Enhancements to Release 1.0 of the IBM 8371

Dynamic Protocol Filtering (VLANS) Configuration Commands

This section explains all of the VLAN configuration commands. These commands let you configure protocol and IP multicast VLANs.

Configuration commands for the ASRT bridge are entered at the ASRT VLAN config> prompt. This prompt is accessed by entering the vlans command at the ASRT config> prompt. The following table shows the VLAN filtering configuration commands.

Table 5. VLAN Configuration Command Summary

Command Function
? (Help) Displays all the commands available for this command level or lists the options for specific commands (if available).
Add Adds the definition of a new VLAN filter
Change Changes VLAN filtering parameters for an indicated VLAN
Delete Deletes the selected VLAN filters
Disable Disables VLAN filtering on the selected VLANs
Enable Enables VLAN filtering on the selected VLANs
List Displays all information associated with the selected VLAN filters
Exit Returns you to the previous command level.

Command	Function
? (Help)	Displays all the commands available for this command level or lists the options for specific commands (if available).
Add	Adds the definition of a new VLAN filter
Change	Changes VLAN filtering parameters for an indicated VLAN
Delete	Deletes the selected VLAN filters
Disable	Disables VLAN filtering on the selected VLANs
Enable	Enables VLAN filtering on the selected VLANs
List	Displays all information associated with the selected VLAN filters
Exit	Returns you to the previous command level.

Add

Use the Add command to define a new VLAN filter. Refer to the chapter entitle "Bridging Features" in the 8371 Networking Multilayer Ethernet Switch Software User's Guide and Configuration Reference, GC30-9688-00 for a discussion of VLANs concepts.

Syntax:

add: ip
: ip-multicast
: ipx
: netbios
: sliding-window

Example 1: add ip

            IP Address [0.0.0.0]? 9.2.3.4
            Subnet Mask [255.0.0.0]?
            Configure this VLAN on Specific Ports? [No]:
            Age (expiration in minutes,0=infinity) [10000]? 0
            Enable IP-Cut-Through from this VLAN? [Yes]:
            Enable IP-Cut-Through to this VLAN? [Yes]:
            Track Active MAC Addresses on this VLAN? [No]:
            Enable This Filter? [Yes]:
            VLAN Name (32 chars max) []? IP 9.x.x.x
            VLAN 'IP 9.x.x.x' (IP subnet 9.0.0.0) successfully added

If some ports should not be configured as Auto-Detect and Include, then the port can be manually configured.

Example 2: add ip-multicast

            IP Multicast Address [0.0.0.0]? 230.1.1.1
            Configure Specific Ports? [No]:
            Age (expiration in minutes,0=infinity) [10]? 0
            Track Active MAC Addresses on this VLAN? [No]:
            Enable This Filter? [Yes]:
            VLAN Name (32 chars max) []? IPmcast01
            VLAN 'IPmcast01' (IP Multicast 230.1.1.1) successfully added

Example 3: add ipx

            Network Number (in 8-digit hex) (1 - FFFFFFFE) [1]? 2FF
            Configure this VLAN on Specific Ports? [No] y
            Configure VLAN on port 1 (Include, Exclude, or Auto-Detect) [A]?
            Configure VLAN on port 2 (Include, Exclude, or Auto-Detect) [A]? e
            Age (expiration in minutes,0=infinity) [5000]?
            Track Active MAC Addresses on this VLAN? [No]:
            Enable This Filter? [Yes]:
            VLAN Name (32 chars max) []? IPX 2FF
            VLAN 'IPX 2FF' (IPX network 0x2FF) successfully added

A description of each parameter follows:

IP Address

This prompt allows you to enter the IP address of the IP subnet whose traffic will be dynamically filtered to create this VLAN. This value, after the subnet mask is applied, is what will be saved and referenced in other VLAN commands.

Subnet Mask

This is the subnet mask that will be applied to the input IP Address to create the IP subnet value used to detect traffic for this VLAN.

IP Multicast address

This is the IP group address whose multicast traffic will be filtered to create this VLAN.

Note:

A VLAN for 224.0.0.1 (the all IP hosts address) is created during initialization and is used to configure IP multicast VLANs that are auto-created when an IGMP report frame is detected and the 224.0.0.1 VLAN is enabled. See

Valid Values: 224.0.1.0 - 239.255.255.255

Default Value: none

Network Number

This prompt allows you to enter the IPX network ID number whose traffic will be dynamically filtered to create this VLAN.

