User manual
Table Of Contents
- About This Manual
- 1 VLAN Configuration
- VLAN Overview
- Configuring VLAN
- Creating VLAN
- Creating a VLAN in VLAN Database
- Setting VLAN Name
- Setting VLAN Link Type on Ethernet Interface
- Adding VLAN Member Port
- Adding Ports to a VLAN in Batches
- Setting the Native VLAN for a Trunk or Hybrid Port
- Setting VLAN Filtering on a Port
- Setting Frame Filtering Type of a Port
- Creating VLAN Layer 3 Interface
- VLAN Configuration Example
- Configuring PVLAN
- Configuring QinQ
- Configuring Subnet VLAN
- Configuring Protocol VLAN
- Configuring VLAN Translation
- Configuring SuperVLAN
- VLAN Maintenance and Diagnosis
- 2 SVLAN Configuration
- 3 SVLAN COS Configuration
- 4 ZESR and SVLAN Linkage Networking Configuration
- 5 MAC Address Table Configuration
- Introduction to MAC Address
- Configuring MAC Address Table
- Setting MAC Address Aging Time
- Burning MAC Addresses
- Configuring MAC Address Permanent
- Binding MAC Address to a Port
- Enabling MAC Address Learning
- Limiting MAC Address Count
- Setting MAC Address Learning Protection
- Setting Port Unkown Source MAC Address Filtering
- Setting MAC Address Filtering
- Viewing MAC Address Table
- MAC Address Table Configuration Example
- 6 STP Configuration
- 7 Link Aggregation Configuration
- 8 IGMP Snooping Configuration
- 9 Sflow Configuration
- 10 ZESS Configuration
- 11 Ethernet OAM Configuration
- 12 UDLD Configuration
- 13 LLDP
- 14 L2PT Configuration
- Figures
- Tables
- Glossary
Chapter1VLANConguration
ItconnectstwodevicesthatcanidentifyVLANtagsandcar-
riesseveralVLAN’sservices.Ittransmitstaggedframesonly
toseveralVLANs.Themostcommontrunklinkistheonebe-
tweentwoVLANswitches.
3.HybridLink
Ittransmitsbothtaggedanduntaggedframes.Foragiven
VLAN,however ,itonlytransmitsframesofthesametype.
DefaultVLAN
ZXR105900/5200hasadefaultVLANinitially,whichhasthefol-
lowingfeatures:
�VLANIDas1
�VLANnameasVLAN0001
�Allportsincluded
�Untaggedbydefaultonallports
PVLAN
Toimprovenetworksecurity,messagesamongdifferentusersshall
beseparated.ThetraditionalmethodistoassignaVLANtoeach
user .Themethodhasobviouslimitation,whichcanbeseenfrom
thefollowingaspects:
1.Atpresent,IEEE802.1Qstandardsupportsutmost4094
VLANs,whichlimitsthenumberofusersandnetworkexpan-
sion.
2.EachVLANcorrespondstooneIPsubnet,sovastdividedsub-
netswillcausethewasteofIPaddresses.
3.PlanningandmanagementtoamassofVLANsandIPsubnets
isextremelycomplicated.
PVLAN(PrivateVLAN)technologyisdevelopedtosolvetheseprob-
lems.
PVLANdividestheportsinVLANintothreetypes:theportcon-
nectingtotheuseriscalledIsolatePort,theportconnectingtoa
groupofusersthatneedinterconnectionandintercommunication
iscalledCommunityPortandtheportconnectingtotheupstream
routeriscalledPromiscuousPort.Theisolatedportcommunicates
withthepromiscuousportonly,butnotwithanyotherisolated
portorcommunityport.Communityportcancommunicatewith
promiscuousportandanyothercommunityport,butnotwithiso-
latedport.ThusportsinthesameVLANareseparated.Theuser
whoconnectswithisolatedportcanonlycommunicatewithits
defaultgateway,theuserwhoconnectscommunityportcanin-
terconnectandintercommunicate.Networksecurityisensured.
ZXR105900/5200supports20PVLANgroups,eachgrouphaving
customizedisolatedportsandatmost256isolatedports,16com-
munityportsand8promiscuousports.
CondentialandProprietaryInformationofZTECORPORATION3