VLAN

This section describes how to configure VLANs.

VLAN (Virtual LAN) module logically segments the shared media LAN to form virtual workgroups. It fully utilizes the forwarding support available in the switch hardware. It redefines and optimizes the basic transparent bridging functionalities, such as learning, forwarding, filtering, flooding, etc.

VLAN operates in the following modes. They are:

Transparent bridging—allows the user to connect two similar network segments to each other at the data link layer in a manner transparent to end stations, so the end stations do not participate in the bridging algorithm.
VLAN aware bridging—allows the end stations at different LAN segments to be interconnected and to communicate with each other using VLANs. It provides the following optional capabilities that are not available for the transparent bridging mode of operation:
- High availability (HA)—a feature for enhancing the network resiliency by minimizing the network downtime by integrating failover systems. VLAN in active node synchronizes the database with standby node(s).
- Multiple instances—multiple switch instances can be created within a physical switch. Different instances are identified using context ID.
Provider bridging—supports IEEE 802.1ad standard.

To access VLAN Screens, click Layer 2 Management > VLAN.

VLAN Basic Settings

By default, the tab Basic Settings displays the VLAN Basic Settings screen.

Figure 1. VLAN Basic Settings

Screen Objective	This screen allows the user to configure, for all available virtual contexts, the VLAN details that are used globally in the switch for all ports available in the switch. It allows the user to set the parameters such as VLAN type, which are fundamental for the VLAN configuration in the switch.
Note: When all VLAN type-related fields subnet based on all ports, MAC-based on all ports, and port and protocol based on all ports are set as Enabled, the VLAN membership classification is done in the following order: MAC-based VLAN classification Subnet-based VLAN classification Port and protocol based VLAN classification
Navigation	Layer 2 Management > VLAN > Basic Settings
Fields	Select—click to select the context ID to configure the VLAN Basic settings for the virtual context. Context—displays the virtual context ID that uniquely represents a virtual switch created in the physical switch. This value ranges from 0 to 65535. The default value is 0. Learning Mode—select the type of VLAN learning mode to be applied for all ports. This mode defines the forwarding database modes of operation to be implemented by the switch. The default option is IVL (Independent VLAN Learning). The list contains: IVL—separate forwarding database is created for each VLAN. The information learnt from a VLAN is not shared among other relative VLANs during forwarding decisions. This mode is suitable in situations where the database size is not a constraint and end stations operate over multiple VLANs with the same MAC address. SVL—for Shared VLAN Learning (SVL), single forwarding database is created for all VLANs. The information learnt from a VLAN is shared among all other relative VLANs during forwarding decision. This mode is suitable in situations where the learning database size is a constraint. HYBRID—same forwarding database is created for some VLANs and separate forwarding database is used for some VLANs. The usage of same or separate forwarding database for the VLAN is decided based on the configuration done in the L2 Unicast Filter Configuration screen. Note: When the learning mode is changed: The static FID-VLAN mapping and static unicast entries should be reconfigured respectively in the screens port VLAN protocol settings and Static VLAN configuration, and Static unicast configurations associated with old FID (Filtering ID) will be deleted
Fields (cont)	Subnet Based On All Ports—select whether the classification of VLAN membership should be done based on subnet on all available ports. VLAN membership classification is done by matching the source IP address in the packet to a VLAN-ID using an administrator configured table if the subnet based VLAN classification is enabled. The default option is Disabled. The list contains: Enabled—enables the subnet based VLAN membership classification on all ports of the switch. Disabled—disables the subnet based VLAN membership classification on all ports of the switch MAC Based on All Ports—select whether the classification of VLAN membership should be done based on MAC on all available ports. VLAN membership classification is done based on the source MAC-address of the received frame if the MAC based VLAN classification is enabled. For this type, the VLAN membership should be assigned initially. The default option is Disabled. The list contains: Enabled—enables MAC-based VLAN membership classification on all ports of the switch. Disabled—disables MAC-based VLAN membership classification on all ports of the switch. Port and Protocol Based on All Ports—select whether the classification of VLAN membership should be done based on port and protocol on all available ports. VLAN membership classification is done for all untagged and priority-tagged frames based on the port-protocol group / higher layer protocol for the port if the port and protocol based VLAN classification is enabled. The default option is Enabled. The list contains: Enabled—enables Port and Protocol Based VLAN membership classification on all ports of the switch. Disabled—disables Port and Protocol Based VLAN membership classification on all ports of the switch. Default Vlan Hybrid Type—select the default VLAN Hybrid Type to be applied for all ports of the switch if learning mode is set to HYBRID. The default option is IVL. The list contains: IVL—separate forwarding database is created for each VLAN. The information learnt from a VLAN is not shared among other relative VLANs during forwarding decisions. This mode is suitable in situations where the database size is not a constraint and end stations operate over multiple VLANs with the same MAC address. SVL—single forwarding database is created for all VLANs. The information learnt from a VLAN is shared among all other relative VLANs during forwarding decision. This mode is suitable in situations where the learning database size is a constraint.
