Layer 2 control protocols on vlans, Configuring port-based vlans – Brocade BigIron RX Series Configuration Guide User Manual

Page 369

background image

BigIron RX Series Configuration Guide

291

53-1002484-04

Configuring port-based VLANs

11

When both port and protocol-based VLANs are configured on a given device, all protocol-based
VLANs must be strictly contained within a port-based VLAN. A protocol-based VLAN cannot
include ports from multiple port-based VLANs. This rule is required to ensure that port-based
VLANs remain loop-free Layer 2 broadcast domains.

One of each type of protocol-based VLAN can be configured within each port-based VLAN on
the device.

Removing a configured port-based VLAN from a device automatically removes any
protocol-based VLAN, or any virtual routing interfaces defined within the port-based VLAN.

Layer 2 control protocols on VLANs

Layer 2 protocols such as STP, RSTP, MRP, and VSRP can be enabled on a port-based VLANs, but
you cannot enable or disable these protocols for protocol-based VLANs.

The Layer 2 state associated with a VLAN and port is determined by the Layer 2 control protocol.
Layer 2 broadcasts associated with the VLAN will not be forwarded on this port if the Layer 2 state
is not FORWARDING.

It is possible that the control protocol, for example STP, will block one or more ports in a
protocol-based VLAN that uses a virtual routing interface to route to other VLANs. For IP protocol
and IP subnet VLANs, even though some of the physical ports of the virtual routing interface are
blocked, the virtual routing interface can still route as long as at least one port in the virtual routing
interface’s protocol-based VLAN is not blocked by STP.

You can also enable Single STP (SSTP) on the device; however, the ports in all VLANs on which SSTP
is enabled become members of a single spanning tree. The ports in VLANs on which SSTP is
disabled are excluded from the single spanning tree. A VLAN can also be selectively added or
removed from the single spanning tree domain.

Configuring port-based VLANs

As explained above, you can place ports into VLANs to segment traffic into broadcast domains.
When you create a VLAN, you specify if ports added to that VLAN are tagged or untagged.

To create a VLAN, do the following.

1. At the global CONFIG level assign an ID to the VLAN. For example,

BigIron RX(config)# vlan 2

Syntax: [no] vlan-id [name <vlan-name>]

VLAN IDs can be in the range of 1 – 4089; however, do not use VLANs 4090 – 4094. These IDs
are reserved and are used for control purposes. Also, VLAN IDs 0 and 4095 are reserved by the
IEEE standards and cannot be configured. Use the no form of the command to delete the VLAN
from the configuration.

In addition to a VLAN number, you can assign a name to a VLAN by entering name
<vlan-name>. Enter up to 255 characters for name.

In release 02.8.00d, the vlan-name variable is enhanced to accept 255 characters instead of
32 characters.

See also other documents in the category Brocade Computer Accessories: