Hewlett Packard Enterprise Aruba 2530 Advanced Traffic Management Manual

Aruba 2530 Advanced Trac Management Guide for ArubaOSSwitch 16.09

Part Number: 5200-5889a Published: September 2019 Edition: 2

Notices

The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.

Condential computer software. Valid license from Hewlett Packard Enterprise required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license.

Links to third-party websites take you outside the Hewlett Packard Enterprise website. Hewlett Packard Enterprise has no control over and is not responsible for information outside the Hewlett Packard Enterprise website.

Acknowledgments

Intel®, Itanium®, Optane®, Pentium®, Xeon®, Intel Inside®, and the Intel Inside logo are trademarks of Intel Corporation in the U.S. and other countries.

Microsoft® and Windows® are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.

Adobe® and Acrobat® are trademarks of Adobe Systems Incorporated.

Java® and Oracle® are registered trademarks of Oracle and/or its

UNIX® is a registered trademark of The Open Group.

aliates.

Chapter 1 About this guide.............................................................................12

Applicable products..................................................................................................................................... 12

Switch prompts used in this guide.............................................................................................................12

Chapter 2 VLANs............................................................................................... 13

Understanding VLANs .................................................................................................................................13

Static VLAN operation.................................................................................................................................. 14

VLAN environments.......................................................................................................................... 16

VLAN operation................................................................................................................................. 17

General VLAN operation....................................................................................................... 17

Types of static VLANs available in the switch..................................................................... 17

Multiple port-based VLANs...................................................................................................18

Protocol VLAN environment.................................................................................................19

Routing options for VLANs...............................................................................................................19

802.1Q VLAN tagging........................................................................................................................ 19

Introducing tagged VLANs into legacy networks running only untagged VLANs...........20

VLAN tagging rules.................................................................................................................21

Applying VLAN tagging.......................................................................................................... 23

Additional VLAN tagging considerations.............................................................................25

Multiple VLAN considerations......................................................................................................... 27

Single forwarding database operation................................................................................28

Switch performance is unreliable........................................................................................ 28

Connecting the Switch to another switch with a multiple forwarding database

(Example)................................................................................................................................ 29

Conguring VLANs........................................................................................................................................30

The number of VLANs allowed on a switch................................................................................... 30

Per-port static VLAN conguration options example................................................................... 31

Conguring port-based VLAN parameters.....................................................................................32

Using the CLI to congure port-based and protocol-based VLAN parameters.........................32

Creating a new static VLAN (port-based or protocol-based) (CLI) ...................................32

Conguring or changing static VLAN per-port settings (CLI)............................................ 34

Converting a dynamic VLAN to a static VLAN (CLI)............................................................ 35

Deleting a static VLAN (CLI)...................................................................................................36

Deleting multiple VLANs....................................................................................................... 36

Using IP enable/disable for all VLANs.............................................................................................37

Interaction with other features............................................................................................ 37

Interactions with DHCP......................................................................................................... 38

Changing the Primary VLAN (CLI).................................................................................................... 39

Conguring a secure Management VLAN (CLI)..............................................................................40

Preparation.............................................................................................................................40

Conguring an existing VLAN as the Management VLAN (CLI)........................................ 40

Obtaining an IP address using DHCP (CLI)..........................................................................41

Disabling the Management feature (CLI)............................................................................ 43

Changing the number of VLANs allowed on the switch (CLI).......................................................44

Displaying a switch VLAN conguration.................................................................................................... 44

Viewing the VLAN membership of one or more ports (CLI).........................................................45

Viewing the conguration for a particular VLAN (CLI).................................................................. 47

Customizing the show VLANs output (CLI).....................................................................................49

Using pattern matching with the show VLANs custom command.................................. 50

Contents 3

Creating an alias for show VLAN commands (CLI)........................................................................ 51

Conguring a VLAN MAC address with heartbeat interval......................................................................51

Displaying a VLAN MAC address conguration (CLI).....................................................................51

Using voice VLANs........................................................................................................................................ 52

Operating rules for voice VLANs..................................................................................................... 52

Components of voice VLAN operation........................................................................................... 52

Voice VLAN access security.............................................................................................................. 52

Prioritizing voice VLAN QoS (Optional)........................................................................................... 52

Special VLAN types....................................................................................................................................... 53

VLAN support and the default VLAN.............................................................................................. 53

The primary VLAN............................................................................................................................. 53

The secure Management VLAN....................................................................................................... 54

Operating notes for Management VLANs......................................................................................55

VLAN operating notes.................................................................................................................................. 56

Eects of VLANs on other switch features................................................................................................ 57

Spanning Tree operation with VLANs............................................................................................. 57

Spanning Tree operates dierently in dierent devices.............................................................. 58

IP interfaces............................................................................................................................ 58

VLAN MAC address................................................................................................................ 58

Port trunks..............................................................................................................................58

Port monitoring......................................................................................................................58

Jumbo packet support...........................................................................................................58

VLAN restrictions...............................................................................................................................58

Migrating Layer 3 VLANs using VLAN MAC conguration....................................................................... 59

VLAN MAC address reconguration................................................................................................59

Handling incoming and outgoing VLAN Trac..............................................................................59

Incoming VLAN data packets and ARP requests................................................................59

Outgoing VLAN trac ...........................................................................................................60

Sending heartbeat packets with a congured MAC Address....................................................... 60

Displaying a VLAN MAC address conguration (CLI).....................................................................60

Chapter 3 GVRP..................................................................................................62

About GVRP................................................................................................................................................... 62

GVRP operational rules.................................................................................................................... 62

Example of GVRP operation................................................................................................. 62

Options for a GVRP-aware port receiving advertisements.......................................................... 63

Options for a port belonging to a Tagged or Untagged static VLAN...........................................63

IP addressing..................................................................................................................................... 63

Per-port options for handling GVRP "unknown VLANs"...............................................................64

Per-port options for dynamic VLAN advertising and joining....................................................... 64

Initiating advertisements...................................................................................................... 64

Enabling a port for dynamic joins........................................................................................65

Parameters for controlling VLAN propagation behavior.................................................. 65

GVRP and VLAN access control....................................................................................................... 67

Advertisements and dynamic joins..................................................................................... 67

Port-Leave from a dynamic VLAN........................................................................................ 68

Using GVRP....................................................................................................................................................68

Planning for GVRP operation...........................................................................................................69

Displaying switch current GVRP conguration (CLI)..................................................................... 69

Displaying switch current GVRP conguration (CLI)..................................................................... 70

Enabling and disabling GVRP on the switch (CLI)..................................................................................... 70

Controlling how individual ports handle advertisements for new VLANs (CLI)....................................71

