Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 2513
    Add page 321 to Favourites
    image text
    Enable zoom 
    							 110 
•  Ethernet Operation, Administration and Maintenance (EOAM) 
•   GARP VLAN Registration Protocol (GVRP) 
•   HW Group Management Protocol (HGMP) 
•   Link Aggregation Control Protocol (LACP) 
•   Link Layer Discovery Protocol (LLDP) 
•   Port Aggregation Protocol (PAGP) 
•   Per VLAN Spanning Tree (PVST) 
•   Spanning Tree Protocol (STP) 
•   Unidirectional Link Direction (UDLD) 
•   VLAN Trunking Protocol (VTP) 
BPDU tunneling implementation 
The BPDU tunneling implementations for different protoc ols are all similar. This section uses the Spanning 
Tree Protocol (STP) to describe how to implement BPDU tunneling.  
This document uses the term  STP in a broad sense. It includes STP, RSTP, and MSTP. 
STP calculates the topology of a network by transmitting BPDUs among devices in the network. For more 
information, see  Configuring spanning tree protocols . 
T

o  a v o i d  l o o p s  i n  yo u r  n e t w o r k ,  yo u  c a n  e n a b l e  ST P  o n  yo u r  d e v i c e s .  W h e n  t h e  t o p o l o g y  c h a n g e s  a t  o n e  
side of the customer network, devices at that side of the customer network send BPDUs to devices on the 
other side of the customer network to ensure consiste nt spanning tree calculation in the entire customer 
network. However, because BPDUs are Layer 2 multicast frames, all STP-enabled devices, both in the 
customer network and in the service provider network, can receive and process these BPDUs. In this case, 
neither the service provider network nor the customer network can correctly calculate its independent 
spanning tree.  
BPDU tunneling allows each network to calculate an independent spanning tree with STP.  
BPDU tunneling delivers the following benefits: 
•   BPDUs can be transparently transmitted. BPDUs of one customer network can be broadcast in a 
specific VLAN across the service provider network, allowing that customer’s geographically 
dispersed networks to implement consistent spanning tree calculation across the service provider 
network.  
•   BPDUs of different customer networks can be confined within different VLANs for transmission on 
the service provider network. This enables each customer network to perform independent 
spanning tree calculation.
    Add page 322 to Favourites
    image text
    Enable zoom 
    							 111 
Figure 33 BPDU tunneling implementation 
 
 
The upper section of Figure 33 represents the service provider network (ISP network). The lower section, 
including User A network 1 and User A network 2, represents the customer networks. Enabling BPDU 
tunneling on edge devices (PE 1 and PE 2) in the service provider network allows BPDUs of User A 
network 1 and User A network 2 to be transparently transmitted through the service provider network. 
This ensures consistent spanning tree calculation throughout User A network, without affecting the 
spanning tree calculation of the service provider network.  
Assume that a BPDU is sent from User A network 1 to User A network 2. The BPDU is sent by using the 
following workflow.  
1.  At the ingress of the service provider network,  PE 1 changes the destination MAC address of the 
BPDU from 0x0180-C200- 0000 to a special multicast MA C address, 0x010F-E200-0003 (the 
default multicast MAC address), for example. In th e service provider network, the modified BPDU 
is forwarded as a data packet in th e VLAN assigned to User A.  
2. At the egress of the service provider network, PE  2 recognizes the BPDU with the destination MAC 
address 0x010F-E200-0003, restores its origin al destination MAC address 0x0180-C200-0000, 
and then sends the BPDU to CE 2.  
 
  NOTE: 
Through configuration, make sure that the  VLAN tags carried in BPDUs are neither chan
ged nor removed
during the transparent transmission in the service prov ider network. Otherwise, the devices in the service
provider network will fail to transparently  transmit the customer network BPDUs correctly. 
 
