zxr105900eseries - nova-minsk.comnova-minsk.com/zte/59e/sj-20150114102049-005-zxr10... ·...
TRANSCRIPT
ZXR10 5900E SeriesEasy-Maintenance MPLS Routing Switch
Configuration Guide (Link Layer)
Version: 3.00.11
ZTE CORPORATIONNo. 55, Hi-tech Road South, ShenZhen, P.R.ChinaPostcode: 518057Tel: +86-755-26771900Fax: +86-755-26770801URL: http://support.zte.com.cnE-mail: [email protected]
LEGAL INFORMATIONCopyright © 2014 ZTE CORPORATION.
The contents of this document are protected by copyright laws and international treaties. Any reproduction or
distribution of this document or any portion of this document, in any form by any means, without the prior written
consent of ZTE CORPORATION is prohibited. Additionally, the contents of this document are protected by
contractual confidentiality obligations.
All company, brand and product names are trade or service marks, or registered trade or service marks, of ZTE
CORPORATION or of their respective owners.
This document is provided “as is”, and all express, implied, or statutory warranties, representations or conditions
are disclaimed, including without limitation any implied warranty of merchantability, fitness for a particular purpose,
title or non-infringement. ZTE CORPORATION and its licensors shall not be liable for damages resulting from the
use of or reliance on the information contained herein.
ZTE CORPORATION or its licensors may have current or pending intellectual property rights or applications
covering the subject matter of this document. Except as expressly provided in any written license between ZTE
CORPORATION and its licensee, the user of this document shall not acquire any license to the subject matter
herein.
ZTE CORPORATION reserves the right to upgrade or make technical change to this product without further notice.
Users may visit the ZTE technical support website http://support.zte.com.cn to inquire for related information.
The ultimate right to interpret this product resides in ZTE CORPORATION.
Revision History
Revision No. Revision Date Revision Reason
R1.0 2015–01–15 First edition
Serial Number: SJ-20150114102049-005
Publishing Date: 2015-01-15 (R1.0)
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ContentsAbout This Manual ......................................................................................... I
Chapter 1 ARP Configuration.................................................................... 1-11.1 ARP Overview ................................................................................................... 1-1
1.2 ARP Limit Overview ........................................................................................... 1-2
1.3 Configuring ARP ................................................................................................ 1-3
1.4 Maintaining ARP ................................................................................................ 1-9
1.5 ARP Configuration Examples ............................................................................ 1-10
1.5.1 Permanent ARP Configuration Example .................................................. 1-14
1.5.2 Common ARP Attributes Configuration Example ...................................... 1-14
1.5.3 ARP Proxy Application............................................................................ 1-15
1.5.4 ARP Source Filter Application ................................................................. 1-17
Chapter 2 VLAN Configuration.................................................................. 2-12.1 VLAN Overview.................................................................................................. 2-1
2.2 Configuring a VLAN............................................................................................ 2-2
2.3 Maintaining a VLAN............................................................................................ 2-8
2.4 VLAN Basic Configuration Example................................................................... 2-10
2.4.1 VLAN Basic Configuration Example......................................................... 2-10
2.4.2 VLAN Translation Configuration Example .................................................2-11
Chapter 3 SuperVLAN Configuration ....................................................... 3-13.1 SuperVLAN Overview......................................................................................... 3-1
3.2 Configuring a SuperVLAN................................................................................... 3-2
3.3 Maintaining a SuperVLAN................................................................................... 3-5
3.4 SuperVLAN Configuration Example..................................................................... 3-6
Chapter 4 Voice VLAN Configuration ....................................................... 4-14.1 Voice VLAN Overview......................................................................................... 4-1
4.2 Configuring a Voice VLAN................................................................................... 4-2
4.3 Maintaining a Voice VLAN................................................................................... 4-3
4.4 Voice VLAN Configuration Example..................................................................... 4-4
4.4.1 Voice VLAN Configuration Example (Manual Mode) ................................... 4-4
4.4.2 Voice VLAN Configuration Example (Automatic Mode) ............................... 4-5
Chapter 5 PVLAN Configuration ............................................................... 5-15.1 PVLAN Overview ............................................................................................... 5-1
5.2 Configuring a PVLAN ......................................................................................... 5-2
I
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
5.3 PVLAN Maintenance .......................................................................................... 5-2
5.4 PVLAN Configuration Example............................................................................ 5-3
Chapter 6 QinQ Configuration................................................................... 6-16.1 QinQ Overview................................................................................................... 6-1
6.2 Configuring QinQ ............................................................................................... 6-1
6.3 QinQ Maintenance ............................................................................................. 6-2
6.4 QinQ Configuration Example............................................................................... 6-2
Chapter 7 STP Configuration .................................................................... 7-17.1 STP Overview.................................................................................................... 7-1
7.2 Configuring STP................................................................................................. 7-4
7.3 STP Maintenance............................................................................................... 7-9
7.4 STP Configuration Examples ............................................................................ 7-12
7.4.1 Configuring Multiple STP ........................................................................ 7-12
7.4.2 Configuring Fast STP ............................................................................. 7-14
7.4.3 Configuring Single STP .......................................................................... 7-16
Chapter 8 LLDP Configuration.................................................................. 8-18.1 LLDP Overview .................................................................................................. 8-1
8.2 Configuring LLDP............................................................................................... 8-3
8.3 Maintaining LLDP............................................................................................... 8-5
8.4 LLDP Configuration Examples ............................................................................ 8-8
8.4.1 LLDP Neighbor Configuration Example.................................................... 8-10
8.4.2 LLDP Attribute Configuration Example......................................................8-11
Chapter 9 SmartGroup Configuration ...................................................... 9-19.1 SmartGroup Overview ........................................................................................ 9-1
9.2 Configuring SmartGroup ..................................................................................... 9-2
9.3 Maintaining a SmartGroup .................................................................................. 9-7
9.4 SmartGroup Configuration Examples................................................................... 9-9
9.4.1 Basic SmartGroup Configuration Example ............................................... 9-13
9.4.2 On Mode SmartGroup Configuration Example.......................................... 9-16
Chapter 10 SVLAN Configuration ........................................................... 10-110.1 SVLAN Overview............................................................................................ 10-1
10.2 Configuring an SVLAN...................................................................................10-10
10.3 Maintaining an SVLAN...................................................................................10-12
10.4 SVLAN Configuration Example.......................................................................10-14
Chapter 11 ZESR Configuration.............................................................. 11-111.1 ZESR Overview...............................................................................................11-1
II
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
11.2 Configuring a ZESR.........................................................................................11-6
11.3 Maintaining a ZESR.........................................................................................11-9
11.4 ZESR Configuration Example ......................................................................... 11-11
11.4.1 Configuring Basic Single-Ring ZESR ....................................................11-12
11.4.2 Configuring Basic Single-Ring ZESR ....................................................11-13
Chapter 12 ZESS Configuration.............................................................. 12-112.1 ZESS Overview.............................................................................................. 12-1
12.2 Configuring ZESS........................................................................................... 12-2
12.3 ZESS Maintenance......................................................................................... 12-4
12.4 ZESS Configuration Example .......................................................................... 12-5
Chapter 13 ZESR+ Configuration............................................................ 13-113.1 ZESR+ Overview............................................................................................ 13-1
13.2 Configuring ZESR+ ........................................................................................ 13-3
13.3 ZESR+ Maintenance ...................................................................................... 13-4
13.4 ZESR+ Configuration Example........................................................................ 13-5
Chapter 14 LinkGroup Configuration ..................................................... 14-114.1 LinkGroup Overview ....................................................................................... 14-1
14.2 Configuring LinkGroup .................................................................................... 14-1
14.3 LinkGroup Maintenance.................................................................................. 14-2
14.4 LinkGroup Configuration Example ................................................................... 14-3
Chapter 15 L2PT Configuration............................................................... 15-115.1 L2PT Overview .............................................................................................. 15-1
15.2 Configuring L2PT ........................................................................................... 15-2
15.3 Maintaining L2PT ........................................................................................... 15-3
15.4 L2PT Configuration Example........................................................................... 15-4
Chapter 16 GVRP Configuration ............................................................. 16-116.1 GVRP Overview ............................................................................................. 16-1
16.2 Configuring GVRP.......................................................................................... 16-2
16.3 Maintaining GVRP.......................................................................................... 16-2
16.4 GVRP Configuration Example ......................................................................... 16-3
Figures............................................................................................................. I
Glossary ........................................................................................................ III
III
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
This page intentionally left blank.
IV
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
About This ManualPurposeThis manual is the ZXR10 5900E Series (V3.00.11) Easy-Maintenance MPLS RoutingSwitch Configuration Guide (Link Layer), which is applicable to the ZXR10 5900E(V3.00.11) series switches.
Intended AudienceThis manual is intended for:
l Network planning engineerl Debugging engineerl Attendant
What Is in This ManualThis manual contains the following chapters:
Chapter 1, ARP
Configuration
Describes the ARP principle, and the configuration commands,
maintenance commands, and configuration examples of the ZXR10
5900E.
Chapter 2, VLAN
Configuration
Describes the VLAN principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 3, SuperVLAN
Configuration
Describes the SuperVLAN principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 4, Voice VLAN
Configuration
Describes the Voice VLAN principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 5, PVLAN
Configuration
Describes the PVLAN principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 6, QinQ
Configuration
Describes the QinQ principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 7, STP
Configuration
Describes the STP principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 8, LLDP
Configuration
Describes the LLDP principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 9, SmartGroup
Configuration
Describes the SmartGroup principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 10, SVLAN
Configuration
Describes the SVLAN principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
I
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11, ZESR
Configuration
Describes the ZESR principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 12, ZESS
Configuration
Describes the ZESS principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 13, ZESR+
Configuration
Describes the ZESR+ principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 14, LinkGroup
Configuration
Describes the LinkGroup principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 15, L2PT
Configuration
Describes the L2PT principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
Chapter 16, GVRP
Configuration
Describes the GVRP principle, and the configuration commands,
maintenance commands, configuration examples of the ZXR10 5900E.
ConventionsThis manual uses the following typographical conventions:
Italics Variables in commands. It may also refer to other related manuals and documents.
Bold Menus, menu options, function names, input fields, option button names, check boxes,
drop-down lists, dialog box names, window names, parameters, and commands.
Constant
width
Text that you type, program codes, filenames, directory names, and function names.
[ ] Optional parameters.
{ } Mandatory parameters.
| Separates individual parameter in series of parameters.
Note: provides additional information about a certain topic.
II
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1ARP ConfigurationTable of Contents
ARP Overview............................................................................................................1-1ARP Limit Overview ...................................................................................................1-2Configuring ARP ........................................................................................................1-3Maintaining ARP ........................................................................................................1-9ARP Configuration Examples ...................................................................................1-10
1.1 ARP OverviewIntroduction to ARPWhen a network device sends data to another network device, besides Internet Protocol(IP) address, the physical address (Media Access Control (MAC) address) of thedestination device is also necessary to be known. Address Resolution Protocol (ARP) isused to map IP addresses into physical addresses to guarantee smooth communications.
To reduce ARP packets in a network and send data faster, the mapping relation between IPaddresses and MAC addresses is cached in the local ARP table. When a network deviceneeds to send data, it first searches the ARP table according to the IP address. If the MACaddress of the destination device is found in the ARP table, the device does not need tosend any ARP request. The dynamic entities in the ARP table will be deleted automaticallyafter a period. This period is called the ARP aging time.
ARP PrincipleFirst, the source device broadcasts an ARP request containing the IP address of thedestination device. All devices in the network will receive ARP request. If a device findsthat the IP address in request matches its own IP address, it will send a reply containingits MAC address to the source device. The source device obtains the MAC address ofthe destination device through this reply.
To prevent the attacks from ARP virus, or to prevent that users connect devices to thenetwork randomly, permanent ARP entities can be configured on the device. A permanentARP entity takes effect immediately once the configuration is finished. It will not be losteven if the device is reset.
User can configure ARP common attributions, such as clearing time, aging time, automaticbinding of dynamic ARP entities, and so on. ARP protection mode can also be configured.
1-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
ARP protection is based on a port or a device. If the number of entities in the ARP table ismore than the pre-configured ARP protection threshold, the excess ARP packets will bediscarded and the corresponding alarm will be printed to notify network administrators.
When there is a router (or several routers) between the devices for communication, it isnecessary to enable ARP proxy function on the switch.
When ARP source filter function is enabled, the device will search its routing table afterreceiving an ARP packet. The device inspects whether there is a route that uses theinterface (on which this ARP packet is received) as the egress for the ARP packet with thissource IP. The ARP entity will be learnt if the route is found. Otherwise, the ARP packetwill be discarded. In this way, some virus attacks can be prevented.
1.2 ARP Limit OverviewIntroduction to ARP LimitARP is one of basic protocol in Transfer Control Protocol/Internet Protocol (TCP/IP)protocol stack. The attacks based on ARP always occur in the network. Excess ARPpackets will cost a lot of bandwidth and cause the network congestion.
Therefore, it is required that timestamp limit of ARP packets should be configured oninterface boards of high-end routers. This is to limit the speed of the ARP packets receivedon interfaces. When the speed of the ARP packets received exceeds the limit value, thedevice will inform the bottom to stop sending ARP packets.
ARP Limit PrincipleARP protocol provides an interactive mechanism between packets request and responseto achieve the translation between Ethernet IP addresses and physical addresses.
l When a host A needs to translate its IP address Ib, it broadcasts a special packet inthe network to ask the host whose IP address is Ib to reply with its MAC.
l All hosts in the network receive this request. But only the host B can identify itsIP address, and then it sends a reply containing its MAC address. Host A finishestranslating the Ethernet IP address of Host B to the physical address after it receivesthis reply.
ARP limit function is to limit the number of ARP packets received on the specific interfaceper second through the user configuration. This is to make the protocol safe.
On a physical port or a sub-interface on which ARP packet limit is enabled, when thenumber of ARP packets received per second exceeds the threshold set by users, thedevice will trigger the bottom layer through the socket to forbid forwarding and stop addingARP entities. The device will start the limit timer and send alarm message. The timerexpires when the triggering recovers.
The ARP module counts the ARP packets on each interface in split time. The interval isset to 1 second which corresponds to the counting cycle of timestamp limit. When the ARPmodule receives an ARP packet, the count of packet on the interface increments. After
1-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
the count is up to the threshold in the counting cycle, the device will notify the bottom tostop forwarding ARP packets.
The limit relief is realized by judging whether the limit times on the interfaces are up throughtimer polling. If the limit time is up, the limit will be relieved. Otherwise, the limit is still on.
1.3 Configuring ARPConfiguring a Permanent ARP EntityTo configure a permanent ARP entity on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#arp Enters ARP configuration
mode from global configuration
mode.
2 ZXR10(config-arp)#arp < interface-name > permanent<ip-address><hardware-address>[<external-vlanId>][<internal
-vlanId>][<physical-portname>]
Configures a permanent ARP
entity.
A description of the parameters in Step 2 is as follows:
Parameter Description
permanent Permanent binding. The configuration is applied immediately,
and it is still effective after the device is reset.
<interface-name> Interface name.
<ip-address> IP address, in dotted decimal notation.
<hardware-address> MAC address, in dotted decimal notation.
<external-vlanId> VLAN ID or external ID of the entity.
<internal-vlanId> Internal VLAN ID of the entity.
<physical-portname> Applicable to QinQ only. Specifies a physical interface for
a permanent ARP entity on a superQinQ interface. This
parameter is applicable to QinQ only.
Configuring Common ARP AttributesTo configure common ARP attributes on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config-arp)#protect {interface [<interface-name>]|
whole| common-mac|special-mac <mac-address>}[limit-num <num>]
Configures ARP protection
function. By default, ARP
protection is disabled.
1-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Step Command Function
2 ZXR10(config-arp)#to-static [ interface <interface-name>] Converts a dynamic ARP entity
to a static type entity.
3 ZXR10(config-arp)#purge-delay <interface-name><value> Configures the ARP clearing
time.
4 ZXR10(config-arp)#timeout <interface-name><seconds> Configures the aging time of
ARP entities in the ARP cache.
5 ZXR10(config-arp)#learn-disable <interface-name> This disables ARP learning
function.
6 ZXR10(config-arp)#backupvrrp-learn <interface-name> Configures the VRRP ARP
learning function for an
interface.
7 ZXR10(config-arp)#gratuitous-learn <interface-name> Configures the gratuitous
ARP learning function for an
interface.
8 ZXR10(config-arp)#netwrok-learn <interface-name> Configures the same-network
segment ARP learning function
for an interface.
9 ZXR10(config-arp)#arp <interface-name> {permanent<IP address> <MAC address> <External VLAN ID>| static<IP address> <MAC address> <External VLAN ID>}
Configures the permanent and
static type ARP entity.
ZXR10(config-arp)#interface <interface-name> Enters ARP interface
configuration mode.
ZXR10(config-arp-if)#protect [limit-num ]<num> Configures interface ARP
protection. By default, ARP
protection is disabled.
ZXR10(config-arp-if)#purge-delay <value> Configures ARP clearing time.
ZXR10(config-arp-if)#timeout <seconds> Configures the aging time of
ARP entities in the ARP cache.
ZXR10(config-arp-if)#learn-disable This disables ARP learning
function.
ZXR10(config-arp-if)#backupvrrp-learn Configures the VRRP ARP
learning function.
ZXR10(config-arp-if)#gratuitous-learn Configures the gratuitous ARP
learning function.
10
ZXR10(config-arp-if)#network-learn Configures the same-network
segment ARP learning function.
1-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
Step Command Function
ZXR10#clear arp-cache [interface <interface-name>][{ip<ip-address>| mac <mac-address>| ip-rangfrom<lower-ip-address> to<upper-ip-address>}]
Deletes dynamic ARP entities.
ZXR10#clear arp-cache static [interface<interface-name>] Deletes static ARP entities.
ZXR10#clear arp-cache permanent interface [interface<interface-name>]
Deletes permanent ARP
entities based on on the
specified range.
11
ZXR10#clear arp-cache to-static [interface <interface-name>] Deletes static ARP entities
based on on the specified
range.
A description of the parameters in Step 1 is as follows:
Parameter Description
interface Port-based ARP protection.
<interface-name> Configures ARP protection on the specific interface.
special-mac Configures the function of common MAC protection. For all
MAC addresses, when the specific MAC protection is not
enabled, the number of dynamic ARP records cannot exceed
the configured threshold of common MAC protection.
interface Configures the function of special MAC protection. For a
specific MAC address, the number of dynamic ARP records
cannot exceed the configured threshold of special MAC
protection.
whole ARP protection based on the number of global ARP records.
<num> Configures the maximum number of ARP protection records.
The value of this parameter ranges from 1 to 65536. By
default, the protection is disabled. In addition, no default
value is provided.
A description of the parameter in Step 2 is as follows:
Parameter Description
interface <interface-name> Interface name.
A description of the parameters in Step 3 is as follows:
Parameter Description
<value> Clearing time, range: 1–36000, unit: seconds, default: 1
seconds.
1-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Parameter Description
<interface-name> Interface name.
A description of the parameters in Step 4 is as follows:
Parameter Description
seconds The aging time of ARP entities in the ARP cache, range: 1
–2147483, unit: seconds, default: 14400 seconds.
<interface-name> Interface name.
A description of the parameter in Step 5 is as follows:
Parameter Description
interface<interface-name> Interface name.
A description of the parameters in Step 10 is as follows:
Parameter Description
<value> Clearing time, range: 1–36000, unit: seconds, default: 1
seconds.
<seconds> The aging time of ARP entities in the ARP cache, range: 1
–2147483, unit: seconds, default: 14400 seconds.
<interface-name> Interface name.
<ip-address> IP address.
A description of the parameters in Step 11 is as follows:
Parameter Description
interface Delete dynamic ARP entities on the specified interface.
ip Delete dynamic ARP entities based on the specified IP
address.
mac Delete dynamic ARP entities based on the specified MAC
address.
ip-range Delete dynamic ARP entities based on the specified IP
address range.
<interface-name> Interface name.
<ip-address> IP address, in dotted decimal notation.
<mac-address> MAC address, in dotted decimal notation.
<lower-ip-address> Lower limit of the IP address range.
<upper-ip-address> Upper limit of the IP address range.
1-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
Configuring an ARP ProxyTo configure an ARP proxy on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#arp Enters ARP configuration
mode from global configuration
mode.
2 ZXR10(config-arp)#proxy <interface-name> Configures ARP proxy function.
By default, ARP proxy function
is disabled.
3 ZXR10(config-arp)#interface <interface-name> Enters ARP interface
configuration mode.
4 ZXR10(config-arp-if)#proxy Configures ARP proxy function.
By default, the ARP proxy
function is disabled.
Configuring an ARP Local ProxyTo configure an ARP local proxy on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#arp Enters ARP configuration
mode from global configuration
mode.
2 ZXR10(config-arp)#local-proxy-arp <interface-name> Configures ARP local proxy
function. By default, ARP
local proxy function is
disabled.<interface-name>
is layer 3 VLAN port of a switch
only.
3 ZXR10(config-arp)#interface <interface-name> Enters ARP interface
configuration mode.
4 ZXR10(config-arp-if)#local-proxy-arp Configures ARP local proxy
function. By default, ARP local
proxy function is disabled.
Configuring ARP Source FilteringTo configure the ARP source filtering function on the ZXR10 5900E, perform the followingsteps:
1-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Step Command Function
1 ZXR10(config)#arp Enters ARP configuration
mode from global configuration
mode.
2 ZXR10(config-arp)#interface <interface-name> Enters ARP interface
configuration mode.
3 ZXR10(config-arp-if)# source-filtered Enables the ARP source
filtering function. By default,
this function is enabled. Use
no source-filtered command to
disable this function.
Configuring DAITo configure DAI on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#arp Enters the ARP configuration
mode.
2 ZXR10(config-arp)#inspection validate src-mac
{enable|disable} ip {enable|disable} dst-mac {enable|disable}
Enables or disables the global
ARP packet check switch in the
ARP configuration mode. By
default, all the three switches
are disabled.
3 ZXR10(config-arp)#inspection vlan <1-4094> Enables the DAI of a VLAN in
the ARP configuration mode.
Use the no command to restore
the DAI to the default disabled
state.
4 ZXR10(config-arp)#inspection trust < interface-name > Configures the trustworthiness
of a specified interface in the
ARP configuration mode. Use
the no command to restore
the interface to the default
untrusted state.
5 ZXR10(config-arp)#inspection limit <interface-name><1
-100>
Configures the inspection limit
for the specified interface in
ARP configuration mode. Use
the no command to restore the
default inspection limit (15).
6 ZXR10(config-arp)#interface <interface-name> Enters the ARP interface
configuration mode.
1-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
Step Command Function
7 ZXR10(config-arp-if)#inspection trust Configures the trustworthiness
of a specified interface in the
ARP configuration mode. Use
the no command to restore
the interface to the default
untrusted state.
8 ZXR10(config-arp-if)#inspection limit <1-100> Configures the inspection limit
for the specified interface in
ARP interface configuration
mode. Use the no command to
restore the default inspection
limit (15).
1.4 Maintaining ARPTo maintain the ARP function on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show arp [<ip-address>| arp-to-static | begin<word>|dynamic<word>| exclude<word>| include<word>|interface<interface-name>| ip-range from <ip-address> to<ip-address>| permanent | static | vlan {extervlanid | intervlanid
}<vlan-id>]
Displays different types of ARP
entities.
ZXR10#show running-config arp Displays the ARP configuration
information on the switch.
ZXR10#show ip arp inspection { vlan [{<1-4094>| disable | enable |
name <vlan-name>}]| interface [<interface-name>]| configure}Displays the DAI configuration
information of protocol entities on
the switch.
The following is sample output from the show arp command:
ZXR10#show arp
Arp protect whole is disabled
The count is 1
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
192.168.88.200 H 00e0.d021.0203 vlan10 N/A N/A N/A
1.1.1.1 P 0011.0011.0011 vlan1 N/A N/A N/A
2.2.2.2 D 0022.0022.0022 vlan2 N/A N/A N/A
Field descriptions are as follows:
1-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Field Description
IP Address IP address.
Age Aging time (P means permanent, and an number means the
remaining aging time of the dynamic ARP entity) .
Hardware Address MAC address.
Interface Interface name.
Exter VlanID External VLAN tag.
Inter VlanID Internal VLAN tag.
Sub Interface Sub-interface (physical port).
The following is sample output from the show running-config arp command:
ZXR10(config)#show running-config arp
!<ARP>
arp
interface vlan100
protect limit-num 100
timeout 3000
$
$
!</ARP>
ZXR10(config)#
The following is sample output from the show ip arp inspection command:
ZXR10#show ip arp inspection configure
Source Mac Validation : Disabled
Destination Mac Validation : Disabled
IP Address Validation : Enabled
1.5 ARP Configuration ExamplesPermanent ARP Configuration Examplel Configuration Description
It is required to configure permanent ARP on an interface.
l Configuration Commands
Method 1: Configure a permanent ARP entity in ARP configuration mode. Make surethat an IP address has already been configured on the interface.
ZXR10(config)#arp
ZXR10(config-arp)#arp vlan400 permanent 120.1.1.1 0020.1122.3344
1-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
Method 2: Enter ARP interface configuration mode and then configure a permanentARP entity.
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#arp permanent 120.1.1.3 0020.1122.3355
l Configuration Verification
Use the show command to view the configuration result, as shown below.
ZXR10(config)#show arp permanent
The count is 1
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
1.1.1.1 P 0020.1122.3344 vlan400 N/A N/A N/A
ZXR10(config)#show arp permanent vlan400
The count is 1
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
1.1.1.3 P 0020.1122.3355 vlan400 N/A N/A N/A
Common ARP Attributes Configuration ExampleThe configuration of common ARP attributes is shown below.
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#learn-disable
/*This disables ARP learning function on an interface.*/
ZXR10(config-arp-if)#protect limit-num 10
/*This sets the number of ARP entities protected to 10.*/
ZXR10(config-arp-if)#proxy
/*This enables ARP proxy function.*/
ZXR10(config-arp-if)#purge-delay 10
/*This configures ARP clearing time to 10 s.*/
ZXR10(config-arp-if)#no source-filtered
/*This disables source filter function.*/
ZXR10(config-arp-if)#timeout 10
/*This sets the aging time to 10 s.*/
ZXR10(config-arp-if)#show running-config arp
/*This views the configuration result.*/
arp
interface vlan400
timeout 10
purge-delay 10
protect limit-num 10
proxy
1-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
learn-disable
no source-filtered
$
!
ARP Proxy Applicationl Configuration Description
As shown in Figure 1-1, Host A thinks that Host D is in the same segment with itself(according to the masks). When Host A intends to communicates with Host D, HostA sends an ARP request to Host D, as shown below:
Sender's MAC Addr Sender's IP Target MAC Addr Target IP
00-00-0c-94-36-aa 172.16.10.100 00-00-00-00-00-00 172.16.20.200
As shown in Figure 1-1, the ARP request cannot reach Host D, as a route does notforward broadcast messages generally. In the condition that there is no ARP proxy,the communication will fail.
Figure 1-1 Topology of ARP Proxy Application
When ARP proxy function is enabled on the switch, the router will request for valid IPaddresses except the IP address of the receiving interface on the switch. The switchreplies with the MAC address on the ingress interface of the ARP packet, as shownbelow:
Sender's MAC Addr Sender's IP Target MAC Addr Target IP
00-00-0c-94-36-ab 172.16.20.200 00-00-0c-94-36-aa 172.16.10.100
1-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
Therefore, a new entity is added into the ARP table of Host A, as shown below:
ZXR10(config)#show arp
The count is 2
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
172.16.20.200 00:00:03 0000.0c94.36ab vlan10 N/A N/A gei-0/1/0/1
l Configuration Commands
The configuration to enable ARP proxy function on the router:
ZXR10(config-arp)#interface vlan10
ZXR10(config-arp-if)#proxy
ZXR10(config-arp-if)#exit
ZXR10(config-arp)#exit
ZXR10(config)#show running-config arp
arp
interface vlan10
proxy
$
!
ARP Source Filter Applicationl Configuration Description
ARP source filter function is enabled by default. After this function is enabled, theswitch will search its routing table to check whether there is a route that uses theinterface (on which this ARP packet is received) as the egress for the ARP packetwith this source IP. The ARP entity will be learnt if the route is found. Otherwise, theARP packet will be discarded.
l Configuration Commands
The configuration is shown below:
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#no source-filtered
/*Disable source filter*/
ZXR10(config-arp-if)#show running-config arp
arp
interface vlan400
no source-filtered
$
!
ZXR10(config-arp-if)#source-filtered
/*Enable source filter*/
ZXR10(config-arp-if)#show running-config arp
1-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
1.5.1 Permanent ARP Configuration Example
Configuration DescriptionIt is required to configure permanent ARP on an interface.
Configuration CommandsMethod 1: Configure a permanent ARP entity in ARP configuration mode. Make sure thatan IP address has already been configured on the interface.
ZXR10(config)#arp
ZXR10(config-arp)#arp vlan400 permanent 120.1.1.1 0020.1122.3344
Method 2: Enter ARP interface configuration mode and then configure a permanent ARPentity.
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#arp permanent 120.1.1.3 0020.1122.3355
Configuration VerificationUse the show command to view the configuration result, as shown below.
