Administrator Guide
Layer 2 Switching Commands 828
The no form of the command with the optional primary TPID specified sets
the primary TPID value to 802.1Q (0x8100).
If the TPID value was not configured as a primary TPID and the no form the
command includes the optional primary-tpid argument, the command will
fail.
If the TPID value was configured as the primary TPID, and the no form of
the command does not include the optional primary-tpid argument, the
command will fail.
If a TPID value is configured as the primary TPID, and it is added again
without the primary-tpid optional argument, the TPID will be treated as the
primary TPID (the primary TPID includes the behavior of secondary TPIDs).
It is not possible to configure an inner VLAN TPID value. The inner VLAN
TPID value is always 802.1Q (0x8100).
Example
This example defines the VMAN (0x88A8) TPID for use on a service provider
port and configures a service provider port (Te1/0/1) in general mode. The
general mode port is configured to only allow tagged packets on ingress using
VLAN ID 10. Then, in the last command, the port is configured to accept the
VMAN TPID in the outer VLAN on ingress and further configured to tag
packets with the VMAN TPID in the outer VLAN tag on egress.
console(config)#switchport dot1q ethertype vman
console(config)#vlan 10
console(config-vlan10)#exit
console(config)#interface te1/0/1
console(config-if-Te1/0/1)#switchport mode general
console(config-if-Te1/0/1)#switchport general allowed vlan add 10 tagged
console(config-if-Te1/0/1)#switchport dot1q ethertype vman primary-tpid
switchport general forbidden vlan
Use the switchport general forbidden vlan command in Interface
Configuration mode to forbid adding specific VLANs to a general mode port.
To revert to allowing the addition of specific VLANs to the port, use the
remove parameter of this command.
2CSNXXX_SWUM204.book Page 828 Monday, January 25, 2016 1:25 PM