Fields (cont)	Note: Once the learning mode is changed: The static FID-VLAN mapping and static unicast entries should be reconfigured respectively in the screens Port VLAN Protocol Settings and Static VLAN Configuration. Static unicast configurations associated with old FID will be deleted. MAC-Address-Table Aging Time—enter the timeout period (in seconds) to age out the dynamically learned forwarding database entries. This timer is started once the switch identifies the MAC address. This value ranges from 10 to 1000000 seconds. The default value is 300. Unicast MAC Learning Limit—enter the maximum number of unicast MAC addresses that can be learned in the virtual context. This value ranges from 0 to 4294967295. The maximum number of unicast MAC addresses that can be learnt is 950. The maximum number of unicast MAC addresses that can be learnt is 950. Note: The upper limit value depends upon the underlying hardware.The unicast MAC learning limit cannot be configured greater than the default value.This value should be greater than the value set in the field MAC Limit for the VLAN and should not exceed the switch capability. Base Bridge Mode—select the base bridge-mode in which the switch should operate. The list contains: DOT_1D_BRIDGE_MODE—makes the switch to behave according to IEEE 802.1d implementation. DOT_1Q_VLAN_MODE—makes the switch to behave according to IEEE 802.1q implementation. Note: The base bridge mode can be set as DOT_1D_BRIDGE_MODE, only if the GARP, IGS, MLDS, PNAC LA, LLDP, RSTP and MSTP modules are shut down and logical interfaces are deleted. This configuration should be done in the following order: Shut down GARP. The Dynamic VLAN and Dynamic Multicast should be disabled in the Dynamic VLAN Global Configuration and Dynamic Multicast Global Configuration screens before shutting down GARP. Shut down IGMP snooping module using the field System Control in the IGMP Snooping Configuration screen. Go to Multicast > IGMP Snooping > Basic Settings. Shut down MSTP module using the field System Control in the Global Configuration screen. Go to Layer2 Management > MSTP > Basic Settings. Shut down RSTP module using the field System Control in the Global Configuration screen. Go to Layer2 Management > RSTP > Global Settings. Shut down PNAC module using the field System Control in the 802.1x Basic Settings screen. Go to Layer2 Management > 802.1x > Basic Settings. Shutdown Link Aggregation module using the field System Control in the Link Aggregation Basic Settings screen. Go to Layer2 Management > Link Aggregation > Basic Settings.
Fields (cont)	Base Bridge Mode (cont) Note: (cont) Shutdown LLDP module using the field Global Status in the LLDP Global Configurations screen under the path Layer2Management > LLDP > Global Setting. Shutdown MLDS module using the field System Control in the MLD Snooping Configuration screen. Go to Multicast > MLD Snooping > Basic Settings. The DOT_1D_BRIDGE_MODE operates over the physical interface alone, so all other VLAN / tunnel interfaces should be deleted. If the Web interface is connected through the Layer3 IP interface, then first create a router port and assign IP address for that router port to re-establish the Web connectivity through the newly created router port. The existing Layer 3 IP interfaces can then be deleted, and base bridge mode can be set as DOT_1D_BRIDGE_MODE Dynamic Vlan Oper Status—displays the operational status of the Dynamic VLAN GVRP module). GVRP uses the services of GARP to propagate VLAN registration information to other VLAN aware bridges in the LAN. This information allows GVRP aware devices to dynamically establish and update the information about the existence of the VLANs in the topology. The GVRP module registers the created VLANs with GARP and de-registers the deleted VLANs from the GARP. The default option is Enabled. The list contains: Enabled—denotes that the GVRP module is enabled in the switch. Disabled—denotes that the GVRP module is disabled in the switch. Dynamic Multicast Oper Status—displays the operational status of the GMRP module. GMRP uses the services of GARP to propagate multicast registration information to the bridges in the LAN. This information allows GMRP aware devices to reduce the transmission of multicast traffic to the LANs, which do not have any members of that multicast group. GMRP registers and de-registers the group membership information and group service requirement information with the GARP. The default option is Enabled. The list contains: Enabled—denotes that the GMRP module is enabled in the switch. Disabled—denotes that the GMRP module is disabled in the switch. Maximum VLAN ID—displays the largest valid VLAN / VFI ID accepted in the system. This value ranges from 1 to 65535. <vlan –id>—this is a unique value that represents the specific VLAN. This value ranges from 1 to 4094 <vfi-id>—VFI ID is a VLAN created in the system which contains Pseudo wires and Attachment Circuits as member ports. This creates a logical LAN for the VPLS service. This value ranges from 4096 to 65535.
Fields (cont)	Note: The VLAN ID 4095 is reserved and may be used to indicate a wildcard match for the VLAN ID in management operations or Filtering Database entries. VFI IDs 4096 and 4097 are reserved identifiers used in MPLS PW. The theoretical maximum for the maximum number of VFI is 65535 but the actual number of VFI supported is a sizing constant. Based on this, the maximum number of VFI ID accepted in the management interface is restricted. For example if 100 VFIs are supported, the maximum number of VFI supported will be restricted to maximum number of VLANs + 100. An error message is displayed for any value beyond this range. The VLAN ID cannot be configured greater than the value displayed in the field. Maximum Supported VLANs—displays the maximum number of VLANs the switch can support. Number of VLANs in the System—displays the total number of VLANs currently active in the device. By default, VLAN 1 is active in the system, and hence, this value is set as 1. User Defined TPID—enter the value for the user defined TPID configurable for an ingress port or for a VLAN egress Ethertype. The value ranges from 0 to 65535. The default value is 0. Note: A value 0 (ZERO) deletes the configured entry.
Buttons	Apply—modifies attributes for the selected entry and saves the changes. Configure VLAN Trace Options—accesses VLAN Traces screen.