Listing static and dynamic VLANs on a GVRP-enabled switch (CLI)........................................................72

Converting a Dynamic VLAN to a Static VLAN (CLI).................................................................................. 73

4 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Chapter 4 Multiple VLAN Registration Protocol........................................ 74

Multiple VLAN Registration Protocol overview......................................................................................... 74

MVRP operating notes................................................................................................................................. 74

Listing static and dynamic VLANs on an MVRP-enabled switch............................................................. 75

Converting a dynamic VLAN to a static VLAN........................................................................................... 76

Viewing the current MVRP

show mvrp......................................................................................................................................... 76

show mvrp cong.................................................................................................................. 76

show mvrp state.................................................................................................................... 77

show mvrp statistics..............................................................................................................77

clear mvrp statistics.......................................................................................................................... 78

debug mvrp........................................................................................................................................78

Conguring MVRP........................................................................................................................................ 79

Enabling MVRP globally.................................................................................................................... 79

Enabling MVRP on an interface....................................................................................................... 79

MVRP timers..................................................................................................................................................80

Join Timer........................................................................................................................................... 80

mvrp join-timer...................................................................................................................... 80

Leave Timer........................................................................................................................................81

mvrp leave-timer....................................................................................................................81

LeaveAll Timer................................................................................................................................... 82

mvrp leaveall-timer................................................................................................................82

Periodic Timer................................................................................................................................... 83

mvrp periodic timer...............................................................................................................83

mvrp periodic-timer-enable................................................................................................. 83

MVRP registration modes............................................................................................................................84

mvrp registration...............................................................................................................................84

show tech mvrp ........................................................................................................................................... 84

MVRP limitations.......................................................................................................................................... 87

MVRP statistics..............................................................................................................................................88

conguration on a switch..............................................................................76

Chapter 5 Multimedia

Operation and features............................................................................................................................... 89

IGMP devices .....................................................................................................................................89

IGMP operating features..................................................................................................................90

CLI: Conguring and displaying IGMP........................................................................................................90

Web: Enabling and disabling IGMP............................................................................................................ 94

How IGMP operates..................................................................................................................................... 94

Message types................................................................................................................................... 94

IGMP multicasting............................................................................................................................. 94

Displaying IGMP data........................................................................................................................95

Supported standards and RFCs.......................................................................................................95

Operation with or without IP addressing ......................................................................................95

Automatic Fast-Leave IGMP............................................................................................................. 96

Using delayed group ush ...................................................................................................97

Forced Fast-Leave IGMP................................................................................................................... 98

Setting Fast-Leave and Forced Fast-Leave from the CLI................................................... 98

Setting Forced Fast-Leave using the MIB............................................................................ 98

Listing the MIB-Enabled Forced Fast-Leave conguration................................................99

Conguring per-port Forced Fast-Leave IGMP.................................................................100

Using the switch as querier.......................................................................................................................101

Querier operation........................................................................................................................... 101

Excluding multicast addresses from IP multicast ltering ................................................................... 101

trac control with IP multicast (IGMP).............89

Contents 5

Chapter 6 Multiple instance spanning tree operation...........................103

Overview of MSTP...................................................................................................................................... 103

MSTP structure................................................................................................................................105

How MSTP operates........................................................................................................................105

802.1s Multiple Spanning Tree Protocol (MSTP).....................................................................................105

MST regions..................................................................................................................................... 106

How separate instances

Regions, legacy STP and RSTP switches, and the Common Spanning Tree (CST)................... 108

MSTP operation with 802.1Q VLANs.............................................................................................108

MSTP compatibility with RSTP or STP...................................................................................................... 109

Preconguring an MSTP regional topology.............................................................................................109

Preconguring VLANs in an MST instance................................................................................... 110

Conguring MSTP instances with the VLAN range option (Example).......................................111

Saving the current conguration before a software upgrade................................................... 112

Types of Multiple Spanning Tree Instances.............................................................................................113

Planning an MSTP application.................................................................................................................. 113

Conguring MSTP at a glance................................................................................................................... 114

Conguring MSTP operation mode and global settings........................................................................116

Selecting MSTP as the spanning tree mode................................................................................ 116

Clearing spanning tree debug counters.......................................................................................116

Resetting the

Designating the revision number of the MST region for a switch.............................................116

Setting the spanning tree compatibility mode............................................................................117

Setting the time interval between listening, learning, and forwarding states.........................117

Setting spanning tree to operate in 802.1D legacy mode..........................................................118

Setting spanning tree to operate with 802.1D legacy path cost values................................... 118

Specifying the time interval between BPDU transmissions.......................................................118

Setting the hop limit for BPDUs.................................................................................................... 118

Setting the maximum age of received STP information............................................................ 119

Manipulating the pending MSTP conguration.......................................................................... 119

Setting the bridge priority for a region and determining the root switch............................... 119

Enabling SNMP traps...................................................................................................................... 120

Conguring MSTP per-port parameters..................................................................................................120

Enabling immediate transition to forwarding on end nodes.................................................... 120

Identifying edge ports automatically............................................................................................121

Specifying the interval between BPDU transmissions............................................................... 121

Forcing a port to send RST/MST BPDUs....................................................................................... 122

Determining which ports are forwarding ports by assigning port cost................................... 122

Informing the switch of the device type to which a port connects ..........................................122

Determining which port to use for forwarding........................................................................... 122

Denying a port the role of root port............................................................................................. 123

Denying a port propagation change information.......................................................................123

Congure MST instance ports parameters............................................................................................. 124

Create a new instance or map VLAN(s) to an existing one................................................................... 124

Enable event logging..................................................................................................................................124

Deleting an instance.................................................................................................................................. 124

Congure an existent instance.................................................................................................................124

MSTP Cong example.....................................................................................................................125

Downgrading to lower version build........................................................................................................125

Operating notes for the VLAN conguration enhancement.................................................................125

Conguring MST instance parameters.................................................................................................... 126

Setting the bridge priority for an instance.............................................................................................. 126

Assigning a port cost for an MST instance.............................................................................................. 127

Setting the priority for a port in a specied MST instance....................................................................127

conguration name of the MST region in which a switch resides.................... 116

aect MSTP........................................................................................... 107

6 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Setting the priority for specied ports for the IST..................................................................................128

Enabling or disabling spanning tree operation...................................................................................... 128

Enabling an entire MST region at once or exchanging one region conguration for

another.............................................................................................................................................129

Creating a pending MSTP conguration...................................................................................... 129

Viewing MSTP statistics..............................................................................................................................130

Viewing global MSTP status........................................................................................................... 130

Viewing detailed port information................................................................................................131

Viewing status for a specic MST instance.................................................................................. 132

Viewing the MSTP conguration...............................................................................................................133

