HP VPN Firewall Appliances Network Management Configuration Guide
269
Task Command
Remarks
Display interface/subinterface
state and related information.
display interface [ interface-type
[interface-number |
interface-number.subnumber ] ]
Available in any view.
Clear interface/subinterface
statistics.
reset counters interface [ interface-type
[ interface-number |
interface-number.subnumber ] ]
Available in user view.
Display VLAN information.
display vlan [ vlan-id1 [ to vlan-id2 ] | all |
dynamic | interface interface-type
interface-number.subnumber | reserved | static ]
Available in any view.
Layer 3 subinterface forwarding configuration
example
Network requirements
As shown in Figure 176, traffic between GigabitEthernet 3/0/1 and GigabitEthernet 3/0/2 is filtered
by a firewall card, and Layer 3 subinterface forwarding needs to be configured.
• Configure the operating mode of GigabitEthernet 3/0/1 and GigabitEthernet 3/0/2 of the switch
as access. Assign them to VLAN 102 and VLAN 103 respectively.
• Ten-GigabitEthernet 2/0/1 of the switch connects to ten-GigabitEthernet 0/0 of the firewall card.
Configure ten-GigabitEthernet 2/0/1 as a trunk port.
• Configure the operating mode of the firewall card's ten-GigabitEthernet interface as Layer 3.
Configure two subinterfaces, ten-GigabitEthernet 0/0.1 and ten-GigabitEthernet 0/0.2, and set
their encapsulation type to dot1q. Associate ten-GigabitEthernet 0/0.1 with VLAN 102 and
ten-GigabitEthernet 0/0.2 with VLAN 103.
• Assign IP address 102.0.0.3/24 to ten-GigabitEthernet 0/0.1 and 103.0.0.3/24 to
ten-GigabitEthernet 0/0.2.
• Add one subinterface to the security zone Trust and the other subinterface to Untrust.
Figure 176 Network diagram for Layer 3 subinterface forwarding
Configuration procedure
1. Configure the ports on the switch.