Config Vlan Ans Spanning Tree in 8300

Nortel Ethernet Routing Switch 8300
Conguration VLANs and Spanning Tree

Release: 4.2 Document Revision: 02.01
www.nortel.com
NN46200-516 .
Nortel Ethernet Routing Switch 8300 Release: 4.2 Publication: NN46200-516 Document release date: 30 March 2009 Copyright 2009 Nortel Networks All Rights Reserved.
LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. THE SOFTWARE DESCRIBED IN THIS DOCUMENT IS FURNISHED UNDER A LICENSE AGREEMENT AND MAY BE USED ONLY IN ACCORDANCE WITH THE TERMS OF THAT LICENSE. Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners.
Contents
Software license New in this release
Features 13 IP spoof detection 13 STP BPDU filtering 13 Other changes 14 Customer service 14
9 13
Introduction VLAN and spanning tree fundamentals

VLAN overview 17 Port-based VLANs 18 Policy-based VLANs 19 Independent VLAN Learning 22 VLAN tagging and port types 23 VLAN virtual router interfaces 25 VLAN implementation on the Ethernet Routing Switch 8300 VLAN configuration rules 26 VLAN feature support and scaling 27 Network Load Balancing Support 27 VLAN MAC-layer bridging and filtering 29 IP spoofing prevention within a VLAN 30 Spanning tree overview 30 Spanning Tree Protocol 30 RSTP and MSTP 36
15 17
25
VLAN configuration using Device Manager

Viewing defined VLANs using Device Manager 43 Port-based VLANs configuration using Device Manager 45 Creating a port-based VLAN using Device Manager 45 Configuring an IP address for a VLAN using Device Manager 47 Configuring port-based VLANs using Device Manager 48 Viewing IP spoof detection information using Device Manager 49 Job aid: Spoof detect dialog box fields 50
Nortel Ethernet Routing Switch 8300 Configuration VLANs and Spanning Tree NN46200-516 02.01 30 March 2009
Copyright 2009 Nortel Networks
43
4 Configuring policy-based VLANs using Device Manager 50 Creating a protocol-based VLAN using Device Manager 50 Creating user-defined, protocol-based VLANs using Device Manager 51 Configuring advanced VLAN operations using Device Manager 53 Configuring advanced VLAN features using Device Manager 53 Configuring VLAN forwarding filters using Device Manager 56 Changing VLAN port membership using Device Manager 57 Configuring MAC address autolearning on a VLAN using Device Manager 58 Modifying autolearned MAC addresses using Device Manager 59 Managing VLAN bridging using Device Manager 60 Configuring the forwarding database timeout using Device Manager 60 Viewing the forwarding database using Device Manager 61 Clearing learned MAC addresses by VLAN using Device Manager 62 Clearing learned MAC addresses for all VLANs by port using Device Manager 63 Configuring static forwarding using Device Manager 63 Configuring a MAC-layer bridge filter using Device Manager 65 Configuring Layer 2 multicast MAC filtering using Device Manager 66
VLAN configuration using the CLI

Job aid: Roadmap of VLAN CLI commands 69 VLAN configuration and management using the CLI 73 Creating a port-based VLAN using the CLI 74 Creating a protocol-based VLAN using the CLI 75 Assigning an IP address to a VLAN using the CLI 77 Deleting an IP address from a VLAN using the CLI 78 Viewing basic VLAN configuration using the CLI 78 Performing a general VLAN action using the CLI 79 Viewing general VLAN information using the CLI 80 Adding a multilink trunk to a VLAN using the CLI 80 Configuring VLAN forwarding database entries using the CLI 81 Configuring VLAN forwarding database filters using the CLI 82 Adding VLAN static forwarding database members using the CLI 83 Viewing VLAN forwarding database information using the CLI 84 Viewing forwarding database filters using the CLI 84 Adding ports to a VLAN using the CLI 85 Removing ports from a VLAN using the CLI 86 Configuring NLB using the CLI 86 Viewing VLAN port member status using the CLI 88 Configuring a VLAN name using the CLI 89 Deleting a VLAN using the CLI 89 Enabling VLAN tagging on a port using the CLI 90 Assigning untagged frames to the default VLAN using the CLI 90 Viewing advanced VLAN information using the CLI 91
69
5 IP spoof detection configuration using the CLI 91 Configuring static multicast MAC entries using the CLI 93 Viewing VLAN static MAC information using the CLI 95 Viewing VLAN manual edit MAC information using the CLI 95 Viewing VLAN autolearn information using the CLI 96 Viewing VLAN ARP information using the CLI 96 Viewing VLAN IGMP information using the CLI 97 Viewing VLAN static multicast information using the CLI 97 Viewing the PID range for a user-defined, protocol-based VLAN using the CLI 97
VLAN configuration using the NNCLI
99
Job aid: Roadmap of VLAN NNCLI commands 99 VLAN configuration and management using the NNCLI 102 Creating a port-based VLAN using the NNCLI 103 Creating a protocol-based VLAN using the NNCLI 104 Creating a user-defined, protocol-based VLAN using the NNCLI 106 Assigning an IP address to a VLAN using the NNCLI 107 Deleting an IP address from a VLAN using the CLI 108 Performing a general VLAN action using the NNCLI 108 Adding a multilink trunk to a VLAN using the NNCLI 109 Viewing general VLAN information using the NNCLI 110 Configuring VLAN forwarding database entries using the NNCLI 110 Deleting VLAN forwarding database entries using the NNCLI 111 Configuring VLAN forwarding database filters using the NNCLI 112 Deleting VLAN forwarding database filters using the NNCLI 113 Adding VLAN static forwarding database members using the NNCLI 114 Removing VLAN static forwarding database members using the NNCLI 114 Viewing VLAN forwarding database information using the NNCLI 115 Viewing VLAN forwarding database filters using the NNCLI 115 Adding ports to a VLAN using the NNCLI 116 Removing ports from a VLAN using the NNCLI 117 Configuring NLB using the NNCLI 118 Viewing VLAN port information using the NNCLI 120 Configuring a VLAN name using the NNCLI 121 Deleting a VLAN using the NNCLI 121 Configuring VLAN tagging using the NNCLI 122 Viewing specific VLAN information using the NNCLI 122 Viewing advanced VLAN information using the NNCLI 123 IP spoof detection configuration using the NNCLI 123 Configuring static multicast MAC entries using the NNCLI 126 Removing VLAN static multicast MAC entries using the NNCLI 128 Viewing VLAN static multicast information using the NNCLI 128 Viewing VLAN IP information using the NNCLI 129
6 Viewing Viewing Viewing Viewing Viewing VLAN static MAC information using the NNCLI 129 VLAN manual edit MAC information using the NNCLI 130 VLAN IGMP information using the NNCLI 130 VLAN autolearn information using the NNCLI 131 the PID range for a user-defined VLAN using the NNCLI 131
Spanning Tree configuration using Device Manager