VLAN Port Settings

Figure 2. VLAN Basic Settings

Screen Objective	This screen allows the user to configure VLAN details such as VLAN membership classification type for the physical ports available in the device. When all VLAN type related fields subnet based on all ports, MAC- based on all ports, and port and protocol based on all ports are set as enabled, the VLAN membership classification is done in the following order: MAC-based VLAN classification Subnet-based VLAN classification Port and protocol based VLAN classification
Note: This screen is different for BCM target, refer the BCM specific screens chapter for more details.
Navigation	Layer 2 Management > VLAN > Port Settings
Fields	Select—click to select the port for which the configuration needs to be done.
Fields	Port—displays the port, which is a combination of interface type and interface ID. The interface ID is a combination of slot number and the port number (slot number / port number) MAC Based VLAN—select whether the MAC-based VLAN membership classification is supported in the port. VLAN membership classification is done based on the source MAC address of the received packets if the MAC based VLAN classification is supported. By default, the MAC based VLAN classification is set similar to that of the MAC Based on All Ports. The list contains: Enabled—enables MAC-based VLAN classification in the port. Disabled—disables MAC-based VLAN classification in the port. Note: This field can be configured independently without depending on the VLAN type configuration done globally in the switch. That is, this field does not depend upon the value set in the field MAC-based on All Ports. Port and Protocol Based VLAN—select whether the port and protocol based VLAN membership classification is supported in the port. VLAN membership classification is done for all untagged and priority-tagged frames based on the port-protocol group / higher layer protocol for the port if the port and protocol based VLAN classification is supported. By default, the port and protocol based VLAN classification is set similar to that of the Port and Protocol Based on All Ports. The list contains: Enabled—enables port and protocol based-VLAN classification in the port. Disabled—disables port and protocol based-VLAN classification in port. Note: This field can be configured independently without depending on the VLAN type configuration done globally in the switch. So this field does not depend upon the value set in the field Port and Protocol Based on All Ports. Port Protected—select whether the port should be configured as protected. The default option is False. The list contains: true—sets the port as protected. the port will not forward frames received from another protected port on the same switch. false—does not configure the port as protected. the port operates as a normal port. Subnet Based VLAN—select whether the subnet based-VLAN membership classification is supported in the port. VLAN membership classification is done by matching the source IP address in the packet to a VLAN-ID using an administrator configured table if the subnet based-VLAN classification is supported. By default, the subnet based-VLAN classification is set similar to that of the subnet based on all ports. the list contains: Enabled—enables subnet based-VLAN classification in the port. Disabled—disables subnet based-VLAN classification in the port. Note: This field can be configured independently without depending on the VLAN type configuration done globally in the switch. That is, this field does not depend upon the value set in the field Subnet on All Ports.
Fields (cont)	PVID—displays the PVID (Port VLAN ID), which represents the VLAN ID assigned to untagged frames or priority-tagged frames received on the port. The PVID is used for port based VLAN type membership classification. The default VLAN ID (that is, 1) is set as the PVID. This value ranges from 1 to 4094. Acceptable Frame Types—select the type of VLAN dependent BPDU frames to be accepted by the port during the VLAN membership configuration. The default option is All. The list contains: All—accepts tagged, untagged, and priority tagged frames received on the port and subjects the frames to Ingress Filtering setting. Tagged—accepts only the tagged frames received on the port. It rejects untagged or priority tagged frames received on the port. UnTagged and Priority Tagged—accepts only the untagged or priority tagged frames andrejects tagged frames received on the port. Note: This field does not affect VLAN independent BPDU frames such as GVRP BPDU and STP BPDU. It affects only the VLAN dependent BPDU