You are on page 1of 33

Operation Manual – VLAN

H3C S5500-SI Series Ethernet Switches

Table of Contents

Table of Contents
Chapter 1 VLAN Configuration .................................................................................................... 1-1
1.1 VLAN Overview.................................................................................................................. 1-1
1.1.1 Introduction to VLAN ............................................................................................... 1-1
1.1.2 VLAN Classification................................................................................................. 1-2
1.2 Basic VLAN Configuration ................................................................................................. 1-2
1.3 Basic VLAN Interface Configuration .................................................................................. 1-2
1.4 Port-Based VLAN Configuration ........................................................................................ 1-3
1.4.1 Introduction of Port-Based VLAN ............................................................................ 1-3
1.4.2 Configuring an Access Port-Based VLAN............................................................... 1-5
1.4.3 Configuring a Trunk Port-Based VLAN ................................................................... 1-6
1.4.4 Configuring a Hybrid Port-Based VLAN.................................................................. 1-7
1.5 Displaying VLAN Configuration ......................................................................................... 1-8
1.6 VLAN Configuration Example ............................................................................................ 1-9
1.6.1 Network Requirements............................................................................................ 1-9
1.6.2 Network Diagram..................................................................................................... 1-9
1.6.3 Configuration Procedure ......................................................................................... 1-9
Chapter 2 Voice VLAN Configuration.......................................................................................... 2-1
2.1 Voice VLAN Overview ....................................................................................................... 2-1
2.1.1 Automatic and Manual Voice VLAN Modes ............................................................ 2-1
2.1.2 Security and Ordinary Voice VLAN Modes ............................................................. 2-4
2.2 Voice VLAN Configuration ................................................................................................. 2-4
2.2.1 Configuration Prerequisites..................................................................................... 2-4
2.2.2 Configuring Voice VLAN in Automatic Mode .......................................................... 2-5
2.2.3 Configuring Voice VLAN in Manual Mode............................................................... 2-6
2.3 Displaying Voice VLAN...................................................................................................... 2-7
2.4 Voice VLAN Configuration Example .................................................................................. 2-7
2.4.1 Voice VLAN Configuration Example (Automatic Mode).......................................... 2-7
2.4.2 Voice VLAN Configuration Example (Manual Mode) .............................................. 2-9
Chapter 3 GVRP Configuration .................................................................................................... 3-1
3.1 Introduction to GARP......................................................................................................... 3-1
3.1.1 Introduction to GARP .............................................................................................. 3-1
3.1.2 Introduction to GVRP .............................................................................................. 3-3
3.1.3 Protocols and Standards......................................................................................... 3-4
3.2 Configuring GVRP ............................................................................................................. 3-4
3.2.1 Configuring GVRP................................................................................................... 3-4
3.2.2 Setting GARP Timer................................................................................................ 3-5
3.3 Displaying and Maintaining GARP/GVRP ......................................................................... 3-6

i

Operation Manual – VLAN
H3C S5500-SI Series Ethernet Switches

Table of Contents

3.4 GVRP Configuration Example ........................................................................................... 3-7
3.4.1 Example 1 ............................................................................................................... 3-7
3.4.2 Example 2 ............................................................................................................... 3-8
3.4.3 Example 3 ............................................................................................................... 3-9

ii

Operation Manual – VLAN
H3C S5500-SI Series Ethernet Switches

Chapter 1 VLAN Configuration

Chapter 1 VLAN Configuration
1.1 VLAN Overview
1.1.1 Introduction to VLAN
The virtual local area network (VLAN) technology is developed for switches to control
broadcast operations in LANs.
By creating VLANs in a physical LAN, you can divide the LAN into multiple logical LANs,
each of which has a broadcast domain of its own. Hosts in the same VLAN
communicate with each other as if they are in a LAN. However, hosts in different VLANs
cannot communicate with each other directly. In this way, a broadcast frame is confined
within one VLAN, as shown in Figure 1-1.
VLAN A

LAN Switch

VLAN B
VLAN A

LAN Switch

VLAN A

VLAN B

VLAN B

Router

Figure 1-1 A VLAN implementation
A VLAN can span across multiple switches, or even routers. This enables hosts in a
VLAN to be dispersed in a more loose way. That is, hosts in a VLAN can belong to
different physical network segments.
VLAN enjoys the following advantages.
z

Broadcasts are confined to VLANs. This decreases bandwidth utilization and
improves network performance.

z

Network security is improved. Packets of different VLANs are isolated during
transmission. That is, hosts in different VLANs cannot communicate with each
other directly. To enable communications between different VLANs, network
devices operating on Layer 3 (such as routers or Layer 3 switches) are needed.

1-1

This chapter will focus on the port-based VLAN. 1. 1. When the physical position of a host changes. no additional network configuration is required if the host still belongs to the same VLAN. VLAN can be used to group specific hosts.1. and mainly used in realizing the Layer 3 connectivity between different VLANs. VLANs fall into the following six categories: z Port-based VLAN z MAC-based VLAN z Protocol-based VLAN z IP sub network-based VLAN z Policy-based VLAN z Other VLAN H3C S5500-SI Series Ethernet Switch supports the port-based VLAN. this command will first create the VLAN. and then enter VLAN view. 1. 1-2 . the description string of a VLAN is its VLAN ID. such as “VLAN 0001”.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches z Chapter 1 VLAN Configuration Configuration workload is reduced.2 VLAN Classification Depending on how VLANs are established. Optional Specify the description string of the VLAN description text By default.3 Basic VLAN Interface Configuration VLAN interface is a virtual interface in Layer 3 mode.2 Basic VLAN Configuration Table 1-1 Basic VLAN configuration To do… Use the command… Enter system view system-view Create VLANs in bulk vlan { vlan-id1 vlan-id2 | all } Remarks — to Optional Required Create a VLAN and enter VLAN view vlan vlan-id If the specified VLAN does not exist.

