L2 functions management

bridge

The command adds a network bridge to the system and switches to its configuration mode.

The use of a negative form (no) of the command removes the bridge.

Syntax

[no] bridge <BRIDGE-ID>

Parameters

<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.

Required privilege level

10

Command mode

CONFIG

Example

Switch to network bridge 10 configuration mode:

esr(config)# bridge 10
esr(config-bridge)#

CODE

bridge-group

The command adds a current network interface to L2 domain.

The use of a negative form (no) of the command removes an interface from L2 domain.

Syntax

bridge-group <BRIDGE-ID> [tagged]

no bridge-group

Parameters

<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.

tagged – key to direct tagged frames of a physical interface to a bridge. Applicable only on the physical interfaces of ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers.

Required privilege level

10

Command mode

CONFIG-IF-GI

CONFIG-IF-TE

CONFIG-PORT-CHANNEL

CONFIG-SUBIF

CONFIG-QINQ-IF

CONFIG-L2TPV3

CONFIG-GRE

CONFIG-SUBTUNNEL

CONFIG-OPENVPN

Example

esr(config-subif)# bridge-group 15

CODE

description

The command assigns the description of configured network bridge.

The use of a negative form (no) of the command removes a specified description.

Syntax

description <DESCRIPTION>

no description

Parameters

<DESCRIPTION> – network bridge description, set by the string of up to 255 characters.

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# description "broadway"

CODE

enable

This command allows network bridge operation. The network bridge does not work without this command

The use of a negative form (no) of the command disables the data routing.

Syntax

[no] enable

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# enable

CODE

mac-address

The command specifies the MAC address of network bridge, physical or aggregated interface different from a system one.

The use of a negative form (no) of the command sets the default value.

Syntax

mac-address <ADDR>

no mac-address

Parameters

<ADDR> – network bridge MAC address, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF].

Default value

System MAC address.

Required privilege level

15

Command mode

CONFIG-IF-GI

CONFIG-IF-TE

CONFIG-PORT-CHANNEL

CONFIG-BRIDGE

Example

esr(config-bridge)# mac-address A8:F9:B0:00:00:04

CODE

ports vrrp filtering

The command prohibits the sending of VRRP messages in interfaces included in L2 domain.

The use of a negative form (no) of the command sets the default value.

Syntax

[no] ports vrrp filtering {enable | exclude vlan}

Parameters

enable – enabling a prohibition to send VRRP messages in interfaces included in L2 domain;

exclude vlan – when specifying this parameter, VLAN is excluded from the filtration list.

Default value

VRRP messages filtration is disabled.

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# ports vrrp filtering enable

CODE

protected-ports

This command manages the isolation mode of the interfaces.

The use of a negative form (no) of the command sets the default value.

Syntax

protected-ports <MODE>

Parameters

<MODE> – interface isolation mode, may take the following values:

none – interface isolation disabled. In this mode, frame switching between network bridge members is allowed.
local – interface isolation is enabled. In this mode, frame switching between network bridge members is prohibited.
radius – interface isolation is enabled. To use this mode, the WiFi tunnel controller must be set to «radius» mode. In this mode, frame switching between network bridge members is prohibited, except for SoftGRE DATA tunnels. In this mode, frame switching between network bridge members is prohibited, except for SoftGRE DATA

Default value

none

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# protected-ports local

CODE

protected-ports exclude vlan

This command removes the VLAN assigned to the network bridge from the list of isolated interfaces in the bridge. This option is relevant when setting protected-ports mode other than the default value.

The use of a negative form (no) of the command sets the default value.

Syntax

[no] protected-ports exclude vlan

Parameters

None.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# protected-ports exclude vlan

CODE

show interfaces bridge

The command displays information on VLAN, interfaces and tunnels connected by the bridge.

Syntax

show interfaces bridge [<BRIDGE-ID>]

Parameters

<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.

Required privilege level

1

Command mode

ROOT

Example

esr# show interfaces bridge 1
Bridges      Interfaces
----------   ----------------------------------------
bridge 1     vlan 1,gi1/0/1.10

CODE

thresholds wifi-tunnels-number high

This functionality is supported only if you have a license for WiFi-controller

The command sets the upper alarm threshold in case of exceeding the number of softgre sub tunnels included in the bridge.

The use of a negative form (no) of the command sets the default value.

Syntax

thresholds wifi-tunnels-number high<NUM>
no thresholds wifi-tunnels-number high

Parameters

<NUM> – upper alarm threshold when exceeding the number of softgre sub tunnels included in the bridge, takes the value in the range of [1..1000]

Default value

950

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config)# thresholds wifi-tunnels-number high 200

CODE

thresholds wifi-tunnels-number low

This functionality is supported only if you have a license for WiFi-controller

The command sets the lower alarm threshold in case of exceeding the number of softgre sub tunnels included in the bridge.

The use of a negative form (no) of the command sets the default value.

Syntax

thresholds wifi-tunnels-number low <NUM>
no thresholds wifi-tunnels-number low

Parameters

<NUM> – lower alarm threshold when exceeding the number of softgre sub tunnels included in the bridge, takes the value in the range of [1..1000]

Default value

925

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config)# thresholds wifi-tunnels-number low 20

CODE

unknown-unicast-forwarding disable

The command prohibits the switching of unicast traffic with missing MAC addresses in the network bridge MAC table.

The use of a negative form (no) of the command sets the default value.

Syntax

[no] unknown-unicast-forwarding disable

Parameters

The command does not contain parameters.

Default value

Unicast traffic switching with unknown MAC addresses is allowed.

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-bridge)# unknown-unicast-forwarding disable

CODE

vlan

The command binds a current network bridge with VLAN. All ports that are members of the assigned VLAN are automatically included in the network bridge and become members of the shared L2 domain. To manage the network interface membership in VLAN, use the commands described in Section VLAN configuration and monitoring.

The use of a negative form (no) of the command removes VLAN binding and disconnects corresponding interfaces from a network bridge.

Syntax

vlan <VID>

no vlan

Parameters

<VID> – VLAN identifier, set in the range of [1..4095].

Required privilege level

10

Command mode

CONFIG-BRIDGE

Example

esr(config-vlan)# vlan 40

CODE

Spanning Tree management

In the current firmware version, this functionality is supported only by ESR-1000 router.

instance

The command generates the match between MSTP instance and VLAN groups.

The use of a negative form (no) of the command sets the default value.

Syntax

[no] instance <INSTANCE> vlan <VID>

Parameters

<INSTANCE> – MST instance ID, set in the range of [1..15];

<VID> – VLAN ID, set in the range of [1..4094].

Required privilege level

10

Command mode

CONFIG-MST

Example

esr(config-mst)#instance 5 vlan 10-250

CODE

name

The command specifies MSTP configuration name.

The use of a negative form (no) of the command sets the default value.

Syntax

name <NAME>

no name

Parameters

<NAME> – MSTP configuration name, set by the string of up to 31 characters.

Required privilege level

10

Command mode

CONFIG-MST

Example

esr(config-mst)# name test

CODE

revision

The command specifies MSTP configuration revision.

The use of a negative form (no) of the command sets the default value.

Syntax

revision <NUM>

no revision

Parameters

<NUM> – MSTP configuration revision, set in the range of [0..65535].

Default value

0

Required privilege level

10

Command mode

CONFIG-MST

Example

esr(config-mst)#revision 5000

CODE

show spanning-tree

The command displays the detailed information on STP configuration for selected interface or the whole device.

Syntax

show spanning-tree { <IF> | bridge }

Parameters

<IF> – physical or aggregated interface or a group of physical interfaces is specified in the form described in Section Types and naming order of router interfaces;

bridge – command for displaying the device general information.

Required privilege level

1

Command mode

ROOT

Example

esr# show spanning-tree gigabitethernet 1/0/10
Port gi1/0/10 disabled
State: BLK
Port id: ---
Type: ---
Designated bridge Priority: ---
Designated port id: ---
Role: ---
Port cost: ---
Designated path cost: ---
Address: ---
Port Fast: ---
esr# show spanning-tree bridge
Protocol version: STP
     Root ID: [32768] 02:01:02:03:04:55
               Root port: [128] gigabitethernet 1/0/14
               Pathcost 4
               Message Age 1
               Hello time: 2 Max age time: 20 Forward delay: 15
   Bridge ID: [32768] 02:20:03:A0:04:90
               Hello time: 2 Max age time: 20 Forward delay: 15
               Transmit hold count: 6 Topology change: 0
               Time since topology change: 13736 Topology change count: 2 show

CODE

show spanning-tree active

The command displays information on STP configuration and information on active ports.

Syntax

show spanning-tree active

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show spanning-tree active
Protocol version: RSTP
          Root ID: [32768] A8:F9:4B:83:52:C0
                    Root port: [128] gigabitethernet 1/0/20
                    Pathcost 20000
                    Message Age 1
                    Hello time: 2 Max age time: 20 Forward delay: 15
        Bridge ID: [32768] A8:F9:4B:AA:03:00
                    Hello time: 2 Max age time: 20 Forward delay: 15
                    Transmit hold count: 6 Topology change: 0
                    Time since topology change: 2318 Topology change count: 1
Name           State   Prio.Num   Cost        Status     Role       Type
------------   -----   --------   ---------   --------   --------   --------------
gi1/0/20       en      128.2318   20000       FRW        Root       RSTP

CODE

show spanning-tree bpdu

The command displays the mode of packet processing by BPDU interface.

Syntax

show spanning-tree bpdu

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show spanning-tree bpdu
Global: filtering

CODE

spanning-tree

The command enables Spanning Tree family protocols (STP, RSTP, MSTP) on the router.

The use of a negative form (no) of the command disables Spanning Tree family protocols support.

Syntax

[no] spanning-tree

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree

CODE

spanning-tree bpdu

Unlike other commands in the «Spanning Tree Management» section, this command is available on all ESR router models

The command specifies the mode of packet processing by BPDU interface with disabled STP.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree bpdu <MODE>

no spanning-tree bpdu

Parameters

<MODE> – operation mode:

filtering – BPDU packets are filtrated on the interface with disabled STP;
flooding – untagged BPDU packets are transmitted on the interface with disabled STP, tagged ones are filtrated.

Default value

flooding

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree bpdu filtering

CODE

spanning-tree cost

The command sets the method of path cost evaluation.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree cost <COST>

no spanning-tree cost

Parameters

<COST> – path cost, set in the range of [1..20000000].

Default value

4

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree cost 115

CODE

spanning-tree disable

The command prohibits STP operation on a configured interface.

The use of a negative form (no) of the command sets the default value.

Syntax

[no] spanning-tree disable

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree disable

CODE

spanning-tree forward-time

The command sets the time interval spent on listening to and examining states before switching to the 'transmitting' state.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree forward-time <TIME>

no spanning-tree forward-time

Parameters

<TIME> – time in seconds, takes values of [4..30].

Default value

15

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree forward-time 20

CODE

spanning-tree hello-time

The command sets the time interval between BPDU packets sending.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree hello-time <TIME>

no spanning-tree hello-time

Parameters

<TIME> – time in seconds, takes values of [1..10].

Default value

2

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree hello-time 20

CODE

spanning-tree link-type

The command sets RSTP to transmission state and defines type of connection for selected port – 'point-to-point', 'shared'.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree link-type {point-to-point | shared}

no spanning-tree link-type

Parameters

point-to-point – command defines an interface as 'point-to-point';

shared – command defines an interface as 'shared'.

Default value

point-to-point

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree link-type point-to-point

CODE

spanning-tree max-age

The command sets STP lifetime.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree max-age <TIME>

no spanning-tree max-age

Parameters

<TIME> – time in seconds, takes values of [6..40].

Default value

20

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree max-age 35

CODE

spanning-tree mode

The command selects supported protocol from STP family.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree mode <MODE>

no spanning-tree mode

Parameters

<MODE> – STP family protocol:

STP – IEEE 802.1D Spanning Tree Protocol;
RSTP – IEEE 802.1W Rapid Spanning Tree Protocol;
MSTP – IEEE 802.1s Multiple Spanning Trees.

Default value

RSTP

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree mode STP

CODE

spanning-tree mst

The command configures the priority for a certain MSTP instance.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree mst <INSTANCE> priority <PRIORITY>

no spanning-tree mst <INSTANCE> priority

Parameters

<INSTANCE> – MST instance ID, set in the range of [1..15];

<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.

Default value

32768

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree mst 14 priority 4096

CODE

spanning-tree mst configuration

The command switches to MSTP parameters configuration mode.

Syntax

spanning-tree mst configuration

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree mst configuration
esr(config-mst)#

CODE

spanning-tree mst cost

The command sets the method of path cost evaluation for MST instance.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree mst <INSTANCE> cost <COST>

no spanning-tree mst <INSTANCE>

Parameters

<INSTANCE> – MST instance ID, set in the range of [1..15];

<COST> – path cost, set in the range of [1..20000000].

Default value

4

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree mst 1 cost 115

CODE

spanning-tree mst max-hops

The command sets the maximum amount of hops for BPDU packet that are required to build a tree and to keep its structure information. If the packet has already passed the maximum amount of hops, it is dropped on the next hop.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree mst max-hops <NUM>

no spanning-tree mst max-hops

Parameters

<NUM> – amount of hops, set in the range of [6..40].

Default value

20

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree mst max-hops 10

CODE

spanning-tree mst port-priority

The command sets the interface priority for MST instance.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree mst <INSTANCE> port-priority <PRIORITY>

no spanning-tree mst <INSTANCE> port-priority

Parameters

<INSTANCE> – MST instance ID, set in the range of [1..15];

<PRIORITY> – priority, set in the range of [0..240] in increments of 16.

Default value

128

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree port-priority 160

CODE

spanning-tree pathcost method

The command sets the method of path cost evaluation.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree pathcost method {short | long}

no spanning-tree pathcost method

Parameters

long – cost value in the range of [1..200000000];

short – cost value in the range of [1..65535].

Default value

short

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree pathcost method short

CODE

spanning-tree portfast

The command enables the mode in which the port, when the link is brought up, immediately switches to the transmission state without waiting for the timer to expire.

The use of a negative form (no) of the command disables the mode of immediate switch to the transmission state after the link is brought up.

Syntax

[no] spanning-tree portfast

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree portfast

CODE

spanning-tree port-priority

The command sets interface priority in spanning tree.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree port-priority <PRIORITY>

no spanning-tree port-priority

Parameters

<PRIORITY> – priority, set in the range of [0..240] in increments of 16.

Default value

128

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# spanning-tree port-priority 160

CODE

spanning-tree priority

The command configures spanning tree priority.

The use of a negative form (no) of the command sets the default value.

Syntax

spanning-tree priority <PRIORITY>

no spanning-tree priority

Parameters

<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.

Default value

32768

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# spanning-tree priority 4096

CODE

VLAN monitoring and configuration

force-up

The command enables VLAN activity mode regardless of the status of interfaces on which the VLAN’s frames processing is allowed.

The use of a negative form (no) of the command disables VLAN activity mode.

Syntax

[no] force-up

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-VLAN

Example

esr(config-vlan)# force-up

CODE

ip internal-usage-vlan

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command is used for VLAN redundancy for internal use on the interface.

The use of a negative form (no) of the command cancels the redundancy.

Syntax

ip internal-usage-vlan <VID>

no ip internal-usage-vlan

Parameters

<VID> – VLAN ID, set in the range of [2..4094].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# ip internal-usage-vlan 1500

CODE

name

The command is used to add a VLAN description.

The use of a negative form (no) of the command sets the default value.

Syntax

name <NAME>

no name

Parameters

<NAME> – VLAN description, set by the string of up to 255 characters.

Default value

The description is not specified.

Required privilege level

10

Command mode

CONFIG-VLAN

Example

esr(config)# name L2-ACCESS

CODE

show interfaces switch-port vlans

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command displays VLAN interface participation mode.

Syntax

show interfaces switch-port vlans [<IF>]

Parameters

<IF> – a physical or aggregated interface's name specified in the form described in Section Types and naming order of router interfaces.

You may specify several interfaces in the command. If interface indexes are not specified, then the information on all interfaces of a specified group will be shown. When executing a command without parameter, all physical interface information will be displayed.

Required privilege level

1

Command mode

ROOT

Example

esr# show interfaces switch-port vlans gigabitethernet 1/0/1-7
Interface   PVID   Frame types     Ingress     Tagged        Untagged
                                   filtering
---------   ----   -------------   ---------   -----------   -----------
gi1/0/1     1      All             yes         101           1
gi1/0/2     1      All             yes         150-151       1
gi1/0/3     1      All             yes         none          1
gi1/0/4     1      All             yes         none          1
gi1/0/5     1      All             yes         55            1
gi1/0/6     1      All             yes         none          1
gi1/0/7     1      All             yes         none          1
N/A – interface doesn't exist
N/S – interface is not a 802.1Q bridge port
ERR – can't get vlan setting for interface

CODE

show vlans

The command displays a certain VLAN information.

Syntax

show vlans [<VID>]

Parameters

<VID> – VLAN ID, takes the values of [1..4094].

You can specify several VLANs separated by commas ',' or you can specify the range of VLANs with '-'. When executing a command without parameter, all created VLANs will be displayed.

Required privilege level

1

Command mode

ROOT

Example

esr# show vlans
VID    Name                   Tagged                   Untagged
----   --------------------   ----------------------   ----------------------
1      default                                         gi1/0/3-4, gi1/0/6-24,
                                                       po1
2      --                                              gi1/0/1, te1/0/1-2

CODE

show vlans internal-usage

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command displays the information on VLANs used by the system.

Syntax

show vlans internal-usage

Parameters

The command does not contain parameters.

Required privilege level

1

Command mode

ROOT

Example

esr# show vlans internal-usage
Usage      VID    Reserved   IP address
--------   ----   --------   ----------
gi1/0/18   4088   No         Active
gi1/0/16   4089   No         Active
gi1/0/15   4090   No         Active

CODE

switchport access vlan

In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only

The command includes/removes interface in/from VLAN in access operation mode.

Syntax

switchport access vlan <VID>

no switchport access vlan

Parameters

<VID> – VLAN ID, set in the range of [2..4094].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport access vlan 50

CODE

switchport default-vlan tagged

The command changes the default VLAN interface membership for tagged one.

The use of a negative form (no) of the command changes the default VLAN interface membership for untagged one.

Syntax

[no] switchport default-vlan tagged

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport default-vlan tagged

CODE

switchport forbidden default-vlan

The command removes the interface from default VLAN.

The use of a negative form (no) of the command enables adding vlan on a port.

Syntax

[no] switchport forbidden default-vlan

Parameters

The command does not contain parameters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# no switchport forbidden default-vlan

CODE

switchport general acceptable-frame-type

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command sets the type of frames that can be received by the interface.

The use of a negative form (no) of the command sets the default value.

Syntax

switchport general acceptable-frame-type { tagged-only | all }

no switchport general acceptable-frame-type

Parameters

tagged-only – receive only tagged frames;

all – receive all frames.

Default value

all

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config)# switchport general acceptable-frame-type tagged-only

CODE

switchport general allowed vlan

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command includes/removes interface in/from VLAN in access operation mode.

Syntax

switchport general allowed vlan <ACT> <VID> [<TYPE>]

Parameters

<ACT> – allocated action:

add – interface addition into VLAN;
remove – interface removal from VLAN.

<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list;

<TYPE> – packet type:

tagged – interface will send and receive packets as tagged in specified VLANs;
untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.

Default value

If you do not specify the <TYPE> parameter, then the default is 'tagged'.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example 1

Exclude interface from VLAN 50 membership

esr(config-if-gi)# switchport general allowed vlan remove 50

CODE

Example 2

Include interface into VLAN 10-5- as tagged

esr(config-if-gi)# switchport general allowed vlan add 10-50

CODE

switchport general allowed vlan auto-all

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

This command enables the automatic addition of an interface to all VLANs created on the router.

The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.

Syntax

[no] switchport general allowed vlan auto-all [ <TYPE> ]

Parameters

<TYPE> – packet type:

tagged – interface will send and receive packets as tagged in specified VLANs;
untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-IF-GI

CONFIG-IF-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport general allowed vlan auto-all

CODE

switchport general ingress-filtering disable

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

The command disables filtration of incoming packets on the basis of VLAN ID value assigned.

The use of a negative form (no) of the command enables the interface being configured.

Syntax

switchport general ingress-filtering disable

no switchport general ingress-filtering

Parameters

The command does not contain parameters.

Default value

Filtration is enabled.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport general ingress-filtering disable

CODE

switchport general macs-group

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile. Information about configuring profiles can be found in the Profiles management section.

The use of a negative form (no) of the command removes a specified profile of dynamic authorization servers (DAS).

Syntax

switchport general macs-group <NAME> vlan <VID>

no switchport general macs-group <NAME>

Parameters

<NAME> – MAC addresses profile name, set by the string of up to 31 characters.

<VID> – VLAN ID, set in the range of [2..4094].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport general macs-group OGM1 vlan 999

CODE

switchport general pvid

In the current firmware version this functionality is supported by ESR-1000/1200/1500/1511/1700 routers only

This command sets the VLAN Port ID (PVID) for incoming untagged traffic.

The use of a negative form (no) of the command sets the default value.

Syntax

switchport general pvid <VID>

no switchport general pvid

Parameters

<VID> – VLAN ID, set in the range of [1..4094].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport general pvid 999

CODE

switchport macs-group

In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only

This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile. Information about configuring profiles can be found in the Profiles management section.

The use of a negative form (no) of the command removes the assignment of MAC addresses and VLAN ID.

Syntax

switchport macs-group <NAME> vlan <VID>

no switchport macs-group <NAME>

Parameters

<NAME> – MAC addresses profile name, set by the string of up to 31 characters.

<VID> – VLAN ID, set in the range of [2..4094].

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport macs-group OGM1 vlan 999

CODE

switchport trunk allowed vlan

In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only

The command includes/removes interface in/from VLAN in trunk operation mode.

Syntax

switchport trunk allowed vlan <ACT> <VID>

Parameters

<ACT> – allocated action:

add – interface addition into VLAN;
remove – interface removal from VLAN;

<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport trunk allowed vlan add 10-50

CODE

switchport trunk allowed vlan auto-all

In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only

This command enables the automatic addition of a port to all VLANs created on the router.

The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.

Syntax

[no] switchport trunk allowed vlan auto-all

Parameters

The command does not contain parameters.

Default value

Disabled.

Required privilege level

10

Command mode

CONFIG-IF-GI

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport trunk allowed vlan auto-all

CODE

switchport trunk native-vlan

In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200/3100 routers only

The command adds/removes interface in/from VLAN in trunk operation mode. All untagged traffic arriving at this interface is routed to this VLAN.

Syntax

switchport trunk native-vlan <VID>

no switchport trunk native-vlan

Parameters

<VID> – VLAN ID, set in the range of [2..4094].

Default value

1

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-PORT-CHANNEL

Example

esr(config-if-gi)# switchport trunk native-vlan 55

CODE

vlan

The command adds a VLAN to the system and switches to its configuration mode. There is always a VLAN with ID 1 on the router, all interfaces are added by default in this VLAN.

The use of a negative form (no) of the command removes the VLAN.

Syntax

[no] vlan <VID>

Parameters

<VID> – VLAN ID, set in the range of [2..4094].

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# vlan 40

CODE

Voice-VLAN monitoring and configuration

application

This command configures the application that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.

The use of a negative form (no) of the command removes domain name for the router.

Syntax

application <APP-TYPE>

no application

Parameters

<APP-TYPE> – type of the application for which network-policy will be enabled. Takes the following values:

voice;
voice-signaling;
guest-voice;
guest-voice-signaling;
softphone-voice;
video-conferencing;
streaming-video;
video-signaling.

Default value

None

Required privilege level

10

Command mode

CONFIG-NET-POLICY

Example

esr(config-net-policy)# application voice

CODE

dscp

This command configures DSCP value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.

The use of negative form of the command (no) removes the DSCP distribution for a specified network policy (network-policy).

Syntax

dscp <DSCP>

dscp

Parameters

<DSCP> – DSCP code value, takes values in the range of [0..63].

Default value

DSCP sending in LLDPDU-MED is disabled.

Required privilege level

10

Command mode

CONFIG-NET-POLICY

Example

esr(config-net-policy)# dscp 62

CODE

lldp network-policy

This command assigns the network policy that created earlier to the interface (network-policy).

The use of negative form of the command (no) removes the previously assigned network policy from the interface.

LLDPDU messages described by the policy will be sent only if LLDP-MED support is enabled in the global configuration (see the command in section lldp med fast-start enable).

Syntax

[no] lldp network-policy <NAME>

Parameters

<NAME> – name of the policy being assigned, set by the string of up to 31 characters.

Required privilege level

10

Command mode

CONFIG-GI

CONFIG-TE

Example

esr(config-if-gi) lldp network-policy ip-phones

CODE

network-policy

The command creates a network policy to the system and switches to its configuration mode.

The use of negative form of the command (no) removes the previously created network policy.

Syntax

[no] network-policy <NAME>

Parameters

<NAME> – name of the policy being created, set by the string of up to 31 characters.

Required privilege level

10

Command mode

CONFIG

Example

esr(config)# network-policy ip-phones

CODE

priority

This command configures COS value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.

The use of negative form of the command (no) removes the COS distribution for a specified network policy (network-policy).

Syntax

priority <COS>

no priority

Parameters

<COS> – priority value, takes the following values:

best-effort – COS0;
background – COS1;
excellent-effort – COS2;
critical-applications – COS3;
video – COS4;
voice – COS5;
internetwork-control – COS6;
network-control – COS7.

Default value

COS sending in LLDPDU-MED is disabled.

Required privilege level

10

Command mode

CONFIG-NET-POLICY

Example

esr(config-net-policy)# priority voice

CODE

vlan

This command configures VLAN value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.

The use of negative form of the command (no) removes the VLAN configuration for a specified network policy (network-policy).

Syntax

vlan <VID> [tagged]

Parameters

<VID> – VLAN ID, takes values of [1..4094];

tagged – key, during the installation of which, the subscriber device will send Ethernet frames of the specified application in a tagged form.

Default value

None

Required privilege level

10

Command mode

CONFIG-NET-POLICY

Example

esr(config-net-policy)# vlan 3258 tagged

CODE