frames such as GMRP BPDU.The frame type is always set as UnTagged and Priority Tagged if the Bridge Port Type is set to CustomerNwPort. Ingress Filtering—select whether the filtering should be applied for the incoming frames received on the port. The default option is Disabled. The list contains: Enabled—accepts only the incoming frames of the VLANs that have this port in its member list. Disabled—accepts all incoming frames received on the port. Note: This field does not affect VLAN independent BPDU frames such as GVRP BPDU and STP BPDU. It affects only the VLAN dependent BPDU frames such as GMRP BPDU.The filtering is always set as Enabled if the Bridge Port Type is set as CustomerNwPortStagged.The ingress filtering cannot be disabled for port whose Switch Port Mode is set as host or promiscuous Ingress EtherType Prefix Hex values by 0x—enter the value for Ingress Ethertype. The value ranges from 1 to 65535. For the proprietary PNPs (Provider Network Ports), default value is 0x8100. For all other ports, default value is 0x88a8. Note: In Customer Bridge mode, this object indicates that the primary C-VLAN tag Ethertype used for the packets received on this port. Packets received on a port are considered tagged, when the packet Ethertype matches with the port Ethertype configured. Otherwise, they are considered untagged. By default, on all ports, 0x8100 will be configured as Ethertype. In Provider-Edge Bridge Mode, this object indicates the primary S-VLAN tag Ethertype used for the packets received on this port. Packets received on a port are considered tagged, when the packet Ethertype matches with the port Ethertype configured. Otherwise, they are considered untagged. By default, on all ports, 0x88a8 will be configured to be Ethertype. On Proprietary PNPs, 0x8100 is configured to be the ingress Ethertype.
Fields (cont)	Egress EtherType Prefix Hex values by 0x—enter the value for Egress EtherType. The value ranges from 1 to 65535. For CEPs (Customer Edge Ports) and proprietary PNPs, default value is 0x8100. For all other ports, default value is 0x88a8. Note: In Customer Bridge Mode, this object indicates the Ethertype of the C-VLAN tag that has to be applied for all outgoing packets on this port. If a valid value is in this object, all packets which are outgoing on this port will contain the Ethertype configured in this object. By default, 0x8100 will be used for packets transmitted with C-VLAN on the ports. Note: In Provider-Edge Bridge Mode, this object indicates the Ethertype of the S-VLAN tag that has to be applied for all outgoing packets on this port. If a valid value is in this object, all packets which are outgoing on this port will contain the Ethertype configured in this object. By default, 0x88a8 will be used for packets transmitted with S-VLAN on the ports. On Proprietary PNPs and Customer Edge Ports, 0x8100 is used as the Ethertype for outgoing packets. Egress TPID Type—select the egress TPID (Tag Protocol Identifier) type for the port. The default option is Portbased. The list contains: Portbased—specifies the egress TPID type for a port. If the value is Portbased, the egress TPID of the packet is selected from Egress Port Table. Vlanbased—specifies the egress TPID type for a port. When the value is Vlanbased, the Egress TPIDis selected from Egress VLAN Table. Allowable TPID1—enter the value for TPID1. This specifies the secondary Ethertype that is allowable for a port. The configurable value for this object is 0x8100 or 0x8808. This value ranges from 0 to 65535. The default value is 0. Note: When this value is set to zero, the secondary Ethertype configurations are deleted from Hardware.The TPID1 value should be configured as a value different from the default ingress Ethertype. If the ingress Ethertype is 0x8808, then TPID1 should be configured as 0x8100; and if the ingress Ethertype is 0x8100, TPID1 should be configured as 0x8808. Allowable TPID2—enter the value for TPID2. This specifies the secondary Ethertype that is allowable for a port. The configurable value for this object is 0x8100 or 0x8808. This value ranges from 0 to 65535. The default value is 0. Note: When this value is set to zero, the additional standard Ethertype configurations are deleted from Hardware. Allowable TPID3—enter the value for TPID3 to specify secondary Ethertype allowable for a port with configurable value of 0x8100 or 0x8808. This value ranges from 0 to 65535. The default value is 0. Note: When this value is set to zero, the additional standard Ethertype configurations are deleted from Hardware.
Buttons	Apply—modifies attributes for the selected entry and saves the changes.