Viewing the global MSTP conguration........................................................................................133

Viewing per-instance MSTP congurations................................................................................. 134

Viewing the region-level conguration......................................................................................... 135

Viewing the pending MSTP conguration....................................................................................136

MSTP operating rules.................................................................................................................................136

Troubleshooting an MSTP conguration.................................................................................................137

Viewing the change history of root bridges.................................................................................138

Enabling traps and viewing trap conguration........................................................................... 140

Viewing debug counters for all MST instances............................................................................140

Viewing debug counters for one MST instance ..........................................................................141

Viewing debug counters for ports in an MST instance...............................................................142

Field descriptions in MSTP debug command output................................................................. 143

Troubleshooting MSTP operation................................................................................................. 148

BPDU............................................................................................................................................................148

About BPDU protection..................................................................................................................148

Viewing BPDU protection status........................................................................................149

Conguring BPDU ltering.............................................................................................................150

Viewing BPDU ltering....................................................................................................................151

Conguring and managing BPDU protection.............................................................................. 151

Viewing BPDU protection status........................................................................................153

Re-enabling a port blocked by BPDU protection............................................................. 153

Enabling and disabling BPDU protection.....................................................................................153

Overview of MSTP BPDU throttling...............................................................................................154

Conguring MSTP BPDU throttling....................................................................................155

PVST............................................................................................................................................................. 156

PVST protection and ltering.........................................................................................................156

PVST protection....................................................................................................................156

PVST ltering........................................................................................................................ 157

Enabling and disabling PVST protection on ports.......................................................................157

Enabling and disabling PVST lters on ports............................................................................... 157

Re-enabling a port manually......................................................................................................... 158

Viewing ports congured with PVST protection and ltering....................................................158

Listing ports to see which have PVST protection or ltering enabled......................................158

Chapter 7 Loop protection............................................................................160

Conguring loop protection......................................................................................................................160

Enabling loop protection in port mode........................................................................................161

Enabling loop protection in VLAN mode......................................................................................162

Changing modes for loop protection........................................................................................... 162

Viewing loop protection status in port mode..............................................................................162

Viewing loop protection status in VLAN mode............................................................................163

STP loop guard................................................................................................................................ 163

Operating notes..........................................................................................................................................167

Contents 7

Chapter 8 Quality of Service (QoS): Managing bandwidth eectively

.............................................................................................................................168

Introduction to Quality of Service (QoS)..................................................................................................168

Using QoS to classify and prioritize network trac....................................................................168

Applying QoS to inbound trac at the network edge.................................................... 169

Preserving QoS in outbound trac in a VLAN................................................................. 169

Using QoS to optimize existing network resources.........................................................169

Overview of QoS settings.......................................................................................................................... 170

Classiers for prioritizing outbound packets.............................................................................. 172

Packet classiers and evaluation order........................................................................................172

Preparation for conguring QoS.............................................................................................................. 173

Preserving 802.1p priority..............................................................................................................173

Steps for conguring QoS on the switch......................................................................................174

Using classiers to congure QoS for outbound trac........................................................................ 175

Viewing the QoS conguration......................................................................................................175

No override......................................................................................................................................176

Global TCP/UDP classier.............................................................................................................. 177

Global QoS classier precedence: 1.................................................................................. 177

Global IP-device classier...............................................................................................................183

Global QoS classier precedence: 2.................................................................................. 183

Options for assigning priority............................................................................................ 183

QoS IP Type-of-Service (ToS) policy and priority..........................................................................183

Global QoS classier precedence: 3.................................................................................. 183

Assigning an 802.1p priority to IPv4 packets on the basis of the ToS precedence

bits......................................................................................................................................... 184

Assigning an 802.1p priority to IPv4 packets on the basis of incoming DSCP............. 185

Assigning a DSCP policy on the basis of the DSCP in IPv4 packets received from

upstream devices.................................................................................................................187

Details of QoS IP ToS........................................................................................................... 189

Global Layer-3 protocol classier..................................................................................................192

Global QoS classier precedence: 4.................................................................................. 192

Assigning a priority for a global Layer-3 protocol classier............................................192

QoS VLAN-ID (VID) priority............................................................................................................. 193

Global QoS classier precedence: 5.................................................................................. 193

Options for assigning priority............................................................................................ 193

Assigning a priority based on VLAN-ID............................................................................. 193

Assigning a DSCP policy based on VLAN-ID......................................................................195

QoS source-port priority................................................................................................................ 196

Global QoS classier precedence: 6.................................................................................. 196

Options for assigning priority on the switch.................................................................... 196

Options for assigning priority from a RADIUS server......................................................197

Assigning a priority based on source-port........................................................................197

Assigning a DSCP policy based on the source-port.........................................................198

Dierentiated Services Codepoint (DSCP) mapping.............................................................................. 200

Default priority settings for selected codepoints........................................................................201

Quickly listing non-default codepoint settings.................................................................201

Note on changing a priority setting.............................................................................................. 202

Changing the priority setting on a policy when one or more classiers are

currently using the policy (example)................................................................................. 203

IP Multicast (IGMP) interaction with QoS................................................................................................ 203

Outbound queue monitor.........................................................................................................................204

Displaying per-queue counts....................................................................................................................204

Conguring trac templates....................................................................................................................204

Displaying trac template information....................................................................................... 205

8 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Creating a trac template............................................................................................................. 205

Conguring trac groups within a trac template........................................................207

Moving a priority from one trac group to another.......................................................207

Applying a trac template.............................................................................................................208

Port QoS Trust Mode................................................................................................................................. 209

Conguration commands.............................................................................................................. 209

qos trust................................................................................................................................209

qos dscp-map.......................................................................................................................210

Show commands.............................................................................................................................210

show qos trust......................................................................................................................210

QoS queue conguration.......................................................................................................................... 211

Mapping of outbound port queues.............................................................................................. 212

Conguring the number of priority queues................................................................................ 212

Viewing the QoS queue conguration..........................................................................................213

QoS operating notes and restrictions......................................................................................................213

Chapter 9 Rapid per-VLAN spanning tree (RPVST+) operation.............215

Overview of RPVST+................................................................................................................................... 215

General steps for conguring RPVST+.....................................................................................................215

Conguring RPVST+ at a glance................................................................................................................216

Selecting RPVST+ as the spanning tree mode............................................................................. 217

Conguring global spanning tree..................................................................................................217

Conguring per-VLAN spanning tree............................................................................................218

Conguring per-port per-VLAN spanning tree............................................................................ 219

Conguring per-port spanning tree..............................................................................................220

Enabling or disabling RPVST+ spanning tree...............................................................................221

Allowing trac on VLAN ID (PVID) mismatched links............................................................................ 222