4. It defines its VLAN members according to the ports of a switch. Note: Before creating a VLAN interface. Optional Enable Interface the VLAN undo shutdown By default. the description string of a VLAN interface is the name of the VLAN interface.4 Port-Based VLAN Configuration 1. if one or more ports under the VLAN interface are up. After a specified port is added into a specified VLAN.1 Introduction of Port-Based VLAN Port-based VLAN is the simplest and most effective VLAN division method. Optional By default. 1-3 .Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-2 Configure a VLAN interface To do… Use the command… Enter system view system-view Remarks — Required Create a VLAN interface and enter VLAN interface view interface vlan-interface vlan-interface-id Configure IP address of VLAN interface ip address ip-address { mask | mask-length } [ sub ] If the specified VLAN interface does not exist. this command will create it first and then enter VLAN interface view. the port can forward the packets of the specified VLAN. Otherwise. the corresponding VLAN must exist. no IP address is configured for a VLAN interface Optional Specify the description string for the current VLAN interface description text By default. such as “Vlan-interface1 interface”. 1. if all the ports under the VLAN interface are down. the VLAN interface is down. you cannot create the VLAN interface successfully. the VLAN interface is up.

z Both of the trunk port and hybrid port allow multiple VLANs to pass through. You can configure the default VLAN for them.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration I. you cannot configure the voice VLAN as the default VLAN of the ports. For information about the voice VLAN. The way by which a port processes incoming and outgoing packets depends on the link type and default VLAN configured on it. a trunk port or hybrid port can use the presently nonexistent VLAN as the default VLAN. it is generally used to connect a switch. An access port belongs to only one VLAN. Default VLAN You can configure a VLAN for a port. An access port is generally used to connect a user device. for a trunk or a hybrid port. the default VLAN of all the ports is VLAN 1. refer to Chapter 2 Voice VLAN Configuration. for an access port. A hybrid port can also belong to more than one VLAN and receives/sends the packets of multiple VLANs. By default. its default VLAN restore to VLAN 1. Refer to the following table for details: 1-4 . you can also configure a default VLAN for the port. z Trunk. In additional. z Hybrid. If you do so. II. The difference between the hybrid port and the trunk port is that: z A hybrid port allows the packets from multiple VLANs to be sent without tags. it is used to connect a switch or a user device. A trunk port can belong to more than one VLAN and receives/sends the packets of multiple VLANs. z A trunk port only allows the packets from the default VLAN to be sent without tags. Link Type of an Ethernet Port Depending on how a port processes VLAN tags when it forwards packets. that is. z After you delete the default VLAN of a port through the undo vlan command. But you can configure it as needed. the link type of the port can be one of the following three types: z Access. its default VLAN configuration remain unchanged. z The default VLAN of an access port is the VLAN the access port belongs to and cannot be configured. Note: For ports of a voice VLAN in automatic mode. it strips VLAN tags when sending the packets of the VLAN. the system will prompt that you cannot perform the configuration.

Drop the packet when the VLAN ID is different with the default VLAN ID. Drop the packet when the VLAN ID is different with the default ID and is not allowed on the port.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-3 Incoming and outgoing packets Incoming packet Port type If no tag is carried in the packet Outgoing packet If a tag is carried in the packet z Access port z Receive the packet when the VLAN ID (recorded in the tag) is the same with the default VLAN ID.4. remove the tag of the packet first and then send the packet. z z Trunk port Encapsulate the default VLAN tag to the packet z z Hybrid port Receive the packet when the VLAN ID (recorded in the tag) is the same with the default VLAN ID. or configure it in Ethernet port view/port group view. When the VLAN ID is allowed on the port. Receive the packet when the VLAN ID is different with the default VLAN ID but is allowed on the port. send the packet. keep the original tag and send the packet. z When the VLAN ID is the same with the default VLAN ID. When the VLAN ID is different with the default VLAN ID but is allowed on the port. 1. You can configure whether or not to carry tags in the outgoing packets of a VLAN (including default VLAN) through the port hybrid vlan command. 1-5 . Remove the tag and send the packet directly for the VLAN ID is just the default VLAN ID.2 Configuring an Access Port-Based VLAN You can configure an access port-based VLAN in two ways: configure it in VLAN view.

