L2 functions management
bridge
The command adds a network bridge to the system and switches to its configuration mode.
The use of a negative form (no) of the command removes the bridge.
Syntax
[no] bridge <BRIDGE-ID>
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
Required privilege level
10
Command mode
CONFIG
Example
Switch to network bridge 10 configuration mode:
esr(config)# bridge 10 esr(config-bridge)#
bridge-group
The command adds a current network interface to L2 domain.
The use of a negative form (no) of the command removes an interface from L2 domain.
Syntax
bridge-group <BRIDGE-ID> [tagged]
no bridge-group
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
tagged – key to direct tagged frames of a physical interface to a bridge. Applicable only on the physical interfaces of ESR-10/12V/12VF/14VF/20/21/100/200 routers.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
CONFIG-SUBIF
CONFIG-QINQ-IF
CONFIG-L2TPV3
CONFIG-GRE
CONFIG-SUBTUNNEL
CONFIG-OPENVPN
Example
esr(config-subif)# bridge-group 15
description
The command assigns the description of configured network bridge.
The use of a negative form (no) of the command removes a specified description.
Syntax
description <DESCRIPTION>
no description
Parameters
<DESCRIPTION> – network bridge description, set by the string of up to 255 characters.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# description "broadway"
enable
This command allows network bridge operation. The network bridge does not work without this command
The use of a negative form (no) of the command disables the data routing.
Syntax
[no] enable
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# enable
mac-address
The command specifies the MAC address of network bridge, physical or aggregated interface different from a system one.
The use of a negative form (no) of the command sets the default value.
Syntax
mac-address <ADDR>
no mac-address
Parameters
<ADDR> – network bridge MAC address, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF].
Default value
System MAC address.
Required privilege level
15
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
CONFIG-BRIDGE
Example
esr(config-bridge)# mac-address A8:F9:B0:00:00:04
ports vrrp filtering
In the current firmware version this functionality is supported only by ESR-1000/1200/1500/1510/1700 routers
The command prohibits the sending of VRRP messages in interfaces included in L2 domain.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] ports vrrp filtering {enable | exclude vlan}
Parameters
enable – enabling a prohibition to send VRRP messages in interfaces included in L2 domain;
exclude vlan – when specifying this parameter, VLAN is excluded from the filtration list.
Default value
VRRP messages filtration is disabled.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# ports vrrp filtering enable
protected-ports
In the current firmware version this functionality is supported only by ESR-1000/1200/1500/1510/1700 routers
The command switches a network bridge to interface isolation mode. In this mode, frame switching between network bridge members is prohibited.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] protected-ports [ exclude vlan ]
Parameters
exclude vlan – when specifying this parameter, VLAN is excluded from the isolated interfaces list.
Default value
Network bridge members are not isolated.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# protected-ports
show interfaces bridge
The command displays information on VLAN, interfaces and tunnels connected by the bridge.
Syntax
show interfaces bridge [<BRIDGE-ID>]
Parameters
<BRIDGE-ID> – bridge ID number, specified in the form described in Section Types and naming order of router interfaces.
Required privilege level
1
Command mode
ROOT
Example
esr# show interfaces bridge 1 Bridges Interfaces ---------- ---------------------------------------- bridge 1 vlan 1,gi1/0/1.10
Example
esr(config)# thresholds wifi-tunnels-number low 20
unknown-unicast-forwarding disable
In the current firmware version this functionality is supported only by ESR-1000/1200/1500/1510/1700 routers
The command prohibits the switching of unicast traffic with missing MAC addresses in the network bridge MAC table.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] unknown-unicast-forwarding disable
Parameters
The command does not contain parameters.
Default value
Unicast traffic switching with unknown MAC addresses is allowed.
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# unknown-unicast-forwarding disable
vlan
The command binds a current network bridge with VLAN. All ports that are members of the assigned VLAN are automatically included in the network bridge and become members of the shared L2 domain. To manage the network interface membership in VLAN, use the commands described in Section VLAN configuration and monitoring.
The use of a negative form (no) of the command removes VLAN binding and disconnects corresponding interfaces from a network bridge.
