Configuring Protocol VLAN
CHAPTERS
2. Protocol VLAN Configuration
4. Appendix: Default Parameters
|
|
This guide applies to: T1500G-8T v2 or above, T1500G-10PS v2 or above, T1500G-10MPS v2 or above, T1500-28PCT v3 or above, T1600G-18TS v2 or above, T1600G-28TS v3 or above, T1600G-28PS v3 or above, T1600G-52TS v3 or above, T1600G-52PS v3 or above, T1700X-16TS v3 or above, T1700G-28TQ v3 or above, T2500G-10TS v2 or above, T2600G-18TS v2 or above, T2600G-28TS v3 or above, T2600G-28MPS v3 or above, T2600G-28SQ v1 or above, T2600G-52TS v3 or above. |
Protocol VLAN is a technology that divides VLANs based on the network layer protocol. With the protocol VLAN rule configured on the basis of the existing 802.1Q VLAN, the switch can analyze specific fields of received packets, encapsulate the packets in specific formats, and forward the packets with different protocols to the corresponding VLANs. Since different applications and services use different protocols, network administrators can use protocol VLAN to manage the network based on specific applications and services.
The figure below shows a common application scenario of protocol VLAN. With protocol VLAN configured, Switch 2 can forward IPv4 and IPv6 packets from different VLANs to the IPv4 and IPv6 networks respectively.
Figure 1-1 Common Application Scenario of Protocol VLAN
To complete protocol VLAN configuration, follow these steps:
1)Configure 802.1Q VLAN.
2)Create protocol template.
3)Configure Protocol VLAN.
Configuration Guidelines
You can use the IP, ARP, RARP, and other protocol templates provided by TP-Link switches, or create new protocol templates.
In a protocol VLAN, when a port receives an untagged data packet, the switch will first search for the protocol VLAN matching the protocol type value of the packet. (If MAC VLAN is also configured, the switch will first process MAC VLAN.) If there is a match, the switch will insert the corresponding VLAN tag to the data packet and forward it within the VLAN. Otherwise, the switch will forward the data packet to the default VLAN based on the PVID (Port VLAN ID) of the receiving port. When the port receives a tagged data packet, the switch will directly process the data packet according to the processing rule of the 802.1Q VLAN.
Before configuring protocol VLAN, create an 802.1Q VLAN and set the port type according to network requirements. For details, refer to Configuring 802.1Q VLAN.
2.1.2Creating Protocol Template
Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol Template to load the following page.
Figure 2-1 Check the Protocol Template
Follow these steps to create a protocol template:
1)Check whether your desired template already exists in the Protocol Template Config section. If not, click 
to create a new template.
Figure 2-2 Creating a Protocol Template
|
Template Name |
Give a protocol name to identify the protocol template. |
|
Frame Type |
Select the frame type of the new protocol template. Ethernet II: A common Ethernet frame format. Select to specify the Frame Type by entering the Ether Type. SNAP: An Ethernet 802.3 frame format based on IEEE 802.3 and IEEE 802.2 SNAP. Select to specify the Frame Type by entering the Ether Type. LLC: An Ethernet 802.3 frame format based on IEEE 802.3 and IEEE 802.2 LLC. Select to specify the Frame Type by entering the DSAP and SSAP. |
|
Ether Type |
Enter the Ethernet protocol type value for the protocol template. It is available when Ethernet II and SNAP is selected. It is the Ether Type field in the frame and is used to identify the data type of the frame. |
|
DSAP |
Enter the DSAP value for the protocol template. It is available when LLC is selected. It is the DSAP field in the frame and is used to identify the data type of the frame. |
|
SSAP |
Enter the SSAP value for the protocol template. It is available when LLC is selected. It is the SSAP field in the frame and is used to identify the data type of the frame. |
2)Click Create.
|
|
Note: A protocol template that is bound to a VLAN cannot be deleted. |
2.1.3 Configuring Protocol VLAN
Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol VLAN Group and click to load the following page.
Figure 2-3 Configure the Protocol VLAN Group
Follow these steps to configure the protocol group:
1)In the Protocol Group Config section, specify the following parameters.
|
Template Name |
Select the previously defined protocol template. |
|
VLAN ID/Name |
Enter the ID number or name of the 802.1Q VLAN that will be bound to the Protocol VLAN.. |
|
802.1p Priority |
Specify the 802.1p priority for the packets that belong to the protocol VLAN. The switch will determine the forwarding sequence according this value. The packets with larger value of 802.1p priority have the higher priority. |
2)Select the desired ports. Click Create.
|
|
Note: The member port of an LAG (Link Aggregation Group) follows the configuration of the LAG and not its own. The configurations of the port can take effect only after it leaves the LAG. |
Before configuring protocol VLAN, create an 802.1Q VLAN and set the port type according to network requirements. For details, refer to Configuring 802.1Q VLAN.
2.2.2Creating a Protocol Template
Follow these steps to create a protocol template:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
protocol-vlan template name protocol-name frame { ether_2 ether-type type | snap ether-type type | llc dsap dsap_type ssap ssap_type } Create a protocol template. protocol-name: Specify the protocol name with 1 to 8 characters. type: Enter4 hexadecimal numbers as the Ethernet protocol type for the protocol template. It is the Ether Type field in the frame and is used to identify the data type of the frame. dsap_type: Enter 2 hexadecimal numbers as the DSAP value for the protocol template. It is the DSAP field in the frame and is used to identify the data type of the frame. ssap_type: Enter 2 hexadecimal numbers as the SSAP value for the protocol template. It is the SSAP field in the frame and is used to identify the data type of the frame. |
|
Step 3 |
show protocol-vlan template Verify the protocol templates. |
|
Step 4 |
end Return to Privileged EXEC Mode. |
|
Step 5 |
copy running-config startup-config Save the settings in the configuration file. |
The following example shows how to create an IPv6 protocol template:
Switch#configure
Switch(config)#protocol-vlan template name IPv6 frame ether_2 ether-type 86dd
Switch(config)#show protocol-vlan template
Index Protocol Name Protocol Type
------- ----------------- --------------------------------
1 IP EthernetII ether-type 0800
2 ARP EthernetII ether-type 0806
3 RARP EthernetII ether-type 8035
4 IPX SNAP ether-type 8137
5 AT SNAP ether-type 809B
6 IPv6 EthernetII ether-type 86DD
Switch(config)#end
Switch#copy running-config startup-config
2.2.3Configuring Protocol VLAN
Follow these steps to configure protocol VLAN:
|
Step 1 |
configure Enter global configuration mode. |
|
Step 2 |
show protocol-vlan template Check the index of each protocol template. |
|
Step 3 |
protocol-vlan vlan vid priority priority template index Bind the protocol template to the VLAN. vid : Enter the ID number of the 802.1Q VLAN that will be bound to the Protocol VLAN. priority : Specify the 802.1p priority for the packets that belong to the protocol VLAN. The switch will determine the forwarding sequence according this value. The packets with larger value of 802.1p priority have the higher priority. index : Specify the protocol template index. |
|
Step 4 |
show protocol-vlan vlan Check the protocol VLAN index (entry-id) of each protocol group. |
|
Step 5 |
interface {fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | range ten-gigabitEthernet port-list | port-channel port-channel-id | range port-channel port-channel-list} Enter interface configuration mode. |
|
Step 6 |
protocol-vlan group entry-id Add the specified port to the protocol group. entry-id: Protocol VLAN index. |
|
Step 7 |
end Return to Privileged EXEC Mode. |
|
Step 8 |
copy running-config startup-config Save the settings in the configuration file. |
The following example shows how to bind the IPv6 protocol template to VLAN 10 and add port 1/0/2 to protocol VLAN:
Switch#configure
Switch(config)#show protocol-vlan template
Index Protocol Name Protocol Type
-------- ------------------ --------------------------------
1 IP EthernetII ether-type 0800
2 ARP EthernetII ether-type 0806
3 RARP EthernetII ether-type 8035
4 IPX SNAP ether-type 8137
5 AT SNAP ether-type 809B
6 IPv6 EthernetII ether-type 86DD
Switch(config)#protocol-vlan vlan 10 priority 5 template 6
Switch(config)#show protocol-vlan vlan
Index Protocol-Name VID Priority Member
-------- -------------------- ------ ------ ------
1 IPv6 10 0
Switch(config)#interface gigabitEthernet 1/0/2
Switch(config-if)#protocol-vlan group 1
Switch(config-if)#show protocol-vlan vlan
Index Protocol-Name VID Priority Member
------ ------------------ ------ -------- ------------
1 IPv6 10 5 Gi1/0/2
Switch(config-if)#end
Switch#copy running-config startup-config
A company uses both IPv4 and IPv6 hosts, and these hosts access the IPv4 network and IPv6 network respectively via different routers. It is required that IPv4 packets are forwarded to the IPv4 network, IPv6 packets are forwarded to the IPv6 network, and other packets are dropped.
