[x]

MFF configuration examples > Configuring auto-mode MFF in a ring network

 

 Next

Configuring auto-mode MFF in a ring network

Network requirements

As shown in Figure 130, all the devices are in VLAN 100, and the switches form a ring. Hosts A, B, and C obtain IP addresses from the DHCP server.

Configure MFF to isolate the hosts at Layer 2 and allow them to communicate with each other through the gateway at Layer 3.

Figure 130: Network diagram

Configuration procedure

  • Configure the IP address of GigabitEthernet 1/0/1 on the gateway.

    • <Gateway> system-view
[Gateway] interface gigabitethernet 1/0/1
[Gateway-GigabitEthernet1/0/1] ip address 10.1.1.100 24

  • Configure the DHCP server:

    • # Enable DHCP and configure an address pool.

    <Device> system-view
[Device] dhcp enable
[Device] dhcp server ip-pool 1
[Device-dhcp-pool-1] network 10.1.1.0 mask 255.255.255.0

    # Add the gateway's IP address to DHCP address pool 1.

    [Device-dhcp-pool-1] gateway-list 10.1.1.100
[Device-dhcp-pool-1] quit

    # Configure the IP address of GigabitEthernet 1/0/2.

    [Device] interface gigabitethernet 1/0/2
[Device-GigabitEthernet1/0/2] ip address 10.1.1.50 24

  • Configure Switch A:

    • # Enable DHCP snooping.

    <SwitchA> system-view
[SwitchA] dhcp-snooping

    # Enable STP.

    [SwitchA] stp enable

    # Enable MFF in automatic mode.

    [SwitchA] vlan 100
[SwitchA-vlan-100] mac-forced-forwarding auto
[SwitchA-vlan-100] quit

    # Configure GigabitEthernet 1/0/2 as a network port.

    [SwitchA] interface gigabitethernet 1/0/2
[SwitchA-GigabitEthernet1/0/2] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/2 as a DHCP snooping trusted port.

    [SwitchA-GigabitEthernet1/0/2] dhcp-snooping trust
[SwitchA-GigabitEthernet1/0/2] quit

    # Configure GigabitEthernet 1/0/3 as a network port.

    [SwitchA] interface gigabitethernet 1/0/3
[SwitchA-GigabitEthernet1/0/3] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/3 as a DHCP snooping trusted port.

    [SwitchA-GigabitEthernet1/0/3] dhcp-snooping trust no-user-binding

  • Configure Switch B:

    • # Enable DHCP snooping.

    <SwitchB> system-view
[SwitchB] dhcp-snooping

    # Enable STP.

    [SwitchB] stp enable

    # Enable MFF in automatic mode.

    [SwitchB] vlan 100
[SwitchB-vlan-100] mac-forced-forwarding auto
[SwitchB-vlan-100] quit

    # Configure GigabitEthernet 1/0/4 as a network port.

    [SwitchB] interface gigabitethernet 1/0/4
[SwitchB-GigabitEthernet1/0/4] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/4 as a DHCP snooping trusted port.

    [SwitchB-GigabitEthernet1/0/4] dhcp-snooping trust no-user-binding
[SwitchB-GigabitEthernet1/0/4] quit

    # Configure GigabitEthernet 1/0/6 as a network port.

    [SwitchB] interface gigabitethernet 1/0/6
[SwitchB-GigabitEthernet1/0/6] mac-forced-forwarding network-port

    # Configure GigabitEthernet 1/0/6 as a DHCP snooping trusted port.

    [SwitchB-GigabitEthernet1/0/6] dhcp-snooping trust

  • Enable STP on Switch C.

    • <SwitchC> system-view
[SwitchC] stp enable

    prev

     

    up

     next

    Configuring auto-mode MFF in a tree network 

    home

     Configuring manual-mode MFF in a tree network

    © Copyright 2016 Hewlett Packard Enterprise Development LP