Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
i
Network requirements 27
Configuration restrictions and guidelines 28
Configuration procedure 28
ii
MSTP 62
MSTP features 62
MSTP basic concepts 62
How MSTP works 66
MSTP implementation on devices 67
Protocols and standards 67
Spanning tree configuration task lists 67
Configuration restrictions and guidelines 67
STP configuration task list 68
RSTP configuration task list 68
MSTP configuration task list 69
Setting the spanning tree mode 70
Configuring an MST region 71
Configuring the root bridge or a secondary root bridge 72
Configuring the current device as the root bridge of a specific spanning tree 72
Configuring the current device as a secondary root bridge of a specific spanning tree 72
Configuring the device priority 73
Configuring the maximum hops of an MST region 73
Configuring the network diameter of a switched network 73
Configuring spanning tree timers 74
Configuration restrictions and guidelines 74
Configuration procedure 75
Configuring the timeout factor 75
Configuring the BPDU transmission rate 76
Configuring edge ports 76
Configuration restrictions and guidelines 76
Configuration procedure 76
Configuring path costs of ports 77
Specifying a standard for the device to use when it calculates the default path cost 77
Configuring path costs of ports 78
Configuration example 79
Configuring the port priority 79
Configuring the port link type 80
Configuration restrictions and guidelines 80
Configuration procedure 80
Configuring the mode a port uses to recognize and send MSTP packets 80
Enabling outputting port state transition information 81
Enabling the spanning tree feature 81
Performing mCheck 82
Performing mCheck globally 82
Performing mCheck in interface view 82
Configuring Digest Snooping 83
Configuration restrictions and guidelines 83
Configuration procedure 84
Digest Snooping configuration example 84
Configuring No Agreement Check 85
Configuration prerequisites 86
Configuration procedure 86
No Agreement Check configuration example 87
Configuring protection functions 87
Enabling BPDU guard 87
Enabling root guard 88
Enabling loop guard 88
Configuring port role restriction 89
iii
Configuring TC-BPDU transmission restriction 90
Enabling TC-BPDU guard 90
Displaying and maintaining the spanning tree 91
Spanning tree configuration example 91
Network requirements 91
Configuration procedure 92
Verifying the configuration 94
iv
Setting the LLDP re-initialization delay 121
Enabling LLDP polling 121
Configuring the advertisable TLVs 122
Configuring the management address and its encoding format 123
Setting other LLDP parameters 124
Setting an encapsulation format for LLDPDUs 125
Configuring CDP compatibility 125
Configuration prerequisites 126
Configuration procedure 126
Configuring LLDP trapping and LLDP-MED trapping 126
Displaying and maintaining LLDP 127
LLDP configuration example 128
Network requirements 128
Configuration procedure 128
Verifying the configuration 129
Index 136
v
Configuring Ethernet interfaces
The switch series supports Ethernet interfaces, management Ethernet interfaces, and Console interfaces.
For the interface types and the number of interfaces supported by a switch model, see the installation
guide.
This document describes how to configure management Ethernet interfaces and Ethernet interfaces.
1
Splitting a 40-GE interface and combining 10-GE breakout
interfaces
Splitting a 40-GE interface into four 10-GE breakout interfaces
You can use a 40-GE interface as a single interface. To improve port density, reduce costs, and improve
network flexibility, you can also split a 40-GE interface into four 10-GE breakout interfaces.
For example, you can split a 40-GE interface FortyGigE 1/0/16 into four 10-GE breakout interfaces
Ten-GigabitEthernet 1/0/16:1 through Ten-GigabitEthernet 1/0/16:4.
To split a 40-GE interface into four 10-GE breakout interfaces:
interface interface-type
2. Enter 40-GE interface view. N/A
interface-number
2
Step Command Remarks
By default, a 40-GE interface is not
split and operates as a single
interface.
The 40-GE interface combined
3. Combine the four 10-GE from the four 10-GE breakout
breakout interfaces into a using fortygige interfaces must use a dedicated
40-GE interface. 1-to-1 cable or a 40-GE transceiver
module and fiber. For more
information about the cable and
transceiver module, see the
installation guide.
3
Configuring the link mode of an Ethernet interface
CAUTION:
After you change the link mode of an Ethernet interface, all commands (except the shutdown command)
on the Ethernet interface are restored to their defaults in the new link mode.
On the switch, Ethernet interfaces can operate either as Layer 2 or Layer 3 Ethernet interfaces (you can
set the link mode to bridge or route).
To change the link mode of an Ethernet interface:
interface interface-type
2. Enter Ethernet interface view. N/A
interface-number
3. Change the link mode of the By default, an Ethernet interface
port link-mode { bridge | route }
Ethernet interface. operates in bridge mode.
4
packet forwarding, and automatically generates traps and logs, informing the user to take
corresponding actions.
To prevent frequent physical link flapping from affecting system performance, configure physical state
change suppression to suppress the reporting of physical link state changes. The system reports physical
layer changes only when the suppression interval expires.
To configure physical state change suppression on an Ethernet interface:
The link-delay command and the link-delay mode command overwrite each other, and whichever is
configured last takes effect.
Do not configure physical state change suppression on a port with RRPP or MSTP enabled.
5
With TxRx mode generic flow control enabled, an interface can both send and receive flow control
frames. When congestion occurs, the interface sends a flow control frame to its peer. When the
interface receives a flow control frame from the peer, it suspends sending packets.
With Rx flow mode generic control enabled, an interface can receive flow control frames, but it
cannot send flow control frames. When the interface receives a flow control frame from its peer, it
suspends sending packets to the peer. When congestion occurs, the interface cannot send flow
control frames to the peer.
As shown in Figure 1, when both Port A and Port B forward packets at the rate of 1000 Mbps, Port C will
be congested. To avoid packet loss, enable flow control on Port A and Port B.
Figure 1 Flow control on ports
When TxRx mode generic flow control is enabled on Port B and Rx mode generic flow control is enabled
on Port A:
When Port C is congested, Switch B buffers the packet. When the buffered packets reach a specific
size, Switch B learns that the traffic forwarded from Port B to Port C is too heavy and exceeds the
forwarding capability of Port C. In this case, Port B with TxRx mode generic flow control enabled
sends generic pause frames to Port A and tells Port A to suspend sending packets.
When Port A receives the generic pause frames, Port A suspends sending packets to Port B for a
certain period, which is carried in the generic pause frames. Port B sends generic pause frames to
Port A until congestion is removed.
To handle unidirectional traffic congestion on a link, configure the flow-control receive enable command
at one end and the flow-control command at the other end. To enable both ends of a link to handle traffic
congestion, configure the flow-control command at both ends.
To enable generic flow control on an Ethernet interface:
6
You can enable PFC for the specified 802.1p priorities at the two ends of a link. When network
congestion occurs, the local device checks the PFC status for the 802.1p priority carried in each arriving
packet. The device processes the packet depending on the PFC status as follows:
If PFC is enabled for the 802.1p priority, the local device accepts the packet and sends a PFC pause
frame to the peer. The peer stops sending packets carrying this 802.1p priority for an interval as
specified in the PFC pause frame. This process is repeated until the congestion is removed.
If PFC is disabled for the 802.1p priority, the local port drops the packet.
To configure PFC on an Ethernet interface:
interface interface-type
2. Enter Ethernet interface view. N/A
interface-number
3. Enable PFC on the interface
priority-flow-control { auto |
through automatic negotiation By default, PFC is disabled.
enable }
or forcibly.
4. Enable PFC for specific priority-flow-control no-drop By default, PFC is disabled for all
802.1p priorities. dot1p dot1p-list 802.1p priorities.
priority-flo
priority-flow-contr
flow-control w-control Remarks
ol no-drop dot1p
enable
You cannot enable flow control by using the
flow-control command on a port where PFC is
Unconfigurable Configured Configured
enabled and PFC is enabled for the specified
802.1p priority values.
7
priority-flo
priority-flow-contr
flow-control w-control Remarks
ol no-drop dot1p
enable
On a port configured with the flow-control
command, you can enable PFC, but you
cannot enable PFC for specific 802.1p
priorities.
Enabling both generic flow control and PFC on
Configured Configurable Unconfigurable
a port disables the port from sending common
or PFC pause frames to inform the peer of
congestion conditions. However, the port can
still handle common and PFC pause frames
from the peer.
Configuration guidelines
For the same type of traffic, do not configure the storm constrain command together with any of the
broadcast-suppression, multicast-suppression, and unicast-suppression commands. Otherwise, the
traffic suppression result is not determined. For more information about the storm-constrain command,
see "Configuring storm control on an Ethernet interface."
Configuration procedure
To set storm suppression thresholds on one or multiple Ethernet interfaces:
interface interface-type
2. Enter Ethernet interface view. N/A
interface-number
3. Enable broadcast suppression By default, broadcast traffic is
broadcast-suppression { ratio |
and set the broadcast allowed to pass through an
pps max-pps | kbps max-kbps }
suppression threshold. interface.
4. Enable multicast suppression By default, multicast traffic is
multicast-suppression { ratio | pps
and set the multicast allowed to pass through an
max-pps | kbps max-kbps }
suppression threshold. interface.
8
Step Command Remarks
5. Enable unknown unicast
By default, unknown unicast traffic
suppression and set the unicast-suppression { ratio | pps
is allowed to pass through an
unknown unicast suppression max-pps | kbps max-kbps }
interface.
threshold.
Configuration guidelines
For the same type of traffic, do not configure the storm constrain command together with any of the
broadcast-suppression, multicast-suppression, and unicast-suppression commands. Otherwise, the
traffic suppression result is not determined. For more information about the broadcast-suppression,
multicast-suppression, and unicast-suppression commands, see "Configuring storm suppression."
Configuration procedure
To configure storm control on an Ethernet interface:
9
Step Command Remarks
The default setting is 10 seconds.
2. (Optional.) Set the traffic
polling interval of the storm storm-constrain interval seconds For network stability, use the
control module. default or set a higher traffic
polling interval (10 seconds).
interface interface-type
3. Enter Ethernet interface view. N/A
interface-number
4. (Optional.) Enable storm
storm-constrain { broadcast |
control, and set the lower and
multicast | unicast } { pps | kbps | By default, storm control is
upper thresholds for
ratio } max-pps-values disabled.
broadcast, multicast, or
min-pps-values
unknown unicast traffic.
5. Set the control action to take
storm-constrain control { block | By default, storm control is
when monitored traffic
shutdown } disabled.
exceeds the upper threshold.
Task Command
display counters { inbound | outbound } interface [ interface-type
Display interface traffic statistics.
[ interface-number ] ]
Display traffic rate statistics of interfaces in display counters rate { inbound | outbound } interface
up state over the last sampling interval. [ interface-type [ interface-number ] ]
Display summary information about the display interface [ interface-type [ interface-number ] ] brief
specified interface or all interfaces. [ description ]
Display information about storm control display storm-constrain [ broadcast | multicast | unicast ]
on the specified interface or all interfaces. [ interface interface-type interface-number ]
10
Task Command
Clear the interface statistics. reset counters interface [ interface-type [ interface-number ] ]
11
Configuring loopback, null, and inloopback
interfaces
This chapter describes how to configure a loopback interface, a null interface, and an inloopback
interface.
12
Configuring a null interface
A null interface is a virtual interface and is always up, but you can neither use it to forward data packets
nor can you configure it with an IP address or link layer protocol. The null interface provides a simpler
way to filter packets than ACL. You can filter undesired traffic by transmitting it to a null interface instead
of applying an ACL. For example, if you specify a null interface as the next hop of a static route to a
specific network segment, any packets routed to the network segment are dropped.
To configure a null interface:
Task Command
display interface [ loopback ] [ brief [ down ] ]
Display information about the specified or all
loopback interfaces. display interface [ loopback [ interface-number ] ] [ brief
[ description ] ]
Display information about the null interface. display interface [ null [ 0 ] ] [ brief [ description ] ]
Clear the statistics on the null interface. reset counters interface [ null [ 0 ] ]
13
Task Command
Clear the statistics on the inloopback interface. reset counters interface
14
Bulk configuring interfaces
You can enter interface range view to bulk configure multiple interfaces with the same feature instead of
configuring them one by one. For example, you can execute the shutdown command in interface range
view to shut down a range of interfaces.
If a command fails to take effect on the first interface in an interface range, the command does not take
effect on all the other member interfaces. Failure to apply a command on a member interface except for
the first interface does not affect the application of the command on the other member interfaces.
Configuration procedure
Step Command Remarks
1. Enter system view. system-view N/A
interface range { interface-type
interface-number [ to
Use either command.
interface-type
interface-number ] } &<1-5> By using the interface range name
2. Enter interface range command, you assign a name to an
view. interface range name name
interface range and can specify this
[ interface { interface-type
name rather than the interface range to
interface-number [ to
enter the interface range view.
interface-type
interface-number ] } &<1-5> ]
3. (Optional.) Display
commands available for Enter a question mark (?) at the
N/A
the first interface in the interface range prompt.
interface range.
15
Step Command Remarks
4. Use available
Available commands vary by
commands to configure N/A
interface.
the interfaces.
Task Command
Display information about interface ranges configured
display interface range [ name name ]
through the interface range name command.
16
Configuring the MAC address table
Overview
An Ethernet device uses a MAC address table to forward frames. A MAC address entry contains a
destination MAC address, an outgoing interface, and a VLAN ID. Upon receiving a frame, the device
uses the destination MAC address of the frame to look for a match in the MAC address table. If a match
is found, the device forwards the frame out of the outgoing interface in the matching entry. If no match
is found, the device floods the frame to all interfaces in the same VLAN as the incoming interface.
17
Static entriesStatic entries are manually added in order to forward frames with a specific
destination MAC address out of their associated interfaces and never age out. A static entry has
higher priority than a dynamically learned one.
Dynamic entriesDynamic entries can be manually configured or dynamically learned in order to
forward frames with a specific destination MAC address out of their associated interfaces and
might age out. A manually configured dynamic entry has the same priority as a dynamically
learned one.
Blackhole entriesBlackhole entries are manually configured and never age out. Blackhole entries
are configured for filtering out frames with a specific destination MAC address. For example, to
block all frames destined for a specific user for security concerns, you can configure the MAC
address of this user as a blackhole MAC address entry.
Multiport unicast entriesMultiport unicast entries are manually added in order to send frames
with a specific unicast destination MAC address out of multiple ports and never age out. A multiport
unicast entry has higher priority than a dynamically learned one.
A static, blackhole, or multiport unicast MAC address entry can overwrite a dynamic MAC address entry,
but not vice versa.
Type Description
Discards the frame entered on a different interface from that in the entry.
Static MAC address entry
Forwards the frame entered on the same interface with that in the entry.
Learns the MAC address (for example, MAC A) of the frame, adds a dynamic
Multiport unicast MAC MAC address entry for MAC A, and forwards the frame.
address entry Forwards the frames destined for MAC A according to only the multiport
unicast MAC address entry.
18
Type Description
Learns the MAC address of the frame entered on a different interface from
Dynamic MAC address that in the entry and overwrites the original entry.
entry Forwards the frame entered on the same interface with that in the entry and
updates the aging timer for the entry.
19
Adding or modifying a multiport unicast MAC address entry
You can configure a multiport unicast MAC address entry to associate a unicast destination MAC
address with multiple ports, so that the frame with a destination MAC address matching the entry is
forwarded out of multiple ports. For example, in NLB unicast mode, all servers within the cluster uses the
cluster's MAC address as their own address, and frames destined for the cluster are forwarded to every
server. In this case, you can configure a multiport unicast MAC address entry on the device connected to
the group of servers. In this manner, the device forwards the frame destined for the server group through
all ports connected to the servers within the cluster.
Figure 2 NLB cluster
Device
NLB cluster
You can configure a multiport unicast MAC address entry globally or on an interface.
20
Step Command Remarks
Enter Layer 2 Ethernet interface
view:
interface interface-type
interface-number
2. Enter interface view. N/A
Enter Layer 2 aggregate
interface view:
interface bridge-aggregation
interface-number
Disabling global MAC address learning disables the learning function on all interfaces.
21
Step Command Remarks
1. Enter system view. system-view N/A
Enter Layer 2 Ethernet interface
view:
interface interface-type
interface-number
2. Enter interface view. N/A
Enter Layer 2 aggregate interface
view:
interface bridge-aggregation
interface-number
22
To avoid unnecessary floods and improve forwarding speed, make sure all cards possess the same MAC
address table. After you enable MAC address table synchronization, each card advertises learned MAC
address entries to other cards of all member devices. (In IRF mode.)
As shown in Figure 3, Device A and Device B form an IRF fabric enabled with MAC address
synchronization. They connect to AP C and AP D, respectively. When Client A associates with AP C,
Device A learns a MAC address entry for Client A and advertises it to Device B.
Figure 3 MAC address tables of devices when Client A accesses AP C
If Client A roams to AP D, Device B learns a MAC address entry for Client A and advertises it to Device
A to ensure service continuity for Client A, as shown in Figure 4.
Figure 4 MAC address tables of devices when Client A roams to AP D
23
Step Command Remarks
1. Enter system view. system-view N/A
Task Command
display mac-address [ mac-address [ vlan vlan-id ] | [ [ dynamic |
Display MAC address table
static ] [ interface interface-type interface-number ] | blackhole |
information.
multiport ] [ vlan vlan-id ] [ count ] ]
Display the system or interface MAC display mac-address mac-learning [ interface interface-type
address learning state. interface-number ]
Configuration procedure
# Add a static MAC address entry for MAC address 000f-e235-dc71 on FortyGigE 1/0/1 that belongs
to VLAN 1.
<Device> system-view
[Device] mac-address static 000f-e235-dc71 interface fortygige 1/0/1 vlan 1
# Add a blackhole MAC address entry for MAC address 000f-e235-abcd that belongs to VLAN 1.
[Device] mac-address blackhole 000f-e235-abcd vlan 1
24
# Set the aging timer for dynamic MAC address entries to 500 seconds.
[Device] mac-address timer aging 500
25
Configuring MAC Information
The MAC Information feature can generate syslog messages or SNMP notifications when MAC address
entries are learned or deleted. You can use these messages to monitor users leaving or joining the
network and analyze network traffic.
The MAC Information feature buffers the MAC change syslog messages or SNMP notifications in a
queue. When the timer set for sending syslog messages or SNMP notifications does not expire, the
device overwrites the last piece of information written into the queue with the new MAC address change
if the queue has been exhausted. To send a syslog message or SNMP notification immediately after it is
created, set the queue length to zero.
