HP 5500 Ei 5500 Si Switch Series Configuration Guide
Have a look at the manual HP 5500 Ei 5500 Si Switch Series Configuration Guide online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 1114 HP manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
210 Step Command Remarks 1. Enter system view. system-view N/A 2. Create a class and enter class view. traffic classifier tcl-name [ operator and ] Repeat these steps to create one class for each local SVLAN and foreign CVLAN pair. 3. Specify a foreign CVLAN as a match criterion. if-match customer-vlan-id vlan-id 4. Specify a local SVLAN as a match criterion. if-match service-vlan-id vlan-id 5. Return to system view. quit 6. Create a traffic behavior and enter traffic behavior view. traffic behavior behavior-name Repeat these steps to configure one CVLAN marking action for each local SVLAN and foreign CVLAN pair. 7. Configure a CVLAN marking action to replace the foreign CVLAN ID with a local CVLAN ID. remark customer-vlan-id vlan-id 8. Return to system view. quit 9. Create a QoS policy and enter QoS policy view. qos policy policy-name N/A 10. Associate the class with the behavior. classifier tcl-name behavior behavior-name Repeat this step to create other class-behavior associations. Configuring a downlink policy for the customer-side port The downlink policy on the customer-side port re places local SVLAN and CVLAN pairs with foreign SVLAN and CVLAN pairs. To configure a downlink policy for the customer-side port: Step Command Remarks 1. Enter system view. system-view N/A 2. Create a class and enter class view. traffic classifier tcl-name [ operator and ] Repeat these steps to create one class for each local CVLAN and SVLAN pair. 3. Specify a local CVLAN as a match criterion. if-match customer-vlan-id vlan-id 4. Specify a local SVLAN as a match criterion. if-match service-vlan-id vlan-id 5. Return to system view. quit 6. Create a traffic behavior and enter traffic behavior view. traffic behavior behavior-name Repeat these steps to create one VLAN marking behavior for each local CVLAN and SVLAN pair. 7. Configure a CVLAN marking action to replace the local CVLAN ID with a foreign CVLAN ID. remark customer-vlan-id vlan-id 8. Configure an SVLAN marking action to replace the local SVLAN ID with a foreign SVLAN ID. remark service-vlan-id vlan-id 9. Return to system view. quit
211 Step Command Remarks 10. Create a QoS policy and enter QoS policy view. qos policy policy-name N/A 11. Associate the class with the behavior. classifier tcl-name behavior behavior-name Repeat this step to create other class-behavior associations. Configuring the customer-side port To configure the customer-side port: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter Ethernet interface view. interface interface-type interface-number N/A 3. Configure the port as a trunk port. port link-type trunk The default link type of an Ethernet port is access. 4. Assign the port to the local SVLANs. port trunk permit vlan { vlan-id-list | all } By default, a trunk port is in only VLAN 1. 5. Apply the uplink policy configured for the customer-side port to the incoming traffic. qos apply policy policy-name inbound N/A 6. Apply the downlink policy configured for the customer-side port to the outgoing traffic. qos apply policy policy-name outbound N/A Configuring the network-side port To configure the network-side port: Step Command Remarks 1. Enter system view. system-view N/A 2. Enter Ethernet interface view. interface interface-type interface-number N/A 3. Configure the port as a trunk port. port link-type trunk The default link type of an Ethernet port is access. 4. Assign the port to local SVLANs. port trunk permit vlan { vlan-id-list | all } By default, a trunk port is in only VLAN 1. 5. Apply the uplink policy for the network-side port to the outgoing traffic. qos apply policy policy-name outbound N/A
212 VLAN mapping configuration examples One-to-one and many-to-one VLAN mapping configuration example Network requirements As shown in Figure 70: • E ach home is offered PC, VoD, and VoIP services, connects to a wiring-closet switch through the home gateway, and obtains the IP address through DHCP. • VL AN 1 is assigned for PC traffic, VL AN 2 is assigned for VoD traffic, and VL AN 3 is assigned for VoIP service traffic on the home gateways. Assign one VLAN for each type of traffic from each user on the wiring-closet switches, so that traffic of the same service type from different homes is isolated. Pe r fo rm m a ny - to - o ne VL A N m ap pi n g o n th e c a mp us swi tch ( Swi tch C ) to t ra n s mi t t he s a me t yp e of t ra f fic from different homes in one VLAN: use VLAN 501 for PC traffic, VLAN 502 for VoD traffic, and VLAN 503 for VoIP traffic, so that the VLAN resources are saved.
