OcNOS DC : Layer 2 Guide : Layer 2 Command Reference : VLAN and Private VLAN Commands
VLAN and Private VLAN Commands
This chapter has the commands used to manage VLANs and Private VLANs. A private VLAN contains switch ports that cannot communicate with each other, but can access other networks. This chapter includes the following commands:
global-bridge-vlan-check enable
Use this command to establish a VLAN in the global VLAN database, ensuring that the same VLAN is not permitted to be encapsulated on a sub-interface.
Command Syntax
global-bridge-vlan-check enable
no global-bridge-vlan-check enable
Parameters
enable
Enable VLAN check validations
Default
Disabled.
Command Mode
VLAN Configuration mode
Applicability
This command is introduced from OcNOS version 6.5.1.
Example
1. Validating sub-interface encap VLANs should not be overlapped with bridge VLANs.
#(config)#bridge 1 protocol rstp vlan-bridge
(config)#vlan 2-10 bridge 1
(config)#commit
(config)#
(config)#global-bridge-vlan-check enable
(config)#commit
(config)#
(config)#int xe2.2 switchport
(config-if)#encapsulation dot1q 2
(config-if)#commit
Bridge VLAN ids cannot be used for L2 sub-interface's encaps
Failed to commit. As error(s) encountered during commit operation.
2. Configure sub-interface encap VLANs when not overlapping with bridge VLAN IDs.
#(config)#int xe5.5 switchport
(config-if)#encapsulation dot1q 11
(config-if)#commit
(config-if)#exit
(config)#end
 
private-vlan association
Use this command to associate a secondary VLAN to a primary VLAN. Only one isolated VLAN can be associated to a primary VLAN. Multiple community VLANs can be associated to a primary VLAN.
Use the no form of this command to remove association of all the secondary VLANs to a primary VLAN.
Command Syntax
private-vlan association add VLAN_RANGE
private-vlan association remove VLAN_RANGE
no private-vlan association
Parameters
add
Add a VLAN to private VLAN list.
remove
Removes values associated with a single VLAN.
VLAN_RANGE
Specify VLAN ID 1-4094 or range(s): 1-5, 10 or 2-5,7-19 of the private VLANs to be configured
Default
By default, functionality is disabled
Command Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan database
(config-vlan)#private-vlan association add 3-4
(config-vlan)#private-vlan association remove 3-4
(config-vlan)#no private-vlan association
private-vlan community
Use this command to set a VLAN type for a private (community) VLAN.
Use the no form of this command to remove the specified private VLAN.
Command Syntax
private-vlan <2-4094> community bridge <1-32>
no private-vlan <2-4094> bridge <1-32>
Parameters
<2-4094>
Specify a private VLAN identifier.
bridge
Specify the bridge identifier.
Default
By default, private vlan is disabled
Command Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan database
(config-vlan)#private-vlan 4 community bridge 1
private-vlan isolated
Use this command to create an isolated private VLAN.
Use the no form of this command to remove the specified private VLAN.
Command Syntax
private-vlan <2-4094> isolated bridge <1-32>
no private-vlan <2-4094> bridge <1-32>
Parameters
<2-4094>
Specify a private VLAN identifier.
bridge
Specify the bridge identifier.
Default
By default, private vlan is disabled
Command Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan database
(config-vlan)#private-vlan 3 isolated bridge 1
private-vlan primary
Use this command to create a primary VLAN.
Use the no form of this command to remove the specified private VLAN.
Command Syntax
private-vlan <2-4094> primary bridge <1-32>
no private-vlan <2-4094> bridge <1-32>
Parameters
<2-4094>
Specify a private VLAN identifier.
bridge
Specify the bridge identifier.
Default
By default, private vlan is disabled
Command Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan database
(config-vlan)#private-vlan 2 primary bridge 1
show dtag vlan
Use this command to display information about VLAN double tagging.
Command Syntax
show dtag vlan DTAG_VLAN_ID
Parameters
DTAG-VLAN-IDs
Outer-VLAN identifier and inner-VLAN identifier in the format 100.200, where 100 is the outer tag and 200 is the inner tag
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show dtag vlan 2000.3001
Table 8-15 explains the output.
Table 8-15: show dtag vlan output
Field
Description
Bridge
Bridge number
VLAN ID
VLAN identifier
Name
Double tag-VLAN identifers
State
VLAN state: ACTIVE, SUSPEND, or INVALID
H/W Status
Hardware status: UP or DOWN
Member ports
Interfaces that are part of the VLAN and whether untagged (u) or tagged (t)
show vlan access-map
Use this command to display information for VLAN access maps.
Command Syntax
show vlan access-map
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#show vlan access-map
Vlan access-map myMap 10
match ip: myMap
action: drop
 
show vlan
Use this command to display information about static, dynamic or all VLANs.
Command Syntax
show vlan (all|static|dynamic|auto) bridge <1-32>
Parameters
<1-32>
Displays the bridge group ID.
all
Displays all VLANs (static and dynamic).
static
Displays static VLANs.
dynamic
Displays dynamic VLANs.
auto
Displays auto configured VLANs.
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#sh vlan all bridge 1
Bridge VLAN ID Name State H/W Status Member ports
(u)-Untagged, (t)-Tagged
======= ======= ================ ======= ========== ==========================
1 1 default ACTIVE Up xe2(u) xe10(u)
1 2 vlan2 ACTIVE Up xe10(t)
1 10 VLAN0010 ACTIVE Up xe2(t) xe10(t)
1 20 VLAN0020 ACTIVE Up xe2(t) xe10(t)
1 30 VLAN0030 ACTIVE Up xe10(t)
1 40 VLAN0040 ACTIVE Up xe10(t)
1 50 VLAN0050 ACTIVE Up xe10(t)
1 60 VLAN0060 ACTIVE Up xe10(t)
#
 
 
Table 8-16 Explains the show command output fields.
Table 8-16: show vlan output fields
Field
Description
Bridge
Number of bridge in the interface.
VLAN ID
VLAN identifier of the VLAN listed.
Name
Name of the VLAN.
State
Indicates whether the physical link is operational and can pass packets.
H/W Status
Indicates that the hardware is operational.
Member ports
The tagged interfaces to which a VLAN is associated.
 
 
show vlan brief
Use this command to display brief VLAN information for all bridges.
Command Syntax
show vlan (brief | <2-4094>)
Parameters
None
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
The following is a sample output from this command when using the all parameter.
#show vlan brief
 
Bridge VLAN ID Name State Member ports
(u)-Untagged, (t)-Tagged
=============== ======= ================ ======= ===============================
1 1 default ACTIVE eth2(u)
 
 
0 1 default ACTIVE
0 2 new ACTIVE
 
 
Table 8-17 Explains the show command output fields.
Table 8-17: show vlan brief output fields
Field
Description
Bridge
Number of bridge in the interface.
VLAN ID
VLAN identifier of the VLAN listed.
Name
Name of the VLAN.
State
Indicates whether the physical link is operational and can pass packets.
H/W Status
Indicates that the hardware is operational.
Member ports
The tagged interfaces to which a VLAN is associated.
 
show vlan classifier
Use this command to display information on configured VLAN classifier groups, interfaces configured for a VLAN group or all the groups, or all configured VLAN classifier rules.
If either a group ID or rule ID is not specified, all configured VLAN classifier rules are shown. If either a group ID or rule ID is specified, a specific configured VLAN classifier rule is shown.
Command Syntax
show vlan classifier group interface IFNAME
show vlan classifier group (<1-16>|)
show vlan classifier interface group (<1-16>|)
show vlan classifier rule(<1-256>|)
Parameters
group
Displays group activated information.
<1-16>
Displays the group ID
interface
Displays interface information.
interface
Displays interface group information.
group
Displays group activated information.
<1-16>
Displays the group ID.
rule
Displays VLAN classifier rule ID.
<1-256>
Displays rule ID information.
Command Mode
Exec mode and Privileged Exec mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
This example displays groups for VLAN classifier groups:
#show vlan classifier group 1
vlan classifier group 1 add rule 1
This example displays interfaces for all VLAN classifier groups:
#show vlan classifier interface group
vlan classifier group 1 interface fe2
vlan classifier group 1 interface fe3
vlan classifier group 2 interface fe5
vlan classifier group 3 interface fe7
This example displays interfaces for VLAN classifier group 1:
#show vlan classifier interface group 1
vlan classifier group 1 interface fe2
vlan classifier group 1 interface fe3
This example displays interfaces for VLAN classifier rule 1:
#show vlan classifier rule 1
vlan classifier rule 1 mac 0011.2222.3333 vlan 2
show vlan-reservation
Use this command to display reserved vlans that are configured via vlan-reservation configuration on the switch.
Command Syntax
show vlan-reservation
Parameters
None
Command Mode
Exec mode
Applicability
This command was introduced before OcNOS version 5.1.
Example
OcNOS#show vlan-reservation
VLAN ID Status
======= ======
500 free
501 free
502 free
503 free
504 free
505 free
506 free
507 free
508 free
509 free
510 free
OcNOS#
 
If user enables port breakout on any of the interface
OcNOS(config)#interface xe54/1
OcNOS(config-if)#port breakout enable
OcNOS(config-if)#commit
 
Each subsidiary ports 54/2, 54/3, 54/4 will get vlan-id from the vlan-reservation pool and the status of vlan-id changes to "allocated".
 
OcNOS#show vlan-reservation
VLAN ID Status
======= ======
500 allocated
501 allocated
502 allocated
503 free
504 free
505 free
506 free
507 free
508 free
509 free
510 free
OcNOS#
 
Note: From OcNOS version 5.1, it is mandatory to configure vlan-reservation prior to port breakout configuration.
switchport access
Use this command to change the default VLAN on the current interface.
Note: IP Infusion Inc. does not recommend using VLAN identifier 1 because of interoperability issues with other vendors’ equipment.
Use the no parameter to remove an existing VLAN.
Command Syntax
switchport access vlan <2-4094>
no switchport access vlan
Parameter
<2-4094>
Specify the VLAN identifier.
Default
The switchport access vlan default value is 3968.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
This example shows the steps of a typical VLAN session, creating and destroying a VLAN.
#configure terminal
(config)#interface eth0
(config-if)#switchport access vlan 3
 
(config)#interface eth0
(config-if)#no switchport access vlan
switchport hybrid
Use this command to set the switching characteristics of the interface to hybrid. Both tagged and untagged frames will be classified over hybrid interfaces.
For a VLAN range, specify two VLAN identifiers: the lowest and then the highest separated by a hyphen. For a VLAN list, specify the VLAN identifiers separated by commas. Do not enter spaces between the hyphens or commas.
Use the no parameter to turn off allowed hybrid switching.
Command Syntax
switchport hybrid allowed vlan all
switchport hybrid vlan <2-4094>
switchport hybrid allowed vlan none
switchport hybrid allowed vlan remove VLAN_ID
switchport hybrid allowed vlan add VLAN_ID
no switchport hybrid
no switchport hybrid vlan
Parameters
all
Allow all VLANs to transmit and receive through the interface.
none
Allow no VLANs to transmit and receive through the interface.
remove
Remove these VLANs from the member set.
VLAN_ID
VLAN identifier(s) <2-4094>. You can specify a single VLAN, a VLAN range, or a VLAN list.
add
Add these VLANs to the member set.
VLAN_ID
VLAN identifier(s) <2-4094>. You can specify a single VLAN, a VLAN range, or a VLAN list.
Default
By default, switchport hybrid is enabled.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
The following shows adding a single VLAN to the member set.
(config-if)#switchport hybrid allowed vlan add VLAN_RANGE2
eg switchport hybrid allowed vlan add 2
The following shows adding a range of VLANs to the member set.
(config-if)#switchport hybrid allowed vlan add VLAN_RANGE2
eg switchport hybrid allowed vlan add 2-4
switchport mode
Use this command to set the switching characteristics of the Layer 2 interface.
Command Syntax
switchport mode (access|hybrid|trunk|provider-network|customer-edge
|customer-network|private-vlan)
Parameters
access
Access.
hybrid
Hybrid.
trunk
Trunk.
provider-network
 
Provider network.
customer-network
 
Customer network.
Default
By default, switchport mode access is enabled.
Configuring an interface to operate in trunk mode using the CLI command switchport mode trunk will automatically permit VLAN ID 1 on the trunk ports by default.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport mode access
switchport mode access ingress-filter
Use this command to set the switching characteristics of the interface to access mode, and classify untagged frames only. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.
Command Syntax
switchport mode access ingress-filter (enable|disable)
Parameters
ingress-filter
Set the ingress filtering for the received frames.
enable
Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. This is the default value.
disable
Turn off ingress filtering to accept frames that do not meet the classification criteria.
Default
Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport mode access ingress-filter enable
switchport mode hybrid ingress-filter
Use this command to set the switching characteristics of the interface as hybrid, and classify both tagged and untagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.
Command Syntax
switchport mode hybrid ingress-filter (enable|disable)
Parameters
enable
Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. This is the default value.
disable
Turn off ingress filtering to accept frames that do not meet the classification criteria.
Default
Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface eth0
(config-if)#switchport mode hybrid ingress-filter enable
switchport mode trunk ingress-filter
Use this command to set the switching characteristics of the interface as trunk, and specify only tagged frames. Received frames are classified based on the VLAN characteristics, then accepted or discarded based on the specified filtering criteria.
Command Syntax
switchport mode trunk ingress-filter (enable|disable)
Parameters
ingress-filter
Set the ingress filtering for the received frames.
enable
Set the ingress filtering for received frames. Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded. This is the default value.
disable
Turn off ingress filtering to accept frames that do not meet the classification criteria.
Default
Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface eth0
(config-if)#switchport mode trunk ingress-filter enable
switchport trunk allowed vlan dtag
Use this command to maintain a mapping between the double-tagged logical interfaces with the physical interfaces for the purpose of enabling VLAN-translation on the port alone.
An example of when to use this command is in a GPON application, where an S-tag uniquely identifies an OLT channel partition and a C-tag uniquely identifies a subscriber/service on that channel partition.
Command Syntax
switchport trunk allowed vlan add dtag DTAG-VLAN-IDs
switchport trunk allowed vlan remove dtag DTAG-VLAN-IDs
Parameters
add
Add a mapping
remove
Remove a mapping
DTAG-VLAN-IDs
Outer-VLAN identifier and inner-VLAN identifier in the format 100.200, where 100 is the outer tag and 200 is the inner tag
Default
None
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
(config)#int mlag1
(config-if)#switchport
(config-if)#bridge-group 1
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan add 100,2000
(config-if)#switchport trunk allowed vlan add dtag 2000.3001
 
 
switchport mode (trunk) disable-native-vlan
Use this command to create switchport mode trunk without any default native vlan (i.e. vlan 1).
Use the no form of this command to delete the CLI and add vlan-1 back as default-native-vlan(i.e. vlan 1) as untagged.
Command Syntax
switchport mode (trunk) disable-native-vlan
no switchport mode (trunk) disable-native-vlan
Parameters
switchport
Set the switching characteristics of interface
mode
Set the mode of the Layer-2 interface
trunk
Set the Layer-2 interface as trunk
disable-native-vlan
 
Disable native VLAN support
Command Mode
Interface mode
Applicability
This command is introduced in OcNOS version 5.1.
Example
 
OcNOS(config)#int xe7
OcNOS(config-if)#switchport mode trunk disable-native-vlan
 
 
switchport mode hybrid acceptable-frame-type
Use this command to set the interface acceptable frame types. This processing occurs after VLAN classification.
Command Syntax
switchport mode hybrid acceptable-frame-type (all|vlan-tagged)
Parameters
all
Set all frames can be received
vlan-tagged
Accept only classified frames that belong to the port's member set.
Default
Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport mode hybrid acceptable-frame-type vlan-tagged
switchport trunk allowed
Use this command to set the switching characteristics of the interface to trunk.
For a VLAN range, specify two VLAN identifiers: the lowest and then the highest separated by a hyphen. For a VLAN list, specify the VLAN identifiers separated by commas. Do not enter spaces between the hyphens or commas.
Use the no parameter to remove all VLAN identifiers configured on this port.
Command Syntax
switchport trunk allowed vlan all
switchport trunk allowed vlan none
switchport trunk allowed vlan add VLAN_ID
switchport trunk allowed vlan except VLAN_ID
switchport trunk allowed vlan remove VLAN_ID
no switchport trunk
Parameters
all
Allow all VLANs to transmit and receive through the interface.
none
Allow no VLANs to transmit and receive through the interface.
add
Add these VLANs to the member set.
VLAN_ID
VLAN identifier(s) <2-4094>. You can specify a single VLAN, a VLAN range, or a VLAN list.
except
All VLANs except these VLANs are part of the member set.
VLAN_ID
VLAN identifier(s) <2-4094>. You can specify a single VLAN, a VLAN range, or a VLAN list.
remove
Remove these VLANs from the member set.
VLAN_ID
VLAN identifier(s) <2-4094>. You can specify a single VLAN, a VLAN range, or a VLAN list.
Default
Received frames that cannot be classified in the previous step based on the acceptable frame type parameter (access/trunk) are discarded.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
The following shows adding a single VLAN to the port’s member set.
(config)#interface eth0
(config-if)#switchport trunk allowed vlan add 2
The following shows adding a range of VLANs to the port’s member set.
(config)#interface eth0
(config-if)#switchport trunk allowed vlan add 2-4
switchport mode trunk disable-native-vlan
Use this command to create a switchport mode trunk without any default native vlan (i.e. vlan 1).
Use the no form of this command to delete the CLI and add vlan-1 back as default-native-vlan (i.e. vlan 1) as untagged.
Command Syntax
switchport mode trunk disable-native-vlan
no switchport mode trunk disable-native-vlan
Parameters
None
Command Mode
Interface mode
Applicability
This command is introduced in OcNOS version 5.1.
Example
 
(config)#int xe7
(config-if)#switchport mode trunk disable-native-vlan
 
switchport trunk native
Use this command to configure native VLANs for this port. The native VLAN is used for classifying the incoming untagged packets.
Use the no parameter to revert the native VLAN to the default VLAN identifier 1.
Command Syntax
switchport trunk native vlan VLAN_ID
no switchport trunk native vlan
Parameter
VLAN_ID
VLAN identifier(s) <1-4094>. You can specify a single VLAN, or a VLAN list.
For a VLAN list, specify the VLAN identifiers separated by commas. Do not enter spaces in between the hyphens or commas.
Default
The default is that ingress filtering is off and all frame types are classified and accepted.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
#configure terminal
(config)#interface eth0
(config-if)#switchport trunk native vlan 2
 
(config)#interface eth0
(config-if)#no switchport trunk native vlan
switchport mode private-vlan
Use this command to make a Layer 2 port a host port, promiscuous port, or trunk port.
Use the no form of this command to remove the configuration.
Command Syntax
switchport mode private-vlan (host | promiscuous)
no switchport mode private-vlan
 
Parameters
host
This port type can communicate with all other host ports assigned to the same community VLAN, but it cannot communicate with the ports in the same isolated VLAN. All communications outside of this VLAN must pass through a promiscuous port in the associated primary VLAN.
promiscuous
A promiscuous port can communicate with all interfaces, including the community and isolated ports within a private VLAN
Default
By default, switchport mode private-vlan is host.
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3 and changed in OcNOS version 3.0.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport mode private-vlan host
(config)#interface eth1
(config-if)#switchport mode private-vlan promiscuous
(config)#interface eth2
(config-if)#no switchport mode private-vlan
switchport private-vlan association-trunk
Use this command to associate primary vlan and secondary vlan under "switchport mode trunk" and "switchport mode private-vlan host".
Note: Each secondary VLAN on a host trunk port must be associated with a different primary VLAN. User cannot put two secondary VLANs that are associated with the same primary VLAN on a host trunk port. Each secondary vlan on the same port has to have the same type, ie isolated or community, there cannot be mixed type.
Use the no form of this command to remove the association.
Command Syntax
switchport private-vlan association-trunk VLAN_ID VLAN_ ID
no switchport private-vlan association-trunk VLAN_ ID VLAN_ ID
no switchport private-vlan association-trunk
Parameters
VLAN_ ID
VLAN ID 2-4094
Command Mode
Interface mode
Applicability
This command was introduced in OcNOS version 5.1.
Example
#configure terminal
(config)#interface xe2
(config-if)#speed 10g
(config-if)#switchport
(config-if)#bridge-group 1
(config-if)#switchport mode trunk
(config-if)#switchport trunk allowed vlan add 10 20
(config-if)#switchport mode private-vlan host
(config-if)#switchport private-vlan association-trunk 100 10
(config-if)#switchport private-vlan association-trunk 200 20
(config-if)#no switchport private-vlan association-trunk 100 10
(config-if)#no switchport private-vlan association-trunk
 
 
switchport private-vlan host-association
Use this command to associate a primary VLAN and a secondary VLAN to a host port. Only one primary and secondary VLAN can be associated to a host port.
Use the no form of this command to remove the association.
Command Syntax
switchport private-vlan host-association <2-4094> add <2-4094>
no switchport private-vlan host-association
Parameters
<2-4094>
VLAN identifier of the primary VLAN.
add
Adds the secondary VLAN.
<2-4094>
VLAN identifier of the secondary VLAN (either isolated or community).
Default
By default, switchport mode private-vlan value is 1
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport private-vlan host-association 2 add 3
 
#configure terminal
(config)#interface eth0
(config-if)#no switchport private-vlan host-association
switchport private-vlan mapping
Use this command to associate a primary VLAN and a set of secondary VLANs to a promiscuous port.
Use the no form of this to remove all the association of secondary VLANs to primary VLANs for a promiscuous port.
Command Syntax
switchport private-vlan mapping <2-4094> add VLAN_ID
switchport private-vlan mapping <2-4094> remove VLAN_ID
no switchport private-vlan mapping
Parameters
<2-4094>
VLAN identifier of the primary VLAN.
add
Adds the secondary VLAN.
remove
Removes the secondary VLAN.
VLAN_ID
VLAN identifier <2-4094> of the secondary VLAN (either isolated or community).
Default
By default, switchport mode private-vlan mapping value is 1
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth0
(config-if)#switchport private-vlan mapping 2 add 3-4
(config-if)#switchport private-vlan mapping 2 remove 3-4
 
(config-if)#no switchport private-vlan mapping
feature vlan classifier
Use this command to enable the feature VLAN classifier.
Use no form of this command to disable the feature VLAN classifier.
Command Syntax
feature vlan classifier
no feature vlan classifier
Parameters
classifier
VLAN Classifier Service
Default
By default, feature vlan classifier is enable
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#feature vlan classifier
(config)#no feature vlan classifier
 
vlan classifier activate
Use this command to activate the VLAN classifier.
Use no form of this command to deactivate the VLAN classifier.
Command Syntax
vlan classifier activate <1-16> vlan <2-4096>
no vlan classifier activate <1-16>
Parameters
<1-16>
Indicates the VLAN classifier activate identifier.
<2-4094>
VLAN identifier of the primary VLAN.
Default
By default, vlan classifier activate value is 1
Command Mode
Interface mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#interface eth2
(config-if)#vlan classifier activate 1 vlan 2
 
(config-if)#no vlan classifier activate 1
vlan classifier group
Use this command to create a subnet-based VLAN classifier group. A group indicates a VLAN classifier group ID.
Command Syntax
vlan classifier group <1-16> (add | delete) rule <1-256>
no vlan classifier group <1-16>
Parameters
add
Adds a rule to a group.
delete
Deletes a rule from a group.
rule
Indicates the VLAN classifier rule identifier <1-256>.
Default
By default, vlan classifier group value is 1
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan classifier group 1 delete rule 1
(config)#no vlan classifier group 1
vlan classifier rule ipv4
Use this command to create a subnet-based VLAN classifier rule and map it to a specific VLAN.
Use this command to create a MAC-based VLAN classifier rule and map it to a specific VLAN. If the source IP address matches the IP subnet specified in the VLAN classifier rule, received packets are mapped to the designated VLAN.
Command Syntax
vlan classifier rule <1-256> ipv4 A.B.C.D/M
no vlan classifier rule <1-256>
Parameters
A.B.C.D/M
Indicates the IPv4 address classification. Enter the address in A.B.C.D/M format.
Default
By default, vlan classifier rule is VLAN1
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan classifier rule 2 ipv4 20.20.20.2/24
(config)#no vlan classifier rule 2
vlan classifier rule mac
Use this command to create a MAC-based VLAN classifier rule and map it to a specific VLAN.
If the source MAC address matches the MAC specified in the VLAN classifier rule, received packets are mapped to the designated VLAN.
Command Syntax
vlan classifier rule <1-256> mac WORD
no vlan classifier rule <1-256>
Parameters
WORD
MAC Address in HHHH.HHHH.HHHH format.
Default
By default, vlan classifier rule value is VLAN1
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)##vlan classifier rule 2 mac 00D0.2331.AA1C
(config)#no vlan classifier rule 2
vlan classifier rule proto
Use this command to create an Ethertype-based VLAN classifier rule for a protocol and map it to a specific VLAN. If thesource Ethertype matches the Ethertype specified in the VLAN classifier rule, received packets are mapped to the designated VLAN.
Command Syntax
vlan classifier rule <1-256> proto (ETHERTYPE|ip|x25|arp|g8bpqx25|ieeepup|ieeeaddrtrans|dec|decdnadumpload|decdnaremoteconsole|decdnarouting|declat|decdiagnostics|rarp|atalkddp|atalkaarp|ipx|ipv6|atmmulti|pppdiscovery|pppsession|atmtransport)
no vlan classifier rule <1-256>
Parameters
ETHERTYPE
Specify an Ethernet protocol number (0x600-0xFFFF)
arp
Address Resolution Protocol (0x0806)
atalkaarp
Appletalk AARP (0x80F3)
atalkddp
Appletalk DDP (0x809B)
atmmulti
MultiProtocol Over ATM (0x884c)
atmtransport
Frame-based ATM Transport (0x8884)
dec
DEC Assigned (0x6000)
decdiagnostics
DEC Diagnostics (0x6005)
decdnadumpload
DEC DNA Dump/Load (0x6001)
decdnaremoteconsole
 
DEC DNA Remote Console (0x6002)
decdnarouting
DEC DNA Routing (0x6003)
declat
DEC LAT (0x6004)
g8bpqx25
G8BPQ AX.25 (0x08FF)
ieeeaddrtrans
Xerox IEEE802.3 PUP Address Translation (0x0a01)
ieeepup
Xerox IEEE802.3 PUP (0x0a00)
ip
IP (0x0800)
ipv6
IPv6 (0x86DD)
ipx
IPX (0x8137)
pppdiscovery
PPPoE discovery (0x8863)
pppsession
PPPoE session (0x8864)
rarp
Reverse Address Resolution Protocol (0x8035)
x25
CCITT X.25 (0x0805)
Default
By default, vlan classifier rule value is VLAN1
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
#configure terminal
(config)#vlan classifier rule 2 proto ip
(config)#no vlan classifier rule 2
(config)#vlan classifier rule 3 proto 0x0805
(config)#no vlan classifier rule 3
vlan database
Use this command to enter the VLAN configuration mode to add, delete, or modify values associated with a single VLAN.
Command Syntax
vlan database
Parameters
None
Default
No default value is specified
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 1.3.
Example
In the following example, note the change to VLAN configuration mode from Configure mode:
#configure terminal
(config)#vlan database
(config-vlan)#
vlan-reservation
Use this command to create or delete VLAN reservation pool on the switch.
Note:  
The user-defined VLAN range must be contiguous with the system-defined VLANs. Example: If the system VLAN is 4066-4094, the user VLAN range must be 4040-4065 and not 4040-4064 or 100-200.
Delete the VLAN-reservation range completely for the added user-defined VLAN range, as it is not possible to delete subsets.
Command Syntax
vlan-reservation VLAN_RANGE
no vlan-reservation VLAN_RANGE
Parameters
VLAN_RANGE
VLAN ID 2-4094 or range(s): 2-5,10 or 2-5,7-19
Default
No default value is specified
Command Mode
Configure mode
Applicability
This command was introduced before OcNOS version 5.1.
Example
In the following example, note the change to VLAN configuration mode from Configure mode:
#configure terminal
(config)#vlan database
(config-vlan)#
vlan VLAN_RANGE bridge
This command allows you to create a single/range of VLAN’s on the VLAN aware bridges.
Use the no form of this command to delete the VLAN.
Command Syntax
vlan VLAN_RANGE bridge <1-32>
vlan <2-4094> bridge <1-32> (state (enable|disable)|)
vlan VLAN_RANGE bridge <1-32> (name WORD|) state (enable | disable)
no vlan VLAN_RANGE bridge <1-32>
Parameters
VLAN_RANGE
The vlan-id or range of vlan-id's separated by ','&'-'
bridge
Specify the bridge group ID in the range <1-32>.
state
Indicates the operational state of the VLAN.
enable
Sets VLAN into an enable state.
disable
Sets VLAN into a disable state.
Default
By default, vlan bridge state is disabled
Command Mode
Configuration Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
(config)#vlan 3-40,56 bridge 4
(config)#no vlan 2-5 bridge 2
 
vlan VLAN_RANGE type customer
This command allows you to create a single/range of VLAN’s of the type Customer VLAN in Provider Edge bridges.
Use the no form of this command to delete the VLAN.
Command Syntax
vlan VLAN_RANGE (type (customer)|) bridge <1-32> (name WORD|) (state (disable|enable)|)
no vlan VLAN_RANGE type (customer) bridge <1-32>
no vlan VLAN_RANGE bridge <1-32>
Parameters
VLAN_RANGE
VLAN ID 2-4094 or range(s): 2-5,10 or 2-5,7-19
bridge
Specify the bridge group ID in the range <1-32>.
WORD
The ascii name of the VLAN
state
Indicates the operational state of the VLAN.
enable
Sets VLAN into an enable state.
disable
Sets VLAN into a disable state.
customer
 
Customer VLAN
Default
By default, vlan customer state is disabled
Command Mode
Configuration Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
(config-vlan)#vlan 15 type customer bridge 1 name abcde state enable
(config-vlan)#vlan 2-10,15 type customer bridge 1 state enable
(config-vlan)#no vlan 2-10,15 type customer bridge 1
(config-vlan)#
(config)#no vlan 2-10,15 br 1
(config)#end
#
vlan VLAN_RANGE type service
This command allows you to create a single/range of VLAN’s of the type Service VLAN in Provider Edge & provider network bridges.
Use the no form of this command to delete the VLAN.
Command Syntax
vlan VLAN_RANGE type service (point-point|multipoint-multipoint|rooted-multipoint) bridge <1-32> (state (disable|enable)|)
vlan VLAN_RANGE type service (point-point|multipoint-multipoint|rooted-multipoint) bridge <1-32> name WORD (state (disable|enable)|)
no vlan VLAN_RANGE type service bridge <1-32>
Parameters
 
VLAN_RANGE
VLAN ID 2-4094 or range(s): 2-5,10 or 2-5,7-19
 
service
service VLAN
 
multipoint-multipoint
 
Service Multipoint to Multipoint Service VLAN
 
point-point
Service Point-to-Point Service VLAN
 
rooted-multipoint
 
Service Rooted Multipoint Service VLAN
 
bridge
Specify the bridge group ID in the range <1-32>.
 
WORD
The ascii name of the VLAN
 
state
Operational state of the VLAN
 
disable
Disable VLAN status on the bridge
enable
Enable VLAN status on the bridge
Default
By default, with the name WORD this can only be given in “vlan database” mode.
Command Mode
Configuration Mode
VLAN Configuration mode
Applicability
This command was introduced before OcNOS version 1.3.
Examples
(config)#vlan database
(config-vlan)#vlan 100 type service multipoint-multipoint bridge 1 name xxxx state enable
(config-vlan)#vlan 101 type service point-point bridge 1 name afsa state disable
 
(config-vlan)#vlan 102 type service rooted-multipoint bridge 1 state enable
(config)#vlan 104-107 type service multipoint-multipoint bridge 1 state enable
(config)#vlan 114-117,119 type service multipoint-multipoint bridge 1 state enable
(config)#vlan 124-127,129 type service point-point bridge 1 state enable
(config)#no vlan 114-117,119 type service br 1