Conguring STP loop guard...................................................................................................................... 223

About RPVST+............................................................................................................................................. 226

Comparing spanning tree options................................................................................................226

Understanding how RPVST+ operates..........................................................................................227

Working with the default RPVST+ conguration..............................................................229

RPVST+ operating notes.................................................................................................................229

Viewing RPVST+ statistics and conguration.......................................................................................... 231

Viewing global and VLAN spanning tree status...........................................................................231

Viewing status for a specic VLAN................................................................................................ 231

Viewing status for a specic port list............................................................................................ 232

Viewing status per-port per-VLAN ................................................................................................233

Viewing the global RPVST+ conguration.................................................................................... 233

Viewing the global RPVST+ conguration per port..................................................................... 234

Viewing the global RPVST+ conguration per port per VLAN....................................................234

Viewing the global RPVST+ conguration per VLAN................................................................... 235

Viewing BPDU status and related information............................................................................236

Viewing RPVST+ VLAN and vPort system limits................................................................237

Troubleshooting an RPVST+ conguration..............................................................................................240

Viewing the change history of root bridges.................................................................................240

Enabling traps and Viewing trap conguration........................................................................... 241

Viewing debug counters for all VLAN instances..........................................................................242

Viewing debug counters per-VLAN............................................................................................... 242

Viewing debug counters per-port per-VLAN................................................................................243

Field descriptions for RPVST+ debug command output............................................................ 244

RPVST+ event log messages.......................................................................................................... 245

Using RPVST+ debug.......................................................................................................................246

Contents 9

Chapter 10 Switch Stack Management......................................................248

Introduction to switch management....................................................................................................... 248

Conguring stack management............................................................................................................... 248

Options for conguring a commander and candidates.............................................................248

Creating a stack (Overview).......................................................................................................................250

Viewing stack status (CLI).......................................................................................................................... 251

Viewing the status of an individual switch.............................................................................................. 251

Viewing the status of candidates the Commander has detected (CLI)................................................251

Viewing the status of all stack-enabled switches discovered in the IP subnet (CLI)...........................252

Viewing the status of the Commander and current members of the Commander’s stack (CLI)..... 252

Conguring a Commander switch (CLI)...................................................................................................252

Making a switch a Commander (CLI)....................................................................................................... 253

Using a Member’s CLI to make the Member Commander of a new stack..........................................254

Adding to a stack, or moving switches between stacks (CLI)................................................................254

Using auto join on a Candidate (CLI)........................................................................................................256

Using a Candidate CLI to push the Candidate into a stack................................................................... 256

Using the destination Commander CLI to pull a member from another stack..................................257

Using a Member CLI to push the Member into another stack............................................................. 258

Converting a Commander to a Member of another stack (CLI)........................................................... 258

Removing a Member from a stack (CLI)...................................................................................................259

Removing a stack Member using the Commander’s CLI............................................................259

Removing a stack Member using the Member’s CLI...................................................................259

Accessing Member switches for

Disabling or re-enabling stacking (CLI).................................................................................................... 261

Setting the transmission interval (CLI).....................................................................................................261

Using the Commander to manage the stack.......................................................................................... 261

About stack management......................................................................................................................... 261

Components of Switch stack management.................................................................................262

General stacking operation............................................................................................................262

Interface options..................................................................................................................263

Operating rules for stacking.......................................................................................................... 263

General rules........................................................................................................................263

Specic rules for commander, candidate, and member switch.................................... 265

Stacking operation with multiple VLANs congured.................................................................. 266

Status messages..............................................................................................................................266

SNMP community operation in a stack........................................................................................267

Community Membership....................................................................................................267

SNMP management station access to members via the Commander......................... 268

conguration changes and trac monitoring (CLI)....................... 260

Chapter 11 BYOD-redirect.............................................................................269

Introduction to BYOD-redirect..................................................................................................................269

BYOD features............................................................................................................................................ 270

Interoperability with other switch features................................................................................. 271

Interoperability with other vendors.................................................................................. 272

Restrictions...................................................................................................................................... 272

Conguring BYOD...................................................................................................................................... 272

Creating a BYOD server..................................................................................................................272

Associating a BYOD server..................................................................................................272

Creating a BYOD ACL rule................................................................................................... 273

Implementing BYOD-redirect conguration.....................................................................274

Show commands.............................................................................................................................278

Show portal server.............................................................................................................. 278

Associating with the BYOD server on a specied VLAN............................................................. 280

10 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Chapter 12 Smart link....................................................................................281

Overview of smart link...............................................................................................................................281

Smart link

Show smart link group...............................................................................................................................283

Show smart link ush-statistics................................................................................................................ 284

Show receive control..................................................................................................................................284

Show tech smart link..................................................................................................................................284

Clear command.......................................................................................................................................... 285

Event Log..................................................................................................................................................... 285

conguration commands....................................................................................................... 282

Create a smart link group.............................................................................................................. 282

Congure VLANs............................................................................................................................. 282

Enable debug...................................................................................................................................282

Conguration example...................................................................................................................283

Chapter 13 Websites...................................................................................... 286

Chapter 14 Support and other resources..................................................287

Accessing Hewlett Packard Enterprise Support..................................................................................... 287

Accessing updates......................................................................................................................................287

Customer self repair.................................................................................................................................. 288

Remote support......................................................................................................................................... 288

Warranty information................................................................................................................................288

Regulatory information............................................................................................................................. 289

Documentation feedback..........................................................................................................................289

Contents 11

Chapter 1

About this guide

This guide provides information on how to congure trac management features.

Applicable products

This guide applies to these products:

Aruba 2530 Switch Series (J9772A, J9773A, J9774A, J9775A, J9776A, J9777A, J9778A, J9779A, J9780A, J9781A, J9782A, J9783A, J9853A, J9854A, J9855A, J9856A, JL070A)

Switch prompts used in this guide

Examples in this guide are representative and may not match your particular switch/environment. Examples use simplied prompts as follows:

Prompt Explanation

switch#

switch>

switch(config)#

switch(vlan-x)#

switch(eth-x)#

switch-Stack#

switch-Stack(config)#

switch-Stack(stacking)#

switch-Stack(vlan-x)#

switch-Stack(eth-x/y)#

# indicates manager context (authority).

> indicates operator context (authority).

(config) indicates the cong context.

(vlan-x) indicates the vlan context of cong,

where x represents the VLAN ID. For example:

switch(vlan-128)#.

(eth-x) indicates the interface context of cong, where x represents the interface. For example: switch(eth-48)#.

Stack indicates that stacking is enabled.

Stack(config) indicates the cong context while

stacking is enabled.

Stack(stacking) indicates the stacking context of cong while stacking is enabled.