The device does not write MAC address change information or send MAC address change messages for
blackhole MAC addresses, static MAC addresses, multiport unicast MAC addresses, multicast MAC
addresses, and local MAC addresses except for dynamic MAC addresses.
Configuration guidelines
Enable MAC Information globally before you enable it on interfaces.
26
Step Command Remarks
1. Enter system view. system-view N/A
27
Figure 5 Network diagram
Configuration procedure
1. Configure Device to send syslog messages to Host B:
# Enable the information center.
<Device> system-view
[Device] info-center enable
# Specify the log host 192.168.1.2/24 and specify local4 as the logging facility.
[Device] info-center loghost 192.168.1.2 facility local4
# Disable log output to the log host.
[Device] info-center source default loghost deny
To avoid output of unnecessary information, disable all modules from outputting logs to the
specified destination (loghost, in this example) before you configure an output rule.
# Configure an output rule to output to the log host MAC address logs that have a severity level of
at least informational.
[Device] info-center source mac loghost level informational
2. Configure the log host, Host B:
The following configurations were performed on Solaris. Other UNIX operating systems have
similar configurations.
a. Log in to the log host as a root user.
b. Create a subdirectory named Device in directory /var/log/, and then create file info.log in the
Device directory to save logs from Device.
# mkdir /var/log/Device
28
# touch /var/log/Device/info.log
c. Edit the file syslog.conf in directory /etc/ and add the following contents:
# Device configuration messages
local4.info /var/log/Device/info.log
In this configuration, local4 is the name of the logging facility that the log host uses to receive
logs, and info is the informational level. The UNIX system records the log information that has
a severity level of at least informational to the file /var/log/Device/info.log.
d. Display the process ID of syslogd, kill the syslogd process, and then restart syslogd using the r
option to make the new configuration take effect.
# ps -ae | grep syslogd
147
# kill -HUP 147
# syslogd -r &
Now, the device can output MAC address logs to the log host, which stores the logs to the
specified file.
3. Enable MAC Information on Device:
# Enable MAC Information globally.
[Device] mac-address information enable
# Configure the MAC Information mode as syslog.
[Device] mac-address information mode syslog
# Enable MAC Information on interface FortyGigE 1/0/1, so that interface FortyGigE 1/0/1 can
record MAC address change information when learning a new MAC address or deleting an
existing MAC address.
[Device] interface fortygige 1/0/1
[Device-FortyGigE1/0/1] mac-address information enable added
[Device-FortyGigE1/0/1] mac-address information enable deleted
[Device-FortyGigE1/0/1] quit
# Set the MAC Information queue length to 100.
[Device] mac-address information queue-length 100
# Set the MAC change sending interval to 20 seconds.
[Device] mac-address information interval 20
29
Configuring Ethernet link aggregation
Ethernet link aggregation bundles multiple physical Ethernet links into one logical link, called an
aggregate link. Link aggregation has the following benefits:
Increased bandwidth beyond the limits of any single link. In an aggregate link, traffic is distributed
across the member ports.
Improved link reliability. The member ports dynamically back up one another. When a member
port fails, its traffic is automatically switched to other member ports.
As shown in Figure 6, Device A and Device B are connected by three physical Ethernet links. These
physical Ethernet links are combined into an aggregate link called link aggregation 1. The bandwidth of
this aggregate link can be as high as the total bandwidth of the three physical Ethernet links. At the same
time, the three Ethernet links back up one another. When a physical Ethernet link fails, the traffic
previously carried on the failed link is switched to the other two links.
Figure 6 Ethernet link aggregation diagram
Basic concepts
Aggregation group, member port, and aggregate interface
Link bundling is implemented through interface bundling. An aggregation group is a group of Ethernet
interfaces bundled together, which are called member ports of the aggregation group. For each
aggregation group, a logical interface (called an aggregate interface), is created. To an upper layer
entity that uses the link aggregation service, a link aggregation group appears the same as a single
logical link and data traffic is transmitted through the aggregate interface.
When you create an aggregate interface, the device automatically creates an aggregation group of the
same type and number as the aggregate interface. For example, when you create aggregate interface
1, aggregation group 1 is created.
You can assign Layer 2 Ethernet interfaces only to a Layer 2 aggregation group.
The port rate of an aggregate interface equals the total rate of its member ports in Selected state, and its
duplex mode is the same as that of the selected member ports. For more information about the states of
member ports in an aggregation group, see "Aggregation states of member ports in an aggregation
group."
30
UnselectedAn Unselected port cannot forward traffic.
Operational key
When aggregating ports, the system automatically assigns each port an operational key based on port
information, such as port rate and duplex mode. Any change to this information triggers a recalculation
of the operational key.
In an aggregation group, all Selected ports are assigned the same operational key.
Configuration types
Every configuration setting on a port might affect its aggregation state. Port configurations include the
following types:
Attribute configurationsTo become a Selected port, a member port must have the same attribute
configurations as the aggregate interface. Table 2 describes the attribute configurations.
Attribute configurations made on an aggregate interface are automatically synchronized to all
member ports. These configurations are retained on the member ports even after the aggregate
interface is removed.
Any attribute configuration change might affect the aggregation state of link aggregation member
ports and running services. To make sure that you are aware of the risk, the system displays a
warning message every time you attempt to change an attribute configuration setting on a member
port.
Table 2 Attribute configurations
Feature Considerations
Indicates whether the port has joined an isolation group, and the isolation group
Port isolation
to which the port belongs.
Permitted VLAN IDs, PVID, link type (trunk, hybrid, or access), operating mode
VLAN (promiscuous, trunk promiscuous, host), and VLAN tagging mode. For
information about VLAN, see "Configuring VLANs."
NOTE:
The protocol configuration for a member port is effective only when the member port leaves the
aggregation group.
31
Dynamic aggregation modeThe peering system automatically maintains the aggregation state of
the member ports, thus reducing the workload of administrators.
An aggregation group in static mode is called a "static aggregation group" and an aggregation group
in dynamic mode is called a "dynamic aggregation group."
32
Figure 7 Setting the aggregation state of a member port in a static aggregation group
LACP
LACP uses LACPDUs to exchange aggregation information between LACP-enabled devices.
Each member port in an LACP-enabled aggregation group exchanges information with its peer. When a
member port receives an LACPDU, it compares the received information with information received on the
other member ports. In this way, the two systems reach an agreement on which ports are placed in
Selected state.
33
LACP functions
LACP offers basic LACP functions and extended LACP functions, as described in Table 3.
Table 3 Basic and extended LACP functions
Category Description
Implemented through the basic LACPDU fields, including the system LACP priority,
Basic LACP functions
system MAC address, port priority, port number, and operational key.
Implemented by extending the LACPDU with new TLV fields. This is how the LACP
MAD mechanism of the IRF feature is implemented. it can participate in LACP MAD
Extended LACP as either an IRF member device or an intermediate device.
functions
For more information about IRF and the LACP MAD mechanism, see IRF
Configuration Guide.
LACP priorities
LACP priorities include system LACP priority and port priority, as described in Table 4. The smaller the
priority value, the higher the priority.
Table 4 LACP priorities
Type Description
Used by two peer devices (or systems) to determine which one is superior in link
aggregation.
System LACP priority In dynamic link aggregation, the system that has higher system LACP priority sets the
Selected state of member ports on its side, after which the system that has lower priority
sets port state accordingly.
Determines the likelihood of a member port to be selected on a system. The higher port
Port priority
priority, the higher the likelihood of selection.
34
The local system (the actor) and the remote system (the partner) negotiate a reference port by using the
following workflow:
1. The systems compare their system IDs. (A system ID contains the system LACP priority and the
system MAC address.) The lower the LACP priority, the smaller the system ID. If LACP priority
values are the same, the two systems compare their MAC addresses. The lower the MAC address,
the smaller the system ID.
2. The system with the smaller system ID chooses the port with the smallest port ID as the reference
port. (A port ID contains a port priority and a port number.) The port with the lower priority value
is chosen. If two ports have the same aggregation priority, the system compares their port numbers.
The port with the smaller port number and the same attribute configurations as the aggregate
interface becomes the reference port.
35
Figure 8 Setting the state of a member port in a dynamic aggregation group
Meanwhile, the system with the higher system ID, being aware of the aggregation state changes on the
remote system, sets the aggregation state of local member ports the same as their peer ports.
When you aggregate interfaces in dynamic mode, follow these guidelines:
The maximum number of Selected ports in a dynamic aggregation group is 16.
A dynamic link aggregation group preferably sets full-duplex ports as the Selected ports, and will
set one, and only one, half-duplex port as a Selected port when none of the full-duplex ports can be
selected or only half-duplex ports exist in the group.
To ensure stable aggregation and service continuity, do not change the operational key or attribute
configurations on any member port.
In a dynamic aggregation group, when the aggregation state of a local port changes, the
aggregation state of the peer port also changes.
36
A port that joins a dynamic aggregation group after the Selected port limit has been reached is
placed in Selected state if it is more eligible to be selected than a current member port.
Configuration guidelines
When you configure an aggregation group, follow these guidelines:
37
Removing an aggregate interface also removes its aggregation group and causes all member ports
to leave the aggregation group.
You must configure the same aggregation mode on the two ends of an aggregate link.
2. Set the system LACP priority. lacp system-priority system-priority Changing the system LACP priority
might affect the aggregation state
of the ports in a dynamic
aggregation group.
38
Step Command Remarks
When you create a Layer 2
3. Create a Layer 2 aggregate aggregate interface, the system
interface bridge-aggregation
interface and enter Layer 2 automatically creates a Layer 2
interface-number
aggregate interface view. static aggregation group
numbered the same.
4. Configure the aggregation By default, an aggregation group
group to operate in dynamic link-aggregation mode dynamic operates in static aggregation
aggregation mode. mode.
5. Exit to system view. quit N/A
a. Enter Layer 2 Ethernet
interface view:
interface interface-type
interface-number Repeat these two sub-steps to
6. Assign an interface to the
assign more Layer 2 Ethernet
specified Layer 2 aggregation b. Assign the interface to the
interfaces to the aggregation
group. specified Layer 2
group.
aggregation group:
port link-aggregation
group number
7. Configure the port priority for link-aggregation port-priority
The default setting is 32768.
the interface. port-priority
39
Step Command Remarks
3. Configure the By default, the description of an
description of the description text interface is in the format of
aggregate interface. interface-name Interface.
The bandwidth of an aggregate link increases as the number of selected member ports increases. To
avoid congestion caused by insufficient Selected ports on an aggregate link, you can set the minimum
number of Selected ports required for bringing up the specific aggregate interface.
This minimum threshold setting affects the aggregation state of both aggregation member ports and the
aggregate interface:
When the number of member ports eligible to be selected is smaller than the minimum threshold,
all member ports change to the Unselected state and the link of the aggregate interface goes down.
When the minimum threshold is reached, the eligible member ports change to the Selected state,
and the link of the aggregate interface goes up.
The maximum number of Selected ports allowed in an aggregation group is limited by either the
configured maximum number or hardware capability, whichever value is smaller.
You can configure backup between two ports by assigning two ports to an aggregation group and
configuring the maximum number of Selected ports allowed in the aggregation group as 1. In this way,
40
only one Selected port is allowed in the aggregation group at any point in time, while the Unselected
port serves as a backup port.
To set the minimum and maximum numbers of Selected ports for an aggregation group:
41
Step Command Remarks
1. Enter system view. system-view N/A
Step Command
1. Enter system view. system-view
2. Enter Layer 2 aggregate interface view. interface bridge-aggregation interface-number
3. Restore the default settings for the aggregate
default
interface.
In system view, the switch supports the following load sharing criteria and combinations:
Source IP address
42
Destination IP address
Source MAC address
Destination MAC address
Source IP address and destination IP address
Source IP address and source port
Destination IP address and destination port
Source IP address, source port, destination IP address, and destination port
Any combination of ingress port, source MAC address, and destination MAC address
Yes
43
NOTE:
Local-first load sharing for link aggregation takes effect on only known unicast packets.
Configuration procedure
To enable link-aggregation traffic redirection:
Task Command
display interface [ bridge-aggregation ] [ brief [ down |
Display information for an aggregate interface description ] ]
or multiple aggregate interfaces. display interface bridge-aggregation interface-number
[ brief [ description ] ]
44
Task Command
Display the global or group-specific display link-aggregation load-sharing mode [ interface
link-aggregation load sharing criteria. [ bridge-aggregation interface-number ] ]
Clear statistics for specific or all aggregate reset counters interface [ bridge-aggregation
interfaces. [ interface-number ] ]
Configuration procedure
1. Configure Device A:
# Create VLAN 10, and assign port FortyGigE 1/0/4 to VLAN 10.
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port fortygige 1/0/4
[DeviceA-vlan10] quit
45
# Create VLAN 20, and assign port FortyGigE 1/0/5 to VLAN 20.
[DeviceA] vlan 20
[DeviceA-vlan20] port fortygige 1/0/5
[DeviceA-vlan20] quit
# Create Layer 2 aggregate interface Bridge-Aggregation 1.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] quit
# Assign ports FortyGigE 1/0/1 through FortyGigE 1/0/3 to link aggregation group 1.
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] port link-aggregation group 1
[DeviceA-FortyGigE1/0/1] quit
[DeviceA] interface fortygige 1/0/2
[DeviceA-FortyGigE1/0/2] port link-aggregation group 1
[DeviceA-FortyGigE1/0/2] quit
[DeviceA] interface fortygige 1/0/3
[DeviceA-FortyGigE1/0/3] port link-aggregation group 1
[DeviceA-FortyGigE1/0/3] quit
# Configure Layer 2 aggregate interface Bridge-Aggregation 1 as a trunk port and assign it to
VLANs 10 and 20.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] port link-type trunk
[DeviceA-Bridge-Aggregation1] port trunk permit vlan 10 20
[DeviceA-Bridge-Aggregation1] quit
2. Configure Device B in the same way Device A is configured.
The output shows that link aggregation group 1 is a Layer 2 static aggregation group and it contains
three Selected ports.
46
Layer 2 dynamic aggregation configuration example
Network requirements
As shown in Figure 11, configure a Layer 2 dynamic aggregation group on both Device A and Device B,
enable VLAN 10 at one end of the aggregate link to communicate with VLAN 10 at the other end, and
VLAN 20 at one end to communicate with VLAN 20 at the other end.
Figure 11 Network diagram
Configuration procedure
1. Configure Device A:
# Create VLAN 10, and assign the port FortyGigE 1/0/4 to VLAN 10.
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port fortygige 1/0/4
[DeviceA-vlan10] quit
# Create VLAN 20, and assign the port FortyGigE 1/0/5 to VLAN 20.
[DeviceA] vlan 20
[DeviceA-vlan20] port fortygige 1/0/5
[DeviceA-vlan20] quit
# Create Layer 2 aggregate interface Bridge-Aggregation 1, and configure the link aggregation
mode as dynamic.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] link-aggregation mode dynamic
[DeviceA-Bridge-Aggregation1] quit
# Assign ports FortyGigE 1/0/1 through FortyGigE 1/0/3 to link aggregation group 1.
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] port link-aggregation group 1
[DeviceA-FortyGigE1/0/1] quit
[DeviceA] interface fortygige 1/0/2
[DeviceA-FortyGigE1/0/2] port link-aggregation group 1
[DeviceA-FortyGigE1/0/2] quit
[DeviceA] interface fortygige 1/0/3
[DeviceA-FortyGigE1/0/3] port link-aggregation group 1
47
[DeviceA-FortyGigE1/0/3] quit
# Configure Layer 2 aggregate interface Bridge-Aggregation 1 as a trunk port and assign it to
VLANs 10 and 20.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] port link-type trunk
[DeviceA-Bridge-Aggregation1] port trunk permit vlan 10 20
[DeviceA-Bridge-Aggregation1] quit
2. Configure Device B in the same way Device A is configured.
The output shows that link aggregation group 1 is a Layer 2 dynamic aggregation group and it contains
three Selected ports.
48
Figure 12 Network diagram
Configuration procedure
1. Configure Device A:
# Create VLAN 10, and assign the port FortyGigE 1/0/5 to VLAN 10.
<DeviceA> system-view
[DeviceA] vlan 10
[DeviceA-vlan10] port fortygige 1/0/5
[DeviceA-vlan10] quit
# Create VLAN 20, and assign the port FortyGigE 1/0/6 to VLAN 20.
[DeviceA] vlan 20
[DeviceA-vlan20] port fortygige 1/0/6
[DeviceA-vlan20] quit
# Create Layer 2 aggregate interface Bridge-Aggregation 1.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] quit
# Assign ports FortyGigE 1/0/1 and FortyGigE 1/0/2 to link aggregation group 1.
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] port link-aggregation group 1
[DeviceA-FortyGigE1/0/1] quit
[DeviceA] interface fortygige 1/0/2
[DeviceA-FortyGigE1/0/2] port link-aggregation group 1
[DeviceA-FortyGigE1/0/2] quit
# Configure Layer 2 aggregate interface Bridge-Aggregation 1 as a trunk port and assign it to
VLAN 10.
[DeviceA] interface bridge-aggregation 1
[DeviceA-Bridge-Aggregation1] port link-type trunk
[DeviceA-Bridge-Aggregation1] port trunk permit vlan 10
[DeviceA-Bridge-Aggregation1] quit
# Create Layer 2 aggregate interface Bridge-Aggregation 2.
[DeviceA] interface bridge-aggregation 2
[DeviceA-Bridge-Aggregation2] quit
# Assign ports FortyGigE 1/0/3 and FortyGigE 1/0/4 to link aggregation group 2.
[DeviceA] interface fortygige 1/0/3
49
[DeviceA-FortyGigE1/0/3] port link-aggregation group 2
[DeviceA-FortyGigE1/0/3] quit
[DeviceA] interface fortygige 1/0/4
[DeviceA-FortyGigE1/0/4] port link-aggregation group 2
[DeviceA-FortyGigE1/0/4] quit
# Configure Layer 2 aggregate interface Bridge-Aggregation 2 as a trunk port and assign it to
VLAN 20.
[DeviceA] interface bridge-aggregation 2
[DeviceA-Bridge-Aggregation2] port link-type trunk
[DeviceA-Bridge-Aggregation2] port trunk permit vlan 20
[DeviceA-Bridge-Aggregation2] quit
# Configure the source MAC address as the global link-aggregation load sharing criterion.
[DeviceA] link-aggregation global load-sharing mode source-mac
2. Configure Device B in the same way Device A is configured.
The output shows that link aggregation groups 1 and 2 are both load-shared Layer 2 static aggregation
groups and each contains two Selected ports.