ZXR10(config)#show arp permanent
The count is 1
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
1.1.1.1 P 0020.1122.3344 vlan400 N/A N/A N/A
ZXR10(config)#show arp permanent vlan400
The count is 1
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
1.1.1.3 P 0020.1122.3355 vlan400 N/A N/A N/A
1.5.2 Common ARP Attributes Configuration ExampleThe configuration of common ARP attributes is shown below.
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#learn-disable
/*This disables ARP learning function on an interface.*/
ZXR10(config-arp-if)#protect limit-num 10
/*This sets the number of ARP entities protected to 10.*/
ZXR10(config-arp-if)#proxy
/*This enables ARP proxy function.*/
ZXR10(config-arp-if)#purge-delay 10
1-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
/*This configures ARP clearing time to 10 s.*/
ZXR10(config-arp-if)#no source-filtered
/*This disables source filter function.*/
ZXR10(config-arp-if)#timeout 10
/*This sets the aging time to 10 s.*/
ZXR10(config-arp-if)#show running-config arp
/*This views the configuration result.*/
arp
interface vlan400
timeout 10
purge-delay 10
protect limit-num 10
proxy
learn-disable
no source-filtered
$
!
1.5.3 ARP Proxy Application
Configuration DescriptionAs shown in Figure 1-2, Host A thinks that Host D is in the same segment with itself(according to the masks). When Host A intends to communicates with Host D, Host Asends an ARP request to Host D, as shown below:
Sender's MAC Addr Sender's IP Target MAC Addr Target IP
00-00-0c-94-36-aa 172.16.10.100 00-00-00-00-00-00 172.16.20.200
As shown in Figure 1-2, the ARP request cannot reach Host D, as a route does notforward broadcast messages generally. In the condition that there is no ARP proxy, thecommunication will fail.
1-15
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 1-2 Topology of ARP Proxy Application
When ARP proxy function is enabled on the switch, the router will request for valid IPaddresses except the IP address of the receiving interface on the switch. The switchreplies with the MAC address on the ingress interface of the ARP packet, as shown below:
Sender's MAC Addr Sender's IP Target MAC Addr Target IP
00-00-0c-94-36-ab 172.16.20.200 00-00-0c-94-36-aa 172.16.10.100
Therefore, a new entity is added into the ARP table of Host A, as shown below:
ZXR10(config)#show arp
The count is 2
IP Hardware Exter Inter Sub
Address Age Address Interface VlanID VlanID Interface
--------------------------------------------------------------------------
172.16.20.200 00:00:03 0000.0c94.36ab vlan10 N/A N/A gei-0/1/0/1
Configuration CommandsThe configuration to enable ARP proxy function on the router:
ZXR10(config-arp)#interface vlan10
ZXR10(config-arp-if)#proxy
ZXR10(config-arp-if)#exit
ZXR10(config-arp)#exit
ZXR10(config)#show running-config arp
arp
interface vlan10
proxy
1-16
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 1 ARP Configuration
$
!
1.5.4 ARP Source Filter Application
Configuration DescriptionARP source filter function is enabled by default. After this function is enabled, the switchwill search its routing table to check whether there is a route that uses the interface (onwhich this ARP packet is received) as the egress for the ARP packet with this source IP.The ARP entity will be learnt if the route is found. Otherwise, the ARP packet will bediscarded.
Configuration CommandsThe configuration is shown below:
ZXR10(config-arp)#interface vlan400
ZXR10(config-arp-if)#no source-filtered
/*Disable source filter*/
ZXR10(config-arp-if)#show running-config arp
arp
interface vlan400
no source-filtered
$
!
ZXR10(config-arp-if)#source-filtered
/*Enable source filter*/
ZXR10(config-arp-if)#show running-config arp
1-17
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
1-18
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2VLAN ConfigurationTable of Contents
VLAN Overview..........................................................................................................2-1Configuring a VLAN....................................................................................................2-2Maintaining a VLAN....................................................................................................2-8VLAN Basic Configuration Example .........................................................................2-10
2.1 VLAN OverviewIntroduction to VLANThe virtual local area network (VLAN) is a technology that logically divides the devices ina LAN into network segments to implement the functions of virtual workgroup. A VLAN ismainly used to isolate the broadcast domain.
The VLAN logically divides network resources and users according to certain rules. Thatis, it divides a physical network into several small logical networks. These logical networksform their respective broadcast domains, that is, VLANs.
VLAN PrincipleThe VLAN functions on a switch in the following four ways:
l VLAN allocated by interface
In this case, VLANs are allocated by interfaces on Ethernet switches. To be specific,the VLAN to which each interface belongs is clearly specified. Allocating VLANs byinterface is one of the most widely used methods. The IEEE 802.1Q provides aninternational standard for allocating VLANs by interfaces on Ethernet switches.
l VLAN allocated by MAC address
In this case, VLANs are allocated by the MAC address of each host. To be specific,the group to which each host belongs is clearly specified. That is, the VLAN to whichan interface belongs is determined by querying and recording the MAC address of thenetwork adaptor on the host connected to the interface. Suppose that MAC address Ais configured by a switch to belong to VLAN 10. In this case, no matter which interfaceon the switch is used to connect the host with MAC address A, the interface will beallocated to VLAN 10. For example, if interface 1 is used to connect the host, interface1 belongs to VLAN 10; if interface 2 is used to connect the host, interface 2 belongsto VLAN 10.
l VLAN allocated by IP subnet
2-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
In this case, VLANs are allocated by subnet. To be specific, the VLAN to which aninterface belongs is determined by the IP address of the connected host. Unlikethe VLAN allocated by MAC address, an interface can be successfully added to theoriginal VALN for a same IP address, even though the MAC address is changed due toreplacement of network adaptor or other reasons. For the VLAN allocated by subnet,the VLAN of a frame is determined by the subnet to which the frame belongs. Toachieve this, the switch must check the network-layer content of a received frame.This kind of VLAN is like a switch, dividing subnets into different broadcast domains.
l VLAN allocated by network protocol
In this case, VLANs are allocated by protocol. To be specific, a physical network isdivided into multiple logical VLANs based on protocol. When an interface receives aframe, its VLAN is determined by the protocol type in the packet. For example, IP,IPX, and Appletalk may have their own independent VLAN. The IP broadcast framesare sent only to all the interfaces in the IP VLAN.
This allocation method is quite flexible, which is the same as the advantage ofthe VLAN allocated by subnet. It is applicable to the L3 network or the networkenvironment with various protocols.
VLAN TranslationVLAN translation is used in metropolitan area networks. The VLAN IDs of switches usedfor edge access can be the same. VLAN translation can modify the same VLAN IDs todifferent VLAN IDs, and then forwards packets through the uplink interface on the ZXR105900E. In this way, user isolation on L2 switches can be achieved.
The ZXR10 5900E supports ingress VLAN translation and egress VLAN translation.
2.2 Configuring a VLANConfiguring VLAN Properties of Single L2 InterfaceTo configure VLAN properties of a single L2 interface on the ZXR10 5900E, perform thefollowing steps:
Steps Command Function
1 ZXR10(config)#switchvlan-configuration Enters switch VLAN
configuration mode.
2 ZXR10(config-swvlan)#interface <interface-name> Enters switch VLAN interface
configuration mode.
3 ZXR10(config-swvlan-if-ifname)#switchport mode
{access|hybrid|trunk}
Configures the VLAN link mode
of an Ethernet interface. The
default mode is access.
2-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
Steps Command Function
4 ZXR10(config-swvlan-if-ifname)#switchport access
vlan <vlan_id>
Adds an access interface to a
VLAN. If the VLAN does not
exist, create it.
5 ZXR10(config-swvlan-if-ifname)#switchport trunk
native vlan <vlan_id>
Configures the native VLAN of
a trunk interface. If the VLAN
does not exist, create it.
6 ZXR10(config-swvlan-if-ifname)#switchport hybrid
native vlan <vlan_id>
Configures the native VLAN of
a hybrid interface. If the VLAN
does not exist, create it.
7 ZXR10(config-swvlan-if-ifname)#switchport trunk vlan
<vlan_list>
Adds a trunk interface to a
VLAN. If the VLAN does not
exist, create it.
8 ZXR10(config-swvlan-if-ifname)#switchport hybrid
vlan <vlan_list>{tag|untag}
Adds a hybrid interface to a
VLAN. If the VLAN does not
exist, create it.
9 ZXR10(config-swvlan-if-ifname)#acceptable frame
types {all|tag}
Configures the mode of an
interface for receiving frames.
If the value of this parameter is
configured to tag, the interfacereceives only the frames with
VLAN tag. For the frames
without VLAN tag, the interface
discards them. If the value of
this parameter is configured
to all, the interface receives
all the frames. The default
configuration is all.
10 ZXR10(config-swvlan-if-ifname)#ingress filtering
{enable|disable}
Configures the ingress filtering
function of an interface. If
the function is enabled, the
interface discards the VLAN
packets that do not belong to it.
If the function is not enabled,
the interface does not discard
the VLAN packets that do
not belong to it. The default
configuration is enable.
11 ZXR10(config-swvlan-if-ifname)#protocol-map
{enable|disable}
Enables or disables the
protocol map function of an
interface, default: enable.
2-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
12 ZXR10(config-swvlan-if-ifname)#subnet-map
{enable|disable}
Enables or disables the subnet
map function of an interface,
default: enable.
13 ZXR10(config-swvlan-if-ifname)#switchport qinq
{normal|uplink|customer}
Configures the QinQ mode of
an interface. The default mode
is normal.
14 ZXR10(config-swvlan-if-ifname)#switchport qinq tpid
external <ex_tpid>
Configures the external QinQ
TPID of an interface, default:
0x8100.
15 ZXR10(config-swvlan)#set-qinq-internal-tpid <in_tpid> Configures the internal QinQ
TPID of an interface, default:
0x8100.
A description of the parameters in Step 3 is as follows:
Parameter Description
access Configures the QinQ mode of an interface to access.
trunk Configures the QinQ mode of an interface to trunk.
hybrid Configures the QinQ mode of an interface to hybrid.
A description of the parameter in Step 4 through Step 6 is as follows:
Parameter Description
<vlan_id> Indicates the VLAN ID. The value of this parameter ranges
from 1 to 4094.
A description of the parameter in Step 7 is as follows:
Parameter Description
<vlan_list> Indicates the VLAN list that supports batch configuration. The
value of this parameter ranges from 1 to 4094.
A description of the parameters in Step 8 is as follows:
Parameter Description
<vlan_list> Indicates the VLAN list that supports batch configuration. The
value of this parameter ranges from 1 to 4094.
tag Indicates that the interface is tagged.
untag Indicates that the interface is untagged.
A description of the parameters in Step 9 is as follows:
2-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
Parameter Description
all Configures the interface to receive all the types of frames.
tag Configures the interface to receive only the tagged frames.
A description of the parameters in Step 10 through Step 12 is as follows:
Parameter Description
enable Enables the function.
disable Disables the function.
A description of the parameters in Step 13 is as follows:
Parameter Description
normal Configures the QinQ mode of an interface to normal.
customer Configures the QinQ mode of an interface to customer.
uplink Configures the QinQ mode of an interface to uplink.
A description of the parameter in Step 14 is as follows:
Parameter Description
<ex_tpid> Configures the external TPID of an interface. The available
options are 0x88a8, 0x8100, 0x9100, 0x9200, and 0x9300.
A description of the parameter in Step 15 is as follows:
Parameter Description
<in_tpid> Configures the internal TPID of an interface. The available
options are 0x88a8, 0x8100, 0x9100, 0x9200, and 0x9300.
Configuring a MAC-Based VLANTo configure a MAC-Based VLAN on the ZXR10 5900E, perform the following steps:
Ste-ps
Command Function
1 ZXR10(config)#mac-vlan session-no <session-id> Enter a MAC-based VLAN
session.
2 ZXR10(config-swvlan-mac-vlan-X)#rule 1 mac-address
<mac-address> mac-mask <mac-mask> vlan <vlan-id>
Sets MAC-based VLAN rules.
3 ZXR10(config-swvlan)#mac-vlan interface
<interface-name> session-no <session-id>
Binds a specific MAC-based
VLAN session to multiple ports.
2-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Configuring VLAN Properties of Ethernet Interfaces in BatchesTo configure VLAN properties of Ethernet interfaces in batches on the ZXR10 5900E,perform the following steps:
Step-s
Command Function
1 ZXR10(config)#switchvlan-configuration Enters the switch VLAN
configuration mode.
2 ZXR10(config-swvlan)#switchport <port_list> qinq
{normal|customer|uplink}
Configures the QinQ mode of
Ethernet interfaces in batches.
The default mode is normal.
3 ZXR10(config-swvlan)#switchport <port_list> qinq tpidexternal <ex_tpid>
Configures the external QinQ
TPID of Ethernet interfaces in
batches, default: 0x8100.
4 ZXR10(config-swvlan)#subnet-map session-no
<1-256><ip-adress><ip-mask> vlan {<vlan-id>|WORD }
Creates a subnet VLAN
5 ZXR10(config-swvlan)#protocol-map session-no
<1-16>{ethernet2 | llc | snap} 0xHHHH vlan {<1-4094>|
WORD}
Creates a protocol VLAN
6 ZXR10(config-swvlan)#protocol-map interface
<port_list>{enable|disable}
Enables or disables the
protocol VLAN function of
Ethernet interfaces in batches,
default: enable.
7 ZXR10(config-swvlan)#subnet-map interface
<port_list>{enable|disable}
Enables or disables the subnet
VLAN function of Ethernet
interfaces in batches, default:
enable.
A description of the parameters in Step 2 is as follows:
Parameter Description
<port_list> Indicates the interface list for batch configuration.
normal Configures the QinQ mode of Ethernet interfaces to normal.
customer Configures the QinQ mode of Ethernet interfaces to
customer.
uplink Configures the QinQ mode of Ethernet interfaces to uplink.
A description of the parameters in Step 3 is as follows:
Parameter Description
<port_list> Indicates the interface list for batch configuration.
2-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
Parameter Description
<ex_tpid> Configures the external TPID of Ethernet interfaces. The
available options are 0x88a8, 0x8100, 0x9100, 0x9200, and
0x9300.
A description of the parameters in Step 6 and Step 7 is as follows:
Parameter Description
<port_list> Indicates the interface list for batch configuration.
enable Enables the function.
disable Disables the function.
Configuring VLAN TranslationTo configure VLAN translation on the ZXR10 5900E, perform the following steps:
Steps Command Function
1 ZXR10(config)#switchvlan-configuration Enters switch VLAN
configuration mode.
2 ZXR10(config-swvlan)#vlan translate session-no
<session_no> ingress-port <interface_name>Creates a VLAN-ingress
translation rule, including the
session number and ingress
interface, and enters VLAN
translation configuration mode.
The VLAN-ingress
translation can not configure
qinq-customer type.Otherwise VLAN translation
become invalid.
3 ZXR10(config-swvlan)#vlan translate session-no
<session_no> exgress-port <interface_name>Creates a VLAN-egress
translation rule, including the
session number and egress
interface, and enters VLAN
translation configuration mode.
4 ZXR10(config-swvlan-trans-session-number)#ingress-
invlan <vlan-list>
Configures the ID of the internal
VLAN before translation.
Multiple VLAN IDs can be
configured in batches.
5 ZXR10(config-swvlan-trans-session-number)#ingre
ss-outvlan <vlan-list>
Configures the ID the external
VLAN before translation.
Multiple VLAN IDs can be
configured in batches.
2-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
6 ZXR10(config-swvlan-trans-session-number)#exgress-
invlan {ingress-same |<vlan_id>}
Configures the VLAN of the
internal tag after translation.
7 ZXR10(config-swvlan-trans-session-number)#exgress-
outvlan {untag | ingress-same |<vlan_id>}
Configures the VLAN of the
external tag after translation.
8 ZXR10(config-swvlan-trans-session-number)#exgres
s-invlan-prio {<prio>| map}
Configures the priority of the
internal tag after translation.
If this command is used, the
VLAN of the internal tag after
translation configured in Step 6
must be the specific VLAN ID.
9 ZXR10(config-swvlan-trans-session-number)#exgress-
outvlan-prio {<prio>| map}
Configures the priority of the
external tag after translation.
If this command is used, the
VLAN of the external tag after
translation configured in Step 7
must be the specific VLAN ID.
10 ZXR10(config-swvlan)#no vlan translate session-no
{<session_no>| all}
Deletes the specified session
or all sessions.
11 ZXR10(config-swvlan)#vlan translate statistics session
<session_no>{enable | disable}
Enables or disables the VLAN
translation statistics function.
By default, the function is
disabled.
12 ZXR10#clear vlan translate statistics session <session_no> Clears VLAN translation
statistics.
A description of the parameters in Step 2 through Step 4 is as follows:
Parameter Description
<session_no> Serial number of a session, range: 1–1024.
<interface_name> Port name.
<vlan-list> Ingress VLAN list.
<prio> Priority of the tag.
<vlan_id> VLAN ID.
all All sessions.
2.3 Maintaining a VLANTo maintain the VLAN function on the ZXR10 5900E, run the following commands:
2-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
Command Function
ZXR10(config-swvlan)#show vlan Displays the configuration of
interfaces in a VLAN.
ZXR10(config-swvlan)#show running-config switchvlan [all] Displays the configuration of a
switch.
ZXR10(config-swvlan)#show vlan translation <session_no> Displays the information about
VLAN translation of the specified
session.
ZXR10(config-swvlan)#show vlan translate statistics session
<session_no>
Displays packet statistics on VLAN
translation.
The following is sample output from the show vlan command:
ZXR10(config-swvlan)#show vlan
VLAN Name PvidPorts UntagPorts TagPorts
--------------------------------------------------------------
1 vlan0001 gei-0/1/1/1 gei-0/1/1/1
gei-0/1/1/3
2 vlan0002 gei-0/1/1/1
3 vlan0003 gei-0/1/1/1
gei-0/1/1/3
4 vlan0004 gei-0/1/1/1
5 vlan0005 gei-0/1/1/2 gei-0/1/1/1
6 vlan0006 gei-0/1/1/1
The following is sample output from the show running-config switchvlan command:
ZXR10(config-swvlan)#show running-config switchvlan
! <switchvlan>
switchvlan-configuration
vlan 1
$
vlan 2
$
vlan 3
$
vlan 4
$
vlan 5
$
vlan 6
$
interface gei-0/1/1/1
switchport mode trunk
switchport trunk vlan 1-6
2-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
$
interface gei-0/1/1/2
switchport access vlan 5
$
interface gei-0/1/1/3
switchport mode hybrid
switchport hybrid vlan 3 tag
$
! </switchvlan>
The following is sample output from the show vlan translation command:
ZXR10(config-swvlan)#show vlan translation 1
SESS TRANSPORT INMAP OUTMAP INVLAN PRI OUTVLAN PRI ADV
-----------------------------------------------------------------
1 [I]gei-0/1/1/1 10 100 0
The following is sample output from the show vlan translate statistics session command:
ZXR10(config-swvlan)#show vlan translate statistics session 1
vlan translate session 1 statistics:
120s input rate : 0Bps 0Pps
120s output rate : 0Bps 0Pps
StreamCounters(update interval 10s)
In_Bytes 0 In_Packets 0
E_Bytes 0 E_Packets 0
ZXR10(config-swvlan)#
2.4 VLAN Basic Configuration Example
2.4.1 VLAN Basic Configuration ExampleAs shown in Figure 2-1, switch A is connected to switch B. They have both VLAN 10 andVLAN 20 users.
Figure 2-1 Network Topology with VLAN
The configuration of switch A:
2-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan 10
ZXR10(config-swvlan-sub)#switchport pvid gei-0/1/1/1-2
ZXR10(config-swvlan-sub)#exit
ZXR10(config-swvlan)#vlan 20
ZXR10(config-swvlan-sub)#switchport pvid gei-0/1/1/4-5
ZXR10(config-swvlan-sub)#exit
ZXR10(config-swvlan)#interface gei-0/1/1/24
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport mode trunk
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport trunk vlan 10
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport trunk vlan 20
The configuration of switch B:
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan 10
ZXR10(config-swvlan-sub)#switchport pvid gei-0/1/1/1-2
ZXR10(config-swvlan-sub)#exit
ZXR10(config-swvlan)#vlan 20
ZXR10(config-swvlan-sub)#switchport pvid gei-0/1/1/4-5
ZXR10(config-swvlan-sub)#exit
ZXR10(config-swvlan)#interface gei-0/1/1/24
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport mode trunk
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport trunk vlan 10
ZXR10(config-swvlan-if-gei-0/1/1/24)#switchport trunk vlan 20
2.4.2 VLAN Translation Configuration Example
Configuration DescriptionThe network topology of a VLAN translation configuration example is shown in Figure 2-2.PC1 is connected to the downlink interface of Switch1, and Switch1 is connected to RouterA through the uplink interface.
Figure 2-2 VLAN Translation Configuration Example
Configuration Thought1. For packets with single tag 100 received on the ingress gei-0/1/1/1, after VLAN
translation, the tag is changed to 200.
2-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
2. For packets with dual tags (the inner tag is 100 and the outer tag is 200) received onthe ingress gei-0/1/1/1, after VLAN translation, the inner tag is changed to 101 and theouter tag is changed to 201.
3. For packets with single tag 100 forwarded on the egress gei-0/1/1/3, after VLANtranslation, the tag is changed to 200.
4. For packets with dual tags (the inner tag is 100 and the outer tag is 200) forwarded onthe egress gei-0/1/1/3, after VLAN translation, the inner tag is changed to 101 and theouter tag is changed to 201.
Configuration Commands1. The configuration for single-tag translation on the ingress:
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan translate session-no 1 in
ZXR10(config-swvlan)#sate session-no 1 ingress-port gei-0/1/1/1
ZXR10(config-swvlan-trans-session-1)#ingress-invlan 100
ZXR10(config-swvlan-trans-session-1)#exgress-invlan 200
ZXR10(config-swvlan-trans-session-1)#exgress-outvlan untag
ZXR10(config-swvlan-trans-session-1)#
Configuration verification:
ZXR10(config-swvlan-trans-session-1)#show vlan translation
SESS TRANSPORT INMAP OUTMAP INVLAN PRI OUTVLAN PRI ADV
----------------------------------------------------------------------------
1 [I]gei-0/1/1/1 100 200 untag 0
ZXR10(config-swvlan-trans-session-1)#
2. The configuration for dual-tag translation on the ingress:ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan translate session-no 2 in
ZXR10(config-swvlan)#sate session-no 2 ingress-port gei-0/1/1/1
ZXR10(config-swvlan-trans-session-1)#ingress-invlan 100
ZXR10(config-swvlan-trans-session-1)#ingress-outvlan 200
ZXR10(config-swvlan-trans-session-1)#exgress-invlan 101
ZXR10(config-swvlan-trans-session-1)#exgress-outvlan 201
ZXR10(config-swvlan-trans-session-1)#
Configuration verification:
ZXR10(config-swvlan-trans-session-1)#show vlan translation
SESS TRANSPORT INMAP OUTMAP INVLAN PRI OUTVLAN PRI ADV
----------------------------------------------------------------------------
1 [I]gei-0/1/1/1 100 200 101 201 0
ZXR10(config-swvlan-trans-session-1)#
3. The configuration for single-tag translation on the egress:ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan translate session-no 2 exgress-port gei-0/1/1/3
ZXR10(config-swvlan-trans-session-1)#ingress-invlan 100
2-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 2 VLAN Configuration
ZXR10(config-swvlan-trans-session-1)#exgress-invlan 200
ZXR10(config-swvlan-trans-session-1)#exgress-outvlan untag
ZXR10(config-swvlan-trans-session-1)#
Configuration verification:
ZXR10(config-swvlan-trans-session-1)#show vlan translation
SESS TRANSPORT INMAP OUTMAP INVLAN PRI OUTVLAN PRI ADV
----------------------------------------------------------------------------
1 [E]gei-0/1/1/3 100 200 untag 0
ZXR10(config-swvlan-trans-session-1)#
4. The configuration for dual-tag translation on the egress:ZXR10(config)#switchvlan-configuration
ZXR10 (config-swvlan)#vlan translate session-no 2 exgress-port gei-0/1/1/3
ZXR10(config-swvlan-trans-session-1)#ingress-invlan 100
ZXR10(config-swvlan-trans-session-1)#ingress-outvlan 200
ZXR10(config-swvlan-trans-session-1)#exgress-invlan 101
ZXR10(config-swvlan-trans-session-1)#exgress-outvlan 201
ZXR10(config-swvlan-trans-session-1)#
Configuration verification:
ZXR10(config-swvlan-trans-session-1)#show vlan translation
SESS TRANSPORT INMAP OUTMAP INVLAN PRI OUTVLAN PRI ADV
----------------------------------------------------------------------------
1 [E]gei-0/1/1/3 100 200 101 201 0
ZXR10(config-swvlan-trans-session-1)#
2-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
2-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 3SuperVLAN ConfigurationTable of Contents
SuperVLAN Overview ................................................................................................3-1Configuring a SuperVLAN ..........................................................................................3-2Maintaining a SuperVLAN ..........................................................................................3-5SuperVLAN Configuration Example............................................................................3-6
3.1 SuperVLAN OverviewIntroduction to SuperVLANSuperVLAN is a type of virtual interface formed by binding several interfaces, such asVLAN sub-interface nn different boards.
SuperVLAN technology aggregates many subVLANs together. These subVLANs shareone IP sub-network and the same default gateway. In a SuperVLAN, all subVLANs canallocate IP addresses in the SuperVLAN flexibly and use the default gateway of theSuperVLAN. Each subVLAN has its own independent broadcast domain, which ensuresthe isolation between different users. The communication between subVLANs is routedby the SuperVLAN. The SuperVLAN supports cross-board interface binding .
SuperVLAN PrincipleSuperVLAN is advanced by Internet Society RFC 3069. After VLAN is introduced, differentVLANs cannot communicate with each other through L2 forwarding. The communicationis realized through L3 routing. Thus, it is necessary to configure different IP addresssegments between VLANs. To save IP addresses, SuperVLAN is used.
The principle of common VLAN is shown in Figure 3-1.
Figure 3-1 VLAN Configuration on Device without SuperVLAN
3-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
On the device, the ports connecting A, B,C and D belong to different VLANs. Therefore,the different IP address segments are configured on A, B, C and D. The communicationsare realized through L3 route forwarding.
As shown in Figure 3-2, after SuperVLAN is used, VLAN 1 and VLAN 2 are bound toSuperVLAN1, while VLAN 3 and VLAN 4 are bound to SuperVLAN2.
Figure 3-2 Configuration on Device with SuperVLAN
The network segment x.x.x.0/24 is configured on A and B, and x.x.y.0/24 network segmentis configured on C and D. SuperVLAN 1 acts as the ARP proxy between A and B, andSuperVLAN2 acts as the ARP proxy between C and D. Therefore, the communicationsbetween A and B, and between C and D can be realized through L2 forwarding. However,the communication between the hosts in different network segments (such as A and C)still needs to be realized through L3 forwarding.
In addition, each VLAN member of SuperVLAN is allocated an IP address segment.To ensure the security, the packets will be discarded if the IP addresses of the packetsreceived by the SuperVLAN do not match the allocated IP address segment.
3.2 Configuring a SuperVLANConfiguring SuperVLAN Switch AttributesTo configure SuperVLAN switch attributes on ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#supervlan Enters SuperVLAN
configuration mode.
2 ZXR10(config-supervlan)#interface supervlan
<supervlan-id>
Enters SuperVLAN interface
configuration mode.
3 ZXR10(config-supervlan-superif)#arp-broadcast
{enable | disable}
Enables or disables the
function that SuperVLAN
broadcasts ARP to all its
subVLANs. By default, this
function is disabled.
3-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 3 SuperVLAN Configuration
Step Command Function
4 ZXR10(config-supervlan-superif)#inter-subvlan-rout
ing {enable | disable}
Enables or disables the
inter-subVLAN routing
function. By default, this
function is enabled.
5 ZXR10(config-supervlan-superif)#ip-pool-filter
{enable | disable}
Enables or disables
SuperVLAN IP pool filter
function. By default, this
function is enabled.
This filter function command
are effective only for ICMP and
ARP protocol.
6 ZXR10(config-supervlan-superif)#gratuitous-arp-bro
adcast {enable | disable}
Enables or disables the
function that SuperVLAN
broadcasts ARP to all its
subVLANs for free. By default,
this function is enabled.
Descriptions of the parameter in Step 2:
Parameter Description
supervlan <supervlan-id> SuperVLAN ID, range: 1–4000.
Configuring Interface Properties of a SuperVLAN MemberTo configure interface properties of a SuperVLAN member on ZXR10 5900E, perform thefollowing steps:
Step Command Function
1 ZXR10(config)#supervlan Enters SuperVLAN
configuration mode.
2 ZXR10(config-supervlan)#subvlan <subvlan-id> Enters SUPERVLAN_SUB-
VLAN configuration mode.
3 ZXR10(config-supervlan-subvlan)#supervlan
<supervlan-id>
Binds an specified SubVLAN
interface to a SuperVLAN.
4 ZXR10(config-supervlan-subvlan)#vlanpool
<ip-address1><ip-address2>
Binds an IP address segment
to a subVLAN interface.
5 ZXR10(config-supervlan-subvlan)#gratuitous-arp-bro
adcast {enable | disable}
Enables or disables the
function that SubVLAN
broadcasts ARP for free.
By default, this function is
enabled.
3-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Descriptions of the parameter in Step 2:
Parameter Description
<subvlan-id> SubVLAN ID number, range: 1–4094.
Descriptions of the parameter in Step 3:
Parameter Description
supervlan <supervlan-id> SuperVLAN ID number, range: 1–4000.