Required By default.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-4 Configure an access port-based VLAN (in VLAN view) To do… Enter system view Use the command… system-view Remarks — Required Enter VLAN view Add an Ethernet port to a specified VLAN vlan vlan-id If the specified VLAN does not exist. this command will create the VLAN first and then enter VLAN view of the VLAN. Required port interface-list By default. 1. all access ports belong to VLAN 1. and you can configure it in Ethernet port view/port group view. the following settings are effective on all ports in the port group Optional Configure a port as an access port port link-type access Add the current access port to a specified VLAN port access vlan vlan-id By default.3 Configuring a Trunk Port-Based VLAN A trunk port allows multiple VLANs to pass. a port is an access port. 1-6 . configured in port group view. the system adds all ports to VLAN 1. Table 1-5 Configure an access port-based VLAN (in Ethernet port view or port group view) To do… Enter system view Enter Ethernet port view or port group view Use the command… system-view Enter Ethernet port view interface interface-type interface-number Enter port group view port-group { manual port-group-name | aggregation agg-id } Remarks — Use either command Configured in Ethernet port view. the following settings are effective on the current port only.4. Note: You must add an access port to an existing VLAN.

and you can configure it in Ethernet port view/port group view. and then specify the access port as a hybrid port. Required By default. z The default VLAN ID of the trunk port on the local switch must be the same as that of the trunk port on the peer switch. the packets of the default VLAN cannot be transmitted correctly from the local end to the peer end. 1-7 . the link type of a port is access.4. For example. Otherwise. all trunk ports only allow the packets of VLAN 1 to pass. configured in port group view. 1.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-6 Configure a trunk port-based VLAN To do… Enter system view Enter Ethernet port view or port group view Use the command… Remarks — system-view Enter Ethernet port view interface interface-type interface-number Enter port group view port-group { manual port-group-name | aggregation agg-id } Use either command Configured in Ethernet port view. a trunk port cannot be configured to be a hybrid port directly. the following settings are effective on all ports in the port group Required Configure a port as a trunk port port link-type trunk Add the current trunk port to specified VLANs port trunk permit vlan { vlan-id-list | all } By default. the default VLAN of the trunk port is VLAN 1 Note: z A trunk port and a hybrid port cannot switch to each other directly but must be configured as an access port first. Optional Set the default VLAN for the trunk port port trunk vlan-id pvid vlan By default.4 Configuring a Hybrid Port-Based VLAN A hybrid port allows multiple VLANs to pass. the following settings are effective on the current port only. you must specify the trunk port as an access port first.

all hybrid ports only allow VLAN 1 packets to pass. the following settings are effective on all ports in the port group Required Configure a port as a Hybrid port port link-type hybrid Add the current hybrid port to specified VLANs port hybrid vlan vlan-id-list { tagged | untagged } Set the default VLAN for the hybrid port. Required By default. and to verify the effect of the configuration. For example. You must specify the trunk port as an access port first. Optional pvid vlan By default. the default VLAN of the hybrid port is VLAN 1 Note: z A trunk port and a hybrid port cannot switch to each other directly but must be configured as an access port first. 1-8 . the following settings are effective on the current port only. the link type of a port is access.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-7 Configure a hybrid port-based VLAN To do… Enter system view Enter Ethernet port view or port group view Use the command… Remarks — system-view Enter Ethernet port view interface interface-type interface-number Enter port group view port-group { manual port-group-name | aggregation agg-id } Use either command Configured in Ethernet port view. you can execute the display command in any view to view the running of the VLAN configuration. configured in port group view. port hybrid vlan-id By default.5 Displaying VLAN Configuration After the above configuration. 1. a trunk port cannot be configured to be a hybrid port directly. z The VLANs configured to be permitted to pass through a hybrid port must exist. and then specify the access port to a hybrid port.

.6. 1.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration Table 1-8 Display the information about specified VLANs To do… Use the command… Display the information about specified VLANs display vlan [ vlan-id1 [ to vlan-id2 ] | all | static | dynamic | reserved ] Display the information about specified VLAN interface Remarks Available in any view display interface vlan-interface [ vlan-interface-id ] 1.6.. z The port permits the packets from VLAN 2. VLAN 6 through 50.1 Network Requirements z Switch A connects with Switch B through the trunk port GigabitEthernet1/0/1. Done. and VLAN 100 to pass. [Sysname] interface GigabitEthernet 1/0/1 1-9 .2 Network Diagram GigabitEthernet1/0/1 Switch A Switch B Figure 1-2 Network diagram for port-based VLAN configuration 1. VLAN 6 through VLAN 50 and VLAN 100.6. z The default VLAN ID of the port is 100. # Enter Ethernet port view of GigabitEthernet1/0/1.6 VLAN Configuration Example 1.3 Configuration Procedure 1) Configure Switch A # Create VLAN 2. <Sysname> system-view [Sysname] vlan 2 [Sysname-vlan2] quit [Sysname] vlan 100 [Sysname-vlan100] quit [Sysname] vlan 6 to 50 Please wait.

Done. 1-10 . and VLAN 100 to pass.. 2) Configuration on Switch B is the same as that on Switch A..Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 1 VLAN Configuration # Configure GigabitEthernet1/0/1 as a trunk port. VLAN 6 through 50. [Sysname-GigabitEthernet1/0/1] port link-type trunk [Sysname-GigabitEthernet1/0/1] port trunk pvid vlan 100 # Configure GigabitEthernet1/0/1 to permit the packets from VLAN 2. [Sysname-GigabitEthernet1/0/1] port trunk permit vlan 2 6 to 50 100 Please wait. and configure its default VLAN ID as VLAN 100.

