Home > HP > Printer > HP 5500 Ei 5500 Si Switch Series Configuration Guide

HP 5500 Ei 5500 Si Switch Series Configuration Guide

Add to Favourites
    Download as PDF Print this page Share this page

    Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.

    View all the pages
    Page
    of 2513
    Add page 341 to Favourites
    image text
    Enable zoom 
    							 130 
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Associate a specific MAC 
address with a VLAN.  mac-vlan mac-address
 
mac-address  [ mask 
mac-mask  ] vlan vlan-id 
[  priority  priority ]  The 
mask  keyword is available on only the 
5500 EI Switch Series.  
3.   Enter interface view or 
port group view. 
• Enter Layer 2 Ethernet 
interface view: 
interface interface-type 
interface-number 
• Enter port group view: 
port-group manual 
port-group-name  Use either command. 
•
 The configuration made in Ethernet 
interface view applies only to the port. 
• The configuration made in port group 
view applies to all ports in the port group.
 
4.   Configure the link type of 
the ports as hybrid.  port link-type
 hybrid  By default, all ports are access ports. 
5.  Configure the hybrid 
ports to permit packets 
from specific MAC-based 
VLANs to pass through.  port hybrid
 vlan  vlan-id-list 
{  tagged  | untagged  }  By default, a hybrid port only permits the 
packets from VLAN 1 to pass through.  
6.
  Enable the MAC-based 
VLAN feature.  mac-vlan enable 
Disabled by default. 
7.  Configure VLAN 
matching precedence.  vlan precedence {
 mac-vlan | 
ip-subnet-vlan  }  Optional. 
By default, VLANs are preferably matched 
based on MAC addresses.  
 
To configure dynamic MAC-based VLAN assignment:  
Step Command Remarks 
1.
  Enter system view. 
system-view  N/A 
2.  Associate MAC 
addresses with a VLAN.  mac-vlan mac-address
 mac-address 
vlan  vlan-id  [  priority  priority ]  N/A 
3.
  Enter Ethernet interface 
view.  interface
 interface-type 
interface-number   N/A 
4.
  Configure the link type of 
the port as hybrid.  port link-type
 hybrid  By default, all ports are access ports. 
5.  Enable the MAC-based 
VLAN feature.  mac-vlan enable 
Disabled by default.
    Add page 342 to Favourites
    image text
    Enable zoom 
    							 131 
Step Command Remarks 
6.  Enable dynamic 
MAC-based VLAN 
assignment.  mac-vlan trigger enable  By default, dynamic MAC-based 
VLAN assignment is disabled. 
When you use the 
mac-vlan trigger 
enable  command to enable dynamic 
MAC-based VLAN assignment, HP 
recommends that you configure the 
vlan precedence mac-vlan  command, 
so that VLANs are assigned based on 
single MAC addresses preferentially. 
When dynamic MAC-based VLAN 
assignment is enabled, HP does not 
recommend configuring the vlan 
precedence ip-subnet-vlan  command, 
which will make the system assign 
VLANs based on IP subnets, because 
the configuration does not take effect.
 
7.   Configure VLAN 
matching precedence.  vlan precedence mac-vlan
 Optional. 
By default, VLANs are preferentially 
matched based on MAC addresses. 
 
8.
  Disable the PVID of the 
port from forwarding 
packets with unknown 
source MAC addresses 
that do not match any 
MAC address-to-VLAN 
entry.  port pvid disable 
Optional. 
By default, when a port receives a 
packet with an unknown source MAC 
address that does not match to any 
MAC address-to-VLAN entry, it 
forwards the packet in its PVID. 
 
To configure dynamic MAC-based VLAN:  
Step Command Remarks 
1.
  Enter system view. 
system-view N/A 
2.  Enter interface view or port 
group view. 
• Enter Layer 2 Ethernet 
interface view: 
interface interface-type 
interface-number 
• Enter port group view: 
port-group manual 
port-group-name  Use either command. 
•
 The configuration made in Ethernet 
interface view applies only to the port.
 
• The configuration made in port group 
view applies to all ports in the port 
group. 
3.   Configure the link type of the 
ports as hybrid.  port link-type
 hybrid  By default, all ports are access ports. 
4.  Configure the hybrid ports to 
permit packets from specific 
MAC-based VLANs to pass 
through.  port hybrid
 vlan  vlan-id-list 
{  tagged  | untagged  }  By default, a hybrid port only permits the 
packets of VLAN 1 to pass through.  
5.
  Enable the MAC-based VLAN 
feature.  mac-vlan enable 
Disabled by default. 
6.  Configure 
802.1X/MAC/portal 
authentication or any 
combination.  For more information, see 
Security Command 
Reference
.  N/A
    Add page 343 to Favourites
    image text
    Enable zoom 
    							 132 
 
MAC-based VLAN configuration example 
Network requirements 
As shown in Figure 42: 
•   G
igabitEthernet 1/0/1 of Device A and Device C are each connected to a meeting room. Laptop 
1 and Laptop 2 are used for meetings and might be used in either of the two meeting rooms. 
•   Different departments own Laptop 1 and Laptop  2. The two departments use VLAN 100 and VLAN 
200, respectively. Each laptop must be able to access only its own department server, no matter 
which meeting room it is used in. 
•   The MAC address of Laptop 1 is 000D-88F8-4E71, and that of Laptop 2 is 0014-222C-AA69. 
Figure 42  Network diagram 
 
 
Configuration consideration 
•  Create VLANs 100 and 200. 
•   Configure the uplink ports of Device A and Device C as trunk ports, and assign them to VLANs 100 
and 200. 
•   Configure the downlink ports of Device B as trunk ports, and assign them to VLANs 100 and 200. 
Assign the uplink ports of Device B to VLANs 100 and 200. 
•   Associate the MAC address of Laptop 1 with VLAN  100, and associate the MAC address of Laptop 
2 with VLAN 200. 
Configuration procedure 
1.  Configure Device A: 
# Create VLANs 100 and 200. 
 system-view 
[DeviceA] vlan 100 
Device A Device C
Device B
Server1
IP: 1.1.1.1/24 Server2 
IP: 1.1.2.1/24
GE1/0/1 GE1/0/1
Laptop1
IP: 1.1.1.2/24
MAC: 000d-88f8-4e71 Laptop2 
IP: 1.1.2.2/24
MAC: 0014-222c-aa69
VLAN 100
VLAN 200
GE1/0/2
GE1/0/2
GE1/0/3
GE1/0/4GE1/0/14
GE1/0/13
VLAN 100 VLAN 200
    Add page 344 to Favourites
    image text
    Enable zoom 
    							 133 
[DeviceA-vlan100] quit 
[DeviceA] vlan 200 
[DeviceA-vlan200] quit 
# Associate the MAC address of Laptop 1 with VLAN 100, and associate the MAC address of 
Laptop 2 with VLAN 200. 
[DeviceA] mac-vlan mac-address 000d-88f8-4e71 vlan 100 
[DeviceA] mac-vlan mac-address 0014-222c-aa69 vlan 200 
# Configure Laptop 1 and Laptop 2 to access the network through GigabitEthernet 1/0/1. 
Configure GigabitEthernet 1/0/1 as a hybrid port that sends packets of VLANs 100 and 200 
untagged, and enable the MAC-based VLAN feature on it. 
[DeviceA] interface gigabitethernet 1/0/1 
[DeviceA-GigabitEthernet1/0/1] port link-type hybrid 
[DeviceA-GigabitEthernet1/0/1] port hybrid vlan 100 200 untagged 
 Please wait... Done. 
[DeviceA-GigabitEthernet1/0/1] mac-vlan enable 
[DeviceA-GigabitEthernet1/0/1] quit 
# To enable the laptops to access Server 1 and Serv er 2, configure the uplink port GigabitEthernet 
1/0/2 as a trunk port, and assign it to VLANs 100 and 200. 
[DeviceA] interface gigabitethernet 1/0/2 
[DeviceA-GigabitEthernet1/0/2] port link-type trunk 
[DeviceA-GigabitEthernet1/0/2] port trunk permit vlan 100 200 
[DeviceA-GigabitEthernet1/0/2] quit 
2.  Configure Device B: 
# Create VLANs 100 and 200. Assign GigabitEthernet 1/0/13 to VLAN 100, and assign 
GigabitEthernet 1/0/14 to VLAN 200. 
 system-view 
[DeviceB] vlan 100 
[DeviceB-vlan100] port gigabitethernet 1/0/13 
[DeviceB-vlan100] quit 
[DeviceB] vlan 200 
[DeviceB-vlan200] port gigabitethernet 1/0/14 
[DeviceB-vlan200] quit 
# Configure GigabitEthernet 1/0/3 and GigabitEth ernet 1/0/4 as trunk ports, and assign them 
to VLANs 100 and 200. 
[DeviceB] interface gigabitethernet 1/0/3 
[DeviceB-GigabitEthernet1/0/3] port link-type trunk 
[DeviceB-GigabitEthernet1/0/3] port trunk permit vlan 100 200 
[DeviceB-GigabitEthernet1/0/3] quit 
[DeviceB] interface gigabitethernet 1/0/4 
[DeviceB-GigabitEthernet1/0/4] port link-type trunk 
[DeviceB-GigabitEthernet1/0/4] port trunk permit vlan 100 200 
[DeviceB-GigabitEthernet1/0/4] quit 
3.  Configure Device C: 
Configure Device C as you configure Device A. 
Verifying the configurations 
1. Laptop 1 can access Server 1 only, an d Laptop 2 can access Server 2 only.
    Add page 345 to Favourites
    image text
    Enable zoom 
    							 134 
2.
 
On Device A and Device C, you can see that VL AN 100 is associated with the MAC address of 
Laptop 1, and VLAN 200 is associated  with the MAC address of Laptop 2.  
[DeviceA] display mac-vlan all 
  The following MAC VLAN addresses exist: 
  S:Static  D:Dynamic 
  MAC ADDR         MASK             VLAN ID   PRIO   STATE 
  -------------------------------------------------------- 
  000d-88f8-4e71   ffff-ffff-ffff   100       0      S 
  0014-222c-aa69   ffff-ffff-ffff   200       0      S 
 
  Total MAC VLAN address count:2 
Configuration guidelines 
1. MAC-based VLAN can be configured only on hybrid ports. 
2. MAC-based VLAN is usually configured on the down link ports of access layer devices, and cannot 
be configured together with th e link aggregation function.  
Configuring protocol-based VLANs 
Introduction to protocol-based VLAN 
You use the protocol-based VLAN feature to assign packets to VLANs by their application type. 
The protocol-based VLAN feature assigns inbound pac kets to different VLANs based on their protocol 
type and encapsulation format. The protocols available for VLAN assignment include IP, IPX, and 
AppleTalk (AT), and the encapsulation formats include Ethernet II, 802.3 raw, 802.2 LLC, and 802.2 
SNAP. 
A protocol template defines a protocol type and an  encapsulation format. A protocol-based VLAN ID 
and a protocol index, combined, can uniquely identify a protocol template. You can assign multiple 
protocol templates to a protocol-based VLAN.  
Protocol-based VLAN assignment is available only on hybrid ports, and a protocol template applies only 
to untagged packets.  
When an untagged packet arrives, a protocol-based VLAN assignment enabled hybrid port processes 
the packet by using the following workflow: 
•   If the protocol type and encapsulation format in the packet matches a protocol template, the packet 
is tagged with the VLAN tag specific to the protocol template.  
•   If no protocol template is matched, the pac ket is tagged with the PVID of the port.  
The port processes a tagged packet as it processes tagged packets of a port-based VLAN. 
•   If the port is in the same VLAN as the packet, it forwards the packet.  
•   If not, the port drops the packet. 
Configuration restrictions and guidelines 
A protocol-based VLAN processes only untagged inbound packets, whereas the voice VLAN in 
automatic mode processes only tagged voice traffic.  Do not configure a VLAN as both a protocol-based 
VLAN and a voice VLAN. For more information, see  Configuring a voice VLAN.
    Add page 346 to Favourites
    image text
    Enable zoom 
    							 135 
Configuration procedure 
To configure a protocol-based VLAN:  
Step Command Remarks 
1.  Enter system view. 
system-view  N/A 
2.  Enter VLAN view. 
vlan vlan-id   If the specified VLAN does not exist, this 
command creates the VLAN first. 
3.
  Create a protocol 
template for the 
VLAN.  protocol-vlan
 [ protocol-index  ] { at 
|  ipv4  | ipv6  | ipx {  ethernetii  | llc  
|  raw  |  snap } | mode  { ethernetii 
etype  etype-id  | llc  { dsap  dsap-id 
[ ssap  ssap-id  ] |  ssap  ssap-id  } | 
snap  etype  etype-id  } }  Not configured by default. 
4.
  Exit VLAN view. 
quit  N/A 
5.  Enter interface 
view or port group 
view. 
• Enter Layer 2 Ethernet interface 
view: 
interface interface-type 
interface-number 
• Enter Layer 2 aggregate 
interface view: 
interface bridge-aggregation 
interface-number 
• Enter port group view: 
port-group manual 
port-group-name   Use any command. 
•
 The configuration made in Ethernet 
interface view applies only to the port. 
• The configuration made in port group 
view applies to all ports in the port group.
 
• The configuration made in Layer 2 
aggregate interface view applies to the 
aggregate interface and its aggregation 
member ports. If the system fails to apply 
the configuration to the aggregate 
interface, it stops applying the 
configuration to aggregation member 
ports. If the system fails to apply the 
configuration to an aggregation member 
port, it skips the port and moves to the 
next member port.  
6.   Configure the port 
link type as hybrid.  port link-type
 hybrid  By default, all ports are access ports. 
7.  Assign the hybrid 
port to the 
specified 
protocol-based 
VLANs.  port hybrid
 vlan  vlan-id-list  { tagged  
|  untagged  }  By default, a hybrid port is only in VLAN 1. 
 
8.
  Assign the protocol 
template you have 
created to the 
hybrid port.  port hybrid protocol-vlan
 vlan  
vlan-id  { protocol-index  [ to 
protocol-end  ] | all }  N/A 
 
Protocol-based VLAN configuration example 
Network requirements 
In a lab environment, as shown in 
Figure 43, mo st hosts run the IPv4 protocol, and the rest of the hosts 
run the IPv6 protocol for teaching purposes. To avoid interference, isolate IPv4 tr affic and IPv6 traffic at 
Layer 2.
    Add page 347 to Favourites
    image text
    Enable zoom 
    							 136 
Figure 43 Network diagram 
 
 
Configuration consideration 
Create VLANs 100 and 200. Associate VLAN 100 with IPv4, and associate VLAN 200 with IPv6. 
Configure protocol-based VLANs to isolate IPv4 traffic and IPv6 traffic at Layer 2. 
Configuration procedure 
1. Configure Device: 
# Create VLAN 100, and assign port GigabitEthernet 1/0/11 to VLAN 100. 
 system-view 
[Device] vlan 100 
[Device-vlan100] description protocol VLAN for IPv4 
[Device-vlan100] port gigabitethernet 1/0/11 
[Device-vlan100] quit 
# Create VLAN 200, and assign port GigabitEthernet 1/0/12 to VLAN 200. 
[Device] vlan 200 
[Device-vlan200] description protocol VLAN for IPv6 
[Device-vlan200] port gigabitethernet 1/0/12 
# Create an IPv6 protocol template in the view of  VLAN 200, and create an IPv4 protocol template 
in the view of VLAN 100.  
[Device-vlan200] protocol-vlan 1 ipv6 
[Device-vlan200] quit 
[Device] vlan 100 
[Device-vlan100] protocol-vlan 1 ipv4 
[Device-vlan100] quit 
# Configure port GigabitEthernet 1/0/1 as a hybrid port that forwards packets of VLANs 100 
and 200 untagged. 
[Device] interface gigabitethernet 1/0/1 
[Device-GigabitEthernet1/0/1] port link-type hybrid
    Add page 348 to Favourites
    image text
    Enable zoom 
    							 137 
[Device-GigabitEthernet1/0/1] port hybrid vlan 100 200 untagged 
 Please wait... Done. 
# Associate port GigabitEthernet 1/0/1 with the IPv4 protocol template of VLAN 100 and the 
IPv6 protocol template of VLAN 200. 
[Device-GigabitEthernet1/0/1] port hybrid protocol-vlan vlan 100 1 
[Device-GigabitEthernet1/0/1] port hybrid protocol-vlan vlan 200 1 
[Device-GigabitEthernet1/0/1] quit 
# Configure GigabitEthernet 1/0/2 as a hybrid port that forwards packets of VLANs 100 and 
200 untagged, and associate GigabitEthernet 1/0/2 with the IPv4 protocol template of VLAN 
100 and the IPv6 protocol template of VLAN 200. 
[Device] interface gigabitethernet 1/0/2 
[Device-GigabitEthernet1/0/2] port link-type hybrid 
[Device-GigabitEthernet1/0/2] port hybrid vlan 100 200 untagged 
 Please wait... Done. 
[Device-GigabitEthernet1/0/2] port hybrid protocol-vlan vlan 100 1 
[Device-GigabitEthernet1/0/2] port hybrid protocol-vlan vlan 200 1 
2.  Keep the default settings of L2 Switch A and L2 Switch B. 
3. Configure IPv4 Host A, IPv4 Host B, and IPv4 Server to be on the same IP subnet 
(192.168.100.0/24, for example), and configure IPv6 Host A, IPv6 Host B, and IPv6 Server to be 
on the same IP subnet (2001::1/64, for example). 
Verifying the configurations 
1. The hosts and the server in VLAN 100 can ping on e another successfully. The hosts and the server 
in VLAN 200 can ping one anothe r successfully. The hosts or server in VLAN 100 cannot ping the 
hosts and server in VLAN 200, and vice versa. 
2.  Display protocol-based VLAN information on Device  to determine whether the configurations have 
become valid. 
# Display protocol-based VLAN configuration on Device. 
[Device-GigabitEthernet1/0/2] display protocol-vlan vlan all 
 VLAN ID:100 
    Protocol Index      Protocol Type 
 ====================================================== 
          1              ipv4 
 VLAN ID:200 
    Protocol Index      Protocol Type 
 ====================================================== 
          1              ipv6 
# Display protocol-based VLAN information on the ports of Device. 
[Device-GigabitEthernet1/0/2] display protocol-vlan interface all 
 Interface: GigabitEthernet 1/0/1 
   VLAN ID   Protocol Index      Protocol Type 
 ====================================================== 
     100          1               ipv4 
     200          1               ipv6 
 Interface: GigabitEthernet 1/0/2 
   VLAN ID   Protocol Index      Protocol Type 
 ====================================================== 
     100          1               ipv4
    Add page 349 to Favourites
    image text
    Enable zoom 
    							 138 
     200          1               ipv6 
Configuration guidelines 
Protocol-based VLAN configuration applies only to hybrid ports.  
Configuring IP subnet-based VLANs 
In this approach, packets are assigned to VLANs based on their source IP addresses and subnet masks. 
A port configured with IP subnet-based VLANs assigns a received untagged packet to a VLAN based on 
the source address of the packet.  
This feature is used to assign packets from the specified IP subnet or IP address to a specific VLAN.  
Configuration procedure  
 IMPORTANT: 
This feature is applicable only on hybrid ports. 
 