Configuring the STP mode using Device Manager 133 Configuring STP BPDU Filtering using Device Manager 135 Configuring Spanning Tree Groups using Device Manager 136 Configuring STG global settings using Device Manager 136 Creating an STG using Device Manager 137 Editing an STG using Device Manager 139 Deleting an STG using Device Manager 140 Adding ports to an STG using Device Manager 141 Viewing STG status using Device Manager 141 Enabling or disabling STG on a port using Device Manager 143 Viewing STG ports using Device Manager 144 Configuring topology change detection using Device Manager 147 RSTP Configuration using Device Manager 148 Configuring global RSTP using Device Manager 148 Configuring port RSTP parameters using Device Manager 150 Viewing port RSTP status using Device Manager 153 MSTP configuration using Device Manager 154 Configuring global MSTP parameters using Device Manager 154 Configuring port CIST for MSTP using Device Manager 158 Configuring MSTI bridges for MSTP using Device Manager 161 Configuring MSTI ports for MSTP using Device Manager 162
133
Spanning Tree configuration using the CLI

Job aid 165 Configuring the STP mode using the CLI 169 STP BPDU Filtering configuration using the CLI 170 Configuring STP BPDU Filtering using the CLI 170 Viewing STP BPDU Filtering status using the CLI 171 STG configuration using the CLI 171 Configuring STG global settings using the CLI 172 Creating an STG using the CLI 173 Configuring STG parameters using the CLI 174 Viewing STG configuration using the CLI 177 Viewing STG status using the CLI 177 Configuring STG port parameters using the CLI 179 Viewing general port STG information using the CLI 181 Viewing extended port STG information using the CLI 183 Configuring topology change detection using the CLI 184
165
7 RSTP configuration using the CLI 184 Configuring RSTP using the CLI 185 Viewing global RSTP configuration using the CLI 186 Viewing global RSTP status using the CLI 186 Configuring Ethernet RSTP parameters using the CLI 187 Viewing port RSTP configuration using the CLI 188 Viewing port RSTP status using the CLI 188 Viewing port RSTP role using the CLI 189 MSTP configuration using the CLI 189 Configuring global MSTP parameters using the CLI 190 Configuring an MSTP region using the CLI 191 Viewing MSTP configuration using the CLI 191 Configuring MSTP CIST using the CLI 192 Configuring MSTP MSTI using the CLI 193 Viewing MSTP instance information using the CLI 193 Configuring Ethernet MSTP CIST using the CLI 194 Configuring Ethernet MSTP MSTI using the CLI 195 Viewing MSTP port information using the CLI 196 Viewing MSTP status using the CLI 197
Spanning Tree configuration using the NNCLI

