HPE Knowledge Article HPE Networking Switches - Understanding VLAN port Types on HPE Switches Article Number mmr_sf-EN_US000005127 Environment VLAN Port Types Explained. Issue Has a user ever questioned what VLAN port type one needs to configure on the HP Networking Switches? Hopefully this article will help to decide. Cause Informational article on VLAN port types. Resolution VLANs Virtual LAN – A logical broadcast domain. VLANS are used to divide a network segment to smaller sub networks to: • Reduce the overhead of layer 2 broadcast. • Increase security. • Improve management of network infrastructure VLANs are created through software configuration. Type of VLANS: • Port-based VLANs • MAC address-based VLANs • Protocol-based VLANs • IP-subnet-based VLANs • Policy-based VLANs A virtual LAN (VLAN) is a collection of network nodes that are logically grouped together to form a separate broadcast domain. A VLAN has the same general attributes as a physical LAN, but it allows all nodes for a particular VLAN to be grouped together, regardless of physical location. One advantage of using VLANs is design flexibility. VLANs allow individual users to be grouped based on business needs. Connectivity within a VLAN is established and maintained through software configuration. The list above is a partial list of supported VLAN types. A-Series switches also support Voice VLANs and policy-based VLANs, which are used with 802.1X authentication. Switch VLAN port types Access ports: • Belong to one VLAN – Port is untagged Trunk ports: • Carry multiple VLANs on a single physical link • VLANs are 802.1Q tagged • The native VLAN is untagged Hybrid ports: • Belongs to multiple VLANs • Multiple VLANs can be untagged and tagged • Typically used for IP phone connection • Also in conjunction with protocol VLANs, IP subnet VLANs A-Series switches By default, VLAN 1 is the native VLAN. To define a trunk: interface gi 1/0/1 port link-type trunk port trunk permit [all | vlan ids] port trunk pvid vlan [id] (Defines Native VLAN.) In this case, VLAN 1 will be tagged if still carried. The undo port trunk permit vlan 1 command undoes VLAN 1 assignment. Control plane info, including BPDU and LLDP frames, is sent untagged. To configure multiple ports, define port groups: [switch] port-group manual [port-group-name] [switch] group-member [port names] [switch] port link-type [trunk | hybrid | access] Access ports are ports that belong to a single VLAN and the traffic is sent and received untagged. There are two methods to define access ports. Add access ports to VLAN for PCs [SW-A]vlan 100 [SW-A-vlan100]port gigabitethernet 1/0/1 to gig 1/0/20 OR in interface configuration mode, set interface as an access port in VLAN 100 [SW-A]interface gi 1/0/1 [SW-A-GigabitEthernet1/0/1]port link-type access [SW-A-GigabitEthernet1/0/1]port access vlan 100 Use these commands to view VLAN membership. display vlan [vid] display vlan all Hybrid Ports Hybrid ports are used mostly for IP phones. Hybrid ports can be assigned to multiple VLANs as tagged or untagged. To set Hybrid ports using a port group: [SW]port-group manual phones-1 [SW-port-group-manual-phones-1]group-member gi 1/0/11 to gi 1/0/20 [SW-port-group-manual-phones-1]port link-type hybrid To set Data VLAN 100 as the native VLAN: [SW-port-group-manual-phones-1]port hybrid PVID 100 Note: Hybrid port is still part of VLAN 1. Then Remove hybrid port from VLAN 1 [SW-port-group-manual-phones-1]undo port hybrid vlan 1 untagged To set VLAN 200 as voice VLAN: [SW-port-group-manual-phones-1]voice vlan 200 enable This makes VLAN tagged on port and auto-QoS if Phone SNMP OUI Is detected. Voice VLAN command will dynamically: • Allocate the voice vlan as a tagged vlan with auto qos if a predefined phone SNMP OUI is detected. • Add OUI with voice OUI command at system view. Hybrid ports can be set as untagged in one or more VLANs. Here is an example of configuration on a hybrid port to use with protocol VLAN: [SWA]vlan 2 [SWA-vlan2]Description IP and ARP VLAN [SWA-vlan2]protocol-vlan mode ethernetii etype 0800 [SWA-vlan2]protocol-vlan mode ethernetii etype 0806 [SWA-vlan2]vlan 3 [SWA-vlan2]Description Novell IPX VLAN [SWA-vlan3]protocol-vlan ipx llc [SWA-vlan3]interface gigabit 1/1/1 [SWA-gigabit1/1/1]description Access port Separate IP and IPX traffic [SWA-gigabit1/1/1]port link-type hybrid [SWA-gigabit1/1/1]undo port hybrid vlan 1 [SWA-gigabit1/1/1]port hybrid vlan 2 3 untagged [SWA-gigabit1/1/1]port hybrid protocol-vlan vlan 2 all [SWA-gigabit1/1/1]port hybrid protocol-vlan vlan 3 all [SWA-vlan3]interface gigabit 1/1/23 [SWA-gigabit1/1/23]description Trunk port Separate IP and IPX traffic [SWA-gigabit1/1/23]port link-type trunk [SWA-gigabit1/1/23]port trunk permit vlan 2 3 Hybrid ports can be assigned to multiple VLAN as tagged or untagged. To set Hybrid ports using a port group: [SW]port-group manual phones-1 [SW-port-group-manual-phones-1]group-member gi 1/0/11 to gi 1/0/20 [SW-port-group-manual-phones-1]port link-type hybrid To set Data VLAN 100 as the native VLAN [SW-port-group-manual-phones-1]port hybrid PVID 100 NOTE: Hybrid port is still part of VLAN 1. Then Remove hybrid port from VLAN 1. [SW-port-group-manual-phones-1]undo port hybrid vlan 1 untagged. To set VLAN 200 as voice VLAN [SW-port-group-manual-phones-1]voice vlan 200 enable Trunk Ports On trunk 802.1Q ports: one VLAN at most is untagged, all other VLANs are tagged To configure the trunk interfaces & allow the VLANs: [SW-A]interface gi 1/0/23 [SW-A-GigabitEthernet1/0/23]port link-type trunk [SW-A-GigabitEthernet1/0/23]port trunk permit vlan 100 200 [SW-A]interface gi 1/0/24 [SW-A-GigabitEthernet1/0/24]port link-type trunk [SW-A-GigabitEthernet1/0/24]port trunk permit vlan all List trunk ports: [SW-A]display port trunk Interface PVID VLAN passing GE1/0/23 1 1, 100, 200 GE1/0/24 1 1, 100, 200 On edge switches one can set the uplinks as trunk ports carrying all VLANs: port link-type trunk port trunk permit vlan all NOTE: Do not confuse trunk ports with the link aggregation ports that are called trunk ports on HP E-Series switches. On distribution/core switches, set exactly what VLANs should be carried on downlinks to edge switches: port link-type trunk port trunk permit vlan 100 200 NOTE: VLAN 1 is set by default. To change the native VLAN to VLAN 99 [SW-A-GigabitEthernet1/0/23]port trunk PVID 99 This forces the interface to be tagged on VLAN 1. If VLAN 1 is not desired on port,remove it: [SW-A-GigabitEthernet1/0/23]undo port trunk permit vlan 1 List trunk ports [SW-A]display port trunk Interface PVID VLAN passing GE1/0/23 99 99, 100, 200 GE1/0/24 99 99, 100, 200 VLAN 1 is not necessary on A-Series switches. For example: BPDUs for STP, LLDP or LACP are sent untagged no matter what the setup of the VLANs are on the link. BPDUs are accepted by a receiving switch because the destination MAC address matches the list of MAC addresses on the ports. In other words, because the protocols (LLDP, STP, LACP) are enabled on port and global levels. E-Series switches: E-Series switches do not use the same terminology as the A-Series. On E-Series devices, VLAN membership is configured from the VLAN context with the tagged and untagged commands. A port can be considered to be a VLAN trunk port if it is assigned to more than one VLAN. Similarly, a port can be considered to be an access port if it is only assigned to one VLAN for untagged traffic. To configure a port to be an untagged member of a VLAN (access port): E-Series(config)# vlan 100 E-Series(vlan-100)# untagged a1-a12 To configure a port to be a tagged member of a VLAN (trunk port): E-Series(config)# vlan 100 E-Series(vlan-100)# tagged a1-a12 E-Series(vlan-100)# vlan 200 E-Series(vlan-200)# tagged a1-a12 E-Series(vlan-100)# vlan 5 E-Series(vlan-5)# untagged a1-a12 (This is optional) To configure a port to be a voice VLAN: E-Series(config)# vlan 100 E-Series(vlan-100)# voice © Copyright 2016 Hewlett Packard Enterprise Development LP. The information contained herein is subject to change without notice.The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services.Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project