z You can add or delete the default OUI address manually. 2.1 Voice VLAN Overview Voice VLANs are VLANs configured specially for voice data stream.1. Table 2-1 Default OUI addresses preset by the switch Number OUI Address Vendor 1 0001-e300-0000 Siemens phone 2 0003-6b00-0000 Cisco phone 3 00d0-1e00-0000 Pingtel phone 4 00e0-7500-0000 Polycom phone 5 00e0-bb00-0000 3com phone Note: z An organizationally unique identifier (OUI) address is a globally unique identifier assigned to a vendor by Institute of Electrical and Electronics Engineers (IEEE). The following table shows the five default OUI addresses of a switch.1 Automatic and Manual Voice VLAN Modes According to how a port is added to the voice VLAN. the port can work in one of the two voice VLAN modes: automatic and manual. S5500-SI series Ethernet switches determine whether a received packet is a voice packet by checking its source MAC address.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Chapter 2 Voice VLAN Configuration 2. You can determine which vendor a device belongs to according to the OUI address which forms the first 24 bits of a MAC address. If the source MAC addresses of packets comply with the organizationally unique identifier (OUI) addresses configured by the system. By adding the ports with voice devices attached to voice VLANs. ensuring the transmission priority of voice data stream and voice quality. 2-1 . You can configure an OUI address for voice packets or specify to use the default OUI address. the packets are determined as voice packets and transmitted in voice VLAN. you can perform quality of service (QoS)-related configuration for voice data.

voice traffic types of IP phones. the administrator adds the IP phone access port directly to the voice VLAN. the system identifies the source MAC address contained in the untagged packet sent when the IP phone is powered on and matches it against the OUI addresses. . and port types. An aging time can be configured on the device. matches it against the OUI addresses. The following table lists the co-relation between voice VLAN modes.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches z Chapter 2 Voice VLAN Configuration In automatic mode. In this mode. the device automatically applies ACL rules to the port to configure packet priority. And the port permits the packets of the default VLAN. Table 2-2 Port modes and voice stream types Port voice VLAN mode Voice stream type Port type Access Supported or not Not supported Supported Trunk Tagged voice stream Make sure the default VLAN of the port exists and is not a voice VLAN. If a match is found. The adding and deleting of ports are automatically realized by the system. and decides whether to forward the packets in the voice VLAN. the system will automatically add the port into the Voice VLAN and send ACL rules to ensure the packet precedence. the adding or deleting of ports is realized by the administrators. the port forwards tagged packets in the same manner: forward the tagged packets based on the VLAN IDs contained in them. When the administrator adds a port to the voice VLAN. The system then identifies the source MAC address contained in the packets on the port. The system will remove a port from the voice VLAN if no voice packets are received from it within the aging time. In any of the two modes. The voice VLAN working modes of different ports are independent and different ports can be configured to work in different modes. The above two working modes are configured in Ethernet port view. Access Untagged voice stream Trunk Hybrid 2-2 Not supported. z In manual mode. Supported Automatic mode Hybrid Make sure the default VLAN of the port exists and is in the list of the tagged VLANs whose packets are permitted by the port.

Supported Hybrid Make sure the default VLAN of the port exists and is in the list of the tagged VLANs whose packets are permitted by the port. Supported Hybrid 2-3 Make sure the default VLAN of the port is a voice VLAN and is in the list of untagged VLANs whose packets are permitted by the port. And the port permits the packets of the default VLAN. Supported Trunk Untagged voice stream Make sure the default VLAN of the port is a voice VLAN and the port permits the packets of the VLAN.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Port voice VLAN mode Chapter 2 Voice VLAN Configuration Voice stream type Port type Access Supported or not Not supported Supported Trunk Tagged voice stream Make sure the default VLAN of the port exists and is not a voice VLAN. . Supported Manual mode Access Make sure the default VLAN of the port is a voice VLAN.

Relate command “1.2.1x authentication is unavailable. assign different VLAN IDs for the voice VLAN. If you need to do so.1x authentication packets). like 802. 2. 2-4 . You are recommended not to transmit voice data and other service data in the voice VLAN simultaneously. Voice packets comply with the filtering rule of the voice VLAN and other types of packets comply with the filtering rule of the ordinary VLAN.2 Security and Ordinary Voice VLAN Modes According to the packet filtering scheme of a port with voice VLAN function enabled. make sure the voice VLAN mode is ordinary.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Caution: z If the voice stream transmitted by your IP phone is with VLAN tag and the port which the IP phone is attached to is enabled with 802. z In security mode.1x guest VLAN. Other packets are discarded (including some authentication packets. 2.2 Voice VLAN Configuration 2. the default VLAN of the port. You can use the corresponding command to specify a default VLAN for a port.4 Port-Based VLAN” z Use the display interface command to display the VLANs allowed to pass through a port and the default VLAN of the port. 802. the port with the voice VLAN function enabled allows only the voice packets with source MAC address being recognizable OUI address. the default VLAN of the port which the IP phone is attached to can only be configured as a voice VLAN for the voice VLAN function to take effect. In this case.1x authentication and 802. and allow certain VLAN to pass through the port. z If the voice stream transmitted by the IP phone is without VLAN tag. z In ordinary mode.1 Configuration Prerequisites z Create the corresponding VLAN before configuring voice VLAN.1x guest VLAN to ensure the two functions to operate properly. and the 802. Note: z The default VLAN of all ports is VLAN 1.1. the port works in one of the two voice VLAN modes: security and ordinary. the port with voice VLAN function enabled allows both voice packets and other types of packets to pass.