# Display all the group-specific load sharing criteria on Device A.
[DeviceA] display link-aggregation load-sharing mode interface
50
Bridge-Aggregation2 Load-Sharing Mode:
source-mac address
The output shows that the load sharing criteria for both link aggregation group 1 and link aggregation
group 2 are the source MAC addresses of packets.
51
Configuring port isolation
The port isolation feature isolates Layer 2 traffic for data privacy and security without using VLANs. You
can also use this feature to isolate the hosts in a VLAN from one another.
You can manually create isolation groups on the switch, but only the isolation group numbered 1 is valid.
The number of ports assigned to an isolation group is not limited.
Within the same VLAN, ports in an isolation group can communicate with those outside the isolation
group at Layer 2.
Task Command
display port-isolate group [ group-number ] [ | { begin |
Display isolation group information
exclude | include } regular-expression ]
52
Port isolation configuration example
Network requirements
As shown in Figure 13, LAN users Host A, Host B, and Host C are connected to FortyGigE 1/0/1,
FortyGigE 1/0/2, and FortyGigE 1/0/3 on the device, respectively. The device connects to the Internet
through FortyGigE 1/0/4.
Configure the device to provide Internet access for the hosts, and isolate them from one another at Layer
2.
Figure 13 Network diagram
Configuration procedure
# Create isolation group 1.
<Device> system-view
[Device] port-isolate group 1
# Assign FortyGigE 1/0/1, FortyGigE 1/0/2, and FortyGigE 1/0/3 to isolation group 1.
[Device] interface fortygige 1/0/1
[Device-FortyGigE1/0/1] port-isolate enable group 1
[Device-FortyGigE1/0/1] quit
[Device] interface fortygige 1/0/2
[Device-FortyGigE1/0/2] port-isolate enable group 1
[Device-FortyGigE1/0/2] quit
[Device] interface fortygige 1/0/3
[Device-FortyGigE1/0/3] port-isolate enable group 1
53
Group ID: 1
Group members:
FortyGigE1/0/1
FortyGigE1/0/2
FortyGigE1/0/3
54
Configuring spanning tree protocols
Spanning tree protocols eliminate loops in a physical link-redundant network by selectively blocking
redundant links and putting them in a standby state.
The recent versions of STP include the Rapid Spanning Tree Protocol (RSTP) and the Multiple Spanning
Tree Protocol (MSTP).
STP
STP was developed based on the 802.1d standard of IEEE to eliminate loops at the data link layer in a
LAN. Networks often have redundant links as backups in case of failures, but loops are a very serious
problem. Devices running STP detect loops in the network by exchanging information with one another,
and eliminate loops by selectively blocking certain ports to prune the loop structure into a loop-free tree
structure. This avoids proliferation and infinite cycling of packets that would occur in a loop network.
In the narrow sense, STP refers to IEEE 802.1d STP. In the broad sense, STP refers to the IEEE 802.1d STP
and various enhanced spanning tree protocols derived from that protocol.
55
Basic concepts in STP
Root bridge
A tree network must have a root bridge. The entire network contains only one root bridge, and all the
other bridges in the network are called "leaf nodes". The root bridge is not permanent, but can change
with changes of the network topology.
Upon initialization of a network, each device generates and periodically sends configuration BPDUs,
with itself as the root bridge. After network convergence, only the root bridge generates and periodically
sends configuration BPDUs. The other devices only forward the BPDUs.
Root port
On a non-root bridge, the port nearest to the root bridge is the root port. The root port communicates with
the root bridge. Each non-root bridge has only one root port. The root bridge has no root port.
As shown in Figure 14, Device B and Device C are directly connected to a LAN. If Device A forwards
BPDUs to Device B through port A1, the designated bridge for Device B is Device A, and the designated
port of Device B is port A1 on Device A. If Device B forwards BPDUs to the LAN, the designated bridge
for the LAN is Device B, and the designated port for the LAN is port B2 on Device B.
Figure 14 Designated bridges and designated ports
Device A
Port A1 Port A2
Device B Device C
Port B1 Port C1
Port B2 Port C2
LAN
Path cost
Path cost is a reference value used for link selection in STP. STP calculates path costs to select the most
robust links and block redundant links that are less robust, to prune the network into a loop-free tree.
56
Calculation process of the STP algorithm
The spanning tree calculation process described in the following sections is a simplified process for
example only.
Calculation process
The STP algorithm uses the following calculation process:
1. Network initialization.
Upon initialization of a device, each port generates a BPDU with the port as the designated port,
the device as the root bridge, 0 as the root path cost, and the device ID as the designated bridge
ID.
2. Root bridge selection.
Initially, each STP-enabled device on the network assumes itself to be the root bridge, with its own
device ID as the root bridge ID. By exchanging configuration BPDUs, the devices compare their
root bridge IDs to elect the device with the smallest root bridge ID as the root bridge.
3. Root port and designated ports selection on the non-root bridges.
Step Description
A non-rootbridge device regards the port on which it received the optimum configuration
1
BPDU as the root port. Table 5 describes how the optimum configuration BPDU is selected.
Based on the configuration BPDU and the path cost of the root port, the device calculates a
designated port configuration BPDU for each of the other ports.
The root bridge ID is replaced with that of the configuration BPDU of the root port.
2 The root path cost is replaced with that of the configuration BPDU of the root port plus the
path cost of the root port.
The designated bridge ID is replaced with the ID of this device.
The designated port ID is replaced with the ID of this port.
The device compares the calculated configuration BPDU with the configuration BPDU on the
port whose port role will be determined, and acts depending on the result of the comparison:
If the calculated configuration BPDU is superior, the device considers this port as the
designated port, replaces the configuration BPDU on the port with the calculated
3
configuration BPDU, and periodically sends the calculated configuration BPDU.
If the configuration BPDU on the port is superior, the device blocks this port without
updating its configuration BPDU. The blocked port can receive BPDUs, but cannot send
BPDUs or forward data traffic.
When the network topology is stable, only the root port and designated ports forward user traffic.
Other ports are all in the blocked state to receive BPDUs but not to forward BPDUs or user traffic.
Table 5 Selecting the optimum configuration BPDU
Step Actions
Upon receiving a configuration BPDU on a port, the device compares the priority of the
received configuration BPDU with that of the configuration BPDU generated by the port, and:
If the former priority is lower, the device discards the received configuration BPDU and
1
keeps the configuration BPDU the port generated.
If the former priority is higher, the device replaces the content of the configuration BPDU
generated by the port with the content of the received configuration BPDU.
57
Step Actions
The device compares the configuration BPDUs of all the ports and chooses the optimum
2
configuration BPDU.
Port A1 Port A2
Port B1 Port C1
Port B2 Port C2
Path cost = 4
Device B Device C
Priority = 1 Priority = 2
As shown in Figure 15, the priority values of Device A, Device B, and Device C are 0, 1, and 2, and the
path costs of links among the three devices are 5, 10, and 4, respectively.
1. Device state initialization.
In Table 6, each configuration BPDU contains the following fields: root bridge ID, root path cost,
designated bridge ID, and designated port ID.
Table 6 Initial state of each device
58
Configuration BPDU on the
Device Port name
port
Port B2 {1, 0, 1, Port B2}
Configuration BPDU on
Device Comparison process
ports after comparison
Port A1 receives the configuration BPDU of Port B1 {1, 0,
1, Port B1}, finds that its existing configuration BPDU {0, 0,
0, Port A1} is superior to the received configuration BPDU,
and discards the received one.
Port A2 receives the configuration BPDU of Port C1 {2, 0, Port A1: {0, 0, 0, Port
2, Port C1}, finds that its existing configuration BPDU {0,
A1}
Device A 0, 0, Port A2} is superior to the received configuration
BPDU, and discards the received one.
Port A2: {0, 0, 0, Port
A2}
Device A finds that it is both the root bridge and
designated bridge in the configuration BPDUs of all its
ports, and considers itself as the root bridge. It does not
change the configuration BPDU of any port and starts to
periodically send configuration BPDUs.
Port B1 receives the configuration BPDU of Port A1 {0, 0,
0, Port A1}, finds that the received configuration BPDU is
superior to its existing configuration BPDU {1, 0, 1, Port Port B1: {0, 0, 0, Port
B1}, and updates its configuration BPDU. A1}
Port B2 receives the configuration BPDU of Port C2 {2, 0, Port B2: {1, 0, 1, Port
2, Port C2}, finds that its existing configuration BPDU {1, B2}
0, 1, Port B2} is superior to the received configuration
BPDU, and discards the received one.
Device B compares the configuration BPDUs of all its
ports, decides that the configuration BPDU of Port B1 is the
Device B optimum, and selects Port B1 as the root port with the
configuration BPDU unchanged.
Based on the configuration BPDU and path cost of the root Root port (Port B1): {0,
port, Device B calculates a designated port configuration 0, 0, Port A1}
BPDU for Port B2 {0, 5, 1, Port B2}, and compares it with
Designated port (Port
the existing configuration BPDU of Port B2 {1, 0, 1, Port
B2): {0, 5, 1, Port B2}
B2}. Device B finds that the calculated one is superior,
decides that Port B2 is the designated port, replaces the
configuration BPDU on Port B2 with the calculated one,
and periodically sends the calculated configuration
BPDU.
59
Configuration BPDU on
Device Comparison process
ports after comparison
Port C1 receives the configuration BPDU of Port A2 {0, 0,
0, Port A2}, finds that the received configuration BPDU is
superior to its existing configuration BPDU {2, 0, 2, Port Port C1: {0, 0, 0, Port
C1}, and updates its configuration BPDU. A2}
Port C2 receives the original configuration BPDU of Port Port C2: {1, 0, 1, Port
B2 {1, 0, 1, Port B2}, finds that the received configuration B2}
BPDU is superior to the existing configuration BPDU {2, 0,
2, Port C2}, and updates its configuration BPDU.
Device C compares the configuration BPDUs of all its
ports, decides that the configuration BPDU of Port C1 is
the optimum, and selects Port C1 as the root port with the
configuration BPDU unchanged.
Based on the configuration BPDU and path cost of the root Root port (Port C1): {0,
port, Device C calculates the configuration BPDU of Port 0, 0, Port A2}
C2 {0, 10, 2, Port C2}, and compares it with the existing Designated port (Port
configuration BPDU of Port C2 {1, 0, 1, Port B2}. Device C C2): {0, 10, 2, Port C2}
finds that the calculated configuration BPDU is superior to
the existing one, selects Port C2 as the designated port,
and replaces the configuration BPDU of Port C2 with the
calculated one.
Port C2 receives the updated configuration BPDU of Port
B2 {0, 5, 1, Port B2}, finds that the received configuration
Device C BPDU is superior to its existing configuration BPDU {0, 10, Port C1: {0, 0, 0, Port
2, Port C2}, and updates its configuration BPDU. A2}
Port C1 receives a periodic configuration BPDU {0, 0, 0, Port C2: {0, 5, 1, Port
Port A2} from Port A2, finds that it is the same as the B2}
existing configuration BPDU, and discards the received
one.
Device C finds that the root path cost of Port C1 (10) (root
path cost of the received configuration BPDU (0) plus path
cost of Port C1 (10)) is larger than that of Port C2 (9) (root
path cost of the received configuration BPDU (5) plus path
cost of Port C2 (4)), decides that the configuration BPDU of
Port C2 is the optimum, and selects Port C2 as the root
port with the configuration BPDU unchanged.
Blocked port (Port C1):
Based on the configuration BPDU and path cost of the root {0, 0, 0, Port A2}
port, Device C calculates a designated port configuration
Root port (Port C2): {0,
BPDU for Port C1 {0, 9, 2, Port C1} and compares it with
5, 1, Port B2}
the existing configuration BPDU of Port C1 {0, 0, 0, Port
A2}. Device C finds that the existing configuration BPDU is
superior to the calculated one and blocks Port C1 with the
configuration BPDU unchanged. Then Port C1 does not
forward data until a new event triggers a spanning tree
calculation process, for example, the link between Device
B and Device C is down.
After the comparison processes described in Table 7, a spanning tree with Device A as the root bridge
is established, and the topology is shown in Figure 16.
60
Figure 16 The final calculated spanning tree
STP timers
The most important timing parameters in STP calculation are forward delay, hello time, and max age.
Forward delayForward delay is the delay time for port state transition.
A path failure can cause spanning tree re-calculation to adapt the spanning tree structure to the
change. However, the resulting new configuration BPDU cannot propagate throughout the
network immediately. If the newly elected root ports and designated ports start to forward data
immediately, a temporary loop will likely occur.
For this reason, as a mechanism for state transition in STP, the newly elected root ports or
designated ports require twice the forward delay time before they transit to the forwarding state to
make sure the new configuration BPDU has propagated throughout the network.
Hello timeThe device sends hello packets at the hello time interval to the neighboring devices to
make sure the paths are fault-free.
Max ageThe device uses the max age to determine whether a stored configuration BPDU has
expired and discards it if the max age is exceeded.
61
RSTP
RSTP achieves rapid network convergence by allowing a newly elected root port or designated port to
enter the forwarding state much faster than STP.
If the old root port on the device has stopped forwarding data and the upstream designated port has
started forwarding data, a newly elected RSTP root port rapidly enters the forwarding state.
A newly elected RSTP designated port rapidly enters the forwarding state if it is an edge port (a port that
directly connects to a user terminal rather than to another network device or a shared LAN segment) or
it connects to a point-to-point link. Edge ports directly enter the forwarding state. Connecting to a
point-to-point link, a designated port enters the forwarding state immediately after the device receives a
handshake response from the directly connected device.
MSTP
MSTP overcomes the following STP and RSTP limitations:
STP limitationsSTP does not support rapid state transition of ports. A newly elected port must wait
twice the forward delay time before it transits to the forwarding state, even if it connects to a
point-to-point link or is an edge port.
RSTP limitationsAlthough RSTP enables faster network convergence than STP, RSTP fails to
provide load balancing among VLANs. As with STP, all RSTP bridges in a LAN share one spanning
tree and forward packets from all VLANs along this spanning tree.
MSTP features
Developed based on IEEE 802.1s, MSTP overcomes the limitations of STP and RSTP. In addition to
supporting rapid network convergence, it provides a better load sharing mechanism for redundant links
by allowing data flows of different VLANs to be forwarded along separate paths.
MSTP provides the following features:
MSTP divides a switched network into multiple regions, each of which contains multiple spanning
trees that are independent of one another.
MSTP supports mapping VLANs to spanning tree instances by means of a VLAN-to-instance
mapping table. MSTP can reduce communication overheads and resource usage by mapping
multiple VLANs to one instance.
MSTP prunes a loop network into a loop-free tree, which avoids proliferation and endless cycling of
packets in a loop network. In addition, it supports load balancing of VLAN data by providing
multiple redundant paths for data forwarding.
MSTP is compatible with STP and RSTP.
62
Figure 17 Basic concepts in MSTP
MST region
A multiple spanning tree region (MST region) consists of multiple devices in a switched network and the
network segments among them. All these devices have the following characteristics:
A spanning tree protocol enabled
Same region name
63
Same VLAN-to-instance mapping configuration
Same MSTP revision level
Physically linked together
Multiple MST regions can exist in a switched network. You can assign multiple devices to the same MST
region. In Figure 17, the switched network comprises four MST regions, MST region 1 through MST region
4, and all devices in each MST region have the same MST region configuration.
MSTI
MSTP can generate multiple independent spanning trees in an MST region, and each spanning tree is
mapped to the specific VLANs. Each spanning tree is referred to as a "multiple spanning tree instance
(MSTI)".
In Figure 18, MST region 3 comprises three MSTIs, MSTI 1, MSTI 2, and MSTI 0.
CST
The common spanning tree (CST) is a single spanning tree that connects all MST regions in a switched
network. If you regard each MST region as a device, the CST is a spanning tree calculated by these
devices through STP or RSTP.
The blue lines in Figure 17 represent the CST.
IST
An internal spanning tree (IST) is a spanning tree that runs in an MST region. It is also called MSTI 0, a
special MSTI to which all VLANs are mapped by default.
In Figure 17, MSTI 0 is the IST in MST region 3.
CIST
The common and internal spanning tree (CIST) is a single spanning tree that connects all devices in a
switched network. It consists of the ISTs in all MST regions and the CST.
In Figure 17, the ISTs (MSTI 0) in all MST regions plus the inter-region CST constitute the CIST of the entire
network.
Regional root
The root bridge of the IST or an MSTI within an MST region is the regional root of the IST or MSTI. Based
on the topology, different spanning trees in an MST region might have different regional roots.
In MST region 3 in Figure 18, the regional root of MSTI 1 is Device B, the regional root of MSTI 2 is Device
C, and the regional root of MSTI 0 (also known as the IST) is Device A.
64
Port roles
A port can play different roles in different MSTIs. As shown in Figure 19, an MST region comprises Device
A, Device B, Device C, and Device D. Port A1 and port A2 of Device A connect to the common root
bridge. Port B2 and Port B3 of Device B form a loop. Port C3 and Port C4 of Device C connect to other
MST regions. Port D3 of Device D directly connects to a host.
Figure 19 Port roles
Port states
In MSTP, a port can be in one of the following states:
65
ForwardingThe port receives and sends BPDUs, learns MAC addresses, and forwards user
traffic.
LearningThe port receives and sends BPDUs, learns MAC addresses, but does not forward user
traffic. Learning is an intermediate port state.
DiscardingThe port receives and sends BPDUs, but does not learn MAC addresses or forward
user traffic.
NOTE:
When in different MSTIs, a port can be in different states.
A port state is not exclusively associated with a port role. Table 8 lists the port states that each port role
supports. (A check mark [] indicates that the port supports this state, while a dash [] indicates that the
port does not support this state.)
Table 8 Port states that different port roles support
Learning
Discarding
CIST calculation
The calculation of a CIST tree is also the process of configuration BPDU comparison. During this process,
the device with the highest priority is elected as the root bridge of the CIST. MSTP generates an IST within
each MST region through calculation. At the same time, MSTP regards each MST region as a single
device and generates a CST among these MST regions through calculation. The CST and ISTs constitute
the CIST of the entire network.
