Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsC9010 Modular Chassis Switch
1131113211331134113511361137113811391140
Enabling Null VLAN as the Default VLAN
In a Carrier Ethernet for Metro Service environment, service providers who perform frequent reconfigurations
for customers with changing requirements occasionally enable multiple interfaces, each connected to a
different customer, before the interfaces are fully configured.
This presents a vulnerability because both interfaces are initially placed in the native VLAN, VLAN 1, and for
that period customers are able to access each other's networks. The system has a Null VLAN to eliminate this
vulnerability. When you enable the Null VLAN, all ports are placed into it by default, so even if you activate the
physical ports of multiple customers, no traffic is allowed to traverse the links until each port is place in
another VLAN.
To enable Null VLAN, use the following command.
Disable the default VLAN, so that all ports belong to the Null VLAN until configured as a member of
another VLAN.
CONFIGURATION mode
default-vlan disable
Default: the default VLAN is enabled (no default-vlan disable).
Assigning an IP Address to a VLAN
VLANs are a Layer 2 feature. For two physical interfaces on different VLANs to communicate, you must assign
an IP address to the VLANs to route traffic between the two interfaces.
The shutdown command in INTERFACE mode does not affect Layer 2 traffic on the interface; the shutdown
command only prevents Layer 3 traffic from traversing over the interface.
NOTE
: You cannot assign an IP address to the Default VLAN (VLAN 1). To assign another VLAN ID to the
Default VLAN, use the default vlan-id vlan-id command.
You can place VLANs and other logical interfaces in Layer 3 mode to receive and send routed traffic. For more
information, refer to Bulk Configuration.
To assign an IP address, use the following command.
Configure an IP address and mask on the interface.
INTERFACE mode
ip address ip-address mask [secondary]
ip-address mask — Enter an address in dotted-decimal format (A.B.C.D) and the mask must be in
slash format (/24).
secondary — This is the interface’s backup IP address. You can configure up to eight secondary IP
addresses.
Virtual LANs (VLANs) 1136