The figure below shows the network topology. The IPv4 host belongs to VLAN 10, the IPv6 host belongs to VLAN 20, and these hosts access the network via Switch 1. Switch 2 is connected to two routers to access the IPv4 network and IPv6 network respectively. The routers belong to VLAN 10 and VLAN 20 respectively.
Figure 3-1 Network Topology
You can configure protocol VLAN on port 1/0/1 of Switch 2 to meet this requirement. When this port receives packets, Switch 2 will forward them to the corresponding VLANs according to their protocol types. The overview of the configuration on Switch 2 is as follows:
1)Create VLAN 10 and VLAN 20 and add each port to the corresponding VLAN.
2)Use the IPv4 protocol template provided by the switch, and create the IPv6 protocol template.
3)Bind the protocol templates to the corresponding VLANs to form protocol groups, and add port 1/0/1 to the groups.
For Switch 1, configure 802.1Q VLAN according to the network topology.
Demonstrated with T2600G-28TS, this chapter provides configuration procedures in two ways: using the GUI and using the CLI.
Configurations for Switch 1
1)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > VLAN Config and click to load the following page. Create VLAN 10, and add untagged port 1/0/1 and untagged port 1/0/3 to VLAN 10. Click Create.
Figure 3-2 Create VLAN 10
2)Click to load the following page. Create VLAN 20, and add untagged ports 1/0/2-3 to VLAN 20. Click Create.
Figure 3-3 Create VLAN 20
3)Click 
to save the settings.
Configurations for Switch 2
1)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > VLAN Config and click to load the following page. Create VLAN 10, and add tagged port 1/0/1 and untagged port 1/0/2 to VLAN 10. Click Create.
Figure 3-4 Create VLAN 10
2)Click to load the following page. Create VLAN 20, and add tagged port 1/0/1 and untagged port 1/0/3 to VLAN 20. Click Create.
Figure 3-5 Create VLAN 20
3)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > Port Config to load the following page. Set the PVID of port 1/0/2 and port 1/0/3 as 10 and 20 respectively . Click Apply.
Figure 3-6 Port Configuration
4)Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol Template and click to load the following page. Enter IPv6 in the protocol name, select the Ethernet II frame type, enter 86DD in the Ether Type field, and click Create to create the IPv6 protocol template.
|
|
Note: The IPv4 protocol template is already provided by the switch. You only need to create the IPv6 protocol template. |
Figure 3-7 Create the IPv6 Protocol Template
5)Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol VLAN Group and click to load the following page. Select the IP protocol name (that is the IPv4 protocol template), enter VLAN ID 10, select port 1, and click Create. Select the IPv6 protocol name, enter VLAN ID 20, select port 1, and click Create.
Figure 3-8 Configure the IPv4 Protocol Group
Figure 3-9 Configure the IPv6 Protocol Group
6)Click to save the settings.
Configurations for Switch 1
1)Create VLAN 10 and VLAN 20.
Switch_1#configure
Switch_1(config)#vlan 10
Switch_1(config-vlan)#name IPv4
Switch_1(config-vlan)#exit
Switch_1(config)#vlan 20
Switch_1(config-vlan)#name IPv6
Switch_1(config-vlan)#exit
2)Add untagged port 1/0/1 to VLAN 10. Add untagged port 1/0/2 to VLAN 20. Add untagged port 1/0/3 to both VLAN10 and VLAN 20.
Switch_1(config)#interface gigabitEthernet 1/0/1
Switch_1(config-if)#switchport general allowed vlan 10 untagged
Switch_1(config-if)#exit
Switch_1(config)#interface gigabitEthernet 1/0/2
Switch_1(config-if)#switchport general allowed vlan 20 untagged
Switch_1(config-if)#exit
Switch_1(config)#interface gigabitEthernet 1/0/3
Switch_1(config-if)#switchport general allowed vlan 10,20 untagged
Switch_1(config-if)#end
Switch_1#copy running-config startup-config
Configurations for Switch 2
1)Create VLAN 10 and VLAN 20.
