Multiple vlan membership rules, Dual-mode default vlan, Changing the dual-mode default vlan behavior – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual

168

Multi-Service IronWare Switching Configuration Guide

53-1003036-02

VLAN configuration rules

7

•

If it is a Layer 3 packet and the port is a member of a Layer 3 protocol-based VLAN for the
packet’s protocol, the device forwards the packet on all the Layer 3 protocol-based VLAN ports
that have been configured or drops the packet if the port is explicitly excluded from the
protocol VLAN.

•

If the packet cannot be forwarded based on its VLAN membership types but the packet can be
forwarded at Layer 2, the device forwards the packet on all the ports within the receiving port’s
port-based VLAN.

Multiple VLAN membership rules

The multiple VLAN membership rules are listed below:

•

A port can belong to multiple, overlapping Layer 2 port-based VLANs only if the port is a tagged
port. Packets sent out of a tagged port use an 802.1q-tagged frame.

•

A port can belong to multiple, unique, overlapping Layer 3 protocol-based VLANs.

•

When both port and protocol-based VLANs are configured on a given device, all protocol-based
VLANs must be strictly contained within a port-based VLAN. A protocol-based VLAN cannot
include ports from multiple port-based VLANs. This rule is required to ensure that port-based
VLANs remain loop-free Layer 2 broadcast domains.

•

One of each type of protocol-based VLAN can be configured within each port-based VLAN on
the Brocade device.

•

Removing a configured port-based VLAN from a Brocade device automatically removes any
protocol-based VLAN, or any virtual routing interfaces defined within the port-based VLAN.

Dual-mode default VLAN

As previously described, ports can be defined as dual-mode, which means that they can exist in
both tagged and untagged VLANs. As such, they can coexist untagged in the default or a
non-default VLAN and be added as a tagged port into non-default VLAN. One way that ports
become dual-mode is by adding a port to a non-default, tagged VLAN. The normal behavior is for
the port to remain in the default VLAN as an untagged port.

Changing the dual-mode default VLAN behavior

The no dual-mode-default-vlan command has been added to change this behavior. This is useful in
situations where there is a danger of loops being created if Spanning Tree is not or can not be
configured on the default VLAN such as when ports are facing a service provider network and STP
BPDUs are not welcome on those ports.

Once the no dual-mode-default-vlan command is applied at the global level, a port will not be
entered into the dual-mode state by default. If the no dual-mode-default-vlan command is
configured, when a port is added as tagged to a non-default user-defined VLAN, it is automatically
removed from the default VLAN and added to the non-default VLAN as a pure tagged port. Once in
this state, a port can only be placed in dual-mode by explicitly configuring it as an untagged port
into a non-default VLAN.