At8000 s configurando vlan avancado

892 views
766 views

Published on

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
892
On SlideShare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
23
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

At8000 s configurando vlan avancado

  1. 1. VLAN Advanced Features AT - 8000S Marvell Confidential
  2. 2. Agenda • Advanced VLAN classification – MAC based VLAN • Private VLAN Edge Marvell Confidential
  3. 3. Advanced VLAN Classification • In Legacy VLAN implementation an untagged packet is classified according to the PVID configured on the port. • The device implements an additional advance method of untagged packet classification – MAC based VLAN Marvell Confidential
  4. 4. Packet Classification Flowchart Is Packet Yes Frame classified according to Tagged? VLAN tag No Is MAC mapped to Frame classified according to VLAN? MAC Group to VLAN mapping PVID based Marvell Confidential classification
  5. 5. MAC Based VLANs • A classification that enables to classify packets to different VLANs based on the packet’s source MAC address. • This feature is usually used for – VLAN segregation based on device type – Roaming • Classification can be based on specific MAC address or MAC address prefix Marvell Confidential
  6. 6. MAC Based VLANs – User Control • Map MAC addresses and prefixes of MAC addresses to a certain “Group-of-MACs” • On a specific interface – map a certain Group-of-MACs to a VID. – Can be applied only on general VLAN mode interfaces • If an untagged packet matches one of the Group-of-MACs defined on the interface, the VID is assigned according. • Defined rules can’t contain overlapping ranges on the same interface. Marvell Confidential
  7. 7. MAC Based VLANs – CLI • Use the following VLAN configuration command to map a MAC address or range of MAC addresses to a group of MAC addresses: map mac mac-address {prefix-mask | host} macs-group group • Use the no form of this command to delete the map: no map mac mac-address {prefix-mask | host} Marvell Confidential
  8. 8. MAC Based VLANs – CLI • Use the following Interface configuration command to set a mac-based classification rule: switchport general map macs-group group vlan vlan-id • Use the no form of this command to delete the classification: no switchport general map macs-group group Marvell Confidential
  9. 9. MAC Based VLANs – CLI • Use the following EXEC command to show macs-groups information : show vlan macs-groups Marvell Confidential
  10. 10. Private VLAN Edge • The device supports private VLAN edge feature • A port can be defined as a protected port. • Traffic received on this port will be forwarded only to the specific uplink port defined in the command. • Only a Gigabit ports can be designated as an uplink port • Protected port applies VLAN ingress filtering rules • Uplink port does not apply VLAN egress filtering on traffic received from protected VLAN Marvell Confidential
  11. 11. Private VLAN Edge • Traffic tagging by uplink port: – VID exists on uplink port – regular VLAN egress tagging rules. – VID does not exist on uplink port – traffic is forwarded untagged • Protected port and uplink port can be in any VLAN mode • IP address cannot be defined on this protected port Marvell Confidential
  12. 12. PVE - CLI • Use the following Interface Mode command to define a protected port switchport protected ethernet port Note: Uplink port must be a GE port • Use the “no” form of command to disable protection: no switchport protected console(config)# interface ethernet 1/e1 console(config-if)# switchport protected ethernet 1/g2 console(config-if)# Marvell Confidential
  13. 13. Private VLAN Edge - Example console# show interfaces switchport ethernet 1/e1 Port : 1/e1 Port Mode: Access Gvrp Status: disabled Ingress Filtering: true Acceptable Frame Type: admitAll Ingress UnTagged VLAN ( NATIVE ): 1 Protected: Enabled, Uplink is 1/g2 Port is member in: Vlan Name Egress rule Port Membership Type ---- -------------------------------- ----------- -------------------- 1 1 Untagged System Marvell Confidential
  14. 14. Marvell Confidential

×