Syntax
vlan <VID>
no vlan
Parameters
<VID> – VLAN identifier, set in the range of [1..4095].
Required privilege level
10
Command mode
CONFIG-BRIDGE
Example
esr(config-bridge)# vlan 40
Spanning Tree management
In the current firmware version, this functionality is supported only by ESR-1000 router.
instance
The command generates the match between MSTP instance and VLAN groups.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] instance <INSTANCE> vlan <VID>
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<VID> – VLAN ID, set in the range of [1..4094].
Required privilege level
10
Command mode
CONFIG-MST
Example
esr(config-mst)#instance 5 vlan 10-250
name
The command specifies MSTP configuration name.
The use of a negative form (no) of the command sets the default value.
Syntax
name <NAME>
no name
Parameters
<NAME> – MSTP configuration name, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG-MST
Example
esr(config-mst)# name test
revision
The command specifies MSTP configuration revision.
The use of a negative form (no) of the command sets the default value.
Syntax
revision <NUM>
no revision
Parameters
<NUM> – MSTP configuration revision, set in the range of [0..65535].
Default value
0
Required privilege level
10
Command mode
CONFIG-MST
Example
esr(config-mst)#revision 5000
show spanning-tree
The command displays the detailed information on STP configuration for selected interface or the whole device.
Syntax
show spanning-tree { <IF> | bridge }
Parameters
<IF> – an interface or a group of interfaces is specified in the form described in Section Types and naming order of router interfaces;
bridge – command for displaying the device general information.
Required privilege level
1
Command mode
ROOT
Example
esr# show spanning-tree gigabitethernet 1/0/10 Port gi1/0/10 disabled State: BLK Port id: --- Type: --- Designated bridge Priority: --- Designated port id: --- Role: --- Port cost: --- Designated path cost: --- Address: --- Port Fast: --- esr# show spanning-tree bridge Protocol version: STP Root ID: [32768] 02:01:02:03:04:55 Root port: [128] gigabitethernet 1/0/14 Pathcost 4 Message Age 1 Hello time: 2 Max age time: 20 Forward delay: 15 Bridge ID: [32768] 02:20:03:A0:04:90 Hello time: 2 Max age time: 20 Forward delay: 15 Transmit hold count: 6 Topology change: 0 Time since topology change: 13736 Topology change count: 2 show
show spanning-tree active
The command displays information on STP configuration and information on active ports.
Syntax
show spanning-tree active
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show spanning-tree active Protocol version: RSTP Root ID: [32768] A8:F9:4B:83:52:C0 Root port: [128] gigabitethernet 1/0/20 Pathcost 20000 Message Age 1 Hello time: 2 Max age time: 20 Forward delay: 15 Bridge ID: [32768] A8:F9:4B:AA:03:00 Hello time: 2 Max age time: 20 Forward delay: 15 Transmit hold count: 6 Topology change: 0 Time since topology change: 2318 Topology change count: 1 Name State Prio.Num Cost Status Role Type ------------ ----- -------- --------- -------- -------- -------------- gi1/0/20 en 128.2318 20000 FRW Root RSTP
show spanning-tree bpdu
The command displays the mode of packet processing by BPDU interface.
Syntax
show spanning-tree bpdu
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show spanning-tree bpdu Global: filtering
spanning-tree
The command enables Spanning Tree family protocols (STP, RSTP, MSTP) on the router.
The use of a negative form (no) of the command disables Spanning Tree family protocols support.
Syntax
[no] spanning-tree
Parameters
The command does not contain parameters.
Default value
The protocol is enabled.
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree
spanning-tree bpdu
The command specifies the mode of packet processing by BPDU interface with disabled STP.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree bpdu <MODE>
no spanning-tree bpdu
Parameters
<MODE> – operation mode:
- filtering – BPDU packets are filtrated on the interface with disabled STP;
- flooding – untagged BPDU packets are transmitted on the interface with disabled STP, tagged ones are filtrated.
Default value
flooding
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree bpdu filtering
spanning-tree cost
The command sets the method of path cost evaluation.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree cost <COST>
no spanning-tree cost
Parameters
<COST> – path cost, set in the range of [1..20000000].