To configure an IP subnet-based VLAN:  
Step Command Remarks 
1.
  Enter system view. 
system-view  N/A 
2.  Enter VLAN view. 
vlan vlan-id  N/A 
3.  Associate an IP subnet 
with the VLAN.  ip-subnet-vlan
 [ ip-subnet-index  ] ip 
ip-address  [ mask ]  The IP subnet or IP address to be 
associated with a VLAN cannot be a 
multicast subnet or a multicast address.  
4.
  Return to system view. 
quit  N/A 
5.  Enter interface view or 
port group view. 
• Enter Layer 2 Ethernet interface 
view: 
interface interface-type 
interface-number 
• Enter Layer 2 aggregate 
interface view: 
interface bridge-aggregation 
interface-number 
• Enter port group view: 
port-group manual 
port-group-name   Use any command. 
•
 The configuration made in Ethernet 
interface view applies only to the port.
 
• The configuration made in port group 
view applies to all ports in the port 
group. 
• The configuration made in Layer 2 
aggregate interface view applies to 
the aggregate interface and its 
aggregation member ports. If the 
system fails to apply the configuration 
to the aggregate interface, it stops 
applying the configuration to 
aggregation member ports. If the 
system fails to apply the configuration 
to an aggregation member port, it 
skips the port and moves to the next 
member port.  
6.   Configure port link 
type as hybrid.  port link-type
 hybrid  By default, all ports are access ports.
    Add page 350 to Favourites
    image text
    Enable zoom 
    							 139 
Step Command Remarks 
7.  Configure the hybrid 
ports to permit the 
specified IP 
subnet-based VLANs 
to pass through.  port hybrid
 vlan  vlan-id-list 
{  tagged  | untagged  }  By default, a hybrid port allows only 
packets from VLAN 1 to pass through 
untagged.  
8.
  Associate the hybrid 
ports with the specified 
IP subnet-based VLAN.  port hybrid ip-subnet-vlan
 vlan  
vlan-id    Not configured by default. 
 
IP subnet-based VLAN configuration example 
Network requirements 
As shown in 
Figure 44, the h osts in the office belong to di fferent IP subnets 192.168.5.0/24 and 
192.168.50.0/24. 
Configure Device C to transmit packets over separate VLANs based on their source IP addresses. 
Figure 44  Network diagram 
 
 
Configuration consideration 
•  Create VLANs 100 and 200. 
•   Associate IP subnets with the VLANs. 
•   Assign ports to the VLANs. 
Configuration procedure 
# Associate IP subnet 192.168.5.0/24 with VLAN 100. 
 system-view
    All HP manuals Comments (0)

    Related Manuals for HP 5500 Ei 5500 Si Switch Series Configuration Guide