Configuration restrictions and guidelines, Configuration task list, Configuring many-to-one vlan mapping in a – H3C Technologies H3C S5560 Series Switches User Manual

Page 255: Network with static ip address assignment

Advertising
background image

221

Step Command

Remarks

4.

Assign the port to the

translated VLANs.

port trunk permit vlan vlan-id-list

port hybrid vlan vlan-id-list tagged

N/A

5.

Configure the port as a DHCP

snooping trusted port.

dhcp snooping trust

By default, all ports that support
DHCP snooping are untrusted

ports when DHCP snooping is

enabled.

6.

Configure the port as an ARP
trusted port.

arp detection trust

By default, all ports are ARP
untrusted ports.

7.

Configure the port to use the
original VLAN tags of the

many-to-one mapping to
replace the VLAN tags of the

packets destined for the user

network.

vlan mapping nni

By default, the port does not
replace the VLAN tags of the

packets destined for the user
network.

Configuring many-to-one VLAN mapping in a network with
static IP address assignment

In a network that uses static IP addresses, configure many-to-one VLAN mapping with ARP snooping.
The switch replaces the SVLAN tag of the downlink traffic with the associated CVLAN tag based on the

ARP snooping entry lookup.

Configuration restrictions and guidelines

When you configure many-to-one VLAN mapping in a network that uses static address assignment,
follow these restrictions and guidelines:

Before you configure many-to-one VLAN mapping, create the original VLANs and the translated
VLANs.

Make sure two hosts in different CVLANs do not use the same IP address.

When an IP address is no longer associated with the MAC address in a VLAN as in the ARP
snooping table, perform one of the following operations:

{

Use the reset arp snooping ip ip-address command to clear this ARP snooping entry.

{

Wait for this ARP snooping entry to be aged out.

Customer-side many-to-one VLAN mapping is not supported on Layer 2 aggregate interfaces.

Before you modify many-to-one VLAN mappings, use the reset arp snooping vlan vlan-id command
to clear the ARP snooping entries in each CVLAN.

To ensure correct traffic forwarding from the service provider network to the customer network, do
not configure many-to-one VLAN mapping together with uRPF. For more information about uRPF,

see Security Configuration Guide.

Configuration task list

Tasks at a glance

(Required.) Enabling ARP snooping

(Required.) Configuring the customer-side port

Advertising
This manual is related to the following products:

H3C S5130 Series Switches, H3C S5120 Series Switches, H3C SR8800, H3C SR6600-X, H3C SR6600, H3C MSR 5600, H3C MSR 50, H3C MSR 3600, H3C MSR 30, H3C MSR 2600, H3C MSR 20-2X[40], H3C MSR 20-1X, H3C MSR 930, H3C MSR 900, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C WX3000 Series Unified Switches, H3C LSWM1WCM10 Access Controller Module, H3C LSWM1WCM20 Access Controller Module, H3C LSQM1WCMB0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module, H3C LSBM1WCM2A0 Access Controller Module

Popular Brands
Popular manuals