2-5 . the system prompts you cannot perform the configuration. 2. Optional Enable the voice VLAN security mode voice vlan enable Set an OUI address that can be identified by the voice VLAN voice vlan mac-address oui mask oui-mask [ description text ] Optional Enable the voice VLAN function globally voice vlan vlan-id enable Required Enter port view interface interface-type interface-number — Set the voice VLAN operation mode to automatic mode security By default. Optional voice vlan mode auto The default voice VLAN operation mode is automatic mode.2.440 minutes. Note: For ports working in automatic mode. Required Enable the voice VLAN function for the port voice vlan enable By default. the voice VLAN security mode is enabled. But VLAN 1 does not support the voice VLAN function.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches z Chapter 2 Voice VLAN Configuration VLAN 1 is the default VLAN and do not need to be created. Otherwise. the voice VLAN function is not enabled for a port. A voice VLAN has five default OUI addresses. and only effective for the port in automatic mode.2 Configuring Voice VLAN in Automatic Mode Table 2-3 Configure voice VLAN in automatic mode To do… Enter system view Use the command… Remarks — system-view Optional Set the aging time for the voice VLAN voice vlan aging minutes The default aging time is 1. you cannot configure the default VLAN as the voice VLAN.

Required — Required The default voice VLAN operation mode is automatic mode. it has five OUI addresses. Specify the voice VLAN as the default VLAN of the port Refer to section 1.4 “Port-Based VLAN” Whether you need to configure the voice VLAN as the default VLAN of a port. Optional By default.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration 2. the voice VLAN security mode is enabled. after the voice VLAN is enabled. refer to Table 2-2 “Port modes and voice stream types”.3 Configuring Voice VLAN in Manual Mode Table 2-4 Configure voice VLAN in manual mode To do… Use the command… Enter system view system-view Enable the voice VLAN security mode voice vlan enable Set an OUI address to be one that can be identified by the voice VLAN voice vlan mac-address oui mask oui-mask [ description text ] Enable the voice VLAN function globally voice vlan enable Enter port view interface interface-type interface-number Set voice VLAN operation mode to manual mode undo voice vlan mode auto Remarks — security vlan-id Optional By default.2. Add the manual mode port to the voice VLAN Refer to section 1. Required Enable the voice VLAN function for the port voice vlan enable 2-6 By default. Required By default. the voice VLAN function is disabled on a port. all ports belong to VLAN 1. Optional By default. the default VLAN of all ports is VLAN 1. Refer to Table 2-2 “Port modes and voice stream types”.4 “Port-Based VLAN” When you add a hybrid port to the voice VLAN. you need to configure the hybrid port to keep or strip the VLAN tag of the voice stream. .

Network requirements z Create VLAN 2 and configure it as a voice VLAN with an aging time of 100 minutes. with VLAN 6 as the default port.. Table 2-5 Display a voice VLAN To do. Display the voice VLAN state display voice vlan state Display the OUI addresses currently supported by system display voice vlan oui Remarks Available in any view 2. z You can enable the voice VLAN function for only one static VLAN on a switch. z You cannot enable the voice VLAN function for a port if it has been enabled with the link aggregation control protocol (LACP). 2. z Configure GigabitEthernet1/0/1 port as a trunk port.3 Displaying Voice VLAN After the above configurations. z The device allows voice packets from GigabitEthernet 1/0/1 with an OUI address of 0011-2200-0000 and a mask of ffff-ff00-0000 to be forwarded through the voice VLAN..1 Voice VLAN Configuration Example (Automatic Mode) I. you can execute the display command in any view to view the running status and verify the configuration effect.4 Voice VLAN Configuration Example 2.4.. 2-7 .Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration Note: Note the following when configuring voice VLAN in manual and automatic modes. Use the command. And a dynamic VLAN cannot be configured as a voice VLAN..

<Sysname> system-view [Sysname] vlan 2 [Sysname-vlan2] quit [Sysname] vlan 6 [Sysname-vlan6] quit # Set aging time for the voice VLAN [Sysname] voice vlan aging 100 # Set 0011-2200-0000 to be one that can be identified by the voice VLAN [Sysname] voice vlan mac-address 0011-2200-0000 mask ffff-ff00-0000 description test # Enable the global voice VLAN function. [Sysname-GigabitEthernet1/0/1] port trunk permit vlan 6 [Sysname-GigabitEthernet1/0/1] port trunk pvid vlan 6 # Enable the voice VLAN function for the port. VLAN 6.1 010-1001 OUI:0011-2200-0000 Mask:ffff-ff00-0000 Figure 2-1 Network diagram for configuration of voice VLAN in automatic mode III. [Sysname] voice vlan 2 enable # Set the voice VLAN operation mode of GigabitEthernet1/0/1 to automatic mode. [Sysname-GigabitEthernet1/0/1] voice vlan enable 2-8 . [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] voice vlan mode auto # Specify port GigabitEthternet1/0/1 as a Trunk port. Network diagram VLAN 2 WAN GigabitEthernet 1/0/1 Tel.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration II. and the port permits VLAN 6 to pass. [Sysname-GigabitEthernet1/0/1] port link-type trunk # Set the default VLAN of the port to VLAN 6. Configuration procedure # Create VLAN 2.