Switch_2#configure
Switch_2(config)#vlan 10
Switch_2(config-vlan)#name IPv4
Switch_2(config-vlan)#exit
Switch_2(config)#vlan 20
Switch_2(config-vlan)#name IPv6
Switch_2(config-vlan)#exit
2)Add tagged port 1/0/1 to both VLAN 10 and VLAN 20. Specify the PVID of untagged port 1/0/2 as 10 and add it to VLAN 10. Specify the PVID of untagged port 1/0/3 as 20 and add it to VLAN 20.
Switch_2(config)#interface gigabitEthernet 1/0/1
Switch_2(config-if)#switchport general allowed vlan 10,20 tagged
Switch_2(config-if)#exit
Switch_2(config)#interface gigabitEthernet 1/0/2
Switch_2(config-if)#switchport pvid 10
Switch_2(config-if)#switchport general allowed vlan 10 untagged
Switch_2(config-if)#exit
Switch_2(config)#interface gigabitEthernet 1/0/3
Switch_2(config-if)#switchport mode general
Switch_2(config-if)#switchport pvid 20
Switch_2(config-if)#switchport general allowed vlan 20 untagged
Switch_2(config-if)#exit
3)Create the IPv6 protocol template.
Switch_2(config)#protocol-vlan template name IPv6 frame ether_2 ether-type 86dd
Switch_2(config)#show protocol-vlan template
Index Protocol Name Protocol Type
---- --------- ------------------------------------
1 IP EthernetII ether-type 0800
2 ARP EthernetII ether-type 0806
3 RARP EthernetII ether-type 8035
4 IPX SNAP ether-type 8137
5 AT SNAP ether-type 809b
6 IPv6 Ethernet II ether-type 86dd
4)Configure the protocol groups.
Switch_2(config)#protocol-vlan vlan 10 priority 0 template 1
Switch_2(config)#protocol-vlan vlan 20 priority 0 template 6
5)Add port 1/0/1 to the protocol groups.
Switch_2(config)#show protocol-vlan vlan
Index Protocol-Name VID Member
---- --------------- ---------- -------------
1 IP 10
2 IPv6 20
Switch_2(config)#interface gigabitEthernet 1/0/1
Switch_2(config-if)#protocol-vlan group 1
Switch_2(config-if)#protocol-vlan group 2
Switch_2(config-if)#exit
Switch_2(config)#end
Switch_2#copy running-config startup-config
Verify the Configurations
Switch 1
Verify 802.1Q VLAN configuration:
Switch_1#show vlan
VLAN Name Status Ports
-------- ------------- --------- --------------------------------------------
1 System-VLAN active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4
......
Gi1/0/25, Gi1/0/26, Gi1/0/27, Gi1/0/28
10 IPv4 active Gi1/0/1, Gi1/0/3
20 IPv6 active Gi1/0/2, Gi1/0/3
Switch 2
Verify 802.1Q VLAN configuration:
Switch_2#show vlan
VLAN Name Status Ports
------- ------------- ---------- --------------------------------------------
1 System-VLAN active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4
......
Gi1/0/25, Gi1/0/26, Gi1/0/27, Gi1/0/28
10 IPv4 active Gi1/0/1, Gi1/0/2
20 IPv6 active Gi1/0/1, Gi1/0/3
Verify protocol group configuration:
Switch_2#show protocol-vlan vlan
Index Protocol-Name VID Priority Member
-------- --------------------- ------ ------ -----------
1 IP 10 0 Gi1/0/1
2 IPv6 20 0 Gi1/0/1
Default settings of Protocol VLAN are listed in the following table.
Table 4-1Default Settings of Protocol VLAN
|
Parameter |
Default Setting |
|
Protocol Template Table |
1 IP Ethernet II ether-type 0800 2 ARP Ethernet II ether-type 0806 3 RARP Ethernet II ether-type 8035 4 IPX SNAP ether-type 8137 5 AT SNAP ether-type 809B |