Enabling BPDU tunneling 
Configuration prerequisites 
Before configuring BPDU tunneling for a protocol, perform the following tasks: 
•  Enable the protocol in the customer network. 
•   Assign the port on which you want to enable BPDU tunneling on the PE device and the connected 
port on the CE device to the same VLAN. 
•   Configure ports that connect network devices in the service provider network as trunk ports that 
allow packets of any VLAN to pass through.
    Add page 323 to Favourites
    image text
    Enable zoom 
    							 112 
Configuration restrictions and guidelines 
•  Settings made in Layer 2 Ethernet interface view  or Layer 2 aggregate interface view take effect 
only on the current port. Settings made in port group  view  take  ef fe ct on al l  por ts  i n the  por t g roup.  
•   Before you enable BPDU tunneling for DLDP, EOAM, GVRP, HGMP, LLDP, or STP on a port, disable 
the protocol on the port first.  
•   Because PVST is a special STP protocol, you must do two things before you enable BPDU tunneling  
for PVST on a port: first, disable STP; second , enable BPDU tunneling for STP on the port. 
•   Do not enable BPDU tunneling for DLDP, EOAM, LACP, LLDP, PAGP, or UDLD on the member port 
of a Layer 2 aggregation group. 
Enabling BPDU tunneling 
You can enable BPDU tunneling for different protocols in different views.  
Enabling BPDU tunneling for a protocol in Layer 2 Ethernet interface view or port group view 
 
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.
  Enter Ethernet interface view or port 
group view.  
• Enter Layer 2 Ethernet interfac e 
view: 
interface interface-type 
interface-number  
• Enter port group view: 
port-group manual 
port-group-name   Use either command.
 
3.  Enable BPDU tunneling for a 
protocol.   bpdu-tunnel dot1q { cdp
 | dldp | 
eoam  | gvrp  | hgmp  | lacp  | lldp | 
pagp  | pvst  | stp |  udld |  vtp }  Disabled by default. 
 
Enabling BPDU tunneling for a protocol
 in Layer 2 aggregate interface view 
 
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Enter Layer 2 aggregate interface 
view.  interface bridge-aggregation 
interface-number
  N/A 
3.
  Enable BPDU tunneling for a 
protocol on the Layer 2 aggregate 
interface.  bpdu-tunnel dot1q { cdp
 | gvrp  | hgmp  | 
pvst  | stp |  vtp }  Disabled by default.
 
 
Configuring destination multicast MAC address for 
BPDUs 
By default, the destination multicast MAC address for BPDUs is 0x010F-E200-0003. You can change it 
to 0x0100-0CCD-CDD0, 0x0100-0CCD-CDD1, or 0x0100-0CCD-CDD2.
    Add page 324 to Favourites
    image text
    Enable zoom 
    							 113 
To configure destination multicast MAC address for BPDUs:  
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Configure the destination 
multicast MAC address for 
BPDUs.  bpdu-tunnel tunnel-dmac 
mac-address  
Optional. 
0x010F-E200-0003 by default. 
 
 
NOTE: 
For BPDUs to be recognized, the destination mult icast MAC addresses configured for BPDU tunnelin
g must
be the same on the edge devices  on the service provider network.  
BPDU tunneling configuration examples 
BPDU tunneling for STP configuration example 
Network requirements 
As shown in Figure 34: 
•   CE 1 and CE 
2 are edges devices on the geographically dispersed network of User A; PE 1 and PE 
2 are edge devices on the service provider network.  
•   All ports that connect service provider devices and customer devices are access ports and belong 
to VLAN 2. All ports that interconnect service provider devices are trunk ports and allow packets of 
any VLAN to pass through. 
•   MSTP is enabled on User A’s network.  
After the configuration, CE 1 and CE 2 must implement consistent spanning tree calculation across the 
service provider network, and the destination multicast MAC address carried in BPDUs must be 
0x0100-0CCD-CDD0.  
Figure 34  Network diagram 
 