4. network mask is ffff-ff00-0000 and description string is “test”. Network diagram VLAN 2 WAN GigabitEthernet 1/0/1 Tel. defaults to security mode). and only permits the voice packets with the following features to pass: OUI address is 0011-2200-0000. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] undo voice vlan mode auto # Configure GigabitEthernet1/0/1 as a Hybrid port. Configuration procedure # Set the voice VALN to work in security mode to permit the legal voice packets to pass (optional. and enable the voice VLAN function for it. z The voice stream transmitted by the IP phone is untagged.2 Voice VLAN Configuration Example (Manual Mode) I. Network requirements z Create VLAN 2 and configure it as a voice VLAN.1 010-1001 OUI:0011-2200-0000 Mask:ffff-ff00-0000 Figure 2-2 Voice VLAN Configuration Example III. z GigbitEthernet1/0/1 works in manual mode. <Sysname> system-view [Sysname] voice vlan security enable # Set 0011-2200-0000 to be one that can be identified by the voice VLAN [Sysname] voice vlan mac-address 0011-2200-0000 mask description test # Create VLAN 2. 2-9 ffff-ff00-0000 . [Sysname] vlan 2 [Sysname-vlan2] quit [Sysname] voice vlan 2 enable # Set GigabitEthernet1/0/1 to work in the manual mode. and the port which the IP phone is attached to is a Hybrid port GigabitEthernet1/0/1. II.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration 2.

Displaying and verification # display the currently supported OUI addresses and the related information. [Sysname-GigabitEthernet1/0/1] voice vlan enable IV. [Sysname-GigabitEthernet1/0/1] port hybrid pvid vlan 2 [Sysname-GigabitEthernet1/0/1] port hybrid vlan 2 untagged # Enable the voice VLAN function for the port GigabitEthernet1/0/1. [Sysname-GigabitEthernet1/0/1] display voice vlan state Voice VLAN status: ENABLE Voice VLAN ID: 2 Voice VLAN security mode: Security Voice VLAN aging time: 100 minutes Voice VLAN enabled port and its mode: PORT MODE -------------------------------GigabitEthernet1/0/1 MANUAL 2-10 . [Sysname-GigabitEthernet1/0/1] display voice vlan oui Oui Address Mask Description 0001-e300-0000 ffff-ff00-0000 Siemens phone 0003-6b00-0000 ffff-ff00-0000 Cisco phone 0011-2200-0000 ffff-ff00-0000 test 00d0-1e00-0000 ffff-ff00-0000 Pingtel phone 00e0-7500-0000 ffff-ff00-0000 Polycom phone 00e0-bb00-0000 ffff-ff00-0000 3com phone # Display current voice VLAN state.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 2 Voice VLAN Configuration [Sysname-GigabitEthernet1/0/1] port link-type hybrid # Configure VLAN 2 as the default VLAN of port GigabitEthernet1/0/1. and allow packets of VLAN 2 to pass through the port.

Leave messages guarantee attribute reregistration and deregistration. This can thus help you save bandwidth. it starts a hold timer and collects succeeding requests. GARP participants exchange information with each other through the following three types of messages: Join. this port is regarded a GARP application entity. 3-1 . the GARP application entity removes attribute information as requested. and register with other participants in a bridged LAN the attributes specific to the GARP application. GARP-compliant application entities are called GARP applications. z Leave to announce the willingness to deregister with other participants. When this timer expires. Through message exchange. When a GARP application entity is present on a port on your device. the entity sends all these requests in one Join message. z LeaveAll to deregister all attributes.1. I. One example is GVRP. such as the VLAN or multicast address attribute.1 Introduction to GARP 3. z Join to announce the willingness to register attributes with other participants. and LeaveAll. propagate. z Leave timer –– Starts upon receipt of a Leave message.1 Introduction to GARP The generic attribute registration protocol (GARP). 2) GARP timers GARP sets interval for sending GARP messages by using these four timers: z Hold timer –– When a GARP application entity receives the first registration request. provides a mechanism that allows participants in a GARP application to distribute.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration Chapter 3 GVRP Configuration 3. all attribute information that needs registration propagates to all GARP participants throughout a bridged LAN. When the timer expires. GARP messages and timers 1) GARP messages Generally. A LeaveAll message is sent upon expiration of a LeaveAll timer which starts upon the startup of a GARP application entity. The sending interval is set on the join timer. z Join timer –– A GARP application entity can send a Join message twice to ensure the message can be transmitted to other entities. Leave. Together with Join messages.

GVRP for example. the entity sends a LeaveAll message so that other entities can re-register its attribute information. Figure 3-1 GARP message format 3-2 . GARP message format The following figure illustrates the GARP message format. should a GARP PDU be delivered. a device can identify to which GVRP application. Based on this address. III. a GARP participant registers or deregisters its attributes with other participants by making or withdrawing declarations of attributes and at the same time. z A GARP application entity may send LeaveAll messages at the interval set by its LeaveAll timer or the leaveall timer of another GARP application entity on the network. II. such as GVRP. Operating mechanism of GARP The GARP mechanism allows the configuration of a GARP participant to propagate throughout a LAN quickly. Note: z The settings of GARP timers apply to all GARP applications. whichever is smaller. When this timer expires. Then. GARP application entities send protocol data units (PDU) with a particular multicast MAC address as destination. a leaveall timer starts again. running on a LAN.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches z Chapter 3 GVRP Configuration Leaveall timer –– Starts when a GARP application entity starts. In GARP. z Unlike other three timers which are set on a port basis. based on received declarations or withdrawals handles attributes of other participants. the leaveall timer is set in system view and takes effect globally.