Stack(vlan-x) indicates the vlan context of cong while stacking is enabled, where x represents the VLAN ID. For example: switch-

Stack(vlan-128)#.

Stack(eth-x/y) indicates the interface context of

cong, in the form (eth-<member-in-stack>/ <interface>). For example: switch(eth-1/48)#

12 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Chapter 2

VLANs

Understanding VLANs

Aruba-OS wired switches are 802.1Q VLAN-enabled. In the factory default state, the switch is enabled for up to 256 VLANs. You can recongure the switch to support more VLANs. The maximum VLANs allowed varies according to the switch series.

A group of networked ports assigned to a VLAN form a broadcast domain congured on the switch. On a given switch, packets are bridged between source and destination ports that belong to the same VLAN.

VLANs enable grouping users by logical function not physical location. They manage bandwidth usage in networks by:

• Enabling grouping high-bandwidth users on low-trac segments.

• Organizing users from dierent LAN segments according to their need for common resources and individual protocols.

• Improving trac control at the edge of networks by separating trac of dierent protocol types.

• Enhancing network security by creating subnets to control in-band access to specic network resources.

• Cross-domain broadcast trac in the switch is eliminated and bandwidth saved by not allowing packets to ood out all ports.

When conguring VLANs, you will need to plan your VLAN strategy as follows:

Procedure

1. Congure static VLANs with:

• a name

• VLAN ID number (VID)

• port members

2. Include port conguration planning to use dynamic VLANs.

3. Create a map of the logical topology.

4. Create a map of the physical topology.

5. Consider the interaction between VLANs and other features:

• Spanning Tree Protocol

• port trunking

• IGMP

6. Congure at least one VLAN in addition to the default VLAN.

7. Congure all ports that pass trac for a particular subnet address on the same VLAN.

Chapter 2 VLANs 13

8. Assign the desired switch ports to the new VLANs.

9. Ensure that the VLAN through which you manage the switch has an IP address, if you are managing

VLANs with SNMP in an IP network.

For information on the restrictions when you congure an IP address on a VLAN interface, see the "Comparing port based and protocol based VLAN" table in Static VLAN operation.

Static VLAN operation

Static VLANs are GVRP. 802.1Q compatibility enables you to assign each switch port to multiple VLANs.

congured with a name, VLAN ID number (VID) and port members. For dynamic VLANs, see

14 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Table 1: Port based and protocol based VLAN

Function Port-Based VLANs Protocol-Based VLANs

IP Addressing Usually congured with at least one

unique IP address.

A port-based VLAN can have no IP address. However, this limits switch features available to ports on that VLAN. See "How IP addressing aects switch operation" in the chapter "Conguring IP Addressing" in the Basic Operation Guide for the switch.

Multiple IP addresses allow multiple subnets within the same VLAN. See the chapter on "Conguring IP Addressing" in the ArubaOS-Switch Basic Operation Guide for the switch.

Untagged VLAN Membership

A port can be a member of one untagged, port-based VLAN. All other port-based VLAN assignments for that port must be tagged.

You can congure IP addresses on all protocol VLANs, but IP addressing is used only on IPv4 and IPv6 VLANs.

Restrictions:

Loopback interfaces share the same IP address space with VLAN congurations.

The maximum number of IP addresses supported on a switch is 2048; this includes all IP addresses congured for both VLANs and loopback interfaces (except for the default loopback IP address 127.0.0.1).

Each IP address congured on a VLAN interface must be unique in the switch; it cannot be used by a VLAN interface or another loopback interface.

For more information, see the chapter on "Conguring IP Addressing" in the ArubaOS-Switch Basic Operation Guide.

A port can be an untagged member of one protocol VLAN of a specic protocol type, such as IPX or IPv6. If the same protocol type is congured in multiple protocol VLANs, then a port can be an untagged member of only one of those. For example, if you have two protocol VLANs, 100 and 200 and both include IPX, then a port can be an untagged member of either VLAN 100 or VLAN 200, but not both.

A port's untagged VLAN memberships can include up to four dierent protocol types. It can be an untagged member of one of the following:

• Four single-protocol VLANs

• Two protocol VLANs where one VLAN includes a single protocol and the other includes up to three protocols

• One protocol VLAN where the VLAN includes four protocols.

Table Continued

Chapter 2 VLANs 15

Function Port-Based VLANs Protocol-Based VLANs

Tagged VLAN Membership

Routing If the switch conguration enables IP

A port can be a tagged member of any port-based VLAN.

routing, the switch can internally route IP (IPv4) trac between port-based VLANs and between port-based and IPv4 protocol-based VLANs.

If the switch is not congured to route trac internally between port-based VLANs, then an external router must be used to move trac between VLANs.

A port can be a tagged member of any protocol-based VLAN.

If the switch conguration enables IP routing, the switch can internally route IPv4 trac as follows:

• Between multiple IPv4 protocol-based VLANs

• Between IPv4 protocol-based VLANs and port-based VLANs.

Other protocol-based VLANs require an external router for moving trac between VLANs.

NOTE: NETbeui and SNA are non-routable protocols. End stations intended to receive trac in these protocols must be attached to the same physical network.

Commands for Conguring Static VLANs

vlan <vid> {tagged | untagged <port-list>}

vlan <vid> protocol {ipx | ipv4 | ipv6 | arp | appletalk | sna | netbeui}

vlan <vid> {tagged | untagged <port-list>}

VLAN environments

You can congure dierent VLAN types in any combination. The default VLAN will always be present. For more on the default VLAN, see VLAN support and the default VLAN.

16 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

VLAN environment Elements

The default VLAN (portbased; VID of 1) only

Multiple VLAN environment In addition to the default VLAN, the conguration can include one or

In the default VLAN conguration, all ports belong to VLAN 1 as untagged members.

VLAN 1 is a port-based VLAN.

more other port-based VLANs and one or more protocol VLANs.

The maximum VLANs allowed on a switch vary according to the switch. For details on the maximum VLANs allowed for your switch, see Changing the number of VLANs allowed on the switch (CLI) on page 44.

UsingVLAN tagging, ports can belong to multiple VLANs of all types.Enabling routing on the switch enables it to route IPv4 and IPv6 trac between port-based VLANs and between port-based VLANs and IPv4 protocol VLANs. Routing other types of trac between VLANs requires an external router capable of processing the appropriate protocols.

VLAN operation

General VLAN operation

• A VLAN is composed of multiple ports operating as members of the same subnet or broadcast domain.

• Ports on multiple devices can belong to the same VLAN.

• Trac moving between ports in the same VLAN is bridged (or switched).

• Trac moving between dierent VLANs must be routed.

• A static VLAN is an 802.1Q-compliant VLAN, congured with one or more ports that remain members regardless of trac usage.