Descriptions of the parameter in Step 4:
Parameter Description
<ip-address1> The start IP address of the address segment, in A.B.C.D
format.
<ip-address2> The end IP address of the address segment, in A.B.C.D
format.
Descriptions of the parameter in Step 5:
Parameter Description
enable Enables the function that SubVLAN broadcasts ARP for free.
disable Disables the function that SubVLAN broadcasts ARP for free.
On the ZXR10 5900E, use the following commands to bind SubVLANs to a specifiedSuperVLAN in batches.
To bind SubVLAN to a specified SuperVLAN on ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#supervlan Enters SuperVLAN
configuration mode.
2 ZXR10(config-supervlan)#interface supervlan
<supervlan-id>
Enters SuperVLAN
aggregation interface
configuration mode.
3 ZXR10(config-supervlan-superif)#subvlan
<subvlan-id>
Binds a single or several
SubVLAN interfaces to
a specified SuperVLAN
interface.
Descriptions of the parameter in Step 2:
Parameter Description
supervlan<supervlan-id> SuperVLAN ID number, range: 1–4000.
3-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 3 SuperVLAN Configuration
Descriptions of the parameter in Step 3:
Parameter Description
<subvlan-id> SubVLAN ID number, range: 1–4094.
3.3 Maintaining a SuperVLANTo maintain the SuperVLAN function on the ZXR10 5900E, run the following commands:
Command Function
ZXR10(config)#show supervlan [<supervlan-id>] Displays the configuration of a
SuperVLAN.
ZXR10(config)#show supervlan-pool [<supervlan-id>] Displays the IP pool bound to a
subVLAN.
The following is sample output from the show supervlan command:
ZXR10(config)#show supervlan
The total SuperVLAN number:1
SuperVLAN No: 10
ARP-Broadcast : Disable
Gratuitous-ARP-Broadcast : Enable
Inter-SubVLAN-Routing-IPv4: Enable
Inter-SubVLAN-Routing-IPv6: Enable
IP-POOL-Filter : Enable
ND-Broadcast : Disable
----------------------------------------
SubIntf : subvlan10
Field descriptions are as follows:
Field Description
ARP-Broadcast: Disable The function that SuperVLAN broadcasts ARP to all its
subVLANs is disabled.
Gratuitous-ARP-Broadcast: Enable The function that SuperVLAN broadcasts ARP to all its
subVLANs for free is enabled.
IP-POOL-Filter: Enable The function that SuperVLAN filter the source IP address
is enabled.
3-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Field Description
Inter-SubVLAN-Routing-IPv4:
Enable
Inter-SubVLAN-Routing-IPv6:
Enable
The inter-subVLAN routing function is enabled. By default,
the function is enabled in IPv4 and IPv6.
ND-Broadcast: Disable The function that the SuperVLAN broadcasts ND to all
SubVLANs is disabled. This function cannot be enabled
through command configuration.
SubIntf: subvlan10 The member interface SubVLAN 10 of the SuperVLAN 10
interface.
The following is sample output from the show supervlan-pool command:
ZXR10(config-supervlan)#show supervlan-pool
Addr-Begin Addr-End Supervlan-Name SubIntf-Name
1.1.1.1 1.1.1.255 supervlan10 subvlan10
Field descriptions are as follows:
Field Description
From 1.1.1.1 To 1.1.1.255 The filter range of SuperVLAN IP pool is from 1.1.1.1 to
1.1.1.255.
3.4 SuperVLAN Configuration ExampleConfiguration DescriptionSuperVLAN technology aggregates many subVLANs together. These subVLANs shareone IP sub-network and the same default gateway. In a SuperVLAN, all subVLANscan allocate IP addresses of SuperVLAN flexibly and use the default gateway of theSuperVLAN. Each subvlan has its own independent broadcast domain, which ensuresthe isolation between different users. The communication between subVLANs is routedby the SuperVLAN.
The network topology of a SuperVLAN configuration example is shown in Figure 3-3.
3-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 3 SuperVLAN Configuration
Figure 3-3 SuperVLAN Configuration Example
Configuration Thought1. Create a SuperVLAN interface.2. Configure an IP address.3. Input SuperVLAN interface name, and then enter SuperVLAN aggregation interface
configuration mode.4. Disable ip-pool-filter.5. Enable arp-broadcast.6. Input the created SubVLAN interface, and then enter SUPERVLAN_SUBVLAN
configuration mode.7. Bind this interface to SuperVLAN.8. Configure IP-POOL on the SubVLAN.
Configuration CommandsThe configuration of ZXR10:
ZXR10(config)#interface supervlan11
ZXR10(config-if)#ip address 192.11.1.1 255.255.255.0
ZXR10(config-if)#exit
ZXR10(config)#supervlan
ZXR10(config-supervlan)#interface supervlan11
ZXR10(config-supervlan-superif)#ip-pool-filter disable
ZXR10(config-supervlan-superif)#arp-broadcast enable
ZXR10(config-supervlan-superif)#exit
ZXR10(config-supervlan)#subvlan 2
ZXR10(config-supervlan-subvlan)#supervlan 11
ZXR10(config-supervlan-subvlan)#vlanpool 192.11.1.1 192.11.1.10
ZXR10(config-supervlan-subvlan)#exit
3-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Configuration VerificationUse the show command to check the configuration result, as shown below.
ZXR10#show supervlan
The total SuperVLAN number:1
SuperVLAN No: 11
ARP-Broadcast : Enable
Gratuitous-ARP-Broadcast : Enable
Inter-SubVLAN-Routing-IPv4: Enable
Inter-SubVLAN-Routing-IPv6: Enable
IP-POOL-Filter : Disable
ND-Broadcast : Disable
----------------------------------------
SubIntf : subvlan2
ZXR10#show running-config supervlan
! </SuperVLAN>
supervlan
interface supervlan11
arp-broadcast enable
inter-subvlan-routing enable
ip-pool-filter disable
$
subvlan 2
supervlan 11
vlanpool 192.11.1.1 192.11.1.10
$
! </SuperVLAN>
ZXR10(config)#show supervlan-pool
Addr-Begin Addr-End Supervlan-Name SubIntf-Name
192.11.1.1 192.11.1.10 supervlan11 subvlan2
3-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 4Voice VLAN ConfigurationTable of Contents
Voice VLAN Overview ................................................................................................4-1Configuring a Voice VLAN ..........................................................................................4-2Maintaining a Voice VLAN ..........................................................................................4-3Voice VLAN Configuration Example ...........................................................................4-4
4.1 Voice VLAN OverviewIntroduction to Voice VLANVoice VLAN is a VLAN created especially for voice data traffic of users. Ports connectingto voice devices are added to a Voice VLAN, and relevant QoS parameters are configuredto enhance the transmission priority of voice traffic and ensure reliable voice quality.
Voice VLAN PrincipleAn OUI address, which is a globally unique identifier assigned by the IEEE to anequipment provider, refers to the first 24 bits of a MAC address (in binary system).The switch determines a voice packet if the source MAC address carried in the packetmatches the OUI address of a voice device.
The work mode of a Voice VLAN may be manual or automatic, depending on the way ofadding ports to the Voice VLAN.
l In manual mode, the port through which voice data is transmitted should be added tothe Voice VLAN manually, and the ACL should be delivered to configure the packetpriority. Otherwise, the voice packet is discarded.
l In automatic mode, when detecting voice data, the switch adds the port to the VoiceVLAN automatically, delivers the ACL to configure the packet priority, and learns theMAC address of the voice packet. When the port is added to the Voice VLAN, theswitch starts an aging timer. When the aging time expires, the switch detects theMAC address table. If no MAC address of voice packets is found, the port will beremoved from the Voice VLAN.
The work mode of a Voice VLAN may be strict safety mode, non-strict safety mode, ornormal mode, depending on the packet filtering mechanism on the port with the VoiceVLAN function enabled.
l In strict safety mode, source MAC addresses of untagged and tagged packets arechecked. If the source MAC address of a packet does not match the MAC addressconfigured for voice data, the packet is discarded.
4-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
l In non-strict safety mode, source MAC addresses of packets with Voice VLAN tagsare checked. If the source MAC address of a packet does not match the MAC addressconfigured for voice data, the packet is discarded. Untagged packets are forwardedproperly.
l In normal mode, the switch forwards both voice and service packets properly. Voicepackets follow the forwarding mechanism of Voice VLANs, while non-voice packetsfollow the forwarding mechanism of common VLANs.
For voice packets carrying non-Voice VLAN tags, if the VLAN translation function isenabled for voice packets, non-Voice VLAN tags will be translated into Voice VLAN tagsand the voice packets are forwarded in the Voice VLAN.
4.2 Configuring a Voice VLANTo configure a voice VLAN on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#voice-vlan-configurationEnters voice VLAN
configuration mode.
2ZXR10(config-voice-vlan)#oui <1-100><mac-addr><
mac-mask>Configures an OUI.
3 ZXR10(config-voice-vlan)#aging-time <60-600>Configures the aging time of
the voice VLAN.
4 ZXR10(config-voice-vlan)#interface <name>Enters voice VLAN interface
configuration mode.
5ZXR10(config-voice-vlan-interface)#voice-vlan
<1-4094>[cos <0-7>][ dscp <0-63>]
Adds the interface to the voice
VLAN.
6ZXR10(config-voice-vlan-interface)#mode {auto [
tag | untag [save | recovery]]| manual}
Configures the operating mode
of the voice VLAN.
7ZXR10(config-voice-vlan-interface)#security
{normal | strict | instrict }
Configures the security mode
of the voice VLAN.
8ZXR10(config-voice-vlan-interface)#session <1-10>
ingress-vlan [vlan-list]
Configures voice VLAN
translation.
For a description of the parameters in Step 2, refer to the following table.
Parameter Description
<1-100> OUI ID.
<mac-addr> OUI MAC address.
< mac-mask> OUI MAC mask.
For a description of the parameter in Step 3, refer to the following table.
4-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Voice VLAN Configuration
Parameter Description
<60-600> Unit: seconds, default: 60.
For a description of the parameter in Step 4, refer to the following table.
Parameter Description
<name> Interface name.
For a description of the parameters in Step 5, refer to the following table.
Parameter Description
<1-4094> Voice VLAN on the interface.
<0-7> By default, the CoS value is 0.
<0-63> By default, the DSCP value is 0.
For a description of the parameters in Step 6, refer to the following table.
Parameter Description
{auto | manual} Default: manual.
tag | untag Sets the interface added to the voice VLAN to a
tag port or an untag port.
save After the configuration is saved and the device is
restarted, the port still belongs to the voice VLAN.
recovery After the configuration is saved and the device is
restarted, the port does not belong to the voice
VLAN.
4.3 Maintaining a Voice VLANTo maintain a voice VLAN on the ZXR10 5900E, run the following commands:
Command Function
ZXR10show voice-vlan Displays the operating state of the voice VLAN.
ZXR10show running-config voice-vlanDisplays the configuration information about
the voice VLAN.
The following is sample output from the show voice-vlan command:
ZXR10(config)#show voice-vlan
Voice-vlan aging-time 76
Voice-vlan oui 1: 0000.0000.0001 mask: ffff.ffff.ffff
Current voice-vlan enabled port information:
4-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Port Voice-VLAN Mode Security Auto-added
------------------------------------------------------------------------
gei-0/1/1/1 1 Auto Strict True
gei-0/1/1/2 4094 Auto Normal True
The following is sample output from the show running-config voice-vlan command:
ZXR10(config)#show running-config voice-vlan
!<voice-vlan>
voice-vlan-configuration
aging-time 76
interface gei-0/1/1/1
mode auto
security strict
session 1 ingress_invlan 1-22,30
voice-vlan 1 cos 1 dscp 2
$
interface gei-0/1/1/2
mode auto
session 1 ingress_invlan 100,200,256-4094
voice-vlan 4094 cos 5 dscp 5
$
oui 1 0000.0000.0001 ffff.ffff.ffff
$
!</voice-vlan>
4.4 Voice VLAN Configuration Example
4.4.1 Voice VLAN Configuration Example (Manual Mode)Figure 4-1 shows that an IP phone connects to port gei-0/1/1/1 of switch A, and portgei-0/1/1/2 of switch A connects to the Internet. Port gei-0/1/1/1, which is added to VoiceVLAN 100, is a trunk port allowing the traffic fromVLAN 100. The switch allows the inboundvoice packets through port gei-0/1/1/1 with OUI being 0000.1122.0001 and mask beingffff.ffff.0000 to be forwarded in the Voice VLAN.
Figure 4-1 Voice VLAN Networking Topology (Manual Mode)
Configurations on switch A:
/*Run the following command to configure the OUI for a Voice VLAN*/
Switch_A(config-voice-vlan)#oui 1 0000.1122.0001 ffff.ffff.0000
4-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 4 Voice VLAN Configuration
/*Run the following command to add a port to the Voice VLAN and configure the priority*/
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#voice-vlan 100 cos 6 dscp 6
/*Run the following commands to configure the VLAN ID to be the same as the Voice VLAN
ID on the ports*/
Switch_A(config-swvlan-if-gei-0/1/1/1)#switchport mode trunk
Switch_A(config-swvlan-if-gei-0/1/1/1)#switchport trunk vlan 100
Switch_A(config-swvlan-if-gei-0/1/1/2)#switchport mode trunk
Switch_A(config-swvlan-if-gei-0/1/1/2)#switchport trunk vlan 100
/*Run the following command to configure the Voice VLAN to be strict safety mode*/
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#security strict
4.4.2 Voice VLAN Configuration Example (Automatic Mode)Figure 4-2 shows that an IP phone connects to port gei-0/1/1/1 of switch A, and portgei-0/1/1/2 of switch A connects to the Internet. Port gei-0/1/1/1 is added to Voice VLAN100, and the aging time is 100 seconds. The switch allows the inbound voice packetsthrough port gei-0/1/1/1 carrying tag 10 with OUI being 0000.1122.0001 and mask beingffff.ffff.0000 to be translated into packets carrying tag 100 and forwarded in the Voice VLAN.
Figure 4-2 Voice VLAN Networking Topology (Automatic Mode)
Configurations on switch A:
/*Run the following command to configure the OUI for a Voice VLAN*/
Switch_A(config-voice-vlan)#oui 1 0000.1122.0001 ffff.ffff.0000
/*Run the following command to configure the aging time*/
Switch_A(config-voice-vlan)#aging-time 100
/*Run the following command to add a port to the Voice VLAN and configure the priority*/
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#voice-vlan 100 cos 6 dscp 6
/*Run the following command to add a port to the Voice VLAN automatically*/
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#mode auto tag save
/*Run the following commands to configure VLAN attributes of the port*/
Switch_A(config-swvlan-if-gei-0/1/1/2)#switchport mode trunk
Switch_A(config-swvlan-if-gei-0/1/1/2)#switchport trunk vlan 100
/*Run the following command to configure the Voice VLAN to be non-strict safety mode*/
4-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#security instrict
/*Run the following commands to configure the VLAN list for the Voice VLAN*/
Switch_A(config-voice-vlan-if-gei-0/1/1/1)#session 1 ingress-vlan 10-20
4-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 5PVLAN ConfigurationTable of Contents
PVLAN Overview .......................................................................................................5-1Configuring a PVLAN .................................................................................................5-2PVLAN Maintenance ..................................................................................................5-2PVLAN Configuration Example...................................................................................5-3
5.1 PVLAN OverviewIntroduction to PVLANFor some actual requirements, the interfaces on a switch must be isolated. In the caseof the common VLAN mode, you need to assign a VLAN for each interface. If so, theremust be a large number of VLANs required but the actual VLANs are limited. In addition,packets are transmitted to the upper-layer device by transparent transmission over a largenumber of VLANs, which wastes IP addresses and increases the load on the upper-layerdevice. On the other hand, it is inconvenient for network management and network audit.In this case, the PVLAN function of a switch is required.
PVLAN is one of the features provided by the ZTE Ethernet switch. For layer-2 accesses,PVLAN divides users in the sameVLAN, and sets the port connected to users to an isolatedport. This isolates layer-2 packets of different users.
PVLAN PrincipleThe switch requires that all interfaces are isolated from each other according to networkapplication. That is, each interface will be allocated with a VLAN. Meanwhile, the numberof VLANs for the upper-layer device is limited and thus the VLANs from the switch cannotbe transparently transmitted. In this case, the working mode of the uplink interface on theswitch must be configured to access. PVLAN achieves port-based isolation in a VLAN. Itis easy to isolation users at layer 2, and it is unnecessary to allocate a VLAN ID for eachuser. PVLAN is one of the features provided by the ZTE Ethernet switch. In the processof cell access, the PVLAN allocates users into different VLANs to isolate the L2 packetsof these users.
The PVLAN uses the L2 VLAN structure and VLAN interfaces are classified into thefollowing types:
l Isolate portl Promiscuous portl Community port
5-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
An isolate port can communicate only with promiscuous ports, and isolate ports cannotcommunicate with each other directly. A community port can communicate with othercommunity ports or promiscuous ports. Community ports cannot communicate with isolateports. Promiscuous ports can communicate with other ports for layer-2 communications.In PVLAN applications, the ports connected to users are set to isolate ports, and theports connected to uplink switches are set to promiscuous ports. The users in the sameVLAN are isolated and users can communicate only with their own default gateway, whichensures network security.
One ore more PVLANs exist on an Ethernet switch. Each PVLAN contains multiple isolateinterfaces and uplink promiscuous interfaces. For the upper-layer router, only severalPVLANs exist on the lower-layer switch and the upper-layer router does not concern theVLAN to which each interface in the PVLAN belongs. This simplifies configuration andsaves VLAN resources. To be specific, all the isolate interfaces in one PVLAN belong toa same subnet, which saves the number of subnets and IP addresses.
The PVLAN provides flexible configuration mode. To isolate L2 packets sent from users,you can configure an isolate interface for each user and make each VLAN contain only theconnected interface of the user and the uplink interface. To restore communication basedon L2 packets between users, the ports connected to users can be divided into communityports.
5.2 Configuring a PVLANTo configure a PVLAN on the ZXR10 5900E, perform the following steps:
Steps Command Function
1 ZXR10(config)#switchvlan-configuration Enters switch VLAN
configuration mode.
2 ZXR10(config-swvlan)#private-map session-no <id> Creates a PVLAN, and enters
PVLAN configuration mode.
3 ZXR10(config-swvlan-pvlan-session)#isolate
<port-list>
Configures an isolate port.
4 ZXR10(config-swvlan-pvlan-session)#promis
<port-list>
Configures a promiscuous
port.
5 ZXR10(config-swvlan-pvlan-session)#community
<port-list>
Configures a community port.
6 ZXR10(config-swvlan)#no private-map session-no <id> Deletes a PVLAN.
5.3 PVLAN MaintenanceOn the ZXR10 5900E, use the following command to maintain the PVLAN.
5-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 5 PVLAN Configuration
Command Function
ZXR10#show vlan private-map This shows the PVLAN
configuration.
An example of the show vlan private-map command output is shown below.
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#show vlan private-map
SESSION VLANFLAG PROMPORT COMMPORT ISOLPORT VLANMAP
------------------------------------------------------------------------
1 0 gei-0/1/1/2 gei-0/1/1/3 gei-0/1/1/1
5.4 PVLAN Configuration ExampleAs shown in Figure 5-1, PC1 and PC2 are in the same segment and connected to a routerthrough a switch. The PVLAN function is configured on the switch to isolate PC1 and PC2but they can successfully communicate with the switch.
Figure 5-1 Network Topology with PVLAN
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#vlan 2
ZXR10(config-swvlan-sub)#switchport pvid gei-0/1/1/1-3
ZXR10(config-swvlan-sub)#exit
ZXR10(config-swvlan)#private-map session-id 1
ZXR10(config-swvlan-pvlan-session)#isolate gei-0/1/1/1-2
ZXR10(config-swvlan-pvlan-session)#promis gei-0/1/1/3
5-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
5-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 6QinQ ConfigurationTable of Contents
QinQ Overview...........................................................................................................6-1Configuring QinQ .......................................................................................................6-1QinQ Maintenance .....................................................................................................6-2QinQ Configuration Example ......................................................................................6-2
6.1 QinQ OverviewQinQ is short for 802.1Q in 802.1 Q. With more and more deployment of Ethernettechnologies in network (Metro Ethernet Network (MEN)), 802.1Q VLAN is restricted a lotin user isolation and identifying. As there are only 12 bits in the VLAN tag field defined byIEEE802.1Q, which identifies 4k VLANs. QinQ comes into birth to solve the problem thatthere are lots of users needing to be identified in MEN.
QinQ is generated to increase the number of VLANs. It adds a 802.1Q label on the baseof the conventional 802.1Q packet. Now, there are 4k*4k VLANs available by using QinQ.
The internal and external tags of QinQ represent different information. For example, theinternal tag represents users, and the external tag represents services. A QinQ packetis transmitted through operator networks with two tags. The internal tag is transmittedtransparently. QinQ is a simple and utility Virtual Private Network (VPN) technology.Therefore, it can act as the extension of core Multi Protocol Label Switching (MPLS) VPNin MEN VPN to form an end-to-end VPN technology finally.
6.2 Configuring QinQTo configure QinQ on ZXR10 5900E, perform the following steps.
Step Command Function
1 ZXR10(config)#vlan-configuration This enters VLAN configuration
mode.
2 ZXR10(vlan-config)#interface <interface-name> This enters VLAN sub-interface
service configuration mode.
3 ZXR10(subvlan-if-config)#qinq internal-vlanid
<vlan-id> external-vlanid <vlan-id>
This configures the internal
VLAN-ID and the external
VLAN-ID.
Descriptions of the parameter in Step 3:
6-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Parameter Description
<vlan-id> The VLAN-ID supported by a sub-interface, in the range of
1-4094
6.3 QinQ MaintenanceOn the ZXR10 5900E, use the following command to maintain the QinQ.
Command Function
ZXR10(config)#show interface-vlan qinq [<interface>] This shows QinQ configuration on
a specific port or all ports.
An example of the show interface-vlan qinq command output is shown below.
ZXR10(config)#show interface-vlan qinq gei-0/1/1/1.3
interface: gei-0/1/1/1.3
exter_tpid: 0x8100, inter_tpid: 0x8100
inter-vlan: 3 - 0, exter-vlan: 7 -0,
Output descriptions:
Output Item Description
inter-vlan: 3-0;exter-vlan: 7-0, The internal tag is 3 on gei-0/1/1/1.3, and the external tag is 7.
6.4 QinQ Configuration ExampleConfiguration DescriptionThe network topology of a QinQ configuration example is shown in Figure 6-1.
Figure 6-1 QinQ Configuration Example
Configuration Thought1. Create a sub-interface.2. Enter sub-interface VLAN configuration mode.3. Configure QinQ ID.4. Configure an IP address on the sub-interface.
6-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 6 QinQ Configuration
Configuration CommandsThe configuration of S1:
S1(config)#interface gei-0/1/1/2
S1(config-if)#sub-if-mode qinq
S1(config-subif)#exit
S1(config)#interface gei-0/1/1/2.1
S1(config-subif)#exit
S1(config)#vlan
S1(vlan-config)#interface gei-0/1/1/2.1
S1(subvlan-if-config)#qinq internal-vlanid 1 external-vlanid 2
S1(subvlan-if-config)#exit
S1(vlan-config)#exit
S1(config)#interface gei-0/1/1/2.1
S1(config-subif)#ip address 192.168.1.1 255.255.255.252
S1(config-subif)#exit
The configuration of S2:
S2(config)#interface gei-0/1/1/3
S2(config-if)#sub-if-mode qinq
S2(config-subif)#exit
S2(config)#interface gei-0/1/1/3.1
S2(config-subif)#exit
S2(config)#vlan
S2(vlan-config)#interface gei-0/1/1/3.1
S2(subvlan-if-config)#qinq internal-vlanid 1 external-vlanid 2
S2(subvlan-if-config)#exit
S2(vlan-config)#exit
S2(config)#interface gei-0/1/1/3.1
S2(config-subif)#ip address 192.168.1.2 255.255.255.252
S2(config-subif)#exit
Configuration VerificationUse the show command to check the configuration result.
The configuration result on S1:
S1#show running-config vlan
!<VLAN>
interface gei-0/1/1/2
sub-if-mode qinq
$
vlan-configuration
interface gei-0/1/1/2.1
qinq internal-vlanid 1 external-vlanid 2
$
6-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
!<VLAN>
The configuration result on S2:
S2#show running-config-interface gei-0/1/1/3.1
!<INTERFACE>
!<VLAN>
vlan-configuration
interface gei-0/1/1/3.1
qinq internal-vlanid 1 external-vlanid 2
!</VLAN>
6-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7STP ConfigurationTable of Contents
STP Overview ............................................................................................................7-1Configuring STP.........................................................................................................7-4STP Maintenance.......................................................................................................7-9STP Configuration Examples....................................................................................7-12
7.1 STP OverviewWorking Characteristics of Transparent BridgeBridge works at the data link layer. It connects two LANs and forwards data framesaccording to MAC addresses, which implements data exchange between different LANs.The process of determining data forwarding is generally called transparent bridge inEthernet. However, it is called source route bridge in a token ring network, which isdifferent from transparent bridge. Therefore, bridges are classified into several categoriesincluding transparent bridge and source route bridge. This section mainly introduces thefunction of transparent bridge in Ethernet.
Transparent bridge is mainly used in Ethernet. Transparent bridge is so named becauseit is transparent to the end node. That is, the data forwarding process from one networkhost to another is completely transparent to the hosts. These network hosts cannot sensethe device types involved during this process and can automatically work without anyconfiguration. Furthermore, a transparent bridge, except the trunk line of VLAN, doesnot modify the frames it forwards in any way.
Transparent bridge processes the abilities of learning and forwarding. The learning abilityof a transparent bridge is to record the source MAC address and interface number of eachreceived data frame. Next time when receiving a packet with the destination MAC address,it directly forwards the packet to the interface recorded. If the current MAC address is notrecorded or the destination MAC address is a multicast address, the transparent bridgeforwards the packet to to all the interfaces.
By using a transparent bridge, different LANs can communicate with each other and thescope for operating a network expands. Meanwhile, a transparent bridge has the ability tolearn MAC addresses. Therefore, it will not cause the same problem of packet collision orflush just as that of Hub. However, a transparent bridge has its own disadvantages, suchas its function for transparent transmission. A transparent bridge is not similar to a hubthat can sense how many times a packet is forwarded. Once a loop exists in the network,a packet will be continuously cycled and multiplied within the loop, which finally results in
7-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
broadcast storm.Figure 7-1 shows an example of packet cycling and multiplication causedby a loop.
Figure 7-1 Packet Cycling and Multiplication
Suppose that site A does not send any packet. Thus, there is no address record of site Ain the address lists on switch 1 and switch 2. When site A sends a packet, both of the twoswitches receive this packet, record the address on LANA, and then wait in the queue forforwarding the packet to LANB. According to the rule of LAN, one of the two switches willsuccessfully forward the packet to LAN2. If such a switch is switch 1, switch 2 will receivethis packet again because switch 1 is transparent to switch 2, which is like sending thepacket from LANB rather than site A. In this case, switch 2 records the address of site Aon LANB and waits in the queue for forwarding the new packet to LANA. On the contrary,if switch 2 successfully forwards the original packet to LANB at the beginning, switch 1 willreceive this packet again. When detecting that the packet from site A has been forwardedto LANB, switch 1 will wait in the queue for forwarding the new packet to LANA. In this way,the packet will continuously cycled in the loop. What is worse, if the packet is a broadcastpacket and there are other hosts connected to switch 1 and switch 2, the packet will bemultiplied each time when it is forwarded successfully, which finally results in broadcaststorm in the network.
To solve this problem, the IEEE develops a new protocol called 802.1D defining that abridge has the abilities of STP leaning and calculation. In addition, it has the abilities tolocate the fault of packet cycling and disconnect redundancy links.
Therefore, a transparent bridge must provide the following three working characteristics:learning, forwarding, and eliminating of packet cycling.
Instruction to STPThe basic principle of the STP protocol is very simple. The loop dose not exist on thetrees growing in the nature. If the network can grow like a tree, the loop will not exist inthe network. Based on such a thought, the STP protocol defines the concepts includingRoot Bridge, Root Port, Designated Port, and Path Cost. Its purpose is to cut redundancyloops by constructing a natural tree and to implement link backup and the best path. Inaddition, the STP protocol supports link backup in the network. When the network topology
7-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
changes, the STP protocol can automatically sense the changes, re-calculate the spanningtree to generate a new one, and meanwhile confirm that no loop forward path exists.
Figure 7-2 STP Network Topology
As shown in Figure 7-2, the interface between S3 and S2 does not involve in dataforwarding. Therefore, the forward path for the information sent from the PC of user A inthe network is shown in the above figure. The specific content of the protocol will not bedescribed in this section. For details, see the IEEE 802.1D.
STP PrincipleThe STP protocol solves the loop problem for a transparent bridge. However, with thedevelopment of applications and network technologies, its disadvantages are exposedgradually. The main disadvantage of STP is the convergence speed. To improve thisdisadvantage, the IEEE developed a 802.1W protocol standard as a supplement to the802.1D. The IEEE 802.1W standard defines a new protocol, that is, Rapid Spanning TreeProtocol (RSTP). There are three major modifications in the RSTP based on the STP.Therefore, the convergence speed is faster than that of the STP.
l The RSTP defines two roles for the root port and the designated port, namely AlternatePort (AP) and Backup Port (BP). These two ports will be used during fast switching.When a root port or a designated port is unavailable, the AP or BP will be in dataforwarding state without any delay.
l By using the P/A mechanism, for a point-to-point link that connects only two switchports, the designated port can be in data forwarding state without any delay afterhandshaking with the downlink bridge just once.
l A port that is directly connected to a terminal rather than a bridge is called an edgeport. Such a port can be in data forwarding state without any delay. However, manualconfiguration is required because a bridge cannot sense whether a port is directlyconnected to a terminal.