MSTI calculation
Within an MST region, MSTP generates different MSTIs for different VLANs based on the
VLAN-to-instance mappings. For each spanning tree, MSTP performs a separate calculation process
similar to spanning tree calculation in STP. For more information, see "Calculation process of the STP
algorithm."
In MSTP, a VLAN packet is forwarded along the following paths:
Within an MST region, the packet is forwarded along the corresponding MSTI.
Between two MST regions, the packet is forwarded along the CST.
66
MSTP implementation on devices
MSTP is compatible with STP and RSTP. Devices that are running MSTP and that are used for spanning
tree calculation can identify STP and RSTP protocol packets.
In addition to basic MSTP functions, the following functions are provided for ease of management:
Root bridge hold
Root bridge backup
Root guard
BPDU guard
Loop guard
TC-BPDU guard
Port role restriction
TC-BPDU transmission restriction
Support for hot swapping of interface cards
67
Though the member ports of an aggregation group do not participate in spanning tree calculation,
the ports still reserve their spanning tree configurations for participating in spanning tree
calculation after leaving the aggregation group.
68
Tasks at a glance
Configuring the leaf nodes:
(Required.) Setting the spanning tree mode
(Optional.) Configuring the device priority
(Optional.) Configuring the timeout factor
(Optional.) Configuring the BPDU transmission rate
(Optional.) Configuring edge ports
(Optional.) Configuring path costs of ports
(Optional.) Configuring the port priority
(Optional.) Configuring the port link type
(Optional.) Enabling outputting port state transition information
(Required.) Enabling the spanning tree feature
69
Tasks at a glance
Configuring the leaf nodes:
(Required.) Setting the spanning tree mode
(Required.) Configuring an MST region
(Optional.) Configuring the device priority
(Optional.) Configuring the timeout factor
(Optional.) Configuring the BPDU transmission rate
(Optional.) Configuring edge ports
(Optional.) Configuring path costs of ports
(Optional.) Configuring the port priority
(Optional.) Configuring the port link type
(Optional.) Configuring the mode a port uses to recognize and send MSTP packets
(Optional.) Enabling outputting port state transition information
(Required.) Enabling the spanning tree feature
70
NOTE:
In STP or RSTP mode, do not specify an MSTI. Otherwise, the spanning tree configuration does not take
effect.
In MSTP mode, if you specify an MSTI, the spanning tree configuration takes effect on the specified MSTI.
If you do not specify an MSTI, the spanning tree configuration takes effect on the CIST.
71
Configuring the root bridge or a secondary root
bridge
You can have the spanning tree protocol determine the root bridge of a spanning tree through MSTP
calculation, or you can specify the current device as the root bridge or as a secondary root bridge.
A device has independent roles in different spanning trees. It can act as the root bridge in one spanning
tree and as a secondary root bridge in another. However, one device cannot be the root bridge and a
secondary root bridge in the same spanning tree.
A spanning tree can have only one root bridge. If two or more devices are selected as the root bridge in
a spanning tree at the same time, the device with the lowest MAC address is chosen.
When the root bridge of an instance fails or is shut down, the secondary root bridge (if you have
specified one) becomes the root bridge if you have not specified a new root bridge. If you specify
multiple secondary root bridges for an instance, the secondary root bridge with the lowest MAC address
is given priority.
You can specify one root bridge for each spanning tree, regardless of the device priority settings. Once
you specify a device as the root bridge or a secondary root bridge, you cannot change its priority.
You can configure the current device as the root bridge by setting the device priority to 0. For the device
priority configuration, see "Configuring the device priority."
72
Configuring the device priority
Device priority is a factor in calculating the spanning tree. The priority of a device determines whether the
device can be elected as the root bridge of a spanning tree. A lower value indicates a higher priority.
You can set the priority of a device to a low value to specify the device as the root bridge of the spanning
tree. A spanning tree device can have different priorities in different MSTIs.
During root bridge selection, if all devices in a spanning tree have the same priority, the one with the
lowest MAC address is selected as the root bridge of the spanning tree. You cannot change the priority
of a device after it is configured as the root bridge or as a secondary root bridge.
To configure the priority of a device in a specified MSTI:
73
devices. The network diameter is a parameter that indicates the network size. A bigger network diameter
indicates a larger network size.
Based on the network diameter you configured, the system automatically sets an optimal hello time,
forward delay, and max age for the device. Each MST region is considered a device and the configured
network diameter is effective only on the CIST (or the common root bridge) but not on other MSTIs.
To configure the network diameter of a switched network:
74
loss for a link failure and triggers a new spanning tree calculation process. If the hello time is too
short, the device frequently sends the same configuration BPDUs, which waste device and network
resources. HP recommends using the default setting.
If the max age timer is too short, the device frequently begins spanning tree calculations and might
mistake network congestion as a link failure. If the max age timer is too long, the device might fail
to promptly detect link failures and quickly launch spanning tree calculations, reducing the
auto-sensing capability of the network. HP recommends using the default setting.
Configuration procedure
To configure the spanning tree timers:
3. Configure the hello timer. stp timer hello time The default setting is 2 seconds.
75
Configuring the BPDU transmission rate
The maximum number of BPDUs a port can send within each hello time equals the BPDU transmission
rate plus the hello timer value. Configure an appropriate BPDU transmission rate based on the physical
status of the port and the network structure.
The higher the BPDU transmission rate, the more BPDUs are sent within each hello time, and the more
system resources are used. By setting an appropriate BPDU transmission rate, you can limit the rate at
which the port sends BPDUs and prevent spanning tree protocols from using excessive network resources
when the network topology changes. HP recommends using the default setting.
To configure the BPDU transmission rate:
Configuration procedure
To specify a port as an edge port:
76
Configuring path costs of ports
Path cost is a parameter related to the rate of a port. On a spanning tree device, a port can have different
path costs in different MSTIs. Setting appropriate path costs allows VLAN traffic flows to be forwarded
along different physical links, achieving VLAN-based load balancing.
You can have the device automatically calculate the default path cost, or you can configure the path cost
for ports.
You can specify a standard for the device to use in automatic calculation for the default path cost. The
device supports the following standards:
dot1d-1998The device calculates the default path cost for ports based on IEEE 802.1d-1998.
dot1tThe device calculates the default path cost for ports based on IEEE 802.1t.
legacyThe device calculates the default path cost for ports based on a private standard.
When you specify a standard for the device to use when it calculates the default path cost, follow these
guidelines:
When it calculates the path cost for an aggregate interface, IEEE 802.1t takes into account the
number of Selected ports in its aggregation group, but IEEE 802.1d-1998 does not. The calculation
formula of IEEE 802.1t is: Path cost = 200,000,000/link speed (in 100 kbps), where link speed is
the sum of the link speed values of the Selected ports in the aggregation group.
IEEE 802.1d-1998 or the private standard always assigns the smallest possible value to a single port
or an aggregate interface when the link speed of the port or interface exceeds 10 Gbps. The
forwarding path selected based on this criterion might not be the best one. To solve this problem,
use dot1t as the standard for default path cost calculation, or manually set the path cost for the port
(see "Configuring path costs of ports").
To specify a standard for the device to use when it calculates the default path cost:
77
Table 9 Mappings between the link speed and the path cost
Path cost
Link speed Port type IEEE
IEEE 802.1t Private standard
802.1d-1998
0 N/A 65535 200000000 200000
Aggregate interface
1000000 1800
containing 2 Selected ports
10 Mbps Aggregate interface 100
666666 1600
containing 3 Selected ports
Aggregate interface
500000 1400
containing 4 Selected ports
Aggregate interface
100000 180
containing 2 Selected ports
100 Mbps Aggregate interface 19
66666 160
containing 3 Selected ports
Aggregate interface
50000 140
containing 4 Selected ports
Aggregate interface
10000 18
containing 2 Selected ports
1000 Mbps Aggregate interface 4
6666 16
containing 3 Selected ports
Aggregate interface
5000 14
containing 4 Selected ports
Aggregate interface
1000 1
containing 2 Selected ports
10 Gbps Aggregate interface 2
666 1
containing 3 Selected ports
Aggregate interface
500 1
containing 4 Selected ports
78
Step Command Remarks
In STP/RSTP mode:
stp cost cost By default, the system
3. Configure the path cost of the
automatically calculates the
ports. In MSTP mode:
path cost of each port.
stp [ instance instance-list ] cost cost
NOTE:
When the path cost of a port changes, the system re-calculates the role of the port and initiates a state
transition.
Configuration example
# In MSTP mode, configure the device to calculate the default path costs of its ports by using IEEE
802.1d-1998, and set the path cost of FortyGigE 1/0/3 to 200 on MSTI 2.
<Sysname> system-view
[Sysname] stp pathcost-standard dot1d-1998
Cost of every port will be reset and automatically re-calculated after you change the
current pathcost standard. Continue?[Y/N]:y
Cost of every port has been re-calculated.
[Sysname] interface fortygige 1/0/3
[Sysname-FortyGigE1/0/3] stp instance 2 cost 200
NOTE:
When the priority of a port changes, the system re-calculates the port role and initiates a state transition.
79
Configuring the port link type
A point-to-point link directly connects two devices. If two root ports or designated ports are connected
over a point-to-point link, they can rapidly transit to the forwarding state after a proposal-agreement
handshake process.
Configuration procedure
To configure the link type of a port:
80
A port in auto mode sends 802.1s MSTP packets by default. When the port receives an MSTP packet of
a legacy format, the port starts to send packets only of the legacy format. This prevents the port from
frequently changing the format of sent packets. To configure the port to send 802.1s MSTP packets, shut
down and then bring up the port.
To configure the MSTP packet format to be supported on a port:
81
Step Command Remarks
If the device starts up with the initial settings
(or empty configuration), the spanning tree
feature is disabled globally.
If the device starts up with the default
2. Enable the spanning tree
stp global enable configuration file (or factory defaults), the
feature.
spanning tree feature is enabled globally.
For more information about the startup
configuration, see Fundamentals Configuration
Guide.
3. Enter Layer 2 Ethernet or
interface interface-type
aggregate interface N/A
interface-number
view.
4. (Optional.) Enable the
By default, the spanning tree feature is enabled
spanning tree feature for stp enable
on all ports.
the port.
Performing mCheck
The mCheck feature enables user intervention in the port status transition process.
If a port on a device that is running MSTP or RSTP connects to an STP device, this port automatically
transits to STP mode when the port receives STP BPDUs. However, if the peer STP device is shut down or
removed and the local device cannot detect the change, the local device cannot automatically transit
back to the original mode. To forcibly transit the port to operate in the original mode, you can perform
an mCheck operation.
Suppose a scenario where Device A, Device B, and Device C are connected in sequence. Device A runs
STP, Device B does not run any spanning tree protocol, and Device C runs RSTP or MSTP. In this case,
when Device C receives an STP BPDU transparently transmitted by Device B, the receiving port transits to
the STP mode. If you configure Device B to run RSTP or MSTP with Device C, you must perform mCheck
operations on the ports interconnecting Device B and Device C.
The following methods for performing mCheck produce the same result.
82
Step Command
2. Enter Layer 2 Ethernet or aggregate interface
interface interface-type interface-number
view.
3. Perform mCheck. stp mcheck
NOTE:
An mCheck operation takes effect on a device that operates in MSTP or RSTP mode.
83
Configuration procedure
You can enable Digest Snooping only on the HP device that is connected to a third-party device that uses
its private key to calculate the configuration digest.
To configure Digest Snooping:
Designated port
Blocked port
Normal link
FGE1/0/1 FGE1/0/1
Blocked link
FGE1/0/2 FGE1/0/2
Device A Device B
Configuration procedure
# Enable Digest Snooping on FortyGigE 1/0/1 of Device A and enable global Digest Snooping on
Device A.
<DeviceA> system-view
84
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] stp config-digest-snooping
[DeviceA-FortyGigE1/0/1] quit
[DeviceA] stp global config-digest-snooping
# Enable Digest Snooping on FortyGigE 1/0/1 of Device B and enable global Digest Snooping on
Device B.
<DeviceB> system-view
[DeviceB] interface fortygige 1/0/1
[DeviceB-FortyGigE1/0/1] stp config-digest-snooping
[DeviceB-FortyGigE1/0/1] quit
[DeviceB] stp global config-digest-snooping
85
Figure 22 Rapid state transition of an RSTP designated port
If the upstream device is a third-party device, the rapid state transition implementation might be limited.
For example, when the upstream device uses a rapid transition mechanism similar to that of RSTP, and the
downstream device adopts MSTP and does not operate in RSTP mode, the root port on the downstream
device receives no agreement packet from the upstream device and sends no agreement packets to the
upstream device. As a result, the designated port of the upstream device fails to transit rapidly, and can
only change to the forwarding state after a period twice the Forward Delay.
You can enable the No Agreement Check feature on the downstream device's port to enable the
designated port of the upstream device to transit its state rapidly.
Configuration prerequisites
Before you configure the No Agreement Check function, complete the following tasks:
Connect a device to a third-party upstream device that supports spanning tree protocols through a
point-to-point link.
Configure the same region name, revision level and VLAN-to-instance mappings on the two devices,
assigning them to the same region.
Configuration procedure
Enable the No Agreement Check feature on the root port.
To configure No Agreement Check:
86
No Agreement Check configuration example
Network requirements
As shown in Figure 23:
Device A connects to a third-party device that has a different spanning tree implementation. Both
devices are in the same region.
The third-party device (Device B) is the regional root bridge, and Device A is the downstream
device.
Figure 23 Network diagram
Configuration procedure
# Enable No Agreement Check on FortyGigE 1/0/1 of Device A.
<DeviceA> system-view
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] stp no-agreement-check
87
protocol. The device reactivates the closed ports after a detection interval. For more information about
this detection interval, see Fundamentals Configuration Guide.
BPDU guard does not take effect on loopback-testing-enabled ports. For more information about
loopback testing, see "Configuring Ethernet interfaces."
Configure BPDU guard on a device with edge ports configured.
To enable BPDU guard:
88
forwarding state, resulting in loops in the switched network. The loop guard function can suppress the
occurrence of such loops.
The initial state of a loop guard-enabled port is discarding in every MSTI. When the port receives BPDUs,
it transits its state. Otherwise, it stays in the discarding state to prevent temporary loops.
Do not enable loop guard on a port that connects user terminals. Otherwise, the port stays in the
discarding state in all MSTIs because it cannot receive BPDUs.
On a port, the loop guard function is mutually exclusive with the root guard function or the edge port
setting.
Configure loop guard on the root port and alternate ports of a device.
To enable loop guard:
The change to the bridge ID of a device in the user access network might cause a change to the spanning
tree topology in the core network. To avoid this problem, you can enable port role restriction on a port.
With this feature enabled, when the port receives a superior BPDU, it becomes an alternate port rather
than a root port.
Make this configuration on the port that connects to the user access network.
To configure port role restriction:
89
Configuring TC-BPDU transmission restriction
CAUTION:
Enabling TC-BPDU transmission restriction on a port might cause the previous forwarding address table to
fail to be updated when the topology changes.
The topology change to the user access network might cause the forwarding address changes to the core
network. When the user access network topology is unstable, the user access network might affect the
core network. To avoid this problem, you can enable TC-BPDU transmission restriction on a port. With
this feature enabled, when the port receives a TC-BPDU, it does not forward the TC-BPDU to other ports.
Make this configuration on the port that connects to the user access network.
To configure TC-BPDU transmission restriction:
90
Displaying and maintaining the spanning tree
Execute display commands in any view and reset command in user view.
Task Command
Display information about ports blocked by spanning tree
display stp abnormal-port
protection functions.
Display the historical information of port role calculation display stp [ instance instance-list ] history [ slot
for the specified MSTI or all MSTIs (in standalone mode). slot-number ]
Display the historical information of port role calculation display stp [ instance instance-list ] history [ chassis
for the specified MSTI or all MSTIs (in IRF mode). chassis-number slot slot-number ]
Display the spanning tree status and statistics (in display stp [ instance instance-list ] [ interface
standalone mode). interface-list | slot slot-number ] [ brief ]
Display the root bridge information of all MSTIs. display stp root
91
VLAN 10 and VLAN 30 are terminated on the distribution layer devices, and VLAN 40 is terminated on
the access layer devices. The root bridges of MSTI 1 and MSTI 3 are Device A and Device B, respectively,
and the root bridge of MSTI 4 is Device C.
Figure 24 Network diagram
MST region
Device A Device B
Permit: all VLAN
FGE1/0/3 FGE1/0/3
FG 2
E1 /0/
/0/ E1
2 FG
FGE1/0/3 FGE1/0/3
Permit: VLAN 20, 40
Device C Device D
Configuration procedure
1. Configure VLANs and VLAN member ports: (Details not shown.)
{ Create VLAN 10, VLAN 20, and VLAN 30 on both Device A and Device B.
{ Create VLAN 10, VLAN 20, and VLAN 40 on Device C.
{ Create VLAN 20, VLAN 30, and VLAN 40 on Device D.
{ Configure the ports on these devices as trunk ports and assign them to related VLANs.
