NetEngine AR600, AR6100, AR6200, and AR6300 V300R021 Command Reference

VLAN Configuration Commands

Support for VLAN
8021q protocol
access-vlan
aggregate-vlan
arp broadcast
bandwidth (VLANIF interface view)
damping time
description (VLAN view)
description (VLANIF interface view)
display dot1q information
display qinq information
display interface vlanif
display mux-vlan
display port vlan
display sub-vlan
display super-vlan
display vlan
display vlan priority
display vlan-range
dot1q termination vid
dynamic-macvlan enable
interface vlanif
ip pool (VLAN view)
management-vlan
mtu (VLANIF interface view)
mux-vlan
name (VLAN view)
port
port default vlan
port hybrid pvid vlan
port hybrid tagged vlan
port hybrid untagged vlan
port link-type
port mux-vlan enable
port trunk allow-pass vlan
port trunk pvid vlan
qinq termination pe-vid ce-vid
reset vlan statistics
set vlan-range
set reserved-vlan
shutdown (VLANIF interface view)
subordinate group
subordinate separate
vlan
vlan priority
vlan vlan-name
termination-vid batch enable

Support for VLAN

Hardware Requirements

Table 7-25 MUX VLAN Hardware requirements

Series	Feature Support
AR600&AR6100&AR6200&AR6300 Series	Only the AR6140H-S supports MUX VLANs.
SRU-100H, SRU-100HH, SRU-200H, SRU-400HK, SRU-600HK, SRU-400H, and SRU-600H	Supported
Cards	Only the 8FE1GE, 24ES2GP, and 24GE cards support MUX VLANs.

8021q protocol

Function

The 8021q protocol command changes the Tag Protocol Identifier (TPID) in an 802.1Q frame. The TPID specifies the protocol type in a VLAN tag.

The undo 8021q protocol command restores the default TPID in an 802.1Q frame.

By default, the TPID in an 802.1Q frame is 0x8100.

Format

8021q protocol protocol-id

undo 8021q protocol

Parameters

Parameter	Description	Value
protocol-id	Specifies the TPID in an 802.1Q frame.	The value is a hexadecimal integer that ranges from 0x600 to 0xFFFF.

Views

Ethernet interface view, GE interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Devices from different vendors or in different network plans may use different values of TPID fields in VLAN tags of VLAN packets. When the TPID on the remote device is not 0x8100 and devices need to communicate, run the 8021q protocol command to change the TPID to be the same as that on the remote device. The TPID in VLAN packets received and sent by a device interface is changed to be the configured TPID so that devices can communicate.

Precautions

The 8021q protocol command can be executed on only Layer 3 Ethernet and GE interfaces.

The 8021q protocol command is valid for only tagged VLAN packets.

The TPID value specified by the 8021q protocol command must be different from TPID values of specific protocols. Otherwise, the interface cannot correctly classify protocol packets. The TPID value cannot be any of the values in the following table.

Table 7-26 Description of protocol types and values

Protocol Type	Value
ARP	0x0806
RARP	0x8035
IP	0x0800
IPv6	0x86DD
PPPoE	0x8863/0x8864
MPLS	0x8847/0x8848
IPX/SPX	0x8137
LACP	0x8809
802.1x	0x888E
HGMP	0x88A7
Reserved	0xFFFD/0xFFFE/0xFFFF

Example

# Set the TPID in a VLAN tag on GE1/0/0 to 0x9100.

<Huawei> system-view
[Huawei] interface gigabitethernet 1/0/0
[Huawei-GigabitEthernet1/0/0] 8021q protocol 9100

access-vlan

Function

The access-vlan command adds one or more sub-VLANs to a super-VLAN.

The undo access-vlan command removes one or more sub-VLANs from a super-VLAN.

By default, no sub-VLAN is added to the super-VLAN.

Format

access-vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo access-vlan { vlan-id1 [ to vlan-id2 ] } &<1-10>

Parameters

Parameter	Description	Value
vlan-id1 [ to vlan-id2 ]	Specifies a range of sub-VLAN IDs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1. If to vlan-id2 is not specified, only one VLAN is added to the super-VLAN. You can specify a maximum of 10 VLAN ID ranges at a time. The ranges cannot overlap.	The value is an integer and varies according to models. The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The VLAN technology is widely applied to packet switching networks because it controls broadcast domains flexibly and is easy to deploy. Generally, a Layer 3 switch usually uses a Layer 3 logical interface in each VLAN to allow user hosts in different broadcast domains to communicate. This wastes IP addresses. The VLAN aggregation function is introduced to save IP addresses while implementing communication between VLANs.

The VLAN aggregation function associates a super-VLAN with multiple sub-VLANs. A VLANIF interface can be created in the super-VLAN and be configured with an IP address. Interfaces in all the sub-VLANs use this IP address as the gateway address to communicate with interfaces in other VLANs. This reduces subnet IDs, subnet default gateway addresses, and subnet broadcast IP addresses. In a word, the VLAN aggregation function allows different broadcast domains to use the same subnet address, implements flexible addressing, and saves IP addresses.

Prerequisites

The sub-VLANs to be added to the super-VLAN have been created.

The super-VLAN has been configured using the aggregate vlan command.

Before running the access-vlan command, delete VLANIF interfaces from all the sub-VLANs.

Follow-up Procedure

Configure the sub-VLANs to implement Layer 2 communication between them.

Precautions

The super-VLAN must be different from all its sub-VLANs.

A VLAN can be added to only one super-VLAN.

If you run the access-vlan command multiple times in the same VLAN view, all the specified VLANs are added to the super-VLAN.

Example

# Add sub-VLAN20 and sub-VLAN30 to super-VLAN2.

<Huawei> system-view
[Huawei] vlan 2
[Huawei-vlan2] aggregate-vlan
[Huawei-vlan2] access-vlan 20 30

aggregate-vlan

Function

The aggregate-vlan command configures a VLAN as a super-VLAN.

The undo aggregate-vlan command cancels the configuration.

By default, no VLAN is configured as a super-VLAN.

Format

aggregate-vlan

undo aggregate-vlan

Parameters

None

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Prerequisites

Before configuring a VLAN as a super-VLAN, delete all physical interfaces from the VLAN.

Precautions

VLAN 1 cannot be configured as a super-VLAN.

If a VLAN has been configured as a guest VLAN, it cannot be configured as a super-VLAN.

The super-VLAN must be different from all its sub-VLANs.

After a VLAN is configured as a super-VLAN, no physical interface can be added to the VLAN.

Example

# Configure VLAN 2 as a Super-VLAN.

<Huawei> system-view
[Huawei] vlan 2
[Huawei-vlan2] aggregate-vlan

arp broadcast

Function

The arp broadcast command enables ARP broadcast on a VLAN tag termination sub-interface.

The undo arp broadcast command disables ARP broadcast on a VLAN tag termination sub-interface.

By default, ARP broadcast is enabled on a VLAN tag termination sub-interface.

Format

arp broadcast enable

undo arp broadcast enable

arp broadcast disable

undo arp broadcast disable

Parameters

None

Views

Ethernet sub-interface view, GE sub-interface view, XGE sub-interface view, Eth-Trunk sub-interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

VLAN tag termination sub-interfaces discard broadcast packets after receiving the packets. To permit a VLAN tag termination sub-interface to forward broadcast packets, run the arp broadcast enable command on the sub-interface to enable ARP broadcast.

You can also use the arp broadcast disable command to disable ARP broadcast on a VLAN tag termination sub-interface, and run the undo arp broadcast disable command to enable ARP broadcast on a VLAN tag termination sub-interface.

Configuration Impact

When IP packets need to be sent from a VLAN tag termination sub-interface:

The system discards IP packets when ARP broadcast is not enabled on the VLAN tag termination sub-interface.
The system tags an ARP broadcast packet and forwards it through the VLAN tag termination sub-interface when ARP broadcast is enabled run on the VLAN tag termination sub-interface.

Precautions

When you enable or disable ARP broadcast on a VLAN tag termination sub-interface, the routing status of the sub-interface becomes Down and then Up. This may result in route flapping on the entire network, affecting services.

After the ARP broadcast function is enabled using the arp broadcast enable command, if a service packet is sent from a termination sub-interface but does not have an ARP entry, an ARP request is copied and sent in all VLANs of the sub-interface. If a large number of VLANs are configured, the number of ARP requests to be copied and sent is large, which may bring a heavy burden on the peer devices that receive the ARP requests. Consequently, the peer devices may encounter exceptions, such as high CPU usage and broadcast suppression. The local device may also fail to immediately send ARP requests as it is busy in processing packet copying, leading to ARP learning failures. To prevent this issue, you are advised to reduce the number of VLANs configured on sub-interfaces.

Example

# Enable ARP broadcast on Ethernet2/0/0.1.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0.1
[Huawei-Ethernet2/0/0.1] dot1q termination vid 10
[Huawei-Ethernet2/0/0.1] arp broadcast enable

bandwidth (VLANIF interface view)

Function

The bandwidth command sets the bandwidth of a VLANIF interface.

The undo bandwidth command deletes the configured bandwidth of a VLANIF interface.

By default, the bandwidth of a VLANIF interface is not configured.

Format

bandwidth bandwidth

undo bandwidth

Parameters

Parameter	Description	Value
bandwidth	Specifies the bandwidth of a VLANIF interface.	The value is an integer ranges from 1 to 1000000, in Mbit/s.

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

The bandwidth command ensures that the network management station (NMS) can obtain the bandwidth of a VLANIF interface. The NMS can check the interface bandwidth through ifSpeed and ifHighSpeed in IF-MIB.

If the configured bandwidth is smaller than 4000 Mbit/s, ifSpeed and ifHighSpeed are respectively displayed as bandwidth x 1000 x 1000 and bandwidth.
If the configured bandwidth is equal to or larger than 4000 Mbit/s, ifSpeed and ifHighSpeed are respectively displayed as 4294967295 (0XFFFFFFFF) and bandwidth.

Example

# Set the bandwidth of VLANIF 2 to 10000 Mbit/s.

<Huawei> system-view

[Huawei] vlan 2

[Huawei-vlan2] quit

[Huawei] interface vlanif 2

[Huawei-Vlanif2] bandwidth 10000

damping time

Function

The damping time command sets the VLAN damping time on a VLANIF interface, that is, the delay before reporting a VLAN Down event to the VLANIF interface.

The undo damping time command restores the default dumping time.

The default damping time on a VLANIF interface is 0 seconds. That is, the VLANIF interface is notified immediately after the VLAN becomes Down.

Format

damping time delay-time

undo damping time

Parameters

Parameter	Description	Value
delay-time	Specifies the delay before reporting the VLAN Down event to a VLANIF interface.	The value ranges from 0 to 20, in seconds. The default value is 0.

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Software upgrade or active/standby switchover on the router may cause frequent status changes on VLANIF interfaces. To prevent network flapping, run the damping time command on VLANIF interfaces to configure the VLAN damping function.

When all interfaces in a VLAN become Down, the router waits for a period specified by delay-time and then reports the VLAN Down event to the VLANIF interface.

Precautions

If any interface in the VLAN becomes Up within the delay time, the VLANIF interface remains Up.

You can use the display interface vlanif command to view the VLAN damping time.

If you run the damping time command multiple times in the same VLANIF interface view, only the latest configuration takes effect.