Both RSTP and STP belong to Single Spanning Tree (SST). That is to say, there is onlyone spanning tree in the whole switch network. Therefore, a longer convergence time is
7-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
consumed in the case of a large-scale network. When the configuration of 802.1Q leadsto the asymmetric structure of VLAN in network bearer, SST affects the connectivity ofsome VLANs in the network. Meanwhile, when a link is blocked in the case of SST, it doesnot bear any traffic, which causes huge waste of bandwidth and cannot implement loadsharing.
The above disadvantages cannot be overcame by SST. Therefore, the multi-instance STPprotocol supporting VLAN emerges, that is, the Multiple Spanning Tree Protocol (MSTP)defined in IEEE 802.1S.
MSTP introduces a concept of domain. A large network can be divided into multipledomains based on configuration. Each domain applies a multi-instance spanning tree,which improves the expansibility and stability of a spanning tree. When the spanning treein a domain changes, the changed information will be transmitted in the spanning tree ofthe domain, which does not affect other domains. In this case, the whole network doesnot re-calculate the topology of spanning trees. Meanwhile, the MSTP has the abilityto recognize VLANs. Multiple VLANs can be bound to one instance and these VLANsuse different forwarding paths, which decreases the occupancy of various resources andimplements load sharing. The principle of the CST, IST, or MSTI is similar to that of theRSTP.
7.2 Configuring STPConfiguring STP propertiesOn the ZXR10 5900E, use the following commands to configure STP properties.
Steps Command Function
1 ZXR10(config)#spantree This enters the STP config
mode from the config mode.
2 ZXR10(config-stp)#enable This enables the STP function
globally.
3 ZXR10(config-stp)#edged-port-batch enable
<interface-name>
This configures interfaces as
edge interfaces.
4 ZXR10(config-stp)#mode {sstp | rstp | mstp} This configures the current
mode for the STP.
5 ZXR10(config-stp)#forward-delay <time> This configures the STP
forward-delay interval.
<time > indicates the forwarding
delay time, ranging from 4 to
30. The unit is second. The
default value is 15.
7-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
Steps Command Function
6 ZXR10(config-stp)#hello-time <time> This configures the interval
of the STP in sending hello
packets.
<time > indicates the aging
time of packets, ranging from 6
to 40. The unit is second. The
default value is 20.
7 ZXR10(config-stp)#max-age <time> This configures the maximum
validity time of a STP BPDU
packet.
<time > indicates the forwarding
delay time, ranging from 4 to
30. The unit is second. The
default value is 15.
8 ZXR10(config-stp)#mst hmd5-digest {CISCO | HUAWEI<key>}
This configures the digest
value in the created
mst_config_id.
<key > indicates the 34-bit
hexadecimal number starting
from 0x.
9 ZXR10(config-stp)#mst hmd5-key {CISCO | HUAWEI<key>}
This configures the key value
of Hmd5 required by the
digest value in the created
mst_config_id.
<key > indicates the 34-bit
hexadecimal number starting
from 0x.
10 ZXR10(config-stp)#mst max-hops <hop> This configures the maximum
number of valid hops for BPDU
packets in the MST area.
<hop >indicates the maximum
number of valid hops for BPDU
packets, ranging from 1 to 40.
The default value is 20.
11 ZXR10(config-stp)#mst name <string> This configures the MST
name configured in the
mst_config_id.
<string> indicates a
configuration name. The
length of the name does not
exceed 32 characters.
7-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
12 ZXR10(config-stp)#mst priority <priority>instance<instance>
This configures the priority of
bridge in an existing instance.
13 ZXR10(config-stp)#mst revision <version> This configures the version
number configured in the
mst_config_id.
<version> indicates a version
number, ranging from 0 to
65535. The default value is 0.
14 ZXR10(config-stp)#mst vlans <vlan-range>instance<instance>
This configures the VLAN
mapping table of bridge in an
existing instance.
15 ZXR10(config-stp)#transparent {enable | disable} This disables the transparent
transmission flag of the STP
protocol. The STP must
be disabled globally when
the function of transparent
transmission is enabled.
The command parameters in step 4 are described as follows:
Parameter Description
sstp Indicates the compatible STP mode (for single spanning tree).
rstp Indicates the RSTP mode (for fast spanning tree).
mstp Indicates the MSTP mode (for multiple spanning tree).
The command parameters in step 12 are described as follows:
Parameter Description
<instance> Indicates the instance number. The value of this parameter
ranges from 0 to 64. Instance 0 exists permanently.
priority <priority> Indicates the bridge priority. It must be a multiple of 4096.
The default value is 32768 (8 x 4096) and the maximum
value is 61440 (15 x 4096).
The command parameters in step 14 are described as follows:
Parameter Description
<instance> Indicates the instance number. The value of this parameter
ranges from 1 to 64.
vlans <vlan-range> Indicates the VLAN range. The value of this parameter
ranges from 1 to 4094.
7-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
The command parameters in step 15 are described as follows:
Parameter Description
enable Enables the transparent transmission protocol.
disable Disables the transparent transmission protocol.
Configuring the properties in the STP interface config modeOn the ZXR10 5900E, use the following commands to configure the properties in the STPinterface config mode.
Steps Command Function
1 ZXR10(config-stp)#interface <port-name> This enters the STP interface
config mode.
2 ZXR10(config-stp-if-gei-0/1/1/23)#enable This enables or disables the
STP function, and determines
whether an interface involves
spanning tree calculation.
3 ZXR10(config-stp-if-gei-0/1/1/23)# bpdu-guard
{enable | disable}
This configures BPDU
protection for an interface.
4 ZXR10(config-stp-if-gei-0/1/1/23)#guard {loop |
root} instance {<instance range>}
This configures the STP
protection type (loopback
protection or root interface
protection) of an interface.
5 ZXR10(config-stp-if-gei-0/1/1/23)#edged-port
{enable | disable}
This configures an STP
interface as the edge interface.
6 ZXR10(config-stp-if-gei-0/1/1/23)#linktype {auto |
p2p | share}
This configures the link type of
an interface.
7 ZXR10(config-stp-if-gei-0/1/1/23)#mcheck This specifies whether an
interface performs the mcheck
operation.
8 ZXR10(config-stp-if-gei-0/1/1/23)#packet-type
{<IEEE | CISCO | HUAWEI | HAMMER>}
This configures the BPDU
packet type of an STP
interface.
9 ZXR10(config-stp-if-gei-0/1/1/23)#mst priority
<priority> instance <instance>This configures the priority
of an interface in an existing
instance.
10 ZXR10(config-stp-if-gei-0/1/1/23)#mst path-cost
<cost> instance <ins-index>This configures the path cost
of an interface.
The command parameters in step 1 are described as follows:
7-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Parameter Description
<port-name> Indicates the interface name.
The command parameters in step 3 are described as follows:
Parameter Description
enable Enables the BPDU protection function.
disable Disables the BPDU protection function.
The command parameters in step 4 are described as follows:
Parameter Description
loop Configures the interface mode to loopback protection.
root Configures the interface mode to root protection.
<instance range> Indicates the instance range. The value of this parameter
ranges from 0 to 64.
The command parameters in step 6 are described as follows:
Parameter Description
auto Senses the duplex mode of an interface automatically. The
available options are p2p (full duplex mode) and share (halfduplex mode).
p2p Configures the duplex mode to p2p forcibly.
share Configures the duplex mode to share forcibly.
The command parameters in step 8 are described as follows:
Parameter Description
IEEE Indicates the standard IEEE BPDU packet type.
CISCO Indicates the Cisco BPDU packet type.
HAMMER Indicates the Hammer BPDU packet type.
HUAWEI Indicates the Huawei BPDU packet type.
The command parameters in step 9 are described as follows:
Parameter Description
<instance> Indicates the instance number. The value of this parameter
ranges from 0 to 64. Instance 0 exists permanently.
7-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
Parameter Description
priority <priority> Indicates the interface priority. It must be a multiple of 16.
The default value is 128 (8 x 16) and the maximum value
is 240 (15 x 16).
The command parameters in step 10 are described as follows:
Parameter Description
<ins-index> Indicates the instance number of an interface. The value of
this parameter ranges from 0 to 64.
<cost> Indicates the path cost of an interface. The value of this
parameter ranges from 1 to 2000000.
7.3 STP MaintenanceOn the ZXR10 5900E, use the following commands to maintain the STP.
Command Function
ZXR10#show spantree { inconsistentports | instance<instance-ID>| interface <interface-name>| mst-config |statistics <interface-name>| transparent }
This shows various information, including:
l Information of the interface blocked by
the protection or loopback protection
function enabled on the root interface.
l Information of a special instance.
l Information of all instances on a
specified interface.
l Configurations in the MSTP mode.
l Statistics of an STP interface.
l STP transparent transmission flag.
An example of the show spantree inconsistentports command output is shown below.
ZXROSNG#show spanning-tree inconsistentports
Mst_Instance interface
Name name Inconsistency
-------------------------------------------------
MST00 gei_0/1/1/1 Root Inconsistent
Output descriptions:
Output Item Description
Mst Instance Name Indicates the MST instance name.
Interface name Indicates the interface name.
Inconsistency Indicates that data is inconsistent.
7-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
An example of the show spantree instance command output is shown below.
ZXR10#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 4096; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 15 sec;
RegRootID: Priority 4096; Address 0000.0100.0006
BridgeID: Priority 4096; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 15 sec; Max-Hops 20
Message-Age 0 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Designated p2p MSTP
gei-0/1/1/2 128.2 200000 Forward Designated p2p MSTP
gei-0/1/1/3 128.3 200000 Forward Designated p2p MSTP
gei-0/1/1/5 128.4 200000 Forward Designated Edge MSTP
Output descriptions:
Output Item Description
Root ID Indicates the information of root ID.
Interface name Indicates the interface name.
BridgeID Indicates the information of bridge ID.
An example of the show spantree interface command output is shown below.
ZXR10#show spantree interface gei-0/1/1/1
Mst_Instance Prio.Nbr
Name Port ID Cost State Role
-----------------------------------------------------------------
MST00 128.1 200000 Forward Designated
Output descriptions:
Output Item Description
Mst Instance Name Indicates the MST instance name.
Prio.Nbrport ID Indicates the interface priority.
Cost Indicates the path cost.
7-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
Output Item Description
State Indicates the interface state.
Role Indicates the interface role.
An example of the show spantree mst-config command output is shown below.
ZXR10(config)#show spantree mst-config
spantree mode: [MSTP]
CISCO HMD5-key : 0x13ac06a62e47fd51f95d2ba243cd0346
CISCO HMD5-digest : 0x00000000000000000000000000000000
HUAWEI HMD5-key : 0x13ac06a62e47fd51f95d2ba243cd0346
HUAWEI HMD5-digest : 0x00000000000000000000000000000000
Name : [000001000006]
Revision : 0
Instance Vlans mapped
-------- ------------------------------------
0 1-4094
Output descriptions:
Output Item Description
spantree mode Indicates the type of spanning tree.
Name Indicates the name of spanning tree.
Revision Indicates the version number.
Instance Indicates the instance name.
Vlans mapped Indicates the mapped VLAN.
An example of the show spantree statistics command output is shown below.
ZXR10(config)#show spantree statistics gei-0/1/1/1
statistics of port gei-0/1/1/1
--------------------------------------------------------
BPDU-related parameters
--------------------------------------------------------
port spantree Enabled
edge_port Enabled
state(instance 0) Forward
port_priority(instance 0) 0x80
port_number 0x01
path cost (instance 0) 200000
designated_root 00-00-01-00-00-06
designated_ext_cost 0
designated_int_cost 0
designated_bridge 00-00-01-00-00-06
designated_port 0x8001
7-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
---------------------------------------------------------
Port based information & statistics
---------------------------------------------------------
all BPDU xmitted 5086
all BPDU received 12
MST BPDU xmitted 5086
MST BPDU received 12
RST BPDU xmitted 0
RST BPDU received 0
config BPDU xmitted 0
config BPDU received 0
TCN BPDU xmitted 0
TCN BPDU received 0
discard BPDU 0
----------------------------------------------------------
Bridge based information
----------------------------------------------------------
spantree type ieee
multicast mac address 01-80-c2-00-00-00
bridge priority 4096
bridge mac address 00-00-01-00-00-06
bridge hello time 2 sec
bridge forward delay 5 sec
bridge max age 6 sec
bridge max hops 20
Output descriptions:
Output Item Description
BPDU-related parameters Indicates the parameters of BPDU.
Port based information & statistics Indicates the statistics based on interface.
Bridge based information Indicates the bridge information.
An example of the show spantree transparent command output is shown below.
ZXR10(config-stp)#show spantree transparent
Spantree transparent is enabled
7.4 STP Configuration Examples
7.4.1 Configuring Multiple STP
Configuration DescriptionConfigure the multiple STP on two switches.Figure 7-3 shows the network topology.
7-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
Figure 7-3 Configuring Multiple STP
Configuration Thought1. Configure the STP mode to MSTP and enable the STP function.2. Configure the bridge priority of DUT1 to 32768 and that of DUT2 to 40960.
Configuration CommandsThe configuration of DUT1:
DUT1(config)#spantree
DUT1(config-stp)#enable
DUT1(config-stp)#mode mstp
DUT1(config-stp)#mst priority 32768 instance 0
The configuration of DUT2:
DUT2(config)#spantree
DUT2(config-stp)#enable
DUT2(config-stp)#mode mstp
DUT2(config-stp)#mst priority 40960 instance 0
Configuration VerificationUse the show spantree instance 0 command to view the configuration result of DUT1:
DUT1(config-if)#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 32768; Address 0000.0100.0006
BridgeID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec; Max-Hops 20
Message-Age 0 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
7-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Designated p2p MSTP
gei-0/1/1/2 128.2 200000 Forward Designated p2p MSTP
Use the show spantree instance 0 command to view the configuration result of DUT2:
DUT2(config)#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 40960; Address 0000.0100.0008
BridgeID: Priority 40960; Address 0000.0100.0008
Hello-Time 2 sec; Max-Age 20 sec
Forward-Delay 15 sec; Max-Hops 20
Message-Age 1 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Root p2p MSTP
gei-0/1/1/2 128.2 200000 Discard Alternate p2p MSTP
7.4.2 Configuring Fast STP
Configuration DescriptionConfigure the fast STP on two switches.Figure 7-4 shows the network topology.
Figure 7-4 Configuring Fast STP
Configuration Thought1. Configure the STP mode to RSTP.2. Enable the STP function.
Configuration CommandsThe configuration of DUT1:
7-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
DUT1(config)#spantree
DUT1(config-stp)#enable
DUT1(config-stp)#mode rstp
The configuration of DUT2:
DUT2(config)#spantree
DUT2(config-stp)#enable
DUT2(config-stp)#mode rstp
Configuration VerificationUse the show spantree instance 0 command to view the configuration result of DUT1:
DUT1(config-stp)#show spantree instance 0
MST00
Spantree enabled protocol RSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 32768; Address 0000.0100.0006
BridgeID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec; Max-Hops 20
Message-Age 0 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Designated p2p RSTP
gei-0/1/1/2 128.2 200000 Forward Designated p2p RSTP
Use the show spantree instance 0 command to view the configuration result of DUT2:
DUT2(config-stp)#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 40960; Address 0000.0100.0008
BridgeID: Priority 40960; Address 0000.0100.0008
Hello-Time 2 sec; Max-Age 20 sec
7-15
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Forward-Delay 15 sec; Max-Hops 20
Message-Age 1 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Root p2p RSTP
gei-0/1/1/2 128.2 200000 Discard Alternate p2p RSTP
7.4.3 Configuring Single STP
Configuration DescriptionConfigure the single STP on two switches.Figure 7-5 shows the network topology.
Figure 7-5 STP Network Topology (Example 3)
Configuration Thought1. Configure the STP mode to SSTP.2. Enable the STP function.
Configuration CommandsThe configuration of DUT1:
DUT1(config)#spantree
DUT1(config-stp)#enable
DUT1(config-stp)#mode sstp
The configuration of DUT2:
DUT2(config)#spantree
DUT2(config-stp)#enable
DUT2(config-stp)#mode sstp
Configuration VerificationUse the show spantree instance 0 command to view the configuration result of DUT1:
DUT1(config-stp)#show spantree instance 0
MST00
Spantree enabled protocol SSTP
Root ID: Priority 32768; Address 0000.0100.0006
7-16
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 7 STP Configuration
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 32768; Address 0000.0100.0006
BridgeID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec; Max-Hops 20
Message-Age 0 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Designated p2p SSTP
gei-0/1/1/2 128.2 200000 Forward Designated p2p SSTP
Use the show spantree instance 0 command to view the configuration result of DUT2:
DUT2(config-stp)#show spantree instance 0
MST00
Spantree enabled protocol SSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 40960; Address 0000.0100.0008
BridgeID: Priority 40960; Address 0000.0100.0008
Hello-Time 2 sec; Max-Age 20 sec
Forward-Delay 15 sec; Max-Hops 20
Message-Age 1 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
---------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Root p2p SSTP
gei-0/1/1/2 128.2 200000 Discard Alternate p2p SSTP
7-17
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
7-18
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8LLDP ConfigurationTable of Contents
LLDP Overview ..........................................................................................................8-1Configuring LLDP.......................................................................................................8-3Maintaining LLDP.......................................................................................................8-5LLDP Configuration Examples....................................................................................8-8
8.1 LLDP OverviewIntroduction to LLDPWith the wide applications of Ethernet on LAN and Metropolitan Area Network (MAN),users have higher and higher requirements for Ethernet management ability. At present,many network management systems use the automatic discovery function to trace thetopology changes. However, most network management systems can only analyze thenetwork topology up to the network layer. The information, such as the interfaces on adevice, the interfaces connected to other devices, and the paths among clients, networkdevices and servers, need to be collected through the link layer. With enough detailedinformation, users can locate network faults correctly.
Link Layer Discovery Protocol (LLDP) is a protocol defined by IEEE 802.1ab. Networkmanagement systems can know the topology and changes of L2 networks through LLDP.LLDP organizes local device information into Type/Length/Value (TLV) and encapsulatesit in a Link Layer Discovery Protocol Data Unit (LLDPDU) to send it to the direct-connectedneighbor. Meanwhile, LLDP saves the LLDPPDU sent by neighbors in the standard MIB,so that network management systems can query and judge the communication states oflinks.
LLDP PrincipleLLDP is defined in 802.1ab. As shown in Figure 8-1, LLDP works at the data link layer.It is a neighbor discovery protocol that defines a standard for Ethernet devices (such asswitches, routers and wireless LAN access points). Through LLDP, an Ethernet devicecan advertise its existence to other nodes on the network and save discovery informationof neighbor devices. The device sends the state information to other devices. Theinformation is stored on each port of all devices. If necessary, the device can send updateinformation to the neighbor devices that are connected directly, and the neighbor devicesstore the information in standard SNMP MIBs.
8-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Network management systems can query the L2 connection information in the MIB. LLDPdoes not configure or control network elements or traffic. It just reports the position of L2.Another function defined in 802.1ab is that network management software can use theinformation provided by LLDP to find conflicts at L2 network. At present, IEEE uses thephysical topologies, interfaces and entity MISs existing in IETF.
Figure 8-1 LLDP System Structure
LLDP defines a general advertisement set, a transport advertisement protocol and amethod of storing all received advertisements. A device that wants to advertise itsinformation can put several advertisements in a LAN packet. The mode to transmit thepackets is the TLV field.
The information includes the chassis ID (mandatory), port ID (mandatory), system name,system function, system description and some other attributes.
A device that supports LLDP must support chassis ID advertisements and port IDadvertisements. Most devices need to support system name advertisements, systemdescription advertisements and system capability advertisements. System nameadvertisements and system description advertisements can provide useful information tocollect network traffic. System description advertisements also can contain informationsuch as the full name of the device, the type of the system hardware and the version ofthe software operating system.
LLDP information is transmitted periodically and it can only be stored for a period. IEEEhas defined a recommended transmission frequency, about once per 30 seconds. Whenan LLDP device receives an LLDP packet sent by a neighbor LLDP device, it stores the
8-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8 LLDP Configuration
information in the CACHE of SNMP MIB defined by IEEE. The information is invalid duringa period. The value of TTL to define the period is contained in the received packets.
LLDP makes network management systems be able to discover and simulate physicalnetwork topologies correctly. LLDP devices send and receive advertisements, so thedevices save the information of the discovered neighbor devices. The advertisement data,such as the management address, device type and port number of a neighbor device, ishelpful to know the type and interconnected interfaces of the neighbor device. An LLDPdevice advertises its information to direct-connected neighbor devices periodically. It alsoreceives, refreshes and saves the advertisements from neighbor devices. The devicescans the CACHE every second. If no new packet is received during the hole-time period,the information is aged.
l Chassis ID is the first mandatory TLV in an LLDPDU. It is the unique ID of a device thatsupports to send LLDPDUs. It is recommended to use the chassis MAC address asthe chassis ID for a switch, and use the loopback address or an interface IP addressas the chassis ID for a router.
l Port ID is the second mandatory TLV in an LLDPPDU. It is the unique ID of port thatsends LLDPDUs. For a switch, it is recommended to use the port name as the portID, such as fei4/1.
l TTL is the third mandatory TLV in an LLDPPDU. It is the living time (in the unit ofsecond) of an LLDPPDU received by the peer. When a peer receives an LLDPPDUof which the TTL is 0, the device deletes all related information.
l End of LLDPDU is the last mandatory TLV in an LLDPPDU. It defines the end of anLLDPPDU.
8.2 Configuring LLDPTo configure LLDP on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#lldp Enters LLDP configuration
mode.
2 ZXR10(config-lldp)#hellotime <times> Configures the interval of
sending LLDP neighbor
discovery packets. Use the no
command to restore the default
value.
3 ZXR10(config-lldp)#holdtime <times> Configures the hold-time of an
LLDP neighbor. Use the no
command to restore the default
value.
8-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Step Command Function
4 ZXR10(config-lldp)#maxneighbor <num> Configures the maximum
number of neighbors that can
be discovered by LLDP. Use
the no command to restore the
default value.
ZXR10(config-lldp)#lldp {enable|disable} Enables or disables the LLDP
function.
ZXR10(config-lldp)#lldp-rx {enable|disable} Enables or disables receiving
LLDP packets.
5
ZXR10(config-lldp)#lldp-tx {enable|disable} Enables or disables sending
LLDP packets.
6 ZXR10(config-lldp)#clearneighbor Clears an LLDP neighbor
relationship that has been
established.
7 ZXR10(config-lldp)#clearstatistic Clears LLDP statistical
information.
8 ZXR10(config-lldp)#interface {<interface-name>|
byname <interface-byname>}Enters LLDP interface
configuration mode.
9 ZXR10(config-lldp-if-interface-name)#lldp
{enable|disable}
Enables or disables the LLDP
function on the interface.
10 ZXR10(config-lldp-if-interface-name)#lldp-rx
{enable|disable}
Enables or disables receiving
LLDP packets on the interface.
11 ZXR10(config-lldp-if-interface-name)#lldp-tx
{enable|disable}
Enables or disables sending
LLDP packets on the interface.
12 ZXR10(config-lldp-if-interface-name)#maxneighbor
<num>
Configures the maximum
number of neighbors that can
be discovered by LLDP on
the interface. Use the nocommand to restore the default
value.
13 ZXR10(config-lldp-if-interface-name)#clearneigh
bor
Clears neighbors on the
interface.
14 ZXR10(config-lldp-if-interface-name)#clearstatistic Clears statistics on the
interface.
15 ZXR10(config-lldp)#msgfasttx <fast-tx-interval> Configures the interval of
sending packets fast , default:
1, unit: seconds.
8-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8 LLDP Configuration
Step Command Function
16 ZXR10(config-lldp)#txcreditmax<max-tx-credit> Configures the maximum credit
of sending packets, default: 5.
17 ZXR10(config-lldp)#txfastinit<fast-tx-num> Configures the maximum
number of packets sent fast,
default: 4.
A description of the parameter in Step 2 is as follows:
Parameter Description
<times> Interval of sending LLDP neighbor discovery packets, unit:
seconds, range: 5–32768.
A description of the parameter in Step 3 is as follows:
Parameter Description
<times> Multiple of the interval of sending neighbor discovery packets,
range: 2–10, default: 4.
A description of the parameter in Step 4 is as follows:
Parameter Description
<num> Global maximum number of neighbors, range: 1–128.
A description of the parameters in Step 8 is as follows:
Parameter Description
<interface-name> Interface name.
A description of the parameters in Step 12 is as follows:
Parameter Description
<num> Maximum number of neighbors on an interface, range: 1–8,
default: 8.
8.3 Maintaining LLDPTo maintain the LLDP function on the ZXR10 5900E, run the following command:
8-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Command Function
ZXR10#show lldp { config interface <interface-name>|
entry interface <interface-name>| neighbor interface<interface-name>| statistic interface <interface-name>}
Displays LLDP related
configuration information,
l config: configuration
information
l entry: detailed neighbor
information
l neighbor: brief neighborinformation
l statistic: statistical
information
The following is sample output from the show lldp config command:
ZXR10#show lldp config
-------------------------------
LLDP enable: enabledRxTx
LLDP helloTime: 30s
LLDP holdTime: 4
LLDP msgFastTx: 1s
LLDP txCreditMax: 5
LLDP txFastInit: 4
LLDP deadTime: 120s
LLDP maxNeighbor: 128
LLDP curNeighbor: 0
----------------------------
Field descriptions are as follows:
Field Description
LLDP enable LLDP enabling state.
LLDP helloTime Interval of sending discovery packets to LLDP neighbors.
LLDP holdTime Hold-time of an LLDP neighbor.
LLDP maxNeighbor Maximum number of neighbors that can be discovered by
LLDP.
LLDP curNeighbor Number of neighbors that has been discovered by LLDP.
LLDP msgFastTx Interval of transmitting LLDP packets fast.
LLDP txCreditMax Maximum number of LLDP packets transmitted fast.
LLDP txFastInit Number of LLDP packets transmitted fast.
LLDP deadTime Deadtime of sending LLDP packets.
The following is sample output from the show lldp entry command:
ZXR10#show lldp entry
8-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8 LLDP Configuration
--------------------------------------------------------
Local Port: gei-0/1/1/2 | Interface Name
Local Group MAC address: Nearest Bridge | MAC Address
Chassis ID: 00d0d0641000 | MAC Address
Peer Port: gei-0/1/1/2 | Interface Name
TTL: 96 | Time to live
Port Description: Port name gei-0/1/1/2, PortPhyStatus is up,
PortPhotoElectricityMode is electric, Pvid 830 Nearest Bridge
System Name: 56TM-64
System Description: 3.00.10., 56TM-64, 5900 Software, ZXR10 5950-56TM-H
System Capability: Bridge, Router
Management Address: IPv4 - 192.168.36.64, ifIndex - 15, OID - Null
Link Aggregation TLV: not enabled
MED Network Policy:
Application Type: Reserved
U: defined
T: untagged
X: Reserved
VLAN ID: 0
L2 Priority: 0
DSCP Value: 0
Field descriptions are as follows:
Field Description
LocalPort Interface name.
Chassis ID MAC address.
Peer Port Peer interface.
Port Description Interface description.
System Name System name.
System Description System description.
System Capability System capability.
Link Aggregation Link aggregation.
The following is sample output from the show lldp neighbor command:
ZXR10#show lldp neighbor
Capability Codes:
N - Other, r - Repeater, B - Bridge, W - WLAN Access Point,
R - Router, T - Telephone, D - DOCSIS Cable Device,
S - Station Only, C - C-VLAN Component of a VLAN Bridge,
s - S-VLAN Component of a VLAN Bridge,
t - Two-port MAC Relay (TPMR)
8-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Local-Port Dest-MAC Chassis-ID Holdtime Capability Platform Peer-Port
-------------------------------------------------------------------------------
gei-0/1/1/2 Nearest 00d0d064100 116 B R 3.00.10., 56T gei-0/1/1/2
Bridge 0 M-64, 5900 So
ftw..
gei-0/1/1/3 Nearest 00d0d064100 116 B R 3.00.10., 56T gei-0/1/1/3
Bridge 0 M-64, 5900 So
ftw..
Field descriptions are as follows:
Field Description
Local-port Local Interface.
Chassis ID MAC address.
Holdtime hold-time.
Capability Capability.
Platform Platform.
Peer-port Peer ID.
The following is sample output from the show lldp statistic command:
ZXR10(config)#show lldp statistic
LLDP global counters:
Total packets output: 9687, input: 7056
Total packets error: 0, discarded: 0
Total TLVs discarded: 0, unrecognized: 0
Total neighbors added: 8, deleted: 5
Total neighbors aged: 0, droped: 0
Field descriptions are as follows:
Field Description
LLDP counters LLDP counter.
8.4 LLDP Configuration ExamplesLLDP Neighbor Configuration Examplel Configuration Description
As shown in Figure 8-2, it is required to configure LLDP on gei-0/1/0/1 of R1.