2. Configure Device A:
# Enter MST region view, and configure the MST region name as example.
<DeviceA> system-view
[DeviceA] stp region-configuration
[DeviceA-mst-region] region-name example
# Map VLAN 10, VLAN 30, and VLAN 40 to MSTI 1, MSTI 3, and MSTI 4, respectively.
[DeviceA-mst-region] instance 1 vlan 10
[DeviceA-mst-region] instance 3 vlan 30
[DeviceA-mst-region] instance 4 vlan 40
# Configure the revision level of the MST region as 0.
[DeviceA-mst-region] revision-level 0
# Activate MST region configuration.
[DeviceA-mst-region] active region-configuration
[DeviceA-mst-region] quit
# Specify the current device as the root bridge of MSTI 1.
[DeviceA] stp instance 1 root primary
# Enable the spanning tree feature globally.
[DeviceA] stp global enable
92
3. Configure Device B:
# Enter MST region view, and configure the MST region name as example.
<DeviceB> system-view
[DeviceB] stp region-configuration
[DeviceB-mst-region] region-name example
# Map VLAN 10, VLAN 30, and VLAN 40 to MSTI 1, MSTI 3, and MSTI 4, respectively.
[DeviceB-mst-region] instance 1 vlan 10
[DeviceB-mst-region] instance 3 vlan 30
[DeviceB-mst-region] instance 4 vlan 40
# Configure the revision level of the MST region as 0.
[DeviceB-mst-region] revision-level 0
# Activate MST region configuration.
[DeviceB-mst-region] active region-configuration
[DeviceB-mst-region] quit
# Specify the current device as the root bridge of MSTI 3.
[DeviceB] stp instance 3 root primary
# Enable the spanning tree feature globally.
[DeviceB] stp global enable
4. Configure Device C:
# Enter MST region view, and configure the MST region name as example.
<DeviceC> system-view
[DeviceC] stp region-configuration
[DeviceC-mst-region] region-name example
# Map VLAN 10, VLAN 30, and VLAN 40 to MSTI 1, MSTI 3, and MSTI 4, respectively.
[DeviceC-mst-region] instance 1 vlan 10
[DeviceC-mst-region] instance 3 vlan 30
[DeviceC-mst-region] instance 4 vlan 40
# Configure the revision level of the MST region as 0.
[DeviceC-mst-region] revision-level 0
# Activate MST region configuration.
[DeviceC-mst-region] active region-configuration
[DeviceC-mst-region] quit
# Specify the current device as the root bridge of MSTI 4.
[DeviceC] stp instance 4 root primary
# Enable the spanning tree feature globally.
[DeviceC] stp global enable
5. Configure Device D:
# Enter MST region view, and configure the MST region name as example.
<DeviceD> system-view
[DeviceD] stp region-configuration
[DeviceD-mst-region] region-name example
# Map VLAN 10, VLAN 30, and VLAN 40 to MSTI 1, MSTI 3, and MSTI 4, respectively.
[DeviceD-mst-region] instance 1 vlan 10
[DeviceD-mst-region] instance 3 vlan 30
[DeviceD-mst-region] instance 4 vlan 40
93
# Configure the revision level of the MST region as 0.
[DeviceD-mst-region] revision-level 0
# Activate MST region configuration.
[DeviceD-mst-region] active region-configuration
[DeviceD-mst-region] quit
# Enable the spanning tree feature globally.
[DeviceD] stp global enable
94
MSTID Port Role STP State Protection
0 FortyGigE1/0/1 ROOT FORWARDING NONE
0 FortyGigE1/0/2 ALTE DISCARDING NONE
0 FortyGigE1/0/3 ALTE DISCARDING NONE
3 FortyGigE1/0/1 ROOT FORWARDING NONE
3 FortyGigE1/0/2 ALTE DISCARDING NONE
4 FortyGigE1/0/3 ROOT FORWARDING NONE
Based on the output, you can draw each MSTI mapped to each VLAN, as shown in Figure 25.
Figure 25 MSTIs mapped to different VLANs
A B A B
C C D
A B
D C D
95
Configuring loop detection
Overview
Incorrect network connections or configurations can create Layer 2 loops, which results in repeated
transmission of broadcasts, multicasts, or unknown unicasts, waste network resources, and sometimes
even paralyze networks. The loop detection mechanism immediately generates a log when a loop occurs
so that you are promptly notified to adjust network connections and configurations. You can even
configure loop detection to shut down the looped port. Logs are maintained in the information center. For
more information, see Network Management and Monitoring Configuration Guide.
The Ethernet frame header for loop detection contains the following fields:
DMACDestination MAC address of the frame, which is the multicast MAC address
010F-E200-0007. When a loop detection-enabled device receives a frame with this destination
MAC address, it sends the frame to the CPU and floods the frame in the VLAN from which the frame
was originally received.
SMACSource MAC address of the frame, which is the bridge MAC address of the sending
device.
TPIDType of the VLAN tag, with the value of 0x8100.
TCIInformation of the VLAN tag, including the priority and VLAN ID.
TypeProtocol type, with the value of 0x8918.
Figure 27 Inner frame header for loop detection
The inner frame header for loop detection contains the following fields:
CodeProtocol sub-type, which is 0x0001, indicating the loop detection protocol.
96
VersionProtocol version, which is always 0x0000.
LengthLength of the frame. The value includes the inner header, but excludes the Ethernet header.
ReservedThis field is reserved.
Frames for loop detection are encapsulated as TLV triplets.
Table 10 TLVs supported by loop detection
NOTE:
Incorrect recovery can occur when loop detection frames are discarded to reduce the load. To avoid this,
use the shutdown action, or manually remove the loop.
97
Loop detection configuration task list
Tasks at a glance
(Required.) Enabling loop detection
98
Configuring the global loop protection action
Step Command Remarks
1. Enter system view. system-view N/A
99
Step Command Remarks
1. Enter system view. system-view N/A
loopback-detection interval-time
2. Set the loop detection interval. The default setting is 30 seconds.
interval
Task Command
Display the loop detection configuration and status. display loopback-detection
Device A
FGE1/0/1 FGE1/0/2
Device B Device C
VLAN 100
Configuration procedure
1. Configure Device A:
# Create VLAN 100, and globally enable loop detection for the VLAN.
<DeviceA> system-view
[DeviceA] vlan 100
[DeviceA-vlan100] quit
100
[DeviceA] loopback-detection global enable vlan 100
# Configure FortyGigE 1/0/1 and FortyGigE 1/0/2 as trunk ports, and assign them to VLAN
100.
[DeviceA] interface fortygige 1/0/1
[DeviceA-FortyGigE1/0/1] port link-type trunk
[DeviceA-FortyGigE1/0/1] port trunk permit vlan 100
[DeviceA-FortyGigE1/0/1] quit
[DeviceA] interface fortygige 1/0/2
[DeviceA-FortyGigE1/0/2] port link-type trunk
[DeviceA-FortyGigE1/0/2] port trunk permit vlan 100
[DeviceA-FortyGigE1/0/2] quit
# Configure the global loop protection action as shutdown.
[DeviceA] loopback-detection global action shutdown
# Set the loop detection interval to 35 seconds.
[DeviceA] loopback-detection interval-time 35
2. Configure Device B:
# Create VLAN 100.
<DeviceB> system-view
[DeviceB] vlan 100
[DeviceBvlan100] quit
# Configure FortyGigE 1/0/1 and FortyGigE 1/0/2 as trunk ports, and assign them to VLAN
100.
[DeviceB] interface fortygige 1/0/1
[DeviceB-FortyGigE1/0/1] port link-type trunk
[DeviceB-FortyGigE1/0/1] port trunk permit vlan 100
[DeviceB-FortyGigE1/0/1] quit
[DeviceB] interface fortygige 1/0/2
[DeviceB-FortyGigE1/0/2] port link-type trunk
[DeviceB-FortyGigE1/0/2] port trunk permit vlan 100
[DeviceB-FortyGigE1/0/2] quit
3. Configure Device C:
# Create VLAN 100.
<DeviceC> system-view
[DeviceC] vlan 100
[DeviceCvlan100] quit
# Configure FortyGigE 1/0/1 and FortyGigE 1/0/2 as trunk ports, and assign them to VLAN
100.
[DeviceC] interface fortygige 1/0/1
[DeviceC-FortyGigE1/0/1] port link-type trunk
[DeviceC-FortyGigE1/0/1] port trunk permit vlan 100
[DeviceC-FortyGigE1/0/1] quit
[DeviceC] interface fortygige 1/0/2
[DeviceC-FortyGigE1/0/2] port link-type trunk
[DeviceC-FortyGigE1/0/2] port trunk permit vlan 100
[DeviceC-FortyGigE1/0/2] quit
101
Verifying the configuration
After the configurations are complete, Device A detects loops on ports FortyGigE 1/0/1 and
FortyGigE 1/0/2 within a loop detection interval. Consequently, Device A automatically shuts
down the ports and generates the following log messages:
[DeviceA]
%Feb 24 15:04:29:663 2011 DeviceA LPDT/4/LOOPED:Slot=1;
Loopback exists on FortyGigE 1/0/1.
%Feb 24 15:04:29:667 2011 DeviceA LPDT/4/LOOPED:Slot=1;
Loopback exists on FortyGigE 1/0/2.
%Feb 24 15:04:44:243 2011 DeviceA LPDT/4/RECOVERED:Slot=1;
Loopback on FortyGigE 1/0/1 recovered.
%Feb 24 15:04:44:248 2011 DeviceA LPDT/4/RECOVERED:Slot=1;
Loopback on FortyGigE 1/0/2 recovered.
Use the display loopback-detection command to display the loop detection configuration and
status on Device A.
# Display the loop detection configuration and status on Device A.
[DeviceA] display loopback-detection
Loop detection is enabled.
Loop detection interval is 35 second(s).
No loopback is detected.
The output shows that the device has removed the loops from FortyGigE 1/0/1 and FortyGigE
1/0/2 according to the shutdown action. Use the display interface command to display the status
of FortyGigE 1/0/1 and FortyGigE 1/0/2 on Device A.
# Display the status of FortyGigE 1/0/1 on Device A.
[DeviceA] display interface fortygige 1/0/1
FortyGigE 1/0/1 current state: DOWN (Loop detection down)
...
# Display the status of FortyGigE 1/0/2 on Device A.
[DeviceA] display interface fortygige 1/0/2
FortyGigE 1/0/2 current state: DOWN (Loop detection down)
...
The output shows that FortyGigE 1/0/1 and FortyGigE 1/0/2 are already shut down by the loop
detection module.
102
Configuring VLANs
This chapter provides an overview of VLANs and explains how to configure them.
Overview
Ethernet is a family of shared-media LAN technologies based on the CSMA/CD mechanism. An Ethernet
LAN is both a collision domain and a broadcast domain. Because the medium is shared, collisions and
broadcasts are common in an Ethernet LAN. Typically, bridges and Layer 2 switches can reduce
collisions in an Ethernet LAN. To confine broadcasts, a Layer 2 switch must use the Virtual Local Area
Network (VLAN) technology.
VLANs enable a Layer 2 switch to break a LAN down into smaller broadcast domains, as shown
in Figure 29.
Figure 29 A VLAN diagram
VLAN 2
Switch A Switch B
Router
VLAN 5
A VLAN is logically divided on an organizational basis rather than on a physical basis. For example, you
can assign all workstations and servers used by a particular workgroup to the same VLAN, regardless of
their physical locations. Hosts in the same VLAN can directly communicate with one another. You need
a router or a Layer 3 switch for hosts in different VLANs to communicate with one another.
All these VLAN features reduce bandwidth waste, improve LAN security, and enable flexible virtual
group creation.
103
Figure 30 VLAN tag placement and format
104
Step Command Remarks
The default setting is VLAN vlan-id, which is
5. Configure the the ID of the VLAN. For example, the
description text
description of the VLAN. description of VLAN 100 is VLAN 0100 by
default.
NOTE:
As the system default VLAN, VLAN 1 cannot be created or removed.
You cannot use the undo vlan command to delete a dynamic VLAN, a VLAN with a QoS policy
applied, or a VLAN locked by an application. To delete such a VLAN, first remove the configuration
from the VLAN.
105
Step Command Remarks
By default, the expected bandwidth (in
7. Configure the expected
bandwidth bandwidth-value kbps) is the interface baud rate divided
bandwidth of the interface.
by 1000.
8. (Optional.) Restore the
default settings for the default N/A
VLAN interface.
PVID
The PVID identifies the default VLAN of a port.
When you configure the PVID on a port, follow these restrictions and guidelines:
An access port can join only one VLAN. The VLAN to which the access port belongs is the PVID of
the port.
A trunk or hybrid port can carry multiple VLANs, and you can configure a PVID for the port.
You can use a nonexistent VLAN as the PVID for a hybrid or trunk port, but not for an access port.
After you remove the VLAN that an access port resides in with the undo vlan command, the PVID
of the port changes to VLAN 1. However, the removal of the VLAN specified as the PVID of a trunk
or hybrid port does not affect the PVID setting on the port.
HP recommends that you set the same PVID for local and remote ports.
106
Make sure a port is assigned to its PVID. Otherwise, when the port receives frames tagged with the
PVID or untagged frames, the port filters out these frames.
107
Step Command Remarks
The configuration made in Layer 2
Ethernet interface view applies
only to the port.
Enter Layer 2 Ethernet The configuration made in Layer 2
interface view: aggregate interface view applies
interface interface-type to the aggregate interface and its
interface-number aggregation member ports. If the
2. Enter interface view. system fails to apply the
Enter Layer 2 aggregate
configuration to an aggregation
interface view:
member port, it skips the port and
interface
moves to the next member port. If
bridge-aggregation
the system fails to apply the
interface-number
configuration to the aggregate
interface, it stops applying the
configuration to aggregation
member ports.
3. Configure the link type of the
port link-type access By default, all ports are access ports.
ports as access.
4. (Optional.) Assign the access By default, all access ports belong to
port access vlan vlan-id
ports to a VLAN. VLAN 1.
108
Step Command Remarks
The configuration made in
Layer 2 Ethernet interface view
applies only to the port.
The configuration made in
Enter Layer 2 Ethernet interface Layer 2 aggregate interface
view: view applies to the aggregate
interface interface-type interface and its aggregation
interface-number member ports. If the system fails
2. Enter interface view. to apply the configuration to an
Enter Layer 2 aggregate
aggregation member port, it
interface view:
skips the port and moves to the
interface bridge-aggregation
next member port. If the system
interface-number
fails to apply the configuration
to the aggregate interface, it
stops applying the
configuration to aggregation
member ports.
3. Configure the link type of the By default, all ports are access
port link-type trunk
ports as trunk. ports.
4. Assign the trunk ports to the port trunk permit vlan { vlan-id-list By default, a trunk port only permits
specified VLANs. | all } VLAN 1.
5. (Optional.) Configure the
port trunk pvid vlan vlan-id The default setting is VLAN 1.
PVID of the trunk ports.
109
Step Command Remarks
The configuration made in
Layer 2 Ethernet interface view
applies only to the port.
The configuration made in
Enter Layer 2 Ethernet interface Layer 2 aggregate interface
view: view applies to the aggregate
interface interface-type interface and its aggregation
interface-number member ports. If the system fails
2. Enter interface view. to apply the configuration to an
Enter Layer 2 aggregate
aggregation member port, it
interface view:
skips the port and moves to the
interface bridge-aggregation
next member port. If the system
interface-number
fails to apply the configuration
to the aggregate interface, it
stops applying the
configuration to aggregation
member ports.
3. Configure the link type of the By default, all ports are access
port link-type hybrid
ports as hybrid. ports.
Task Command
display vlan [ vlan-id1 [ to vlan-id2 ] | all | dynamic |
Display VLAN information.
reserved | static ]
110
Host A and Host C belong to Department A. VLAN 100 is assigned to Department A.
Host B and Host D belong to Department B. VLAN 200 is assigned to Department B.
Configure port-based VLANs so that hosts only in the same department can communicate with each
other.
Figure 31 Network diagram
Configuration procedure
1. Configure Device A:
# Create VLAN 100, and assign FortyGigE 1/0/1 to VLAN 100.
<DeviceA> system-view
[DeviceA] vlan 100
[DeviceA-vlan100] port fortygige 1/0/1
[DeviceA-vlan100] quit
# Create VLAN 200, and assign FortyGigE 1/0/2 to VLAN 200.
[DeviceA] vlan 200
[DeviceA-vlan200] port fortygige 1/0/2
[DeviceA-vlan200] quit
# Configure FortyGigE 1/0/3 as a trunk port, and assign it to VLANs 100 and 200.
[DeviceA] interface fortygige 1/0/3
[DeviceA-FortyGigE1/0/3] port link-type trunk
[DeviceA-FortyGigE1/0/3] port trunk permit vlan 100 200
Please wait... Done.
2. Configure Device B in the same way Device A is configured.
3. Configure hosts:
{ Configure Host A and Host C to be on the same IP subnet. For example, 192.168.100.0/24.
{ Configure Host B and Host D to be on the same IP subnet. For example, 192.168.200.0/24.
111
VLAN ID: 100
VLAN type: Static
Route interface: Not configured
Description: VLAN 0100
Name: VLAN 0100
Tagged ports:
FortyGigE1/0/3
Untagged ports:
FortyGigE1/0/1
[DeviceA-FortyGigE1/0/3] display vlan 200
VLAN ID: 200
VLAN type: Static
Route interface: Not configured
Description: VLAN 0200
Name: VLAN 0200
Tagged ports:
FortyGigE1/0/3
Untagged ports:
FortyGigE1/0/2
112
Configuring LLDP
You can set an Ethernet port as a Layer 3 interface by using the port link-mode route command (see
"Configuring Ethernet interfaces").
Overview
In a heterogeneous network, a standard configuration exchange platform ensures that different types of
network devices from different vendors can discover one another and exchange configuration for the
sake of interoperability and management.
The Link Layer Discovery Protocol (LLDP) is specified in IEEE 802.1AB. The protocol operates on the data
link layer to exchange device information between directly connected devices. With LLDP, a device sends
local device information (including its major functions, management IP address, device ID, and port ID)
as TLV (type, length, and value) triplets in LLDP Data Units (LLDPDUs) to the directly connected devices. At
the same time, the device stores the device information received in LLDPDUs sent from the LLDP neighbors
in a standard MIB. For more information about MIBs, see Network Management and Monitoring
Configuration Guide. LLDP enables a network management system to quickly detect and identify Layer 2
network topology changes.
Basic concepts
LLDP agent
An LLDP agent is a mapping of an entity where LLDP runs. Multiple LLDP agents can run on an interface
at the same time.
LLDP agents include the following types:
Nearest bridge agent.
Nearest customer bridge agent.
Nearest non-TPMR bridge agent.
A Two-port MAC Relay (TPMR) is a type of bridge that has only two externally-accessible bridge ports,
and supports a subset of the functions of a MAC bridge. A TPMR is transparent to all frame-based media
independent protocols except those destined to it and those destined to reserved MAC addresses that the
relay function of the TPMR is defined not to forward. LLDP exchanges packets between neighbor agents
and creates and maintains neighbor information for them. Figure 32 shows the neighbor relationships for
these LLDP agents. LLDP has two bridge modes: customer bridge (CB) and service bridge (SB).
Figure 32 LLDP neighbor relationships
113
LLDPDU formats
LLDP sends device information in LLDPDUs. LLDPDUs are encapsulated in Ethernet II or SNAP frames.
1. LLDPDU encapsulated in Ethernet II
Figure 33 Ethernet II-encapsulated LLDPDU
Field Description
MAC address to which the LLDPDU is advertised. To distinguish between
LLDP packets sent and received by different agent types on the same
interface, LLDP specifies different multicast MAC addresses as destination
MAC addresses for LLDP packets to agents of different types. It is fixed to
Destination MAC address multicast MAC address 0x0180-C200-000E for LLDP packets destined for
the nearest bridge neighbor, 0x0180-C200-0000 for LLDP packets
destined for the nearest customer bridge neighbor, or
0x0180-C200-0003 for LLDP packets destined for the nearest TPMR
bridge neighbor.