Default value
4
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree cost 115
spanning-tree disable
The command prohibits STP operation on a configured interface.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] spanning-tree disable
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree disable
spanning-tree forward-time
The command sets the time interval spent on listening to and examining states before switching to the 'transmitting' state.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree forward-time <TIME>
no spanning-tree forward-time
Parameters
<TIME> – time in seconds, takes values of [4..30].
Default value
15
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree forward-time 20
spanning-tree hello-time
The command sets the time interval between BPDU packets sending.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree hello-time <TIME>
no spanning-tree hello -time
Parameters
<TIME> – time in seconds, takes values of [1..10].
Default value
2
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree hello-time 20
spanning-tree link-type
The command sets RSTP to transmission state and defines type of connection for selected port – 'point-to-point', 'shared'.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree link-type {point-to-point | shared}
no spanning-tree link-type
Parameters
point-to-point – command defines an interface as 'point-to-point';
shared – command defines an interface as 'shared'.
Default value
point-to-point
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree link-type point-to-point
spanning-tree max-age
The command sets STP lifetime.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree max-age <TIME>
no spanning-tree max-age
Parameters
<TIME> – time in seconds, takes values of [6..40].
Default value
20
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree max-age 35
spanning-tree mode
The command selects supported protocol from STP family.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mode <MODE>
no spanning-tree mode
Parameters
<MODE> – STP family protocol:
- STP – IEEE 802.1D Spanning Tree Protocol;
- RSTP – IEEE 802.1W Rapid Spanning Tree Protocol;
- MSTP – IEEE 802.1s Multiple Spanning Trees.
Default value
RSTP
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree mode STP
spanning-tree mst
The command configures the priority for a certain MSTP instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> priority <PRIORITY>
no spanning-tree mst <INSTANCE> priority
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.
Default value
32768
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree mst 14 priority 4096
spanning-tree mst configuration
The command switches to MSTP parameters configuration mode.
Syntax
spanning-tree mst configuration
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree mst configuration esr(config-mst)#
spanning-tree mst port-priority cost
The command sets the method of path cost evaluation for MST instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> port-priority <PRIORITY> cost <COST>
no spanning-tree mst <INSTANCE>
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<PRIORITY> interface priority of the MST instance, specified in the range [0..240] in increments of 16;
<COST> – path cost, set in the range of [1..20000000].
Default value
<PRIORITY> – 0;
<COST> – 4.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree mst 1 cost 115
spanning-tree mst max-hops
The command sets the maximum amount of hops for BPDU packet that are required to build a tree and to keep its structure information. If the packet has already passed the maximum amount of hops, it is dropped on the next hop.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst max-hops <NUM>
no spanning-tree mst max-hops
Parameters
<NUM> – amount of hops, set in the range of [6..40].
Default value
20
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree mst max-hops 10
spanning-tree mst port-priority
The command sets the interface priority for MST instance.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree mst <INSTANCE> port-priority <PRIORITY>
no spanning-tree mst <INSTANCE> port-priority
Parameters
<INSTANCE> – MST instance ID, set in the range of [1..15];
<PRIORITY> – priority, set in the range of [0..240] in increments of 16.
Default value
128
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree port-priority 160
spanning-tree pathcost method
The command sets the method of path cost evaluation.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree pathcost method {short | long}
no spanning-tree pathcost method
Parameters
long – cost value in the range of [1..200000000];
short – cost value in the range of [1..65535].
Default value
short
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree pathcost method short
spanning-tree portfast
The command enables the mode in which the port, when the link is brought up, immediately switches to the transmission state without waiting for the timer to expire.
The use of a negative form (no) of the command disables the mode of immediate switch to the transmission state after the link is brought up.
Syntax
[no] spanning-tree portfast
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree portfast
spanning-tree port-priority
The command sets interface priority in spanning tree.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree port-priority <PRIORITY>
no spanning-tree port-priority
Parameters
<PRIORITY> – priority, set in the range of [0..240] in increments of 16.
Default value
128
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# spanning-tree port-priority 160
spanning-tree priority
The command configures spanning tree priority.
The use of a negative form (no) of the command sets the default value.
Syntax
spanning-tree priority <PRIORITY>
no spanning-tree priority
Parameters
<PRIORITY> – priority, set in the range of [0..61440] in increments of 4096.
Default value
32768
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# spanning-tree priority 4096
VLAN monitoring and configuration
force-up
The command enables VLAN activity mode regardless of the status of interfaces on which the VLAN’s frames processing is allowed.
The use of a negative form (no) of the command disables VLAN activity mode.
Syntax
[no] force-up
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-VLAN
Example
esr(config-vlan)# force-up
ip internal-usage-vlan
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command is used for VLAN redundancy for internal use on the interface.
The use of a negative form (no) of the command cancels the redundancy.
Syntax
ip internal-usage-vlan <VID>
no ip internal-usage-vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# ip internal-usage-vlan 1500
name
The command is used to add a VLAN description.
The use of a negative form (no) of the command sets the default value.
Syntax
name <NAME>
no name
Parameters
<NAME> – VLAN description, set by the string of up to 255 characters.
Default value
The description is not specified.
Required privilege level
10
Command mode
CONFIG-VLAN
Example
esr(config)# name L2-ACCESS
mac address
The command specifies MAC addresses range.
The use of a negative form (no) of the command removes an entry from a configured profile.
Syntax
[no] mac address <MAC-ADDR> <MAC-MASK>
Parameters
<MAC-ADDR> – MAC address, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF];
<MAC-MASK> – MAC address mask, defined as XX:XX:XX:XX:XX:XX where each part takes the values of [00..FF]. Mask bits, set to zero, specify MAC address bits excluded from the comparison when searching. Mask default value: FF:FF:FF:FF:FF:FF.
Required privilege level
10
Command mode
CONFIG-OBJECT-GROUP-MAC
Example
esr(config-object-group-mac)# mac address a8:f9:4b:80:e7:00 FF:FF:FF:FF:FF:00
show interfaces switch-port vlans
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command displays VLAN interface participation mode.
Syntax
show interfaces switch-port vlans [<IF>]
Parameters
<IF> – an interface's name, specified in the form described in Section Types and naming order of router interfaces.
You may specify several interfaces in the command. If interface indexes are not specified, then the information on all interfaces of a specified group will be shown. When executing a command without parameter, all physical interface information will be displayed.
Required privilege level
1
Command mode
ROOT
Example
esr# show interfaces switch-port vlans gigabitethernet 1/0/1-7 Interface PVID Frame types Ingress Tagged Untagged filtering --------- ---- ------------- --------- ----------- ----------- gi1/0/1 1 All yes 101 1 gi1/0/2 1 All yes 150-151 1 gi1/0/3 1 All yes none 1 gi1/0/4 1 All yes none 1 gi1/0/5 1 All yes 55 1 gi1/0/6 1 All yes none 1 gi1/0/7 1 All yes none 1 N/A – interface doesn't exist N/S – interface is not a 802.1Q bridge port ERR – can't get vlan setting for interface
show vlans
The command displays a certain VLAN information.
Syntax
show vlans [<VID>]
Parameters
<VID> – VLAN ID, takes the values of [1..4094].
You can specify several VLANs separated by commas ',' or you can specify the range of VLANs with '-'. When executing a command without parameter, all created VLANs will be displayed.
Required privilege level
1
Command mode
ROOT
Example
esr# show vlans VID Name Tagged Untagged ---- -------------------- ---------------------- ---------------------- 1 default gi1/0/3-4, gi1/0/6-24, po1 2 -- gi1/0/1, te1/0/1-2
show vlans internal-usage
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command displays the information on VLANs used by the system.
Syntax
show vlans internal-usage
Parameters
The command does not contain parameters.
Required privilege level
1
Command mode
ROOT
Example
esr# show vlans internal-usage Usage VID Reserved IP address -------- ---- -------- ---------- gi1/0/18 4088 No Active gi1/0/16 4089 No Active gi1/0/15 4090 No Active
switchport access vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200 routers only
The command includes/removes interface in/from VLAN in access operation mode.
Syntax
switchport access vlan <VID>
no switchport access vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport access vlan 50
switchport default-vlan tagged
The command changes the default VLAN interface membership for tagged one.
The use of a negative form (no) of the command changes the default VLAN interface membership for untagged one.
Syntax
[no] switchport default-vlan tagged
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport default-vlan tagged
switchport forbidden default-vlan
The command removes the interface from default VLAN.
The use of a negative form (no) of the command enables adding vlan on a port.
Syntax
[no] switchport forbidden default-vlan
Parameters
The command does not contain parameters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# no switchport forbidden default-vlan
switchport general acceptable-frame-type
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command sets the type of frames that can be received by the interface.
The use of a negative form (no) of the command sets the default value.
Syntax
switchport general acceptable-frame-type { tagged-only | all }
no switchport general acceptable-frame-type
Parameters
tagged-only – receive only tagged frames;
all – receive all frames.
Default value
all
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config)# switchport general acceptable-frame-type tagged-only
switchport general allowed vlan
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command includes/removes interface in/from VLAN in access operation mode.
Syntax
switchport general allowed vlan <ACT> <VID> [<TYPE>]
Parameters
<ACT> – allocated action:
- add – interface addition into VLAN;
- remove – interface removal from VLAN.
<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list;
<TYPE> – packet type:
- tagged – interface will send and receive packets as tagged in specified VLANs;
- untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.
Default value
If you do not specify the <TYPE> parameter, then the default is 'tagged'.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example 1
Exclude interface from VLAN 50 membership
esr(config-if-gi)# switchport general allowed vlan remove 50
Example 2
Include interface into VLAN 10-5- as tagged
esr(config-if-gi)# switchport general allowed vlan add 10-50
switchport general allowed vlan auto-all
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
This command enables the automatic addition of a port to all VLANs created on the router.
The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.
Syntax
[no] switchport general allowed vlan auto-all [ <TYPE> ]
Parameters
<TYPE> – packet type:
- tagged – interface will send and receive packets as tagged in specified VLANs;
- untagged – interface will send and receive packets as untagged in specified VLANs. The VLAN to which incoming untagged packets will be sent is configured using the switchport general pvid command described in switchport general pvid.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-IF-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport general allowed vlan auto-all
switchport general ingress-filtering disable
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
The command disables filtration of incoming packets on the basis of VLAN ID value assigned.
The use of a negative form (no) of the command enables the interface being configured.
Syntax
switchport general ingress-filtering disable
no switchport general ingress-filtering
Parameters
The command does not contain parameters.
Default value
Filtration is enabled.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport general ingress-filtering disable
switchport general macs-group
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile.
The use of a negative form (no) of the command removes a specified profile of dynamic authorization servers (DAS).
Syntax
switchport general macs-group <NAME> vlan <VID>
no switchport general macs-group <NAME>
Parameters
<NAME> – MAC addresses profile name, set by the string of up to 31 characters.
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport general macs-group OGM1 vlan 999
switchport general pvid
In the current firmware version this functionality is supported by ESR-1000/1200/1500/1510/1700 routers only
This command sets the VLAN Port ID (PVID) for incoming untagged traffic.
The use of a negative form (no) of the command sets the default value.
Syntax
switchport general pvid <VID>
no switchport general pvid
Parameters
<VID> – VLAN ID, set in the range of [1..4094].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport general pvid 999
switchport macs-group
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200 routers only
This command assigns a MAC address profile and maps the VLAN-ID to which packets will fall with the MAC address of the source that is part of the MAC address profile.
The use of a negative form (no) of the command removes the assignment of MAC addresses and VLAN ID.
Syntax
switchport macs-group <NAME> vlan <VID>
no switchport macs-group <NAME>
Parameters
<NAME> – MAC addresses profile name, set by the string of up to 31 characters.
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport macs-group OGM1 vlan 999
switchport trunk allowed vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200 routers only
The command includes/removes interface in/from VLAN in trunk operation mode.
Syntax
switchport trunk allowed vlan <ACT> <VID>
Parameters
<ACT> – allocated action:
- add – interface addition into VLAN;
- remove – interface removal from VLAN;
<VID> – VLAN ID, set in the range of [2..4094]. You can also specify it by the range with '-' or by comma-separated list.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport trunk allowed vlan add 10-50
switchport trunk allowed vlan auto-all
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200 routers only
This command enables the automatic addition of a port to all VLANs created on the router.
The use of the negative form of the command (no) disables the automatic addition of a port to all VLANs created on the router.
Syntax
[no] switchport trunk allowed vlan auto-all
Parameters
The command does not contain parameters.
Default value
Disabled.
Required privilege level
10
Command mode
CONFIG-IF-GI
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport trunk allowed vlan auto-all
switchport trunk native-vlan
In the current firmware version this functionality is supported by ESR-10/12V/12VF/14VF/20/21/100/200 routers only
The command adds/removes interface in/from VLAN in trunk operation mode. All untagged traffic arriving at this interface is routed to this VLAN.
Syntax
switchport trunk native-vlan <VID>
no switchport trunk native-vlan
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Default value
1
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-PORT-CHANNEL
Example
esr(config-if-gi)# switchport trunk native-vlan 55
vlan
The command adds a VLAN to the system and switches to its configuration mode. There is always a VLAN with ID 1 on the router, all interfaces are added by default in this VLAN.
The use of a negative form (no) of the command removes the VLAN.
Syntax
[no] vlan <VID>
Parameters
<VID> – VLAN ID, set in the range of [2..4094].
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# vlan 40
Voice-VLAN monitoring and configuration
application
This command configures the application that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of a negative form (no) of the command removes domain name for the router.
Syntax
application <APP-TYPE>
no application
Parameters
<APP-TYPE> – type of the application for which network-policy will be enabled. Takes the following values:
- voice;
- voice-signaling;
- guest-voice;
- guest-voice-signaling;
- softphone-voice;
- video-conferencing;
- streaming-video;
- video-signaling.
Default value
None
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
esr(config-net-policy)# application voice
dscp
This command configures DSCP value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the DSCP distribution for a specified network policy (network-policy).
Syntax
dscp <DSCP>
dscp
Parameters
<DSCP> – DSCP code value, takes values in the range of [0..63].
Default value
DSCP sending in LLDPDU-MED is disabled.
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
esr(config-net-policy)# dscp 62
lldp network-policy
This command assigns the network policy that created earlier to the interface (network-policy).
The use of negative form of the command (no) removes the previously assigned network policy from the interface.
LLDPDU messages described by the policy will be sent only if LLDP-MED support is enabled in the global configuration (see the command in section lldp med fast-start enable).
Syntax
[no] lldp network-policy <NAME>
Parameters
<NAME> – name of the policy being assigned, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG-GI
CONFIG-TE
Example
esr(config-if-gi) lldp network-policy ip-phones
network-policy
The command creates a network policy to the system and switches to its configuration mode.
The use of negative form of the command (no) removes the previously created network policy.
Syntax
[no] network-policy <NAME>
Parameters
<NAME> – name of the policy being created, set by the string of up to 31 characters.
Required privilege level
10
Command mode
CONFIG
Example
esr(config)# network-policy ip-phones
priority
This command configures COS value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the COS distribution for a specified network policy (network-policy).
Syntax
priority <COS>
no priority
Parameters
<COS> – priority value, takes the following values:
- best-effort – COS0;
- background – COS1;
- excellent-effort – COS2;
- critical-applications – COS3;
- video – COS4;
- voice – COS5;
- internetwork-control – COS6;
- network-control – COS7.
Default value
COS sending in LLDPDU-MED is disabled.
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
esr(config-net-policy)# priority voice
vlan
This command configures VLAN value that will be listed in the LLDP-MED packet when sending LLDPDU from interfaces on which network-policy is assigned.
The use of negative form of the command (no) removes the VLAN configuration for a specified network policy (network-policy).
Syntax
vlan <VID> [tagged]
Parameters
<VID> – VLAN ID, takes values of [1..4094];
tagged – key, during the installation of which, the subscriber device will send Ethernet frames of the specified application in a tagged form.
Default value
None
Required privilege level
10
Command mode
CONFIG-NET-POLICY
Example
esr(config-net-policy)# vlan 3258 tagged