Table 3-1 Description on the GARP message fields Field Description Value Protocol ID Protocol identifier for GARP 1 Message One or multiple messages. inclusive of the attribute length field 2 to 255 in bytes 0: LeaveAll 1: JoinEmpty Attribute Event Event described by the attribute 2: JoinIn 3: LeaveEmpty 4: LeaveIn 5: Empty Attribute Value Attribute value VLAN ID for GVRP End Mark Indicates the end of PDU of GARP –– 3.1.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration The following table describes the GARP message fields. each containing an attribute type and an attribute list –– Attribute Type Defined by the concerned GARP application 0x01 for GVRP.2 Introduction to GVRP GVRP enables a device to propagate local VLAN registration information to other participant devices and dynamically update the VLAN registration information from other devices to its local database. If the Attribute Event is LeaveAll. GVRP provides the following three registration types on a port: z Normal –– Enables a port to dynamically register and deregister VLANs. Attribute Value is omitted –– Attribute Length Number of octets occupied by an attribute. The VLAN registration information propagated by GVRP includes both manually configured local static entries and dynamic entries from other devices. It thus ensures that all GVRP participants on a bridged LAN maintain the same VLAN registration information. and to propagate both dynamic and static VLAN information. and an Attribute Value. indicating the VLAN ID attribute Attribute List Consists of one or multiple attributes –– Attribute Consists of an Attribute Length. 3-3 . an Attribute Event.

1.1Q specifies GVRP. Required Disabled by default . z Forbidden –– Disables the port to dynamically register/deregister VLANs. the subsequent configuration takes effect on a port or all ports in a port-group. A trunk port with forbidden registration type thus allows only VLAN 1 to pass through even though it is configured to carry all VLANs.2. 3. A trunk port with fixed registration type thus allows only manually configured VLANs to pass through even though it is configured to carry all VLANs. but allows the port to propagate static VLAN information. and configure GVRP registration mode. Depending on the view you accessed. and to propagate VLAN information except for VLAN 1. Note: GVRP can be configured only on a trunk port. 3. enable GVRP.3 Protocols and Standards IEEE 802. you need to configure timers. 3.1 Configuring GVRP Table 3-2 Configure GVRP on a trunk port To do… Use the command… Enter system view system-view Enable GVRP globally gvrp Enter Ethernet port view Enter Ethernet port view or port-group view Enter port-group view Enable GVRP on the port interface interface-type interface-number port-group { manual port-group-name | aggregation agg-id } gvrp 3-4 Remarks –– Required Disabled by default Perform either of the commands.2 Configuring GVRP When configuring GVRP.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches z Chapter 3 GVRP Configuration Fixed –– Disables the port to dynamically register/deregister VLANs or propagate dynamic VLAN information.

the Hold. Join timer and Leave timer garp timer { hold | join | leave } timer-value By default. Depending on the view you accessed.2. When configuring GARP timers. you need to disable BPDU TUNNEL first. the LeaveAll timer is set to 1. and 60 centiseconds respectively.000 centiseconds. Join. 20.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration To do… Configure GVRP mode on the port Use the command… registration gvrp registration { fixed | forbidden | normal } Remarks Optional The default normal is Note: BPDU TUNNEL is not compatible with GVRP.2 Setting GARP Timer Table 3-3 Set GARP timer To do … Use the command… Enter system view Remarks — system-view Optional garp timer timer-value Set GARP LeaveAll timer Enter Ethernet port view Enter Ethernet port view or port-group view Enter port-group view leaveall interface interface-type interface-number port-group { manual port-group-name | aggregation agg-id } By default. and Leave timers are set to 10. Perform either of the commands. The two cannot be applied simultaneously on a port. 3. you may change it by tuning the value of another timer as shown in the following table: 3-5 . note that their values are dependent on each other and must be a multiplier of five centiseconds. If you want to enable GVRP on a port. Optional Set GARP Hold timer. If the value range for a timer is not desired. the subsequent configuration takes effect on a port or all ports in a port-group.

3 Displaying and Maintaining GARP/GVRP Table 3-5 Display and Maintain GARP/GVRP To do… Use the command… Display statistics about GARP display garp statistics [ interface interface-list ] Display GARP timers for all or specified ports display garp timer [ interface interface-list ] Display statistics about GVRP display gvrp statistics [ interface interface-list ] Display the global GVRP state display gvrp status Clear the GARP statistics reset garp statistics [ interface interface-list ] Remarks Available in any view 3-6 Available in user view . Greater than two times the join timer setting Less than the leaveall timer setting You can change this value by changing the value of the join timer. You can change this value by changing the value of the leaveall timer.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration Table 3-4 Dependencies of GARP timers Timer Lower limit Upper limit Not greater than half of the join timer setting Hold Join Leave 10 centiseconds You can change this value by changing the value of the join timer. Greater than the leave timer setting Leaveall You can change this value by changing the value of the leave timer 32. You can change this value by changing the value of the leave timer.765 centiseconds 3. Not less than two times the hold timer setting Less than half of the leave timer setting You can change this value by changing the value of the hold timer.