8-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8 LLDP Configuration
Figure 8-2 LLDP Neighbor Configuration Example
l Configuration Thought1. Enter LLDP configuration mode.2. Enter an interface.3. Enable LLDP.
l Configuration Commands
Enter an interface in LLDP configuration mode and then configure LLDP, as shownbelow.
R1(config)#lldp
R1(config-lldp)#interface gei-0/1/0/1
R1(config-lldp-if-gei-0/1/0/1)#lldp enable
l Configuration Verification
Use the show lldp neighbor command to check the configuration result, as shownbelow.
R1(config-if)#show lldp neighbor
Capability Codes:
N - Other, r - Repeater, B - Bridge, W - WLAN Access Point,
R - Router, T - Telephone, D - DOCSIS Cable Device,
S - Station Only
Local-Port Chassis-ID Holdtime Capability Platform Peer-Port
----------------------------------------------------------------------
gei-0/1/0/1 000101040507 92 B S Software gei-0/1/0/1
LLDP Attribute Configuration Examplel Configuration Description
As shown in Figure 8-3, it is required to configure LLDP attributes on R1.
Figure 8-3 LLDP Attribute Configuration Example
l Configuration Thought1. Enter LLDP configuration mode.2. Configure LLDP attributes.
l Configuration Commands
The configuration of R1:
8-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
R1(config)#lldp
R1(config-lldp)#maxneighbor 3
/*Configure the maximum number of system neighbors*/
R1(config-lldp)#hellotime 30000
/*Configure the intervals to send LLDP neighbor discovery packets*/
R1(config-lldp)#holdtime 8
/*Configure LLDP neighbor hold-time*/
R1(config-lldp)#lldp enable
/*Enable LLDP*/
R1(config-lldp)#lldp-rx enable
/*Enable LLDP receiving*/
R1(config-lldp)#lldp-tx enable
/*Enable LLDP sending*/
R1(config-lldp)#clearneighbor
/*Clear LLDP neighbor relationship that has been established*/
R1(config-lldp)#clearstatistic
/*Clear LLDP statistical information*/
l Configuration Verification
Use the show running-config lldp command to check the configuration result, as shownbelow.
ZXR10(config-lldp)#show running-config lldp
! <LLDP>
lldp
hellotime 30000
holdtime 8
maxneighbor 3
! </LLDP>
8.4.1 LLDP Neighbor Configuration Example
Configuration DescriptionAs shown in Figure 8-4, it is required to configure LLDP on gei-0/1/1/1 of S1.
Figure 8-4 LLDP Neighbor Configuration Example
Configuration Thought1. Enter LLDP configuration mode.2. Enter an interface.3. Enable LLDP.
8-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 8 LLDP Configuration
Configuration CommandsEnter an interface in LLDP configuration mode and then configure LLDP, as shown below.
S1(config)#lldp
S1(config-lldp)#interface gei-0/1/1/1
S1(config-lldp-if-gei-0/1/1/1)#lldp enable
Configuration VerificationUse the show lldp neighbor command to check the configuration result, as shown below.
S1(config-if)#show lldp neighbor
Capability Codes:
N - Other, r - Repeater, B - Bridge, W - WLAN Access Point,
R - Router, T - Telephone, D - DOCSIS Cable Device,
S - Station Only
Local-Port Chassis-ID Holdtime Capability Platform Peer-Port
----------------------------------------------------------------------
gei-0/1/1/1 000101040507 92 B S Software gei-0/1/1/1
8.4.2 LLDP Attribute Configuration Example
Configuration DescriptionAs shown in Figure 8-5, it is required to configure LLDP attributes on S1.
Figure 8-5 LLDP Attribute Configuration Example
Configuration Thought1. Enter LLDP configuration mode.2. Configure LLDP attributes.
Configuration CommandsThe configuration of S1:
S1(config)#lldp
S1(config-lldp)#maxneighbor 3
/*Configure the maximum number of system neighbors*/
S1(config-lldp)#hellotime 30000
/*Configure the intervals to send LLDP neighbor discovery packets*/
S1(config-lldp)#holdtime 8
/*Configure LLDP neighbor hold-time*/
8-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
S1(config-lldp)#lldp enable
/*Enable LLDP*/
S1(config-lldp)#lldp-rx enable
/*Enable LLDP receiving*/
S1(config-lldp)#lldp-tx enable
/*Enable LLDP sending*/
S1(config-lldp)#clearneighbor
/*Clear LLDP neighbor relationship that has been established*/
S1(config-lldp)#clearstatistic
/*Clear LLDP statistical information*/
Configuration VerificationUse the show running-config lldp command to check the configuration result, as shownbelow.
ZXR10(config-lldp)#show running-config lldp
! <LLDP>
lldp
hellotime 30000
holdtime 8
maxneighbor 3
! </LLDP>
8-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9SmartGroup ConfigurationTable of Contents
SmartGroup Overview................................................................................................9-1Configuring SmartGroup.............................................................................................9-2Maintaining a SmartGroup..........................................................................................9-7SmartGroup Configuration Examples .........................................................................9-9
9.1 SmartGroup OverviewIntroduction to SmartGroupThe definition of link aggregation is shown below:
l Link aggregation is also called port trunk or port aggregation.l Link aggregation is to aggregate several ports into a aggregation group to implement
load balance of in/out flows on each member port.l This improves the reliability of the connections at the same time. When a link is
disconnected, the traffic will be reassigned among the remaining link automatically.l Link aggregation is implemented on the data link layer.
The definition of smartgroup is shown below:
SmartGroup is to bind several different types of Ethernet interfaces into a logicalSmartGroup interface. On ZXR10 5900E, SmartGroup provides more flexible andeffective solutions about network architecture for users. It brings more flexibility in networkplanning and network architecture designing with ZXR10 series products. It also improvesthe network stability greatly, especially for Ethernet and network environments in whichEthernet interfaces are used. SmartGroup function can extend bandwidth, which makesthe cost to construct network more reasonable.
l SmartGroup supports aggregation of Ethernet interfaces across boards.l There are two modes of load sharing, per-packet mode and per-destination mode.l 128 SmartGroup interfaces can be configured at most.l There are 8 Ethernet interfaces at most in each SmartGroup interface.
SmartGroup PrincipleThe link aggregation of SmartGroup is to aggregate several ports into an aggregationgroup, thus to share out/in load among the member ports. This also improves the reliabilityof the connections. Outwardly, the aggregation group seems as a port. Load sharing of linkaggregation supports load-sharing aggregation and non-load-sharing aggregation.Figure9-1 shows a SmartGroup link aggregation.
9-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 9-1 SmartGroup Link Aggregation
Link Aggregation Control Protocol (LACP) provides a standardized method to exchangeinformation between mate systems on links. LACP allows link aggregation control entitiesto make an agreement on the unity of the link aggregation cluster. It also allows to class alink to a link aggregation cluster and enable the functions of receiving and sending in order.
The principle of LACP includes the following points:
l LACP runs on a single physical port. It relies on the transmission of information andstate instead of command.
l LACP is a procedure of constant negotiation at two ends. There are two negotiationmodes, active mode and passive mode.
l If the negotiation is successful on a port, this port is an active port, otherwise it is amember port. Only active ports can send and receive packets.
l Negotiation packets are sent continually, and they are terminated on ports.l The negotiation of the ports in an aggregation group is independent between each
other without any interaction.l There is no obvious mechanism about packet loss monitoring or retransmission in
LACP.
9.2 Configuring SmartGroupTo configure a SmartGroup on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#interface <smartgroup-name> Creates a SmartGroup
interface, and enters
SmartGroup interface
configuration mode. Use
the no command to delete the
interface.
2 ZXR10(config)#lacp Enters LACP configuration
mode.
9-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
Step Command Function
3 ZXR10(config-lacp)#lacp system-priority <priority> Configures the LACP system
priority. Use the no command
to restore the default value.
The default priority is 32768.
4 ZXR10(config-lacp)#lacp minimum-member <
member_number>
Configures the global threshold
for a SmartGroup interface to
be up. Use the no command to
restore the default value. The
default value is 1.
5 ZXR10(config-lacp)#clear lacp [<smartgroup-id>]
counters
Clears the count of LACP
packets sent and received.
6 ZXR10(config-lacp)#interface <interface-name> Enters LACP interface
configuration mode.
7 ZXR10(config-lacp-sg-if-interface-name)#lacp
mode {802.3ad | on}
Configures the aggregation
mode. Use the no command
to restore the default
configuration. By default,
the aggregation mode is static
trunk (on) mode.
8 ZXR10(config-lacp-sg-if-interface-name)#lacp
load-balance <mode>
Configures the load sharing
mode of LACP. Use the no
command to restore the default
configuration.
9 ZXR10(config-lacp-sg-if-interface-name)#lacp
minimum-member < member_number>
Configures the threshold for
the SmartGroup interface to be
up.
10 ZXR10(config-lacp-member-if-interface-name)#sma
rtgroup <smartgroup-id> mode {passive | active | on}
Adds an interface to the
SmartGroup and sets the
link aggregation mode of this
interface. Use the no command
to delete this interface from the
SmartGroup.
11 ZXR10(config-lacp-member-if-interface-name)#lacp
timeout {long | short}
Configures the long time-out
time or short time-out time of
an LACP member port. Use
the no command to restore
long time-out time.
9-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Step Command Function
12 ZXR10(config-lacp-member-if-interface-name)#lacp
port-priority <priority>
Configures the priority of an
LACP member port. Use the
no command to restore the
default value. The default
priority is 32768.
13 ZXR10(config-lacp-sg-if-interface-name)#lacp fast
respond
Configures LACP negotiation
fast response mode. Use the
no command to restore to the
default mode.
14 ZXR10(config-lacp-sg-if-interface-name)#lacp
active limitation < member-number>
Configures the maximum
number of members that can
be activated. Use the no
command to restore the default
value.
15 ZXR10(config-lacp-sg-if-interface-name)#lacp
sys-priority<priority>
Configures the LACP system
priority in SmartGroup interface
configuration mode. Use the
no command to restore the
default value.
16 ZXR10(config-lacp-sg-if-interface-name)#lacp
restore{ revertive <holdoff-time>| immediately |
non-revertive}
Configures the mode of
switchover from the standby
aggregation port to the active
aggregation port. If the mode is
set to revertive, the revertivingtime can be configured
(unit: seconds). Use the nocommand to restore the default
mode (immediately).
17 ZXR10(config-lacp-member-if-interface-name)#tr
ack <track-name>
Configures the track name
of SAMGR which LACP
members associate with.
The track name association
detection mechanism can be
used for fast detection of link
state. Use the no command to
delete the association.
9-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
Step Command Function
18 ZXR10(config-lacp-sg-if-interface-name)#lacp
aggregator timeout <10-500>
Configures the time-out
time of an aggregation
group in SmartGroup
interface configuration mode,
unit: seconds. When an
aggregation group is selected
but LACP is not up within the
time-out time, it is necessary
to re-select an aggregation
group. Use the no command
to restore the default value (30
seconds).
19 ZXR10(config-lacp-sg-if-interface-name)#lacp
force-switch
Configures compulsive
switchover in SmartGroup
interface configuration mode.
Descriptions of the parameter in Step 1:
Parameter Description
<smartgroup-name> SmartGroup name, such as smartgroup1.
Descriptions of the parameter in Step 3:
Parameter Description
<priority> Priority of the LACP system, range: 1-65535, default: 32768.
Descriptions of the parameter in Step 4:
Parameter Description
< member_number> Global threshold for a Smartgroup interface to be up, range:
1-8, default: 1.
Descriptions of the parameter in Step 5:
Parameter Description
<smartgroup-id> SmartGroup ID, range: 1-128.
Descriptions of the parameter in Step 6:
9-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Parameter Description
<interface> Name of a specific interface (Ethernet interface or
SmartGroup interface) that supporting LACP. The format of
the interface name is "smartgroup+Group ID". The range of
the group ID is 1-128.
Descriptions of the parameter in Step 7:
Parameter Description
802.3ad The aggregation control mode of the SmartGroup interface
uses LACP of 802.3ad standard.
on Static trunk, meaning that LACP is not used.
Descriptions of the parameter in Step 8:
Parameter Description
<mode> Load sharing mode of LACP. The supported modes are dstip,
dst-mac, src-dst-ip, src-dst-mac, src-ip, src-mac, src-port,
dst-port, src-dst_port and enhance, and the default mode
is src_dst_mac.
Descriptions of the parameter in Step 9:
Parameter Description
< member_number> Upper threshold of Smartgroup, range: 1-8. The global
threshold is used if this parameter is not configured.
Descriptions of the parameter in Step 10:
Parameter Description
<smartgroup-id> Smartgroup ID, range: 1-128.
passive The interface LACP is in passive negotiation mode.
active The interface LACP is in active negotiation mode.
on Static trunk. In this mode, the interface does not run LACP,
and it is necessary to set the mode to "on" on both ends.
Descriptions of the parameter in Step 11:
Parameter Description
long LACP long time-out time.
short LACP short time-out time.
Descriptions of the parameter in Step 12:
9-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
Parameter Description
<priority> Priority of an LACP port, range: 1–65535, default: 32768.
Descriptions of the parameter in Step 14:
Parameter Description
<member_number> Configures maximum number of members that can be
activated, range: 0–8, default: 8.
Descriptions of the parameter in Step 15:
Parameter Description
<priority> SmartGroup system priority, range: 1–65535, default: 32768.
Descriptions of the parameter in Step 16:
Parameter Description
Revertive Revertiving mode.
holdoff-time Wait time for switchover, range: 1–65535, unit: seconds.
Immediately Immediately switchover.
non-revertive No switchover.
Descriptions of the parameter in Step 17:
Parameter Description
track-name Track name of the SAMGR which SmartGroup members
associate with.
Descriptions of the parameter in Step 18:
Parameter Description
<10-500> Time-out time of an aggregation group, range: 10–500, unit:
seconds, default: 30 seconds.
9.3 Maintaining a SmartGroupTo maintain the SmartGroup function on the ZXR10 5900E, run the following command:
Command Function
ZXR10#show lacp {[<smartgroup-id>]{counters | internal |
neighbors}| sys-id}
Displays the current LACP
configuration and state.
9-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Parameter descriptions:
Parameter Description
<smartgroup-id> Smartgroup ID, range: 1–128.
counters Displays the counts of LACP packets sent and received on
an interface.
internal Displays the aggregation state of the member ports.
neighbors Displays the state of member ports on the peer.
sys-id Displays the LACP system priority.
The following is sample output from the show lacp 1 internal command (the aggregationstate of member ports in smatgroup1 is displayed):
ZXR10(config-lacp)#show lacp 1 internal
Smartgroup:1
Flags: * - Port is Active member Port
S - Port is requesed in Slow LACPDUs
F - Port is requested in Fast LACPDUs
A - Port is in Active mode P - Port is in Passive mode
Actor Agg LACPDUs Port Oper Port RX Mux
Port[Flags] State Interval Priority Key State Machine Machine
---------------------------------------------------------------------------
gei-0/1/1/6[SA] INACTIVE 30 32768 0x109 0x45 DEFAULTED DETACHED
gei-0/1/1/1[SA] INACTIVE 30 32768 0x109 0x45 DEFAULTED DETACHED
Field descriptions are as follows:
Field Description
Actor Port Local port name.
Agg State Aggregation state. If the negotiation is successful, the state
is ACTIVE, otherwise it is INACTIVE.
LACPDU Interval Interval of sending LACPDUs.
Port Priority Port priority .
Oper Key Local key.
Port State Port state.
RX Machine The state of the receiving state machine.
MUX Machine The state of the mixed state machine.
9-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
9.4 SmartGroup Configuration ExamplesBasic SmartGroup Configuration Examplel Configuration Description
As shown in Figure 9-2, S1 and S2 run LACP. The interface gei-0/2/0/5 on S1 andthe interface gei-0/3/0/5 on S2 are directly connected. The interface gei-0/2/0/9 onS1 and the interface gei-0/3/0/9 on S2 are directly connected.
Figure 9-2 802.3ad Mode Configuration
l Configuration Thought1. Create smartgroup1 on S1, and create smartgroup1 on S2. Enter interface
configuration mode.2. Configure the switch attribute of smartgroup1 on S1 and S2 in interface
configuration mode, and exit to global configuration mode.3. Enter LACP configuration mode from global configuration mode, and then enter
the smartgroup interfaces.4. Set the aggregation mode of smartgroup1 to LACP on S1 and S2. Configure load
sharing policy and the minimum number of members.5. Enter LACP configuration mode from global configuration mode, and then enter
the physical interfaces.6. Add the physical interfaces on S1 and S2 to the smartgroup1.7. Configure LACP negotiation mode and time-out period on the member interfaces
of smartgroup1 on S1 and S2.l Configuration Commands
The configuration of S1:
S1(config)#interface smartgroup1
S1(config-if)#switch attribute enable
S1(config-if)#exit
S1(config)#lacp
S1(config-lacp)#interface smartgroup1
S1(config-lacp-sg-if)#lacp mode 802.3ad
S1(config-lacp-sg-if)#lacp load-balance dst-mac
S1(config-lacp-sg-if)#lacp minimum-member 1
S1(config-lacp-sg-if)#exit
S1(config-lacp)#interface gei-0/2/0/5
S1(config-lacp-member-if)#smartgroup 1 mode active
S1(config-lacp-member-if)#lacp timeout short
S1(config-lacp-member-if)#exit
9-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
S1(config-lacp)#interface gei-0/2/0/9
S1(config-lacp-member-if)#smartgroup 1 mode active
S1(config-lacp-member-if)#lacp timeout short
S1(config-lacp-member-if)#exit
The configuration of S2:
S2(config)#interface smartgroup1
S2(config-if)#switch attribute enable
S2(config-if)#exit
S2(config)#lacp
S2(config-lacp)#interface smartgroup1
S2(config-lacp-sg-if)#lacp mode 802.3ad
S2(config-lacp-sg-if)#lacp load-balance dst-mac
S2(config-lacp-sg-if)#lacp minimum-member 1
S2(config-lacp-sg-if)#exit
S2(config-lacp)#interface gei-0/3/0/5
S2(config-lacp-member-if)#smartgroup 1 mode active
S2(config-lacp-member-if)#lacp timeout short
S2(config-lacp-member-if)#exit
S2(config-lacp)#interface gei-0/3/0/9
S2(config-lacp-member-if)#smartgroup 1 mode active
S2(config-lacp-member-if)#lacp timeout short
S2(config-lacp-member-if)#end
l Configuration Verification
Check the configuration on S1 and check whether the configuration takes effect.
S1(config)#show lacp 1 internal
Smartgroup:1
Flags: * - Port is Active member Port
S - Port is requested in Slow LACPDUs F - Port is requested
in Fast LACPDUs
A - Port is in Active mode P - Port is in Passive
mode
Actor Agg LACPDUs Port Oper Port RX Mux
Port[Flags] State Interval Priority Key State Machine Machin
e
--------------------------------------------------------------------------------
gei-0/2/0/5 [FA*] ACTIVE 1 32768 0x111 0x3f CURRENT COLL
/*Port aggregation, Active means success; Inactive means failure*/
gei-0/2/0/9 [FA*] ACTIVE 1 32768 0x111 0x3f CURRENT COLL
S1(config)#show running-config-interface smartgroup1
! <INTERFACE>
interface smartgroup1
index 26
9-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
switch attribute enable
!
! </INTERFACE>
! <LACP>
lacp
interface smartgroup1
lacp mode 802.3ad
/*Negotiation mode*/
lacp minimum-member 1
/*The minimum number of members aggregated successfully. When the
number of links aggregated successfully is not less than this
value, smartgroup is up.*/
interface gei-0/2/0/9
smartgroup 1 mode active
/*In 802.3ad mode, only when at least one end of the link is in
active mode will the aggregation succeeds.*/
lacp timeout short
interface gei-0/2/0/5
smartgroup 1 mode active
lacp timeout short
! </LACP>
S1(config)#show lacp 1 neighbors /*View neighbors*/
Smartgroup 1 neighbors
Actor Partner Partner Port Oper Port
Port System ID Port No. Priority Key State
---------------------------------------------------------------------
gei-0/2/0/9 0x8000,00d0.d012.1127 21 0x8000 0x111 0x3f
gei-0/2/0/5 0x8000,00d0.d012.1127 17 0x8000 0x111 0x3f
S1(config)#show lacp 1 counters
Smartgroup:1
Actor LACPDUs Marker LACPDUs Marker
Port Tx Rx Tx Rx Err Err
-------------------------------------------------------------------
gei-0/2/0/9 1840 1840 0 0 0 0
/*The value of Tx and Rx increments or decrements every 30 seconds
according to the configuration of timeput.*/
gei-0/2/0/5 1840 1840 0 0 0 0
On Mode SmartGroup Configuration Examplel Configuration Description
As shown in Figure 9-3, the interface gei-0/2/0/5 on S1 and the interface gei-0/3/0/5 onS2 are directly connected; the interface gei-0/2/0/9 on S1 and the interface gei-0/3/0/9
9-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
on S2 are directly connected. S1 and S2 establish the connection through on modewithout negotiation.
Figure 9-3 ON Mode Configuration
l Configuration Thought1. Create smartgroup1 on S1, and create smartgroup1 on S2. Enter interface
configuration mode.2. Configure the switch attribute of smartgroup1 on S1 and S2 in interface
configuration mode, and exit to global configuration mode.3. Enter LACP configuration mode from global configuration mode, and then enter
the smartgroup interfaces.4. Configure the same negotiation mode “on” on the smartgroup1 interfaces on S1
and S2.5. Enter LACP configuration mode from global configuration mode, and then enter
the physical interfaces.6. Add the physical interfaces on S1 and S2 to the smartgroup1.
l Configuration Commands
The configuration of S1:
S1(config)#interface smartgroup1
S1(config-if)#switch attribute enable
S1(config-if)#exit
S1(config)#lacp
S1(config-lacp)#interface smartgroup1
S1(config-lacp-sg-if)#lacp mode on
S1(config-lacp-sg-if)#exit
S1(config-lacp)#interface gei-0/2/0/5
S1(config-lacp-member-if)#smartgroup 1 mode on
S1(config-lacp-member-if)#exit
S1(config-lacp)#interface gei-0/2/0/9
S1(config-lacp-member-if)#smartgroup 1 mode on
S1(config-lacp-member-if)#exit
The configuration of S2:
S2(config)#interface smartgroup1
S2(config-if)#switch attribute enable
S2(config-if)#exit
S2(config)#lacp
S2(config-lacp)#interface smartgroup1
S2(config-lacp-sg-if)#lacp mode on
9-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
S2(config-lacp-sg-if)#exit
S2(config-lacp)#interface gei-0/3/0/5
S2(config-lacp-member-if)#smartgroup 1 mode on
S2(config-lacp-member-if)#exit
S2(config-lacp)#interface gei-0/3/0/9
S2(config-lacp-member-if)#smartgroup 1 mode on
S2(config-lacp-member-if)#end
l Configuration Verification
Check the configuration on S1 and check whether the configuration takes effect.
S1#show lacp 1 internal
Smartgroup:1
Flags: *-Port is Active member Port
S-Port is requested in Slow LACPDUs F-Port is requested in Fast LACPDUs
A-Port is in Active mode P-Port is in Passive mode
Actor Agg LACPDUs Port Oper Port RX Mux
Port[Flags] State Interval Priority Key State Machine Machine
----------------------------------------------------------------------------
gei-0/2/0/9 ACTIVE 30 32768 0x11 0x3d N/A N/A
gei-0/2/0/5 ACTIVE 30 32768 0x11 0x3d N/A N/A
S1#show running-config-interface smartgroup1
! <INTERFACE>
interface smartgroup1
index 34
switch attribute enable
!
! </INTERFACE>
! <LACP>
lacp
interface smartgroup1
interface gei-0/2/0/5
smartgroup 1 mode on
interface gei-0/2/0/9
smartgroup 1 mode on
! </LACP>
9.4.1 Basic SmartGroup Configuration Example
Configuration DescriptionAs shown in Figure 9-4, S1 and S2 run LACP. The interface gei-0/1/1/5 on S1 and theinterface gei-0/1/1/5 on S2 are directly connected. The interface gei-0/1/1/9 on S1 and theinterface gei-0/1/1/9 on S2 are directly connected.
9-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 9-4 802.3ad Mode Configuration
Configuration Thought1. Create smartgroup1 on S1, and create smartgroup1 on S2. Enter interface
configuration mode.2. Configure the switch attribute of smartgroup1 on S1 and S2 in interface configuration
mode, and exit to global configuration mode.3. Enter LACP configuration mode from global configuration mode, and then enter the
smartgroup interfaces.4. Set the aggregation mode of smartgroup1 to LACP on S1 and S2. Configure load
sharing policy and the minimum number of members.5. Enter LACP configuration mode from global configuration mode, and then enter the
physical interfaces.6. Add the physical interfaces on S1 and S2 to the smartgroup1.7. Configure LACP negotiation mode and time-out period on the member interfaces of
smartgroup1 on S1 and S2.
The configuration of S1:
S1(config)#interface smartgroup1
S1(config-if)#switch attribute enable
S1(config-if)#exit
S1(config)#lacp
S1(config-lacp)#interface smartgroup1
S1(config-lacp-sg-if)#lacp mode 802.3ad
S1(config-lacp-sg-if)#lacp load-balance dst-mac
S1(config-lacp-sg-if)#lacp minimum-member 1
S1(config-lacp-sg-if)#exit
S1(config-lacp)#interface gei-0/1/1/5
S1(config-lacp-member-if)#smartgroup 1 mode active
S1(config-lacp-member-if)#lacp timeout short
S1(config-lacp-member-if)#exit
S1(config-lacp)#interface gei-0/1/1/9
S1(config-lacp-member-if)#smartgroup 1 mode active
S1(config-lacp-member-if)#lacp timeout short
S1(config-lacp-member-if)#exit
The configuration of S2:
S2(config)#interface smartgroup1
S2(config-if)#switch attribute enable
S2(config-if)#exit
9-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
S2(config)#lacp
S2(config-lacp)#interface smartgroup1
S2(config-lacp-sg-if)#lacp mode 802.3ad
S2(config-lacp-sg-if)#lacp load-balance dst-mac
S2(config-lacp-sg-if)#lacp minimum-member 1
S2(config-lacp-sg-if)#exit
S2(config-lacp)#interface gei-0/1/1/5
S2(config-lacp-member-if)#smartgroup 1 mode active
S2(config-lacp-member-if)#lacp timeout short
S2(config-lacp-member-if)#exit
S2(config-lacp)#interface gei-0/1/1/9
S2(config-lacp-member-if)#smartgroup 1 mode active
S2(config-lacp-member-if)#lacp timeout short
S2(config-lacp-member-if)#end
Configuration VerificationCheck the configuration on S1 and check whether the configuration takes effect.
S1(config)#show lacp 1 internal
Smartgroup:1
Flags: * - Port is Active member Port
S - Port is requested in Slow LACPDUs F - Port is requested
in Fast LACPDUs
A - Port is in Active mode P - Port is in Passive
mode
Actor Agg LACPDUs Port Oper Port RX Mux
Port[Flags] State Interval Priority Key State Machine Machin
e
--------------------------------------------------------------------------------
gei-0/1/1/5 [FA*] ACTIVE 1 32768 0x111 0x3f CURRENT COLL
/*Port aggregation, Active means success; Inactive means failure*/
gei-0/1/1/9 [FA*] ACTIVE 1 32768 0x111 0x3f CURRENT COLL
S1(config)#show running-config-interface smartgroup1
! <INTERFACE>
interface smartgroup1
index 26
switch attribute enable
!
! </INTERFACE>
! <LACP>
lacp
interface smartgroup1
lacp mode 802.3ad
/*Negotiation mode*/
9-15
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
lacp minimum-member 1
/*The minimum number of members aggregated successfully. When the
number of links aggregated successfully is not less than this
value, smartgroup is up.*/
interface gei-0/1/1/9
smartgroup 1 mode active
/*In 802.3ad mode, only when at least one end of the link is in
active mode will the aggregation succeeds.*/
lacp timeout short
interface gei-0/1/1/5
smartgroup 1 mode active
lacp timeout short
! </LACP>
S1(config)#show lacp 1 neighbors /*View neighbors*/
Smartgroup 1 neighbors
Actor Partner Partner Port Oper Port
Port System ID Port No. Priority Key State
---------------------------------------------------------------------
gei-0/1/1/9 0x8000,00d0.d012.1127 21 0x8000 0x111 0x3f
gei-0/1/1/5 0x8000,00d0.d012.1127 17 0x8000 0x111 0x3f
S1(config)#show lacp 1 counters
Smartgroup:1
Actor LACPDUs Marker LACPDUs Marker
Port Tx Rx Tx Rx Err Err
-------------------------------------------------------------------
gei-0/1/1/9 1840 1840 0 0 0 0
/*The value of Tx and Rx increments or decrements every 30 seconds
according to the configuration of timeput.*/
gei-0/1/1/5 1840 1840 0 0 0 0
9.4.2 On Mode SmartGroup Configuration Example
Configuration DescriptionAs shown in Figure 9-5, the interface gei-0/1/1/5 on S1 and the interface gei-0/1/1/5 onS2 are directly connected; the interface gei-0/1/1/9 on S1 and the interface gei-0/1/1/9 onS2 are directly connected. S1 and S2 establish the connection through on mode withoutnegotiation.
