Configuring Protocol-based VLAN Assignment
Context
IP subnet-based and protocol-based VLAN assignments are network layer-based VLAN assignments. They reduce manual VLAN configuration workload and allow users to easily join a VLAN, transfer from one VLAN to another, and exit from a VLAN. A switch that has protocol-based VLAN assignment enabled processes only untagged frames, and treats tagged frames in the same manner as interface-based VLAN assignment.
If protocol-based VLANs are configured on the interface and the protocol profile of the frame matches a protocol-based VLAN, the switch adds the VLAN tag to the frame.
If protocol-based VLANs are configured on the interface and the protocol profile of the frame matches no protocol-based VLAN, the switch adds the PVID of the interface to the frame.
Procedure
- Run:
system-viewThe system view is displayed.
- Run:
vlan vlan-id
A VLAN is created and the VLAN view is displayed. If the specified VLAN has been created, the VLAN view is directly displayed.
The VLAN ID ranges from 1 to 4094. If VLANs need to be created in a batch, run the vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10> command to create VLANs in a batch, and then run the vlan vlan-id command to enter the view of a specified VLAN.
If a device is configured with multiple VLANs, configuring names for these VLANs is recommended:
Run the name vlan-name command in the VLAN view. After a VLAN name is configured, you can run the vlan vlan-name vlan-name command in the system view to enter the corresponding VLAN view.
The vlan configuration command completes vLAN configurations when the VLAN is not created.
- Run:
protocol-vlan [ protocol-index ] { at | ipv4 | ipv6 | ipx { ethernetii | llc | raw | snap } | mode { ethernetii-etype etype-id1 | llc dsap dsap-id ssap ssap-id | snap-etype etype-id2 } }
Protocols are associated with VLANs and a protocol profile is specified.
protocol-index specifies the index of a protocol profile.
A protocol profile depends on protocol types and encapsulation formats, and a VLAN associated with a protocol can be defined in a protocol profile.
When specifying the source and destination service access points, pay attention to the following points:
dsap-id and ssap-id cannot be both set to 0xaa.
dsap-id and ssap-id cannot be both set to 0xe0. 0xe0 indicates llc, encapsulation format of IPX packets.
dsap-id and ssap-id cannot be both set to 0xff. 0xff indicates raw, encapsulation format of IPX packets.
- Configure attributes for the Ethernet interface.
Run:
interface interface-type interface-number
The view of the interface that allows the protocol-based VLAN is displayed.
Run:
port link-type hybrid
The interface is configured as the hybrid interface.
On access and trunk interfaces, protocol-based VLAN assignment can be used only when the protocol-based VLAN is the same as the PVID. It is recommended that protocol-based VLAN assignment be configured on hybrid interfaces.
Run:
port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | all }
The hybrid interface is configured to allow the protocol-based VLAN.
Run:
protocol-vlan vlan vlan-id { all | protocol-index1 [ to protocol-index2 ] } [ priority priority ]
The interface is associated with a protocol-based VLAN.
vlan-id must be the ID of a protocol-based VLAN.
priority specifies the 802.1p priority of a protocol-based VLAN. The value ranges from 0 to 7. A larger value indicates a higher priority. The default value is 0. After the 802.1p priority of a protocol-based VLAN is specified, the switch forwards high-priority frames first during network congestion.
Protocol-based VLAN assignment is invalid for packets with the VLAN ID of 0 on the X series cards.
Checking the Configuration
- Run the display protocol-vlan vlan { all | vlan-id1 [ to vlan-id2 ] } command in any view to check the types and indexes of the protocols associated with VLANs.
- Run the display protocol-vlan interface { all | interface-type interface-number } command in any view to check the protocol-based VLAN configuration on a specified interface or all interfaces.
- Run the display vlan command in any view to check information about VLANs.