allowing all VLANs to pass.4. Network diagram GigabitEthernet 1/0/1 GigabitEthernet 1/0/2 Switch A Switch B Figure 3-2 Network diagram for GVRP configuration III. [Sysname-GigabitEthernet1/0/1] quit [Sysname] vlan 2 [Sysname-vlan2] 2) Configure Switch B # Enable GVRP globally. <Sysname> system-view [Sysname] gvrp # Configure port GigabitEthernet 1/0/2 as trunk. allowing all VLANs to pass. II. Network requirements Configure GVRP on devices and specify the port registration mode as normal to realize dynamic VLAN information registration and update among devices. Configuration procedure 1) Configure Switch A # Enable GVRP globally.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration 3. [Sysname-GigabitEthernet1/0/1] gvrp # Display static VLAN2.1 Example 1 I. <Sysname> system-view [Sysname] gvrp # Configure port GigabitEthernet1/0/1 as trunk. [Sysname] interface GigabitEthernet 1/0/2 [Sysname-GigabitEthernet1/0/2] port link-type trunk [Sysname-GigabitEthernet1/0/2] port trunk permit vlan all 3-7 .4 GVRP Configuration Example 3. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] port link-type trunk [Sysname-GigabitEthernet1/0/1] port trunk permit vlan all # Enable GVRP on GigabitEthernet1/0/1.

the following dynamic VLAN exist(s): 3 # Display dynamic VLAN on Switch B [Sysname-vlan3] display vlan dynamic Now.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration # Enable GVRP on GigabitEthernet 1/0/2. the following dynamic VLAN exist(s): 2 3. [Sysname-GigabitEthernet1/0/2] gvrp # Configure static VLAN3.4. [Sysname-GigabitEthernet1/0/2] quit [Sysname] vlan 3 [Sysname-vlan3] 3) Display configuration results # Display dynamic VLAN on Switch A. II. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] port link-type trunk [Sysname-GigabitEthernet1/0/1] port trunk permit vlan all # Enable GVRP on GigabitEthernet1/0/1 3-8 .2 Example 2 I. <Sysname> system-view [Sysname] gvrp # Configure port GigabitEthernet1/0/1 as trunk. Network diagram GigabitEthernet 1/0/1 GigabitEthernet 1/0/2 Switch A Switch B Figure 3-3 Network diagram for GVRP configuration III. Configuration procedure 1) Configure Switch A # Enable GVRP globally. [Sysname-vlan2] display vlan dynamic Now. Network requirements Enable GVRP on devices and configure the port registration mode as fixed to realize dynamic registration and update of some VLAN information between devices. allowing all VLANs to pass.

3 Example 3 I.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration [Sysname-GigabitEthernet1/0/1] gvrp # Configure the GVRP registration mode as fixed. [Sysname-GigabitEthernet1/0/1] gvrp registration fixed # Create static VLAN 2. Network requirements Enable GVRP on devices and configure the port registration mode as forbidden to forbid dynamic registration and update of VLAN information between devices. [Sysname] interface GigabitEthernet 1/0/2 [Sysname-GigabitEthernet1/0/2] port link-type trunk [Sysname-GigabitEthernet1/0/2] port trunk permit vlan all # Enable GVRP on GigabitEthernet1/0/2 [Sysname-GigabitEthernet1/0/2] gvrp # Create static VLAN 3.4. the following dynamic VLAN exist(s): 2 3. 3-9 . [Sysname-GigabitEthernet1/0/1] quit [Sysname] vlan 2 [Sysname-vlan2] 2) Configure Switch B # Enable GVRP globally. allowing all VLANs to pass. [Sysname-vlan3] display vlan dynamic Now. [Sysname-GigabitEthernet1/0/2] quit [Sysname] vlan 3 [Sysname-vlan3] 3) Display the configuration # Display the dynamic VLAN information on Switch A [Sysname-vlan2] display vlan dynamic No dynamic vlans exist! # Display the dynamic VLAN information on Switch B. <Sysname> system-view [Sysname] gvrp # Configure port GigabitEthernet1/0/2 as trunk.

[Sysname-GigabitEthernet1/0/1] gvrp registration forbidden # Create static VLAN 2. [Sysname-GigabitEthernet1/0/1] quit [Sysname] vlan 2 [Sysname-vlan2] 2) Configure Switch B # Enable GVRP globally.Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration II. [Sysname] interface GigabitEthernet 1/0/2 [Sysname-GigabitEthernet1/0/2] port link-type trunk [Sysname-GigabitEthernet1/0/2] port trunk permit vlan all # Enable GVRP on the trunk port. <Sysname > system-view [Sysname] gvrp # Configure GigabitEthernet1/0/2 as a trunk port. [Sysname-GigabitEthernet1/0/2] quit 3-10 . Network diagram GigabitEthernet 1/0/1 GigabitEthernet 1/0/2 Switch A Switch B Figure 3-4 Network diagram for GVRP configuration III. allowing all VLANs to pass. [Sysname-GigabitEthernet1/0/2] gvrp # Create static VLAN 3. [Sysname-GigabitEthernet1/0/1] gvrp # Configure the GVRP registration mode as forbidden. allowing all VLANs to pass. Configuration procedure 1) Configure Switch A # Enable GVRP globally. <Sysname > system-view [Sysname] gvrp # Configure GigabitEthernet1/0/1 as a trunk port. [Sysname] interface GigabitEthernet 1/0/1 [Sysname-GigabitEthernet1/0/1] port link-type trunk [Sysname-GigabitEthernet1/0/1] port trunk permit vlan all # Enable GVRP on the trunk port.

[Sysname-vlan3] display vlan dynamic No dynamic vlans exist! 3-11 .Operation Manual – VLAN H3C S5500-SI Series Ethernet Switches Chapter 3 GVRP Configuration [Sysname] vlan 3 [Sysname-vlan3] 3) Display the configuration # Display dynamic VLAN information on Switch A [Sysname-vlan2] display vlan dynamic No dynamic vlans exist! # Display dynamic VLAN information on Switch B.