layer 2 Ethernet interfaces:

·          Nearest bridge agents can advertise all types of LLDP TLVs except the following types:

?  Location identification TLVs.

?  Port and protocol VLAN ID TLVs.

?  VLAN name TLVs.

?  Management VLAN ID TLVs.

?  Energy-Efficient Ethernet TLVs.

·          Nearest customer bridge agents can advertise basic TLVs and IEEE 802.1 organizationally specific TLVs.

On Layer 3 Ethernet interfaces or management Ethernet interfaces:

·          Nearest bridge agents can advertise all types of LLDP TLVs (only link aggregation TLV is supported in 802.1 organizationally specific TLVs) except network policy TLVs and Energy-Efficient Ethernet TLVs.

·          Nearest non-TPMR bridge agents do not advertise TLVs.

·          Nearest customer bridge agents can advertise basic TLVs and IEEE 802.1 organizationally specific TLVs (only link aggregation TLV is supported).

On Layer 2 aggregate interfaces:

·          No nearest bridge agent exists.

·          Nearest customer bridge agents can advertise basic TLVs and IEEE 802.1 organizationally specific TLVs. Among the IEEE 802.1 organizationally specific TLVs, only port and protocol VLAN ID TLVs, VLAN name TLVs, and management VLAN ID TLVs are supported.

Views

Layer 2 aggregate interface view

Layer 2/Layer 3 Ethernet interface view

Management Ethernet interface view

Predefined user roles

network-admin

Parameters

agent: Specifies an LLDP agent type. If you do not specify an agent type in Ethernet or management Ethernet interface view, the command configures the types of advertisable TLVs for nearest bridge agents.

nearest-customer: Specifies nearest customer bridge agents.

nearest-nontpmr: Specifies nearest non-TPMR bridge agents.

all: Advertises all TLVs of the specified type.

·          Enables the interface to advertise the following TLVs:

?  All basic LLDP TLVs if the all keyword is specified for basic-tlv.

?  All IEEE 802.1 organizationally specific LLDP TLVs if the all keyword is specified for dot1-tlv.

?  All IEEE 802.3 organizationally specific LLDP TLVs if the all keyword is specified for dot3-tlv.

·          Enables the interface to advertise all LLDP-MED TLVs except location identification TLVs if the all keyword is specified for med-tlv.

basic-tlv: Advertises basic LLDP TLVs.

management-address-tlv [ ipv6 ] [ ip-address | interface loopback interface-number ]: Advertises management address TLVs. The ipv6 keyword indicates that the management address to be advertised is in IPv6 format. If you do not specify this keyword, the management address in IPv4 format will be advertised. The ip-address argument specifies the management address to be advertised. The interface loopback interface-number option specifies the management address as the IP address of a loopback interface specified by its number. By default, the following rules apply:

·          When you execute the lldp tlv-enable command:

?  For a Layer 2 Ethernet or aggregate interface, the management address is the primary IPv4/IPv6 address of the VLAN interface meeting the following requirements:

-      In up state.

-      The corresponding VLAN ID is the lowest among the VLANs permitted on the port.

If you specify the ipv6 keyword, the management address is the primary IPv6 address. If you do not specify the ipv6 keyword, the management address is the primary IPv4 address.

If none of the VLAN interfaces of the permitted VLANs is assigned an IP address or all VLAN interfaces are down, the MAC address of the port will be advertised.

?  For a Layer 3 Ethernet interface, the IPv4/IPv6 address of the port will be advertised when the following conditions exist:

-      The ip-address argument is not configured.

-      The specified loopback interface does not have an IPv4/IPv6 address, or the specified loopback interface does not exist.

If you specify the ipv6 keyword, the management address is the IPv6 address. If you do not specify the ipv6 keyword, the management address is the IPv4 address.

If the port does not have an IP address, the MAC address of the port will be advertised.

?  For a management Ethernet interface, the IPv4/IPv6 address of the port will be advertised when the ip-address argument is not configured.

If you specify the ipv6 keyword, the management address is the IPv6 address. If you do not specify the ipv6 keyword, the management address is the IPv4 address.

If the port does not have an IP address, the MAC address of the port will be advertised.

·          When you execute the undo lldp tlv-enable command for a Layer 2/Layer 3 Ethernet interface, management Ethernet interface, or Layer 2 aggregate interface:

?  If you do not specify ipv6, ip-address, and interface loopback interface-number, the port does not advertise any management address TLVs.

?  If you specify ipv6, ip-address, or interface loopback interface-number, the port advertises the default management address TLVs.

port-description: Advertises port description TLVs.

system-capability: Advertises system capabilities TLVs.

system-description: Advertises system description TLVs.

system-name: Advertises system name TLVs.

dot1-tlv: Advertises IEEE 802.1 organizationally specific LLDP TLVs.

port-vlan-id: Advertises port VLAN ID TLVs.

protocol-vlan-id [ vlan-id ]: Advertises port and protocol VLAN ID TLVs. The vlan-id argument specifies a VLAN ID in the TLVs to be advertised. The VLAN ID is in the range of 1 to 4094, and the default is the lowest VLAN ID on the port.

vlan-name [ vlan-id ]: Advertises VLAN name TLVs. The vlan-id argument specifies a VLAN ID in the TLVs to be advertised. The VLAN ID is in the range of 1 to 4094, and the default is the lowest VLAN ID on the port. If you do not specify a VLAN ID and the port is not assigned to any VLAN, the PVID of the port is advertised.

management-vid [ mvlan-id ]: Advertises management VLAN ID TLVs. The mvlan-id argument specifies a management VLAN ID in the TLVs to be advertised. The management VLAN ID is in the range of 1 to 4094. If you do not specify this option, the value 0 is advertised, which means that the LLDP agent is not configured with a management VLAN ID.

dot3-tlv: Advertises IEEE 802.3 organizationally specific LLDP TLVs.

link-aggregation: Advertises link aggregation TLVs.

mac-physic: Advertises MAC/PHY configuration/status TLVs.

max-frame-size: Advertises maximum frame size TLVs.

power: Advertises power in MDI TLVs and power stateful control TLVs.

med-tlv: Advertises LLDP-MED TLVs.

capability: Advertises LLDP-MED capabilities TLVs.

inventory: Advertises the following TLVs: hardware revision, firmware revision, software revision, serial number, manufacturer name, model name, and asset ID.

location-id: Advertises location identification TLVs.

civic-address: Inserts the typical address information about the network device in location identification TLVs .

device-type: Sets a device type value in the range of 0 to 2:

·          Value 0 specifies a DHCP server.

·          Value 1 specifies a network device.

·          Value 2 specifies an LLDP-MED endpoint.

country-code: Sets a country code defined in ISO 3166.

{ ca-type ca-value }&<1-10>: Configures address information. ca-type represents the address information type in the range of 0 to 255. ca-value represents address information, a string of 1 to 250 characters. &<1-10> indicates that you can specify up to 10 ca-type ca-value pairs.

elin-address: Inserts telephone numbers for emergencies in location identification TLVs.

tel-number: Sets the telephone number for emergencies, a string of 10 to 25 characters.

network-policy [ vlan-id ]: Advertises network policy TLVs. vlan-id specifies the voice VLAN ID to be advertised, in the range of 1 to 4094.

power-over-ethernet: Advertises extended power-via-MDI TLVs.

Usage guidelines

Nearest bridge agents are not supported on aggregate interfaces.

You can enable the device to advertise multiple types of TLVs by using this command without the all keyword specified.

If the MAC/PHY configuration/status TLV is not advertisable, none of the LLDP-MED TLVs will be advertised whether or not they are advertisable. If the LLDP-MED capabilities TLV is not advertisable, the other LLDP-MED TLVs will not be advertised regardless of whether or not they are advertisable.

The port and protocol VLAN ID, VLAN name, and management VLAN ID TLVs in IEEE 802.1 organizationally specific LLDP TLVs can be configured only for nearest bridge agents. The configuration can be inherited by nearest customer bridge agents and nearest non-TPMR bridge agents.

Examples

# Enable the nearest customer bridge agents on GigabitEthernet 1/0/1 to advertise link aggregation TLVs of the IEEE 802.1 organizationally specific TLVs.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] lldp agent nearest-customer tlv-enable dot1-tlv link-aggregation

 


Layer 2 forwarding commands

The WX1800H series access controllers do not support the slot keyword or the slot-number argument.

Normal Layer 2 forwarding commands

display mac-forwarding statistics

Use display mac-forwarding statistics to display Layer 2 forwarding statistics.

Syntax

display mac-forwarding statistics [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify this option, the command displays Layer 2 forwarding statistics on all interfaces.

Examples

# Display Layer 2 forwarding statistics on all interfaces.

<Sysname> display mac-forwarding statistics

Input:

   Sum:               888        Unknown Unicast:   0

   Broadcast:         0          Multicast:         0

   Filtered:          0          STP discarded:     0

   Service dropped:   0          Source dropped:    0

   Unknown dropped:   0          Learning dropped:  0

   Attack dropped:    0          Suppress dropped:  0

Deliver:

   Sum:               111        L2 protocol:       11

   Local MAC address: 100

Output:

   Sum:               666        Filtered:          0

   Blackhole dropped: 0          STP discarded:     0

   Service dropped:   0          Dest MAC dropped:  0

# Display Layer 2 forwarding statistics on GigabitEthernet 1/0/1.

<Sysname> display mac-forwarding statistics interface gigabitethernet 1/0/1

GigabitEthernet 1/0/1:

Input frames: 100    Output frames:100

Filtered:     0

Table 32 Command output

Field

Description

Input

Inbound Ethernet frame statistics.

Sum

Total number of received Ethernet frames.

Filtered

Number of Ethernet frames filtered out by 802.1Q VLAN inbound filtering rules.

STP discarded

Number of inbound Ethernet frames dropped on the ports blocked by STP.

Service dropped

Number of Ethernet frames dropped by inbound service features.

Source dropped

Number of Ethernet frames dropped because their source MAC addresses are all-zeros, multicast, or broadcast MAC addresses.

Unknown dropped

Number of Ethernet frames dropped because the device is disabled from forwarding frames with unknown source MAC addresses.

Learning dropped

Number of Ethernet frames dropped because the device is disabled from forwarding unknown frames after the number of learned MAC addresses reaches the upper limit.

Attack dropped

Number of attack Ethernet frames dropped by features based on the source MAC addresses.

Suppress dropped

Number of Ethernet frames dropped by storm suppression.

Broadcast

Number of received broadcast Ethernet frames.

Multicast

Number of received multicast Ethernet frames.

Unknown Unicast

Number of received unknown unicast Ethernet frames.

Deliver

Statistics of Ethernet frames delivered to the CPU.

Sum

Total number of Ethernet frames delivered to the CPU.

L2 protocol

Number of Layer 2 protocol Ethernet frames delivered to the CPU.

Local MAC address

Number of Ethernet frames with the destination MAC addresses being the MAC addresses of local Layer 3 VLAN interfaces.

Output

Outbound Ethernet frame statistics.

Sum

Total number of sent Ethernet frames.

Blackhole dropped

Number of Ethernet frames dropped because they are destined for blackhole MAC addresses.

Filtered

Number of Ethernet frames filtered out by 802.1Q VLAN outbound filtering rules.

STP discarded

Number of outbound Ethernet frames dropped on the ports blocked by STP.

Service dropped

Number of Ethernet frames dropped by outbound service features.

Dest MAC dropped

Number of Ethernet frames dropped by features based on the destination MAC addresses.

Input frames

Number of Ethernet frames received on the interface.

Output frames

Number of Ethernet frames sent out of the interface.

Filtered

Number of Ethernet frames filtered out because they are from other VLANs.

 

reset mac-forwarding statistics

Use reset mac-forwarding statistics to clear Layer 2 forwarding statistics.

Syntax

reset mac-forwarding statistics

Views

User view

Predefined user roles

network-admin

network-operator

Examples

# Clear Layer 2 forwarding statistics.

<Sysname> reset mac-forwarding statistics

Fast Layer 2 forwarding commands

display mac-forwarding cache ip

Use display mac-forwarding cache ip to display IPv4 fast forwarding entries.

Syntax

display mac-forwarding cache ip [ ip-address ] [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Specifies an IPv4 address. If you do not specify an IPv4 address, this command displays all IPv4 fast forwarding entries.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays IPv4 fast forwarding entries for all member devices.

Examples

# Display all IPv4 fast forwarding entries.

<Sysname> display mac-forwarding cache ip

Total number of mac-forwarding entries: 2

SIP            SPort DIP             DPort Pro Input_If    Output_If   VLAN

1.1.1.2        99    1.1.1.1         2048  1   GE1/0/1     GE1/0/1     2

1.1.1.1        98    1.1.1.2         2012  1   GE1/0/2     GE1/0/2     2

Table 33 Command output

Field

Description

Total number of mac-forwarding entries

Total number of IPv4 fast forwarding entries.

SIP

Source IPv4 address.

SPort

Source port number.

DIP

Destination IPv4 address.

DPort

Destination port number.

Pro

Protocol number.

Input_If

Input interface type and number.

If no input interface is involved in fast forwarding, this field displays N/A.

If no input interface is available, this field displays a hyphen (-).

Output_If

Output interface type and number.

If no output interface is involved in fast forwarding, this field displays N/A.

If no output interface is available, this field displays a hyphen (-).

VLAN

VLAN ID.

 

display mac-forwarding cache ip fragment

Use display mac-forwarding cache ip fragment to display IPv4 fast forwarding entries for fragments.

Syntax

display mac-forwarding cache ip fragment [ ip-address ] [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Specifies an IPv4 address. If you do not specify an IPv4 address, this command displays IPv4 fast forwarding entries for all fragments.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays IPv4 fast forwarding entries for fragments on all member devices.