Static VLAN Configuration

Figure 3. Static VLAN Configuration

Screen Objective	This screen allows the user to create / delete VLANs in the switch and statically configure details such as member port for the VLANs in the switch. These static configuration details are permanent and can be restored after the switch is reset. Note: The default VLAN entry, VLAN ID 1, cannot be deleted.
Navigation	Layer 2 Management > VLAN > Static VLANs
Fields	Select—click to select the vlan id for which the configuration needs to be modified or deleted. VLAN ID—enter the VLAN ID that uniquely identifies a specific VLAN. This value ranges from 1 to 4094. VLAN Name—enter an administratively assigned string, which is used to identify the VLAN. This value is a string of maximum size of 32. Member Ports—enter a port or a set of ports, which need to be part of the VLAN identified by the VLAN ID. Use comma as a separator between the ports while configuring a list of ports. This list includes both tagged and untagged members of the VLAN. Note: The format of this entry is <interface type><slot number/port number> for Gigabit Ethernet ports. For pseudowire and attachment circuit interfaces, the format is just the interface ID. There is no space needed between these two entries. For an example: Gi0/1,Gi0/2,pw1,ac1, where Gi is interface type Gigabit Ethernet, Pw is pseudowire interface, and AC is the attachment circuit interface. 0 is a slot number and 1 is a port number.
Fields (cont)	Untagged Ports—enter port or set of ports, which should transmit egress packets for the VLAN as untagged packets. Use comma as a separator between the ports while configuring a list of ports. Ports which are attached to VLAN-unaware devices should be configured as untagged-ports for a given VLAN. The untagged ports list should be a sub-set of the VLAN Member Ports. Note: The format of this entry is <interface type><slot number/port number> for Gigabit Ethernet ports. For pseudowire and attachment circuit interfaces, the format is just the interface ID. There is no space needed between these two entries. For an example: Gi0/1,Gi0/2,pw1,ac1, where Gi is interface type Gigabit Ethernet, Pw is pseudowire interface, and AC is the attachment circuit interface. 0 is a slot number and 1 is port number.The port can be configured to be an untagged port only if the Switch Port Mode of the port is not set as trunk.The ports configured as untagged ports should be a subset of Member Ports. Forbidden Ports—enter port or set of ports which should never receive packets from the VLAN mentioned in the VLAN ID. Use comma as a separator between the ports while configuring a list of ports. The ports configured in the Forbidden Ports list should be mutually exclusive to the Member Ports list field. Note: The format of this entry is <interface type><slot number/port number> for gigabitethernet ports. For pseudowire and attachment circuit interfaces, the format is just the interface ID. There is no space needed between these two entries. For an example: Gi0/1,Gi0/2,pw1,ac1, where Gi is interface type Gigabit Ethernet, Pw is pseudowire interface, and AC is the attachment circuit interface. 0 is a slot number and 1 is a port number. Vlan Egress Ethertype—enter the value for egress ether type of a packet. The value set for this object is applicable for a port present in this VLAN only when the value of VLAN PortEgressTPID type is set as Vlanbased for an egress port. The value ranges from 0 to 65535. The default value is 33024. VLAN ACTIVE—select this check-box to make the configured VLAN active.
Buttons	Add—adds and saves new configuration Reset—resets to default value for respective fields and discards all user inputs. Apply—modifies attributes for the selected entry and saves the changes. Delete—deletes the selected entry.

VLAN Protocol Group Settings

Figure 4. VLAN Protocol Group Settings

Screen Objective	This screen allows the user to create a protocol group with a specific protocol and encapsulation frame type combination. The created protocol group is used for protocol-VLAN based membership classification. The specified protocol is applied above the data-link layer in a protocol template, and the frame type is applied in the template.
Navigation	Layer 2 Management > VLAN > Protocol Group
Fields	Select—click to select the Frame Type for which the Group Identifier needs to be modified or deleted. Frame Type—select the data-link encapsulation format to be applied in a protocol template. The default option is Ethernet. The list contains: Ethernet—applies the standard IEEE 802.3 frame format. This format contains the following Preamble—7-byte value that allows the Ethernet card to synchronize with the beginning of a frame. SFD—1-byte value that indicates the start of a frame Destination—6-byte MAC address of the destination. Source—6-byte MAC address of the source or a broadcast. Length—2-byte value representing the number of bytes in the data Fields. Data—46 to 1500 bytes higher layer information containing protocol information or user data. FCS—4-byte value representing the cyclic redundancy check used by source and destination to verify a successful transmission.
Fields (cont)	Frame Type—(cont): SNAP—applies the sub network access protocol (SNAP) format. This format contains the same structure as LLC Format except the following additional Fields added before the data field OUI—3-byte value representing Organization Unique Identifier (OUI) assigned to vendors for differentiating protocols from different manufacturers. Type—2-byte value representing protocol type that defines a specific protocol in the SNAP. This maintains compatibility with Ethernet v2. SNAP802.1H—applies the sub-network access protocol format. This format contains the same structure as LLC Format except the following additional fields added before the data field 3-octet field having value 00:00:F8 signifying that next 2 octet field is the encoding of 802.3 type field in an IEEE 802.2/SNAP header. 2-octet type field—encoding of 802.3 type field in an IEEE 802.2/SNAP header. SNAP_OTHER—applies the sub-network access protocol format. This format contains the same structure as LLC Format except for an additional 5-octet SNAP protocol identifier (PID) added before the data field. The value of the PID is not in either of the ranges used for RFC_1042 (SNAP) or SNAP 802.1H. LLC_OTHER—applies the LLC format. This format contains the same structure as IEEE 802.3 frame except the following additional fields added before the data field. DSAP—1-byte value representing destination service access point for determining the protocol used for the upper layer. SSAP—1-byte value representing source service access point for determining the protocol used for the upper layer. Control—1-byte value that is used by certain protocols for administration. Note: The option SNAP_OTHER can be used, only if the Protocol Value is set as OTHER.
Fields (cont)	Protocol Value—select the protocol to be applied above the data-link layer in a protocol template. The default option is IP. The protocol identification is internally handled using octet string. The list contains: IP—sets the protocol as IP, which is used for communicating data across network using TCP/IP. The corresponding octet string is 08:00 NOVELL—sets the protocol as Novell Netware protocol suite, which is developed by Novell Inc. The corresponding octet string is ff:ff. NETBIOS—sets the protocol as NetBIOS over TCP/IP, which allows legacy application relying on the NetBIOS API to be used on modern TCP/IP networks. The corresponding octet string is f0:f0. Note: This option can be set only for the Frame Type set as LLC_OTHER. APPLETALK—sets the protocol as AppleTalk, which is a proprietary suite of protocols developed by Apple Inc. The corresponding octet string is 80:9b. OTHER—sets the protocol as some other protocol other than IP, NOVELL, NETBIOS, and APPLETALK. Note: The octet string for the respective protocol can be entered in the text box placed next to this field. This text box is greyed out and cannot be configured if an option other than OTHER is selected. This value is set as 16-bit (2 octet) IEEE 802.3 type field if the field Frame Type is set as Ethernet, SNAP, and SNAP802.1H.This value is set as 40-bit (5 octet) PID if the field Frame Type is set as SNAP_OTHER.This value is set as 2-octet IEEE 802.2 LSAP pair if the field Frame Type is set as LLC_OTHER. The first octet is used for DSAP and the second octet is used for SSA. Group Identifier—enter the group ID that represents a specific group of protocols that are associated together when assigning a VID to a frame. This value ranges from 0 to 2147483647.
Buttons	Add—adds and saves new configuration Reset—resets to default value for respective fields and discards all user inputs. Apply—modifies attributes for the selected entry and saves the changes. Delete—deletes the selected entry.

