You must enable javascript in order to view this page or you can go
here
to view the webhelp.
Case sensitive
Contents
Search
Loading, please wait ...
Aruba 3810 / 5400R Advanced Traffic Management Guide for ArubaOS-Switch 16.07
Home
About this guide
Applicable products
Switch prompts used in this guide
Static Virtual LANs
General steps for using VLANs
Configuring VLANs
Per-port static VLAN configuration options
Configuring port-based and protocol-based VLAN parameters
Viewing a switch's VLAN configuration
Viewing the VLAN membership of one or more ports
Viewing the configuration for a particular VLAN
Customizing the show VLANs output
Creating an alias for show VLAN commands
Using pattern matching with the show VLANs custom command
Changing the number of VLANs allowed on the switch
Assigning the primary VLAN
Creating a new static VLAN (port-based or protocol-based)
Deleting a static VLAN
Converting a Dynamic VLAN to a Static VLAN
Configuring static VLAN per-port settings
Using IP enable/disable for all VLANs
Interaction with other features
Interactions with DHCP
Deleting multiple VLANs
Connecting a switch to another with a multiple forwarding database (Example)
Configuring a secure Management VLAN
Preparation
Configuring an existing VLAN as the Management VLAN
Obtaining an IP address using DHCP
Disabling the Management feature
Configuring a VLAN MAC address with heartbeat interval
Viewing a VLAN MAC address configuration
About static VLAN operation
VLAN environments
VLAN operation
General VLAN operation
Types of static VLANs available in the switch
The default VLAN
Multiple port-based VLANs
Protocol VLAN environment
Routing options for VLANs
Overlapping (Tagged) VLANs
Using voice VLANs
Operating rules for voice VLANs
Components of voice VLAN operation
Voice VLAN access security
Prioritizing voice VLAN QoS
Introducing tagged VLAN technology into networks running untagged VLANs
VLAN Operating Rules
Multiple VLAN considerations
Single forwarding database operation
802.1Q VLAN tagging
VLAN tagging considerations
VLAN support and the default VLAN
The primary VLAN
The secure Management VLAN
Operating notes for Management VLANs
Spanning Tree operation with VLANs
IP interfaces
VLAN MAC address
Port trunks
Port monitoring
Jumbo packet support
VLAN restrictions
Migrating Layer 3 VLANs using VLAN MAC configuration
VLAN MAC address reconfiguration
Handling incoming VLAN data packets and ARP requests
Handling outgoing VLAN traffic
Sending heartbeat packets with a configured MAC Address
Operating notes on VLAN MAC address
GVRP
About GVRP
GVRP operating notes
Example of GVRP operation
Options for a GVRP-aware port receiving advertisements
Options for a port belonging to a tagged or untagged static VLAN
IP addressing
Per-port options for handling GVRP unknown VLANs
Per-port options for dynamic VLAN advertising and joining
Initiating advertisements
Enabling a port for dynamic joins
Parameters for controlling VLAN propagation behavior
GVRP and VLAN access control
Advertisements and dynamic joins
Port-Leave from a dynamic VLAN
Using GVRP
Planning for GVRP operation
Viewing the switch's current GVRP configuration
Enabling and disabling GVRP on the switch
Controlling how individual ports handle advertisements for new VLANs
Listing static and dynamic VLANs on a GVRP-enabled switch
Converting a Dynamic VLAN to a Static VLAN
Multiple VLAN Registration Protocol
Multiple VLAN Registration Protocol overview
MVRP operating notes
Listing static and dynamic VLANs on an MVRP-enabled switch
Converting a dynamic VLAN to a static VLAN
show mvrp
show mvrp config
show mvrp state
show mvrp statistics
clear mvrp statistics
debug mvrp
Enabling MVRP globally
Enabling MVRP on an interface
MVRP timers
Join Timer
mvrp join-timer
Leave Timer
mvrp leave-timer
LeaveAll Timer
mvrp leaveall-timer
Periodic Timer
mvrp periodic timer
mvrp periodic-timer-enable
MVRP registration modes
mvrp registration
show tech mvrp
MVRP limitations
MVRP statistics
Multiple instance spanning tree operation
Overview of MSTP
MSTP structure
How MSTP operates
802.1s Multiple Spanning Tree Protocol (MSTP)
MST regions
How separate instances affect MSTP
Regions, legacy STP and RSTP switches, and the Common Spanning Tree (CST)
MSTP operation with 802.1Q VLANs
MSTP compatibility with RSTP or STP
Preconfiguring an MSTP regional topology
Preconfiguring VLANs in an MST instance
Configuring MSTP instances with the VLAN range option (Example)
Saving the current configuration before a software upgrade
Types of Multiple Spanning Tree Instances
Planning an MSTP application
Configuring MSTP at a glance
Configuring MSTP operation mode and global settings
Selecting MSTP as the spanning tree mode
Clearing spanning tree debug counters
Resetting the configuration name of the MST region in which a switch resides
Designating the revision number of the MST region for a switch
Setting the spanning tree compatibility mode
Setting the time interval between listening, learning, and forwarding states
Setting spanning tree to operate in 802.1D legacy mode
Setting spanning tree to operate with 802.1D legacy path cost values
Specifying the time interval between BPDU transmissions
Setting the hop limit for BPDUs
Setting the maximum age of received STP information
Manipulating the pending MSTP configuration
Setting the bridge priority for a region and determining the root switch
Enabling SNMP traps
Configuring MSTP per-port parameters
Enabling immediate transition to forwarding on end nodes
Identifying edge ports automatically
Specifying the interval between BPDU transmissions
Forcing a port to send RST/MST BPDUs
Determining which ports are forwarding ports by assigning port cost
Informing the switch of the device type to which a port connects
Determining which port to use for forwarding
Denying a port the role of root port
Denying a port propagation change information
Configure MST instance ports parameters
Create a new instance or map VLAN(s) to an existing one
Enable event logging
Deleting an instance
Configure an existent instance
MSTP Config example
Downgrading to lower version build
Operating notes for the VLAN configuration enhancement
Configuring MST instance parameters
Setting the bridge priority for an instance
Assigning a port cost for an MST instance
Setting the priority for a port in a specified MST instance
Setting the priority for specified ports for the IST
Enabling or disabling spanning tree operation
Enabling an entire MST region at once or exchanging one region configuration for another
Creating a pending MSTP configuration
Viewing MSTP statistics
Viewing global MSTP status
Viewing detailed port information
Viewing status for a specific MST instance
Viewing the MSTP configuration
Viewing the global MSTP configuration
Viewing per-instance MSTP configurations
Viewing the region-level configuration
Viewing the pending MSTP configuration
MSTP operating rules
Troubleshooting an MSTP configuration
Viewing the change history of root bridges
Enabling traps and viewing trap configuration
Viewing debug counters for all MST instances
Viewing debug counters for one MST instance
Viewing debug counters for ports in an MST instance
Field descriptions in MSTP debug command output
Troubleshooting MSTP operation
BPDU
About BPDU protection
Viewing BPDU protection status
Configuring BPDU filtering
Viewing BPDU filtering
Configuring and managing BPDU protection
Viewing BPDU protection status
Re-enabling a port blocked by BPDU protection
Enabling and disabling BPDU protection
Overview of MSTP BPDU throttling
Configuring MSTP BPDU throttling
PVST
PVST protection and filtering
PVST protection
PVST filtering
Enabling and disabling PVST protection on ports
Enabling and disabling PVST filters on ports
Re-enabling a port manually
Viewing ports configured with PVST protection and filtering
Listing ports to see which have PVST protection or filtering enabled
Loop protection
Configuring loop protection
Enabling loop protection in port mode
Enabling loop protection in VLAN mode
Changing modes for loop protection
Viewing loop protection status in port mode
Viewing loop protection status in VLAN mode
STP loop guard
Operating notes
Source VLAN Filtering
Overview of Source VLAN Filtering
CLI commands
Show Commands
Source VLAN Filtering Restrictions
Rapid per-VLAN spanning tree (RPVST+) operation
Overview of Rapid per-VLAN spanning tree (RPVST+) operation
Configuring RPVST+ at a glance
Selecting RPVST+ as the spanning tree mode
Configuring global spanning tree
Configuring per-VLAN spanning tree
Configuring per-port per-VLAN spanning tree
Configuring per-port spanning tree
Enabling or disabling RPVST+ spanning tree
Allowing traffic on VLAN ID (PVID) mismatched links
Configuring STP loop guard
About RPVST+
Comparing spanning tree options
Understanding how RPVST+ operates
Working with the default RPVST+ configuration
RPVST+ operating notes
Viewing RPVST+ statistics and configuration
Viewing global and VLAN spanning tree status
Viewing status for a specific VLAN
Viewing status for a specific port list
Viewing status per-port per-VLAN
Viewing the global RPVST+ configuration
Viewing the global RPVST+ configuration per port
Viewing the global RPVST+ configuration per port per VLAN
Viewing the global RPVST+ configuration per VLAN
Viewing BPDU status and related information
Viewing RPVST+ VLAN and vPort system limits
Troubleshooting an RPVST+ configuration
Viewing the change history of root bridges
Enabling traps and Viewing trap configuration
Viewing debug counters for all VLAN instances
Viewing debug counters per-VLAN
Viewing debug counters per-port per-VLAN
Field descriptions for RPVST+ debug command output
RPVST+ event log messages
Using RPVST+ debug
VXLAN
Overview of VXLAN
L2 Forwarding in VXLAN
Fully Meshed Network
Hub Spoke Network
Restrictions
VXLAN — Feature interaction table
OpenFlow interaction
Configuration procedures
VXLAN configuration commands
Enabling VXLAN
Disable VXLAN
Configuring destination UDP port number
Creating a VXLAN tunnel
Set the mode of a VXLAN tunnel
Set the source of a VXLAN tunnel
Set the destination of a VXLAN tunnel
Bind the VNI to a VLAN
Map overlay VLANs to VXLAN tunnel
VXLAN show commands
Show command to display the status of VXLAN feature
Show commands to display tunnels
Show VXLAN tunnel statistics
Private VLANs
PVLAN introduction
PVLAN structure
PVLAN port types
Promiscuous port
Community/Isolated Access Port
PVLAN member port (Also called Interswitch Link [ISL] ports)
Private VLANs across multiple switches
PVLAN Ports and Layer 2 connectivity
IP address assignment
PVLAN Interaction with Other Features
VLAN commands
Creating a primary VLAN
Configuring the promiscuous port
Adding the isolated VLAN
Remove the secondary VLANs configuration
Configuring interswitch link (ISL) ports (PVLAN member ports)
Change the primary VLAN to normal VLAN
vlan private-vlan
Removing a secondary VLAN
Changing a port from promiscuous port to PVLAN member port
Change the primary VLAN to normal VLAN
Configuring PVLANs
Configuring private VLAN settings
Configuring promiscuous ports
VLAN show commands
show vlans private-vlan
Examples: show information about a specific private VLAN
Example: show the PVLAN promiscuous ports
Show dhcp-snooping binding private-vlan
Other show commands that include PVLAN information
Examples: show vlans command with PVLANs
Example: show running-config command for private VLANs
Examples: show dhcp-snooping binding for PVLANs
Example: show tech all command for private VLANs
Error messages
Restrictions when assigning ports to a VLAN
Interaction with virtual ports
Security interactions with PVLANs
dhcp-snooping trust
Dynamic IP lockdown
show ip source-lockdown status
show ip source-lockdown bindings
show ip source-lockdown bindings [ethernet] <port>
Dynamic ARP protection
arp protect vlan
ip source binding
show arp-protect
Multicast hardware filter
Interaction with multicast protocols(IGMP/MLD)
Switch meshing
Introduction
Finding the fastest path
Meshing allows scalable responses to increasing bandwidth demand
Preparing to configure switch meshing
Configuring switch meshing
Configuring concurrent meshing and routing
Meshing routers and switches
Viewing switch mesh status
About switch meshing
Switch mesh domain
Edge switch
Operating rules
Bringing up a switch mesh domain
Operating notes for switch meshing
Flooded traffic
Unicast packets with unknown destinations
Spanning tree operation with switch meshing
Filtering/security in meshed switches
IP Multicast (IGMP) in meshed switches
Static VLANs
Dynamic VLANs
Jumbo packets
Mesh design optimization
Configuring VRRP with concurrent meshing and routing
Other requirements and restrictions
Quality of Service: Managing bandwidth effectively
Overview of Quality of Service
Using QoS to classify and prioritize network traffic
Applying QoS to inbound traffic at the network edge
Preserving QoS in outbound traffic in a VLAN
Using QoS to optimize existing network resources
Using classifier-based QoS to provide additional policy actions and aid migration in networks with legacy and OEM devices
QoS operation
Globally-configured QoS
Classifier-based QoS
QoS packet classification
Using multiple global criteria
Classifier-based match criteria
QoS traffic marking
Globally-configured traffic marking
Layer 2 802.1p prioritization
Layer 3 DSCP marking
VLAN and untagged VLAN environments
Classifier-based traffic marking
No override
Global QoS restrictions
All switches
For devices that do not support 802.1Q VLAN-tagged ports
Port tagging rules
Maximum global QoS remarking entries
Not supported
Fragmented packets and TCP/UDP
Enabling and disabling TCP push preserve
Monitoring shared resources
Configuring QoS globally
Viewing a global QoS configuration
Creating a policy based on IP address
Configuring QoS actions in a policy
Configuring a QoS policy for Voice over IP and Data traffic (Example)
Configuring a QoS policy for layer 4 TCP/UDP traffic (Example)
Configuring a QoS policy for subnet traffic (Example)
Creating a policy based on source-port classifiers
Assigning a priority for a global source-port classifier
Changing the priority setting on a policy when other QoS features are currently using the policy (Example)
Notes on changing priority settings
Creating a policy based on the VLAN-ID
Assigning a priority for global VLAN-ID QoS
DSCP Policy
Assigning DSCP policies to packets matching specified global classifiers
Assigning a DSCP policy for a global IP-device classifier
Assigning a DSCP policy for a global TCP/UDP classifier
Creating a DSCP policy based on TCP/UDP port number classifiers
Assigning DSCP policies to packets matching specified TCP and UDP port applications (Example)
Assigning a DSCP policy for a global IP-Diffserv classifier
Assigning a DSCP policy for a global source-VLAN-ID QoS
Assigning a DSCP policy for a global source-port classifier
Error messages for DSCP policy changes
Using Differentiated Services Codepoint (DSCP) mapping
Traffic Policing
Traffic rates
Traffic policy configuration
class
show statistics
Scenarios
Restrictions
Configuring traffic templates
Displaying traffic template information
Creating a traffic template
Configuring traffic groups within a traffic template
Moving a priority from one traffic group to another
Applying a traffic template
802.1p priority
Assigning an 802.1p priority for a global TCP/UDP classifier
Assigning an 802.1p priority for a global IP-precedence classifier
Assigning an 802.1p priority for a global IP-diffserv classifier
Reconfiguring the 802.1p priority value currently assigned to a DSCP codepoint
Port QoS Trust Mode
Configuration commands
qos trust
qos dscp-map
Show commands
show qos trust
Validation rules
Impact of QoS queue configuration on guaranteed minimum bandwidth (GMB)
Setting minimum guaranteed bandwidth with 8 queues
Classifier-based QoS model
Configuring classifier-based QoS
Viewing a classifier-based QoS configuration
Advanced classifier-based QoS
Classifier-based QoS restrictions
Viewing a list of all TCP and UDP QoS classifiers
Assigning a priority for a global IP-device classifier
Using a global IP-Diffserv classifier to mark matching packets with an 802.1p priority
Comparing global IP type-of-service classifiers
Viewing resource usage for QoS policies
QoS Queues
Configuring QoS queues
Changing the number of priority queues (Example)
Viewing the QoS queue configuration
Using the outbound queue monitor
Viewing per-queue counts
QoS Port Egress Queue DropCounters
Command Line Support
Mapping of outbound port queues
QoS global classifiers
Global QoS classifiers
Global TCP/UDP classifier
About global IP-device classifier
Global QoS classifier precedence: 2
Options for assigning priority
Global IP type-of-service classifier
Global QoS classifier precedence: 3
Global Layer-3 protocol classifier
Global QoS Classifier Precedence: 4
Global VLAN-ID classifier
Global QoS Classifier Precedence: 5
Options for assigning priority
Global source-port classifier
Global QoS Classifier Precedence: 6
Options for assigning priority on the switch
Options for assigning priority from a RADIUS server
Radius override field
Override of global QoS settings
Effect of No-override
Assigning a priority for a global layer 3 protocol classifier
Default priority settings for selected codepoints
IPv4 ToS/IPv6 traffic class byte
Interaction with other software features
Stack management
Introduction to stack management
Creating a stack
Using a deterministic method
Using the plug-and-go method
Adding a switch to a stack as a new member
Removing a switch from the stack
Removing a Member or the Standby
Replacing a faulty member without losing the configuration
Removing the Commander
Renumbering stack members
Restoring the operation of a stack
Restoring operation after disconnecting a power cord
Restoring operation after disconnecting a stacking cable
Replacing a failed stack member
Replacing a failed stacking module
Merging stack fragments
Modifying the stack topology
Downloading new software to the stack
Monitoring stacking
Troubleshooting stacking
Troubleshoot OOBM and split stack issues
Using fault recovery/troubleshooting tools
Troubleshooting installation and deployment issues
Troubleshooting issues with adding or removing members in the stack
Troubleshooting a strictly provisioned, mismatched MAC address
Troubleshoot a mismatched stack-ID
Troubleshoot stacking problems using the show logging command
Troubleshooting a strictly provisioned, mismatched type
Troubleshooting maximum stack members exceeded
Troubleshooting a bad cable
Troubleshooting when a switch crashes and reboots
Troubleshoot an unexpected Commander or Standby switch selection
Managing interactions with other switch features
Managing SSH or Telnet sessions
Managing switch-level configuration interactions
Managing port-level configuration interactions
LACP support
Managing OOBM ports
Understanding stacking election
Electing a Commander
Electing a Standby
Naming conventions for FUP
Naming FUP with stacking enabled
Naming FUP in standalone
Flexible Uplink Modules
Provisioning FUP
Provisioning FUP with stacking enabled
Provisioning FUP with stacking disabled
Unprovisioning FUP
Unprovisioning FUP with stacking enabled
Unprovisioning FUP with stacking disabled
Saving power by turning off FUPs
Saving power by turning off FUP with stacking enabled
Saving power by turning off FUPs with stacking disabled
Disabling savepower by turning on FUPs
Turning ON FUPs in savepower status with stacking enabled
Turning ON FUPs in savepower status with stacking disabled
Online Insertion and Removal (OIR)
Changing flexible modules on a running stack
Inserting a flexible module into a running stack
Booting with flexible module configuration, no flexible modules inserted
Removing the flexible modules
Replacing a flexible module
Saving power for FUPs
Booting a switch with no inserted flexible modules, and with or without flexible module configuration
Changing flexible modules in savepower status in a running stack
Booting a switch with flexible modules inserted, and flexible modules in savepower status
BYOD-redirect
Introduction to BYOD-redirect
Features
SNMP Interactions
Interoperability with other switch features
Interoperability with other vendors
Restrictions
Creating a BYOD server
Associating a BYOD server
Creating a BYOD ACL rule
Implementing BYOD-redirect configuration
Implementing BYOD-redirect configuration examples
Show commands
Show portal server
Show portal redirect statistics
Show portal free rule
Associating with the BYOD server on a specified VLAN
QinQ (Provider bridging)
Introduction to QinQ
How QinQ works
Features and benefits
Configuring QinQ
QinQ Configuration example
QinQ Configuration example: provider Edge 2 switch
Configuring example: provider core 1 switch
Verifying the configuration
Enabling QinQ
Setting up S-VLANs
Configuring per-port S-VLAN membership
In QinQ mixed VLAN mode
Configuring port-types
Disabling QinQ
Changing VLAN port memberships (mixed VLAN mode)
Moving ports between C-VLANs and S-VLANs (mixed VLAN mode)
Viewing QinQ configuration and status
Viewing a switch VLAN configuration
Viewing the configuration for a particular VLAN
Viewing the VLAN membership of one or more ports
Viewing spanning tree status
About QinQ
Operating rules and guidelines
Enabling QinQ and configuring QinQ modes
QinQ mixed VLAN mode
Configuring VLANs
QinQ and duplicate VIDs
Assigning ports to VLANs
Configuring port types
Operating notes and restrictions
Changing QinQ modes
Effects of QinQ on other switch features
Classifier-based software configuration
Introduction
Configuring a traffic class
Defining the ICMP match criteria
Defining the IGMP match criteria
Defining TCP and UDP match criteria
Net-destination and Net-services for classifiers
How IPv4 mask bit settings define a match (Example)
Resequencing match/ignore statements
Creating a service policy
Creating a PBR policy
Troubleshooting PBR
Modifying classes in a policy
Resequencing classes in a policy
Applying a service policy to an interface
Checking resource usage
Viewing statistics for a policy
Configuring class-based zones
Creating a zone class
Zone class configuration examples
Creating a zone policy
Modifying zones and policies
Applying a zone policy to a ONE application
About Classifier-based configuration
Traffic classes and software releases
Using CIDR notation for IPv4/IPv6 addresses
Where to go from here
Traffic class-based configuration model
Creating a traffic class
Using match criteria
Troubleshooting problems
Where to go from here
Control Plane Policing
copp traffic-class
copp user-def
Traffic class limits
show copp
MAC classes
Overview of MAC classes
MAC Class configuration commands
MAC classes creation syntax
MAC class resequence
MAC configuring class entries
Creating policy
Mirror policy context
Adding a remark to the policy
QoS policy context
Default MAC Class
Inserting a remark into a policy
Applying the Service-policy
Show MAC class by name
Show class ports
show class vlan
Show policy
show policy ports
show policy vlan
show statistics policy port
Show statistics policy VLAN
clear statistics
Smart link
Overview of smart link
Smart link configuration commands
Create a smart link group
Configure VLANs
Enable debug
Configuration example
Show smart link group
Show smart link flush-statistics
Show receive control
Show tech smart link
Clear command
Event Log
Websites
Support and other resources
Accessing Hewlett Packard Enterprise Support
Accessing updates
Customer self repair
Remote support
Warranty information
Regulatory information
Documentation feedback
Classifier-based software configurati...
Next