• A dynamic VLAN is an 802.1Q-compliant VLAN membership that the switch temporarily creates on a port to provide a link to another port either in the same VLAN on another device.

Types of static VLANs available in the switch Port-based VLANs

This type of static VLAN creates a specic layer-2 broadcast domain comprised of member ports that bridge trac among themselves. Port-Based VLAN trac is routable on the switches covered in this guide.

Protocol-based VLANs

This type of static VLAN creates a layer-3 broadcast domain for trac of a particular protocol and is composed of member ports that bridge trac of the specied protocol type among themselves. Some protocol types are routable on the switches covered in this guide.

Designated VLANs

The switch uses these static, port-based VLAN types to separate switch management trac from other network trac. While these VLANs are not limited to management trac, they provide improved security and availability.

Chapter 2 VLANs 17

Default VLAN:

This port-based VLAN is always present in the switch and, in the default conguration, includes all ports as members. See VLAN support and the default VLAN on page 53.

Except for an IP address and subnet, no conguration steps are needed.

A switch in the default VLAN conguration

In this example, devices connected to these ports are in the same broadcast domain.

Primary VLAN:

The switch uses this port-based VLAN to run certain features and management functions, including DHCP/ Bootp responses for switch management. In the default conguration, the Default VLAN is also the Primary VLAN. However, any port-based, non-default VLAN can be designated the Primary VLAN. See The primary

VLAN on page 53.

Secure Management VLAN:

This optional, port-based VLAN establishes an isolated network for managing switches that support this feature. Access to this VLAN and to the switch's management functions are available only through ports

congured as members. See The primary VLAN on page 53.

Voice VLANs:

This optional, port-based VLAN type enables separating, prioritizing, and authenticating voice trac moving through your network, avoiding the possibility of broadcast storms aecting VoIP Voice-over-IP) operation. See Using voice VLANs on page 52.

NOTE: In a multiple-VLAN environment that includes older switch models there may be problems related to the same MAC address appearing on dierent ports and VLANs on the same switch. In such cases, the solution is to impose cabling and VLAN restrictions. For more on this topic, see Multiple VLAN considerations on page 27.

Multiple port-based VLANs

In the following example, routing within the switch is disabled (the default). Thus, communication between any routable VLANs on the switch must go through the external router. In this case, VLANs W and X can exchange trac through the external router, but trac in VLANs Y and Z is restricted to the respective VLANs.

VLAN 1(the default) is present but not shown. The default VLAN cannot be deleted from the switch, but ports assigned to other VLANs can be removed from the default VLAN. If internal (IP) routing is enabled on the switch, then the external router is not needed for trac to move between port-based VLANs.

18 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

A switch with multiple VLANs congured and internal routing disabled

Protocol VLAN environment

The

gure in Multiple port-based VLANs illustrates a protocol VLAN environment also. In this case, VLANs

W and X represent routable protocol VLANs. VLANs Y and Z can be any protocol VLAN.

As noted for the discussion of multiple port-based VLANs, VLAN 1 is not shown. Enabling internal (IP) routing on the switch allows IP trac to move between VLANs on the switch, but routable, non-IP trac always requires an external router.

Routing options for VLANs

Table 2: Options for routing between VLAN types in the switch

Note that SNA and NETbeui are not routable protocol types. End stations intended to receive trac in these protocols must be attached to the same physical network.

PortBased

Port-Based Yes — Yes — — — — —

Protocol IPX — Yes — — — — — —

IPX4 Yes — Yes — — — — —

IPV6 — — — Yes

ARP — — — — Yes

AppleTalk — — — — — Yes

SNA — — — — — — — —

NETbeui — — — — — — — —

IPX IPv4 IPv6 ARP AppleTalk SNA NETbeui

— — — —

— — —

— —

802.1Q VLAN tagging

A port can be a member of more than one VLAN of the same type if the device to which the port connects complies with the 802.1Q VLAN standard.

For example, a port connected to a central server using a network interface card (NIC) that complies with the

802.1Q standard can be a member of multiple VLANs, allowing members of multiple VLANs to use the

server.

Chapter 2 VLANs 19

• Although these VLANs cannot communicate with each other through the server, they can all access the server over the same connection from the switch.

• Where VLANs overlap in this way, VLAN "tags" are used in the individual packets to distinguish between trac from dierent VLANs.

• A VLAN tag includes the particular VLAN ID. (VID) of the VLAN on which the packet was generated.

For more on this topic, see Conguring or changing static VLAN per-port settings (CLI) on page 34.

Overlapping VLANs using the same server

Similarly, using 802.1Q-compliant switches, you can connect multiple VLANs through a single switch-toswitch link.

Connecting multiple VLANs through the same link

Introducing tagged VLANs into legacy networks running only untagged VLANs

You can introduce 802.1Q-compliant devices into networks that have built untagged VLANs based on earlier VLAN technology. The fundamental rule is that legacy/untagged VLANs require a separate link for each VLAN, while 802.1Q, or tagged VLANs can combine several VLANs in one link. Thus on the 802.1Q-compliant device, separate ports (congured as untagged) must be used to connect separate VLANs to non-802.1Q devices.

20 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Tagged and untagged VLAN technology in the same network

VLAN tagging rules When tagging is needed

When a port belongs to two or more VLANs of the same type, they remain as separate broadcast domains and cannot receive trac from each other without routing.

NOTE:

If multiple, non-routable VLANs exist in the switch—such as NETbeui protocol VLANs—they cannot receive trac from each other.

Inbound tagged packets

The switch requires VLAN tagging on a given port if the port will be receiving inbound, tagged VLAN trac that should be forwarded.

If a tagged packet arrives on a port that is not a tagged member of the VLAN indicated by the packet's VID, the switch drops the packet.

Similarly, the switch drops an inbound, tagged packet if the receiving port is an untagged member of the VLAN indicated by the packet's VID.

Untagged packet forwarding

If the only authorized, inbound VLAN trac on a port arrives untagged, then the port must be an untagged member of that VLAN. This is the case where the port is connected to a non-802.1Q compliant device or is assigned to only one VLAN.

To enable an inbound port to forward an untagged packet, the port must be an untagged member of either a protocol VLAN matching the packet's protocol, or an untagged member of a port-based VLAN.

That is, when a port receives an incoming, untagged packet, it processes the packet according to the following ordered criteria:

Chapter 2 VLANs 21

1. If the port has no untagged VLAN memberships, the switch drops the packet.

2. If the port has an untagged VLAN membership in a protocol VLAN that matches the protocol type of the

incoming packet, then the switch forwards the packet on that VLAN.

3. If the port is a member of an untagged, port-based VLAN, the switch forwards the packet to that VLAN. Otherwise, the switch drops the packet.