213 Figure 70 Network diagram Configuration procedure 1. Configure Switch A: # Create the CVLANs and the SVLANs. system-view [SwitchA] vlan 2 to 3 [SwitchA] vlan 101 to 102 [SwitchA] vlan 201 to 202 [SwitchA] vlan 301 to 302 # Configure uplink policies p1 and p2 to enable one SVLAN to transmit one service for one customer. [SwitchA] traffic classifier c1 [SwitchA-classifier-c1] if-match customer-vlan-id 1
214 [SwitchA-classifier-c1] traffic classifier c2 [SwitchA-classifier-c2] if-match customer-vlan-id 2 [SwitchA-classifier-c2] traffic classifier c3 [SwitchA-classifier-c3] if-match customer-vlan-id 3 [SwitchA-classifier-c3] quit [SwitchA] traffic behavior b1 [SwitchA-behavior-b1] remark service-vlan-id 101 [SwitchA-behavior-b1] traffic behavior b2 [SwitchA-behavior-b2] remark service-vlan-id 201 [SwitchA-behavior-b2] traffic behavior b3 [SwitchA-behavior-b3] remark service-vlan-id 301 [SwitchA-behavior-b3] traffic behavior b4 [SwitchA-behavior-b4] remark service-vlan-id 102 [SwitchA-behavior-b4] traffic behavior b5 [SwitchA-behavior-b5] remark service-vlan-id 202 [SwitchA-behavior-b5] traffic behavior b6 [SwitchA-behavior-b6] remark service-vlan-id 302 [SwitchA-behavior-b6] quit [SwitchA] qos policy p1 [SwitchA-policy-p1] classifier c1 behavior b1 [SwitchA-policy-p1] classifier c2 behavior b2 [SwitchA-policy-p1] classifier c3 behavior b3 [SwitchA-policy-p1] quit [SwitchA] qos policy p2 [SwitchA-policy-p2] classifier c1 behavior b4 [SwitchA-policy-p2] classifier c2 behavior b5 [SwitchA-policy-p2] classifier c3 behavior b6 [SwitchA-policy-p2] quit # Configure downlink policies p11 and p22 to map the SVLANs back to the CVLANs. [SwitchA] traffic classifier c11 [SwitchA-classifier-c11] if-match service-vlan-id 101 [SwitchA-classifier-c11] traffic classifier c22 [SwitchA-classifier-c22] if-match service-vlan-id 201 [SwitchA-classifier-c22] traffic classifier c33 [SwitchA-classifier-c33] if-match service-vlan-id 301 [SwitchA-classifier-c33] traffic classifier c44 [SwitchA-classifier-c44] if-match service-vlan-id 102 [SwitchA-classifier-c44] traffic classifier c55 [SwitchA-classifier-c55] if-match service-vlan-id 202 [SwitchA-classifier-c55] traffic classifier c66 [SwitchA-classifier-c66] if-match service-vlan-id 302 [SwitchA-classifier-c66] quit [SwitchA] traffic behavior b11 [SwitchA-behavior-b11] remark customer-vlan-id 1 [SwitchA-behavior-b11] traffic behavior b22 [SwitchA-behavior-b22] remark customer-vlan-id 2 [SwitchA-behavior-b22] traffic behavior b33 [SwitchA-behavior-b33] remark customer-vlan-id 3
215 [SwitchA-behavior-b33] quit [SwitchA] qos policy p11 [SwitchA-policy-p11] classifier c11 behavior b11 [SwitchA-policy-p11] classifier c22 behavior b22 [SwitchA-policy-p11] classifier c33 behavior b33 [SwitchA-policy-p11] quit [SwitchA] qos policy p22 [SwitchA-policy-p22] classifier c44 behavior b11 [SwitchA-policy-p22] classifier c55 behavior b22 [SwitchA-policy-p22] classifier c66 behavior b33 [SwitchA-policy-p22] quit # Assign customer-side port GigabitEthernet 1/0/1 to CVLANs 1 to 3, and SVLANs 101, 201, and 301, and enable basic QinQ, and apply uplink policy p1 to the incoming traffic and downlink policy p11 to the outgoing traffic. [SwitchA] interface gigabitethernet 1/0/1 [SwitchA-GigabitEthernet1/0/1] port link-type trunk [SwitchA-GigabitEthernet1/0/1] port trunk permit vlan 1 2 3 101 201 301 \ [SwitchA-GigabitEthernet1/0/1] qinq enable [SwitchA-GigabitEthernet1/0/1] qos apply policy p1 inbound [SwitchA-GigabitEthernet1/0/1] qos apply policy p11 outbound [SwitchA-GigabitEthernet1/0/1] quit # Assign customer-side port GigabitEthernet 1/ 0/2 to CVLANs 1 to 3, and SVLANs 102, 202, and 302, enable basic QinQ, and apply uplink policy p2 to the incoming traffic and downlink policy p22 to the outgoing traffic. [SwitchA] interface gigabitethernet 1/0/2 [SwitchA-GigabitEthernet1/0/2] port link-type trunk [SwitchA-GigabitEthernet1/0/2] port trunk permit vlan 1 2 3 102 202 302 \ [SwitchA-GigabitEthernet1/0/2] qinq enable [SwitchA-GigabitEthernet1/0/2] qos apply policy p2 inbound [SwitchA-GigabitEthernet1/0/2] qos apply policy p22 outbound [SwitchA-GigabitEthernet1/0/2] quit # Assign network-side port GigabitEthernet 1/0/3 to all SVLANs. [SwitchA] interface gigabitethernet 1/0/3 [SwitchA-GigabitEthernet1/0/3] port link-type trunk [SwitchA-GigabitEthernet1/0/3] port trunk permit vlan 101 201 301 102 20\ 2 302 2. Configure Switch B: Configure Switch B by using the same procedure as on Switch A. 3. Configure Switch C: # Enable DHCP snooping. system-view [SwitchC] dhcp-snooping # Create the CVLANs and SVLANs, and enable ARP detection in each VLAN. [SwitchC] vlan 101 [SwitchC-vlan101] arp detection enable [SwitchC-vlan101] vlan 201 [SwitchC-vlan201] arp detection enable [SwitchC-vlan201] vlan 301
216 [SwitchC-vlan301] arp detection enable [SwitchC-vlan301] vlan 102 [SwitchC-vlan102] arp detection enable [SwitchC-vlan102] vlan 202 [SwitchC-vlan202] arp detection enable [SwitchC-vlan202] vlan 302 [SwitchC-vlan302] arp detection enable [SwitchC-vlan302] vlan 103 [SwitchC-vlan103] arp detection enable [SwitchC-vlan103] vlan 203 [SwitchC-vlan203] arp detection enable [SwitchC-vlan203] vlan 303 [SwitchC-vlan303] arp detection enable [SwitchC-vlan303] vlan 104 [SwitchC-vlan104] arp detection enable [SwitchC-vlan104] vlan 204 [SwitchC-vlan204] arp detection enable [SwitchC-vlan204] vlan 304 [SwitchC-vlan304] arp detection enable [SwitchC-vlan304] vlan 501 [SwitchC-vlan501] arp detection enable [SwitchC-vlan501] vlan 502 [SwitchC-vlan502] arp detection enable [SwitchC-vlan502] vlan 503 [SwitchC-vlan503] arp detection enable [SwitchC-vlan503] quit # Configure uplink policies p1 and p2 to enable one SVLAN to transmit the same type of traffic from different customers. [SwitchC] traffic classifier c1 [SwitchC-classifier-c1] if-match customer-vlan-id 101 to 102 [SwitchC-classifier-c1] traffic classifier c2 [SwitchC-classifier-c2] if-match customer-vlan-id 201 to 202 [SwitchC-classifier-c2] traffic classifier c3 [SwitchC-classifier-c3] if-match customer-vlan-id 301 to 302 [SwitchC-classifier-c3] traffic classifier c4 [SwitchC-classifier-c4] if-match customer-vlan-id 103 to 104 [SwitchC-classifier-c4] traffic classifier c5 [SwitchC-classifier-c5] if-match customer-vlan-id 203 to 204 [SwitchC-classifier-c5] traffic classifier c6 [SwitchC-classifier-c6] if-match customer-vlan-id 303 to 304 [SwitchC-classifier-c6] quit [SwitchC] traffic behavior b1 [SwitchC-behavior-b1] remark service-vlan-id 501 [SwitchC-behavior-b1] traffic behavior b2 [SwitchC-behavior-b2] remark service-vlan-id 502 [SwitchC-behavior-b2] traffic behavior b3 [SwitchC-behavior-b3] remark service-vlan-id 503 [SwitchC-behavior-b3] quit
217 [SwitchC] qos policy p1 [SwitchC-policy-p1] classifier c1 behavior b1 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p1] classifier c2 behavior b2 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p1] classifier c3 behavior b3 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p1] quit [SwitchC] qos policy p2 [SwitchC-policy-p2] classifier c4 behavior b1 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p2] classifier c5 behavior b2 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p2] classifier c6 behavior b3 mode dot1q-tag-manipulatio\ n [SwitchC-policy-p2] quit # Assign customer-side port GigabitEthernet 1/0/1 to CVLANs 101, 201, 301, 102, 202, 302, and SVLANs 501 to 503. On this port, also enabl e customer-side QinQ, and apply uplink policy p1 to the incoming traffic. [SwitchC] interface gigabitethernet 1/0/1 [SwitchC-GigabitEthernet1/0/1] port link-type trunk [SwitchC-GigabitEthernet1/0/1] port trunk permit vlan 101 201 301 102 20\ 2 302 501 502 503 [SwitchC-GigabitEthernet1/0/1] qinq enable downlink [SwitchC-GigabitEthernet1/0/1] qos apply policy p1 inbound [SwitchC-GigabitEthernet1/0/1] quit # Assign customer-side port GigabitEthernet 1/0/2 to CVLANs 103, 203, 303, 104, 204, 304, and SVLANs 501 to 503. On this port, also enabl e customer-side QinQ, and apply uplink policy p2 to the incoming traffic. [SwitchC] interface gigabitethernet 1/0/2 [SwitchC-GigabitEthernet1/0/2] port link-type trunk [SwitchC-GigabitEthernet1/0/2] port trunk permit vlan 103 203 303 104 20\ 4 304 501 502 503 [SwitchC-GigabitEthernet1/0/2] qinq enable downlink [SwitchC-GigabitEthernet1/0/2] qos apply policy p2 inbound [SwitchC-GigabitEthernet1/0/2] quit # Assign network-side GigabitEthernet 1/0/3 to SVLANs 501 to 503, set the port as a DHCP and ARP trusted port, and enable network-side QinQ. [SwitchC] interface gigabitethernet 1/0/3 [SwitchC-GigabitEthernet1/0/3] port link-type trunk [SwitchC-GigabitEthernet1/0/3] port trunk permit vlan 501 502 503 [SwitchC-GigabitEthernet1/0/3] dhcp-snooping trust [SwitchC-GigabitEthernet1/0/3] arp detection trust [SwitchC-GigabitEthernet1/0/3] qinq enable uplink 4. Configure Switch D: # Enable DHCP snooping. system-view [SwitchD] dhcp-snooping # Assign port GigabitEthernet 1/0/1 to SVLANs 501 to 503. [SwitchD] interface gigabitethernet 1/0/1 [SwitchD-GigabitEthernet1/0/1] port link-type trunk [SwitchD-GigabitEthernet1/0/1] port trunk permit vlan 501 502 503
218 Two-to-two VLAN mapping configuration example Network requirements As shown in Figure 71, two VPN A branches, Site 1 and Site 2, are in VLAN 10 and VLAN 30, respectively. The two site use different VPN access services of different service providers, SP 1 and SP 2. SP 1 assigns VLAN 100 for Site 1, and SP 2 assigns VLAN 200 for Site 2. Configure two-to-two VLAN mappings to enable the two branches to communicate across networks SP 1 and SP 2. Figure 71 Network diagram Configuration procedure 1. Configure PE 1: # Configure QinQ function on GigabitEthernet 1/0/1 to add outer VLAN tag 100 to the traffic tagged with VLAN 10. system-view [PE1] interface gigabitethernet 1/0/1 [PE1-GigabitEthernet1/0/1] port access vlan 100 [PE1-GigabitEthernet1/0/1] qinq enable [PE1-GigabitEthernet1/0/1] quit # Configure the uplink port GigabitEthernet 1/0/2 to permit frames of VLAN 100 to pass through. [PE1] interface gigabitethernet 1/0/2 [PE1-GigabitEthernet1/0/2] port link-type trunk [PE1-GigabitEthernet1/0/2] port trunk permit vlan 100 2. Configure PE 2: # Set port GigabitEthernet 1/0/1 as a trunk port, and assign it to VLAN 100. system-view [PE2] interface gigabitethernet 1/0/1 [PE2-GigabitEthernet1/0/1] port link-type trunk [PE2-GigabitEthernet1/0/1] port trunk permit vlan 100 [PE2-GigabitEthernet1/0/1] quit # Set port GigabitEthernet 1/0/2 as a trunk port, and assign it to VLAN 100. [PE2] interface gigabitethernet 1/0/2 [PE2-GigabitEthernet1/0/2] port link-type trunk [PE2-GigabitEthernet1/0/2] port trunk permit vlan 100
219 3. Configure PE 3: # Configure an uplink policy down_uplink for customer-side port GigabitEthernet 1/0/1 to substitute SVLAN ID 200 for the SVLAN ID in the incoming traffic tagged with CVLAN 10 and SVLAN 100. system-view [PE3] traffic classifier down_uplink [PE3-classifier-down_uplink] if-match customer-vlan-id 10 [PE3-classifier-down_uplink] if-match service-vlan-id 100 [PE3-classifier-down_uplink] quit [PE3] traffic behavior down_uplink [PE3-behavior-down_uplink] remark service-vlan-id 200 [PE3-behavior-down_uplink] quit [PE3] qos policy down_uplink [PE3-qospolicy-down_uplink] classifier down_uplink behavior down_uplink \ [PE3-qospolicy-down_uplink] quit # Configure a downlink policy down_downlink for customer-side port GigabitEthernet 1/0/1 to substitute CVLAN 10 and SVLAN 100 for traffi c tagged with CVLAN 30 and SVLAN 200. [PE3] traffic classifier down_downlink [PE3-classifier-down_downlink] if-match customer-vlan-id 30 [PE3-classifier-down_downlink] if-match service-vlan-id 200 [PE3-classifier-down_downlink] quit [PE3] traffic behavior down_downlink [PE3-behavior-down_downlink] remark customer-vlan-id 10 [PE3-behavior-down_downlink] remark service-vlan-id 100 [PE3-behavior-down_downlink] quit [PE3] qos policy down_downlink [PE3-qospolicy-down_downlink] classifier down_downlink behavior down_dow\ nlink [PE3-qospolicy-down_downlink] quit # Configure an uplink policy up_uplink for network-side port GigabitEthernet 1/0/2 to substitute CVLAN 30 for the CVLAN ID of the outgoing traffic tagged with CVLAN 10 and SVLAN 200. [PE3] traffic classifier up_uplink [PE3-classifier-up_uplink] if-match customer-vlan-id 10 [PE3-classifier-up_uplink] if-match service-vlan-id 200 [PE3-classifier-up_uplink] quit [PE3] traffic behavior up_uplink [PE3-behavior-up_uplink] remark customer-vlan-id 30 [PE3-behavior-up_uplink] quit [PE3] qos policy up_uplink [PE3-qospolicy-up_uplink] classifier up_uplink behavior up_uplink [PE3-qospolicy-up_uplink] quit # Set customer-side port GigabitEthernet 1/0/1 as a trunk port, assign it to VLAN 200, and apply uplink policy down_uplink to the incoming traffic and downlink policy down_downlink to the outgoing traffic on the port. [PE3] interface gigabitethernet 1/0/1 [PE3-GigabitEthernet1/0/1] port link-type trunk [PE3-GigabitEthernet1/0/1] port trunk permit vlan 200 [PE3-GigabitEthernet1/0/1] qos apply policy down_uplink inbound [PE3-GigabitEthernet1/0/1] qos apply policy down_downlink outbound