Example

# Set the VLAN damping time on VLANIF 10 to 10 seconds.

<Huawei> system-view
[Huawei] vlan 10
[Huawei-vlan10] quit
[Huawei] interface vlanif 10
[Huawei-Vlanif10] damping time 10

description (VLAN view)

Function

The description command sets the description of a VLAN.

The undo description command restores the default description of a VLAN.

By default, the description of a VLAN shows the VLAN ID. For example, the description of VLAN 2 is "VLAN 0002".

Format

description description

undo description

Parameters

Parameter	Description	Value
description	Specifies the description of a VLAN.	It is a string of 1 to 80 characters. The characters are case sensitive. Spaces are allowed.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The description command is used to set the description of a VLAN, which is convenient for identifying, memorizing, and maintaining the VLAN.

The display vlan vlan-id verbose command can display the description of a specified VLAN.

Precautions

Set different descriptions for VLANs to distinguish.

If you run the description command multiple times in the same VLAN view, only the last configuration takes effect.

Example

# Set the description of VLAN 2 as "Huawei".

<Huawei> system-view
[Huawei] vlan 2
[Huawei-vlan2] description Huawei

description (VLANIF interface view)

Function

The description command set the description of a VLANIF interface.

The undo description command restores the default description of a VLANIF interface.

By default, the description of a VLANIF interface is in "HUAWEI, AR Series, Vlanif2 Interface" format.

Format

description description

undo description

Parameters

Parameter	Description	Value
description	Specifies the description of a VLANIF interface.	It is a string of 1 to 242 characters. The characters are case sensitive. Spaces are allowed.

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To manage VLANIF interfaces conveniently, use the description command to set VLANIF interface descriptions. The description of a VLANIF interface helps you identify the VLANIF interface and know its functions.

You can use the display interface vlanif command to view the description of a VLANIF interface.

Precautions

The description of a VLANIF interface should provide useful information.

Set different descriptions for VLANIF interfaces to distinguish VLANIF interfaces.

If you run the description command multiple times in the same VLANIF interface view, only the latest configuration takes effect.

Example

# Set the description of VLANIF 2 to Huawei.

<Huawei> system-view
[Huawei] vlan 2
[Huawei-vlan2] quit
[Huawei] interface vlanif 2
[Huawei-Vlanif2] description Huawei

display dot1q information

Function

The display dot1q information termination command displays the configuration of a dot1q sub-interface.

Format

display dot1q information termination [ interface interface-type interface-number [.subinterface-number ] ]

Parameters

Parameter	Description	Value
interface interface-type interface-number	Specifies the type and number of an interface.	-
subinterface-number	Specifies the number of a sub-interface.	The value is an integer that ranges from 1 to 4096.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After configuring dot1q termination on sub-interfaces, run the display dot1q information termination command to view the sub-interfaces where dot1q termination is configured and configuration of the dot1q sub-interfaces.

Example

# Display the configuration of all dot1q sub-interfaces.

<Huawei> display dot1q information termination
  Ethernet2/0/0.3
    Total QinQ Num: 1
    dot1q  termination vid 3
    Total vlan-group Num: 0

Table 7-27 Description of the display dot1q information command output

Item	Description
Ethernet2/0/0.3	Sub-interface name.
Total QinQ Num	Number of QinQ entries configured for user packets on a sub-interface.
dot1q termination vid 3	VLAN allowed by a sub-interface.
Total vlan-group Num	Number of VLAN groups configured on a sub-interface.

display qinq information

Function

Using the display qinq information command, you can view the names of all the interfaces configured with QinQ termination and the number of QinQ on the interfaces.

Format

display qinq information termination [ interface interface-type interface-number [.subinterface-number ] ]

Parameters

Parameter	Description	Value
interface interface-type interface-number	Specifies the type and number of an interface.	-
subinterface-number	Specifies the number of a sub-interface.	The value is an integer that ranges from 1 to 4096.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After configuring the qinq termination, you can run the display qinq information command to view the interfaces configured with qinq termination and the related configuration of qinq termination.

Example

# Display all the sub-interfaces configured with QinQ termination.

<Huawei> display dot1q information termination
  Ethernet2/0/0.30
    Total QinQ Num: 1
    qinq termination pe-vid 300 ce-vid 200
    Total vlan-group Num: 0

Table 7-28 Description of the display qinq information command output

Item	Description
Ethernet2/0/0.30	Sub-interface name.
Total QinQ Num	Number of QinQ entries configured for user packets on a sub-interface.
Total vlan-group Num	Number of VLAN groups configured on a sub-interface.

display interface vlanif

Function

The display interface vlanif command displays the status and configuration of a VLANIF interface.

Format

display interface vlanif [ vlan-id | main ]

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of a VLAN.	The value is an integer and the value range depends on the range of existing VLANIF interfaces. You can enter the question mark (?) to obtain the range of VLAN IDs.
main	Displays status and traffic statistics about a VLANIF interface. A VLANIF interface has no sub-interfaces. Status and traffic statistics about a VLANIF interface are displayed whether you specify the main parameter or not.	-

Parameter

Description

Value

vlan-id

Specifies the ID of a VLAN.

The value is an integer and the value range depends on the range of existing VLANIF interfaces. You can enter the question mark (?) to obtain the range of VLAN IDs.

main

Displays status and traffic statistics about a VLANIF interface.

A VLANIF interface has no sub-interfaces. Status and traffic statistics about a VLANIF interface are displayed whether you specify the main parameter or not.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

To monitor an interface or locate an interface fault, you can use the display interface vlanif command to view the interface status, interface configuration, and traffic statistics on the interface.

Prerequisites

The specified VLANIF interface has been created.

Precautions

If vlan-id is not specified, the display interface vlanif command displays information about all VLANIF interfaces in the system.

Example

# Display the status and configuration of VLANIF 3.

<Huawei> display interface vlanif 3
Vlanif3 current state : DOWN
Line protocol current state : DOWN
Description:HUAWEI, AR Series, Vlanif3 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet protocol processing : disabled
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc01-00e1
Current system time: 2007-09-12 20:21:13


    Input bandwidth utilization  : --
    Output bandwidth utilization : --

Table 7-29 Description of the display interface vlanif command output

Item	Description
current state	Status of a VLANIF interface. The value is UP or Down.
Line protocol current state	Status of the link-layer protocol on a VLANIF interface. The value is UP or Down.
Description	Description of a VLANIF interface.
Route Port	Indicates that the interface is a Layer 3 interface.
The Maximum Transmit Unit	Specifies the MTU of a VLANIF interface.
Internet Address	IP address of a VLANIF interface. If the VLANIF interface does not have an IP address, the system displays "Internet protocol processing: disabled."
IP Sending Frames' Format	Encapsulation format of IP packets, which can be PKTFMT_ETHNT_2, Ethernet_802.3, or Ethernet_SNAP.
Hardware address	MAC address of the VLANIF interface.
Current system time	Indicates the current system time. If a time zone is configured and the daylight saving time is used, the time is displayed in the format of YYYY/MM/DD HH:MM:SS UTC±HH:MM DST.
Input/Output bandwidth utilization	Inbound/outbound bandwidth utilization on an interface.

display mux-vlan

Function

Using the display mux-vlan command, you can view the MUX VLAN configuration.

Format

display mux-vlan

Parameters

None

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

After configuring the MUX VLAN function, you can use the display mux-vlan command to verify the configuration. This command displays the principal VLAN ID, subordinate VLAN ID, VLAN type, and interfaces in each VLAN.

Precautions

If no MUX VLAN is configured by using the mux-vlan command, the display mux-vlan command does not display any information.

Example

# Display the MUX VLAN configuration.

<Huawei> display mux-vlan
Principal Subordinate Type         Interface
-----------------------------------------------------------------------------
100       -           principal    
100       120         separate     Ethernet2/0/0
100       130         group        Ethernet1/0/2
100       140         group        Ethernet1/0/3
-----------------------------------------------------------------------------

Table 7-30 Description of the display mux-vlan command output

Item	Description
Principal	ID of a principal VLAN.
Subordinate	ID of a subordinate VLAN
Type	Type of a VLAN. principal: indicates a principal VLAN. group: indicates a subordinate group VLAN. separate: indicates a subordinate separate VLAN.
Interface	Interfaces in a VLAN.

display port vlan

Function

The display port vlan command displays information about interfaces of the VLAN.

Format

display port vlan [ interface-type interface-number | active ] ^*

Parameters

Parameter	Description	Value
interface-type interface-number	Specifies the type and number of an interface in the VLAN. If this parameter is not specified, information about all interfaces in the VLAN is displayed.	-
active	Indicates the interface information of dynamic entries in the VLAN.	-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

You can run the display port vlan command to view information about interfaces of the VLAN and check whether the VLAN is assigned by the command, protocols, or services. If a fault occurs on an interface, you can locate the fault based on the information about the interface and VLAN.

Prerequisite

A VLAN has been created and the Layer 2 interface has joined the VLAN.

Precautions

If a large number of mappings between interfaces and VLANs exist on the device, you are advised to specify the interface or active to filter the command output. Otherwise, the following problems may occur due to excessive output information:

The displayed information is repeatedly refreshed, causing required information to fail to be obtained.
The system does not respond because of long-time information traverse and search.

Example

# Display information about interfaces that belong to each VLAN on the device.

<Huawei> display port vlan

Port                    Link Type    PVID  Trunk VLAN List
-------------------------------------------------------------------------------
Ethernet2/0/0           hybrid       1     -
Ethernet2/0/1           hybrid       1     -
Ethernet2/0/2           hybrid       1     -
Ethernet2/0/3           hybrid       1     -
Ethernet2/0/4           hybrid       1     -
Ethernet2/0/5           access       3     -
Ethernet2/0/6           hybrid       1     -
Ethernet2/0/7           hybrid       1     -

Table 7-31 Description of the display port vlan command output

Item	Description
Port	Indicates the type and number of the interface.
Link Type	Indicates the types of the interface link.
PVID	Indicates the default VLAN ID of the interface. By default, VLAN 1 is the default VLAN of all interfaces.
Trunk VLAN List	Indicates the VLAN IDs that are dynamically added by an interface. Indicates the VLAN IDs of packets that are statically configured to pass through an interface.

display sub-vlan

Function

The display sub-vlan command displays information about sub-VLAN entries.

Format

display sub-vlan [ vlan-id ]

Parameters

Parameter	Description	Value
vlan-id	Specifies the VLAN ID of a sub-VLAN.	The value is an integer ranging from 1 to 4094.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After VLAN aggregation is configured on a device, you can determine whether VLAN aggregation has been correctly configured by running the display sub-vlan command to check information about sub-VLANs and check which sub-VLANs are contained in a super-VLAN.

When using the display sub-vlan command, note the following issues:

If vlan-id is not specified, information about all sub-VLANs on the device is displayed.
If vlan-id is specified, information about a specific sub-VLAN is displayed.

Before running the display sub-vlan command, ensure that the device is configured with sub-VLANs. Otherwise, no command output is displayed.

Example

# Display information about all sub-VLANs.

<Huawei> display sub-vlan

VLAN ID   Super-VLAN
--------------------------------------------------------------------------------
10        40
20        40
30        40

Table 7-32 Description of the display sub-vlan command output

Item	Description
VLAN ID	Existing sub-VLAN on the device.
Super-VLAN	Super-VLAN that the sub-VLAN belongs to.

display super-vlan

Function

The display super-vlan command displays information about super-VLAN entries.