Examples

# Display IPv4 fast forwarding entries for all fragments.

<Sysname> display mac-forwarding cache ip fragment

Total number of fragment mac-forwarding entries: 2

SIP             SPort DIP             DPort Pro Input_If    ID     VLAN

1.1.1.1         117   1.1.1.2         0     1   GE1/0/1     2828   1

1.1.1.2         110   1.1.1.1         67    17  GE1/0/2     2322   1

Table 34 Command output

Field

Description

Total number of fragment mac-forwarding entries

Total number of IPv4 fast forwarding entries for fragments.

SIP

Source IPv4 address.

SPort

Source port number.

DIP

Destination IPv4 address.

DPort

Destination port number.

Pro

Protocol number.

Input_If

Input interface type and number.

If no input interface is involved in fast forwarding, this field displays N/A.

If no input interface is available, this field displays a hyphen (-).

ID

Fragment ID.

VLAN

VLAN ID.

 

display mac-forwarding cache ipv6

Use display mac-forwarding cache ipv6 to display IPv6 fast forwarding entries.

Syntax

display mac-forwarding cache ipv6 [ ipv6-address ] [ slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ipv6-address: Specifies an IPv6 address. If you do not specify an IPv6 address, this command displays all IPv6 fast forwarding entries.

slot slot-number: Specifies an IRF member device by its member ID. If you do not specify a member device, this command displays IPv6 fast forwarding entries for all member devices.

Examples

# Display all IPv6 fast forwarding entries.

<Sysname> display mac-forwarding cache ipv6

Total number of IPv6 mac-forwarding items: 1

Src IP: 2002::1                                        Src port: 129

Dst IP: 2001::1                                        Dst port: 65535

VLAN ID: 2

Protocol: 2

Input interface: GE1/0/2

Output interface: GE1/0/1

Table 35 Command output

Field

Description

Total number of IPv6 mac-forwarding items

Total number of IPv6 fast forwarding entries.

Src IP

Source IPv6 address.

Src port

Source port number.

Dst IP

Destination IPv6 address.

Dst port

Destination port number.

Protocol

Protocol number.

Input interface

Input interface type and number.

If no input interface is involved in fast forwarding, this field displays N/A.

If no input interface is available, this field displays a hyphen (-).

Output interface

Output interface type and number.

If no output interface is involved in fast forwarding, this field displays N/A.

If no output interface is available, this field displays a hyphen (-).

 


VLAN termination commands

The following matrix shows the VLAN termination and hardware compatibility:

 

Hardware series

Model

VLAN termination compatibility

WX1800H series

WX1804H

WX1810H

WX1820H

Yes

WX2500H series

WX2510H

WX2540H

WX2560H

Yes

WX3000H series

WX3010H

WX3010H-L

WX3010H-X

WX3024H

WX3024H-L

Yes:

·         WX3010H

·         WX3024H

No:

·         WX3010H-L

·         WX3010H-X

·         WX3024H-L

WX3500H series

WX3508H

WX3510H

WX3520H

WX3540H

No

WX5500E series

WX5510E

WX5540E

No

WX5500H series

WX5540H

WX5560H

WX5580H

No

Access controller modules

EWPXM1MAC0F

EWPXM2WCMD0F

LSQM1WCMX20

LSQM1WCMX40

LSUM1WCME0

LSUM1WCMX20RT

LSUM1WCMX40RT

No

 

second-dot1q

Use second-dot1q to enable QinQ termination on an interface, and specify the Layer 2 VLAN IDs of the VLAN-tagged packets that can be terminated by the interface.

Use undo second-dot1q to disable QinQ termination on an interface.

Syntax

second-dot1q { vlan-id-list | any }

undo second-dot1q { vlan-id-list | any }

Default

QinQ termination is disabled on a VLAN interface.

Views

VLAN interface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 Layer 2 VLAN ID items. Each item specifies a Layer 2 VLAN ID or a range of Layer 2 VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

any: Specifies all values between 1 and 4094.

Usage guidelines

When you execute this command, the Layer 1 VLAN ID of VLAN-tagged packets that can be terminated by the interface is the interface number. This Layer 1 VLAN ID is not configurable.