Job aid 199 Configuring the STP mode using the NNCLI 202 Disabling STP mode using the NNCLI 203 STP BPDU Filtering configuration using the NNCLI 204 Enabling STP BPDU Filtering using the NNCLI 204 Disabling STP BPDU Filtering using the NNCLI 205 Configuring the STP BPDU Filtering port timer using the NNCLI 205 Configuring STP BPDU Filtering default values using the NNCLI 206 Viewing STP BPDU Filtering status using the NNCLI 207 STG configuration using the NNCLI 208 STG configuration using the NNCLI navigation 208 Configuring STG global settings using the NNCLI 209 Configuring STP using the NNCLI 209 Deleting an STG using the NNCLI 212 Viewing STG configuration using the NNCLI 212 Configuring STG port parameters using the NNCLI 214 Viewing port STG information using the NNCLI 216 RSTP configuration using the NNCLI 218 Configuring global RSTP using the NNCLI 218 Disabling group STP using the NNCLI 220 Viewing global RSTP configuration using the NNCLI 220 Viewing global RSTP status using the NNCLI 220 Configuring port RSTP parameters using the NNCLI 221
199
8 Disabling port RSTP using the NNCLI 222 Viewing port RSTP information using the NNCLI 223 MSTP configuration using the NNCLI 224 Configuring MSTP using the NNCLI 224 Viewing MSTP configuration using the NNCLI 225 Configuring MSTP MSTI using the NNCLI 226 Viewing MSPT MSTI configuration information using the NNCLI 226 Configuring Ethernet MSTP CIST using the NNCLI 227 Disabling Ethernet MSTP CIST force-port-state using the NNCLI 228 Configuring Ethernet MSTP MSTI using the NNCLI 229 Viewing MSTP port information using the NNCLI 230 Viewing MSTP status using the NNCLI 231
RSTP and MSTP CLI Configuration examples
233
Configuring RSTP using the CLI 233 Example of configuring RSTP using the CLI: Configuring ERS8300 B1 234 Example of configuring RSTP using the CLI: Configuring ERS8300 B2 235 Example of configuring RSTP using the CLI: configuring ERS1600 B3 236 Example of configuring RSTP using the CLI: configuring ERS1600 B4 236 Example of configuring RSTP using the CLI: configuring ES 470 B5 237 Example of configuring RSTP using the CLI: configuring ES470 B6 238 Configuring MSTP using the CLI 239 Example of Configuring MSTP: configuring ERS8300 B1 240 Example of Configuring MSTP: configuring ERS8300 B2 241 Example of Configuring MSTP: configuring ERS1600 B3 242 Example of Configuring MSTP: configuring ERS1600 B4 243 Example of Configuring MSTP: configuring ES 470 B5 244 Example of Configuring MSTP: configuring ES 470 B6 246
Customer service
Updated versions of documentation How to get help 249 Express Routing Codes 249 Additional information 250 249
249
Software license
This section contains the Nortel Networks software license.
Nortel Networks Inc. software license agreement

This Software License Agreement ("License Agreement") is between you, the end-user ("Customer") and Nortel Networks Corporation and its subsidiaries and affiliates ("Nortel Networks"). PLEASE READ THE FOLLOWING CAREFULLY. YOU MUST ACCEPT THESE LICENSE TERMS IN ORDER TO DOWNLOAD AND/OR USE THE SOFTWARE. USE OF THE SOFTWARE CONSTITUTES YOUR ACCEPTANCE OF THIS LICENSE AGREEMENT. If you do not accept these terms and conditions, return the Software, unused and in the original shipping container, within 30 days of purchase to obtain a credit for the full purchase price. "Software" is owned or licensed by Nortel Networks, its parent or one of its subsidiaries or affiliates, and is copyrighted and licensed, not sold. Software consists of machine-readable instructions, its components, data, audio-visual content (such as images, text, recordings or pictures) and related licensed materials including all whole or partial copies. Nortel Networks grants you a license to use the Software only in the country where you acquired the Software. You obtain no rights other than those granted to you under this License Agreement. You are responsible for the selection of the Software and for the installation of, use of, and results obtained from the Software. 1. Licensed Use of Software. Nortel Networks grants Customer a nonexclusive license to use a copy of the Software on only one machine at any one time or to the extent of the activation or authorized usage level, whichever is applicable. To the extent Software is furnished for use with designated hardware or Customer furnished equipment ("CFE"), Customer is granted a nonexclusive license to use Software only on such hardware or CFE, as applicable. Software contains trade secrets and Customer agrees to treat Software as confidential information using the same care and discretion Customer uses with its own similar information that it does not wish to disclose, publish or disseminate. Customer will ensure that anyone who uses the Software does so only in compliance with the terms
10 Software license
of this Agreement. Customer shall not a) use, copy, modify, transfer or distribute the Software except as expressly authorized; b) reverse assemble, reverse compile, reverse engineer or otherwise translate the Software; c) create derivative works or modifications unless expressly authorized; or d) sublicense, rent or lease the Software. Licensors of intellectual property to Nortel Networks are beneficiaries of this provision. Upon termination or breach of the license by Customer or in the event designated hardware or CFE is no longer in use, Customer will promptly return the Software to Nortel Networks or certify its destruction. Nortel Networks may audit by remote polling or other reasonable means to determine Customers Software activation or usage levels. If suppliers of third party software included in Software require Nortel Networks to include additional or different terms, Customer agrees to abide by such terms provided by Nortel Networks with respect to such third party software. 2. Warranty. Except as may be otherwise expressly agreed to in writing between Nortel Networks and Customer, Software is provided "AS IS" without any warranties (conditions) of any kind. NORTEL NETWORKS DISCLAIMS ALL WARRANTIES (CONDITIONS) FOR THE SOFTWARE, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE AND ANY WARRANTY OF NON-INFRINGEMENT. Nortel Networks is not obligated to provide support of any kind for the Software. Some jurisdictions do not allow exclusion of implied warranties, and, in such event, the above exclusions may not apply. 3. Limitation of Remedies. IN NO EVENT SHALL NORTEL NETWORKS OR ITS AGENTS OR SUPPLIERS BE LIABLE FOR ANY OF THE FOLLOWING: a) DAMAGES BASED ON ANY THIRD PARTY CLAIM; b) LOSS OF, OR DAMAGE TO, CUSTOMERS RECORDS, FILES OR DATA; OR c) DIRECT, INDIRECT, SPECIAL, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES (INCLUDING LOST PROFITS OR SAVINGS), WHETHER IN CONTRACT, TORT OR OTHERWISE (INCLUDING NEGLIGENCE) ARISING OUT OF YOUR USE OF THE SOFTWARE, EVEN IF NORTEL NETWORKS, ITS AGENTS OR SUPPLIERS HAVE BEEN ADVISED OF THEIR POSSIBILITY. The forgoing limitations of remedies also apply to any developer and/or supplier of the Software. Such developer and/or supplier is an intended beneficiary of this Section. Some jurisdictions do not allow these limitations or exclusions and, in such event, they may not apply. 4. General shall apply: All Nortel Networks Software available under this License Agreement is commercial computer software and commercial computer
1. If Customer is the United States Government, the following paragraph
Nortel Networks Inc. software license agreement
11
software documentation and, in the event Software is licensed for or on behalf of the United States Government, the respective rights to the software and software documentation are governed by Nortel Networks standard commercial license in accordance with U.S. Federal Regulations at 48 C.F.R. Sections 12.212 (for non-DoD entities) and 48 C.F.R. 227.7202 (for DoD entities).
2. Customer may terminate the license at any time. Nortel Networks