Format

display super-vlan [ vlan-id ]

Parameters

Parameter	Description	Value
vlan-id	Specifies the VLAN ID of a super-VLAN.	The value is an integer ranging from 1 to 4094.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

After VLAN aggregation is configured on a device, you can determine whether VLAN aggregation has been correctly configured by running the display super-vlan command to check information about super-VLANs and check which sub-VLANs are contained in a super-VLAN.

When using the display super-vlan command, note the following issues:

If vlan-id is not specified, information about all super-VLANs on the device is displayed.
If vlan-id is specified, information about a specific super-VLAN is displayed.

Before running the display super-vlan command, ensure that the device is configured with super-VLANs. Otherwise, no command output is displayed.

Example

# Display information about all super-VLANs.

<Huawei> display super-vlan

VLAN ID   Sub-VLAN
--------------------------------------------------------------------------------
40        10 20 30

Table 7-33 Description of the display super-vlan command output

Item	Description
VLAN ID	Existing super-VLAN on the device.
Sub-VLAN	Sub-VLAN in the super-VLAN.

display vlan

Function

The display vlan command displays information about VLANs.

Format

display vlan [ { vlan-id | vlan-name vlan-name } [ verbose ] ]

display vlan [ vlan-id1 [ to vlan-id2 ] | brief | summary ]

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of a VLAN.	The value is an integer that ranges from 1 to 4094.
vlan-id1 [ to vlan-id2 ]	Specifies a range of VLAN IDs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1. If to vlan-id2 is not specified, only information about the VLAN specified by vlan-id1 is displayed.	The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094.
summary	Displays summary of all VLANs.	-
verbose	Displays detailed information about a specified VLAN. If verbose is not specified, only brief information about the VLAN is displayed.	-
vlan-name vlan-name	Specifies a VLAN name.	The name is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.
brief	Indicates brief information about VLANs.	-

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

Usage Scenario

The display vlan command displays VLAN configuration or packet statistics on interfaces in a VLAN.

Precautions

If no parameter is specified, brief information about all VLANs is displayed.

Example

# Display brief information about all VLANs.

<Huawei> display vlan
* : management-vlan                                                             
---------------------                                                           
The total number of vlans is : 6                                                
VLAN ID Type         Status   MAC Learning Broadcast/Multicast/Unicast Property 
--------------------------------------------------------------------------------
1       common       enable   enable       forward   forward   forward default  
10      common       enable   enable       forward   forward   forward default  
100     common       enable   enable       forward   forward   forward default  
199     common       enable   enable       forward   forward   forward default  
900     common       enable   enable       forward   forward   forward default  
4094    common       enable   enable       forward   forward   forward default

# Display detailed information about VLAN 100.

<Huawei> display vlan 100 verbose
* : Management-VLAN
---------------------
  VLAN ID                     : 100
  VLAN Name                   :
  VLAN Type                   : Common
  Description                 : VLAN 0100
  Status                      : Enable
  Broadcast                   : Enable
  MAC Learning                : Enable
  Smart MAC Learning          : Disable
  Current MAC Learning Result : Enable
  Statistics                  : Disable
  Property                    : Default
  VLAN State                  : Down
  ----------------
  Tagged        Port: Ethernet2/0/0
  ----------------
  Active  Tag   Port: Ethernet2/0/0
-------------------
Interface                   Physical
Ethernet2/0/0                   DOWN

# Display summary of all VLANs.

<Huawei> display vlan summary
static vlan:
Total 7 static vlan exist(s).
1 to 2 10 45 56 100 111
dynamic vlan:
Total 0 dynamic vlan exist(s).
reserved vlan:
Total 0 reserved vlan exist(s).

# Display brief of all VLANs.

<Huawei> display vlan brief

U:Up;D:Down;TG:Tagged;UT:Untagged;

VID  Name             Status  Ports
--------------------------------------------------------------------------------
1                     enable  UT: Eth2/0/3(U) Eth2/0/5(D) Eth2/0/6(D)
                                  Eth2/0/7(D) Eth-Trunk1(D) Eth-Trunk2(D)
                                  Eth-Trunk3(D) Eth-Trunk6(D) Eth-Trunk7(D)
10                    enable  UT: Eth2/0/0(U) Eth2/0/4(D)
11                    enable  UT: Eth-Trunk5(D)
                              TG: Eth2/0/7(D)
12                    enable
20                    enable
100                   enable  UT: Eth2/0/1(U)
200                   enable  UT: Eth2/0/2(U)
470                   enable

Table 7-34 Description of the display vlan command output

Item	Description
: management-vlan/ : Management-VLAN	Management VLAN.
The total number of vlans is	Total number of VLANs.
VLAN ID/VID	ID of a VLAN.
VLAN Type/Type	Type of a VLAN: Mux: principal VLAN used in the MUX VLAN function Mux-sub: subordinate VLAN used in the MUX VLAN function Common: common VLAN *Common: management VLAN
Status	Status of a VLAN. The value is always Enable.
Broadcast	Whether the broadcast function is enabled in a VLAN: Disable: The broadcast function is disabled. Enable: The broadcast function is enabled.
MAC Learning	Whether MAC address learning is enabled: disable: MAC address learning is disabled. enable: MAC addresses learning is enabled.
Broadcast/Multicast/Unicast	Whether Broadcast/Multicast/Unicast message is retransmitted.
Property	Property of a VLAN: Default: default VLAN MulticastVlan: multicast VLAN UserVlan: user VLAN
VLAN Name/Name	Name of a VLAN.
Description	Description of a VLAN.
Smart MAC Learning	Whether smart MAC address learning is enabled: disable: Smart MAC address learning is disabled. enable: Smart MAC addresses learning is enabled.
Current MAC Learning Result	MAC address learning result.
Statistics	Whether the traffic statistics function is enabled in a VLAN: disable: Traffic statistics function is disabled. enable: Traffic statistics function is enabled.
VLAN State	Status of the VLAN: Up Down The status of a VLAN is determined by the status of member interfaces in the VLAN. A VLAN is Up only when at least one member interface in the VLAN is Up.
Tagged Port	(Untagged Port). Interfaces that are manually added to a VLAN in tagged or untagged mode.
Active Tag Port	(Active Untag Port). Active interfaces that join a VLAN in tagged or untagged mode.
static vlan	VLANs that are created manually.
dynamic vlan	VLANs that are learned dynamically.
reserved vlan	VLANs that are reserved for certain functions.
U: Up	The interface is Up.
D: Down	The interface is Down.
TG: Tagged	Tagged packets.
UT: Untagged	Untagged packets.
Ports	Interfaces in a VLAN.

display vlan priority

Function

Using the display vlan priority command, you can view the 802.1p priorities of VLANs.

Format

display vlan { vlan-id | all } priority

Parameters

Parameter	Description	Value
vlan-id	Specifies a VLAN ID. If this parameter is specified, the 802.1p priority of the specified VLAN is displayed.	The value is an integer that ranges from 1 to 4094.
all	Displays 802.1p priorities of all VLANs.	-

Views

All views

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The display vlan priority command displays the 802.1p priority of a specified VLAN or 802.1p priorities of all VLANs.

Example

# Display 802.1p priorities of all VLANs.

<Huawei> display vlan all priority

------------------------------
 VLAN ID       Priority
------------------------------
    11          3
------------------------------
Total items displayed = 1

Table 7-35 Description of the display vlan priority command output

Item	Description
VLAN ID	ID of a VLAN.
Priority	802.1p priority of a VLAN.
Total items displayed	Number of VLAN-priority items displayed.

display vlan-range

Function

The display vlan-range command displays the range of VLANs that can be created on the 4GE-2S interface card.

Format

display vlan-range slot slot-id

Parameters

Parameter	Description	Value
slot-id	Specifies the slot ID. The 4GE-2S interface card must be in the slot.	The value is an integer that ranges from 1 to 15.

Views

All views

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can run the display vlan-range command to view the range of VLANs that can be created on the 4GE-2S interface card.

Example

# Display the range of VLANs that can be created on the 4GE-2S interface card in slot 6.

<Huawei> system-view
[Huawei] display vlan-range slot 6
 ----------------The board supports the following VLAN group----------------
 0001 0100 0101 0102 0103 0104 0105 0106 0107 0108 0109 0110 0111 0112 0113
 0114 0115 0116 0117 0118 0119 0120 0121 0122 0123 0124 0125 0126 0127 0128
 0129 0130 0131 0132 0133 0134 0135 0136 0137 0138 0139 0140 0141 0142 0143
 0144 0145 0146 0147 0148 0149 0150 0151 0152 0153 0154 0155 0156 0157 0158
 0159 0160 0161 0162 0163 0164 0165 0166 0167 0168 0169 0170 0171 0172 0173
 0174 0175 0176 0177 0178 0179 0180 0181 0182 0183 0184 0185 0186 0187 0188
 0189 0190 0191 0192 0193 0194 0195 0196 0197 0198 0199 0200 0201 0202 0203
 0204 0205 0206 0207 0208 0209 0210 0211 0212 0213 0214 0215 0216 0217 0218
 0219 0220 0221 0222 0223 0224 0225 0226

dot1q termination vid

Function

The dot1q termination vid command sets the single VLAN ID for Dot1q termination on a sub-interface.

The undo dot1q termination vid command deletes the single VLAN ID for Dot1q termination on a sub-interface.

By default, the single VLAN ID for Dot1q termination is not set on a sub-interface.

Format

dot1q termination vid low-pe-vid [ to high-pe-vid ]

undo dot1q termination vid low-pe-vid [ to high-pe-vid ]

Parameters

Parameter	Description	Value
low-pe-vid	Specifies the lower limit of the VLAN ID in the user packet.	The value is an integer that ranges from 1 to 4094.
to high-pe-vid	Specifies the upper limit of the VLAN ID in the user packet.	The value is an integer that ranges from 1 to 4094.

Views

Ethernet sub-interface view, GE sub-interface view, XGE sub-interface view, Eth-Trunk sub-interface view, VE sub-interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Communication between VLANs
VLANs are widely used because they can separate Layer 2 packets. A physical LAN is divided into multiple logical broadcast domains. Hosts in the same VLAN can communicate with each other but the hosts of different VLANs cannot. The Layer 3 routing technology is used for communication between hosts of different VLANs in the following two methods:
- Through the VLANIF interface on the device.
- Through the Layer 3 Ethernet interface on the device.
  
  However, when a traditional Layer 3 Ethernet interface receives VLAN packets, the VLAN packets are discarded. To enable communication between hosts of different VLANs, you can create an Ethernet sub-interface on the Layer 3 Ethernet interface and enable QinQ termination on the sub-interface to remove the tag from the VLAN packet.
Communication between a LAN and a WAN

Most packets on a LAN have VLAN tags, but some WAN protocols such as ATM, FR, and PPP, cannot identify VLAN packets. To send a VLAN packet from LAN to WAN, the device records VLAN information in the packet, removes the VLAN tag, and forwards the packet.

