Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesBigIron RX Series
361362363364365366367368369370
BigIron RX Series Configuration Guide 287
53-1002484-04
Chapter
11
VLANs
In this chapter
Overview of Virtual Local Area Networks (VLANs) . . . . . . . . . . . . . . . . . . . . 287
VLAN configuration rules. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Configuring port-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291
Configuring protocol-based VLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
Configuring virtual routing interfaces. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
VLAN groups. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
Configuring super aggregated VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
Configuring 802.1q-in-q tagging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
Configuring 802.1q tag-type translation . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
Private VLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
Other VLAN features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319
Displaying VLAN information. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322
Transparent firewall mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325
Overview of Virtual Local Area Networks (VLANs)
Virtual Local Area Networks (VLANs) allow you to segment traffic in a network by placing ports and
interfaces into separate broadcast domains. Each broadcast domain is uniquely identified by VLAN
IDs. These broadcast domains can span multiple devices.
The device supports two types of VLANs: port-based VLANs and protocol-based VLANs. A
port-based VLAN consists of interfaces that constitutes a Layer 2 broadcast domain. By default, all
interfaces on a BigIron RX are members of the default VLAN, which is VLAN 1. Thus by default, all
interfaces on all devices on a network constitute a single Layer 2 broadcast domain. Once you
create a port-based VLAN and assign an interface to that VLAN, that interface is automatically
removed from the default VLAN if the port assigned is untagged. If the port assigned is tagged,
then the port remains as untag on the original VLAN (vlan1) and behaves as dual-mode port.
Tagged, untagged, and dual-mode ports
Interfaces assigned to port-based VLANs can be defined as untagged, tagged, and dual-mode
ports. An untagged port is a member of only one VLAN, while a tagged port can be a member of
more than one VLAN. Thus a tagged port can be a member of more than one broadcast domain.
Dual-mode ports are configured by adding one or more tagged VLANs and one untagged VLAN to a
port.