L2 functions management
L2 functions management
bridge
The command adds a network bridge to the system and switches to its configuration mode.
The use of a negative form (no) of the command removes the bridge.
Syntax
[no] bridge <BRIDGE-ID>
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
Required privilege level
10
Command mode
CONFIG
Example
Switch to network bridge 10 configuration mode:
bridge-group
The command adds a current network interface to L2 domain.
The use of a negative form (no) of the command removes an interface from L2 domain.
Syntax
bridge-group <BRIDGE-ID> [tagged]
no bridge-group
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
tagged – key to direct tagged frames of a physical interface to a bridge. Applicable only on the physical interfaces of ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-L2TPV3
CONFIG-GRE
CONFIG-SUBTUNNEL
CONFIG-OPENVPN
Example
description
The command assigns the description of configured network bridge.
The use of a negative form (no) of the command removes a specified description.
Syntax
description <DESCRIPTION>
no description
Parameters
<DESCRIPTION> – network bridge description, set by the string of up to 255 characters.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
enable
This command allows network bridge operation. The network bridge does not work without this command
The use of a negative form (no) of the command disables the data routing.
Syntax
[no] enable
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
mac-address
The command specifies the MAC address of network bridge, physical or aggregated interface different from a system one.
The use of a negative form (no) of the command sets the default value.
Syntax
mac-address <ADDR>
no mac-address
Parameters
<ADDR> – network bridge MAC address, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF].
Default value
System MAC address.
Required privilege level
15
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
ports vrrp filtering
The command prohibits the sending of VRRP messages in interfaces included in L2 domain.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] ports vrrp filtering {enable | exclude vlan}
Parameters
enable – enabling a prohibition to send VRRP messages in interfaces included in L2 domain;
exclude vlan – when specifying this parameter, VLAN is excluded from the filtration list.
Default value
VRRP messages filtration is disabled.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
protected-ports
This command manages the isolation mode of the interfaces.
The use of a negative form (no) of the command sets the default value.
Syntax
protected-ports <MODE>
Parameters
<MODE> – interface isolation mode, may take the following values:
- none – interface isolation disabled. In this mode, frame switching between network bridge members is allowed.
- local – interface isolation is enabled. In this mode, frame switching between network bridge members is prohibited.
- radius – interface isolation is enabled. To use this mode, the WiFi tunnel controller must be set to «radius» mode. In this mode, frame switching between network bridge members is prohibited, except for SoftGRE DATA tunnels. In this mode, frame switching between network bridge members is prohibited, except for SoftGRE DATA
Default value
none
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
protected-ports exclude vlan
This command removes the VLAN assigned to the network bridge from the list of isolated interfaces in the bridge. This option is relevant when setting protected-ports mode other than the default value.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] protected-ports exclude vlan
Parameters
None.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
show interfaces bridge
The command displays information on VLAN, interfaces and tunnels connected by the bridge.
Syntax
show interfaces bridge [<BRIDGE-ID>]
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
Required privilege level
1
Command mode
ROOT
Example
thresholds wifi-tunnels-number high
This functionality is supported only if you have a license for WiFi-controller
The command sets the upper alarm threshold in case of exceeding the number of softgre sub tunnels included in the bridge.
The use of a negative form (no) of the command sets the default value.
Syntax
thresholds wifi-tunnels-number high<NUM>
no thresholds wifi-tunnels-number high
Parameters
<NUM> – upper alarm threshold when exceeding the number of softgre sub tunnels included in the bridge, takes the value in the range of [1..1000]
Default value
950
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
thresholds wifi-tunnels-number low
This functionality is supported only if you have a license for WiFi-controller
The command sets the lower alarm threshold in case of exceeding the number of softgre sub tunnels included in the bridge.
The use of a negative form (no) of the command sets the default value.
Syntax
thresholds wifi-tunnels-number low <NUM>
no thresholds wifi-tunnels-number low
Parameters
<NUM> – lower alarm threshold when exceeding the number of softgre sub tunnels included in the bridge, takes the value in the range of [1..1000]
Default value
925
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
unknown-unicast-forwarding disable
The command prohibits the switching of unicast traffic with missing MAC addresses in the network bridge MAC table.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] unknown-unicast-forwarding disable
Parameters
The command does not contain parameters.
Default value
Unicast traffic switching with unknown MAC addresses is allowed.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
vlan
The command binds a current network bridge with VLAN. All ports that are members of the assigned VLAN are automatically included in the network bridge and become members of the shared L2 domain. To manage the network interface membership in VLAN, use the commands described in Section VLAN configuration and monitoring.
The use of a negative form (no) of the command removes VLAN binding and disconnects corresponding interfaces from a network bridge.
Syntax
vlan <VID>
no vlan
Parameters
<VID> – VLAN identifier, set in the range of [1..4095].
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
Spanning Tree management
In the current firmware version, this functionality is supported only by ESR-1000 router.
instance
The command generates the match between MSTP instance and VLAN groups.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] instance <INSTANCE> vlan <VID>
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<VID> – VLAN ID, set in the range of [1..4094].
Required privilege level
10
Command mode
CONFIG-MST
Example
name
The command specifies MSTP configuration name.
The use of a negative form (no) of the command sets the default value.
Syntax
name <NAME>
no name
Parameters
<NAME> – MSTP configuration name, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG-MST
Example
revision
The command specifies MSTP configuration revision.
The use of a negative form (no) of the command sets the default value.
Syntax
revision <NUM>
no revision
Parameters
<NUM> – MSTP configuration revision, set in the range of [0..65535].
Default value
0
Required privilege level
10
Command mode
CONFIG-MST
Example
show spanning-tree
The command displays the detailed information on STP configuration for selected interface or the whole device.
Syntax
show spanning-tree { <IF> | bridge }
Parameters
<IF> – physical or aggregated interface or a group of physical interfaces is specified in the form described in Section Types and naming order of router interfaces;
bridge – command for displaying the device general information.
Required privilege level
1
Command mode
ROOT
Example
show spanning-tree active
The command displays information on STP configuration and information on active ports.
Syntax
show spanning-tree active
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
show spanning-tree bpdu
The command displays the mode of packet processing by BPDU interface.
Syntax
show spanning-tree bpdu
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
spanning-tree
The command enables Spanning Tree family protocols (STP, RSTP, MSTP) on the router.
The use of a negative form (no) of the command disables Spanning Tree family protocols support.
Syntax
[no] spanning-tree
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree bpdu
Unlike other commands in the «Spanning Tree Management» section, this command is available on all ESR router models
The command specifies the mode of packet processing by BPDU interface with disabled STP.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree bpdu <MODE>
no spanning-tree bpdu
Parameters
<MODE> – operation mode:
- filtering – BPDU packets are filtrated on the interface with disabled STP;
- flooding – untagged BPDU packets are transmitted on the interface with disabled STP, tagged ones are filtrated.
Default value
flooding
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree cost
The command sets the method of path cost evaluation.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree cost <COST>
no spanning-tree cost
Parameters
<COST> – path cost, set in the range of [1..20000000].
Default value
4
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree disable
The command prohibits STP operation on a configured interface.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] spanning-tree disable
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree forward-time
The command sets the time interval spent on listening to and examining states before switching to the 'transmitting' state.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree forward-time <TIME>
no spanning-tree forward-time
Parameters
<TIME> – time in seconds, takes values of [4..30].
Default value
15
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree hello-time
The command sets the time interval between BPDU packets sending.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree hello-time <TIME>
no spanning-tree hello-time
Parameters
<TIME> – time in seconds, takes values of [1..10].
Default value
2
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree link-type
The command sets RSTP to transmission state and defines type of connection for selected port – 'point-to-point', 'shared'.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree link-type {point-to-point | shared}
no spanning-tree link-type
Parameters
point-to-point – command defines an interface as 'point-to-point';
shared – command defines an interface as 'shared'.
Default value
point-to-point
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree max-age
The command sets STP lifetime.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree max-age <TIME>
no spanning-tree max-age
Parameters
<TIME> – time in seconds, takes values of [6..40].
Default value
20
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree mode
The command selects supported protocol from STP family.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mode <MODE>
no spanning-tree mode
Parameters
<MODE> – STP family protocol:
- STP – IEEE 802.1D Spanning Tree Protocol;
- RSTP – IEEE 802.1W Rapid Spanning Tree Protocol;
- MSTP – IEEE 802.1s Multiple Spanning Trees.
Default value
RSTP
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree mst
The command configures the priority for a certain MSTP instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> priority <PRIORITY>
no spanning-tree mst <INSTANCE> priority
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.
Default value
32768
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree mst configuration
The command switches to MSTP parameters configuration mode.
Syntax
spanning-tree mst configuration
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree mst cost
The command sets the method of path cost evaluation for MST instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> cost <COST>
no spanning-tree mst <INSTANCE>
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<COST> – path cost, set in the range of [1..20000000].
Default value
4
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree mst max-hops
The command sets the maximum amount of hops for BPDU packet that are required to build a tree and to keep its structure information. If the packet has already passed the maximum amount of hops, it is dropped on the next hop.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst max-hops <NUM>
no spanning-tree mst max-hops
Parameters
<NUM> – amount of hops, set in the range of [6..40].
Default value
20
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree mst port-priority
The command sets the interface priority for MST instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> port-priority <PRIORITY>
no spanning-tree mst <INSTANCE> port-priority
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<PRIORITY> – priority, set in the range of [0..240] in increments of 16.
Default value
128
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree pathcost method
The command sets the method of path cost evaluation.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree pathcost method {short | long}
no spanning-tree pathcost method
Parameters
long – cost value in the range of [1..200000000];
short – cost value in the range of [1..65535].
Default value
short
Required privilege level
10
Command mode
CONFIG
Example
spanning-tree portfast
The command enables the mode in which the port, when the link is brought up, immediately switches to the transmission state without waiting for the timer to expire.
The use of a negative form (no) of the command disables the mode of immediate switch to the transmission state after the link is brought up.
Syntax
[no] spanning-tree portfast
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree port-priority
The command sets interface priority in spanning tree.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree port-priority <PRIORITY>
no spanning-tree port-priority
Parameters
<PRIORITY> – priority, set in the range of [0..240] in increments of 16.
Default value
128
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
spanning-tree priority
The command configures spanning tree priority.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree priority <PRIORITY>
no spanning-tree priority
Parameters
<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.
Default value
32768
Required privilege level
10
Command mode
CONFIG
Example
VLAN monitoring and configuration
force-up
The command enables VLAN activity mode regardless of the status of interfaces on which the VLAN’s frames processing is allowed.
The use of a negative form (no) of the command disables VLAN activity mode.
Syntax
[no] force-up
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-VLAN
Example
ip internal-usage-vlan
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command is used for VLAN redundancy for internal use on the interface.
The use of a negative form (no) of the command cancels the redundancy.
Syntax
ip internal-usage-vlan <VID>
no ip internal-usage-vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
name
The command is used to add a VLAN description.
The use of a negative form (no) of the command sets the default value.
Syntax
name <NAME>
no name
Parameters
<NAME> – VLAN description, set by the string of up to 255 characters.
Default value
The description is not specified.
Required privilege level
10
Command mode
CONFIG-VLAN
Example
show interfaces switch-port vlans
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command displays VLAN interface participation mode.
Syntax
show interfaces switch-port vlans [<IF>]
Parameters
<IF> – a physical or aggregated interface's name specified in the form described in Section Types and naming order of router interfaces.
You may specify several interfaces in the command. If interface indexes are not specified, then the information on all interfaces of a specified group will be shown. When executing a command without parameter, all physical interface information will be displayed.
Required privilege level
1
Command mode
ROOT
Example
show vlans
The command displays a certain VLAN information.
Syntax
show vlans [<VID>]
Parameters
<VID> – VLAN ID, takes the values of [1..4094].
You can specify several VLANs separated by commas ',' or you can specify the range of VLANs with '-'. When executing a command without parameter, all created VLANs will be displayed.
Required privilege level
1
Command mode
ROOT
Example
show vlans internal-usage
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command displays the information on VLANs used by the system.
Syntax
show vlans internal-usage
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
switchport access vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only
The command includes/removes interface in/from VLAN in access operation mode.
Syntax
switchport access vlan <VID>
no switchport access vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
switchport default-vlan tagged
The command changes the default VLAN interface membership for tagged one.
The use of a negative form (no) of the command changes the default VLAN interface membership for untagged one.
Syntax
[no] switchport default-vlan tagged
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport forbidden default-vlan
The command removes the interface from default VLAN.
The use of a negative form (no) of the command enables adding vlan on a port.
Syntax
[no] switchport forbidden default-vlan
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport general acceptable-frame-type
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command sets the type of frames that can be received by the interface.
The use of a negative form (no) of the command sets the default value.
Syntax
switchport general acceptable-frame-type { tagged-only | all }
no switchport general acceptable-frame-type
Parameters
tagged-only – receive only tagged frames;
all – receive all frames.
Default value
all
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport general allowed vlan
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command includes/removes interface in/from VLAN in access operation mode.
Syntax
switchport general allowed vlan <ACT> <VID> [<TYPE>]
Parameters
<ACT> – allocated action:
- add – interface addition into VLAN;
- remove – interface removal from VLAN.
<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list;
<TYPE> – packet type:
- tagged – interface will send and receive packets as tagged in specified VLANs;
- untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.
Default value
If you do not specify the <TYPE> parameter, then the default is 'tagged'.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example 1
Exclude interface from VLAN 50 membership
Example 2
Include interface into VLAN 10-5- as tagged
switchport general allowed vlan auto-all
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
This command enables the automatic addition of an interface to all VLANs created on the router.
The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.
Syntax
[no] switchport general allowed vlan auto-all [ <TYPE> ]
Parameters
<TYPE> – packet type:
- tagged – interface will send and receive packets as tagged in specified VLANs;
- untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
Example
switchport general ingress-filtering disable
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
The command disables filtration of incoming packets on the basis of VLAN ID value assigned.
The use of a negative form (no) of the command enables the interface being configured.
Syntax
switchport general ingress-filtering disable
no switchport general ingress-filtering
Parameters
The command does not contain parameters.
Default value
Filtration is enabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport general macs-group
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile. Information about configuring profiles can be found in the Profiles management section.
The use of a negative form (no) of the command removes a specified profile of dynamic authorization servers (DAS).
Syntax
switchport general macs-group <NAME> vlan <VID>
no switchport general macs-group <NAME>
Parameters
<NAME> – MAC addresses profile name, set by the string of up to 31 characters.
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport general pvid
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only
This command sets the VLAN Port ID (PVID) for incoming untagged traffic.
The use of a negative form (no) of the command sets the default value.
Syntax
switchport general pvid <VID>
no switchport general pvid
Parameters
<VID> – VLAN ID, set in the range of [1..4094].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport macs-group
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only
This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile. Information about configuring profiles can be found in the Profiles management section.
The use of a negative form (no) of the command removes the assignment of MAC addresses and VLAN ID.
Syntax
switchport macs-group <NAME> vlan <VID>
no switchport macs-group <NAME>
Parameters
<NAME> – MAC addresses profile name, set by the string of up to 31 characters.
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
switchport trunk allowed vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only
The command includes/removes interface in/from VLAN in trunk operation mode.
Syntax
switchport trunk allowed vlan <ACT> <VID>
Parameters
<ACT> – allocated action:
- add – interface addition into VLAN;
- remove – interface removal from VLAN;
<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
switchport trunk allowed vlan auto-all
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only
This command enables the automatic addition of a port to all VLANs created on the router.
The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.
Syntax
[no] switchport trunk allowed vlan auto-all
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-PORT-CHANNEL
Example
switchport trunk native-vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only
The command adds/removes interface in/from VLAN in trunk operation mode. All untagged traffic arriving at this interface is routed to this VLAN.
Syntax
switchport trunk native-vlan <VID>
no switchport trunk native-vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
vlan
The command adds a VLAN to the system and switches to its configuration mode. There is always a VLAN with ID 1 on the router, all interfaces are added by default in this VLAN.
The use of a negative form (no) of the command removes the VLAN.
Syntax
[no] vlan <VID>
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG
Example
Voice-VLAN monitoring and configuration
application
This command configures the application that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of a negative form (no) of the command removes domain name for the router.
Syntax
application <APP-TYPE>
no application
Parameters
<APP-TYPE> – type of the application for which network-policy will be enabled. Takes the following values:
- voice;
- voice-signaling;
- guest-voice;
- guest-voice-signaling;
- softphone-voice;
- video-conferencing;
- streaming-video;
- video-signaling.
Default value
None
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
dscp
This command configures DSCP value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the DSCP distribution for a specified network policy (network-policy).
Syntax
dscp <DSCP>
dscp
Parameters
<DSCP> – DSCP code value, takes values in the range of [0..63].
Default value
DSCP sending in LLDPDU-MED is disabled.
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
lldp network-policy
This command assigns the network policy that created earlier to the interface (network-policy).
The use of negative form of the command (no) removes the previously assigned network policy from the interface.
LLDPDU messages described by the policy will be sent only if LLDP-MED support is enabled in the global configuration (see the command in section lldp med fast-start enable).
Syntax
[no] lldp network-policy <NAME>
Parameters
<NAME> – name of the policy being assigned, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
Example
network-policy
The command creates a network policy to the system and switches to its configuration mode.
The use of negative form of the command (no) removes the previously created network policy.
Syntax
[no] network-policy <NAME>
Parameters
<NAME> – name of the policy being created, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG
Example
priority
This command configures COS value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the COS distribution for a specified network policy (network-policy).
Syntax
priority <COS>
no priority
Parameters
<COS> – priority value, takes the following values:
- best-effort – COS0;
- background – COS1;
- excellent-effort – COS2;
- critical-applications – COS3;
- video – COS4;
- voice – COS5;
- internetwork-control – COS6;
- network-control – COS7.
Default value
COS sending in LLDPDU-MED is disabled.
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
vlan
This command configures VLAN value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the VLAN configuration for a specified network policy (network-policy).
Syntax
vlan <VID> [tagged]
Parameters
<VID> – VLAN ID, takes values of [1..4094];
tagged – key, during the installation of which, the subscriber device will send Ethernet frames of the specified application in a tagged form.
Default value
None
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
- L2 functions management
- Spanning Tree management
- instance
- name
- revision
- show spanning-tree
- show spanning-tree active
- show spanning-tree bpdu
- spanning-tree
- spanning-tree bpdu
- spanning-tree cost
- spanning-tree disable
- spanning-tree forward-time
- spanning-tree hello-time
- spanning-tree link-type
- spanning-tree max-age
- spanning-tree mode
- spanning-tree mst
- spanning-tree mst configuration
- spanning-tree mst cost
- spanning-tree mst max-hops
- spanning-tree mst port-priority
- spanning-tree pathcost method
- spanning-tree portfast
- spanning-tree port-priority
- spanning-tree priority
- VLAN monitoring and configuration
- force-up
- ip internal-usage-vlan
- name
- show interfaces switch-port vlans
- show vlans
- show vlans internal-usage
- switchport access vlan
- switchport default-vlan tagged
- switchport forbidden default-vlan
- switchport general acceptable-frame-type
- switchport general allowed vlan
- switchport general allowed vlan auto-all
- switchport general ingress-filtering disable
- switchport general macs-group
- switchport general pvid
- switchport macs-group
- switchport trunk allowed vlan
- switchport trunk allowed vlan auto-all
- switchport trunk native-vlan
- vlan
- Voice-VLAN monitoring and configuration