9-16
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 9 SmartGroup Configuration
Figure 9-5 ON Mode Configuration
Configuration Thought1. Create smartgroup1 on S1, and create smartgroup1 on S2. Enter interface
configuration mode.2. Configure the switch attribute of smartgroup1 on S1 and S2 in interface configuration
mode, and exit to global configuration mode.3. Enter LACP configuration mode from global configuration mode, and then enter the
smartgroup interfaces.4. Configure the same negotiation mode “on” on the smartgroup1 interfaces on S1 and
S2.5. Enter LACP configuration mode from global configuration mode, and then enter the
physical interfaces.6. Add the physical interfaces on S1 and S2 to the smartgroup1.
Configuration CommandsThe configuration of S1:
S1(config)#interface smartgroup1
S1(config-if)#switch attribute enable
S1(config-if)#exit
S1(config)#lacp
S1(config-lacp)#interface smartgroup1
S1(config-lacp-sg-if)#lacp mode on
S1(config-lacp-sg-if)#exit
S1(config-lacp)#interface gei-0/1/1/5
S1(config-lacp-member-if)#smartgroup 1 mode on
S1(config-lacp-member-if)#exit
S1(config-lacp)#interface gei-0/1/1/9
S1(config-lacp-member-if)#smartgroup 1 mode on
S1(config-lacp-member-if)#exit
The configuration of S2:
S2(config)#interface smartgroup1
S2(config-if)#switch attribute enable
S2(config-if)#exit
S2(config)#lacp
S2(config-lacp)#interface smartgroup1
S2(config-lacp-sg-if)#lacp mode on
S2(config-lacp-sg-if)#exit
9-17
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
S2(config-lacp)#interface gei-0/1/1/5
S2(config-lacp-member-if)#smartgroup 1 mode on
S2(config-lacp-member-if)#exit
S2(config-lacp)#interface gei-0/1/1/9
S2(config-lacp-member-if)#smartgroup 1 mode on
S2(config-lacp-member-if)#end
Configuration VerificationCheck the configuration on S1 and check whether the configuration takes effect.
S1#show lacp 1 internal
Smartgroup:1
Flags: *-Port is Active member Port
S-Port is requested in Slow LACPDUs F-Port is requested in Fast LACPDUs
A-Port is in Active mode P-Port is in Passive mode
Actor Agg LACPDUs Port Oper Port RX Mux
Port[Flags] State Interval Priority Key State Machine Machine
----------------------------------------------------------------------------
gei-0/1/1/9 ACTIVE 30 32768 0x11 0x3d N/A N/A
gei-0/1/1/5 ACTIVE 30 32768 0x11 0x3d N/A N/A
S1#show running-config-interface smartgroup1
! <INTERFACE>
interface smartgroup1
index 34
switch attribute enable
!
! </INTERFACE>
! <LACP>
lacp
interface smartgroup1
interface gei-0/1/1/5
smartgroup 1 mode on
interface gei-0/1/1/9
smartgroup 1 mode on
! </LACP>
9-18
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10SVLAN ConfigurationTable of Contents
SVLAN Overview .....................................................................................................10-1Configuring an SVLAN ...........................................................................................10-10Maintaining an SVLAN ...........................................................................................10-12SVLAN Configuration Example...............................................................................10-14
10.1 SVLAN OverviewIntroduction to SVLANThe selective VLAN (SVLAN) is a VLAN tunnel technology. It adds a VLAN tag based onthe original 802.1Q tag, shields the inner VLAN tag, and finally removes the outer VLANtag when amessage is transparently transmitted to the edge switch over an SP network. Inthis way, it implements the transparent transmission service over a multipoint to multipointvirtual LAN and provides users with a relatively simple L2 VPN tunnel. With the technology,a packet can carry two tags, which efficiently increases the number of VLANs (up to 4096x 4096). Usually, an outer VLAN tag refers to the service provider VLAN (SPVLAN) andan inner VLAN tag refers to the customer VLAN (CVLAN).
The common QinQ adds only one outer tag for the packets of an interface, which greatlyrestricts networking flexibility. However, the SVLAN function can selectively add outer tagsfor the packets received on a same interface based on different inner tags according tocustomer requirements.
For some services, the system must ensure that their packets are not affected whenpassing through a switch, that is, the quantity and values of tags remain unchanged. TheSVLAN supports such a function for transparently transmitting VLANs.
In addition, the SVLAN can implement 802.1P CoS priority mapping between outer tagsand inner tags.
SVLAN PrincipleCurrently, SVLAN is mainly implemented by VFP and IFP, based on which two typesof CLI configuration are provided. It is recommended that you use the SVLAN in VFPmode because it can fully implement unicast forwarding in uplink and downlink directions.Furthermore, with ACL rules, it can perform data filtering by packet type or IP address toimplement stream splitting in a better way. This section details the SVLAN in VFP mode.SVLAN supports five service types. Users can flexibly choose a combination of these
10-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
service types according to their own network. This ensures that SVLAN applies properservice types for different networking environments.
The following sections detail all the service types.
Service Type 1 (in1-out2)
As shown in Figure 10-1, an outer OVLAN can be added according to the designated innerVLAN.
Figure 10-1 Service Type 1 (in1-out2)
l In uplink direction:
The switch splits data streams received on the customer port according to thecarried inner VLANs. To be specific, the switch adds outer OVLANs for data streamsaccording to the carried inner VLANs and then forwards the data streams based onthe L2 forwarding principle and the outer VLANs.
l In downlink direction:
When receiving data streams with double tags on the uplink port, the switch forwardsthem based on the L2 forwarding principle and the outer VLANs. The switch thenremoves the outer tags when the data streams reach the customer port.
10-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
Note:
There is anther configuration type, namely IFP SVLAN. The switch learns the PVID byusing the function of MAC address learning and then redirects to the uplink port. Therefore,in the downlink direction, data streams are broadcast in OVLANs as unknown unicast tothe customer port.
Service Type 2 (in1-out2 pri designated)
As shown in Figure 10-2, the switch adds outer OVLANs according to the carried innerVLANs and supports 802.1Q configuration for the data streams with outer OVLANs basedon user priorities. This facilitates QoS management.
Figure 10-2 Service Type 2 (in1-out2 pri designated)
l In uplink direction:
The switch splits data streams received on the customer port according to thecarried inner VLANs. To be specific, the switch adds outer OVLANs for data streamsaccording to the carried inner VLANs and configures the 802.1Q property of OVLAN.
l In downlink direction:
When receiving data streams with double tags on the uplink port, the switch forwardsthem based on the L2 forwarding principle and the outer VLANs. The switch thenremoves the outer tags when the data streams reach the customer port.
10-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Note:
There is anther configuration type, namely IFP SVLAN. The switch learns the PVID byusing the function of MAC address learning and then redirects to the uplink port. Therefore,in the downlink direction, data streams are broadcast in OVLANs as unknown unicast tothe customer port.
Service Type 3 (in1-out2 pri mapping)
As shown in Figure 10-3, the switch adds outer OVLANs for data streams according tothe carried inner VLANs and maps 802.1Q configuration of inner VLANs to OVLANs,which facilitates QoS management. In this case, the QoS of the original network remainsunchanged.
Figure 10-3 Service Type 3 (in1-out2 pri mapping)
l In uplink direction:
The switch splits data streams received on the customer port according to thecarried inner VLANs. To be specific, the switch adds outer OVLANs for data streamsaccording to the carried inner VLANs and configures the 802.1Q property of OVLANas mapping of inner VLAN.
l In downlink direction:
When receiving data streams with double tags on the uplink port, the switch forwardsthem based on the L2 forwarding principle and the outer VLANs. The switch thenremoves the outer tags when the data streams reach the customer port.
10-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
Note:
There is anther configuration type, namely IFP SVLAN. The switch learns the PVID byusing the function of MAC address learning and then redirects to the uplink port. Therefore,in the downlink direction, data streams are broadcast in OVLANs as unknown unicast tothe customer port.
Service Type 4 (in1-out1)
As shown in Figure 10-4, the switch transparently transmits data streams according to thecarried inner VLANs.
Figure 10-4 Service Type 4 (in1-out1)
l In uplink direction:
The switch splits data streams received on the customer port according to the carriedinner VLANs. To be specific, the switch transparently transmits the data streams withinner VLANs without any data processing.
l In downlink direction:
When data streams with tags reach the uplink port, the switch forwards them basedon the L2 forwarding principle.
VFP:
l Just support a single port transparent transmission configuration type.l For in-vlan any configuration type, It transparently transmits all the inner VLANs.
10-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
IFP:
l There are two configuration types, namely configuration based on a single session(transparent transmission for only a single inner VLAN) and configuration basedon all sessions except single-tag to double-tag sessions (default-vlan-forwarding:transparent transmission for all inner VLANs).
l If default-vlan-forwarding is required, this function must be configured at last. Afterconfiguration, the configuration of IFP SVLAN does not take effect.
l The switch learns the PVID by using the function of MAC address learning and thenredirects to the uplink port. Therefore, in the downlink direction, data streams arebroadcast in inner VLANs as unknown unicast to the customer port.
Service Type 5 (int2-out2)
If the received packets carry double tags, the above mentioned transparent transmissioncan implement In and Out with double tags.
Service Type 6 (untag-out1, supported only by SVLAN in IFP mode)
As shown in Figure 10-5, the switch adds tags for the data streamswithout any tag receivedon the customer port. Unlike common ports that use only the default PVID, the switch canadd different tags for the data streams without any tag received on the customer port,which omits the process of VLAN translation.
Figure 10-5 Service Type 6 (untag-out1, supported only by SVLAN in IFP mode)
l In uplink direction:
The switch splits data streams without any tag received on the customer portaccording to their configurations. To be specific, the switch adds outer OVLANs forthe data streams and then forwards them based on the L2 forwarding principle.
10-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
l In downlink direction:
When data streams with tags reach the uplink port, the switch forwards them basedon the L2 forwarding principle and then removes their tags on the customer port.
Service Type 7 (untag-untag)
After the untagged packets pass through the untag to single-tag service, their tags areremoved on the uplink port to form the untag to untag service.
Service Type 8 (enhance vfp)
Packets with single tag is sent to the switch. The switch adds outer tags in accordancewith policies.
The switch modifies inner VIDs and adds outer VIDs according to the properties and VIDscarried in the single-tag packets.
The switch deletes outer VIDs according to the properties and inner and outer VIDs carriedin the received packets.
For the received double-tag packets, the switch deletes their outer tags and modifies theirinner tags according to the policy.
For the received double-tag packets, the switch modifies their outer tags according to thepolicy.
The switchmodifies inner VIDs according to the properties and inner and outer VIDs carriedin the received packets.
The switch modifies inner and outer VIDs according to the properties and inner and outerVIDs carried in the received packets.
For the received double-tag packets, the switch removes the inner or outer tags inaccordance with policies.
For the received untag packets, the switch adds inner and outer tags in accordance withpolicies.
For the advanced VFP function, the customer port need not run the switchport qinq customer command for configuration. customer refers to the updated OVLAN. In this case, theswitch forwards packets to the uplink port according to the updated OVLAN and the MAClearns the updated OVLAN.
Note:
There is another configuration type, namely IFP SVLAN. The switch matches inner andouter tags for the double-tag packets and then removes their outer tags. The customerport need not run the switchport qinq customer command for configuration. customer refersto the OVLAN before update. In this case, the switch forwards packets to the uplink portaccording to the updated OVLAN and the MAC learns the OVLAN before replacement.
10-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Actual Network Application of SVLANTypical Network Scheme with SVLAN (Case 1)
Figure 10-6 shows the network topology.
Figure 10-6 Network Topology with SVLAN (1)
l Network Characteristics1. A customer interface requires both the QinQ service and the transparent
transmission service.2. The SmartGroup function is not enabled on the uplink interface and a BRAS and
a router exist in the uplink direction. In this case, a large number of packetsfrom PPPoE users are added with QinQ tags and then transmitted to the BRASfor authentication. The packets from other private line users are transparentlytransmitted to the router.
3. A network management VLAN is used to manage the T64G and its mounteddevices.
l Functions Implemented by SVLAN1. The packets with a same OVLAN can be transmitted to different networks. In
addition, the packets are forwarded to the BRAS and router respectively basedon L2 unicast.
2. The packets with the network management VLAN can be transmitted over a samenetwork to a device, for example, BRAS. This facilitates the NMS to implementcentralized management.
3. Different OVLANs can be added for a same inner VLAN of different interfaces.4. OVLANs can be added for different inner VLANs on a same interface.5. OVLANs can be added for a same inner VLAN but different IP segments on a
same interface.
10-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
l Key Configuration Points1. In addition to the sessions of in-vlan any type, the VFP SVLAN implements uni-
cast-based forwarding in all cases including single tag to double tags and trans-parent transmission in pinpoint and global modes.
2. Compared with the transparent transmission VLAN, the IFP SVLAN usuallyconfigures helper-vlan to a VLAN that is not used, for example, 4094. In thiscase, the helper-vlan parameter of the uplink interface must be configured tountag.
Typical Network Scheme with SVLAN (Case 2)
Figure 10-7 shows the network topology.
Figure 10-7 Network Topology with SVLAN (2)
l Network Characteristics1. A customer interface requires both the QinQ service and the transparent
transmission service.2. The SmartGroup function is enabled on the uplink interface and a BRAS and
a router exist in the uplink direction. In this case, a large number of packetsfrom PPPoE users are added with QinQ tags and then transmitted to the BRASfor authentication. The packets from other private line users are transparentlytransmitted to the router. In addition, the uplink interfaces of the BRAS and T64Gare connected by using the SmartGroup function.
3. A network management VLAN is used to manage the T64G and its mounteddevices.
l Functions Implemented by SVLAN
10-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
1. The packets with a same OVLAN can be transmitted to different networks. Inaddition, the packets are forwarded to the BRAS and router respectively basedon L2 unicast.
2. The packets with the network management VLAN can be transmitted over a samenetwork to a device, for example, BRAS. This facilitates the NMS to implementcentralized management.
3. Different OVLANs can be added for a same inner VLAN of different interfaces.4. OVLANs can be added for different inner VLANs on a same interface.5. OVLANs can be added for a same inner VLAN but different IP segments on a
same interface.6. The load sharing of data can be implemented. That is, the link data can be backed
up and the bandwidth can be greatly expanded.l Key Configuration Points
1. In addition to the sessions of in-vlan any type, the VFP SVLAN implementsunicast-based forwarding in all cases including single tag to double tags andtransparent transmission in pinpoint and global modes.
2. Compared with the transparent transmission VLAN, the IFP SVLAN usuallyconfigures helper-vlan to a VLAN that is not used, for example, 4094. In thiscase, the helper-vlan parameter of the uplink interface must be configured tountag.
3. During configuration, enter vlan session and configure uplink as smartgroupID.
10.2 Configuring an SVLANTo configure the SVLAN VFP on the ZXR10 5900E, perform the following steps:
Steps Command Function
1 ZXR10(config)#svlan-configuration Enters SVLAN configuration
mode.
2 ZXR10(config-svlan)#vfp <interface-name> session<session-id> invlan <vlan-id> in type ipv4 name<acl-name> rule <rule-id> ovlan <vlan-id>[priority {<0-7>|
mapping}]
Configures the VFP, matches
the inner VLAN ID, and adds
the outer VLAN ID to packets
for the specified rule.
ZXR10(config)#ipv4-access-list <acl-name><vlan-id>3
ZXR10(config-ipv4-acl)#rule <rule-id> per <ip-address>Configures a VFP rule.
4 ZXR10(config-svlan)#vfp<interface-name>
session<session-id> type <ipv4|link|ipv4-mixed|ipv6 |link >description <str>
Configures descriptions of a
VFP session.
To configure the traffic statistics function for the SVLAN VFP on the ZXR10 5900E, performthe following steps:
10-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
Steps Command Function
1 ZXR10(config)#svlan-configuration Enters SVLAN configuration
mode.
2 ZXR10(config-svlan)#vfp-statics <interface name>
session <session-id> type <ipv4 | link | ipv4-mixed | ipv6|link ><enable|disable>
Starts session statistics for
the VFP.
3 ZXR10#clear vfp statistics <interface name> session<session-id> type <ipv4 | link | ipv4-mixed | ipv6 | link >
Clears session statistics for
the VFP.
To configure the enhanced VFP of an SVLAN on the ZXR10 5900E, perform the followingsteps:
Steps Command Function
1 ZXR10(config)#svlan-configuration Enters SVLAN configuration
mode.
2 ZXR10(config-svlan)#vfp-extra <interface-name>
session <session-id> enhanced ingress-invlan <vlan-id>
ingress-outvlan <vlan-id> in type ipv4 name <acl-name>rule <rule-id> egress-outvlan <vlan-id> egress-invlan<vlan-id>
Configures the enhanced
VFP. For the packets whose
inner VLAN is 100, outer
VLAN is 200, type is IPv4 and
match rule1, the inner VLAN
is modified to 300, and the
outer VLAN is modified to
400.
ZXR10(config)#ipv4-access-list <acl-name>3
ZXR10(config-ipv4-acl)#rule <rule-id> per <ip-address>Configures a VFP rule.
4 ZXR10(config-svlan)#vfp-extra <interface-name>
session<session-id> type <ipv4|link|ipv4-mixed|ipv6 |link >description <str>
Configures descriptions of an
enhanced VFP session.
To configure the traffic statistics function for the enhanced SVLAN VFP on the ZXR105900E, perform the following steps:
Steps Command Function
1 ZXR10(config)#svlan-configuration Enters SVLAN configuration
mode.
2 ZXR10(config-svlan)#vfpextra-statics <interface name>
session <session-id> type <ipv4 | link | ipv4-mixed | ipv6 |link ><enable | disable>
Starts session statistics for
the enhanced VFP.
3 ZXR10#clear vfp statistics <interface name> session<session-id> type <ipv4 | link | ipv4-mixed | ipv6 | link >
Clears session statistics for
the enhanced VFP.
To configure the SVLAN IFP on the ZXR10 5900E, perform the following steps:
10-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
1 ZXR10(config)#svlan-configuration Enters SVLAN configuration
mode.
2 ZXR10(config-svlan)#vlan-qinq session-no <session-id>
customer-port <interface-name> uplink-port<interface-name> in-vlan <vlan-id> ovlan <vlan-id>
Configures the IFP, matches
the inner VLAN ID, and adds
the outer VLAN ID to packets
for the specified rule.
3 ZXR10(config-svlan)#vlan-qinq session-no<session-id>
description <str>
Configures descriptions of an
IFP session.
Except the function of untag to single tag, the other SVLAN functions of the VFP and IFPare the same. It is recommended that you use the SVLAN of VFP and meanwhile do notconfigure two SVLANs with the same function provided by VFP and IFP.
SVLAN consists of IFP and VFP. VFP consists of common VFP and enhanced VFP. Forenhanced VFP, the downlink port cannot be set to a customer port. To enable the SVLAN,VLAN translation and ACL function on the same port, it is necessary to set the SVLANfunction of the port to enhanced VFP.
When the same function can be accomplished by common VFP and enhanced VFP, it isrecommended that users use enhanced VFP. It is not recommended that users configurecommon VFP and enhanced VFP on the same port.
10.3 Maintaining an SVLANTo maintain the SVLAN function on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show vfp-entry shelf<shelf-id>slot<line-card> Displays the usage of VFP entries
on a line card.
ZXR10#show vfp-config <interface name> type <acl type> Displays the VFP configuration
information on an interface.
ZXR10#show vfp statistics <interface name>session<session-id><acl-type>
Displays traffic statistics of the
VFP.
ZXR10#show running-config<pm-svlan> Displays the configuration
information about the VFP and
IFP.
ZXR10#show vlan-qinq [all | brief] Displays the configuration
information about VLAN QinQ.
The following is sample output from the show vfp-entry command:
ZXR10(config)#show vfp-entrys shelf 0 slot 3
===============================================================
10-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
===============================================================
shelf : shelf number
phySlot : linecard Physical number
unitSum : unit sum in linecard
unit0 : unit 0 all entrys Number in VFP
unit1 : unit 1 all entrys Number in VFP
freeUnit0 : unit 0 free entrys Number in VFP
freeUnit1 : unit 1 free entrys Number in VFP
================================================================
==============================================================
shelf phySlot unitSum unit0 unit1 freeUnit0 freeUnit1
================================================================
0 3 1 2048 0 1991 0
----------------------------------------------------------------
Field descriptions are as follows:
Field Description
shelf Shelf number.
phySlot Indicates the ID of a line card.
unitSum Indicates the number of chips on a line card.
unit0 Indicates the number of entries used by chip 0.
unit1 Indicates the number of entries used by chip 1.
FreeUnit0 Indicates the number of free entries for chip 0.
FreeUnit1 Indicates the number of free entries for chip 1.
The following is sample output from the show vfp-config command:
ZXR10(config-svlan)#show vfp-config gei-0/1/1/1 type ipv4
vfp gei-0/1/1/1 session 1 invlan 10 in type ipv4 name ipv4acl rule 1 ovlan 100
The following is sample output from the show vfp statistics gei-0/1/1/1 session 1 type ipv4command:
ZXR10#show vfp statistics gei-0/1/1/1 session 1 type ipv4
session 1 statistics:
120s input rate : 1693971851Bps 13234155Pps
StreamCounters(update interval 10s)
In_Bytes 203276622080 In_Packets 1588098610
Field descriptions are as follows:
Field Description
120s input rate Number of bytes per 120 seconds, and number of packets
per 120 seconds.
10-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Field Description
In_Bytes Number of bytes received per 10 seconds.
In_Packets Number of packets received per 10 seconds.
The following is sample output from the show running-config pm-svlan command:
ZXR10(config-svlan)#show running-config pm-svlan
!<SVLAN>
svlan-configuration
vfp gei-0/1/1/1 session 1 invlan 10 in type ipv4 name ipv4acl rule 1 ovlan 100
vlan-qinq session-no 1 customer-port gei-0/1/1/2 uplink-port gei-0/1/1/4 in-vlan
200 ovlan 400
$
!</SVLAN>
The following is sample output from the show vlan-qinq brief command:
ZXR10(config-svlan)#show vlan-qinq brief
Count:1
Free Count:3999
Sess Customer Uplink Redirect Hvlan Ovlan Invlan
1 gei-0/1/1/2 gei-0/1/1/4 400 200
Field descriptions are as follows:
Field Description
Count Number of IFP sessions that have been configured.
Free Count Number of left sessions that can be configured.
Sess Serial number of a session.
Customer Customer port.
Uplink Uplink port or SmartGroup number
Redirect Redirection.
Hvlan ID of the VLAN that can be transmitted to the network
management system transparently.
Ovlan Outer VLAN ID
Invlan Inner VLAN ID, such as 1–100, 200, or 300. The value untagmeans packets without tags.
10.4 SVLAN Configuration ExampleA same customer interface supports multiple different outer tags and packets transparentlytransmitted. The specific configuration requirements are as follows:
10-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
1. The packet with the tag of 10 received from customer interface gei-0/1/1/1 will be addedwith inner and outer tags (inner tag: 10; outer tag: 997) on the ZXR10 5900Eand thenforwarded through uplink interface gei-0/1/1/2.
2. The packet with the tag of 11 received from customer interface gei-0/1/1/1 will be addedwith inner and outer tags (inner tag: 11; outer tag: 998) on the ZXR10 5900E and thenforwarded through uplink interface gei-0/1/1/2.
3. The packet with the tag of 999 received from customer interface gei-0/1/1/1 will betransparently transmitted through uplink interface gei-0/1/1/2.
Figure 10-8 SVLAN Configuration Example
If the traditional method of SVLAN configuration is used, the command output is shownbelow:
SVLAN configuration on the ZXR10 5900E:
ZXR10(config-svlan)#vlan-qinq session-no 1 customer-port gei-0/1/1/1 uplink-port
gei-0/1/1/2 in-vlan 10 ovlan 997
ZXR10(config-svlan)#vlan-qinq session-no 2 customer-port gei-0/1/1/1 uplink-port
gei-0/1/1/2 in-vlan 11 ovlan 998
ZXR10(config-svlan)#vlan-qinq session-no 3 customer-port gei-0/1/1/1 uplink-port
gei-0/1/1/2 in-vlan 999 untag helper-vlan 4094
SVLAN interface configuration on the ZXR10 5900E:
ZXR10(config)#interface gei-0/1/1/1
ZXR10(config-if)#no shutdown
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/1/1
ZXR10(config-swvlan-intf)#switchport qinq customer
ZXR10(config-swvlan-intf)#switchport mode hybrid
10-15
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
ZXR10(config-swvlan-intf)#switchport hybrid vlan 999 tag
ZXR10(config-swvlan-intf)#switchport hybrid vlan 997-998 untag
ZXR10(config)#interface gei-0/1/1/2
ZXR10(config-if)#no shutdown
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/1/2
ZXR10(config-swvlan-intf)#switchport mode hybrid
ZXR10(config-swvlan-intf)#switchport hybrid vlan 997-998 tag
ZXR10(config-swvlan-intf)#switchport hybrid vlan 999 tag
ZXR10(config-swvlan-intf)#switchport hybrid vlan 4094 untag
ZXR10(config-swvlan-intf)#switchport qinq uplink
If the configuration requirements are changed as follows:
1. The packet with the tag of 10 and the source IP address of 192.168.0.1 received fromcustomer interface gei-0/1/1/1 will be added with inner and outer tags (inner tag: 10;outer tag: 997) on the ZXR10 5900E and then forwarded through uplink interfacegei-0/1/1/2.
2. The packet with the tag of 10 and the source IP address of 192.168.0.2 received fromcustomer interface gei-0/1/1/1 will be added with inner and outer tags (inner tag: 10;outer tag: 998) on the ZXR10 5900E and then forwarded through uplink interfacegei-0/1/1/2.
3. The packet with the tag of 11 received from customer interface gei-0/1/1/1 will be addedwith inner and outer tags (inner tag: 11; outer tag: 998) on the ZXR10 5900E and thenforwarded through uplink interface gei-0/1/1/2.
4. The packet with the tag of 999 received from customer interface gei-0/1/1/1 will betransparently transmitted through uplink interface gei-0/1/1/2.
In this case, the method of SVLAN configuration based on VFP is used. The commandoutput is shown below:
SVLAN configuration on the ZXR10 5900E:
ZXR10(config)#svlan-configuration
ZXR10(config-svlan)#vfp gei-0/1/1/1 session 1 invlan 10 in type ipv4
name ipv4acl rule 1 ovlan 997
ZXR10(config-svlan)#vfp gei-0/1/1/1 session 2 invlan 10 in type ipv4
name ipv4acl rule 2 ovlan 998
ZXR10(config-svlan)#vfp gei-0/1/1/1 session 3 invlan 11 in type ipv4
name ipv4acl rule 3 ovlan 998
ZXR10(config-svlan)#vfp gei-0/1/1/1 session 4 invlan 999 in type ipv4
name ipv4acl rule 3 untag
ZXR10(config)#ipv4-access-list ipv4 acl
ZXR10(config-ipv4-acl)#rule 1 permit 192.168.0.1 0.0.0.0
ZXR10(config-ipv4-acl)#rule 2 permit 192.168.0.2 0.0.0.0
ZXR10(config-ipv4-acl)#rule 3 permit any
SVLAN interface configuration on the ZXR10 5900E:
10-16
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 10 SVLAN Configuration
ZXR10(config)#interface gei-0/1/1/1
ZXR10(config-if)#no shutdown
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/1/1
ZXR10(config-swvlan-intf)#switchport mode hybrid
ZXR10(config-swvlan-intf)#switchport hybrid vlan 999 tag
ZXR10(config-swvlan-intf)#switchport hybrid vlan 997-998 untag
ZXR10(config-swvlan-intf)#switchport qinq customer
ZXR10(config)#interface gei-0/1/1/2
ZXR10(config-if)#no shutdown
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/1/2
ZXR10(config-swvlan-intf)#switchport mode hybrid
ZXR10(config-swvlan-intf)#switchport hybrid vlan 997-998 tag
ZXR10(config-swvlan-intf)#switchport hybrid vlan 999 tag
10-17
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
10-18
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11ZESR ConfigurationTable of Contents
ZESR Overview........................................................................................................11-1Configuring a ZESR .................................................................................................11-6Maintaining a ZESR .................................................................................................11-9ZESR Configuration Example................................................................................. 11-11
11.1 ZESR OverviewIntroduction to ZESRThe ZTE Ethernet switch ring (ZESR) is an Ethernet ring technology based on the EAPS(RFC3619) protocol. It allows the network administrator to create an Ethernet ring network,which is similar to the fiber distributed data interface (FDDI) or SONET or SDH ring in termsof network scheme. The ZESR can recover the system from any link or node fault within50 ms.
As shown in Figure 11-1, S1 functions as a primary node and other switches functionas transport nodes. For the two interfaces on the primary node, one functions as themaster interface and the other functions as the slave interface. During initialization, theslave interface is blocked to avoid a loop. When a transport node detects that any of itsconnected links is faulty, it sends a message to the primary node, notifying that the link isbroken. After receiving the message, the primary node clears the bridging table, enablesthe slave interface, and sends control frames to the transport nodes, notifying them to cleartheir own bridging tables. After that, the process of MAC address learning restarts in thecommon mode.
Figure 11-1 ZESR Single-Ring Network Topology
11-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
ZESR PrincipleIn the case of a complete ZESR loop (the state of all links is up), the state of the ZESRprotocol is COMPLETE. If a fault occurs in the loop, the state of the ZESR protocol isFAILED. Therefore, the link state of a loop determines the state of the ZESR protocol.When the link state changes, the ZESR protocol performs link switching.