may terminate the license if Customer fails to comply with the terms and conditions of this license. In either event, upon termination, Customer must either return the Software to Nortel Networks or certify its destruction.
3. Customer is responsible for payment of any taxes, including personal

property taxes, resulting from Customers use of the Software. Customer agrees to comply with all applicable laws including all applicable export and import laws and regulations.
4. Neither party may bring an action, regardless of form, more than two
years after the cause of the action arose.
5. The terms and conditions of this License Agreement form the complete
and exclusive agreement between Customer and Nortel Networks.
6. This License Agreement is governed by the laws of the country in

which Customer acquires the Software. If the Software is acquired in the United States, then this License Agreement is governed by the laws of the state of New York.
12 Software license
13
New in this release

The following sections detail whats new in Nortel Ethernet Routing Switch 8300 Configuration VLANs and Spanning Tree (NN46205-516) for Release 4.2:
Features
Features (page 13) Other changes (page 14)
See the following sections for information about feature changes:
IP spoof detection
IP spoof detection is a new feature for Release 4.2. With IP spoof detection, you can block the external use of the switch IP address. For more information see:
IP spoofing prevention within a VLAN (page 30) Configuring port-based VLANs using Device Manager (page 48) Viewing IP spoof detection information using Device Manager (page 49) IP spoof detection configuration using the CLI (page 91) IP spoof detection configuration using the NNCLI (page 123)
STP BPDU ltering

Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) filtering is a new feature for Release 4.2. With STP BPDU filtering, a network administrator can prevent unknown devices from influencing an existing spanning tree topology and from flooding the network with BPDUs. For more information see:
Spanning Tree BPDU Filtering (page 34) Configuring STP BPDU Filtering using Device Manager (page 135)
14 New in this release
Other changes
STP BPDU Filtering configuration using the CLI (page 170) STP BPDU Filtering configuration using the NNCLI (page 204)
For information about changes that are not feature-related, see the following section:
Customer service (page 14)
Customer service
Customer service chapter is added to this document. This chapter describes the complete range of services and support that Nortel provides to customers. For more information about Nortel support, see Customer service (page 249).
15
Introduction
The Nortel Ethernet Routing Switch 8300 is a flexible and multifunctional switch that supports a diverse range of network architectures and protocols. This guide contains conceptual and procedural information to support the administration of the Ethernet Routing Switch 8300. For more information about the available user interfaces and how to use edit commands and special terminal characters, see Nortel Ethernet Routing Switch 8300 User Interface Fundamentals (NN46200-103)
Navigation
VLAN and spanning tree fundamentals (page 17) VLAN configuration using Device Manager (page 43) VLAN configuration using the CLI (page 69) VLAN configuration using the NNCLI (page 99) Spanning Tree configuration using Device Manager (page 133) Spanning Tree configuration using the CLI (page 165) Spanning Tree configuration using the NNCLI (page 199) RSTP and MSTP CLI Configuration examples (page 233)
16 Introduction
17
VLAN and spanning tree fundamentals

This chapter describes virtual local area network (VLAN) and spanning tree concepts and features supported on the Ethernet Routing Switch 8300.
Navigation VLAN overview