Examples

# Configure VLAN-interface 10 to terminate VLAN-tagged packets with Layer 2 VLAN IDs in the range of 10 to 20.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] second-dot1q 10 to 20

[Sysname-Vlan-interface10] quit

# Configure VLAN-interface 12 to terminate VLAN-tagged packets with Layer 2 VLAN ID 100.

[Sysname] interface vlan-interface 12

[Sysname-Vlan-interface12] second-dot1q 100

[Sysname-Vlan-interface12] quit

# Configure VLAN-interface 100 to terminate VLAN-tagged packets with any Layer 2 VLAN IDs.

[Sysname] interface vlan-interface 100

[Sysname-Vlan-interface100] second-dot1q any

The following table describes the configuration results:

 

VLAN interface

Layer 1 VLAN ID of VLAN-tagged packets that the VLAN interface can terminate

Layer 2 VLAN IDs of VLAN-tagged packets that the VLAN interface can terminate

VLAN-interface 10

10

10–20

VLAN-interface 12

12

100

VLAN-interface 100

100

1–4094

 

vlan-termination broadcast enable

Use vlan-termination broadcast enable to enable an interface to transmit broadcasts and multicasts.

Use undo vlan-termination broadcast enable to restore the default.

Syntax

vlan-termination broadcast enable

undo vlan-termination broadcast enable

Default

An ambiguous Dot1q or QinQ termination-enabled interface drops broadcast and multicast packets.

Views

Layer 3 Ethernet subinterface view

VLAN interface view

Predefined user roles

network-admin

Usage guidelines

CAUTION

CAUTION:

This command affects system performance. If the system performance is seriously affected by this command, remove this command.

 

Use this command when ambiguous Dot1q or QinQ termination is enabled on an interface.

To transmit a broadcast or multicast packet, the interface starts a traversal over the VLAN IDs specified for ambiguous termination. It copies the packet and tags each copy with a VLAN ID, until all VLAN IDs in the specified range are traversed. For example, when ambiguous QinQ termination is configured, both layers of VLAN ID ranges are traversed.

Examples

·          Configure GigabitEthernet 1/0/1.10 to tag a multicast or broadcast packet with each VLAN tag in the range of 10 to 20.

# Enable Dot1q termination on subinterface GigabitEthernet 1/0/1.10 to terminate VLAN-tagged packets with outermost VLAN IDs in the range of 10 to 20.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.10

[Sysname-GigabitEthernet1/0/1.10] vlan-type dot1q vid 10 to 20

# Enable GigabitEthernet 1/0/1.10 to transmit broadcast and multicast packets.

[Sysname-GigabitEthernet1/0/1.10] vlan-termination broadcast enable

·          Configure GigabitEthernet 1/0/1.10 to tag a multicast or broadcast packet with each Layer 1 VLAN ID and each Layer 2 VLAN ID. The Layer 1 and Layer 2 VLAN IDs are in the range of 300 to 400 and 500 to 600, respectively.

# Configure GigabitEthernet 1/0/1.10 to terminate VLAN-tagged packets whose Layer 1 and Layer 2 VLAN IDs are in the range of 300 to 400 and 500 to 600, respectively.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.10

[Sysname-GigabitEthernet1/0/1.10] vlan-type dot1q vid 300 to 400 second-dot1q 500 to 600

# Enable GigabitEthernet 1/0/1.10 to transmit broadcast and multicast packets.

[Sysname-GigabitEthernet1/0/1.10] vlan-termination broadcast enable

·          Configure VLAN-interface 10 to tag a multicast or broadcast packet with two layers of VLAN IDs. The Layer 1 VLAN ID is 10. The Layer 2 VLAN ID is each VLAN ID in the range of 10 to 20.

# Configure VLAN-interface 10 to terminate VLAN-tagged packets with Layer 2 VLAN IDs in the range of 10 to 20.

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] second-dot1q 10 to 20

# Enable VLAN-interface 10 to transmit broadcast and multicast packets.

[Sysname-Vlan-interface10] vlan-termination broadcast enable

vlan-type dot1q default

Use vlan-type dot1q default to enable default termination on a subinterface.

Use undo vlan-type dot1q default to disable default termination on a subinterface.

Syntax

vlan-type dot1q default

undo vlan-type dot1q default

Default

Default termination is disabled on a subinterface.

Views

Layer 3 Ethernet subinterface view

Predefined user roles

network-admin

Usage guidelines

This command enables the subinterface to process packets that cannot be terminated by other subinterfaces on the same main interface.

Examples

# Enable default termination on GigabitEthernet 1/0/1.1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.1

[Sysname-GigabitEthernet1/0/1.1] vlan-type dot1q default

[Sysname-GigabitEthernet1/0/1.1] quit

vlan-type dot1q untagged

Use vlan-type dot1q untagged to enable untagged termination on a subinterface.

Use undo vlan-type dot1q untagged to disable untagged termination on a subinterface.

Syntax

vlan-type dot1q untagged

undo vlan-type dot1q untagged

Default

Untagged termination is disabled on a subinterface.

