ECS4100 Series CLI Reference Guide-R07

ManualsBrandsEdgecore Networks ManualsEnterpriseL2+/L3 Lite Gigabit Ethernet Access Switch

591

592

593

594

595

596

597

598

599

600

Table Of Contents

Chapter 23

| VLAN Commands

Configuring Excluded VLANs

– 600 –

Configuring Excluded VLANs

Excluded VLANs provide port-based security and isolation between ports within an

assigned session. An Excluded VLAN session contains Uplink ports that can

communicate with all other ports in the session, and Downlink ports that can only

communicate with Uplink ports in the session. The Uplink ports are intended to

provide open access to an external network, such as the Internet, while the

Downlink ports provide restricted access to local users.

excluded-vlan This command configures an excluded VLAN session, including the VLAN ID, uplink

ports, and downlink ports. Use the no form of the command to remove an excluded

VLAN session.

Syntax

[no] excluded-vlan [session session-id] [vlan-id [vlan-mask]] {uplink interface-

list [downlink interface-list] | downlink interface-list}

session-id - Specifies the session ID. (Range: 1-4)

vlan-id - Specifies a VLAN ID. (Range: 1-4094)

vlan-mask - Specifies a binary bitmask that is applied to the VLAN ID to

define a range of VLANs. When a bit of the VLAN Mask is 1, the value of the

corresponding bit of the VLAN ID remains the same. When a bit of

configured VLAN Mask is 0, the value of the corresponding bit of the VLAN

ID is ignored. For example, a VLAN ID of 1 (000000000001) with a VLAN

Mask of 4092 (111111111100) defines a range of VLAN IDs of 1-3. A VLAN

Mask of 4095 (111111111111) defines a single VLAN ID. (Range: 0-4095)

interface-list -

ethernet unit/port-list

unit - Unit identifier. (Range: 1)

port-list - Physical port number or list of port numbers. Separate

nonconsecutive port numbers with a comma and no spaces; or use

a hyphen to designate a range of port numbers. (Range: 1-12/26/

28/52)

port-channel channel-id (Range: 1-16)

Default Setting

No sessions configured.

Table 118: Excluded VLAN Commands

Command Function Mode

excluded-vlan Configures an excluded VLAN session, including VLANs,

uplink and downlink ports

show excluded-vlan Displays the configured excluded VLANs PE