Type Ethernet type for the upper layer protocol. It is 0x88CC for LLDP.
Data LLDPDU.
Frame check sequence, a 32-bit CRC value used to determine the validity
FCS
of the received Ethernet frame.
114
Table 12 Fields in a SNAP-encapsulated LLDPDU
Field Description
MAC address to which the LLDPDU is advertised. It is the same as that for
Destination MAC address
Ethernet II-encapsulated LLDPDUs.
Data LLDPDU.
Frame check sequence, a 32-bit CRC value used to determine the validity
FCS
of the received Ethernet frame.
LLDPDUs
LLDP uses LLDPDUs to exchange information. An LLDPDU comprises multiple TLV sequences. Each TLV
carries a type of device information, as shown in Figure 35.
Figure 35 LLDPDU encapsulation format
An LLDPDU can carry up to 32 types of TLVs. Mandatory TLVs include Chassis ID TLV, Port ID TLV, Time
to Live TLV, and End of LLDPDU TLV. Other TLVs are optional.
TLVs
TLVs are type, length, and value sequences that carry information elements.
LLDPDU TLVs include the following categories:
Basic management TLVs
Organizationally (IEEE 802.1 and IEEE 802.3) specific TLVs
LLDP-MED (media endpoint discovery) TLVs
Basic management TLVs are essential to device management. Organizationally specific TLVs and
LLDP-MED TLVs are used for enhanced device management; they are defined by standardization or other
organizations and are optional to LLDPDUs.
1. Basic management TLVs
Table 13 lists the basic management TLV types. Some of them are mandatory to LLDPDUs (they
must be included in every LLDPDU).
Table 13 Basic management TLVs
115
Type Description Remarks
Specifies the life of the transmitted information on the
Time to Live
receiving device.
End of LLDPDU Marks the end of the TLV sequence in the LLDPDU.
Type Description
Port VLAN ID Specifies the port's VLAN identifier (PVID).
Indicates whether the device supports protocol VLANs and, if so, what
Port And Protocol VLAN ID
VLAN IDs these protocols will be associated with.
VLAN Name Specifies the textual name of any VLAN to which the port belongs.
Edge Virtual Bridging module, comprising EVB TLV and CDCP TLV.
NOTE:
EVB module
The switch does not support EVB TLV and CDCP TLV in the current software
version.
Indicates whether the port supports link aggregation, and if yes, whether
Link Aggregation
link aggregation is enabled.
NOTE:
HP devices support only receiving protocol identity TLVs and VID usage digest TLVs.
Layer 3 Ethernet ports support only link aggregation TLVs.
116
Table 15 IEEE 802.3 organizationally specific TLVs
Type Description
Contains the bit-rate and duplex capabilities of the sending port,
MAC/PHY Configuration/Status support for autonegotiation, enabling status of autonegotiation,
and the current rate and duplex mode.
NOTE:
The Power Stateful Control TLV is defined in IEEE P802.3at D1.0 and is not supported in later
versions. HP devices send this type of TLVs only after receiving them.
4. LLDP-MED TLVs
LLDP-MED TLVs provide multiple advanced applications for voice over IP (VoIP), such as basic
configuration, network policy configuration, and address and directory management. LLDP-MED
TLVs provide a cost-effective and easy-to-use solution for deploying voice devices in Ethernet.
LLDP-MED TLVs are shown in Table 16.
Table 16 LLDP-MED TLVs
Type Description
Allows a network device to advertise the LLDP-MED TLVs that it
LLDP-MED Capabilities
supports.
Allows a terminal device to advertise its asset ID. The typical case
Asset ID is that the user specifies the asset ID for the endpoint to facilitate
directory management and asset tracking.
117
Type Description
Allows a network device to advertise the appropriate location
Location Identification identifier information for a terminal device to use in the context of
location-based applications.
NOTE:
If the MAC/PHY configuration/status TLV is not advertisable, none of the LLDP-MED TLVs will be
advertised even if they are advertisable. If the LLDP-MED capabilities TLV is not advertisable, the other
LLDP-MED TLVs will not be advertised even if they are advertisable.
Management address
The network management system uses the management address of a device to identify and manage the
device for topology maintenance and network management. The management address is encapsulated
in the management address TLV.
Work mechanism
LLDP operating modes
An LLDP agent can operate in one of the following modes:
TxRx modeAn LLDP agent in this mode can send and receive LLDPDUs.
Tx modeAn LLDP agent in this mode can only send LLDPDUs.
Rx modeAn LLDP agent in this mode can only receive LLDPDUs.
Disable modeAn LLDP agent in this mode cannot send or receive LLDPDUs.
Each time the LLDP operating mode of an LLDP agent changes, its LLDP protocol state machine
re-initializes. A configurable re-initialization delay prevents frequent initializations because of frequent
changes to the operating mode. With this delay configured, before an LLDP agent can initialize LLDP, it
must wait for the specified interval after the LLDP operating mode changes.
Transmitting LLDPDUs
An LLDP agent operating in TxRx mode or Tx mode sends LLDPDUs to its directly connected devices both
periodically and when the local configuration changes. To prevent LLDPDUs from overwhelming the
network during times of frequent changes to local device information, LLDP uses the token bucket
mechanism to rate limit LLDPDUs. For more information about the token bucket mechanism, see ACL and
QoS Configuration Guide.
LLDP automatically enables the fast LLDPDU transmission mechanism in either of the following cases:
A new neighbor is discovered. A new LLDPDU is received and carries device information new to the
local device.
The LLDP operating mode of the LLDP agent changes from Disable or Rx to TxRx or Tx.
With this mechanism, a specific number of LLDPDUs are sent successively at a configurable fast
transmission interval to help LLDP neighbors discover the local device as soon as possible. Then, the
normal LLDPDU transmit interval resumes.
118
Receiving LLDPDUs
An LLDP agent that is operating in TxRx mode or Rx mode checks the validity of TLVs carried in every
received LLDPDU. If valid, the information is saved and an aging timer is set for it based on the TTL value
in the TTL TLV carried in the LLDPDU. If the TTL value is zero, the information ages out immediately.
119
Step Command Remarks
120
Step Command Remarks
By default, the nearest
bridge agent operates in
txrx mode, and the nearest
customer bridge agent and
nearest non-TPMR bridge
In Layer 2 or Layer 3 Ethernet interface agent operate in disable
view: mode.
lldp [ agent { nearest-customer |
nearest-nontpmr } ] admin-status In Ethernet interface view, if
3. Set the LLDP operating no agent type is specified,
{ disable | rx | tx | txrx }
mode. the command configures
In Layer 2 aggregate interface view:
the operating mode for
lldp agent { nearest-customer |
nearest bridge agents.
nearest-nontpmr } admin-status { disable
| rx | tx | txrx } In aggregate interface
view, you can configure the
operating mode for only
nearest customer bridge
agents and nearest
non-TPMR bridge agents.
121
Step Command Remarks
In Layer 2 or Layer 3 Ethernet interface
view:
lldp [ agent { nearest-customer |
nearest-nontpmr } ]
3. Enable LLDP polling and set By default, LLDP polling is
check-change-interval interval
the polling interval. disabled.
In Layer 2 aggregate interface view:
lldp agent { nearest-customer |
nearest-nontpmr }
check-change-interval interval
122
Step Command Remarks
By default:
123
Step Command Remarks
1. Enter system view. system-view N/A
2. Enter Layer 2 or Layer 3
Ethernet interface view or interface interface-type
N/A
Layer 2 aggregate interface interface-number
view.
In Layer 2 or Layer 3 Ethernet
interface view:
lldp [ agent { nearest-customer
| nearest-nontpmr } ]
tlv-enable basic-tlv By default, nearest bridge agents
3. Allow LLDP to advertise the and nearest customer bridge
management-address-tlv
management address in agents can advertise the
[ ip-address ]
LLDPDUs and configure the management address in LLDPDUs,
advertised management In Layer 2 aggregate interface
and nearest non-TPMR bridge
address. view:
agents cannot advertise the
lldp agent { nearest-customer
management address in LLDPDUs.
| nearest-nontpmr } tlv-enable
basic-tlv
management-address-tlv
[ ip-address ]
In Layer 2 or Layer 3 Ethernet
interface view:
lldp [ agent { nearest-customer
| nearest-nontpmr } ]
management-address-format
4. Configure the encoding By default, the management
string
format of the management address is encapsulated in the
address as character string. In Layer 2 aggregate interface
numeric format.
view:
lldp agent { nearest-customer
| nearest-nontpmr }
management-address-format
string
124
Step Command Remarks
3. Set the LLDPDU transmit The default setting is 30
lldp timer tx-interval interval
interval. seconds.
4. Set the token bucket size for
lldp max-credit credit-value The default setting is 5.
sending LLDPDUs.
5. Set the LLDPDU transmit delay. lldp timer tx-delay delay The default setting is 2 seconds.
6. Set the number of LLDPDUs
sent each time fast LLDPDU lldp fast-count count The default setting is 4.
transmission is triggered.
7. Set an interval for fast LLDPDU
lldp timer fast-interval interval The default setting is 1 second.
transmission.
NOTE:
LLDP of earlier versions requires the same encapsulation format on both ends to process LLDPDUs. For this
reason, to communicate stably with a neighboring device running LLDP of earlier versions, the local device
should be configured with the same encapsulation format.
125
device. The packets that the switch sends to the neighboring CDP device carry the device ID, the ID of the
port connecting to the neighboring device, the port IP address, the PVID, and the TTL. The port IP address
is the main IP address of the VLAN interface that is in up state and whose corresponding VLAN ID is the
lowest among the VLANs permitted on the port. If none of the VLAN interfaces of the permitted VLANs
is assigned an IP address or all VLAN interfaces are down, no port IP address will be advertised. The
CDP neighbor-information-related fields in the output of the display lldp neighbor-information command
show the CDP neighboring device information that can be recognized by the switch. For more
information about the display lldp neighbor-information command, see Layer 2LAN Switching
Command Reference.
Configuration prerequisites
Before you configure CDP compatibility, complete the following tasks:
Globally enable LLDP.
Enable LLDP on the port connecting to a device supporting CDP, and configure the port to operate
in TxRx mode.
Configuration procedure
CDP-compatible LLDP operates in one of the following modes:
TxRxCDP packets can be transmitted and received.
DisableCDP packets cannot be transmitted or received.
LLDP traps are sent periodically, and the interval is configurable. To make CDP-compatible LLDP take
effect on specific ports, first enable CDP-compatible LLDP globally, and then configure CDP-compatible
LLDP to operate in TxRx mode.
The maximum TTL value that CDP allows is 255 seconds. To make CDP-compatible LLDP work correctly
with Cisco IP phones, configure the LLDPDU transmit interval to be no more than 1/3 of the TTL value.
To enable LLDP to be compatible with CDP:
126
To configure LLDP trapping and LLDP-MED trapping:
Task Command
display lldp local-information [ global | interface interface-type
Display local LLDP information.
interface-number ]
127
LLDP configuration example
Network requirements
As shown in Figure 36, the NMS and Switch A are located in the same Ethernet network. An MED device
and Switch B are connected to FortyGigE1/0/1 and FortyGigE1/0/2 of Switch A.
Enable LLDP globally on Switch A and Switch B to monitor the link between Switch A and Switch B and
the link between Switch A and the MED device on the NMS.
Figure 36 Network diagram
MED
FGE1/0/1
NMS
FGE1/0/2 FGE1/0/1
Switch A Switch B
Configuration procedure
1. Configure Switch A:
# Enable LLDP globally.
<SwitchA> system-view
[SwitchA] lldp global enable
# Enable LLDP on FortyGigE1/0/1. By default, LLDP is enabled on the port.
[SwitchA] interface fortygige 1/0/1
[SwitchA-FortyGigE1/0/1] lldp enable
# Set the LLDP operating mode to Rx.
[SwitchA-FortyGigE1/0/1] lldp admin-status rx
[SwitchA-FortyGigE1/0/1] quit
# Enable LLDP on FortyGigE1/0/2. By default, LLDP is enabled on the port.
[SwitchA] interface fortygige 1/0/2
[SwitchA-FortyGigE1/0/2] lldp enable
# Set the LLDP operating mode to Rx.
[SwitchA-FortyGigE1/0/2] lldp admin-status rx
[SwitchA-FortyGigE1/0/2] quit
2. Configure Switch B:
# Enable LLDP globally.
<SwitchB> system-view
[SwitchB] lldp global enable
# Enable LLDP on FortyGigE1/0/1. By default, LLDP is enabled on the port.
[SwitchB] interface fortygige 1/0/1
128
[SwitchB-FortyGigE1/0/1] lldp enable
# Set the LLDP operating mode to Tx.
[SwitchB-FortyGigE1/0/1] lldp admin-status tx
[SwitchB-FortyGigE1/0/1] quit
129
Number of sent optional TLV : 16
Number of received unknown TLV : 0
130
Transmit credit max : 5
Hold multiplier : 4
Reinit delay : 2s
Trap interval : 30s
Fast start times : 4
131
MED trap flag : No
Polling interval : 0s
Number of LLDP neighbors : 0
Number of MED neighbors : 0
Number of CDP neighbors : 0
Number of sent optional TLV : 1
Number of received unknown TLV : 0
132
Support and other resources
Contacting HP
For worldwide technical support information, see the HP support website:
http://www.hp.com/support
Before contacting HP, collect the following information:
Product model names and numbers
Technical support registration number (if applicable)
Product serial numbers
Error messages
Operating system type and revision level
Detailed questions
Subscription service
HP recommends that you register your product at the Subscriber's Choice for Business website:
http://www.hp.com/go/wwalerts
After registering, you will receive email notification of product enhancements, new driver versions,
firmware updates, and other product resources.
Related information
Documents
To find related documents, browse to the Manuals page of the HP Business Support Center website:
http://www.hp.com/support/manuals
For related documentation, navigate to the Networking section, and select a networking category.
For a complete list of acronyms and their definitions, see HP FlexNetwork Technology Acronyms.
Websites
HP.com http://www.hp.com
HP Networking http://www.hp.com/go/networking
HP manuals http://www.hp.com/support/manuals
HP download drivers and software http://www.hp.com/support/downloads
HP software depot http://www.software.hp.com
HP Education http://www.hp.com/learn
133
Conventions
This section describes the conventions used in this documentation set.
Command conventions
Convention Description
Boldface Bold text represents commands and keywords that you enter literally as shown.
Italic Italic text represents arguments that you replace with actual values.
[] Square brackets enclose syntax choices (keywords or arguments) that are optional.
Braces enclose a set of required syntax choices separated by vertical bars, from which
{ x | y | ... }
you select one.
Square brackets enclose a set of optional syntax choices separated by vertical bars, from
[ x | y | ... ]
which you select one or none.
The argument or keyword and argument combination before the ampersand (&) sign can
&<1-n>
be entered 1 to n times.
GUI conventions
Convention Description
Window names, button names, field names, and menu items are in bold text. For
Boldface
example, the New User window appears; click OK.
> Multi-level menus are separated by angle brackets. For example, File > Create > Folder.
Symbols
Convention Description
An alert that calls attention to important information that if not understood or followed can
WARNING result in personal injury.
An alert that calls attention to important information that if not understood or followed can
CAUTION result in data loss, data corruption, or damage to hardware or software.
134
Network topology icons
Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports
Layer 2 forwarding and other Layer 2 features.