A virtual local area network (VLAN) is a switched network logically segmented by functions, project teams, or applications without regard to the physical location of users. Use a VLAN to divide the LAN into smaller groups without interfering with the physical network. With VLAN practical applications, you can perform the following tasks: VLAN overview (page 17) Spanning tree overview (page 30)
create VLANs, workgroups, or common interest groups create VLANs, workgroups, or workgroups for specific types of network traffic add, move, or delete members from workgroups without making physical changes to the network
By dividing the network into separate VLANs, you can create separate broadcast domains. This arrangement conserves bandwidth, especially in networks that support broadcast and multicast applications that flood the network with traffic. A VLAN workgroup can include members from several dispersed physical segments on the network, which improves traffic flow between them. The Ethernet Routing Switch 8300 performs the Layer 2 switching functions necessary to transmit information within VLANs and the Layer 3 routing functions necessary for VLANs to communicate with one another. You can define a VLAN for a single switch or it can span multiple switches.
18 VLAN and spanning tree fundamentals
A VLAN consists of a group of ports that define a logical broadcast domain. These ports can belong to a single VLAN or they can be spread across multiple VLANs. In a VLAN-aware switch, every frame received on a port is classified as belonging to only one VLAN. When a broadcast, multicast, or unknown destination frame requires flooding by a VLAN-aware switch, the system sends the frame through only the other active ports that belong to the same VLAN. The default switch configuration groups all ports into the port-based default VLAN 1. You cannot delete this VLAN from the system, and it is statically bound to the default Spanning Tree Group (STG). The Ethernet Routing Switch 8300 supports port-based VLANs and policy-based VLANs.
VLAN overview navigation
Port-based VLANs (page 18) Policy-based VLANs (page 19) Independent VLAN Learning (page 22) VLAN tagging and port types (page 23) VLAN virtual router interfaces (page 25) VLAN implementation on the Ethernet Routing Switch 8300 (page 25) VLAN configuration rules (page 26) VLAN feature support and scaling (page 27) Network Load Balancing Support (page 27) VLAN MAC-layer bridging and filtering (page 29) IP spoofing prevention within a VLAN (page 30)
Port-based VLANs
Port-based VLAN consist of ports explicitly configured as members of the VLAN. When you create a port-based VLAN, you assign a VLAN identification number (VID) and specify which ports belong to the VLAN. Use the VID to coordinate VLANs across multiple switches. The default switch configuration groups all ports into the port-based default VLAN 1. You cannot delete this VLAN from the system, and it is statically bound to the default STG.
VLAN overview
19
The example in the following figure shows two port-based VLANs: one for the marketing department and one for the sales department. Ports are assigned to each port-based VLAN. A change in the sales area requires the sales representative at port 3/1 (the first port in the I/O module in chassis slot 3) to move to the marketing department. You can perform the move without physically moving cables. With a port-based VLAN, you can indicate in Device Manager or the CLI that port 3/1 in the sales VLAN now belongs to the marketing VLAN.
Figure 1 Port-based VLAN
A port can belong to one port-based VLAN and many policy-based VLANs.
Policy-based VLANs
A policy-based VLAN consists of ports that the system dynamically adds to the VLAN on the basis of the traffic that comes into the port. The Ethernet Routing Switch 8300 supports a total of 500 unique policy-based VLANS. However, some restrictions exist on the number of policy-based VLAN types.
Policy-based VLANs navigation
Port membership types (page 20) Protocol-based VLANs (page 20) User-defined, protocol-based VLANs (page 22)
Port membership types

In a policy-based VLAN, you can designate a port to always or never be a member of the VLAN that describes the port membership types. The traffic that comes into the port determines the port membership in a VLAN. Nortel recommends that you designate some ports as always a member of the VLAN. If a server or router connects to a port, designate that port as always a member of a VLAN. The following table describes port membership types for policy-based VLANs.
Table 1 Port membership types for policy-based VLANs Membership type Static (Always a member) Description Static members remain active members of the VLAN when configured as belonging to that VLAN. Use this membership type in policy-based and port-based VLANs.

Not allowed to join (Never a member)
In policy-based VLANs, the tagged ports are usually configured as static members. In port-based VLANs, all ports are always static members.
Ports of this type are cannot join the VLAN.
Protocol-based VLANs
Use protocol-based VLANs to segment your network into broadcast domains according to the network protocols in use. You can automatically confine traffic generated by a network protocolIPX and Appletalk to its own VLAN. All ports within a protocol-based VLAN must belong to the same port-based VLAN. However, the same port within a port-based VLAN can belong to multiple protocol-based VLANs. Port tagging is not required for a port to belong to multiple protocol-based VLANs. The Ethernet Routing Switch 8300 supports the following protocol-based VLANs:
IP version 4 (protocol-ipEther2) Novell IPX on Ethernet 802.3 frames (protocol-ipx802.3) Novell IPX on IEEE 802.2 frames (protocol-ipx802.2) Novell IPX on Ethernet SNAP frames (protocol-ipxSnap)
VLAN overview
21
Novell IPX on Ethernet Type 2 frames (ipxEther2) AppleTalk on Ethernet Type 2 and Ethernet SNAP frames (protocol-ApltkEther2Snap) DEC LAT Protocol (protocol-decEther2) Other DEC protocols (protocol-decOtherEther2) IBM SNA on IEEE 802.2 frames (protocol-sna802.2) IBM SNA on Ethernet Type 2 frames (protocol-snaEther2) NetBIOS Protocol (protocol-Netbios) Xerox XNS (protocol-xnsEther2) Banyan VINES (protocol-vinesEther2) IP version 6 (protocol-ipv6Ether2) Reverse Address Resolution Protocol (protocol-RarpEther2) User-defined protocols (protocol-Userdef)
Example: IPX protocol-based VLAN You can create a VLAN for the IPX protocol and place ports that carry substantial IPX traffic into this new VLAN. In the following figure, the network manager placed ports 7/1, 3/1, and 3/2 in an IPX VLAN. These ports still belong to their respective marketing and sales VLANs, but they are also new members of the IPX VLAN. This arrangement localizes traffic and ensures that only three ports flood with IPX broadcast packets.
Figure 2 Dynamic protocol-based VLAN
User-defined, protocol-based VLANs

You can create user-defined, protocol-based VLANs to support networks with nonstandard protocols. For user-defined, protocol-based VLANs, you can specify the Protocol Identifier (PID) for the VLAN. Frames that match the specified PID for the following items are assigned to that user-defined VLAN:
the ethertype for Ethernet type 2 frames the PID in Ethernet Sub-Network Access Protocol (SNAP) frames the Destination Service Access Point (DSAP) or Source Service Access Point (SSAP) value in Ethernet 802.2 frames
The following table lists the predefined policy PIDs, which you cannot use as user-defined PIDs.
Table 2 PIDs not available for user-defined, protocol-based VLANs PID (hex) 04xx, xx04 F0xx, xxF0 0000-05DC 0600, 0807 0BAD 4242 0800 0806 8035 809B, 80F3 8100 8137, 8138 80D5 86DD 8808 9000 Description sna802dot2 netBIOS Overlaps with 802.3 frame length xns VINES IEEE 802.1D BPDUs IP ARP RARP AppleTalk Reserved by IEEE 802.1Q for tagged frames ipxEthernet2 and ipxSnap snaEthernet2 ipv6 IEEE 802.3x pause frames Used by diagnostic loopback frames
Independent VLAN Learning