Based on the number of tags, VLAN packets can be classified into Dot1q packets and QinQ packets. A Dot1q packet carries a single-layer VLAN tag and a QinQ packet carries a double-layer VLAN tag. Accordingly, there are two VLAN tag termination modes:

Dot1q termination, which terminates tags carried in Dot1q packets

To configure Dot1q termination, run the dot1q termination vid command.
QinQ termination, which terminates tags carried in QinQ packets.

To configure QinQ termination, run the qinq termination pe-vid ce-vid command in the sub-interface view.

After the dot1q termination vid command is run, the sub-interface for VLAN tag termination processes the packet in the following procedures:

The sub-interface removes the tag in the VLAN packet when receiving the packet and forwards the packet on Layer 3. The outbound interface determines whether the forwarded VLAN packet carries tags.
The sub-interface adds VLAN information to the packet and then sends the packet.

Precautions

high-pe-vid is supported by only the AR6280-S&AR6300-S&AR6280&&AR6300&AR6280K&AR6300K.
You can specify high-pe-vid only after the termination-vid batch enable command is used to enable a sub-interface to batch terminate VLAN tags.
The value of high-pe-vid must be greater than or equal to the value of low-pe-vid.
When this command is executed on an Eth-Trunk sub-interface, you cannot specify high-pe-vid.
The tag values of the user packet received by the sub-interface must be in the range of pe-vids specified in the command; otherwise, the packet is discarded.
When you run the undo dot1q termination vid command to delete the single VLAN ID for Dot1q termination on a sub-interface, the VLAN ID must be the same as that specified in the dot1q termination vid command.
If the dot1q termination vid command is run more than once, all configurations take effect.

Configuration Impact

After you run this command to enable batch VLAN termination on a sub-interface, the sub-interface can only connect to an L2VPN but cannot be used for Layer 3 forwarding.

Example

# Set the encapsulation mode on Ethernet2/0/0.1 to Dot1q and allow the packets with the VLAN tag 100 to pass through.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0.1
[Huawei-Ethernet2/0/0.1] dot1q termination vid 100

dynamic-macvlan enable

Function

The dynamic-macvlan enable command enables MAC address-based dynamic VLAN assignment.

The undo dynamic-macvlan enable command disables MAC address-based dynamic VLAN assignment.

By default, MAC address-based dynamic VLAN assignment is disabled.

Only the AR6120, AR6121K, AR6121E, AR6121, AR6120-VW, AR6120-S, AR6121E-S, AR6121-S, AR6121EC-S, and AR6121C-S support this function.

The AR-10 supports this function.

Format

dynamic-macvlan enable

undo dynamic-macvlan enable

Parameters

None

Views

GE interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After you run the dynamic-macvlan enable command on a port and 802.1X or MAC address authentication is completed, the VLAN attribute assigned by the RADIUS server is added to the packets sent to the CPU regardless of the port from which users access the network. In this manner, a MAC address-to-VLAN mapping is created and packets are not directed based on the PVID.

Precautions

This command can be run only on Layer 2 ports of the device panel.
The ports must be of the hybrid untagged type.
The ports enabled with MAC address-based dynamic VLAN assignment support Layer 3 services only.
If a port has an authentication profile applied, you need to unbind the authentication profile from the port before running the dynamic-macvlan enable command.
For models that do not support dynamic VLANs, if the authorized VLANs are different from the VLANs configured on a port, service traffic on the port will fail to be forwarded.
After a dynamic VLAN is configured, you must configure the authorization VLAN in the pre-authentication domain. Otherwise, the terminal cannot obtain the IP address of the dynamic VLAN.

Example

# Enable MAC address-based dynamic VLAN assignment on GE0/0/3.

<Huawei> system-view
[Huawei] interface GigabitEthernet 0/0/3
[Huawei-GigabitEthernet 0/0/3] dynamic-macvlan enable

interface vlanif

Function

The interface vlanif command creates a VLANIF interface and displays the VLANIF interface view.

The undo interface vlanif command deletes a VLANIF interface.

By default, VLANIF interfaces are not created.

Format

interface vlanif vlan-id

undo interface vlanif vlan-id

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of the VLAN that a VLANIF interface belongs to.	The value is an integer that ranges from 1 to 4094.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a device needs to communicate with devices at the network layer, you can create a logical interface based on a VLAN on the device, namely, a VLANIF interface. A VLANIF interface is a network layer interface and can be configured with an IP address. The device then users the VLANIF interface to communicate with devices at the network layer.

Prerequisites

The specified VLAN has been created using the vlan command before you create a VLANIF interface.

Follow-up Procedure

Run the ip address to assign an IP address to the VLANIF interface.

Precautions

If the specified VLANIF interface exists, the interface vlanif command displays the VLANIF interface view directly.

After a VLANIF interface is configured, the corresponding VLAN cannot be configured as a sub-VLAN or principal VLAN.

When a VLANIF interface is used as a management VLANIF interface where you can telnet to the device, the user VLAN ID cannot be the same as the management VLAN ID; otherwise, you will fail to telnet to the device.

Example

# Create VLANIF 2 and enter the VLANIF interface view.

<Huawei> system-view
[Huawei] vlan 2
[Huawei-vlan2] quit 
[Huawei] interface vlanif 2
[Huawei-Vlanif2]

ip pool (VLAN view)

Function

The ip pool command configures an IP address pool for a sub-VLAN.

The undo ip pool command deletes the IP address pool of a sub-VLAN.

By default, no IP address pool is configured for sub-VLANs.

Format

ip pool start-address [ to end-address ]

undo ip pool

Parameters

Parameter	Description	Value
start-address	Specifies the start IP address in an IP address pool.	It is in dotted decimal notation.
to end-address	Specifies the end IP address in an IP address pool. If end-address is not specified, only one IP address, that is, start-address, exists in the IP address pool.	It is in dotted decimal notation.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After assigning an IP address to the super-VLAN by assigning the IP address to a VLANIF interface, you can specify the IP address range for users in the VLAN. In this manner, the ARP module filters out packets with IP addresses beyond the IP address range so that the number of ARP packets can be exactly controlled.

If the super VLAN is enabled with proxy ARP, the system directly sends an ARP Request packet from a user in the sub-VLAN to the destination sub-VLAN based on the IP address carried in the packet, which reduces broadcast traffic.

The ip pool command can be used to set an IP address pool for the sub-VLAN. In the IP address pool, a single IP address or a consecutive IP address segment can be configured, but inconsecutive IP address segments cannot be configured.

Prerequisites

After the preceding configuration is complete, run the aggregate-vlan command in the view of a VLAN to set the VLAN to the super-VLAN, and run the access-vlan command to set the VLANs that need IP address pools configured to be sub-VLANs of the super-VLAN.

Configuration Impact

After the ip pool command is run for a sub-VLAN, only ARP packets, including ARP request, ARP response, and proxy ARP, with the IP addresses in the IP address pool can be processed in the sub-VLAN.

Precautions

Before updating the IP address pool configured for a sub-VLAN, run the undo ip pool command to delete the existing one.

Example

# Configure an IP address pool for VLAN 20, with IP addresses ranging from 10.10.10.10 to 10.10.10.20.

<Huawei> system-view
[Huawei] vlan 20
[Huawei-vlan20] ip pool 10.10.10.10 to 10.10.10.20

management-vlan

Function

Using the management-vlan command, you can configure a VLAN as a management VLAN.

Using the undo management-vlan command, you can cancel the configuration.

By default, no VLAN is configured as a management VLAN.

Format

management-vlan

undo management-vlan

Parameters

None

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To use a network management system to manage multiple devices, create a VLANIF interface on each device and configure a management IP address for the VLANIF interface. You can then log in to a device and manage it using its management IP address. If a user-side interface is added to the VLAN, users connected to the interface can also log in to the device. This brings security risks to the device.

After a VLAN is configured as a management VLAN, no access interface can be added to the VLAN. An access interface is connected to users. The management VLAN forbids users connected to access interfaces to log in to the device, improving device performance.

Follow-up Procedure

Create a VLANIF interface corresponding to the VLAN and configure a management IP address on the VLANIF interface.

Precautions

VLAN 1 cannot be configured as an mVLAN.

You can run the display vlan command to view the management VLAN configuration. In the command output, the VLAN marked with a * is the management VLAN.

After a VLAN is configured as a management VLAN, only trunk and hybrid interfaces can be added to the VLAN.

Example

# Configure VLAN 100 as a management VLAN.

<Huawei> system-view
[Huawei] vlan 100
[Huawei-vlan100] management-vlan

mtu (VLANIF interface view)

Function

Using the mtu command, you can set the maximum transmission unit (MTU) of a VLANIF interface.

Using the undo mtu command, you can restore the default MTU of a VLAN interface.

By default, the MTU of a VLAN interface is 1500 bytes.

Format

mtu mtu

undo mtu

Parameters

Parameter	Description	Value
mtu	Specifies the MTU of a VLANIF interface.	The value is an integer that ranges from 46 to 1600, in bytes.

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

MTU is short for maximum transmission unit. An MTU value determines the maximum number of bytes each time a sender can send. If the size of packets exceeds the MTU supported by a transit node or a receiver, the transit node or receiver fragments the packets or even discards them, aggravating the network transmission load. To avoid this problem, set the MTU value of the VLANIF interface.

Example

# Set the MTU of the VLANIF 100 interface to 1492 bytes.

<Huawei> system-view

[Huawei] interface Vlanif 100

[Huawei-Vlanif100] mtu 1492

mux-vlan

Function

The mux-vlan command configures a VLAN as a principal VLAN.

The undo mux-vlan command cancels the configuration.

By default, no VLAN is configured as a principal VLAN.

Format

mux-vlan

undo mux-vlan

Parameters

None

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

All employees and customers of an enterprise can access servers on the enterprise network. The enterprise allows employees to communicate but expects to isolate customers from one another. To meet this requirement, the enterprise can add the servers to a VLAN, add employees to another VLAN, and add each customer to a different VLAN. This wastes VLAN IDs and increases workload on VLAN configuration.

The MUX VLAN function is introduced to solve this problem. The MUX VLAN function isolates Layer 2 traffic between interfaces in a VLAN. This function involves the following VLANs:

Principal VLAN: allows member interfaces to communicate with each other and with interfaces in subordinate VLANs.
Subordinate VLAN
- Subordinate separate VLAN: allows member interfaces to communicate with only interfaces in the principal VLAN. An interface in a subordinate separate VLAN cannot communicate with interfaces in the same VLAN or other subordinate VLANs.
- Subordinate group VLAN: allows member interfaces to communicate with interfaces in the same VLAN and interfaces in the principal VLAN. An interface in a subordinate group VLAN cannot communicate with interfaces in other subordinate VLANs.

According to features of the preceding VLANs, the enterprise can add the servers to the principal VLAN, add employees to a subordinate group VLAN, and add customers to a subordinate separate VLAN. Customers are then allowed to access the servers but isolated from one another. This saves VLAN IDs on the enterprise network and facilitates network management.

Prerequisites

The VLAN does not have a VLANIF interface.

Follow-up Procedure

Configure subordinate VLANs for the principal VLAN and enable the MUX VLAN function on interfaces.

Precautions

If a VLAN has been configured as a principal VLAN, it cannot be used to configure the VLANIF interface, Super VLAN, Sub VLAN.

If a VLAN has been configured as a principal VLAN, it cannot be configured as a subordinate VLAN of another principal VLAN.