Port VLAN Protocol Settings

Figure 5. Port VLAN Protocol Settings

Screen Objective	This screen allows the user to configure the VLANID set for a particular port for Port and Protocol Based VLAN classification. Only existing group ID can be assigned for the port. A VLAN ID which is not yet configured can be assigned for a port. When the VLAN is configured, forwarding will take place according to the VID set for the particular port.
Navigation	Layer 2 Management > VLAN > Port Protocol
Fields	Select—click to select the Port for which the Group ID and VLAN ID mapping needs to be modified or deleted Port—select the port to which the VLAN ID and group ID should be mapped. This is a combination of interface type and interface ID. The interface ID is a combination of slot number and port number (slot number/port number). Group ID—enter the group ID that represents a specific group of protocols that are associated together when assigning a VID to a frame. This group ID is associated with the specific port. This value ranges from 0 to 2147483647. Note: The Group Id entered should have already been created using the Layer 2 Management > VLAN > VLAN Protocol Group Setting Screen VLAN ID—enter the VLAN ID that uniquely identifies a specific VLAN. This VLAN ID is associated with a specific group of protocols for the specific port. This value ranges from 1 to 4094. Status—displays the status of the respective row / entry. This list contains: Up—denotes the entry is created and operationally up. Down—denotes the entry is created but operationally down. Under Creation—denotes the entry is being created and not available for operation / usage.
Buttons	Add—adds and saves new configuration Reset—resets to default value for respective fields and discards all user inputs. Apply—modifies attributes for the selected entry and saves the changes. Delete—deletes the selected entry.

VLAN Port Mac Map

Figure 6. VLAN Port Mac Map

Screen Objective	This screen allows the user to map the VLAN and MAC address for MAC-based VLAN classification.
Navigation	Layer 2 Management > VLAN > Port MAC Map
Fields	Port No —enter the port to which MAC and VLAN should be mapped. This is a combination of interface type and interface ID. The interface ID is a combination of slot number and the port number. The format is <interface type><slot number/port number>. There is no space between these two entries. For an example: Gi0/1, where Gi is interface type Gigabit Ethernet interface, 0 is a slot number, and 1 is a port number. Port MAC Map Addr—enter the port to which MAC and VLAN should be mapped. This is a combination of interface type and interface ID. The interface ID is a combination of slot number and the port number. The format is <interface type><slot number/port number>. There is no space between these two entries. For an example: Gi0/1, where Gi is interface type Gigabit Ethernet interface, 0 is a slot number, and 1 is a port number. Port MAC Map Vid—enter the VLAN ID that uniquely identifies a specific VLAN to which the MAC address of the port should be mapped. This VLAN ID is associated with a group of protocols for the specific port and it ranges from 1 to 4094. Bcast Option—select whether the multicast / broadcast untagged frames should be allowed / discarded. The default option is Allow. The list contains:
Fields (cont)	Allow—drops all multicast / broadcast untagged frames that contain source MAC address belonging to the address configured in the field Port Mac-Map Addr if the MAC Based VLAN is enabled on the port. Discard—processes all multicast / broadcast untagged frames that contain source MAC address belonging to the address configured in the field Port Mac-Map Addr if the MAC Based VLAN is enabled on the port.
Buttons	Add—adds and saves new configuration Reset—resets to default value for respective fields and discards all user inputs. Apply—modifies attributes for the selected entry and saves the changes. Delete—deletes the selected entry.

FDB Flush

Figure 7. FDB Flush

Screen Objective	This screen allows the user to flush all dynamically generated MAC addresses.
Note: The output for FDB (File Data Buffer) flush cannot be verified in Web UI as viewing FDB is not implemented there. This can be seen only in CLI.
Navigation	Layer 2 Management > VLAN > FDB Flush
Fields	Context Id—enter the virtual context ID for which the MAC addresses need to be flushed. This represents uniquely a virtual switch created in the system. This value ranges from 0 to 65535. The default value is 0. Note: The user can create new virtual contexts from the Switch Creation screen (Context Manager—> Switch Creation) Interface Id—enter the interface ID for which the FDB entries need to be flushed. This is a combination of slot number and the port number. The format is <interface type> <slot number/port number>. There is no space between these two entries. VLAN iD—enter the VLAN ID for which the FDB entries need to be flushed. This value ranges from 1 to 4094.
Buttons	Flush—flushes the dynamically generated MAC addresses for a specified interface.