You can use the independent VLAN learning (IVL) mode to learn MAC addresses in the context of the VLAN to which they belong. In the Ethernet Routing Switch 8300, each VLAN contains an independent, forwarding database. Different VLANs can learn the same MAC address and, based
VLAN overview
23
on the VLAN that receives traffic for this address, the switch can forward to this MAC address without confusion. Before a switch can look up the source or destination MAC address in a received frame, or before it can decide whether to bridge or route a frame, it must determine which VLAN the frame belongs to.
VLAN tagging and port types

The Ethernet Routing Switch 8300 supports the IEEE 802.1Q specification for tagging frames and coordinating VLANs across multiple switches. Figure 3 "VLAN tag insertion" (page 23) shows the additional 4-octet (tag) header inserted into a frame after the source address and before the frame type. The tag contains the VLAN ID associated with the frame.
Figure 3 VLAN tag insertion
VLAN tagging and port types navigation
802.1Q tagged ports (page 23) Treatment of tagged and untagged frames (page 24)
802.1Q tagged ports

Tagging a frame adds four octets, making the frame bigger than the traditional maximum frame size. These frames are sometimes called baby giant frames. If a device does not support IEEE 802.1Q tagging, it can experience problems interpreting tagged frames and receiving baby giant frames. On the Ethernet Routing Switch 8300, your port level configuration determines whether the system sends or receives tagged frames. Configured tagging as true or false for the port, which applies to all VLANs on that port.
After you enable tagging on a nontagged port, you lose the previous configuration of VLANs, STGs, and Multilink Trunking (MLT) for the port. The port resets and runs Spanning Tree Protocol, which breaks connectivity while the protocol goes through the normal listening and learning states before the forwarding state. An Ethernet Routing Switch 8300 port with tagging enabled sends frames explicitly tagged with a VLAN ID. Use tagged ports to multiplex traffic that belongs to multiple VLANs to other IEEE-802.1Q-compliant devices. If you disable tagging on a port, it does not send tagged frames. A nontagged port connects the Ethernet Routing Switch 8300 to devices that do not support IEEE 802.1Q tagging. If a tagged frame forwards out a port on which tagging is configured as false, the switch removes the tag from the frame before it sends it out the port.
Treatment of tagged and untagged frames

An Ethernet Routing Switch 8300 associates a frame with a VLAN based on the data content of the frame and the configuration of the ingress port. Whether the frame is tagged or untagged dictates how that frame is treated. If a tagged port receives a tagged frame with a VLAN ID specified in the tag, the Ethernet Routing Switch 8300 directs it to that VLAN if the VLAN is present. If that VLAN is not configured on the ingress port the frame is dropped. For tagged frames received on an untagged port, you can configure that port to either discard the frame or accept it. Discarding tagged frames on an untagged port does not apply to the port-based VLANs. If you choose not to discard tagged frames, the Ethernet Routing Switch 8300 sends the frame to the default VLAN assigned to the ingress port. For untagged frames, content of the frame itself implies VLAN membership. For untagged frames received on a tagged port, you can configure the port to either discard or accept the frame. If you configure a tagged port to accept untagged frames, the port must be assigned to the default port-based VLAN in spanning tree group 1 (STG1). On the Ethernet Routing Switch 8300 you can configure tagged ports to send untagged frames on the default VLAN of the port. MLT ports do not support this feature and it becomes disabled when you add a port to an MLT. You cannot apply VLAN port tagging on access ports. Ports are disabled by default.
VLAN overview
25
Where the system forwards the frame is based on the VLAN that receives the frame and the forwarding options available for that VLAN. The Ethernet Routing Switch 8300 tries to associate untagged frames received on untagged ports with a VLAN in the following order:
1. Does the frame belong to a protocol-based VLAN? 2. What is the port-based VLAN of the receiving port?
If the frame meets none of the preceding criteria, the switch discards the frame. A nontagged port can belong to multiple VLANs of the same type, but cannot belong to the same Spanning Tree Group (STG).
VLAN virtual router interfaces

Virtual router interfaces correspond to routing on a virtual port associated with a VLAN. This type of routing routes IP traffic to and from a VLAN. Because a port can belong to multiple VLANs (configured for routing on the switch or not), no one-to-one correspondence exists between the physical port and the router interface. For VLAN routing, the router interface for the VLAN is called a virtual router interface because the IP address is assigned to an interface on the routing entity in the switch. This initial interface has a one-to-one correspondence with a VLAN on a switch.
VLAN implementation on the Ethernet Routing Switch 8300