 
Configuration procedure 
1.  Configure PE 1: 
# Configure the destination multicast MA C address for BPDUs as 0x0100-0CCD-CDD0.  
 system-view 
[PE1] bpdu-tunnel tunnel-dmac 0100-0ccd-cdd0
    Add page 325 to Favourites
    image text
    Enable zoom 
    							 114 
# Create VLAN 2 and assign GigabitEthernet 1/0/1 to VLAN 2.  
[PE1] vlan 2 
[PE1-vlan2] quit 
[PE1] interface gigabitethernet 1/0/1 
[PE1-GigabitEthernet1/0/1] port access vlan 2 
# Disable STP on GigabitEthernet 1/0/1, and then enable BPDU tunneling for STP on it.  
[PE1-GigabitEthernet1/0/1] undo stp enable 
[PE1-GigabitEthernet1/0/1] bpdu-tunnel dot1q stp 
2. Configure PE 2: 
# Configure the destination multicast MA C address for BPDUs as 0x0100-0CCD-CDD0.  
 system-view 
[PE2] bpdu-tunnel tunnel-dmac 0100-0ccd-cdd0 
# Create VLAN 2 and assign GigabitEthernet 1/0/2 to VLAN 2.  
[PE2] vlan 2 
[PE2-vlan2] quit 
[PE2] interface gigabitethernet 1/0/2 
[PE2-GigabitEthernet1/0/2] port access vlan 2 
# Disable STP on GigabitEthernet 1/0/2, and  then enable BPDU tunneling for STP on it. 
[PE2-GigabitEthernet1/0/2] undo stp enable 
[PE2-GigabitEthernet1/0/2] bpdu-tunnel dot1q stp 
BPDU tunneling for PVST configuration example 
Network requirements 
As shown in Figure 35: 
•   CE 1 and
 CE 2 are edge devices on the geographically dispersed network of User A. PE 1 and PE 
2 are edge devices on the service provider network.  
•   All ports that connect service provider devices and customer devices and those that interconnect 
service provider devices are trunk ports and allow packets of any VLAN to pass through. 
•   PVST is enabled for VLANs 1 through 4094 on User A’s network.  
After the configuration, CE 1 and CE 2 must implement consistent PVST calculation across the service 
provider network, and the destination multicast MAC address carried in BPDUs must be 
0x0100-0CCD-CDD0.  
Figure 35  Network diagram
    Add page 326 to Favourites
    image text
    Enable zoom 
    							 115 
Configuration procedure 
1. Configure PE 1: 
# Configure the destination multicast MA C address for BPDUs as 0x0100-0CCD-CDD0.  
 system-view 
[PE1] bpdu-tunnel tunnel-dmac 0100-0ccd-cdd0 
# Configure GigabitEthernet 1/0/1 as a tr unk port and assign it to all VLANs. 
[PE1] interface gigabitethernet 1/0/1 
[PE1-GigabitEthernet1/0/1] port link-type trunk 
[PE1-GigabitEthernet1/0/1] port trunk permit vlan all 
# Disable STP on GigabitEthernet 1/0/1, and th en enable BPDU tunneling for STP and PVST on 
it.  
[PE1-GigabitEthernet1/0/1] undo stp enable 
[PE1-GigabitEthernet1/0/1] bpdu-tunnel dot1q stp 
[PE1-GigabitEthernet1/0/1] bpdu-tunnel dot1q pvst 
2.  Configure PE 2: 
# Configure the destination multicast MA C address for BPDUs as 0x0100-0CCD-CDD0.  
 system-view 
[PE2] bpdu-tunnel tunnel-dmac 0100-0ccd-cdd0 
# Configure GigabitEthernet 1/0/2 as a trunk port and assign it to all VLANs.  
[PE2] interface gigabitethernet 1/0/2 
[PE2-GigabitEthernet1/0/2] port link-type trunk 
[PE2-GigabitEthernet1/0/2] port trunk permit vlan all 
# Disable STP on GigabitEthernet 1/0/2, and th en enable BPDU tunneling for STP and PVST on 
it. 
[PE2-GigabitEthernet1/0/2] undo stp enable 
[PE2-GigabitEthernet1/0/2] bpdu-tunnel dot1q stp 
[PE2-GigabitEthernet1/0/2] bpdu-tunnel dot1q pvst
    Add page 327 to Favourites
    image text
    Enable zoom 
    							 116 
Configuring VLANs 
Overview 
Ethernet is a network technology based on the Carrier Sense Multiple Access/Collision Detect 
(CSMA/CD) mechanism. Because the medium is shared, collisions and excessive broadcasts are 
common on Ethernet networks. To address the issue,  virtual LAN (VLAN) was introduced to break a LAN 
down into separate VLANs. VLANs ar e isolated from each other at Layer 2. A VLAN is a bridging 
domain, and contains all broadcast traffic within it. 
Figure 36  A VLAN diagram 
 
 
A VLAN is logically divided on an organizational basis rather than on a physical basis. For example, 
using VLAN, all workstations and servers that a particular workgroup uses can be assigned to the same 
VLAN, regardless of their physical locations. 
VLAN technology delivers the following benefits: 
1. Confining broadcast traffic within individual VL ANs. This reduces bandwidth waste and improves 
network performance. 
2.  Improving LAN security. By assigning user groups  to different VLANs, you can isolate them at 
Layer 2. To enable communication between VLANs,  routers or Layer 3 switches are required.  
3. Creating flexible virtual workgroups. Because user s from the same workgroup can be assigned to 
the same VLAN regardless of their physical loca tions, network construction and maintenance are 
much easier and more flexible. 
VLAN fundamentals 
To enable a network device to identify frames of different VLANs, a VLAN tag field is inserted into the 
data link layer encapsulation.  
The format of VLAN-tagged frames is defined in IEEE 802.1Q issued by the Institute of Electrical and 
Electronics Engineers (IEEE) in 1999.
    Add page 328 to Favourites
    image text
    Enable zoom 
    							 117 
The Ethernet II encapsulation format is used here. Besides the Ethernet II encapsulation format, Ethernet 
also supports other encapsulation formats, including 802.2 LLC, 802.2 SNAP, and 802.3 raw. The 
VLAN tag fields are added to frames encapsulated in these formats for VLAN identification. 
In the header of a traditional Ethernet data frame, the field after the destination MAC address and the 
source MAC address is the Type field, which indi cates the upper layer protocol type, as shown in Figure 
37 .  
Figure 37  Traditional Et

hernet frame format 
 
 
IEEE 802.1Q inserts a four-byte VLAN tag after the DA&SA field, as shown in  Figure 38.  
Figure 38  Position and
 format of VLAN tag 
 
 
The fields of a VLAN tag are tag protocol identifier  (TPID), priority, canonical format indicator (CFI), and 
VLAN ID. 
•   The 16-bit TPID field with a value of 0x8100 indicates that the frame is VLAN-tagged. 
•   The 3-bit priority field indicates the 802.1p priority of the frame. 
•   The 1-bit CFI field specifies whether the MAC addresses are encapsulated in the standard format 
when packets are transmitted across different media. A value of 0 indicates that MAC addresses 
are encapsulated in the standard format. A value of 1 indicates that MAC addresses are 
encapsulated in a non-standard format. The value of the field is 0 by default.  
•   The 12-bit VLAN ID field identifies the VLAN that the frame belongs to. The VLAN ID range is 0 to 
4095. Because 0 and 4095 are reserved, a VLAN ID actually ranges from 1 to 4094. 
A network device handles an incoming frame depend ing on whether the frame is VLAN tagged, and the 
value of the VLAN tag, if any. For more information, see  Introduction to port-based VLAN. 
 
 NOTE: 
When a frame carrying multiple VLAN tags passes through, the switch processes the frame according to
its outer VLAN tag, and transmits the inner tags as payload. 
 