Figure 1: Untagged VLAN operation

22 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Tagged packet forwarding

If a port is a tagged member of the same VLAN as an inbound, tagged packet received on that port, then the switch forwards the packet to an outbound port on that VLAN.

To enable the forwarding of tagged packets, any VLAN to which the port belongs as a tagged member must have the same VID as that carried by the inbound, tagged packets generated on that VLAN.

Figure 2: Tagged VLAN operation

See also Multiple VLAN considerations on page 27.

CAUTION: Rate limiting may behave unpredictably on a VLAN if the VLAN spans multiple

modules or port-banks.

This also applies if a port on a dierent module or port-bank is added to an existing VLAN. Hewlett Packard Enterprise does not recommend conguring rate limiting on VLANs that include ports spanning modules or port-banks.

In the following example, ports 2, 3 and 24 form one VLAN, with ports 1 through 24 in the same port-bank. Ports 28, 29 and 32 form a second VLAN. These ports are also in the same port-bank, which includes ports 25 through 48. Rate limiting will operate as expected for these VLANs.

Figure 3: Example of VLANs using ports from the same port-bank for each VLAN

Applying VLAN tagging

Chapter 2 VLANs 23

Example of tagged and untagged VLAN port assignments

If port 7 on an 802.1Q-compliant switch is assigned to only the Red VLAN, the assignment can remain "untagged" because the port will forward trac only for the Red VLAN. However, if both the Red and Green VLANs are assigned to port 7, then at least one of those VLAN assignments must be "tagged" so that Red VLAN trac can be distinguished from Green VLAN trac.

Figure 4: Tagged and untagged VLAN port assignments

In switch X:

• VLANs assigned to ports X1 - X6 can be untagged because there is only one VLAN assignment per port. Red VLAN trac will go out only the Red ports, Green VLAN trac will go out only the Green ports, and so on. Devices connected to these ports do not have to be 802.1Q-compliant.

• However, because both the Red VLAN and the Green VLAN are assigned to port X7, at least one of the VLANs must be tagged for this port.

In switch Y:

• VLANs assigned to ports Y1 - Y4 can be untagged because there is only one VLAN assignment per port. Devices connected to these ports do not have to be 802.1Q-compliant.

• Because both the Red VLAN and the Green VLAN are assigned to port Y5, at least one of the VLANs must be tagged for this port.

In both switches:

The ports on the link between the two switches must be congured the same. As shown in the following gure, the Red VLAN must be untagged on port X7 and Y5 and the Green VLAN must be tagged on port X7 and Y5, or the opposite way.

NOTE: Each 802.1Q-compliant VLAN must have its own unique VID number and that VLAN must be given the same VID in every device where congured. That is, if the Red VLAN has a VID of 10 in switch X, then 10 must also be the Red VID in switch Y.

Figure 5: Example of VLAN ID numbers assigned in the VLAN names screen

24 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Additional VLAN tagging considerations

• Since the purpose of VLAN tagging is to allow multiple VLANs on the same port, any port that has only one VLAN assigned to it can be for that port arrives untagged.

• Any port with two or more VLANs of the same type can have one such VLAN assigned as "Untagged." All other VLANs of the same type must be

Port-Based VLANs Protocol VLANs

congured as "Untagged" (the default) if the authorized inbound trac

congured as "Tagged," that is:

A port can be a member of one untagged, portbased VLAN. All other port-based VLAN assignments for that port must be tagged.

A port can be a tagged member of any port-based VLAN.

A given VLAN must have the same VID on all 802.1Q-compliant devices in which the VLAN occurs. Also, the ports connecting two 802.1Q devices should have identical VLAN congurations.

• If all end nodes on a port comply with the 802.1Q standard and are congured to use the correct VID, you can congure all VLAN assignments on a port as "Tagged" if doing so either makes it easier to manage your VLAN assignments, or if the authorized, inbound trac for all VLANs on the port will be tagged.

For a summary and owcharts of untagged and tagged VLAN operation on inbound trac, see the following under VLAN tagging rules on page 21:

• "Inbound Tagged Packets"

• "Untagged Packet Forwarding" and Figure 1: Untagged VLAN operation on page 22

• "Tagged Packet Forwarding" and Figure 2: Tagged VLAN operation on page 23

A port can be an untagged member of one protocol-based VLAN of each protocol type. When assigning a port to multiple, protocol-based VLANs sharing the same type, the port can be an untagged member of only one such VLAN.

A port can be a tagged member of any protocolbased VLAN. See above.

Chapter 2 VLANs 25

Example of Networked 802.1Q-compliant devices with multiple VLANs on some ports

In the following network, switches X and Y and servers S1, S2, and the AppleTalk server are 802.1Qcompliant. (Server S3 could also be 802.1Q-compliant, but it makes no dierence for this example.) This network includes both protocol-based (AppleTalk) VLANs and port-based VLANs.

• The VLANs assigned to ports X4 - X6 and Y2 - Y5 can all be untagged because there is only one VLAN assigned per port.

• Port X1 has two AppleTalk VLANs assigned, which means that one VLAN assigned to this port can be untagged and the other must be tagged.

• Ports X2 and Y1 have two port-based VLANs assigned, so one can be untagged and the other must be tagged on both ports.

• Ports X3 and Y6 have two port-based VLANs and one protocol-based VLAN assigned. Thus, one portbased VLAN assigned to this port can be untagged and the other must be tagged. Also, since these two ports share the same link, their VLAN congurations must match.

In the table, "No" means that the port is not a member of that VLAN. For example, port X3 is not a member of the Red VLAN and does not carry Red VLAN trac. Also, if GVRP were enabled (port-based only), Auto would appear instead of No.

Switch X Switch Y

Port AT-1

VLAN

X1 Untagged Tagged No No Y1 No No Untagged Tagged

AT-2 VLAN

Red VLAN

Green VLAN

Port AT-1

VLAN

AT-2 VLAN

Red VLAN

Green VLAN

X2 No No Untagged Tagged Y2 No No No Untagged

Table Continued

26 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

Switch X Switch Y

Port AT-1

VLAN

X3 No Untagged Untagged Tagged Y3 No Untagged No No

X4 No No No Untagged Y4 No No No Untagged

X5 No No Untagged No Y5 No No Untagged No

X6 Untagged No No No Y6 No Untagged Untagged Tagged

NOTE: VLAN congurations on ports connected by the same link must match. Because ports X2 and Y5 are opposite ends of the same point-to-point connection, both ports must have the same VLAN conguration, conguring the Red VLAN as "Untagged" and the Green VLAN as "Tagged.”

AT-2 VLAN

Red VLAN

Green VLAN

Port AT-1

VLAN

AT-2 VLAN

Red VLAN

Green VLAN

Multiple VLAN considerations

Switches use a forwarding database to maintain awareness of which external devices are located on which VLANs. Some switches, such as the switches covered in this guide, have a multiple forwarding database, which means the switch allows multiple database entries of the same MAC address, with each entry showing the (dierent) source VLAN and source port. Other switch models have a single forwarding database, which allows only one database entry of a unique MAC address, along with the source VLAN and source port on which it is found. All VLANs on a switch use the same MAC address. Thus, connecting a multiple forwarding database switch to a single forwarding database switch where multiple VLANs exist imposes some cabling and port VLAN assignment restrictions. The following table illustrates the functional dierence between the two database types.

Table 3: Forwarding database content

Multiple forwarding database Single forwarding database

MAC address Destination

VLAN ID

0004ea-84d9f4 1 A5 0004ea-84d9f4 100 A9

0004ea-84d9f4 22 A12 0060b0-880af9 105 A10

0004ea-84d9f4 44 A20 0060b0-880a81 107 A17

0060b0-880a81 33 A20

This database allows multiple destinations for the same MAC address. If the switch detects a new destination for an existing MAC entry, it just adds a new instance of that MAC to the table.

All switches covered in this guide use a multiple forwarding database.

Destination

port

MAC address Destination

VLAN ID

This database allows only one destination for a MAC address. If the switch detects a new destination for an existing MAC entry, it replaces the existing MAC instance with a new instance showing the new destination.

Destination

port

Chapter 2 VLANs 27

Single forwarding database operation

When a packet arrives with a destination MAC address that matches a MAC address in the switch's forwarding table, the switch tries to send the packet to the port listed for that MAC address. But if the destination port is in a dierent VLAN than the VLAN on which the packet was received, the switch drops the packet. This is not a problem for a switch with a multiple forwarding database because the switch allows multiple instances of a given MAC address, one for each valid destination. However, a switch with a single forwarding database allows only one instance of a given MAC address.

TIP: If you connect both switch types through multiple ports or trunks belonging to dierent VLANs and enable routing on the switch with the multiple-forwarding database, then the port and VLAN record maintained on the switch with the single-forwarding database for the multipleforwarding database can change frequently. This may cause poor performance and the appearance of an intermittent or broken connection.

Switch performance is unreliable

The following example provides a method to identify and correct an unsupported

conguration.

Symptom

Poor switch performance, unreliable switch performance, dropped packets, discarded packets, appearance of intermittent or broken links.

Cause

Incorrect switch conguration.

As shown in the following gure, two switches are connected using two ports on each, and the MAC address table for Switch A will sometimes record the switch as accessed on port A1 (VLAN 1) and at other times as accessed on port B1 (VLAN 2).

Procedure

1. PC A sends an IP packet to PC B.

2. The packet enters VLAN 1 in the switch with the MAC address of the switch in the destination eld.

Because the switch has not yet learned this MAC address, it does not nd the address in its address table and oods the packet out all ports, including the VLAN 1 link (port A1) to the switch. The switch then routes the packet through the VLAN 2 link to the switch, which forwards the packet on to PC B. Because the switch received the packet from the switch on VLAN 2 (port B1), the switch's single forwarding database records the switch as being on port B1 (VLAN 2).

3. PC A now sends a second packet to PC B. The packet again enters VLAN 1 in the switch with the MAC address of the switch in the destination eld. However, this time the switch's single forwarding database indicates that the switch is on port B1 (VLAN 2) and the switch drops the packet instead of forwarding it.

4. Later, the switch transmits a packet to the switch through the VLAN 1 link and the switch updates its address table to show that the switch is on port A1 (VLAN 1) instead of port B1 (VLAN 2). Thus, the switch's information on the location of the switch changes over time, and the switch discards some

28 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

packets directed through it for the switch. This causes poor performance and the appearance of an intermittent or broken link.

Figure 6: Invalid forwarding conguration

Action/solution

Recongure the switches in the conguration.

Procedure

1. Use only one cable or port trunk between single-forwarding and multiple-forwarding database devices.

2. Congure the link with multiple, tagged VLANs.

3. To increase network bandwidth of the connection between devices, use a trunk of multiple physical links.

Following these rules, the switch forwarding database always lists the switch MAC address on port A1 and the switch will send trac to either VLAN on the switch.

Figure 7: Solution for single-forwarding to multiple-forwarding database devices in a multiple VLAN environment

Connecting the Switch to another switch with a multiple forwarding database (Example)

Use one or both of the following connection options:

Chapter 2 VLANs 29

• A separate port or port trunk interface for each VLAN. This results in a forwarding database having multiple instances of the same MAC address with dierent VLAN IDs and port numbers. See Forwarding database content. The fact that the switches covered by this guide use the same MAC address on all VLAN interfaces causes no problems.

• The same port or port trunk interface for multiple (tagged) VLANs. This results in a forwarding database having multiple instances of the same MAC address with dierent VLAN IDs, but the same port number.

Allowing multiple entries of the same MAC address on dierent VLANs enables topologies such as the following:

Figure 8: Topology for devices with multiple forwarding databases in a multiple VLAN environment

Conguring VLANs

The CLI congures and displays port-based and protocol-based VLANs.

In the factory default state, the switch is enabled for up to 256 VLANs, all ports belong to the default primary VLAN and are in the same broadcast/multicast domain. You can recongure the switch to support more VLANs . The maximum VLANs allowed varies according to the switch series.

The number of VLANs allowed on a switch

The factory default number of VLANs is 256.

You can maximum VLANs allowed varies according to the switch series. The maximum VLAN values for the switch documented in this guide are as follows:

Attribute MAX Number of VLANs

2530 Switch Series; YA/YB code, 2540 Switch Series; YC code

VLAN 512

recongure the switch to support more VLANs using the max-vlans command or the GUI. The

Table Continued

30 Aruba 2530 Advanced Trac Management Guide for

ArubaOS-Switch 16.09

+ 259 hidden pages

Hewlett Packard Enterprise Aruba 2530 Advanced Traffic Management Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Contents

About this guide

Applicable products

Switch prompts used in this guide

VLANs

Understanding VLANs

Static VLAN operation

VLAN environments

VLAN operation

General VLAN operation

Multiple port-based VLANs

Protocol VLAN environment

Routing options for VLANs

802.1Q VLAN tagging

Introducing tagged VLANs into legacy networks running only untagged VLANs

Applying VLAN tagging

Additional VLAN tagging considerations

Multiple VLAN considerations

Single forwarding database operation

Switch performance is unreliable

Connecting the Switch to another switch with a multiple forwarding database (Example)

The number of VLANs allowed on a switch