Considerations when configuring vlan bridging, Configuring vlan bridging – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 52
38
ServerIron ADX Security Guide
53-1002440-03
Traffic segmentation
1
Considerations when configuring VLAN bridging
The following considerations apply when configuring VLAN bridging:
•
Up to 64 unique-pair VLAN bridges can be configured.
•
A VLAN cannot be part of two different VLAN bridges.
•
Two VLANs forming a bridge must have the same set of member ports on the ServerIron ADX
where they are joined.
•
The Control VLAN (4094) and system default VLAN cannot be used for VLAN bridging.
•
The hot-standby scenario is the only High Availability configuration supported with VLAN
bridging. In a hot-standby scenario with one-armed topology, after fail over, the existing session
may not be continued if the Layer-2 Switch in the middle cannot learn the MAC address of the
Gateway through the newly-active ServerIron ADX in time.
•
VLAN bridging is only supported with switch code. It is not supported with the ServerIron ADX
router code.
•
VLAN bridging is not supported with the SYN-proxy feature.
•
All ports within a VLAN bridge must be tagged members of a VLAN and its associated bridged
VLAN.
•
MAC learning is shared for VLANs that are bridged together.
Configuring VLAN bridging
The vlan-bridge command is used to configure VLAN bridging. To configure VLAN 10 and VLAN 12
for VLAN bridging, use the following command.
ServerIron(config)# vlan-bridge 10 12
Syntax: [no] vlan-bridge <VLAN-number> <VLAN-number>
The <VLAN-number> variables specify the pair of VLANs that you want to create VLAN bridging for.
Layer-2
Switch
Gateway
ServerIron ADX
(active)
Vlan 2
Vlan 3
Vlan 4
Domain1
Domain2
Domain3
Vlan -Bridging
2-12, 3-13, 4-14
Vlans
2, 3, 4, 12, 13, 14
Vlans
12, 13, 14
Vlans
2, 3, 4, 12, 13, 14
Vlan -Bridging
2-12, 3-13, 4-14
ServerIron ADX
(standby)