The device supports a maximum of 128 principal VLANs. The maximum number of subordinate VLANs in a principal VLAN is as follows:

AR6140-16G4XG, AR6280K, AR6300K, AR6280, AR6300, AR6140H-S, and AR6280-S: 32

Example

# Configure VLAN 5 as a principal VLAN.

<Huawei> system-view
[Huawei] vlan 5
[Huawei-vlan5] mux-vlan

name (VLAN view)

Function

The name command configures a name for a VLAN.

The undo name command deletes a configured VLAN name.

By default, a VLAN does not have a name.

Format

name vlan-name

undo name

Parameters

Parameter	Description	Value
vlan-name	Specifies the VLAN name.	The name is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

If a device is configured with multiple VLANs for transmitting different services, you can name the VLANs in their corresponding VLAN views to facilitate service management. In this manner, you can check the deployed services of a VLAN by the VLAN name.

After VLANs are named, you can run the vlan vlan-name command in the system view to enter the view of a specific VLAN, and then check or modify the configuration of the VLAN.

Example

# Create VLAN 2, which is used to transmit data services, and name it as data.

<Huawei> system-view

[Huawei] vlan 2

[Huawei-vlan2] name data

port

Function

The port command configures a VLAN as the default VLAN of an interface and adds the interface to the VLAN.

The undo port command restores the default VLAN of an interface to the default setting.

By default, VLAN 1 is the default VLAN of all interfaces.

Format

port interface-type { interface-number1 [ to interface-number2 ] } &<1-10>

undo port interface-type { interface-number1 [ to interface-number2 ] } &<1-10>

Parameters

Parameter	Description	Value
interface-type { interface-number1 [ to interface-number2 ] }	Configures the default VLAN for multiple interfaces. interface-type specifies the type of interfaces. interface-number1 specifies the number of the first interface. interface-number2 specifies the number of the last interface. The value of interface-number2 must be greater than the value of interface-number1. The interface-number1 and interface-number2 parameters identify a range of interfaces. If to interface-number2 is not specified, only one interface is specified. You can specify 10 interface ranges at one time.	-

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

All frames sent from a user device are untagged, and frames sent from a remote device may also be untagged. However, the device processes only tagged frames. Therefore, the device adds a tag to each untagged frame received by an interface. The default VLAN ID of the interface can be added to untagged frames so that these frames are forwarded in the default VLAN.

After the default VLAN is specified for an access interface, packets passing through the interface are processed as follows:

When the interface receives an untagged frame, it tags the frame with the default VLAN ID.
When the interface receives a tagged packet:
- If the interface is an access interface, it compares the VLAN ID of the packet with the default VLAN ID. If they are the same, the interface forwards the packets; otherwise, the interface discards the packets.
Before forwarding tagged packets, access interfaces remove VLAN tags from the packets.

Prerequisites

The link-type of specified interfaces cannot be hybrid or trunk before you run the port command.

Precautions

A super VLAN cannot be configured as the default VLAN of interfaces.

The undo port command deletes the default VLAN of the specified interfaces only if the current VLAN is the default VLAN of these interfaces.

If you run the port command multiple times in the same VLAN view, the VLAN is configured as the default VLAN of all the specified interfaces.

You can also run the port default vlan command in the interface view to configure the default VLAN for an interface. The two commands have the same function.

Example

# Configure VLAN 3 as the default VLAN of interfaces Eth2/0/0 to Eth2/0/4.

<Huawei> system-view
[Huawei] vlan 3
[Huawei-vlan3] port ethernet 2/0/0 to 2/0/4

port default vlan

Function

The port default vlan command configures the default VLAN of an interface and adds the interface to the VLAN.

The undo port default vlan command restores the default VLAN of an interface to the default setting.

By default, VLAN 1 is the default VLAN of all interfaces.

Format

port default vlan vlan-id [ step step-number [ increased | decreased ] ]

undo port default vlan

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of the default VLAN.	The value is an integer that ranges from 1 to 4094.
step step-number [ increased \| decreased ]	Specifies that the interface added to an interface group can be bound to VLANs starting from the one identified by vlan-id in an ascending or descending order at a step specified by step-number. increased specifies an increase in the values of VLAN IDs starting from the one identified by vlan-id at a step specified by step-number to add the interfaces to the VLANs. Whereas decreased specifies a decrease in the values of VLAN IDs starting from the one identified by vlan-id at a step specified by step-number to add the interfaces to the VLANs. For example, you can configure increased, and set vlan-id to 10 and step-number to 20 in the port default vlan command. After this configuration, interface 1 joins VLAN 10; interface 2 joins VLAN 30... By analogy, interface 10 joins VLAN 190. NOTE: This parameter can only be used in the port group view. When using step and vlan-id in the command, ensure that all interfaces added to the VLAN are available. If this parameter is not specified, all interfaces in an interface group are added into the same VLAN, that is, VLAN vlan-id.	The value is an integer that ranges from 1 to 4093.

Parameter

Description

Value

vlan-id

Specifies the ID of the default VLAN.

The value is an integer that ranges from 1 to 4094.

step step-number [ increased | decreased ]

Specifies that the interface added to an interface group can be bound to VLANs starting from the one identified by vlan-id in an ascending or descending order at a step specified by step-number.

increased specifies an increase in the values of VLAN IDs starting from the one identified by vlan-id at a step specified by step-number to add the interfaces to the VLANs. Whereas decreased specifies a decrease in the values of VLAN IDs starting from the one identified by vlan-id at a step specified by step-number to add the interfaces to the VLANs.

For example, you can configure increased, and set vlan-id to 10 and step-number to 20 in the port default vlan command. After this configuration, interface 1 joins VLAN 10; interface 2 joins VLAN 30... By analogy, interface 10 joins VLAN 190.

NOTE:

This parameter can only be used in the port group view.
When using step and vlan-id in the command, ensure that all interfaces added to the VLAN are available.
If this parameter is not specified, all interfaces in an interface group are added into the same VLAN, that is, VLAN vlan-id.

The value is an integer that ranges from 1 to 4093.

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the default VLAN is specified for an access interface, packets passing through the interface are processed as follows:

When the interface receives an untagged frame, it tags the frame with the default VLAN tag.
When the interface receives a tagged packet:
- If the interface is an access interface, it compares the VLAN ID of the packet with the default VLAN ID. If they are the same, the interface forwards the packets; otherwise, the interface discards the packets.
Before forwarding tagged packets, access interfaces remove VLAN tags from the packets.

Prerequisites

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

The VLAN to be configured as the default VLAN has been created.

The interface type is access. If not, run the port link-type command to change the interface type.

Precautions

You can also run the port command in the VLAN view to configure the default VLAN of an interface. The two commands have the same function.
A super VLAN cannot be configured as the default VLAN of interfaces.
This command is invalid on a member interface of an Eth-Trunk.
If you run the port default vlan command multiple times in the same interface view, only the latest configuration takes effect.
This configuration will be deleted automatically if the default VLAN is deleted in system view.

Example

# Configure VLAN 3 (an existing VLAN) as the default VLAN of Eth2/0/0 (an access interface).

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type access
[Huawei-Ethernet2/0/0] port default vlan 3

# Configure VLAN 4 (an existing VLAN) as the default VLAN of VE0/0/1 (an access interface).

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type access
[Huawei-Virtual-Ethernet0/0/1] port default vlan 4

port hybrid pvid vlan

Function

The port hybrid pvid vlan command specifies the default VLAN ID of a hybrid interface.

The undo port hybrid pvid vlan command restores the default VLAN ID of a hybrid interface to the default setting.

By default, VLAN 1 is the default VLAN ID of all interfaces.

Format

port hybrid pvid vlan vlan-id

undo port hybrid pvid vlan

Parameters

Parameter	Description	Value
vlan-id	Specifies the default VLAN ID of a hybrid interface.	The value is an integer that ranges from 1 to 4094.

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

An interface may receive untagged and tagged frames, but the device processes only tagged frames. Therefore, the device adds a tag to each untagged frame received by an interface. The default VLAN ID of the interface can be added to untagged frames so that these frames are forwarded in the default VLAN.

A hybrid interface processes Ethernet frames as follows when it is configured with the default VLAN ID:

When the interface receives an untagged frame, it tags the frame with the default VLAN ID. If the default VLAN ID is allowed by the interface, the interface accepts the frame. Otherwise, the interface discards the frame.
When the interface receives a tagged frame, it accepts the frame if the VLAN ID of the frame is in the list of allowed VLAN IDs. Otherwise, the interface discards the frame.
If the VLAN ID of a frame is allowed by the interface, the interface forwards the frame. You can configure whether the interface sends tagged or untagged packets.

Prerequisites

The VLAN to be specified as the default VLAN has been created.

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

Precautions

This command is invalid on a member interface of an Eth-Trunk.

The port hybrid pvid vlan command only specifies the default VLAN for an interface but does not add the interface to the default VLAN.

If you run the port hybrid pvid vlan command multiple times in the same interface view, only the latest configuration takes effect.

This configuration will be deleted automatically if the default VLAN is deleted in system view.

Example

# Specify VLAN 5 as the default VLAN of Eth2/0/0.

<Huawei> system-view
[Huawei] vlan 5
[Huawei-vlan5] quit
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type hybrid
[Huawei-Ethernet2/0/0] port hybrid pvid vlan 5

# Specify VLAN 5 as the default VLAN of the VE0/0/1 interface.

<Huawei> system-view
[Huawei] vlan 5
[Huawei] quit
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type hybrid
[Huawei-Virtual-Ethernet0/0/1] port hybrid pvid vlan 5

port hybrid tagged vlan

Function

The port hybrid tagged vlan command adds a hybrid interface to the specified VLANs. Frames of the VLANs then pass through the hybrid interface in tagged mode.

The undo port hybrid vlan command removes a hybrid interface from the specified VLANs.

By default, a hybrid interface is added to VLAN 1 in untagged mode.

Format

port hybrid tagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

undo port hybrid vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

(Port group view)port hybrid tagged vlan vlan-id3 [ step step-number [ increased | decreased ] ]

(Port group view)undo port hybrid vlan vlan-id3 [ step step-number [ increased | decreased ] ]

Parameters

Parameter	Description	Value
vlan-id1 [ to vlan-id2 ]	Adds a hybrid interface to specified VLANs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1.	The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094.
all	Adds a hybrid interface to all VLANs.	-
vlan-id3	Specifies the ID of the start VLAN to be bound to the member port of a port group.	The value is an integer that ranges from 1 to 4094.
step step-number	Specifies the step for the increase or decrease in the value of the VLAN ID. With this parameter specified, the member ports in a port group can be bound to VLANs starting from the one identified by vlan-id3 in an ascending or descending order at a step specified by step-number. This facilitates the subsequent user configuration. For example: A port group has 10 member ports. You can configure increased, and set vlan-id3 to 1 and step-number to 1 in the port hybrid tagged vlan command. After this configuration, member port 1 joins VLAN 1; member port 2 joins VLAN 2... By analogy, member port 10 joins VLAN 10.	The value is an integer that ranges from 1 to 4093.
increased	Specifies an increase in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group.	By default, Layer 2 ports are bound to the VLANs in an ascending order.
decreased	Specifies a decrease in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group. When setting decreased, ensure that the value of vlan-id3 is greater than or equal to the number of the member ports of the port group.	-

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, WLAN-ESS interface view, XGE interface view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A hybrid interface can connect to either a user device or a router. This command adds a hybrid interface to VLANs in tagged mode so that the hybrid interface allows frames from the VLANs to pass.