This section describes how to implement VLANs on an Ethernet Routing Switch 8300.
VLAN implementation on the Ethernet Routing Switch 8300 navigation
Default VLAN (page 25) Unassigned VLAN (page 25)
Default VLAN
Ethernet Routing Switch 8300 devices arrive factory-configured with all ports in a port-based default VLAN and default Spanning Tree Group (STG) 1. With all ports in this default VLAN, the switch behaves as a Layer 2 switch. The default VLAN always includes a VLAN ID of 1 and is port-based. You cannot delete the default VLAN.
Unassigned VLAN
The unassigned port-based VLAN acts as a placeholder for ports removed from other port-based VLANs. Ports can belong to policy-based VLANs and to the unassigned VLAN. If a frame does not meet policy criteria and no underlying port-based VLAN exists, the port belongs to the unassigned
VLAN and the system drops the frame. Only ports in the unassigned VLAN have no STG association, so they do not participate in Spanning Tree Protocol negotiation; that is, ports in the unassigned VLAN do not send out Bridge Protocol Data Units (BPDU). You cannot delete or view the unassigned VLAN. If you delete an STG, the ports move to the unassigned VLAN, and you can later assign them to another STG. Moving the ports to the unassigned VLAN avoids creating unwanted loops and duplicate connections. If you disable routing in these ports, the ports are completely isolated and no Layer 2 or Layer 3 functionality is provided. You can use the unassigned VLAN for security concerns or when you use a port to monitor a mirrored port.
VLAN conguration rules

The following VLAN rules exist for the Ethernet Routing Switch 8300.
In addition to the default VLAN, the Ethernet Routing Switch 8300 supports 4000 VLANs. VLAN IDs range in value from 1 to 4000. If you enable tagging on a port in a VLAN, you lose the STG configuration for that port. To preserve VLAN assignment of ports, enable tagging on the ports before you assign the ports to VLANs. A tagged port can belong to multiple VLANs and multiple STGs. When a tagged port belongs to multiple spanning tree groups, the BPDUs are tagged for all spanning tree groups except for STG 1. The default is STG 1. An untagged port can belong to only one port-based VLAN. A port in a port-based VLAN can belong to other policy-based VLANs. An untagged port can belong to only one policy-based VLAN for a protocol. For example, a port can belong to only one policy-based VLAN where the policy is IPX802dot2 protocol. A VLAN cannot span multiple spanning tree groups; that is, one STG must contain all the ports in the VLAN. STG IDs can range in value from 1 to 64. The following order of precedence determines the VLAN membership of a frame:
VLAN ID in the VLAN tag of the frame protocol-based VLAN port-based VLAN
VLAN overview
27
VLAN feature support and scaling

The following table summarizes features supported on the Ethernet Routing Switch 8300 modules.
ATTENTION
This table changes frequently. For more information about the latest scalability information, see the release notes that came with your switch. Table 3 VLAN support in the Ethernet Routing Switch 8300 Feature Number of VLANs Port-based VLANs Policy-based VLANs 4096 Supported
Protocol-based Source MAC-based
Supported Not supported Supported Supported Not supported Supported
IEEE 802.1Q tagging IP routing and VLANs IPX routing IPX VLANs Special VLANs
Default VLAN Unassigned VLAN Brouter ports
Supported Supported Not supported
Network Load Balancing Support

Network Load Balancing (NLB) support is a clustering technology that Microsoft includes in the Windows 2000 Advanced Server and Datacenter Server operating systems. NLB increases the scalability and availability of TCP- and IP-based services such as Web, Terminal Services, Virtual Private Networking, and streaming media servers. To scale the performance of a server-based program, NLB distributes client requests among multiple servers within a cluster of hosts. Figure 4 "Two-host cluster" (page 28) shows an example of a cluster of hosts. With NLB, all hosts receive each incoming IP packet, but only the intended recipients accept the packet. The cluster hosts can respond concurrently to requests from different clients or to multiple requests from the same client.
28 VLAN and spanning tree fundamentals Figure 4 Two-host cluster
Network Load Balancing Support modes of operation

NLB supports three modes of operation:
unicast mode of operation multicast mode of operation Internet Group Management Protocol (IGMP) multicast mode of operation
Unicast mode of operation In unicast mode, NLB replaces the MAC address of the network adapter with a virtual cluster MAC address. By masking the cluster MAC address, NLB creates a bogus MAC address on each host adapter. Therefore, all NLB host adapters in a cluster share a common cluster MAC address, and all the hosts in the cluster receive all the frames forwarded to the cluster MAC address. After you enable NLB, the bogus MAC address appears in the Ethernet frame header, and the Ethernet Routing Switch 8300 learns this bogus address rather than the cluster MAC address. This process ensures that the Ethernet switch does not learn the cluster MAC addresses on multiple ports.
VLAN overview
29
After a client or switch sends an ARP request for the MAC address of the virtual IP address of the cluster, the ARP response from the cluster hosts contains the virtual cluster MAC address in the payload rather than the bogus MAC addresses. Multicast mode of operation In this mode, NLB assigns a multicast MAC address to all hosts in the cluster but retains the built-in address of the network adapter. This mode does not need a bogus MAC address. After you enable NLB, the adapter MAC address appears in the Ethernet frame header. The Ethernet switch learns this adapter MAC address rather than the cluster MAC address. This process ensures that the Ethernet switch does not learn the cluster MAC addresses on multiple ports. NLB uses the multicast MAC address for client-to-cluster traffic and the adapter MAC address for network traffic specific to the host computer. After a client or switch sends an ARP request for the MAC address of the virtual IP address of the cluster, the ARP response from the cluster hosts contains the cluster MAC virtual Multicast address in the payload rather than the hardware MAC addresses. IGMP multicast mode of operation In this mode, NLB assigns an IP multicast MAC address to all hosts in the cluster but retains the built-in address of the network adapter. This mode does not need a false MAC address. NLB supports multicast flood suppression by implementing IGMP. The cluster hosts send the join message for a predefined group, and the multicast MAC is the virtual MAC address of the cluster hosts. After a client or switch sends an ARP request for the MAC address of the virtual IP address of the cluster, the ARP response from the cluster hosts contains the cluster MAC virtual multicast address in the payload rather than the hardware MAC addresses.
VLAN MAC-layer bridging and ltering