Fault detection mechanism of ZESR link: Its key mechanism is link-down. The Hellotimeout mechanism is not the default detection mechanism but it can be used afterconfiguration. As shown in Figure 11-2, when the interface between S3 and S4 is down,S3 and S4 send link-down frames every 1s to the primary node S1 after detecting thefault. After receiving the link-down frame, the S1 knows that a fault occurs on the link.
Figure 11-2 Loop Fault in ZESR Single-Ring Network
Meanwhile, the link-hello mechanism of ZESR can be configured as an assistant meansto detect the link state between two adjacent nodes. To be specific, it helps to detect thelink faults including monologue, deterioration, and cross transport device. The link-hellopackets are sent mutually at intervals between two adjacent nodes. If one node doesnot receive the link-hello frame from the other node within the specified time, the nodeconsiders that the link is faulty. In this case, the node sends link-down frames every 1s tothe primary node, notifying the link fault.
In the case of ZESR switching, the system performs operations on the interfaces andinstances protected by the domain. The instances described here are the same as thoseof the STP. The ZESR uses the control VLAN as the unique ID of a domain and meanwhileas the tag of a frame. To make full use of link bandwidth, multiple ZESR domains can beconfigured on a same ring.
l ZESR Single-Ring Principle
11-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
Figure 11-3 ZESR Single-Ring Network Topology
Figure 11-4 Loop Fault of ZESR Single-Ring
1. Fault troubleshooting in a single-ring network
When detecting a link fault, the node on the ring blocks the interface connected tothe faulty link and then sends a link-down frame to the primary node, notifyingthat the link is faulty. After receiving the link-down frame or detecting that alink connected with the primary node is faulty, the primary node performs linkswitching. To be specific, it enables the standby link (the link fault does not occuron the standby link), clears the bridge table, and sends a down-flush frame tothe transport node, notifying that link switching is performed on the ring. Afterreceiving the down-flush frame, the transport node clears the bridge table. If thelink connected to the slave interface on the primary node is faulty, the primary nodechanges the ring state to FAILED and does not perform any other operation. Asshown in Figure 11-4, when the link between S3 and S4 is faulty, S3 and S4 blockthe faulty interfaces respectively and send link-down frames to S1 at intervals.After receiving the link-down frame, S1 enables the slave interface and sends adown-flush frame from both the master and slave interfaces. After receiving thedown-flush frame, S2, S3, and S4 clear their own bridge table and learn MACaddresses again.
2. Fault restoring in a single-ring network
When detecting that a link recovers, the node on the ring stops sending link-downframes. If the primary node does not receive the link-down frame within the
11-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
timeout time (8s), it considers that the link recovers. In this case, the primarynode blocks the slave interface (if the fault occurs on the link connected to themaster interface on the primary node, the master interface must be enabled),clears the bridge table of the slave interface, and sends an up-flush frame to thetransport node, notifying that the link recovers on the ring. After receiving theup-flush frame, the transport node unblocks the interface and clears the bridgetable. When the loop changes fromFigure 11-4 to Figure 11-3, the link betweenS3 and S4 recovers. In this case, S3 and S4 stop sending link-down frames. Ifthe primary node S1 does not receive the link-down frame within the timeout time,it considers that the link recovers. To be specific, S1 blocks the slave interface,clears the bridge table, and sends an up-flush frame from both the master andslave interfaces. After receiving the up-flush frame, S2, S3, and S4 unblock theinterface and clear their own bridge table.
l ZESR Multi-Ring Principle
Figure 11-5 shows the ZESR multi-ring network topology.
Figure 11-5 ZESR Multi-Ring Network Topology
S1, S2, S3, and S4 form a master ring. S1 acts as the primary node, and S3, S4, S5and S6 act as a slave ring with the level and segment of 1. S5 acts as the primarynode, S3 and S4 acts as edge assistant nodes. In addition, S3, S4, S6, and S7 forma slave ring with the level of 2 and the segment of 1. S3 acts as an edge assistantnode, S4 acts as an edge control node. For a slave ring configured with an edgecontrol node, the functions of this node are similar to those of the primary node. Thestate of the slave ring is determined by the edge control node after calculation. Duringconfiguration for a domain on the slave ring, either of the primary node or the edgecontrol node is deployed. When the state of a slave ring is COMPLETE, the interfaceof the edge control node is blocked.
11-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
Fault troubleshooting and recovery for a master ring: In the ZESR multi-ring networktopology, the fault troubleshooting and recovery for the master ring with the leveland segment of 0 are the same as those in the ZESR single-ring network topology(described in the section "ZESR Single-Ring Principle"). The fault troubleshootingand recovery do not affect the state of the slave ring.
Fault troubleshooting and recovery for a slave ring: When detecting a link fault, thenode on the slave ring blocks the interface connected with the faulty link and thensends a link-down frame to the primary node (or the edge control node) and the edgeassistance node at intervals. After receiving the link-down frame, the primary node(or the edge control node) enables the slave interface (or the access interface on theedge control node) and meanwhile sends a down-flush frame (in the case of the edgecontrol node, it sends a down-flush frame to the two interfaces at the primary level).After receiving the down-flush frame, the transport node and the edge assistance nodeon the slave ring clear their own bridge table. If the state of the edge assistance nodeis COMPLETE, the access interface is also used to send a down-flush frame to the twointerfaces at the primary level. When the transport node at the upper layer receivesthe down-flush frame from the ring at a lower layer, it clears the bridge table on thering interface. In some cases, protocol frames are not processed no matter it is asingle-ring network or a multi-ring network.
à When the state of the master node or the edge control node is FAILED, it takesno actions while receiving the link-down frame from the same layer.
à When the state of the transport node or the edge assistance node is FAILED, ittakes no actions while receiving the down-flush frame from the same layer.
à When the state of the transport node or the edge assistance node is COMPLETE,it takes no actions while receiving the up-flush frame from the current layer.
Fault troubleshoot and recovery for a slave ring: When detecting that a link recovers,the node on the slave ring stops sending link-down frames. If the primary node (orthe edge control node) does not receive the link-down frame within the timeout time,it considers that the link recovers. In this case, the primary node blocks the slaveinterface (or, the edge control node blocks the access interface), clears the bridgetable on the slave interface (or access interface on the edge control node), and thensends an up-flush frame to both the master and slave interfaces (access interfaceand the two interfaces at the upper layer in the case of the edge control node). Afterreceiving the up-flush frame, the transport node or the edge assistance node on theslave ring unblocks the interface and clears the bridge table of the ring interface. Afterreceiving the up-flush frame, the transport node at the upper layer clears the bridgetable.
l Relations Between ZESR and STP
Both the ZESR and the STP implement data forwarding and blocking by configuringthe status of an STP instance on the interface. Therefore, the ZESR and the STPare mutually exclusive based on interface + instance. That is, an interface instancemanaged by ZESR will not be calculated by the STP. However, its STP state will be
11-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
calculated by the ZESR. The protection instance used by the ZESR is configuredbased on the STP protocol. Therefore, when the ZESR protocol is used, a protectioninstance can take effect only after the STP is enabled globally. Except the interfaceinstances managed by the ZESR, the STP state of other interface instances ismanaged by the STP protocol, which avoids a loop.
11.2 Configuring a ZESRTo configure a ZESR on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#zesr Enters ZESR configuration
mode.
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094>
protect-instance <0-64>Configures the protection
instance of a ZESR domain.
Use the no zesr ctrl-vlan
<1-4094> protect-instance
command to delete the
protection instance.
2
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> snooping
vpls {enable | disable}
Enables associating ZESR
with VPLS. If the function
is enabled, when the node
receives flush packets, it
notifies the VPLS to recalculate
links. By default, the function
is disabled.
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> major-level
role {master | transit}<port1><port2>
Configures the role and
interface for a ZESR node
on the master ring. Use the
no zesr ctrl-vlan <1-4094>
major-level command to delete
the configuration.
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> level <1-2>seg <1-4> role {master | transit}<port1><port2>
Configures the role and
interface for a ZESR node on
the slave ring. Use the no zesr
ctrl-vlan <1-4094> level <1-2>seg <1-4> command to delete
the configuration.
3
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> level <1-2>seg <1-4> role {edge-control | edge-assistant}<port1>
Configures the role and
interface for a ZESR node at
the access layer. Use the no
zesr ctrl-vlan <1-4094> level
11-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
Step Command Function
<1-2> seg <1-4> command to
delete the configuration.
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094>major-levelpreforward <9-600>[preup <0-500>]
Configures the preforward
and preup time of the master
ring. The preup time can be
configured only on the primary
node.
4
ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> level <1-2>seg <1-4> preforward <9-600>[preup <0-500>]
Configures the preforward
and preup time of the slave
ring. The preup time can be
configured only on the primary
node or the edge control node.
ZXR10(config-zesr)#zesr restart-time <120-600> Configures the ZESR restart
time, default: 120 seconds.
ZXR10(config-zesr)#zesr port-detect {normal | fast} Configures the detection mode
of a ZESR interface, default:
normal.
ZXR10(config-zesr)#zesr protocol-mac {normal | special} Configures the ZESR MAC
mode. The special mode is
for the compatibility with the
ZESR protocol on medium-end
switches. The default mode is
normal.
ZXR10(config-zesr)#zesr link-degrade <smartgroupxx>{n
ormal | special count <1-8>}Configures the link-degradeproperty of a ZESR interface
(SmartGroup interface only),
default: normal.
5
ZXR10(config-zesr)#zesr link-hello <gei-xx>{normal |
special}
Enables or disables the
link-hello function of a
ZESR interface (physical
interface only). To enable
this function, configure the
property to special. The
default configuration is normal(disabled).
ZXR10#clear zess-switchtimes domain {all |<1-16>}
ZXR10#clear zesr-switchtimes ctrl-vlan <1-4094> all
ZXR10#clear zesr-switchtimes ctrl-vlan <1-4094> major
6
ZXR10#clear zesr-switchtimes ctrl-vlan <1-4094> level<1-2> seg <1-4>
Clears the statistics on ZESR
switching times.
11-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
For the above ZESR commands, the parameter names are the same. Therefore, theseparameters will not be described repeatedly in the following tables. The ZESR uses controlVLAN as the unique ID of a domain.
A description of the parameters in Step 2 is as follows:
Parameter Description
ctrl-vlan <1-4094> Indicates the control VLAN of a specified ZESR domain.
protect-instance <0-64> Configures the protection instance of a domain, which is the
same as the STP instance in terms of parameter value.
snooping vpls {enable | disable} Enables or disables associating ZESR with VPLS.
A description of the parameters in Step 3 is as follows:
Parameter Description
major-level Configures the master ring of ZESR.
role {master | transit} Configures the role of a ZESR node, that is, primary node
or transport node.
level <1-2> seg <1-4> Configures the level and segment of the ZESR slave ring.
role {edge-control | edge-assistant} Configures the role of a ZESR access node.
<port1><port2> Configures the primary and secondary interfaces of ZESR.
A description of the parameters in Step 4 is as follows:
Parameter Description
preforward <9-600>[preup <0-500> Configures the preforward and preup time of a ZESR node.
The preup time is optional and can be configured only on the
primary node or the edge control node.
A description of the parameters in Step 6 is as follows:
Parameter Description
zesr-switchtimes all Clears the statistics on switching times of all ZESR domains.
ctrl-vlan <1-4094> all Clears the statistics on switching times of all the levels and
segments for a specified ZESR domain.
ctrl-vlan <1-4094> major Clears the statistics on switching times of the master ring
for a specified ZESR domain.
ctrl-vlan <1-4094> level<1-2> seg<1-4>
Clears the statistics on switching times of a specified level
and segment of the slave ring for a specified ZESR domain.
11-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
Note:
The control VLAN of ZESR is special. It can be used only by the ZESR. In addition tothe control VLAN trunked on a ring interface, other interfaces cannot use this VLAN. AZESR ring interface cannot work in the QinQ mode. In addition, to improve switchingperformance, the detection mode of a ZESR interface must be configured to fast and thefunction of broadcast and unicast suppression must be configured for all the ring interfacesand traffic interfaces.
ZESR can be associated with VPLS for only boundary nodes at the access layer.
11.3 Maintaining a ZESRTo maintain the ZESR function on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show zesr brief Displays brief information about all
domains of ZESR.
ZXR10#show zesr ctrl-vlan <1-4094> Displays detailed information
about a specified domain of ZESR.
ZXR10#show zesr port-mode [<port>] Displays property configuration of
a ZESR interface.
Parameter descriptions:
Parameter Description
brief Displays brief information about all domains of ZESR.
ctrl-vlan <1-4094> Displays detailed information about a specified domain of
ZESR.
port-mode [<port>] Displays property configuration of a ZESR interface. <port>
is an optional parameter. If it is not specified, the system
shows property configuration of all ZESR interfaces.
The following is sample output from the show zesr brief command:
ZXR10(config)#show zesr brief
ctrl-vlan: 100 protectinstance: 1
level seg role port port level-state switch-times
major transit smartgroup1(P) gei-0/1/1/6(S) down 1
ctrl-vlan: 200 protectinstance: 2
11-9
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
restarttime: 120(s)
port detect: fast
protocol mac: normal
Field descriptions are as follows:
Field Description
ctrl-vlan Control VLAN of a domain.
protectinstance Protection instance of a domain.
level, seg Level and segment of a domain. For a main ring, the level is
output as major and the segment is not output.
role Role of a ZESR node.
port Interface of a ZESR domain.
level-state State at the current level of a ZESR domain.
switch-times Statistics on switching times at the current level of a ZESR
domain.
restarttime Restart time at the current level of a ZESR domain.
port detect Detection mode of a ZESR interface.
protocol mac MAC mode used by ZESR.
The following is sample output from the show zesr ctrl-vlan <1-4094> command:
ZXR10(config)#show zesr ctrl-vlan 100
ctrl-vlan: 100 protectinstance: 1
level: major
state: down
role: transit
port: smartgroup1(P) portstate: block
port: gei-0/1/1/6(S) portstate: block
preforward: 20(s)
switch-times: 1
Field descriptions are as follows:
Field Description
portstate Interface state. block indicates that the interface is blocked
and forward indicates that the interface is enabled.
The following is sample output from the port-mode [<port>] command:
ZXR10(config-if)#show zesr port-mode
Interface Link-hello Link-degrade Count
----------------------------------------------------
gei-0/1/1/2 normal N/A N/A
gei-0/1/1/6 normal N/A N/A
11-10
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
gei-0/1/1/4 normal N/A N/A
Field descriptions are as follows:
Field Description
Link-hello A property provided in the configuration by using the
Link-hello command of ZESR.
Link-degrade A property provided in the configuration by using the
Link-degrade command of ZESR.
Count A property provided in the configuration by using the Count
command of ZESR.
11.4 ZESR Configuration ExampleThe ZESR configuration includes the STP instance, control VLAN trunked on an interface,and interface properties. Therefore, this section provides an example for configuring theSTP, interface VLAN, and other parameters.
Configure instance 1with the VLAN ranging from 1 to 1000. The detailed STP configurationis shown below.
ZXR10(config)#spantree
ZXR10(config-stp)#enable
ZXR10(config-stp)#mst vlans 1-1000 instance 1
If VLAN 4001 is used as the control VLAN of a ZESR domain and instance 1 is used asthe protection instance, the ZESR interface must trunk the control VLAN and the VLANcontained in the protection instance. The detailed configuration is shown below.
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/0/1
ZXR10(config-swvlan-intf)#switchport mode trunk
ZXR10(config-swvlan-intf)#switchport trunk vlan 4001,1-1000
Configure the broadcast and unknown unicast suppression properties of an instanceinterface:
ZXR10(config)#switchvlan-configuration
ZXR10(config-swvlan)#interface gei-0/1/0/1
ZXR10(config-swvlan-intf)#switchport mode trunk
ZXR10(config-swvlan-intf)#switchport trunk vlan 4001,1-1000
The above configurations are used as pre-configuration requirements of subsequentconfiguration examples and will not be described again.
11-11
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
11.4.1 Configuring Basic Single-Ring ZESR
Configuration DescriptionFigure 11-6 shows a network topology with the ZESR single ring. In the network, S1acts as the primary ZESR node, and S2, S3, and S4 act as ZESR transport nodes. It isrecommended that users configure the master node and edge control nodes before othertypes of nodes are configured.
Figure 11-6 ZESR Single-Ring Network Topology
Configuration Thought1. Enter the ZESR config mode and configure the control VLAN and protection instance
of the ZESR domain.2. Configure the level, segment, role, and interface of the ZESR node.3. If there are other functional requirements, configure the ZESR properties further.
Configuration CommandsThe configuration of S1:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role master gei-0/1/1/1 gei-0/1/1/2
The configuration of S2:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role transit gei-0/1/1/1 gei-0/1/1/2
The configuration of S3 and S4 is similar to that of S2 and therefore will not be describedagain.
Configuration VerificationThe configuration result on S1:
ZXR10(config)#show zesr ctrl-vlan 4001
11-12
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
ctrl-vlan: 4001 protectinstance: 1
level: major
state: up
role: master
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: block
hello: 1(s) fail: 3(s)
preforward: 20(s) preup: 2(s)
switch-times: 1
The configuration result on S2:
ZXR10(config)#show zesr ctrl-vlan 4001
ctrl-vlan: 4001 protectinstance: 1
level: major
state: up
role: transit
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: forward
preforward: 20(s)
switch-times: 1
11.4.2 Configuring Basic Single-Ring ZESR
Configuration DescriptionFigure 11-7 shows a network topology with multiple rings. S1, S2, S3, and S4 form amaster ring. S1 acts as the primary node, and S2, S3, and S4 act as transport nodes.To be specific, S3, S4, and S5 form a slave ring with the level and segment of 1. S3acts as an edge assistant node, S4 acts as an edge control node, and S5 acts as atransport node. The master ring configuration for S1 and S2 is the same as the single-ringconfiguration described in section Configuring Basic Single-Ring ZESR. Therefore, thissection describes only an example of master and slave ring configuration for S3, S4, andS5.
11-13
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 11-7 Multi-Ring ZESR Network Topology
Configuration Thought1. Enter the ZESR config mode and configure the control VLAN and protection instance
of the ZESR domain.2. Configure the level, segment, role, and interface of the ZESR node.3. If there are other functional requirements, configure the ZESR properties further.
Configuration CommandsThe configuration of S3:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
/*master ring configuration*/
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role
transit gei-0/1/1/1 gei-0/1/1/2
/*slave ring configuration*/
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role
edge-assistant gei-0/1/1/3
The configuration of S4:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
/*master ring configuration*/
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role
transit gei-0/1/1/1 gei-0/1/1/2
/*slave ring configuration*/
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role
edge-control gei-0/1/1/3
11-14
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 11 ZESR Configuration
The configuration of S5:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role
transit gei-0/1/1/1 gei-0/1/1/2
Configuration VerificationThe configuration result on S4:
ZXR10(config)#show zesr ctrl-vlan 4001
ctrl-vlan: 4001 protectinstance: 1 snoop-vpls:disable
level: major
state: up
role: transit
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: forward
preforward: 20(s)
switch-times: 1
level: 1 seg: 1
state: up
role: edge-control
port: gei-0/1/1/3 portstate: block
preforward: 20(s) preup: 2(s)
switch-times: 1
The configuration result on S3:
ZXR10(config)#show zesr ctrl-vlan 4001
ctrl-vlan: 4001 protectinstance: 1 snoop-vpls:disable
level: major
state: up
role: transit
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: forward
preforward: 20(s)
switch-times: 1
level: 1 seg: 1
state: up
role: edge-assistant
port: gei-0/1/1/3 portstate: forward
preforward: 20(s)
switch-times: 1
11-15
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
11-16
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 12ZESS ConfigurationTable of Contents
ZESS Overview........................................................................................................12-1Configuring ZESS ....................................................................................................12-2ZESS Maintenance ..................................................................................................12-4ZESS Configuration Example ...................................................................................12-5
12.1 ZESS OverviewIntroduction to ZESSThe ZTE Smart Switch (ZESS) is an Ethernet smart switching technology. As shown inFigure 12-1, node 1 supports the ZESS function, interface 1 acts as the master interface,and interface 2 acts as a slave interface. When detecting that the master and slaveinterfaces are both up, node 1 blocks the data forwarding function on the slave interface.When detecting that the master interface is down, node 1 blocks the master interface andenables the slave interface. When detecting that the master interface recovers, node1 determines whether to enable the master interface and re-block the slave interfaceaccording to the configured ZESS mode. When performing link switching, the ZESS mustupdate the bridge table of the blocked interface.
Figure 12-1 ZESS Network Topology
ZESS PrincipleThe ZESS uses a backup link to transmit data when the active link is faulty, which protectsnetwork connectivity. In addition, the ZESS uses a protection instance to protect the datatransmitted over network. The instance used by the ZESS is the same as that used by theSTP.
12-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
When both of the active and standby links work normally, the ZESS blocks the standby linkand forwards data by using the active link. When the active link is faulty, the ZESS blocksthe active link and forwards data by using the standby link, andmeanwhile clears the bridgetable of the active link. When the active link recovers, the ZESS perform operations baseson the configured mode (revertive or non-revertive). In the revertive mode, the ZESSblocks the standby link, enables the active link, and meanwhile clears the bridge table ofthe standby link. In the non-revertive mode, the ZESS does not perform active/standbyswitching.
Both the ZESS and the STP implement data forwarding and blocking by configuringthe status of an STP instance on the interface. Therefore, the ZESS and the STP aremutually exclusive based on interface + instance. That is, an interface instance managedby ZESS will not be calculated by the STP. However, its STP state will be calculated bythe ZESS. The protection instance used by the ZESS is configured based on the STPprotocol. Therefore, when the ZESS protocol is used, a protection instance can takeeffect only after the STP is enabled globally. Except the interface instances managed bythe ZESS, the STP state of other interface instances is managed by the STP protocol,which avoids a loop.
12.2 Configuring ZESSOn the ZXR10 5900E, use the following commands to configure the ZESS.
Step Command Function
1 ZXR10(config)#zess This enters the ZESS config
mode.
2 ZXR10(config-zess)#zess domain <1-16>
protect-instance <0-64>This configures the protection
instance of a ZESS domain.
The no zess domain <1-16>
command can be used to clear
configuration.
ZXR10(config-zess)#zess domain <1-16> memberprimary <port1> secondary <port2>
This configures the interface
of a ZESS domain. The no
zess domain <1-16>membercommand can be used to clear
configuration.
ZXR10(config-zess)#zess domain <1-16> mode <revertive| non-revertive>
This configures the ZESS
revertive mode. The default
value is revertive.
3
ZXR10(config-zess)#zess domain <1-16> preup <1-900> This configures the preup time
of ZESS. The default value is
2s
12-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 12 ZESS Configuration
Step Command Function
4 ZXR10(config-zess)#zess port-detect {normal | fast} This configures the detection
mode of a ZESS interface. The
default value is normal.
ZXR10#clear zess-switchtimes domain all This clears the statistics on
switching times of all ZESS
domains.
5
ZXR10#clear zess-switchtimes domain <1-16> This clears the statistics on
switching times of a specified
ZESS domain.
For the above ZESS commands, the parameter names are the same. Therefore, theseparameters will not be described repeatedly in the following tables. The ZESS uses domainID as the unique ID of a domain.
The command parameters in step 2 are described as follows.
Parameter Description
domain<1-16> Configures the ID of a ZESS domain.
protect-instance <0-64> Configures the protection instance of a domain, which is the same
as the STP instance in terms of parameter value.
The command parameters in step 3 are described as follows.
Parameter Description
member primary <port1> Configures the primary interface of a ZESR domain.
secondary <port2> Configures the secondary interface of a ZESR domain.
mode <revertive | non-revertive> Configures the revertive mode of a ZESS domain. The available
options are revertive and non-revertive. The default value isrevertive.
preup <1-900> Configures the preup time of a ZESS domain. The value of this
parameter ranges from 1s to 900s. The default value is 2s.
The command parameters in step 4 are described as follows.
Parameter Description
port-detect {normal | fast} Configures the detection mode of a ZESS interface. The available
options are normal and fast. The default value is normal.
12-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Caution!
To improve the switching performance of ZESS, the detection mode of a ZESS interfacemust be configured to fast. In addition, the properties of broadcast and unicastsuppression must be configured for the ZESS interface and the peer interface of the link.In addition, the STP function must be disabled for the peer interface of the ZESS link.Otherwise, data forwarding will be affected during switching.
12.3 ZESS MaintenanceOn the ZXR10 5900E, use the following commands to maintain the ZESS.
Command Function
ZXR10#show zess brief This shows brief information about
all domains of ZESS.
ZXR10#show zess domain [<1-16>] This shows detailed information
about a specified domain of ZESS.
The parameters in the above command are described as follows.
Parameter Description
brief Shows brief information about all domains of ZESS.
domain [<1-16>] Shows detailed information about a specified domain of ZESS.
An example of the show zess brief command output is shown below.
ZXR10(config)#show zess brief
Domain Instance Pri_Port Sec_Port Mode State Chang-time
-------------------------------------------------------------------------------
1 2 smartgroup1 gei-0/1/1/6 revertive down 0
An example of the show zess domain 1 command output is shown below.
ZXR10(config)#show zess domain 1
domain ID: 1 protectinstance: 2
state: down mode: revertive
port : smartgroup1(P) portstate: block
port : gei-0/1/1/6(S) portstate: block
preup: 2(s) changeTimes : 0
port-detect mode: fast
An example of the show zess domain command output is shown below.
ZXR10(config)#show zess domain
12-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 12 ZESS Configuration
domain ID: 1 protectinstance: 2
state: down mode: revertive
port : smartgroup1(P) portstate: block
port : gei-0/1/1/6(S) portstate: block
preup: 2(s) changeTimes : 0
domain ID: 2 protectinstance: 2
port-detect mode: fast
12.4 ZESS Configuration ExampleConfiguration DescriptionFigure 12-2 shows a typical ZESS network topology. S1 enables the ZESS protocol,interface 1 acts as the master interface, and interface 2 acts as a slave interface.
Figure 12-2 ZESS Configuration Example
Configuration Thought1. Enter the ZESS config mode and configure the ID and protection instance of the ZESR
domain.2. Configure the interface and other parameters of a ZESR node.3. If there are other functional requirements, configure the ZESS properties further.
Configuration CommandsThe configuration of S1:
ZXR10(config)#zess
ZXR10(config-zess)#zess domain 1 protect-instance 1
ZXR10(config-zess)#zess domain 1 member primary gei-0/1/1/1 secondary gei-0/1/1/2
ZXR10(config-zess)#zess port-detect fast
/*If necessary, configure the ZESS properties, such as
the revertive mode and preup time.*/
ZXR10(config-zess)#zess domain 1 mode non-revertive
12-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
ZXR10(config-zess)#zess domain 1 preup 300
Configuration VerificationThe configuration result on S1:
ZXR10(config)#show zess domain 1
domain ID: 1 protectinstance: 1
state: up mode: non-revertive
port : gei-0/1/1/1(P) portstate: forward
port : gei-0/1/1/2(S) portstate: block
preup: 300(s) changeTimes : 0
port-detect mode: fast
12-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 13ZESR+ ConfigurationTable of Contents
ZESR+ Overview......................................................................................................13-1Configuring ZESR+ ..................................................................................................13-3ZESR+ Maintenance ................................................................................................13-4ZESR+ Configuration Example.................................................................................13-5
13.1 ZESR+ OverviewIntroduction to ZESR+In the uplink direction of the core network and backbone network in a metropolitan areanetwork (MAN), two uplink interface on a switch are usually connected with two BRAS orSR devices respectively. In this way, the ZESS can be used to implement dual-protectionin the uplink direction. This connection mode implements protection for the upstream link,SR, or BRAS but has a risk that a single-point failure may occur on the switch to theBRAS or SR in the uplink direction. In an actual network scheme, the egress interfacesconnected to a same SR or BRAS are distributed on two switches respectively. In thisway, the protection function with dual nodes and dual upstream links is implemented, thatis, the ZSER+ described in this topic.
As shown in Figure 13-1, two switches (S1 and S4) in the ring network are connected tothe SR and BRAS in the uplink direction, which implements protection for the upstreamlinks of the SR and BRAS. Suppose that the link from S1 to the SR is broken. In this case,the traffic on this link will be automatically transmitted to the SR through S4. By using theprotection function with dual nodes and dual upstream links, the system can implementswitching within 50 ms when an upstream link is faulty.
13-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 13-1 ZESR+ Network Topology
ZESR+ PrincipleWhen the dual-node and dual-uplink ZESR+ protocol is working, two roles are available:primary node ZESS-MASTER and transport node ZESS-TRANSIT. The nodes use theHello packet and interface detection function to detect link status. When the link worksproperly, the primary node blocks the slave interface and enables the master interface.At this time, the transport node enables both of the master and slave interfaces. Whendetecting a link fault, the transport node blocks the interface connected with the faulty link,clears the bridge table, and sends a link-down frame to the primary node notifying thefault information. After receiving the link-down frame, the primary node enables the slaveinterface, clears the bridge table, and sends a down-flush frame. When detecting a linkfault, the primary node actively performs link switching. The format of frames used by theZESR+ and the specific meanings are the same as those of the ZESR. The ZESR+ isquite similar to the ZESR master ring in terms of function. Therefore, the ZESR+ can worktogether with the ZESR.
Figure 13-2 shows a typical network topology of the ZESR+ with dual nodes and dualupstream links. S2 is a ZESS-MASTER node and S3 is a ZESS-TRANSIT node.