After a hybrid interface is added to VLANs in tagged mode, the interface forwards frames without removing VLAN tags of frames.

Prerequisites

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

If an interface is not a hybrid interface, run the port link-type hybrid command to change the interface type to hybrid.

Precautions

This command is invalid on a member interface of an Eth-Trunk.
A super VLAN cannot be specified in the command.
If you run the port hybrid tagged vlan command multiple times in the same interface view, the interface is added to all the specified VLANs.

Example

# Add Eth2/0/0 to VLAN 3 to VLAN 5 in tagged mode.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type hybrid
[Huawei-Ethernet2/0/0] port hybrid tagged vlan 3 to 5

# Add VE0/0/1 to VLAN 6 to VLAN 8 in tagged mode.

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type hybrid
[Huawei-Virtual-Ethernet0/0/1] port hybrid tagged vlan 6 to 8

port hybrid untagged vlan

Function

The port hybrid untagged vlan command adds a hybrid interface to the specified VLANs. Frames of the VLANs then pass through the hybrid interface in untagged mode.

The undo port hybrid vlan command removes a hybrid interface from the specified VLANs.

By default, a hybrid interface is added to VLAN 1 in untagged mode.

Format

port hybrid untagged vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

undo port hybrid vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

(Port group view)port hybrid untagged vlan vlan-id3 [ step step-number [ increased | decreased ] ]

(Port group view)undo port hybrid vlan vlan-id3 [ step step-number [ increased | decreased ] ]

Parameters

Parameter	Description	Value
vlan-id1 [ to vlan-id2 ]	Adds a hybrid interface to specified VLANs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1.	The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094.
all	Adds a hybrid interface to all VLANs.	-
vlan-id3	Specifies the ID of the start VLAN to be bound to the member port of a port group.	The value is an integer that ranges from 1 to 4094.
step step-number	Specifies the step for the increase or decrease in the value of the VLAN ID. With this parameter specified, the member ports in a port group can be bound to VLANs starting from the one identified by vlan-id3 in an ascending or descending order at a step specified by step-number. This facilitates the subsequent user configuration. For example: A port group has 10 member ports. You can configure increased, and set vlan-id3 to 1 and step-number to 1 in the port hybrid untagged vlan command. After this configuration, member port 1 joins VLAN 1; member port 2 joins VLAN 2... By analogy, member port 10 joins VLAN 10.	The value is an integer that ranges from 1 to 4093.
increased	Specifies an increase in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group.	By default, Layer 2 ports are bound to the VLANs in an ascending order.
decreased	Specifies a decrease in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group. When setting decreased, ensure that the value of vlan-id3 is greater than or equal to the number of the member ports of the port group.	-

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, XGE interface view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A hybrid interface can connect to either a user device or a router. When a hybrid interface is connected to a user device, it must be added to VLANs in untagged mode so that it sends untagged frames.

After a hybrid interface is added to VLANs in untagged mode, the interface removes VLAN tags of frames before sending frames.

Prerequisites

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

If an interface is not a hybrid interface, run the port link-type hybrid command to change the interface type to hybrid.

Precautions

This command is invalid on a member interface of an Eth-Trunk.
A super VLAN cannot be specified in the command.
If you run the port hybrid untagged vlan command multiple times in the same interface view, the interface is added to all the specified VLANs.

Example

# Add Eth2/0/0 to VLAN 3 to VLAN 5 in untagged mode.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type hybrid
[Huawei-Ethernet2/0/0] port hybrid untagged vlan 3 to 5

# Add VE0/0/1 to VLAN 6 to VLAN 8 in untagged mode.

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type hybrid
[Huawei-Virtual-Ethernet0/0/1] port hybrid untagged vlan 6 to 8

port link-type

Function

The port link-type command sets the link type of an interface.

The undo port link-type command restores the default link type of an interface.

By default, the link type of an interface is hybrid.

Format

port link-type { access | hybrid | trunk }

undo port link-type

Parameters

Parameter	Description	Value
access	Sets the link type of an interface to access.	-
hybrid	Sets the link type of an interface to hybrid.	-
trunk	Sets the link type of an interface to trunk.	-

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, XGE interface view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Characteristics of different interfaces are:

An access interface connects to a user device. It can connect only to an access link, and Ethernet frames transmitted on the access link are untagged. An access interface adds a VLAN tag to packets and sets the VID field in the VLAN tag to the default VLAN ID. The access link transmits only the packets with the default VLAN ID.
A trunk interface connects to a router and can connect only to a trunk link. A trunk interface allows frames from multiple VLANs to pass.
A hybrid interface can connect to either a user device or a router, and it can connect to an access link or a trunk link. A hybrid interface allows frames from multiple VLANs to pass and can remove VLAN tags of outgoing frames.

Prerequisites

The interface must work in Layer 2 mode. If the interface works in Layer 3 mode, run the portswitch command to switch to Layer 2 mode.

Before changing the interface type, restore the default VLAN configuration of the interface so that the interface belongs to only VLAN 1.

Follow-up Procedure

Add the interface to VLANs.

Precautions

This command is invalid on a member interface of an Eth-Trunk.

If you run the port link-type command multiple times in the same interface view, only the latest configuration takes effect.

Example

# Set the link type of Eth2/0/0 to trunk.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type trunk

# Set the link type of VE 0/0/1 to trunk.

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type trunk

port mux-vlan enable

Function

The port mux-vlan enable command enables the MUX VLAN function on an interface.

The undo port mux-vlan enable command disables the MUX VLAN function on an interface.

By default, the MUX VLAN function is disabled on an interface.

Format

port mux-vlan enable

undo port mux-vlan enable

Parameters

None

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The MUX VLAN function isolates Layer 2 traffic between interfaces in a VLAN. This function involves a MUX VLAN and several subordinate VLANs. Subordinate VLANs are classified into subordinate group VLANs and subordinate separate VLANs. Subordinate VLANs can communicate with the principal VLAN but cannot communicate with each other. Interfaces in a subordinate group VLAN can communicate with each other, and interfaces in a subordinate separate VLAN are isolated from each other.

The MUX VLAN function takes effect only after it is enabled on an interface.

Prerequisites

Before enable MUX VLAN function, complete the following task:

The port has been added to only a VLAN. If the port has been added to multiple VLANs, the MUX VLAN function cannot be enabled on this port.
The port has been added to a principal or subordinate VLAN in untagged mode as an access or hybrid interface.

Precautions

Disabling MAC address learning or limiting the number of learned MAC addresses on an interface affects the MUX VLAN function on the interface.
The MUX VLAN and port security functions conflict on an interface. That is, the port-security enable and port mux-vlan enable commands cannot be used on the same interface.

Example

# Enable the MUX VLAN function on Eth2/0/0.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port mux-vlan enable

port trunk allow-pass vlan

Function

The port trunk allow-pass vlan command adds a trunk interface to the specified VLANs.

The undo port trunk allow-pass vlan command deletes a trunk interface from the specified VLANs.

By default, a trunk interface is in VLAN 1.

Format

port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

undo port trunk allow-pass vlan { { vlan-id1 [ to vlan-id2 ] }&<1-10> | all }

(Port group view)port trunk allow-pass vlan vlan-id3 [ step step-number [ increased | decreased ] ]

(Port group view)undo port trunk allow-pass vlan vlan-id3 [ step step-number [ increased | decreased ] ]

Parameters

Parameter	Description	Value
vlan-id1 [ to vlan-id2 ]	Adds a trunk interface to specified VLANs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. The value of vlan-id2 must be greater than or equal to the value of vlan-id1.	The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094.
all	Adds a trunk interface to all VLANs.	-
vlan-id3	Specifies the ID of the start VLAN to be bound to the member port of a port group.	The value is an integer that ranges from 1 to 4094.
step step-number	Specifies the step for the increase or decrease in the value of the VLAN ID. With this parameter specified, the member ports in a port group can be bound to VLANs starting from the one identified by vlan-id3 in an ascending or descending order at a step specified by step-number. This facilitates the subsequent user configuration. For example: A port group has 10 member ports. You can configure increased, and set vlan-id3 to 1 and step-number to 1 in the port trunk allow-pass vlan command. After this configuration, member port 1 joins VLAN 1; member port 2 joins VLAN 2... By analogy, member port 10 joins VLAN 10.	The value is an integer that ranges from 1 to 4093.
increased	Specifies an increase in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group.	By default, Layer 2 ports are bound to the VLANs in an ascending order.
decreased	Specifies a decrease in the values of VLAN IDs starting from the one identified by vlan-id3 at a step specified by step-number to bind the VLANs to the member ports of a port group. When setting decreased, ensure that the value of vlan-id3 is greater than or equal to the number of the member ports of the port group.	-

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

A trunk interface can join multiple VLANs and connects to a network device. To allow all packets from one or multiple VLANs to pass through a trunk interface, the trunk interface must be added to the VLANs using the port trunk allow-pass vlan command.

Prerequisites

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

The link-type of the interface is configured to trunk.

Precautions

The command cannot be used on a member interface of an Eth-Trunk.

If you run the port trunk allow-pass vlan command multiple times in the same interface view, the interface is added to all the specified VLANs.

Example

# Add Eth2/0/0 to VLANs 10 to 30.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type trunk
[Huawei-Ethernet2/0/0] port trunk allow-pass vlan 10 to 30

# Add VE0/0/1 to VLANs 6 to 8.

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type trunk
[Huawei-Virtual-Ethernet0/0/1] port trunk allow-pass vlan 6 to 8

port trunk pvid vlan

Function

The port trunk pvid vlan command specifies the default VLAN for a trunk interface.

The undo port trunk pvid vlan command restores the default VLAN of a trunk interface to the default setting.

By default, VLAN 1 is the default VLAN of trunk interfaces.

Format

port trunk pvid vlan vlan-id

undo port trunk pvid vlan

Parameters

Parameter	Description	Value
vlan-id	Specifies the default VLAN ID of a trunk interface.	The value is an integer that ranges from 1 to 4094.

Views

Ethernet interface view, GE interface view, Eth-Trunk interface view, port group view, Virtual-Ethernet interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Prerequisites

Running the portswitch command in the VE interface view switches the VE interface from Layer 3 to Layer 2.

The VLAN to be specified as the default VLAN has been created.

Follow-up Procedure

Add the trunk interface to the default VLAN.

Precautions

The port trunk pvid vlan command only specifies the default VLAN of a trunk interface but does not add the trunk interface to the default VLAN. A trunk interface forwards frames with the default VLAN ID only after it is added to the default VLAN using the port trunk allow-pass vlan command.

If you run the port trunk pvid vlan command multiple times in the same interface view, only the latest configuration takes effect.

This configuration will be deleted automatically if the default VLAN is deleted in system view.