Sliding Window Filter Base

Determines whether the base for the offset is the first byte of the destination MAC address or the first byte of the frame's information field.

Valid Values: mac or info

Default Value: mac

Sliding Window Filter Offset

Sets the byte offset into the frame where the comparison with the mask and value begins.

Valid Values: 0 - 255

Default Value: 0

Sliding Window Filter Value

The value used for comparing the sliding window filter.

A frame "matches" a sliding window filter if the octet pattern (whose start is determined by the Sliding Window Filter Base and Sliding Window Filter Offset) ANDED with the Sliding Window Filter Mask equals this Sliding Window Filter Value ANDED with the Sliding Window Filter Mask.

Valid Values: Any octet string of length 1 - 10

Default Value: None

Sliding Window Filter Mask

The mask used for comparing the sliding window filter.

Valid Values: Any octet string of length 1 - 10

Default Value: None

Configure

Answering "No" to this prompt causes all bridge ports to be set to the default value of Auto-Detect and Include. Answering yes to this prompt causes further prompting to select the desired port inclusion mode for each bridge port.

The modes are:

Auto-Detect and Include (the default mode that requires that traffic from this vlan be received on the port before being included in the VLAN forwarding domain).
Include Always (to always include this port in the forwarding domain regardless of received traffic)
Exclude Always (to always exclude this port from the forwarding domain regardless of received traffic).

Age

The amount of time, in minutes, that an Auto-Detect port will remain in the forwarding state in the absence of traffic received from that port for this VLAN. Entering a value of zero means that ports auto-detected will never expire and be removed from the forwarding domain.

If MAC address tracking is enabled for a VLAN, the aging time also determines when a MAC address is no longer considered a member of the VLAN in the absence of traffic received from that MAC address.

Valid Values: 0 to 4 294 967 295

Default Value

IP subnet: 10 000 minutes
IP multicast: 10 minutes
IPX Network: 10 minutes
NetBIOS: 5000 minutes
Sliding Window: 5000 minutes

Enable IP-Cut-Through Transmission Status

Answering yes will allow forwarding of IP traffic from devices on this VLAN to devices on other VLANs that have IP-Cut-Through reception enabled.

Enable IP-Cut-Through Reception Status

Answering yes will allow IP traffic to be forwarded to devices on this VLAN from devices on other VLANs that have IP-Cut-Through transmission enabled.

Track Active MAC Addresses

Answering yes causes source MAC addresses from transmissions on this VLAN to be saved. These learned addresses can be displayed with the show-members command. Learned addresses will be aged out with the aging timer for this VLAN.

VLAN Filter Status

Answering yes will enable dynamic filtering for this VLAN. Answering "No" means that no filtering will be done on traffic from members of this VLAN.

VLAN Name

This prompt lets you define a name for this VLAN that can be used with all VLAN commands. A VLAN name is required for MAC address, port-based, and sliding window VLANs.

This name must be unique among all VLANs of all types within the ASRT bridge. This name consists of up to 32 characters and can include spaces.

Change

Use the change command to change the configuration parameters associated with a particular VLAN. The VLAN to change can be chosen by explicitly specifying the subnet or by selecting the VLAN from a list with the by-name option. This command invokes the same prompts used with the add command. The current parameter values will be displayed as the default and can be maintained by simply pressing Return.

Syntax:

change: by-name
: ip subnet address
: ip-multicast
: ipx network number
: netbios
: sliding-window

Example: change ip

            IP Address [9.0.0.0]?
            Configure Specific Ports? [No]:
            Age (expiration in minutes,0=infinity) [0]? 300
            Enable IP-Cut-Through from this VLAN? [Yes]:
            Enable IP-Cut-Through to this VLAN? [Yes]:
            Track Active MAC Addresses on this VLAN? [No]:
            Enable This Filter? [Yes]:
            VLAN Name (32 chars max) [IP 9.x.x.x]?
            VLAN 'IP 9.x.x.x' (IP subnet 9.0.0.0) successfully changed

Delete

Use the delete command to delete a particular VLAN filter, all VLAN filters of a particular type, or all defined VLAN filters. If you are deleting a single filter, you can choose the VLAN to be deleted by selecting the VLAN from a list using the by-name option.

Syntax:

delete: by-name
: ip all
: ip subnet subnet address
: ip-multicast all
: ip-multicast by-name
: ipx all
: ipx network network-number
: netbios
: sliding-window all
: sliding-window by-name
: all

Example 1: del ip subnet 9.0.0.0

           VLAN 'IP 9.x.x.x' (IP subnet 9.0.0.0) deleted

Example 2: del ipx all

           Are you sure you want to delete ALL IPX VLANS? [No]: y
           All IPX VLANS deleted

Disable

Use the disable command to disable a particular VLAN filter, all VLAN filters of a particular type, or all defined VLAN filters. If disabling a single filter, the VLAN to be disabled can be chosen by selecting the VLAN from a list using the by-name option.

Syntax:

disable: by-name
: ip all
: ip subnet subnet-address
: ip-multicast all
: ip-multicast by-name
: ipx all
: ipx network network-number
: netbios
: sliding-window all
: sliding-window by-name
: all

Example: disable ip subnet 220.5.3.0

           VLAN 'Building #4' (IP subnet 220.5.3.0) now disabled

Enable

Use the enable command to enable a particular VLAN filter, all VLAN filters of a particular type, or all defined VLAN filters. If you are enabling a single filter, you can choose the VLAN to be enabled by selecting the VLAN from a list using the by-name option.

Syntax:

enable: by-name
: ip all
: ip subnet subnet-address
: ip-multicast all
: ip-multicast by-name
: ipx all
: ipx network network-number
: netbios
: sliding-window all
: sliding-window by-name
: all

Example: enable by-name

        Choice of VLAN:
              VLAN type    Identifier         VLAN Name
              =========    ==========         =========
          (1) IP           9.0.0.0            IP 9.x.x.x
          (2) IP           220.5.3.0          Building #4
          (3) IPX          0x2FF              Ethernet A
          (4) IPX          0x3FF              Ethernet B
       Enter Selection [1]? 3
       VLAN 'Ethernet A' (IPX Network 0x2FF) now enabled

List

Use the list command to list the configuration information about a particular VLAN filter, all VLAN filters of a particular type, or all defined VLAN filters. If you are listing a single filter, you can choose the VLAN to be listed can be chosen by selecting the VLAN from a list using the by-name option.

Syntax:

list: by-name
: ip all
: ip subnet subnet-address
: ip-multicast all
: ip-multicast by-name
: ipx all
: ipx network network-number
: netbios
: sliding-window all
: sliding-window by-name
: all

Example 1: list ip subnet 9.0.0.0

          Subnet Address              = 9.0.0.0
          Subnet Mask                 = 255.0.0.0
          Bridge Port 1 (Interface 0) = Auto-Detect and Include
          Bridge Port 2 (Interface 1) = Always Exclude
          Age (expiration in minutes) = 300
          IP-Cut-Through Status:
             Transmit From This VLAN  = Enabled
             Reception By This VLAN   = Enabled
          Tracking of MAC Addresses   = Disabled
          VLAN Filter State           = Enabled
          VLAN Name                   = IP 9.x.x.x

Example 2: list ipx all

          ----------- IPX VLANS -------------------------------
          IPX Network Number          = 0x2FF
          Bridge Port 1 (Interface 0) = Auto-Detect and Include
          Bridge Port 2 (Interface 1) = Always Exclude
          Age (expiration in minutes) = Never Expires
          IP-Cut-Through Status:
             Transmit From This VLAN  = Enabled
             Reception By This VLAN   = Disabled
          Tracking of MAC Addresses   = Disabled
          VLAN Filter State           = Enabled
          VLAN Name                   = Ethernet A
          +++++++++++++++++++++++++++++++++++++++++++++++++++++
          IPX Network Number          = 0x3FF
          Bridge Port 1 (Interface 0) = Auto-Detect and Include
          Bridge Port 2 (Interface 1) = Auto-Detect and Include
          Age (expiration in minutes) = 5000
          IP-Cut-Through Status:
             Transmit From This VLAN  = Enabled
             Reception By This VLAN   = Enabled
          Tracking of MAC Addresses   = Disabled
          VLAN Filter State           = Disabled
          VLAN Name                   = Ethernet B

[ Top of Page | Previous Page | Next Page | Table of Contents | Index ]