135
Index
136
STP secondary root bridge configuration, 72 Ethernet link aggregation group, 37
bulk Ethernet link aggregation group load sharing
interface configuration, 15 criteria, 42
interface configuration display, 16 Ethernet link aggregation load sharing, 42
inloopback interface, 12, 13
C
Layer 2 Ethernet interface, 8
calculating
Layer 2 Ethernet interface storm control, 9
MSTI calculation, 66
Layer 2 Ethernet interface storm suppression, 8
MSTP CIST calculation, 66
Layer 2 Ethernet link aggregation (dynamic), 47
STP algorithm, 57
Layer 2 Ethernet link aggregation (static), 45
STP port path cost calculation standard, 77
Layer 2 Ethernet link aggregation group
STP timeout factor, 75 (dynamic), 38
CDP Layer 2 Ethernet link aggregation group (static), 38
LLDP CDP compatibility, 125 Layer 2 Ethernet link aggregation load sharing, 48
changing LLDP, 113, 119
MAC Information change send interval, 27 LLDP advertisable TLVs, 122
checking LLDP basics, 119, 128
STP mCheck, 82 LLDP bridge mode, 120
STP mCheck (global), 82 LLDP CDP compatibility, 125
STP mCheck (interface view), 82 LLDP management address, 123
STP No Agreement Check, 85, 87 LLDP management address encoding format, 123
choosing LLDP trapping, 126
Ethernet link aggregation reference port, 32, 34 LLDP-MED trapping, 126
Cisco loop detection, 96, 98, 100
LLDP CDP compatibility, 125 loop detection protection action, 98
CIST loop detection protection action (global), 99
calculation, 66 loop detection protection action (Layer 2 aggregate
network device connection, 64 interface), 99
STP max age timer, 74 loop detection protection action (Layer 2 Ethernet
common root bridge, 64 interface), 99
configuring loopback interface, 12, 12
Ethernet aggregate interface, 39 MAC address table, 17, 18, 24
Ethernet aggregate interface (description), 39 MAC address table dynamic aging timer, 22
Ethernet interface, 1 MAC address table entry, 18
Ethernet interface basic settings, 3 MAC Information, 26, 27
Ethernet interface common settings, 1 MAC Information change send interval, 27
Ethernet interface generic flow control, 5 MAC Information mode, 26
Ethernet interface jumbo frame support, 4 MAC Information queue length, 27
Ethernet interface link mode, 4 management Ethernet interface, 1
Ethernet interface PFC, 6 MST region, 71
Ethernet interface physical state change MST region max hops, 73
suppression, 4 MSTP, 55, 67, 91
Ethernet link aggregate interface (expected MSTP device priority, 73
bandwidth), 41 MSTP root bridge, 72
Ethernet link aggregation, 30, 37, 45 MSTP root bridge device, 72
137
MSTP secondary root bridge, 72 Ethernet link aggregate interface default
MSTP secondary root bridge device, 72 settings, 42
null interface, 12, 13 designated
port isolation, 52 MST port, 65
port isolation (on LAN), 53 STP bridge, 56
RSTP, 55, 67, 91 STP port, 56
RSTP device priority, 73 device
RSTP root bridge, 72 Ethernet interface configuration, 1
RSTP root bridge device, 72 LLDP basic configuration, 119, 128
RSTP secondary root bridge, 72 LLDP CDP compatibility, 125
RSTP secondary root bridge device, 72 LLDP configuration, 113, 119
STP, 55, 67, 91 LLDP parameters, 124
STP BPDU transmission rate, 76 loop protection actions, 97
STP device priority, 73 MSTP implementation, 67
STP Digest Snooping, 83, 84 MSTP priority, 73
STP edge port, 76 MSTP root bridge configuration, 72
STP No Agreement Check, 85, 87 MSTP secondary root bridge configuration, 72
STP port link type, 80 RSTP priority, 73
STP port mode, 80 RSTP root bridge configuration, 72
STP port path cost, 77, 78 RSTP secondary root bridge configuration, 72
STP port priority, 79 STP BPDU guard, 87
STP port role restriction, 89 STP Digest Snooping, 83, 84
STP protection functions, 87 STP loop guard, 88
STP root bridge, 72 STP No Agreement Check, 85, 87
STP root bridge device, 72 STP port role restriction, 89
STP secondary root bridge, 72 STP priority, 73
STP secondary root bridge device, 72 STP protection functions, 87
STP switched network diameter, 73 STP root bridge configuration, 72
STP TC-BPDU transmission restriction, 90 STP root guard, 88
STP timeout factor, 75 STP secondary root bridge configuration, 72
STP timer, 74 STP TC-BPDU guard, 90
VLAN (port-based), 106, 110 STP TC-BPDU transmission restriction, 90
VLAN basic settings, 104 Digest Snooping (STP), 83, 84
VLAN interface basic settings, 105 disabling
cost MAC address learning, 21
STP path cost, 56 discarding
STP port path cost calculation standard, 77 MST discarding port state, 65
STP port path cost configuration, 77, 78 displaying
CST bulk interface configuration, 16
MST region connection, 64 Ethernet interface, 10
customer Ethernet link aggregation, 44
LLDP customer bridge mode, 120 inloopback interface, 13
LLDP, 127
D
loop detection, 100
default
loopback interface, 13
138
MAC address table, 24 interface. See Ethernet interface
MSTP, 91 link aggregation. See Ethernet link aggregation
null interface, 13 LLDP trapping, 126
port isolation, 52 LLDPDU encapsulated in Ethernet II, 114
RSTP, 91 LLDP-MED trapping, 126
STP, 91 loop detection configuration, 96, 100
VLAN, 110 MAC address table configuration, 17, 18, 24
dot1d-1998 (STP port path cost calculation), 77 MAC Information configuration, 26, 27
dot1s (STP port mode), 80 port isolation configuration, 52
dot1t (STP port path cost calculation), 77 port isolation configuration (on LAN), 53
dynamic port-based VLAN access port assignment, 107
Ethernet link aggregation dynamic mode, 33 port-based VLAN access port assignment (in
Ethernet link aggregation mode, 31 interface view), 107
Layer 2 Ethernet link aggregation, 47 port-based VLAN access port assignment (in VLAN
Layer 2 Ethernet link aggregation group view), 107
(dynamic), 38 port-based VLAN hybrid port assignment, 109
link aggregation process, 34 port-based VLAN trunk port assignment, 108
MAC address table dynamic aging timer, 22 VLAN basic configuration, 104
MAC address table entry, 17 VLAN configuration, 103
VLAN frame encapsulation, 103
E
VLAN interface basic configuration, 105
edge port
VLAN port-based configuration, 106, 110
MST, 65
Ethernet interface
STP, 76
basic settings configuration, 3
enabling
common settings configuration, 1
Ethernet link aggregation traffic redirection, 44
configuration, 1
LLDP, 119
configuring management Ethernet interface, 1
LLDP polling, 121
displaying, 10
loop detection, 98
generic flow control, 5
loop detection (global), 98
jumbo frame support configuration, 4
loop detection (port-specific), 98
link mode, 4
MAC address synchronization, 22
maintaining, 10
MAC Information, 26
naming convention, 1
STP BPDU guard, 87
PFC configuration, 6
STP feature, 81
physical state change suppression, 4
STP loop guard, 88
splitting and combining, 2
STP port state transition information output, 81
Ethernet link aggregation
STP root guard, 88
aggregate group min/max number Selected
STP TC-BPDU guard, 90 ports, 40
encapsulating aggregate interface, 30
LLDPDU encapsulated in Ethernet II, 114 aggregate interface (description), 39
LLDPDU encapsulated in SNAP format, 114 aggregate interface configuration, 39
LLDPDU encapsulation format, 125 aggregate interface default settings, 42
VLAN frame encapsulation, 103 aggregate interface shutdown, 41
Ethernet aggregation group, 30
139
basic concepts, 30 frame
configuration, 30, 37, 45 Ethernet interface jumbo frame support, 4
configuration types, 31 loop detection, 96
displaying, 44 loop detection (Ethernet frame header), 96
dynamic mode, 33 loop detection (inner frame header), 96
dynamic process, 34 loop detection interval, 97
group configuration, 37 MAC address learning, 17
group load sharing criteria, 42 MAC address table blackhole entry, 19
interface configuration (expected MAC address table configuration, 17, 18, 24
bandwidth), 41 MAC address table entry configuration, 18
LACP, 33 MAC address table multiport unicast entry, 20
Layer 2 aggregate interface (ignored MAC Information configuration, 26, 27
VLAN), 40, 40 port-based VLAN frame handling, 107
Layer 2 aggregation (dynamic), 47 VLAN frame encapsulation, 103
Layer 2 aggregation (static), 45 full-duplex mode (Ethernet interface), 3
Layer 2 aggregation load sharing, 48
G
Layer 2 group (dynamic), 38
Layer 2 group (static), 38 generic flow control (Ethernet interface), 5
load sharing configuration, 42 group
load sharing criteria, 37 Ethernet link aggregate group min/max number
Selected ports, 40
local-first load sharing, 43
Ethernet link aggregation group, 30
maintaining, 44
Ethernet link aggregation group configuration, 37
member port, 30
Ethernet link aggregation LACP, 33
member port state, 30, 32, 35
Ethernet link aggregation load sharing, 42
modes, 31
Ethernet link aggregation load sharing
operational key, 31
criteria, 37, 42
reference port, 34
Ethernet link aggregation member port state, 30
reference port choice, 32
Layer 2 Ethernet link aggregation group
static mode, 32
(dynamic), 38
traffic redirection, 44
Layer 2 Ethernet link aggregation group (static), 38
traffic redirection restrictions, 44
H
F
half-duplex mode (Ethernet interface), 3
flow control
hello
Ethernet interface generic flow control, 5
STP timer, 61, 74
Ethernet interface PFC, 6
hybrid port
format
port-based VLAN assignment, 109
LLDP management address encoding
format, 123 I
LLDPDU encapsulated in Ethernet II, 114 ignored VLAN
LLDPDU encapsulated in SNAP format, 114 Layer 2 aggregate interface, 40
LLDPDU encapsulation format, 125 implementing
forwarding MSTP device implementation, 67
MST forwarding port state, 65 inloopback interface
STP BPDU forwarding, 61 configuration, 13
STP forward delay timer, 61, 74 displaying, 13
140
maintaining, 13 Ethernet link aggregation load sharing criteria, 37
interface Ethernet link aggregation static mode, 32
bulk configuration, 15 Ethernet link aggregation traffic redirection, 44
configuring inloopback, 12 Layer 2
configuring loopback, 12 Ethernet aggregate interface (description), 39
configuring null, 12 Ethernet aggregate interface configuration, 39
Ethernet aggregate interface (description), 39 Ethernet link aggregate group min/max number
Ethernet aggregate interface configuration, 39 Selected ports, 40
Ethernet link aggregate interface default Ethernet link aggregate interface (expected
settings, 42 bandwidth), 41
Ethernet link aggregate interface shutdown, 41 Ethernet link aggregate interface default
Layer 2 Ethernet aggregate interface (ignored settings, 42
VLAN), 40 Ethernet link aggregate interface shutdown, 41
interval Ethernet link aggregation (dynamic), 47
loop detection, 97, 99 Ethernet link aggregation (static), 45
MAC Information change send interval, 27 Ethernet link aggregation configuration, 30, 37, 45
isolating Ethernet link aggregation group (dynamic), 38
ports. See port isolation Ethernet link aggregation group (static), 38
IST Ethernet link aggregation group configuration, 37
MST region, 64 Ethernet link aggregation group load sharing
criteria, 42
J
Ethernet link aggregation load sharing, 42, 48
jumbo frame support (Ethernet interface), 4 Ethernet link aggregation load sharing criteria, 37
K Ethernet link aggregation local-first load
sharing, 43
key
Ethernet link aggregation traffic redirection, 44
Ethernet link aggregation operational key, 31
LLDP basic configuration, 128
L LLDP trapping, 126
LACP LLDP-MED trapping, 126
Ethernet link aggregation, 33 loop detection configuration, 96, 98, 100
LAN port isolation configuration, 52
port isolation configuration, 53 port isolation configuration (on LAN), 53
VLAN basic configuration, 104 port-based VLAN access port assignment, 107
VLAN configuration, 103 port-based VLAN access port assignment (in
VLAN interface basic configuration, 105 interface view), 107
VLAN port-based configuration, 106, 110 port-based VLAN access port assignment (in VLAN
LAN switching view), 107
Ethernet aggregate interface configuration, 39 port-based VLAN hybrid port assignment, 109
Ethernet link aggregation basic concepts, 30 port-based VLAN trunk port assignment, 108
Ethernet link aggregation VLAN basic configuration, 104
configuration, 30, 37, 45 VLAN configuration, 103
Ethernet link aggregation dynamic mode, 33 VLAN interface basic configuration, 105
Ethernet link aggregation group VLAN port-based configuration, 106, 110
configuration, 37 Layer 2 Ethernet interface
Ethernet link aggregation LACP, 33 configuration, 1, 8
Ethernet link aggregation load sharing, 42 storm control configuration, 9
141
storm suppression configuration, 8 LLDPDU format, 114
Layer 3 LLDPDU management address TLV, 118
LLDP basic configuration, 128 LLDPDU reception, 119
LLDP trapping, 126 LLDPDU TLV types, 115
LLDP-MED trapping, 126 LLDPDU TLVs, 115
port-based VLAN access port assignment, 107 LLDPDU transmission, 118
port-based VLAN access port assignment (in LLDP-MED trapping configuration, 126
interface view), 107 management address configuration, 123
port-based VLAN access port assignment (in management address encoding format, 123
VLAN view), 107 operating mode (disable), 118, 120
port-based VLAN hybrid port assignment, 109 operating mode (Rx), 118, 120
port-based VLAN trunk port assignment, 108 operating mode (Tx), 118, 120
VLAN interface basic configuration, 105 operating mode (TxRx), 118, 120
VLAN port-based configuration, 106, 110 operating mode set, 120
Layer 3 Ethernet interface parameter set, 124
configuration, 1 polling enable, 121
learning protocols and standards, 119
loop detection no-learning action, 97 re-initialization delay, 121
MAC address, 17 trapping configuration, 126
MAC address learning disable, 21 LLDPDU
MST learning port state, 65 encapsulated in Ethernet II format, 114
legacy encapsulated in SNAP format, 114
STP port mode, 80 encapsulation format, 125
STP port path cost calculation, 77 LLDP basic configuration, 119, 128
link LLDP configuration, 113, 119
aggregation. See Ethernet link aggregation LLDP parameters, 124
Ethernet interface link mode, 4 management address configuration, 123
link layer discovery protocol. See LLDP management address encoding format, 123
MSTP configuration, 55, 67, 91 management address TLV, 118
RSTP configuration, 55, 67, 91 receiving, 119
STP configuration, 55, 67, 91 TLV basic management types, 115
STP hello time, 74 TLV LLDP-MED types, 115
STP port link type configuration, 80 TLV organization-specific types, 115
LLDP transmitting, 118
advertisable TLV configuration, 122 load sharing
agent, 113 Ethernet link aggregation configuration, 42
basic concepts, 113 Ethernet link aggregation group criteria, 42
basic configuration, 119, 128 Ethernet link aggregation group load sharing, 37
bridge mode configuration, 120 Ethernet link aggregation local-first load
CDP compatibility configuration, 125 sharing, 43
configuration, 113, 119 Ethernet link aggregation packet type-based load
displaying, 127 sharing, 37
enable, 119 Ethernet link aggregation per-flow load sharing, 37
how it works, 118 Ethernet link aggregation per-packet load
LLDPDU encapsulation format, 125 sharing, 37
142
Layer 2 Ethernet link aggregation entry types, 17
configuration, 48 MAC address learning disable, 21
local manual entries, 17
Ethernet link aggregation local-first load multiport unicast entry, 20
sharing, 43 MAC Information
logging change send interval, 27
loop detection configuration, 96, 98, 100 configuration, 26, 27
loop enable, 26
MSTP configuration, 55, 67, 91 mode configuration, 26
RSTP configuration, 55, 67, 91 queue length configuration, 27
STP configuration, 55, 67, 91 MAC relay (LLDP agent), 113
STP loop guard, 88 maintaining
loop detection Ethernet interface, 10
configuration, 96, 98, 100 Ethernet link aggregation, 44
displaying, 100 inloopback interface, 13
enable, 98 loopback interface, 13
enable (global), 98 MSTP, 91
enable (port-specific), 98 null interface, 13
interval, 97 RSTP, 91
interval setting, 99 STP, 91
mechanisms, 96 VLAN, 110
port status auto recovery, 97 management address
protection action configuration, 98 LLDP encoding format, 123
protection action configuration (global), 99 management Ethernet interface
protection action configuration (Layer 2 configuration, 1
aggregate interface), 99
mapping
protection action configuration (Layer 2 Ethernet
MSTP VLAN-to-instance mapping table, 64
interface), 99
master port (MST), 65
protection actions, 97
max age timer (STP), 61
loopback interface
mCheck (STP), 82, 82, 82
configuration, 12
MED (LLDP-MED trapping), 126
displaying, 13
MIB
maintaining, 13
LLDP basic configuration, 119, 128
M LLDP configuration, 113, 119
MAC address mode
VLAN frame encapsulation, 103 Ethernet interface autonegotiation, 3
MAC address table Ethernet interface full-duplex, 3
address learning, 17 Ethernet interface half-duplex, 3
address synchronization, 22 Ethernet interface link mode, 4
blackhole entry, 19 Ethernet link aggregation dynamic, 31
configuration, 17, 18, 24 Ethernet link aggregation dynamic mode, 33
displaying, 24 Ethernet link aggregation load sharing criteria, 37
dynamic aging timer, 22 Ethernet link aggregation static, 31
entry configuration, 18 Ethernet link aggregation static mode, 32
entry creation, 17 LLDP customer bridge mode, 120
143
LLDP disable, 118, 120 STP max age timer, 74
LLDP Rx, 118, 120 STP port mode configuration, 80
LLDP service bridge mode, 120 VLAN-to-instance mapping table, 64
LLDP Tx, 118, 120 multiport unicast entry (MAC address table), 17, 20
LLDP TxRx, 118, 120 N
MAC Information syslog, 26
network
MAC Information trap, 26
Ethernet interface basic settings configuration, 3
modifying
Ethernet interface common settings configuration, 1
MAC address table blackhole entry, 19
Ethernet interface generic flow control, 5
MAC address table multiport unicast entry, 20
Ethernet interface jumbo frame support
MST
configuration, 4
CIST, 64
Ethernet interface link mode, 4
common root bridge, 64
Ethernet interface PFC, 6
CST, 64
Ethernet interface physical state change
IST, 64 suppression, 4
MSTI, 64 Ethernet interface splitting and combining, 2
port roles, 65 Ethernet link aggregation configuration types, 31
port states, 65 Ethernet link aggregation dynamic mode, 33
region, 63 Ethernet link aggregation LACP, 33
region configuration, 71 Ethernet link aggregation member port
region max hops, 73 state, 32, 35
regional root, 64 Ethernet link aggregation modes, 31
MSTI Ethernet link aggregation operational key, 31
calculation, 66 Ethernet link aggregation reference port, 34
MST instance, 64 Ethernet link aggregation reference port choice, 32
MSTP, 55, See also STP Ethernet link aggregation static mode, 32
basic concepts, 62 inloopback interface configuration, 13
CIST calculation, 66 Layer 2 Ethernet interface configuration, 8
configuration, 55, 67, 69, 91 Layer 2 Ethernet interface storm control
device implementation, 67 configuration, 9
device priority configuration, 73 Layer 2 Ethernet interface storm suppression
displaying, 91 configuration, 8
features, 62 loop detection interval, 97, 99
how it works, 66 loop detection protection action configuration, 98
maintaining, 91 loop protection actions, 97
mode set, 70 loopback interface configuration, 12
MSTI calculation, 66 MAC address table address synchronization, 22
No Agreement Check, 85, 87 MAC address table blackhole entry, 19
protocols and standards, 67 MAC address table dynamic aging timer, 22
relationship to RSTP and STP, 62 MAC address table entry configuration, 18
root bridge configuration, 72 MAC address table entry types, 17
root bridge device configuration, 72 MAC address table multiport unicast entry, 20
secondary root bridge configuration, 72 MST region configuration, 71
secondary root bridge device configuration, 72 MSTP mode set, 70
STP basic concepts, 56 null interface configuration, 13
144
port-based VLAN access port assignment, 107 LLDP basic concepts, 113
port-based VLAN access port assignment (in LLDP basic configuration, 119, 128
interface view), 107 LLDP configuration, 113, 119
port-based VLAN access port assignment (in loop detection, 96
VLAN view), 107 loop detection configuration, 98, 100
port-based VLAN hybrid port assignment, 109 loopback interface configuration, 12
port-based VLAN trunk port assignment, 108 MAC address table configuration, 17, 18, 24
RSTP mode set, 70 MAC Information configuration, 26, 27
RSTP network convergence, 62 MSTP configuration, 55, 67, 91
STP algorithm calculation, 57 null interface configuration, 12
STP BPDU guard, 87 port isolation configuration, 52
STP BPDU transmission rate, 76 port isolation configuration (on LAN), 53
STP designated bridge, 56 RSTP configuration, 55, 67, 91
STP designated port, 56 STP configuration, 55, 67, 91
STP Digest Snooping, 83, 84 VLAN basic configuration, 104
STP edge port, 76 VLAN configuration, 103
STP loop guard, 88 No Agreement Check (STP), 85, 87
STP mode set, 70 no-learning action (loop detection), 97
STP No Agreement Check, 85, 87 null interface
STP path cost, 56 configuration, 12, 13, 13
STP port link type, 80 displaying, 13
STP port mode, 80 maintaining, 13
STP port path cost, 77, 78
O
STP port priority, 79
STP port role restriction, 89 operational key (Ethernet link aggregation), 31
STP port state transition, 81 organization-specific LLDPDU TLV types, 115
STP protection functions, 87 outputting
STP root bridge, 56 STP port state transition information, 81
STP root guard, 88 P
STP root port, 56 packet
STP switched network diameter, 73 Ethernet link aggregation packet type-based load
STP TC-BPDU guard, 90 sharing, 37
STP TC-BPDU transmission restriction, 90 LLDP CDP compatibility, 125
VLAN interface basic configuration, 105 STP BPDU protocol packets, 55
VLAN port-based configuration, 106, 110 STP port mode configuration, 80
network management STP TCN BPDU protocol packets, 55
Ethernet interface configuration, 1 parameter
Ethernet link aggregation STP timeout factor, 75
configuration, 30, 37, 45 per-flow load sharing, 37
inloopback interface configuration, 12 performing
interface bulk configuration, 15 STP mCheck, 82
Layer 2 Ethernet link aggregation (dynamic), 47 STP mCheck globally, 82
Layer 2 Ethernet link aggregation (static), 45 STP mCheck in interface view, 82
Layer 2 Ethernet link aggregation load per-packet load sharing, 37
sharing, 48
PFC (Ethernet interface), 6
145
physical Layer 2 Ethernet link aggregation group (static), 38
Ethernet interface physical state change Layer 2 Ethernet link aggregation load sharing, 48
suppression, 4 LLDP basic configuration, 119, 128
polling LLDP configuration, 113, 119
LLDP enable, 121 LLDP disable operating mode, 118, 120
port LLDP enable, 119
Ethernet aggregate interface (description), 39 LLDP operating mode, 120
Ethernet aggregate interface configuration, 39 LLDP polling, 121
Ethernet link aggregate group min/max number LLDP re-initialization delay, 121
Selected ports, 40 LLDP Rx operating mode, 118, 120
Ethernet link aggregate interface (expected LLDP Tx operating mode, 118, 120
bandwidth), 41
LLDP TxRx operating mode, 118, 120
Ethernet link aggregate interface default
LLDPDU encapsulation format, 125
settings, 42
LLDPDU reception, 119
Ethernet link aggregate interface shutdown, 41
LLDPDU transmission, 118
Ethernet link aggregation
loop detection configuration, 96, 98, 100
configuration, 30, 37, 45
loop detection interval, 97, 99
Ethernet link aggregation configuration
types, 31 loop detection protection action configuration, 98
Ethernet link aggregation dynamic mode, 33 loop detection protection actions, 97
Ethernet link aggregation group loop detection status auto recovery, 97
configuration, 37 MAC address learning, 17
Ethernet link aggregation LACP, 33 MAC address table blackhole entry, 19
Ethernet link aggregation load sharing, 42 MAC address table configuration, 17, 18, 24
Ethernet link aggregation load sharing MAC address table entry configuration, 18
criteria, 37 MAC address table multiport unicast entry, 20
Ethernet link aggregation local-first load MAC Information configuration, 26, 27
sharing, 43 MST port roles, 65
Ethernet link aggregation member port, 30 MST port states, 65
Ethernet link aggregation member port RSTP network convergence, 62
state, 30, 32, 35 STP BPDU guard, 87
Ethernet link aggregation modes, 31 STP BPDU transmission rate, 76
Ethernet link aggregation operational key, 31 STP designated port, 56
Ethernet link aggregation reference port, 34 STP edge port configuration, 76
Ethernet link aggregation reference port STP forward delay timer, 74
choice, 32
STP loop guard, 88
Ethernet link aggregation static mode, 32
STP mCheck, 82
Ethernet link aggregation traffic redirection, 44
STP mCheck (global), 82
group assignment (port isolation), 52
STP mCheck (interface view), 82
isolation. See port isolation
STP path cost calculation standard, 77
Layer 2 aggregate interface (ignored
STP path cost configuration, 77, 78
VLAN), 40
STP port link type configuration, 80
Layer 2 Ethernet link aggregation (dynamic), 47
STP port mode configuration, 80
Layer 2 Ethernet link aggregation (static), 45
STP port priority configuration, 79
Layer 2 Ethernet link aggregation group
(dynamic), 38 STP port role restriction, 89
STP port state transition output, 81
146
STP root guard, 88 configuring Ethernet interface basic settings, 3
STP root port, 56 configuring Ethernet interface common settings, 1
STP TC-BPDU guard, 90 configuring Ethernet interface generic flow
STP TC-BPDU transmission restriction, 90 control, 5
VLAN port link type, 106 configuring Ethernet interface jumbo frame
port isolation support, 4
configuration, 52 configuring Ethernet interface link mode, 4
configuration (on LAN), 53 configuring Ethernet interface PFC, 6
displaying, 52 configuring Ethernet interface physical state change
suppression, 4
port assignment to group (multiple), 52
configuring Ethernet link aggregate interface
port-based VLAN
(expected bandwidth), 41
access port assignment, 107
configuring Ethernet link aggregation, 37, 45
access port assignment (in interface view), 107
configuring Ethernet link aggregation group, 37
access port assignment (in VLAN view), 107
configuring Ethernet link aggregation group load
configuration, 106, 110
sharing criteria, 42
hybrid port assignment, 109
configuring Ethernet link aggregation load
port frame handling, 107 sharing, 42
port link type, 106 configuring inloopback interface, 13
PVID, 106 configuring Layer 2 Ethernet interface, 8
trunk port assignment, 108 configuring Layer 2 Ethernet interface storm
priority control, 9
Ethernet link aggregation LACP, 33 configuring Layer 2 Ethernet interface storm
MSTP device priority, 73 suppression, 8
RSTP device priority, 73 configuring Layer 2 Ethernet link aggregation
STP device priority, 73 (dynamic), 47
STP port priority configuration, 79 configuring Layer 2 Ethernet link aggregation
priority-based flow control. Use PFC (static), 45
147
configuring loop detection protection action configuring STP protection functions, 87
(global), 99 configuring STP root bridge, 72
configuring loop detection protection action configuring STP root bridge device, 72
(Layer 2 aggregate interface), 99 configuring STP secondary root bridge, 72
configuring loop detection protection action configuring STP secondary root bridge device, 72
(Layer 2 Ethernet interface), 99
configuring STP switched network diameter, 73
configuring loopback interface, 12
configuring STP TC-BPDU transmission
configuring MAC address table, 24 restriction, 90
configuring MAC address table dynamic aging configuring STP timeout factor, 75
timer, 22
configuring STP timer, 74
configuring MAC address table entry, 18
configuring VLAN (port-based), 106, 110
configuring MAC Information, 27
configuring VLAN basic settings, 104
configuring MAC Information change send
configuring VLAN interface basic settings, 105
interval, 27
disabling global MAC address learning, 21
configuring MAC Information mode, 26
disabling MAC address learning, 21
configuring MAC Information queue length, 27
disabling MAC address learning on interface, 21
configuring management Ethernet interface, 1
displaying bulk interface configuration, 16
configuring MST region, 71
displaying Ethernet interface, 10
configuring MST region max hops, 73
displaying Ethernet link aggregation, 44
configuring MSTP, 67, 69, 91
displaying inloopback interface, 13
configuring MSTP device priority, 73
displaying LLDP, 127
configuring MSTP root bridge, 72
displaying loop detection, 100
configuring MSTP root bridge device, 72
displaying loopback interface, 13
configuring MSTP secondary root bridge, 72
displaying MAC address table, 24
configuring MSTP secondary root bridge
displaying MSTP, 91
device, 72
displaying null interface, 13
configuring null interface, 13
displaying port isolation, 52
configuring port isolation (on LAN), 53
displaying RSTP, 91
configuring RSTP, 67, 68, 91
displaying STP, 91
configuring RSTP device priority, 73
displaying VLAN, 110
configuring RSTP root bridge, 72
enabling Ethernet link aggregation local-first load
configuring RSTP root bridge device, 72
sharing, 43
configuring RSTP secondary root bridge, 72
enabling Ethernet link aggregation traffic
configuring RSTP secondary root bridge
redirection, 44
device, 72
enabling LLDP, 119
configuring STP, 67, 68, 91
enabling LLDP polling, 121
configuring STP BPDU transmission rate, 76
enabling loop detection, 98
configuring STP device priority, 73
enabling loop detection (global), 98
configuring STP Digest Snooping, 83, 84
enabling loop detection (port-specific), 98
configuring STP edge port, 76
enabling MAC address synchronization
configuring STP No Agreement Check, 85, 87
globally, 22
configuring STP port link type, 80
enabling MAC Information, 26
configuring STP port mode for MSTP packets, 80
enabling STP BPDU guard, 87
configuring STP port path cost, 77, 78
enabling STP feature, 81
configuring STP port priority, 79
enabling STP loop guard, 88
configuring STP port role restriction, 89
148
enabling STP port state transition information LLDP, 119
output, 81 MSTP, 67
enabling STP root guard, 88 STP protocol packets, 55
enabling STP TC-BPDU guard, 90 VLAN, 104
maintaining Ethernet interface, 10 PVID (port-based VLAN), 106
maintaining Ethernet link aggregation, 44
Q
maintaining inloopback interface, 13
QinQ
maintaining loopback interface, 13
loop detection configuration, 96, 98, 100
maintaining MSTP, 91
queuing
maintaining null interface, 13
MAC Information queue length, 27
maintaining RSTP, 91
maintaining STP, 91 R
maintaining VLAN, 110 rate
modifying MAC address table blackhole STP BPDU transmission rate, 76
entry, 19 receiving
modifying MAC address table multiport unicast LLDPDUs, 119
entry, 20
recovering
performing STP mCheck, 82
loop detection port status auto recovery, 97
performing STP mCheck globally, 82
reference port (Ethernet link aggregation), 32, 34
performing STP mCheck in interface view, 82
region
restoring Ethernet link aggregate interface
MST, 63
default settings, 42
MST region configuration, 71
setting Ethernet link aggregate group min/max
number Selected ports, 40 MST region max hops, 73
setting LLDP operating mode, 120 MST regional root, 64
setting LLDP parameters, 124 re-initialization delay (LLDP), 121
setting LLDP re-initialization delay, 121 restoring
setting LLDPDU encapsulation format, 125 Ethernet link aggregate interface default
settings, 42
setting loop detection interval, 99
restrictions
setting MSTP mode, 70
Ethernet link aggregation traffic redirection, 44
setting RSTP mode, 70
STP Digest Snooping configuration, 83
setting STP mode, 70
STP edge port configuration, 76
shutting down Ethernet link aggregate
interface, 41 STP port link type configuration, 80
specifying Layer 2 aggregate interface (ignored STP port role restriction, 89
VLAN), 40 STP TC-BPDU transmission restriction, 90
specifying STP port path cost calculation STP timer configuration, 74
standard, 77 root
splitting 40-GE interface into 10-GE breakout MST common root bridge, 64
interfaces, 2 MST regional root, 64
splitting and combining Ethernet interface, 2 MST root port role, 65
protecting MSTP root bridge configuration, 72
STP protection functions, 87 MSTP secondary root bridge configuration, 72
protocols and standards RSTP root bridge configuration, 72
Ethernet link aggregation protocol RSTP secondary root bridge configuration, 72
configuration, 31 STP algorithm calculation, 57
149
STP root bridge, 56 LLDPDU encapsulated in SNAP format, 114
STP root bridge configuration, 72 LLDPDU encapsulation format, 125
STP root guard, 88 SNMP
STP root port, 56 MAC Information configuration, 26, 27
STP secondary root bridge configuration, 72 snooping
RSTP, 55, See also STP STP Digest Snooping, 83, 84
configuration, 55, 67, 68, 91 spanning tree. Use STP, RSTP, MSTP
device priority configuration, 73 specifying
displaying, 91 Layer 2 aggregate interface (ignored VLAN), 40
maintaining, 91 STP port path cost calculation standard, 77
mode set, 70 state
network convergence, 62 Ethernet interface state change suppression, 4
No Agreement Check, 85, 87 Ethernet link aggregation member port
root bridge configuration, 72 state, 30, 32, 35
root bridge device configuration, 72 static
secondary root bridge configuration, 72 Ethernet link aggregation mode, 31
secondary root bridge device configuration, 72 Ethernet link aggregation static mode, 32
STP basic concepts, 56 Layer 2 Ethernet link aggregation, 45
Layer 2 Ethernet link aggregation group, 38
S
MAC address table entry, 17
selecting
storm
Ethernet link aggregation Selected ports, 40
Layer 2 Ethernet interface storm control, 9
Ethernet link aggregation selected state, 30
Layer 2 Ethernet interface storm suppression, 8
Ethernet link aggregation unselected state, 30
STP
sending
algorithm calculation, 57
MAC Information change send interval, 27
basic concepts, 56
service
BPDU forwarding, 61
LLDP service bridge mode, 120
BPDU guard enable, 87
setting
BPDU transmission rate configuration, 76
Ethernet link aggregate group min/max number
CIST, 64
Selected ports, 40
configuration, 55, 67, 68, 91
Ethernet link aggregation member port
CST, 64
state, 32, 35
designated bridge, 56
LLDP operating mode, 120
designated port, 56
LLDP parameters, 124
device priority configuration, 73
LLDP re-initialization delay, 121
Digest Snooping, 83, 84
LLDPDU encapsulation format, 125
Digest Snooping configuration restrictions, 83
loop detection interval, 99
displaying, 91
MSTP mode, 70
edge port configuration, 76
RSTP mode, 70
edge port configuration restrictions, 76
STP mode, 70
feature enable, 81
shutting down
IST, 64
Ethernet link aggregate interface, 41
loop detection, 55
loop detection shutdown action, 97
loop guard enable, 88
SNAP
maintaining, 91
150
mCheck, 82 Ethernet interface physical state change
mCheck (global), 82 suppression, 4
mCheck (interface view), 82 Layer 2 Ethernet interface storm control
mode set, 70 configuration, 9
MST common root bridge, 64 Layer 2 Ethernet interface storm suppression
configuration, 8
MST port roles, 65
switching
MST port states, 65
Ethernet interface configuration, 1
MST region, 63
inloopback interface configuration, 12, 13
MST region configuration, 71
loopback interface configuration, 12, 12
MST regional root, 64
MAC address table configuration, 17, 18, 24
MSTI, 64
null interface configuration, 12, 13
MSTI calculation, 66
port isolation configuration, 52
MSTP, 62, See also MSTP
port isolation configuration (on LAN), 53
MSTP CIST calculation, 66
port-based VLAN access port assignment, 107
MSTP device implementation, 67
port-based VLAN access port assignment (in
No Agreement Check, 85, 87
interface view), 107
path cost, 56
port-based VLAN access port assignment (in VLAN
port link type configuration, 80
view), 107
port link type configuration restrictions, 80
port-based VLAN hybrid port assignment, 109
port mode configuration, 80
port-based VLAN trunk port assignment, 108
port path cost calculation standard, 77
VLAN basic configuration, 104
port path cost configuration, 77, 78
VLAN configuration, 103
port priority configuration, 79
VLAN interface basic configuration, 105
port role restriction, 89
VLAN port-based configuration, 106, 110
port state transition output, 81
synchronizing
protection functions, 87
MAC addresses, 22
protocol packets, 55
system
root bridge, 56
interface bulk configuration, 15
root bridge configuration, 72
T
root bridge device configuration, 72
root guard enable, 88 table
root port, 56 MAC address, 17, 18, 24
RSTP, 62, See also RSTP MSTP VLAN-to-instance mapping table, 64
secondary root bridge configuration, 72 TC-BPDU
secondary root bridge device configuration, 72 STP TC-BPDU guard, 90
switched network diameter, 73 STP TC-BPDU transmission restriction, 90
TC-BPDU guard, 90 time
TC-BPDU transmission restriction, 90 Ethernet link aggregation LACP timeout interval, 33
timeout factor configuration, 75 timeout
timer configuration, 74 STP timeout factor, 75
timer configuration restrictions, 74 timer
timers, 61 LLDP re-initialization delay, 121
VLAN-to-instance mapping table, 64 MAC address table dynamic aging timer, 22
suppressing STP forward delay, 61, 74
STP hello, 61, 74
151
STP max age, 61, 74 MSTP VLAN-to-instance mapping table, 64
TLV port isolation configuration, 52
LLDP advertisable TLV configuration, 122 port link type, 106
LLDP management address configuration, 123 port-based configuration, 106, 110
LLDP management address encoding port-based VLAN access port assignment, 107
format, 123 port-based VLAN access port assignment (in
LLDP parameters, 124 interface view), 107
LLDPDU basic management types, 115 port-based VLAN access port assignment (in VLAN
LLDPDU LLDP-MED types, 115 view), 107
LLDPDU management address TLV, 118 port-based VLAN frame handling, 107
LLDPDU organization-specific types, 115 port-based VLAN trunk port assignment, 108
topology protocols and standards, 104
STP TCN BPDU protocol packets, 55 PVID, 106
traffic voice traffic
Ethernet link aggregation traffic redirection, 44 LLDP CDP compatibility, 125
transmitting
LLDPDUs, 118
STP TC-BPDU transmission restriction, 90
trapping
LLDP configuration, 126
LLDP-MED configuration, 126
MAC Information configuration, 26, 27
MAC Information mode configuration, 26
trunk port
port-based VLAN assignment, 108
U
unicast
MAC address table configuration, 17, 18, 24
MAC address table multiport unicast entry, 17
V
Virtual Local Area Network. Use VLAN
VLAN
basic configuration, 104
configuration, 103
configuring, 103
displaying, 110
frame encapsulation, 103
hybrid port assignment, 109
interface basic configuration, 105
Layer 2 Ethernet aggregate interface (ignored
VLAN), 40
LLDP CDP compatibility, 125
loop detection configuration, 96, 98, 100
maintaining, 110
152