Example

# Specify VLAN 5 as the default VLAN of Eth2/0/0.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0
[Huawei-Ethernet2/0/0] port link-type trunk
[Huawei-Ethernet2/0/0] port trunk pvid vlan 5

# Specify VLAN 5 as the default VLAN of the VE0/0/1 interface.

<Huawei> system-view
[Huawei] interface virtual-ethernet 0/0/1
[Huawei-Virtual-Ethernet0/0/1] portswitch
[Huawei-Virtual-Ethernet0/0/1] port link-type trunk
[Huawei-Virtual-Ethernet0/0/1] port trunk pvid vlan 5

qinq termination pe-vid ce-vid

Function

The qinq termination pe-vid ce-vid command configures QinQ termination on a sub-interface.

The undo qinq termination pe-vid ce-vid command cancels QinQ termination on a sub-interface.

By default, QinQ termination is disabled on a sub-interface.

Format

qinq termination pe-vid pe-vid ce-vid ce-vid1 [ to ce-vid2 ]

undo qinq termination pe-vid pe-vid ce-vid ce-vid1 [ to ce-vid2 ]

Parameters

Parameter	Description	Value
pe-vid pe-vid	Specifies the outer VLAN ID.	The value is an integer that ranges from 1 to 4094.
ce-vid ce-vid1 [ to ce-vid2 ]	Specifies the inner VLAN ID. ce-vid1: specifies the lower threshold of the inner VLAN tag in the user packet. ce-vid2: specifies the upper threshold of the outer VLAN tag in the user packet. NOTE: You can specify ce-vid2 only after the termination-vid batch enable command is used to enable a sub-interface to batch terminate VLAN tags. Only the AR6200 and AR6300 series support ce-vid2.	The value of ce-vid1 is an integer that ranges from 1 to 4094. The value of ce-vid2 is an integer that ranges from 1 to 4094. The value of ce-vid2 must be larger than or equal to the value of ce-vid1.

Parameter

Description

Value

pe-vid pe-vid

Specifies the outer VLAN ID.

The value is an integer that ranges from 1 to 4094.

ce-vid ce-vid1 [ to ce-vid2 ]

Specifies the inner VLAN ID.

ce-vid1: specifies the lower threshold of the inner VLAN tag in the user packet.
ce-vid2: specifies the upper threshold of the outer VLAN tag in the user packet.
NOTE:
You can specify ce-vid2 only after the termination-vid batch enable command is used to enable a sub-interface to batch terminate VLAN tags.

Only the AR6200 and AR6300 series support ce-vid2.

The value of ce-vid1 is an integer that ranges from 1 to 4094.

The value of ce-vid2 is an integer that ranges from 1 to 4094.

The value of ce-vid2 must be larger than or equal to the value of ce-vid1.

Views

Ethernet sub-interface view, GE sub-interface view, XGE sub-interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Communication between VLANs

The VLAN technology is widely used because it helps Layer 2 packets of different users to be separately transmitted. With the VLAN technology, a physical LAN is divided into multiple logical broadcast domains, that is, VLANs. In this manner, hosts in a VLAN can communicate with each other, but hosts in different VLANs cannot communicate at Layer 2. The Layer 3 routing technology is required for communication of hosts in different VLANs.
Communication between a LAN and a WAN

Most packets on a LAN have VLAN tags, but some WAN protocols such as ATM, FR, and PPP, cannot identify VLAN packets. To send a VLAN packet from LAN to WAN, the device records VLAN information in the packet, removes the VLAN tag, and forwards the packet.

Dot1q termination, which terminates tags carried in Dot1q packets

To configure Dot1q termination, run the dot1q termination vid command in the sub-interface view.
QinQ termination, which terminates tags carried in QinQ packets.

To configure QinQ termination, run the qinq termination pe-vid ce-vid command.

After the qinq termination pe-vid ce-vid command is run, the sub-interface for VLAN tag termination processes the packet in the following procedures:

The sub-interface removes the tag in the VLAN packet when receiving the packet and forwards the packet on Layer 3. Whether the forwarded VLAN packet carries tags is determined by the outbound interface.
The sub-interface adds VLAN information to the packet and then sends the packet.

Precautions

The MTU of a sub-interface must be at least 4 bytes smaller than the MTU of its primary interface. Especially, the MTU of a QinQ sub-interface must be at least 8 bytes smaller than the MTU of its primary interface.
Ethernet sub-interfaces of VDSL interfaces in PTM mode do not support QinQ commands.

Configuration Impact

After you run this command to enable batch VLAN termination on a sub-interface, the sub-interface can only connect to an L2VPN but cannot be used for Layer 3 forwarding.

Example

# Set the encapsulation mode on Ethernet2/0/0.1 to QinQ and allow the packets with the outer VLAN tag 100 and inner VLAN tag 200 to pass through.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0.1
[Huawei-Ethernet2/0/0.1] qinq termination pe-vid 100 ce-vid 200

reset vlan statistics

Function

Using the reset vlan statistics command, you can clear traffic statistics in a specified VLAN.

Format

reset vlan statistics vlan-id

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of a VLAN.	The value is an integer that ranges from 1 to 4094.

Views

User view

Default Level

3: Management level

Usage Guidelines

Usage Scenario

This command is used when you need to collect new packet statistics in a VLAN. After this command is executed, the packet count in the VLAN becomes 0.

Precautions

Traffic statistics cannot be restored after they are cleared. Exercise caution when you use the command.

Example

# Clear traffic statistics in VLAN 3.

<Huawei> reset vlan statistics 3

set vlan-range

Function

The set vlan-range command configures a range of VLANs that can be created on the 4GE-2S interface card.

The undo set vlan-range command deletes a range of VLANs that can be created on the 4GE-2S interface card.

Format

set vlan-range slot slot-id vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo set vlan-range slot slot-id

Parameters

Parameter	Description	Value
slot-id	Specifies the slot ID. The 4GE-2S interface card must be installed in the slot.	The value is an integer that ranges from 1 to 15.
batch	Indicates that VLANs are created in a batch.	-
vlan-id1 to vlan-id2	Specifies IDs of the VLANs that are created in a batch. vlan-id1 specifies the first VLAN ID. vlan-id2 specifies the last VLAN ID. vlan-id2 must be greater than vlan-id1. vlan-id2 and vlan-id1 specify the range of VLANs. If to vlan-id2 is not specified, only the VLAN specified by vlan-id1 is created.	The values of vlan-id1 and vlan-id2 are integers that range from 1 to 4094.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

You can run the set vlan-range command to configure a range of VLANs that can be created on the 4GE-2S interface card. Only VLANs in the range can be created on the 4GE-2S interface card.

Precautions

Before the set vlan-range command is used:
- VLANs are delivered according to the sequence in which the VLANs were created on the 4GE-2S interface card. The system allows a maximum of 252 VLANs. Excess VLANs are not delivered.
- If VLANs are created in a batch, VLANs are delivered in ascending order of VLAN ID. The system allows a maximum of 252 VLANs. Excess VLANs are not delivered.
- If more than 252 VLANs are created, the set vlan-range command is recommended.
After the set vlan-range command is used:
- VLANs in a specified range are delivered to the 4GE-2S interface card. Ensure that the VLAN ID range is within 252. After the set vlan-range or undo set vlan-range command is executed, you must restart the 4GE-2S interface card to make the configuration take effect.
- The 4GE-2S interface card must allow VLAN 1. You cannot use the set vlan-range command to set VLAN 1.
- The VLAN ID range allowed on the 4GE-2S interface card is 1-252. Except for VLAN 1, the set vlan-range command allows a maximum of 251 VLANs.
- After the VLAN ID range is set on the 4GE-2S interface card, interfaces on the 4GE-2S interface card allow only these VLANs in the range.

Example

# Create VLANs 100 to 200 on the 4GE-2S interface card in slot 6.

<Huawei> system-view
[Huawei] set vlan-range slot 6 vlan batch 100 to 200
Warning: This configuration takes effect after the board is reset. Otherwise, services may be affected. You need to manually reset the board.

set reserved-vlan

Function

The set reserved-vlan command configures a reserved VLAN ID on an interface board.

The undo set reserved-vlan command deletes the reserved VLAN ID configured on an interface board.

By default, no reserved VLAN ID is configured on an interface board.

8FE1GE and 4ES2G-S cards support this function only on the AR6200 and AR6300 series devices.

Format

set reserved-vlan vlan-id slot slot-id

undo set reserved-vlan slot slot-id

Parameters

Parameter	Description	Value
vlan-id	Specifies the reserved VLAN ID, which cannot conflict with a service VLAN ID.	The value is in the range from 2 to 4094.
slot slot-id	Specifies the slot ID.	The value is an integer that ranges from 1 to 15. NOTE: 6280, 6280K, 6280-S: The value range is from 1 to 8. 6300, 6300K, 6300-S: The value range is from 1 to 10.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

This command is used to configure a reserved VLAN ID on an interface board. The working mode of an interface on an interface board can be changed from Layer 2 mode to Layer 3 mode only after a reserved VLAN ID is configured.

Precautions

The reserved VLAN ID cannot conflict with a service VLAN ID. To modify or delete the reserved VLAN ID, ensure that all interfaces on the interface board in the corresponding slot work in Layer 2 mode.

Example

# Configure the reserved VLAN 100 on the interface board in slot 6.

<Huawei> system-view
[Huawei] set reserved-vlan 100 slot 6

shutdown (VLANIF interface view)

Function

Using the shutdown command, you can shut down a VLANIF interface.

Using the undo shutdown command, you can enable a VLANIF interface.

By default, a VLANIF interface is enabled.

Format

shutdown

undo shutdown

Parameters

None

Views

VLANIF interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When a VLANIF interface fails or is not needed, you can run the shutdown command on the VLANIF interface.

Precautions

A VLANIF interface is Up as long as an interface in the corresponding VLAN is Up.

After the VLANIF interface is shut down, the interface status changes to Down even if physical interfaces in the corresponding VLAN are Up.

After a VLANIF interface is shut down, none of the users that use the VLANIF interface address as the gateway address can communicate at Layer 3. In addition, the VLANIF interface address cannot be used in route calculation.

After a VLANIF interface is shut down, the dynamic ARP entry corresponding to the VLANIF interface starts aging in the ARP table. If the VLANIF interface address is in a static ARP entry, the ARP entry is not deleted.

Example

# Enable VLANIF 2.

<Huawei> system-view
[Huawei] interface vlanif 2
[Huawei-Vlanif2] undo shutdown

subordinate group

Function

The subordinate group command configures subordinate group VLANs for a principal VLAN.

The undo subordinate group command removes subordinate group VLANs from a principal VLAN.

By default, a principal VLAN does not have any subordinate group VLAN.

Format

subordinate group { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo subordinate group { vlan-id1 [ to vlan-id2 ] } &<1-10>

Parameters

Parameter	Description	Value
vlan-id1 [ to vlan-id2 ]	Specifies a range of VLAN IDs. vlan-id1 specifies the start VLAN ID. to vlan-id2 specifies the end VLAN ID. If to vlan-id2 is not specified, only one subordinate group VLAN is configured.	The value of vlan-id1 is an integer that ranges from 1 to 4094. The value of vlan-id2 is an integer that ranges from 1 to 4094 and must be greater than or equal to the value of vlan-id1.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The MUX VLAN function is introduced to solve this problem. The MUX VLAN function isolates Layer 2 traffic between interfaces in a VLAN. This function involves the following VLANs:

Principal VLAN: allows member interfaces to communicate with each other and with interfaces in subordinate VLANs.
Subordinate VLAN
- Subordinate separate VLAN: allows member interfaces to communicate with only interfaces in the principal VLAN. An interface in a subordinate separate VLAN cannot communicate with interfaces in the same VLAN or other subordinate VLANs.
- Subordinate group VLAN: allows member interfaces to communicate with interfaces in the same VLAN and interfaces in the principal VLAN. An interface in a subordinate group VLAN cannot communicate with interfaces in other subordinate VLANs.