VLAN types 
You can implement VLANs based on the following criteria: 
•   Po r t  
•   MAC address 
•   Protocol  
•   IP subnet 
•   Po l i c y  
•   Other criteria
    Add page 329 to Favourites
    image text
    Enable zoom 
    							 118 
This chapter covers port-based VLAN, MAC-based VLAN, protocol-based VLAN, and IP subnet-based 
VLAN. The port-based VLAN implementation is the basis of all other VLAN implementations. To use any 
other VLAN implementations, you must configure port-based VLAN settings.  
You can configure all these types of VLANs on a port at the same time. When the switch is determining 
which VLAN a packet that passes through the port shou ld be assigned to, it looks up the VLANs in the 
default order of MAC-based VLAN, IP sub-based VLAN, protocol-based VLAN, and port-based VLAN.  
Protocols and standards 
IEEE 802.1Q,  IEEE Standards for Local and Metropolitan Area Networks: Virtual Bridged Local Area 
Networks  
Configuring basic VLAN settings 
Configuration restrictions and guidelines 
•  As the default VLAN, VLAN 1 cannot be created or removed. 
•   You cannot manually create or remove VLANs reserved for special purposes. 
•   To delete a protocol reserved VLAN, voice VLAN, management VLAN, dynamic VLAN, VLAN with 
a QoS policy applied, control VLAN for a smart link group, control VLAN for an RRPP domain, 
remote probe VLAN for remote port mirroring, remove the configuration from the VLAN first, and 
execute the  undo vlan command.  
Configuration procedure 
To configure basic VLAN settings:  
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Create VLANs.  vlan
 { vlan-id1  [ to vlan-id2  ] |  
all  }  Optional. 
Use this command to create VLANs in bulk. 
3.
  Enter VLAN view. 
vlan vlan-id   By default, only the default VLAN (VLAN 1) 
exists in the system.  
If the specified VLAN does not exist, this 
command creates the VLAN first. 
4.
  Configure a name for 
the VLAN.  name 
text  Optional. 
By d efa ult, the na me of a  V LAN is its V LA N  
ID (
VLAN 0001 , for example). 
5.  Configure the 
description of the VLAN.  description text
  Optional. 
VLAN ID is used by default. (
VLAN 0001, 
for example).
    Add page 330 to Favourites
    image text
    Enable zoom 
    							 119 
Configuring basic settings of a VLAN interface 
For hosts of different VL ANs to communicate, you must use a router or Layer 3 switch to perform Layer 3 
forwarding. You use VLAN interfaces to achieve this.  
VLAN interfaces are virtual interfaces used for Layer 3 communication between different VLANs. They do 
not exist as physical entities on devices. For each VLAN, you can create one VLAN interface. You can 
assign the VLAN interface an IP address and specify it as the gateway of the VLAN to forward traffic 
destined for an IP subnet different from that of the VLAN.  
Configuration procedure 
To configure basic settings of a VLAN interface:  
Step Command Remarks 
1.   Enter system view. 
system-view  N/A 
2.  Create a VLAN interface 
and enter VLAN interface 
view.  interface vlan-interface 
vlan-interface-id
 If the VLAN interface already exists, you 
enter its view directly. 
3.
  Assign an IP address to the 
VLAN interface.  ip
 address  ip-address  
{  mask  | mask-length  } 
[ sub  ]  Optional. 
By default, no IP address is assigned to any 
VLAN interface. 
4.
  Configure the description 
of the VLAN interface.  description text
  Optional. 
By default, the description of a VLAN is the 
VLAN interface name. For example, 
Vlan-interface1 Interface
. 
5.  Set the MTU for the VLAN 
interface.  mtu
 size   Optional. 
By default, the MTU is 1500 bytes. 
6.
  Restore the default settings 
for the VLAN interface.  default 
Optional. 
7.  Shut down the VLAN 
interface.  shutdown  Optional. 
By default, a VLAN interface is in the up 
state. The VLAN interface is up if one or 
more ports in the VLAN is up, and goes 
down if all ports in the VLAN go down. 
A VLAN interface shut down with the 
shutdown command is in the DOWN 
(Administratively) state until you bring it up, 
regardless of how the state of the ports in the 
VLAN changes. 
 
 
NOTE: 
Before you create a VLAN interface for a VLAN, create the VLAN.
    All HP manuals Comments (0)

    Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide