About GVRP
GVRP (GARP VLAN Registration Protocol) is an application of
GARP (Generic Attribute Registration Protocol.) It enables a switch
to dynamically create 802.1Q-compliant VLANs on links with other devices
running GVRP and automatically create VLAN links between GVRP-aware
devices. (A GVRP link can include intermediate devices that are not
GVRP-aware.) This operation reduces the chance for errors in VLAN
configurations by automatically providing VID (VLAN ID) consistency
across the network. After the switch creates a dynamic VLAN, the CLI static
command
can be used to convert it to a static VLAN. GVRP can also be used
to dynamically enable port membership in static VLANs configured on
a switch.<vlan-id>
GVRP uses GVRP BPDUs (GVRP Bridge Protocol Data Units) to advertise static VLANs; this a GVRP BPDU is called an advertisement. On a switch, advertisements are sent outbound from ports to the devices directly connected to those ports.
GVRP operational rules
A dynamic VLAN must be converted to a static VLAN before it can have an IP address.
The total number of VLANs on the switch (static and dynamic combined) cannot exceed the current Maximum VLANs setting. For example, in the factory default state, the switch supports up to eight VLANs. Thus, where four static VLANs are configured on the switch, the switch can accept up to four additional VLANs in any static and dynamic combination. Any additional VLANs advertised to the switch will not be added unless you first increase the Maximum VLANs setting. In the Menu interface, click on 2. Switch Configuration … | 8. VLAN Menu | 1. VLAN Support. In the global config level of the CLI, use max-vlans.
Converting a dynamic VLAN to a static VLAN and then executing the
write memory
command saves the VLAN in the startup-config file and makes it a permanent part of the switch's VLAN configuration.Within the same broadcast domain, a dynamic VLAN can pass through a device that is notGVRP-aware. This is because a half-duplex repeater, a hub, or a switch that is not GVRP-aware will flood the GVRP (multicast) advertisement packets out all ports.
GVRP assigns dynamic VLANs as Tagged VLANs. To configure the VLAN as Untagged, first convert it to a static VLAN.
Rebooting a switch on which a dynamic VLAN exists deletes that VLAN. However, the dynamic VLAN reappears after the reboot if GVRP is enabled and the switch again receives advertisements for that VLAN through a port configured to add dynamic VLANs.
By receiving advertisements from other devices running GVRP, the switch learns of static VLANs on those other devices and dynamically (automatically) creates tagged VLANs on the links to the advertising devices. Similarly, the switch advertises its static VLANs to other GVRP-aware devices, as well as the dynamic VLANs the switch has learned.
A GVRP-enabled switch does not advertise any GVRP-learned VLANs out of the ports on which it originally learned of those VLANs.
Options for a GVRP-aware port receiving advertisements
If there is not already a static VLAN with the advertised VID on the receiving port, such a port can dynamically create the VLAN and become a member.
If the switch already has a static VLAN assignment with the same VID as in the advertisement and the port is configured to
Auto
for that VLAN, then the port will dynamically join the VLAN and begin moving that VLAN's traffic. For more detail onAuto
, see Per-port options for dynamic VLAN advertising and joining.Ignore the advertisement for that VID.
Not participate in that VLAN.
Options for a port belonging to a Tagged or Untagged static VLAN
Send VLAN advertisements
Receive advertisements for VLANs on other ports and dynamically join those VLANs.
Send VLAN advertisements but ignore advertisements received from other ports.
Avoid GVRP participation by not sending advertisements and dropping any advertisements received from other devices.
IP addressing
A dynamic VLAN does not have an IP address and moves traffic on the basis of port membership in VLANs. However, after GVRP creates a dynamic VLAN, you can convert it to a static VLAN. It is then necessary to assign ports to the VLAN in the same way that you would for a static VLAN created manually. In the static state, you can configure IP addressing on the VLAN and access it in the same way that you would any other static VLAN.
Per-port options for handling GVRP "unknown VLANs"
An "unknown VLAN" is a VLAN that the switch learns of by receiving an advertisement for that VLAN on a port that is not already a member of that VLAN. If the port is configured to learn unknown VLANs, then the VLAN is dynamically created and the port becomes a tagged member of the VLAN.
GVRP unknown VLAN settings
Suppose that in GVRP operation, port 1 on switch A is connected to port 5 on switch C. Because switch A has VLAN 22 statically configured, while switch C does not have this VLAN statically configured (and does not "Forbid" VLAN 22 on port 5), VLAN 22 is handled as an "Unknown VLAN" on port 5 in switch C. Conversely, if VLAN 22 was statically configured on switch C, but port 5 was not a member, port 5 would become a member when advertisements for VLAN 22 were received from switch A.
The CLI show gvrp
command
and the menu interface VLAN Support screen show a switch's current
GVRP configuration, including the Unknown VLAN settings.
Per-port options for dynamic VLAN advertising and joining
Initiating advertisements
As described in the preceding section, to enable dynamic joins, GVRP must be enabled and a port must be configured to Learn (the default). However, to send advertisements in your network, one or more static (Tagged, Untagged, or Auto) VLANs must be configured on one or more switches (with GVRP enabled), depending on your topology.
Enabling a port for dynamic joins
You can configure a port to dynamically join a static VLAN. The join will occur if that port subsequently receives an advertisement for the static VLAN. This is done by using the Auto and Learn options described in Controlling VLAN behavior on ports with static VLANs.
Parameters for controlling VLAN propagation behavior
You can configure an individual port to actively or passively participate in dynamic VLAN propagation or to ignore dynamic VLAN (GVRP) operation. These options are controlled by the GVRP "Unknown VLAN" and the static VLAN configuration parameters, as described in Controlling VLAN behavior on ports with static VLANs.
Controlling VLAN behavior on ports with static VLANs
Per-Port "Unknown VLAN" (GVRP) configuration | Static VLAN Options—Per VLAN Specified on Each Port[a] | ||
---|---|---|---|
Port Activity: Tagged or Untagged (Per VLAN)[b] | Port Activity: Auto[b] (Per VLAN) | Port Activity: Forbid (Per VLAN)[b] | |
Learn (the Default) | The port:
|
The port:
|
The port:
|
Block | The port:
|
The port:
|
The port:
|
Disable | The port:
|
The port:
|
The port:
|
[a] Each port of the switch must be a Tagged or Untagged member of at least one VLAN. Thus, any port configured for GVRP to Learn or Block will generate and forward advertisements for static VLAN(s) configured on the switch and also for dynamic VLANs the switch learns on other ports. [b] To configure tagging, Auto, or Forbid, see Configuring or changing static VLAN per-port settings (CLI) (for the CLI) or Adding or changing a VLAN port assignment (Menu) (for the menu). |
As the preceding table indicates, when you enable GVRP, a port that has a Tagged or Untagged static VLAN has the option for both generating advertisements and dynamically joining other VLANs.
NOTE: In Controlling VLAN behavior on ports with static VLANs, the Unknown VLAN parameters are configured on a per-port basis using the CLI. The Tagged, Untagged, Auto, and Forbid options are configured per static VLAN on every port, using either the menu interface or the CLI. Because dynamic VLANs operate as Tagged VLANs and because a tagged port on one device cannot communicate with an untagged port on another device, Hewlett Packard Enterprise recommends that you use Tagged VLANs for the static VLANs you will use to generate advertisements. | |
GVRP and VLAN access control
Advertisements and dynamic joins
When you enable GVRP on a switch, the default GVRP parameter settings allow all of the switch's ports to transmit and receive dynamic VLAN advertisements (GVRP advertisements) and to dynamically join VLANs.
Enabling GVRP:
Allows a port to both advertise and join dynamic VLANs (Learn mode—the default).
Allows a port to send VLAN advertisements, but not receive them from other devices; that is, the port cannot dynamically join a VLAN but other devices can dynamically join the VLANs it advertises (Block mode).
Prevents a port from participating in GVRP operation (Disable mode).
Port-Leave from a dynamic VLAN
A dynamic VLAN continues to exist on a port for as long as the port receives its advertisements from another device connected to that port, or until:
Converting the VLAN to a static VLAN
Reconfiguring the port to
Block
orDisable
Disabling GVRP
Rebooting the switch.
The time-to-live for dynamic VLANs is 10 seconds, if a port has not received an advertisement for an existing dynamic VLAN during that time, the port removes itself from that dynamic VLAN.