After interfaces using by employees are added to the subordinate group VLAN, employees can access servers of the enterprise and communicate with one another.

Prerequisites

The specified subordinate group VLANs have been created. The principal VLAN has been created.

The specified subordinate group VLANs are not super-VLANs and do not have any VLANIF interface.

Before configuring a VLAN as a subordinate group VLAN, run the undo subordinate group command to delete all its member interfaces.

Follow-up Procedure

Add interfaces to subordinate group VLANs and enable the MUX VLAN function on the interfaces.

Precautions

Subordinate VLANs must be different from the principal VLAN.

A VLAN cannot be configured as a subordinate group VLAN and a subordinate separate VLAN simultaneously.

If you run the subordinate group command multiple times in the same VLAN view, all the specified VLANs are configured as subordinate group VLANs.

A principal VLAN can be configured with a maximum of 32 subordinate group VLANs.

A subordinate group VLAN cannot be used to configure the VLANIF interface, Super-VLAN, Sub-VLAN.

Example

# Configure VLAN 7 as the subordinate group VLAN of VLAN 5.

<Huawei> system-view
[Huawei] vlan 5
[Huawei-vlan5] subordinate group 7

subordinate separate

Function

The subordinate separate command configures a subordinate separate VLAN for a principal VLAN.

The undo subordinate separate command removes the subordinate separate VLAN from a principal VLAN.

By default, a principal VLAN does not have any subordinate separate VLAN.

Format

subordinate separate vlan-id

undo subordinate separate

Parameters

Parameter	Description	Value
vlan-id	Specifies the ID of an existing VLAN.	The value is an integer that ranges from 1 to 4094.

Views

VLAN view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

The MUX VLAN function is introduced to solve this problem. The MUX VLAN function isolates Layer 2 traffic between interfaces in a VLAN. This function involves the following VLANs:

Principal VLAN: allows member interfaces to communicate with each other and with interfaces in subordinate VLANs.
Subordinate VLAN
- Subordinate separate VLAN: allows member interfaces to communicate with only interfaces in the principal VLAN. An interface in a subordinate separate VLAN cannot communicate with interfaces in the same VLAN or other subordinate VLANs.
- Subordinate group VLAN: allows member interfaces to communicate with interfaces in the same VLAN and interfaces in the principal VLAN. An interface in a subordinate group VLAN cannot communicate with interfaces in other subordinate VLANs.

After interfaces using by customers are added to the subordinate separate VLAN, customers can neither communicate with each other nor access servers of the enterprise.

Prerequisites

The specified subordinate separate VLAN has been created. The principal VLAN has been created.

The specified subordinate group VLANs are not super-VLANs and do not have any VLANIF interface.

The specified subordinate separate VLANs do not have any VLANIF interface.

Before configuring a VLAN as a subordinate separate VLAN, run the undo subordinate separate command to delete all its member interfaces.

Follow-up Procedure

Add interfaces to the subordinate separate VLAN and enable the MUX VLAN function on the interfaces.

Precautions

Subordinate VLANs must be different from the principal VLAN.

A VLAN cannot be configured as a subordinate group VLAN and a subordinate separate VLAN simultaneously.

A principal VLAN can be configured with only one subordinate separate VLAN. Before configuring another VLAN as the subordinate separate VLAN, run the undo subordinate separate command to delete the previous one.

A subordinate separate VLAN cannot be used to configure the VLANIF interface, Super-VLAN, or Sub-VLAN.

Example

# Configure VLAN 6 as the subordinate separate VLAN of VLAN 5.

<Huawei> system-view
[Huawei] vlan 5
[Huawei-vlan5] subordinate separate 6

vlan

Function

The vlan command creates a VLAN and displays the VLAN view. If the VLAN exists, the VLAN view is displayed.

The undo vlan command deletes a VLAN.

By default, all interfaces belong to the default VLAN, named VLAN 1.

Format

vlan vlan-id

vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10>

undo vlan vlan-id

undo vlan batch { vlan-id1 [ to vlan-id2 ] } &<1-10>

Parameters

Parameter	Description	Value
vlan-id	Specifies the VLAN ID.	The value is an integer ranging from 1 to 4094.
batch	Configures VLANs in batches.	-
vlan-id1 to vlan-id2	Specifies range of VLANs to be configured in batches: vlan-id1 specifies the start VLAN ID. vlan-id2 specifies the end VLAN ID. vlan-id2 must be greater than or equal to vlan-id1. vlan-id1 and vlan-id2 define a range together. If the parameter to vlan-id2 is not specified, only the VLAN specified by vlan-id1 is created.	The vlan-id1 and vlan-id2 are integers ranging from 1 to 4094.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

To reduce broadcast domains and enhance security on a complex network, VLANs can be created on the network to isolate the devices that do not need to communicate each other. The vlan batch command creates multiple VLANs at one time, simplifying VLAN configuration.

Follow-up Procedure

Assign VLANs according to network requirements.

Precautions

VLAN 1 is the default VLAN, which cannot be deleted and does not need to be created.

The vlan command can be used to create a VLAN and enter the VLAN view. If a VLAN has been created, the VLAN view is displayed after this command is used. The vlan command multiple times creates multiple VLANs. If a VLAN has been created, using this command cannot be used to create the same VLAN or modify the configurations of the VLAN.

The vlan batch command can be used to create multiple VLANs in batches. If a VLAN has been created, using this command cannot be used to create the same VLAN or modify the configurations of the VLAN. The vlan batch commands multiple times creates VLANs in multiple batches.

Before deleting a VLAN, run the undo interface vlanif command to delete the corresponding VLANIF interface.

The maximum number of VLANs on different models.

Example

# Create VLAN 100 and enter the VLAN 100 view. If VLAN 100 exists, the VLAN 100 view is displayed directly.

<Huawei> system-view
[Huawei] vlan 100
[Huawei-vlan100]

vlan priority

Function

Using the vlan priority command, you can configure the 802.1p priority for a VLAN.

Using the undo vlan priority command, you can cancel the configuration.

By default, the system retains the original 802.1p priority of packets.

Only the AR651W-X4 and AR651-X8 support this function.

Only the 9ES2, 4ES2G-S, and 4GE-2S support this function.

Format

vlan vlan-id priority new-priority-value

vlan batch vlan-id1 to vlan-id2 priority new-priority-value

undo vlan vlan-id priority

undo vlan batch vlan-id1 to vlan-id2 priority

Parameters

Parameter	Description	Value
vlan-id	Specifies a VLAN ID.	The value is an integer that ranges from 1 to 4094.
new-priority-value	Specifies the 802.1p priority of a VLAN.	The value is an integer that ranges from 0 to 7.
batch	Configures VLANs in batches.	-
vlan-id1 to vlan-id2	Specifies range of VLANs to be configured in batches.	The vlan-id1 and vlan-id2 are integers ranging from 1 to 4094.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

By configuring 802.1p priorities for VLANs, you can ensure that packets from the VLAN with the highest priority are transmitted first when congestion occurs.

Prerequisites

The specified VLAN has been created.

Configuration Impact

This command changes the 802.1p priority of packets from the specified VLAN. When congestion occurs, packets from the VLAN with the highest priority are transmitted first.

Example

# Set the priority of VLAN 11 to 3.

<Huawei> system-view

[Huawei] vlan 11 priority 3

vlan vlan-name

Function

The vlan vlan-name command displays the view of a VLAN with the specified VLAN name.

The undo vlan vlan-name command deletes a VLAN with the specified VLAN name. After the command is used, the VLAN name is also deleted.

Format

vlan vlan-name vlan-name

undo vlan vlan-name vlan-name

Parameters

Parameter	Description	Value
vlan-name	Specifies the VLAN name.	The name is a string of 1 to 31 case-sensitive characters, spaces not supported. When double quotation marks are used around the string, spaces are allowed in the string.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the name command is run to set a VLAN name, you can run the vlan vlan-name command in the system view to enter the corresponding VLAN view.

Assume that a device has multiple VLANs and each VLAN has a name. If you need to delete the VLAN that is used to transmit voice services but cannot remember the ID of the VLAN, you can run the undo vlan vlan-name command to delete the VLAN by inputting the VLAN name.

Prerequisites

Before running the vlan vlan-name command, ensure that the name command is run to set the VLAN name.

Precautions

When you run the undo vlan vlan-name command to delete a VLAN, services configured for the VLAN are deleted at the same time. The deleted services cannot be restored even if you recreate the VLAN. Therefore, exercise caution when running the undo vlan vlan-name command.

Example

# Enter the view of the VLAN named user1.

<Huawei> system-view
[Huawei] vlan vlan-name user1
[Huawei-vlan2]

termination-vid batch enable

Function

The termination-vid batch enable command enables a sub-interface to batch terminate VLAN tags.

The undo termination-vid batch enable command disables a sub-interface from batch terminating VLAN tags.

By default, a sub-interface is enabled to batch terminate VLAN tags.

Only the AR6200, and AR6300 series support this command.

Format

termination-vid batch enable

undo termination-vid batch enable

Parameters

None

Views

Ethernet sub-interface view, GE sub-interface view, XGE sub-interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Downstream users of the Terminal access belong to different VLANs, packets from each VLAN need to be terminated.

You can run this command to enable a sub-interface to batch terminate VLAN tags and run the dot1q termination vid or qinq termination pe-vid ce-vid command to specify multiple VLANs for termination.

Precautions

If VLANs for termination have been configured on a sub-interface, run the undo dot1q termination vid or undo qinq termination pe-vid ce-vid command to cancel the configuration.

Example

# Enable Eth2/0/0.1 to batch terminate VLAN tags.

<Huawei> system-view
[Huawei] interface ethernet 2/0/0.1
[Huawei-Ethernet2/0/0.1] termination-vid batch enable

Support for VLAN
8021q protocol
access-vlan
aggregate-vlan
arp broadcast
bandwidth (VLANIF interface view)
damping time
description (VLAN view)
description (VLANIF interface view)
display dot1q information
display qinq information
display interface vlanif
display mux-vlan
display port vlan
display sub-vlan
display super-vlan
display vlan
display vlan priority
display vlan-range
dot1q termination vid
dynamic-macvlan enable
interface vlanif
ip pool (VLAN view)
management-vlan
mtu (VLANIF interface view)
mux-vlan
name (VLAN view)
port
port default vlan
port hybrid pvid vlan
port hybrid tagged vlan
port hybrid untagged vlan
port link-type
port mux-vlan enable
port trunk allow-pass vlan
port trunk pvid vlan
qinq termination pe-vid ce-vid
reset vlan statistics
set vlan-range
set reserved-vlan
shutdown (VLANIF interface view)
subordinate group
subordinate separate
vlan
vlan priority
vlan vlan-name
termination-vid batch enable

Translation

Favorite

Download

Update Date：2024-12-20

Document ID：EDOC1100203224

Downloads：1467

Average rating：0.0Points

Digital Signature File

digtal sigature tool