The ZESR+ protects upstream links and transport node S3 sends protocol packets to S2through the master interface. Therefore, when the ZESR+ is working, you must configurethe master interface on the link where the two nodes are directly connected. Otherwise,an error occurs in the protocol.
13-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 13 ZESR+ Configuration
Figure 13-2 Typical ZESR+ Network Topology
Both the ZESR+ and the STP implement data forwarding and blocking by configuring thestatus of an STP instance on the interface. Therefore, the ZESR+ and the STP aremutuallyexclusive based on interface + instance. That is, an interface instancemanaged by ZESR+will not be calculated by the STP. However, its STP state will be calculated by the ZESR+.The protection instance used by the ZESR+ is configured based on the STP protocol.Therefore, when the ZESR+ protocol is used, a protection instance can take effect onlyafter the STP is enabled globally. Except the interface instances managed by the ZESR+,the STP state of other interface instances is managed by the STP protocol, which avoidsa loop.
13.2 Configuring ZESR+On the ZXR10 5900E, use the following commands to configure the ZESR+.
Steps Command Function
1 ZXR10(config)#zesr This enters the ZESR config
mode.
2 ZXR10(config-zesr)#zesr ctrl-vlan <1-4094>
protect-instance <0-64>This configures the protection
instance of a ZESR+ domain.
The no zesr ctrl-vlan <1-4094>
protect-instance command can
be used to clear configuration.
13-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
3 ZXR10(config-zesr)#zesr ctrl-vlan <1-4094> major-level
role {zess-master | zess-transit}<port1><port2>
This configures the role and
interface for a ZESR node on
the master ring. The no zesr
ctrl-vlan <1-4094> major-level
command can be used to clear
configuration.
The parameters of ZESR+ commands are almost the same as those of ZESR commandsin terms of parameter meaning. In a command, the role of a node is uniquely used todistinguish whether a domain belongs to ZESR+ or ZESR.
The command parameters in step 3 are described as follows.
Parameter Description
role {zess-master | zess-transit} Configures the role of a ZESR+ domain node. ZESS-MASTER
refers to the primary node and ZESS-TRANSIT refers to a
transport node.
13.3 ZESR+ MaintenanceOn the ZXR10 5900E, use the following commands to maintain the ZESR+.
Command Function
ZXR10#show zesr brief This shows brief information about
all domains of ZESR or ZESR+.
ZXR10#show zesr ctrl-vlan <1-4094> This shows detailed information
about a specified domain of ZESR
or ZESR+.
The parameters in the above command are described as follows.
Parameter Description
brief Shows brief information about all domains of ZESR or ZESR+.
ctrl-vlan <1-4094> Shows detailed information about a specified domain of ZESR
or ZESR+.
An example of the show zesr brief command output is shown below.
ZXR10(config)#show zesr brief
ctrl-vlan: 100 protectinstance: 1
level seg role port port level-state switch-times
major zess(T) smartgroup1(P) gei-0/1/1/6(S) down 1
13-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 13 ZESR+ Configuration
ctrl-vlan: 200 protectinstance: 2
restarttime: 120(s)
port detect: fast
protocol mac: normal
An example of the show zesr ctrl-vlan <1-4094> command output is shown below.
ZXR10(config)#show zesr ctrl-vlan 100
ctrl-vlan: 100 protectinstance: 1
level: major
state: down
role: zess(T)
port: smartgroup1(P) portstate: block
port: gei-0/1/1/6(S) portstate: block
preforward: 20(s)
switch-times: 1
Caution!
During ZESR+ node configuration, because of special application scenarios of ZESR+,you must configure the master interface to the link that directly connects the two nodes.Other configuration requirements are similar to those of ZESR.
13.4 ZESR+ Configuration ExampleConfiguration DescriptionFigure 13-3 shows a typical network topology of the ZESR+ with dual nodes and dualupstream links. S1 is a common switch. S1, S2, and S3 form a virtual master ring. TheZESR+ function is working on S2 and S3. To be specific, S2, S3, and S4 form a slave ringwith the level and segment of 1. S4 acts as the primary node, and S2 and S3 act as edgeassistant nodes.
13-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 13-3 Single-Ring ZESR+ Configuration
Configuration Thought1. Enter the ZESR config mode and configure the control VLAN and protection instance
of the ZESR domain.2. Configure the level, segment, role, and interface of the ZESR/ZESR+ node.3. If there are other functional requirements, configure the ZESR properties further.
These properties of ZESR are applicable to the ZESR+.
Configuration CommandsThe configuration of S2:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role zess-master gei-0/1/1/1 gei-0/1/1/2
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role edge-assistant gei-0/1/1/3
The configuration of S3:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 major-level role zess-transit gei-0/1/1/1 gei-0/1/1/2
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role edge-assistant gei-0/1/1/3
The configuration of S4:
ZXR10(config)#zesr
ZXR10(config-zesr)#zesr ctrl-vlan 4001 protect-instance 1
ZXR10(config-zesr)#zesr ctrl-vlan 4001 level 1 seg 1 role master gei-0/1/1/1 gei-0/1/1/2
13-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 13 ZESR+ Configuration
Configuration VerificationThe configuration result on S2:
ZXR10(config)#show zesr ctrl-vlan 4001
ctrl-vlan: 4001 protectinstance: 1
level: major
state: up
role: zess(M)
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: block
hello: 1(s) fail: 3(s)
preforward: 20(s) preup: 2(s)
switch-times: 1
level: 1 seg: 1
state: up
role: edge-assistant
port: gei-0/1/1/3 portstate: forward
preforward: 20(s)
switch-times: 1
The configuration result on S3:
ZXR10(config)#show zesr ctrl-vlan 4001
ctrl-vlan: 4001 protectinstance: 1
level: major
state: up
role: zess(T)
port: gei-0/1/1/1(P) portstate: forward
port: gei-0/1/1/2(S) portstate: forward
preforward: 20(s)
switch-times: 1
level: 1 seg: 1
state: up
role: edge-assistant
port: gei-0/1/1/3 portstate: forward
preforward: 20(s)
switch-times: 1
13-7
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
13-8
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 14LinkGroup ConfigurationTable of Contents
LinkGroup Overview.................................................................................................14-1Configuring LinkGroup .............................................................................................14-1LinkGroup Maintenance ...........................................................................................14-2LinkGroup Configuration Example ............................................................................14-3
14.1 LinkGroup OverviewLinkGroup is an interface management function. It uses an interface linkage group to linkinterface states, which effectively monitors the link status. When working together with linkprotection protocols such as ZESS, it can protect the link layer in a better way to ensurenetwork connectivity.
The LinkGroup configures an uplink interface group and a downlink interface group to linkthe states of interfaces in the two groups. If all the interfaces in the uplink interface groupare up or down, the states of interfaces in the downlink interface group are configured toup or down accordingly. By the operation performed on the state of a downlink interface,the fault that occurs on the upstream link can be sensed quickly by the downstream link.In this way, the link layer protocol can sense topology changes.
14.2 Configuring LinkGroupOn the ZXR10 5900E, use the following commands to configure a LinkGroup.
Steps Command Function
1 ZXR10(config)#linkage This enters the LinkGroup
config mode.
2 ZXR10(config-linkage)#group <1-8> downlink <port> This configures the downlink
interface for a LinkGroup of an
interface. The system supports
eight LinkGroups at most and
each LinkGroup supports up to
16 downlink interfaces.
14-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Steps Command Function
3 ZXR10(config-linkage)#group <1-8> uplink <port> This configures the uplink
interface for a LinkGroup of
an interface. Each LinkGroup
supports up to eight downlink
interfaces.
4 ZXR10(config-linkage)#no group <1-8>[downlink<port>| uplink <port>]
This clears LinkGroup
configuration of an interface.
The command parameters in step 2 are described as follows.
Parameter Description
group<1-8> Configures a LinkGroup ID. The system supports up to eight
LinkGroups.
downlink <port> Configures the downlink interface. port refers to a physical
interface or a SmartGroup interface.
The command parameters in step 3 are described as follows.
Parameter Description
uplink <port> Configures the uplink interface. port refers to a physical interface
or a SmartGroup interface.
The command for clearing configuration in step 4 is the same as the above commands interms of description.
14.3 LinkGroup MaintenanceOn the ZXR10 5900E, use the following command to maintain the LinkGroup.
Command Function
ZXR10(config)#show linkage-group [<1-8>] This shows the LinkGroup
information of an interface. If no
LinkGroup ID is specified, the
system shows the information of
all LinkGroups.
The parameters in the above command are described as follows.
Parameter Description
linkage-group <1-8> Configures a LinkGroup ID. The system supports up to eight
LinkGroups.
14-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 14 LinkGroup Configuration
14.4 LinkGroup Configuration ExampleConfiguration DescriptionAs shown in Figure 14-1, the data from interfaces gei-0/1/1/3 and gei-0/1/1/3 on S1 isforwarded to the upper-layer device through interfaces gei-0/1/1/1 and gei-0/1/1/2. Inaddition, the downstream link must sense the fault that occurs on the upstream link. Inthis way, a LinkGroup can be configured on an interface to make the downstream linksense the changes on the upstream link. Interfaces gei-0/1/1/1 and gei-0/1/1/2 are uplinkinterfaces, and interfaces gei-0/1/1/3 and gei-0/1/1/4 are downlink interfaces.
Figure 14-1 LinkGroup Configuration
Configuration Thought1. Enter the LinkGroup config mode.2. Configure the uplink interface and downlink interface of a LinkGroup.
Configuration CommandsZXR10(config)#linkage
ZXR10(config-linkage)#group 1 downlink gei-0/1/1/3
ZXR10(config-linkage)#group 1 downlink gei-0/1/1/4
ZXR10(config-linkage)#group 1 uplink gei-0/1/1/1
ZXR10(config-linkage)#group 1 uplink gei-0/1/1/2
Configuration VerificationZXR10(config)#show linkage-group 1
Group 1
Uplink Interfaces:
Interface: gei-0/1/1/1 Status: up
Interface: gei-0/1/1/2 Status: up
Downlink Interfaces:
Interface: gei-0/1/1/3 Status: up
Interface: gei-0/1/1/4 Status: up
It indicates that the uplink interface and downlink interface are configured successfully.
14-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
This page intentionally left blank.
14-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 15L2PT ConfigurationTable of Contents
L2PT Overview.........................................................................................................15-1Configuring L2PT .....................................................................................................15-2Maintaining L2PT .....................................................................................................15-3L2PT Configuration Example....................................................................................15-4
15.1 L2PT OverviewIntroduction to L2PTL2PT is a protocol that allows BPDU packets to be transmitted in a layer-2 networktransparently. At the ingress of a BPDU tunnel, L2PT substitutes the MAC addressconfigured by the users for the original destination MAC address of a BPDU packet.The packet is transmitted through the BPDU tunnel after being encapsulated. At theegress of the BPDU tunnel, after receiving and recognizing the packet, L2PT restoresthe original destination MAC address of the BPDU packet, and forwards the packetto the corresponding user network. L2PT achieves transparent transmission of BPDUpackets that use layer-2 management protocols at layer-2 switching networks. L2PT isindependent of the types of layer-2 management protocols, so the applicable layer-2management protocols provide high extensibility and flexibility.
L2PT PrincipleAs shown in Figure 15-1, the destination MAC address of the BPDU packets sent fromfei-0/1/0/1 on customer switch A is substituted by the MAC address configured by the userson edge switch B. After that, the packets are broadcast in the VLAN of the receiving port.The packets pass across the service provider network, and arrive at edge switch C. Onedge switch C, the original destination MAC addresses of the BPDU packets are restored,and then the packets are sent to fei-0/1/0/4 of customer switch D from fei-0/1/0/3. It lookslike that customer switch A and customer switch D are connected directly. In this way,BPDU packets of layer-2 management protocols are transmitted transparently on layer-2switching networks.
15-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 15-1 L2PT Network Topology
15.2 Configuring L2PTTo configure L2PT on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#l2pt Enters L2PT configuration
mode.
2 ZXR10(config-l2pt)#bpdu-substitute-dmac { dot1x | gvrp
| lacp | lldp | stp |<key>}
Configures the MAC address
used to substitute the MAC
addresses of BPDU packets.
Use the no command to restorethe default configuration.
3 ZXR10(config-l2pt)#Interface<interface name> Enters L2PT interface
configuration mode.
4 ZXR10(config-l2pt-if-interface name)#bpdu-rewrite
{ dot1x | gvrp | lacp | lldp | stp |<key>}
Enables the destination
MAC address substitution
on an interface. Use the nocommand to restore the default
configuration.
5 ZXR10(config-l2pt-if-interface name)#bpdu-protect
<num>
Configures the rate threshold
of protocol packets on an
interface. Use the nocommand to restore the
default configuration.
A description of the parameter in Step 2 is as follows:
Parameter Description
<key> Destination MAC address, format: XXXX.XXXX.XXXX .
A description of the parameter in Step 3 is as follows:
15-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 15 L2PT Configuration
Parameter Description
<key> The value is enable or disable.
A description of the parameter in Step 4 is as follows:
Parameter Description
<num> Rate threshold of protocol packets, range: 10-300.
15.3 Maintaining L2PTTo maintain the L2PT function on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show l2pt information Displays global configuration
information about L2PT.
ZXR10#show l2pt information <interface-name> Displays configuration information
about L2PT on an interface.
The following is sample output from the show l2pt information command:
ZXR10(config-l2pt)#show l2pt information
All substituted ports: 1
Default protect pps: 100
Protocol Default destination MAC Substituted destination
stp 0180.c200.0000 0123.4567.8989
lldp 0180.c200.000e 0123.4567.8979
Field descriptions are as follows:
Field Description
All substituted ports Number of ports where the destination MAC address
substitution function is enabled.
Default protect pps Default rate threshold of protocol packets.
Protocol Type of the protocol for which the destination MAC address
substitution function is enabled.
The following is sample output from the show l2pt information <interface-name> command:
ZXR10(config-l2pt-if)#show l2pt information gei-0/1/1/1
Interface: gei-0/1/1/1
Destination MAC rewrite: Enable
Protect packages per second: 50
Substituted protocol: stp
Field descriptions are as follows:
15-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Field Description
Interface Interface name.
Destination MAC rewrite Whether the destination MAC address substitution function
is enabled on the interface.
Protect packages per second Rate threshold of protocol packets on the interface.
Substituted Type of the protocol for which the destination MAC address
substitution function is enabled on the interface.
15.4 L2PT Configuration ExampleConfiguration DescriptionIn the network shown in Figure 15-2, L2PT substitutes the destination MAC address ofSTP BPDU packets.
Figure 15-2 L2PT Configuration Example
Configuration Flow1. Enable STP on switch A and switch D.2. Enable the destination MAC address substitution for STP BPDU packets on switch B
and switch C. Enable the substitution on the interfaces.
Configuration CommandsConfiguration for Switch A:
Switch A(config)#spantree
Switch A(config-stp)#enable
Switch A(config-stp)#mode mstp
Switch A(config-stp)#mst priority 32768 instance 0
Switch A(config-stp-if-gei-0/1/1/1)#enable
Configuration for Switch D:
D(config)#spantree
15-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 15 L2PT Configuration
Switch D(config-stp)#enable
Switch D(config-stp)#mode mstp
Switch D(config-stp)#mst priority 40960 instance 0
Switch D(config-stp-if-gei-0/1/1/4)#enable
Configuration for switch B:
Switch B(config-l2pt)#bpdu-substitute-dmac stp 0123.4567.8989
Switch B(config-l2pt-if-gei-0/1/1/2)#bpdu-rewrite stp
Configuration for switch C:
Switch C(config-l2pt)#bpdu-substitute-dmac stp 0123.4567.8989
Switch C(config-l2pt-if-gei-0/1/1/3)#bpdu-rewrite stp
Configuration VerificationVerify the result of configuration for switch A through the show spantree instance 0 commandas follows:
DUT1(config-if)#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 32768; Address 0000.0100.0006
BridgeID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec; Max-Hops 20
Message-Age 0 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
--------------------------------------------------------------------------
gei-0/1/1/1 128.1 200000 Forward Designated p2p MSTP
Verify the result of configuration for switch D through the show spantree instance 0 commandas follows:
DUT2(config)#show spantree instance 0
MST00
Spantree enabled protocol MSTP
Root ID: Priority 32768; Address 0000.0100.0006
Hello-Time 2 sec; Max-Age 6 sec
Forward-Delay 5 sec;
RegRootID: Priority 40960; Address 0000.0100.0008
15-5
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
BridgeID: Priority 40960; Address 0000.0100.0008
Hello-Time 2 sec; Max-Age 20 sec
Forward-Delay 15 sec; Max-Hops 20
Message-Age 1 sec; RemainHops 20
Interface Prio.Nbr
Name Port ID Cost State Role Type Bound
--------------------------------------------------------------------------
gei-0/1/1/4 128.1 200000 Forward Root p2p MSTP
15-6
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 16GVRP ConfigurationTable of Contents
GVRP Overview .......................................................................................................16-1Configuring GVRP....................................................................................................16-2Maintaining GVRP....................................................................................................16-2GVRP Configuration Example ..................................................................................16-3
16.1 GVRP OverviewGARP OverviewGeneric Attribute Registration Protocol (GARP) provides a method of dynamicallydistributing, transmitting, and registering an attribute between members belonging tothe same switching network. The attribute can be a characteristic such as the VLAN,multicast MAC address, and port filtering mode. GARP can carry multiple attributesthat need to be transmitted by switches, so the GARP functions are provided by GARPapplication protocols.
GVRP OverviewGARP VLAN Registration Protocol (GVRP) is an application protocol defined by GARP. Itdynamically maintains VLAN information on switches based on the protocol mechanismof GARP. Each switch supporting the GVRP function can receive VLAN registrationinformation from other switches and dynamically update the local VLAN registrationinformation, including the VLANs on the switch and the ports in each VLAN. Eachswitch supporting the GVRP function can send the local VLAN registration informationto other switches, so that all devices supporting the GVRP function in the sameswitching network reach an agreement on intercommunity in VLAN configuration asneeded. VLAN registration information transmitted through GVRP includes static VLANinformation manually configured on the local device and dynamic VLAN informationfrom other switches. With the GVRP function, VLAN information on different switchescan be dynamically maintained and updated through the protocol. Users only need toconfigure VLAN information on a few switches, and the configuration can be appliedon the entire network. Users do not need to spend a lot of time in topology analysisand configuration management. The protocol dynamically transmits VLAN informationand adds configuration to the corresponding ports based on VLAN configuration on thenetwork.
GVRP provides the following port registration types, normal, fixed, and forbidden.
16-1
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
1. Normal: A port whose registration type is normal can process received GVRPmessages. On this port, VLANs can be created and registered, and VLAN registrationcan be canceled.
2. Fixed: A port whose registration type of a port is fixed ignores all GVRPmessages, butthe port remains registration state. VLANs can be created and registered manually.VLAN registration is disallowed on the port, and VLANs known on this port cannot beregistered on other ports.
3. Forbidden: A port whose registration type of a port is forbidden ignores all GVRPmessages. The registration state of the port is EMPTY. On this port, registration of allVLANs is canceled, and VLANs are disallowed to be created or registered.
16.2 Configuring GVRPTo configure GVRP on the ZXR10 5900E, perform the following steps:
Step Command Function
1 ZXR10(config)#garp Enters GVRP configuration mode.
2 ZXR10(config-garp)#gvrp {enable | disable} Enables or disables the GVRP function.
3 ZXR10(config-garp)#interface
<interface-name>
ZXR10(config-garp-if-interface-
name)#gvrp enable
Enables or disables the GVRP function on
an interface. To enable the GVRP function
on an interface, the mode of the interface
must be trunk, and the global GVRP function
must be enabled.
4 ZXR10(config-garp-if-interface-
name)#garp registration {normal | fixed |
forbidden}
Configures the registration mode of the
interface.
5 ZXR10(config-garp)#garp {hold | join |
leave | leaveall}timer <time-value>Configures the GARP timer.
6 ZXR10(config)#show garp config Displays GARP-related configuration.
16.3 Maintaining GVRPTo maintain GVRP on the ZXR10 5900E, run the following commands:
Command Function
ZXR10#show gvrp statistics interface
<interface-name>
Displays GVRP statistics.
ZXR10(config)#clear gvrp statistics all Clears GVRP statistics.
The following is sample output from the show gvrp statistics interface <interface-name>command:
16-2
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
Chapter 16 GVRP Configuration
ZXR10(config)#show gvrp statistics interface gei-0/1/1/1
GVRP is enabled.
InterfaceName Status RegMode LastPduOrigin VLAN FailedReg
---------------------------------------------------------------------------
gei-0/1/1/1 Enabled Normal 4c09.b4fc.dd40 0
The following is sample output from the clear gvrp statistics all command:
ZXR10#clear gvrp statistics all
ZXR10#show gvrp statistics interface gei-0/1/1/1
GVRP is enabled.
InterfaceName Status RegMode LastPduOrigin VLAN FailedReg
---------------------------------------------------------------------------
gei-0/1/1/1 Enabled Normal 0000.0000.0000 0
16.4 GVRP Configuration ExampleIn the network shown in Figure 16-1, gei-0/1/1/1 of switch A belongs to trunk VLAN 100,and the registration mode is normal. Gei-0/1/1/2 of switch B belongs to trunk VLAN 200,and the registration mode is fixed. Gei-0/1/1/3 of switch B belongs to trunk VLAN 300, andthe registration mode is normal. Gei-0/1/1/4 of switch C belongs to trunk VLAN 400, andthe registration mode is normal.
Figure 16-1 GVRP Configuration Example
Configuration for switch A:
/*Enable the GVRP function*/
Switch_A(config)#garp
Switch_A(config-garp)#gvrp enable
/*Enable the GVRP function on an interface*/
Switch_A(config-garp)#interface gei-0/1/1/1
Switch_A(config-garp-if-gei-0/1/1/1)#gvrp enable
/*Configure the VLAN attribute on the interface*/
Switch_A(config)#switchvlan-configuration
Switch_A(config-swvlan)#interface gei-0/1/1/1
Switch_A(config-swvlan-if-gei-0/1/1/1)#switchport mode trunk
Switch_A(config-swvlan-if-gei-0/1/1/1)#switchport trunk vlan 100
Configuration for switch B:
/*Enable the GVRP function*/
Switch_B(config)#garp
16-3
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Switch_B(config-garp)#gvrp enable
/*Enable the GVRP function on an interface*/
Switch_B(config-garp)#interface gei-0/1/1/2
Switch_B(config-garp-if-gei-0/1/1/2)#gvrp enable
Switch_B(config-garp)#interface gei-0/1/1/3
Switch_B(config-garp-if-gei-0/1/1/3)#gvrp enable
/*Configure the registration mode of the interface*/
Switch_B(config-garp)interface gei-0/1/1/2
Switch_B((config-garp-if-gei-0/1/1/2)#garp registration fixed
/*Configure the VLAN attribute on the interface*/
Switch_B(config)#switchvlan-configuration
Switch_B(config-swvlan)#interface gei-0/1/1/2
Switch_B(config-swvlan-if-gei-0/1/1/2)#switchport mode trunk
Switch_B(config-swvlan-if-gei-0/1/1/2)#switchport trunk vlan 200
Switch_B(config)#switchvlan-configuration
Switch_B(config-swvlan)#interface gei-0/1/1/3
Switch_B(config-swvlan-if-gei-0/1/1/3)#switchport mode trunk
Switch_B(config-swvlan-if-gei-0/1/1/3)#switchport trunk vlan 300
Configuration for switch C:
/*Enable the GVRP function*/
Switch_C(config)#garp
Switch_C(config-garp)#gvrp enable
/*Enable the GVRP function on an interface*/
Switch_C(config-garp)#interface gei-0/1/1/4
Switch_C(config-garp-if-gei-0/1/1/4)#gvrp enable
/*Configure the VLAN attribute on the interface*/
Switch_C(config)#switchvlan-configuration
Switch_C(config-swvlan)#interface gei-0/1/1/4
Switch_C(config-swvlan-if-gei-0/1/1/4)#switchport mode trunk
Switch_C(config-swvlan-if-gei-0/1/1/4)#switchport trunk vlan 400
16-4
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
FiguresFigure 1-1 Topology of ARP Proxy Application ........................................................ 1-12
Figure 1-2 Topology of ARP Proxy Application ........................................................ 1-16
Figure 2-1 Network Topology with VLAN................................................................. 2-10
Figure 2-2 VLAN Translation Configuration Example .............................................. 2-11
Figure 3-1 VLAN Configuration on Device without SuperVLAN ................................. 3-1
Figure 3-2 Configuration on Device with SuperVLAN ............................................... 3-2
Figure 3-3 SuperVLAN Configuration Example ......................................................... 3-7
Figure 4-1 Voice VLAN Networking Topology (Manual Mode) ................................... 4-4
Figure 4-2 Voice VLAN Networking Topology (Automatic Mode) ............................... 4-5
Figure 5-1 Network Topology with PVLAN................................................................. 5-3
Figure 6-1 QinQ Configuration Example.................................................................... 6-2
Figure 7-1 Packet Cycling and Multiplication............................................................. 7-2
Figure 7-2 STP Network Topology ............................................................................ 7-3
Figure 7-3 Configuring Multiple STP ....................................................................... 7-13
Figure 7-4 Configuring Fast STP............................................................................. 7-14
Figure 7-5 STP Network Topology (Example 3)....................................................... 7-16
Figure 8-1 LLDP System Structure ........................................................................... 8-2
Figure 8-2 LLDP Neighbor Configuration Example.................................................... 8-9
Figure 8-3 LLDP Attribute Configuration Example ..................................................... 8-9
Figure 8-4 LLDP Neighbor Configuration Example.................................................. 8-10
Figure 8-5 LLDP Attribute Configuration Example ................................................... 8-11
Figure 9-1 SmartGroup Link Aggregation.................................................................. 9-2
Figure 9-2 802.3ad Mode Configuration.................................................................... 9-9
Figure 9-3 ON Mode Configuration ......................................................................... 9-12
Figure 9-4 802.3ad Mode Configuration.................................................................. 9-14
Figure 9-5 ON Mode Configuration ......................................................................... 9-17
Figure 10-1 Service Type 1 (in1-out2) ..................................................................... 10-2
Figure 10-2 Service Type 2 (in1-out2 pri designated) .............................................. 10-3
Figure 10-3 Service Type 3 (in1-out2 pri mapping).................................................. 10-4
Figure 10-4 Service Type 4 (in1-out1) ..................................................................... 10-5
Figure 10-5 Service Type 6 (untag-out1, supported only by SVLAN in IFPmode) ................................................................................................... 10-6
I
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
Figure 10-6 Network Topology with SVLAN (1) ....................................................... 10-8
Figure 10-7 Network Topology with SVLAN (2) ....................................................... 10-9
Figure 10-8 SVLAN Configuration Example .......................................................... 10-15
Figure 11-1 ZESR Single-Ring Network Topology ................................................... 11-1
Figure 11-2 Loop Fault in ZESR Single-Ring Network ............................................. 11-2
Figure 11-3 ZESR Single-Ring Network Topology ................................................... 11-3
Figure 11-4 Loop Fault of ZESR Single-Ring........................................................... 11-3
Figure 11-5 ZESR Multi-Ring Network Topology...................................................... 11-4
Figure 11-6 ZESR Single-Ring Network Topology ................................................. 11-12
Figure 11-7 Multi-Ring ZESR Network Topology.................................................... 11-14
Figure 12-1 ZESS Network Topology ...................................................................... 12-1
Figure 12-2 ZESS Configuration Example............................................................... 12-5
Figure 13-1 ZESR+ Network Topology .................................................................... 13-2
Figure 13-2 Typical ZESR+ Network Topology ........................................................ 13-3
Figure 13-3 Single-Ring ZESR+ Configuration........................................................ 13-6
Figure 14-1 LinkGroup Configuration ...................................................................... 14-3
Figure 15-1 L2PT Network Topology ....................................................................... 15-2
Figure 15-2 L2PT Configuration Example ............................................................... 15-4
Figure 16-1 GVRP Configuration Example.............................................................. 16-3
II
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
GlossaryACL- Access Control List
ARP- Address Resolution Protocol
BPDU- Bridge Protocol Data Unit
GARP- Generic Attribute Registration Protocol
GVRP- GARP VLAN Registration Protocol
IP- Internet Protocol
L2PT- Layer 2 Protocol Tunnel
LACP- Link Aggregation Control Protocol
LACPDU- Link Aggregation Control Protocol Data Unit
LLDP- Link Layer Discovery Protocol
LLDPDU- Link Layer Discovery Protocol Data Unit
MAC- Media Access Control
MAN- Metropolitan Area Network
MEN- Metro Ethernet Network
MPLS- Multiprotocol Label Switching
MSTP- Multiple Spanning Tree Protocol
OUI- Organizationally Unique Identifier
III
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential
ZXR10 5900E Series Configuration Guide (Link Layer)
PVLAN- Private Virtual Local Area Network
QoS- Quality of Service
STP- Spanning Tree Protocol
SVLAN- Selective Virtual Local Area Network
TCP/IP- Transmission Control Protocol/Internet Protocol
TLV- Type/Length/Value
VLAN- Virtual Local Area Network
VPLS- Virtual Private LAN Service
VPN- Virtual Private Network
ZESR- ZTE Ethernet Switch Ring
ZESS- ZTE Ethernet Smart Switch
IV
SJ-20150114102049-005|2015-01-15 (R1.0) ZTE Proprietary and Confidential