Views

Layer 3 Ethernet subinterface view

Predefined user roles

network-admin

Usage guidelines

This command enables the subinterface to process untagged packets.

Examples

# Enable untagged termination on GigabitEthernet 1/0/1.1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.1

[Sysname-GigabitEthernet1/0/1.1] vlan-type dot1q untagged

[Sysname-GigabitEthernet1/0/1.1] quit

vlan-type dot1q vid

Use vlan-type dot1q vid to enable Dot1q termination on a subinterface, and specify the outermost VLAN IDs in the VLAN-tagged packets that can be terminated by the subinterface.

Use undo vlan-type dot1q vid to disable Dot1q termination on a subinterface.

Syntax

vlan-type dot1q vid vlan-id-list

undo vlan-type dot1q vid vlan-id-list

Default

Dot1q termination is disabled on a subinterface.

Views

Layer 3 Ethernet subinterface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 outermost VLAN ID items. Each item specifies an outermost VLAN ID or a range of outermost VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

Usage guidelines

You cannot configure multiple subinterfaces under an Ethernet interface to terminate VLAN-tagged packets from the same VLAN. The VLAN ID ranges specified by the vlan-id-list argument for different subinterfaces cannot overlap.

Examples

# Configure GigabitEthernet 1/0/1.1 to terminate VLAN-tagged packets with outermost VLAN IDs in the range of 2 to 100.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.1

[Sysname-GigabitEthernet1/0/1.1] vlan-type dot1q vid 2 to 100

The following table describes the configuration results:

 

Subinterface

Outermost VLAN ID of packets that can be terminated

Whether packets to be terminated include more than one layer of VLAN tags

GigabitEthernet 1/0/1.1

2

Yes

 

vlan-type dot1q vid second-dot1q

Use vlan-type dot1q vid second-dot1q to enable QinQ termination on a subinterface, and specify the outermost two layers of VLAN IDs of VLAN-tagged packets that can be terminated by the subinterface.

Use undo vlan-type dot1q vid second-dot1q to disable QinQ termination on a subinterface.

Syntax

vlan-type dot1q vid vlan-id-list second-dot1q { vlan-id-list | any }

undo vlan-type dot1q vid vlan-id-list second-dot1q { vlan-id-list | any }

Default

QinQ termination is disabled on a subinterface.

Views

Layer 3 Ethernet subinterface view

Predefined user roles

network-admin

Parameters

vlan-id-list: Specifies a space-separated list of up to 10 VLAN ID items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

any: Specifies all values between 1 and 4094.

Usage guidelines

Two subinterfaces of the same Ethernet interface cannot terminate packets that include the same two layers of VLAN IDs. If you configure the subinterfaces to terminate the same Layer 1 VLAN ID, make sure their Layer 2 VLAN ID ranges do not overlap. If you specify both any and vlan-id-list as the respective Layer 2 VLAN ID ranges of the subinterfaces, the any keyword does not include the VLAN IDs specified by vlan-id-list.

Examples

# Enable QinQ termination on the Layer 3 Ethernet subinterfaces, and configure each subinterface to terminate VLAN-tagged packets with the specified Layer 1 and Layer 2 VLAN IDs.

·          Configure GigabitEthernet 1/0/1.1 to terminate VLAN-tagged packets whose Layer 1 and Layer 2 VLAN IDs are both 100.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1.1

[Sysname-GigabitEthernet1/0/1.1] vlan-type dot1q vid 100 second-dot1q 100

[Sysname-GigabitEthernet1/0/1.1] quit

·          Configure GigabitEthernet 1/0/1.2 to terminate VLAN-tagged packets with Layer 1 VLAN ID 100 and Layer 2 VLAN IDs in the range of 200 to 300.

[Sysname] interface gigabitethernet 1/0/1.2

[Sysname-GigabitEthernet1/0/1.2] vlan-type dot1q vid 100 second-dot1q 200 to 300

[Sysname-GigabitEthernet1/0/1.2] quit

·          Configure GigabitEthernet 1/0/1.3 to terminate VLAN-tagged packets whose Layer 1 VLAN ID is 100 and Layer 2 VLAN ID is any value between 1 and 4094.

[Sysname] interface gigabitethernet 1/0/1.3

[Sysname-GigabitEthernet1/0/1.3] vlan-type dot1q vid 100 second-dot1q any

[Sysname-GigabitEthernet1/0/1.3] quit

·          Configure GigabitEthernet 1/0/1.4 to terminate VLAN-tagged packets whose Layer 1 VLAN ID is 100 and Layer 2 VLAN ID is in the range of 500 to 600.

[Sysname] interface gigabitethernet 1/0/1.4

[Sysname-GigabitEthernet1/0/1.4] vlan-type dot1q vid 100 second-dot1q 500 to 600

[Sysname-GigabitEthernet1/0/1.4] quit

·          Configure GigabitEthernet 1/0/1.5 to terminate VLAN-tagged packets whose Layer 1 VLAN ID is 200 and Layer 2 VLAN ID is in the range of 500 to 600.

[Sysname] interface gigabitethernet 1/0/1.5

[Sysname-GigabitEthernet1/0/1.5] vlan-type dot1q vid 200 second-dot1q 500 to 600

[Sysname-GigabitEthernet1/0/1.5] quit

·          Configure GigabitEthernet 1/0/1.6 to terminate VLAN-tagged packets whose Layer 1 VLAN ID is in the range of 300 to 400 and Layer 2 VLAN ID is 100.

[Sysname] interface gigabitethernet 1/0/1.6

[Sysname-GigabitEthernet1/0/1.6] vlan-type dot1q vid 300 to 400 second-dot1q 100

[Sysname-GigabitEthernet1/0/1.6] quit

·          Configure GigabitEthernet 1/0/1.7 to terminate VLAN-tagged packets whose Layer 1 and Layer 2 IDs are in the range of 300 to 400 and 500 to 600, respectively.

[Sysname] interface gigabitethernet 1/0/1.7

[Sysname-GigabitEthernet1/0/1.7] vlan-type dot1q vid 300 to 400 second-dot1q 500 to 600

[Sysname-GigabitEthernet1/0/1.7] quit

·          Configure GigabitEthernet 1/0/1.8 to terminate VLAN-tagged packets with a Layer 1 VLAN ID in the range of 300 to 400 and any Layer 2 VLAN ID.

[Sysname] interface gigabitethernet 1/0/1.8

[Sysname-GigabitEthernet1/0/1.8] vlan-type dot1q vid 300 to 400 second-dot1q any

The following table describes the configuration results:

 

Layer 3 Ethernet subinterface

Layer 1 VLAN IDs of VLAN-tagged packets that the subinterface can terminate

Layer 2 VLAN IDs of VLAN-tagged packets that the subinterface can terminate

GigabitEthernet 1/0/1.1

100

100

GigabitEthernet 1/0/1.2

100

200–300

GigabitEthernet 1/0/1.3

100

1–99, 101–199, 301–499, and 601–4094

GigabitEthernet 1/0/1.4

100

500–600

GigabitEthernet 1/0/1.5

200

500–600

GigabitEthernet 1/0/1.6

300–400

100

GigabitEthernet 1/0/1.7

300–400

500–600

GigabitEthernet 1/0/1.8

300–400

1–99, 101–499, and 601–4094

 

 


Port isolation commands

display port-isolate group

Use display port-isolate group to display port isolation group information.

Syntax

display port-isolate group

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display port isolation group information.

<Sysname> display port-isolate group

 Port isolation group information:

 Group ID: 1

 Group members:

    GigabitEthernet1/0/2

Table 36 Command output

Field

Description

Group ID

ID of the isolation group.

Group members

Isolated ports in the isolation group. No ports indicates that the isolation group contains no isolated ports.

 

Related commands

port-isolate enable

port-isolate enable

Use port-isolate enable to assign a port to the isolation group.

Use undo port-isolate enable to remove a port from the isolation group.

Syntax

port-isolate enable

undo port-isolate enable

Default

The port is not assigned to the isolation group.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Predefined user roles

network-admin

Usage guidelines

The device supports only one isolation group that is automatically created as isolation group 1. Use this command to assign ports to the isolation group.

The configuration in Layer 2 Ethernet interface view applies only to the interface.

The configuration in Layer 2 aggregate interface view applies to the Layer 2 aggregate interface and its aggregation member ports. If the device fails to apply the configuration to the aggregate interface, it does not assign any aggregation member port to the isolation group. If the failure occurs on an aggregation member port, the device skips the port and continues to assign other aggregation member ports to the isolation group.

Examples

# Assign GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 to the isolation group.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port-isolate enable

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] port-isolate enable

# Assign Layer 2 aggregate interface Bridge-Aggregation 1 to the isolation group.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] quit

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] port link-aggregation group 1

[Sysname-GigabitEthernet1/0/1] quit

[Sysname] interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/2] port link-aggregation group 1

[Sysname-GigabitEthernet1/0/2] quit

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] port-isolate enable

Related commands

display port-isolate group

 


Index

A B C D I L M N P R S V


A

active region-configuration,68

B

bandwidth,16

bandwidth,40

C

check region-configuration,68

D

default,16

default,40

description,41

description,17

display interface,17

display interface vlan-interface,42

display lacp system-id,20

display link-aggregation load-sharing mode,21

display link-aggregation member-port,22

display link-aggregation summary,24

display link-aggregation verbose,25

display lldp local-information,120

display lldp neighbor-information,126

display lldp statistics,137

display lldp status,139

display lldp tlv-config,142

display loopback-detection,63

display mac-address,1

display mac-address aging-time,2

display mac-address mac-learning,3

display mac-address mac-move,3

display mac-forwarding cache ip,163

display mac-forwarding cache ip fragment,164

display mac-forwarding cache ipv6,165

display mac-forwarding statistics,161

display port,54

display port-isolate group,174

display stp,70

display stp abnormal-port,76

display stp bpdu-statistics,77

display stp down-port,80

display stp history,80

display stp region-configuration,82

display stp root,83

display stp tc,84

display vlan,45

display vlan brief,47

display vlan-group,60

I

instance,85

interface bridge-aggregation,28

interface vlan-interface,47

L

lacp mode,29

lacp period short,29

lacp system-priority,30

link-aggregation global load-sharing mode,30

link-aggregation lacp traffic-redirect-notification enable,31

link-aggregation load-sharing mode,32

link-aggregation load-sharing mode local-first,32

link-aggregation mode,33

link-aggregation port-priority,34

link-aggregation selected-port maximum,34

link-aggregation selected-port minimum,35

lldp admin-status,145

lldp check-change-interval,146

lldp enable,147

lldp encapsulation snap,147

lldp fast-count,148

lldp global enable,148

lldp hold-multiplier,149

lldp ignore-pvid-inconsistency,150

lldp management-address-format string,150

lldp max-credit,151

lldp mode,152

lldp notification med-topology-change enable,152

lldp notification remote-change enable,153

lldp timer fast-interval,154

lldp timer notification-interval,154

lldp timer reinit-delay,155

lldp timer tx-interval,155

lldp tlv-enable,156

loopback-detection action,64

loopback-detection enable,65

loopback-detection global action,65

loopback-detection global enable,66

loopback-detection interval-time,67

M

mac-address (interface view),4

mac-address (system view),6

mac-address mac-learning enable,7

mac-address mac-learning priority,8

mac-address max-mac-count,9

mac-address max-mac-count enable-forwarding,10

mac-address notification mac-move,10

mac-address notification mac-move suppression (interface view),12

mac-address notification mac-move suppression (system view),12

mac-address timer,13

mtu,48

N

name,49

P

port,55

port access vlan,55

port hybrid pvid,56

port hybrid vlan,57

port link-aggregation group,36

port link-type,58

port trunk permit vlan,58

port trunk pvid,59

port-isolate enable,174

R

region-name,86

reset counters interface,37

reset counters interface vlan-interface,50

reset lacp statistics,38

reset mac-forwarding statistics,163

reset stp,87

revision-level,87

S

second-dot1q,167

service,50

service standby,51

shutdown,38

shutdown,52

snmp-agent trap enable mac-address,14

snmp-agent trap enable stp,88

stp bpdu-protection,89

stp bridge-diameter,89

stp compliance,90

stp config-digest-snooping,91

stp cost,92

stp edged-port,93

stp enable,94

stp global config-digest-snooping,95

stp global enable,96

stp global mcheck,96

stp ignore-pvid-inconsistency,97

stp loop-protection,98

stp max-hops,98

stp mcheck,99

stp mode,100

stp no-agreement-check,101

stp pathcost-standard,101

stp point-to-point,102

stp port priority,103

stp port-log,104

stp priority,105

stp pvst-bpdu-protection,106

stp region-configuration,107

stp role-restriction,107

stp root primary,108

stp root secondary,109

stp root-protection,110

stp tc-protection,110

stp tc-protection threshold,111

stp tc-restriction,112

stp tc-snooping,112

stp timer forward-delay,113

stp timer hello,114

stp timer max-age,115

stp timer-factor,116

stp transmit-limit,116

stp vlan enable,117

V

vlan,53

vlan-group,61

vlan-list,62

vlan-mapping modulo,118

vlan-termination broadcast enable,169

vlan-type dot1q default,170

vlan-type dot1q untagged,170

vlan-type dot1q vid,171

vlan-type dot1q vid second-dot1q,172


 

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Security
  • SMB Products
  • Intelligent Terminal Products
  • Product Support Services
  • Technical Service Solutions
All Services
  • Resource Center
  • Policy
  • Online Help
All Support
  • Become a Partner
  • Partner Resources
  • Partner Business Management
All Partners
  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us
新华三官网