Configuring protocol-based vlans, Table 4-79, Protocol-based vlan commands – LevelOne FGL-2870 User Manual

VLAN Commands

4-321

4

Example

Configuring Protocol-based VLANs

The network devices required to support multiple protocols cannot be easily grouped
into a common VLAN. This may require non-standard devices to pass traffic
between different VLANs in order to encompass all the devices participating in a
specific protocol. This kind of configuration deprives users of the basic benefits of
VLANs, including security and easy accessibility.

To avoid these problems, you can configure this switch with protocol-based VLANs
that divide the physical network into logical VLAN groups for each required protocol.
When a frame is received at a port, its VLAN membership can then be determined
based on the protocol type in use by the inbound packets.

To configure protocol-based VLANs, follow these steps:

1.

First configure VLAN groups for the protocols you want to use (page 4-299).
Although not mandatory, we suggest configuring a separate VLAN for each
major protocol running on your network. Do not add port members at this time.

2.

Create a protocol group for each of the protocols you want to assign to a VLAN
using the protocol-vlan protocol-group add command.

3.

Then map the protocol group to the appropriate VLAN using the protocol-vlan
protocol-group vlan command.

Note:

Traffic which matches IP Protocol Ethernet Frames is mapped to the VLAN
(VLAN 1) that has been configured with the switch’s administrative IP. IP Protocol
Ethernet traffic must not be mapped to another VLAN or you will lose
administrative network connectivity to the switch. If lost in this manner, network
access can be regained by removing the offending Protocol VLAN rule via the
console. Alternately, the switch can be power-cycled, however all unsaved
configuration changes will be lost.

Console#show vlan private-vlan
Primary Secondary Type Interfaces
-------- ----------- ---------- ------------------------------
5 primary Eth1/ 3
5 6 community Eth1/ 4 Eth1/ 5
Console#

Table 4-79 Protocol-based VLAN Commands

Command

Function

Mode

Page

protocol-vlan protocol-group Create a protocol group, specifying the supported protocols GC

4-322

protocol-vlan protocol-group Maps a protocol group to a VLAN

GC

4-322

show protocol-vlan

protocol-group

Shows the configuration of protocol groups

PE

4-323

show protocol-vlan

protocol-group-vid

Shows the mapping of protocol groups to VLAN

PE

4-324