Hello, all!
There is L2 network on X670, all clients receiving VLAN untagged.
At each member port, bind the MAC address of its router and disable the learning.
There are customers who are connected "through" some operator, and the operator, wants to give them service not in his VLAN, but in some other.
Therefore, the PSTAG is very suitable.
The port configuration of the participant looks like this:
# configure vlan "XXX" add ports 1 untagged
# configure vlan "XXX" add ports 1 tagged 1000
Traffic in 1000 VLAN from client must be remapped to VLAN XXX online and vice versa.
As a result, this happens, but at the same time the participant, which is connected in the neighboring port (for example, port 2) and for which the configuration is standard, stops receiving the service.
At the same time, sessions with him do not fail, but traffic falls on their port.
The client in VLAN 1000 works fine and sees the entire network.
For example:
# sh conf | inc "port 1"
configure port 1 rate-limit flood broadcast 1000
configure port 1 vlan XXX limit-learning 0 action stop-learning
create fdb cc??cc:c5:f0:02 vlan "XXX" port 1
# sh conf | inc "ports 1 "
configure ports 1 display-string Client-1
configure ports 1 auto off speed 10000 duplex full
configure sflow ports 1 sample-rate 16384 enable sflow ports 1 ingress
enable lldp ports 1 receive-only
# sh conf | inc "port 2"
disable learning port 2
disable flooding unicast multicast port 2
create fdb aa:aa:aa:d6:77:1d vlan "XXX" port 2
configure vlan XXX add port 2 tagged 1000
So when input command #configure vlan UA-IX add port 2 tagged 1000
Connection with port 1 is strangely disappear - MAC-address is visible, but traffic isn't forward.
When cancel a command, everything is restored.
Scheme below:
Thank you!
There is L2 network on X670, all clients receiving VLAN untagged.
At each member port, bind the MAC address of its router and disable the learning.
There are customers who are connected "through" some operator, and the operator, wants to give them service not in his VLAN, but in some other.
Therefore, the PSTAG is very suitable.
The port configuration of the participant looks like this:
# configure vlan "XXX" add ports 1 untagged
# configure vlan "XXX" add ports 1 tagged 1000
Traffic in 1000 VLAN from client must be remapped to VLAN XXX online and vice versa.
As a result, this happens, but at the same time the participant, which is connected in the neighboring port (for example, port 2) and for which the configuration is standard, stops receiving the service.
At the same time, sessions with him do not fail, but traffic falls on their port.
The client in VLAN 1000 works fine and sees the entire network.
For example:
# sh conf | inc "port 1"
configure port 1 rate-limit flood broadcast 1000
configure port 1 vlan XXX limit-learning 0 action stop-learning
create fdb cc??cc:c5:f0:02 vlan "XXX" port 1
# sh conf | inc "ports 1 "
configure ports 1 display-string Client-1
configure ports 1 auto off speed 10000 duplex full
configure sflow ports 1 sample-rate 16384 enable sflow ports 1 ingress
enable lldp ports 1 receive-only
# sh conf | inc "port 2"
disable learning port 2
disable flooding unicast multicast port 2
create fdb aa:aa:aa:d6:77:1d vlan "XXX" port 2
configure vlan XXX add port 2 tagged 1000
So when input command #configure vlan UA-IX add port 2 tagged 1000
Connection with port 1 is strangely disappear - MAC-address is visible, but traffic isn't forward.
When cancel a command, everything is restored.
Scheme below:
Thank you!