To perform MAC-layer bridging, the switch must know the destination MAC-layer address of each device on each attached network, so it can forward packets to the appropriate destination. The bridging table stores MAC-layer addresses, and you can filter packet traffic based on the destination MAC-layer address information.
The Ethernet Routing Switch 8300 supports Bridge MIB filtering (RFC 1493) with a limit of 100 MAC filters. Create a filter entry by entering a MAC address and the port it resides on (similar to a static MAC entry). In the MAC filter record, you also specify the ports, for which to discard source or destination packets for the MAC address on a port.
IP spoong prevention within a VLAN

You can prevent VLAN logical IP spoofing by blocking the external use of the switch IP address. You can configure IP spoof detection on a port by port basis. This configuration detects a duplicate IP address (that is, an address that is the same as the VLAN IP address) and blocks all packets with a source or destination MAC address equal to the VLAN IP address. If an ARP packet is received that has the same source IP address as the logical VLAN IP address, the hardware discards all traffic coming to a port of the switch in that VLAN (with this MAC address as source or destination address). After detecting a duplicate IP address, the switch sends a gratuitous ARP packet to inform devices on the VLAN about the correct MAC address for that IP address. You can specify a time on a configurable global timer after which the MAC discard record is deleted, and the switch resumes accepting packets from that MAC address. This covers virtual and physical IP addresses such as those associated with VRRP. IP spoof prevention can detect spoofing of VRRP virtual IP addresses as well as physical IP addresses assigned to a VLAN. If you use Split MultiLink Trunking (SMLT), configure this option on both SMLT aggregation switches to avoid connectivity issues. For more information about configuring IP spoof detection, see Configuring port-based VLANs using Device Manager (page 48), Viewing IP spoof detection information using Device Manager (page 49), IP spoof detection configuration using the CLI (page 91), or IP spoof detection configuration using the NNCLI (page 123).
Spanning tree overview

The Ethernet Routing Switch 8300 can use one of three spanning tree protocols, including Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP).
Spanning Tree Protocol

The IEEE Std 802.1D standard defines the operation of the Spanning Tree Protocol (STP). STP detects and eliminates logical loops in a bridged or switched network. When multiple paths exist, the spanning tree algorithm configures the network, so that a bridge or switch uses only the most efficient path. If that path fails, the protocol automatically reconfigures
31
the network to make another path become active and sustain network operations. You can control path redundancy for VLANs by implementing the STP. A network can include multiple instances of STP. The collection of ports in one spanning tree instance is called a spanning tree group (STG).
ATTENTION
If you disable the Spanning Tree Protocol, it can reduce Central Processing Unit (CPU) overhead slightly. However, unless you use the switch in a simple network with little possibility of loops, Nortel recommends that you leave the Spanning Tree Protocol enabled.
Spanning Tree Protocol navigation
Spanning Tree Groups (page 31) Spanning Tree Protocol controls (page 32) Spanning Tree Group modes (page 33) Spanning tree FastStart (page 33) STGs and VLANs (page 34) Spanning Tree Protocol topology change detection (page 34)
Spanning Tree Groups

Each Spanning Tree Group (STG) consists of a collection of ports that belong to the same instance of the STP. These STP instances are completely independent from each other. For example, they each send their own BPDUs and have their own timers. With the Ethernet Routing Switch 8300, you can include multiple spanning tree groups (STG) within the same switch. The routing switch can participate in the negotiation for multiple spanning trees. The following figure shows multiple spanning tree groups.
32 VLAN and spanning tree fundamentals Figure 5 Multiple STGs
Spanning Tree Protocol controls

Both the ports associated with a VLAN and VLANs themselves must be contained within a single STG to prevents problems with spanning tree blockage of ports and loss of connectivity within the VLAN. Each untagged port can belong to only one STG, while tagged ports can belong to more than one STG. When a tagged port belongs to more than one STG, the system tags the spanning tree BPDUs to distinguish those of one STG from those of another STG. The system does not tag the BPDUs from STG 1. The tagged BPDUs transmit using a multicast MAC address as tagged frames with a VLAN ID. Because tagged BPDUs are not part of the IEEE 802.1D standard, not all devices can interpret tagged BPDUs. You can enable or disable the Spanning Tree Protocol at the port or STG level. If you disable the protocol at the group level, received BPDUs are handled like a MAC-level multicast and flooded out the other ports of the STG, and an STG can contain one or more VLANs. Remember that MAC broadcasts are flooded out on all ports of a VLAN; a BPDU is a MAC-level message, but the BPDU is flooded out all ports on the STG, which can encompass many VLANs.
33
When you globally enable STP on the STG, BPDU handling depends on the STP setting of the port.
When you enable STP on the port, it processes received BPDUs in accordance with STP. When you disable STP on the port, the port stays in a forwarding state and drops and does not process received BPDUs.
Spanning Tree Group modes

The Ethernet Routing Switch 8300 supports a Cisco compatible Spanning Tree Group (STG) mode. By default, the Nortel STG (NTSTG) is enabled, and all BPDUs sent on every MLT link. To use the Cisco compatible spanning tree mode, disable NTSTG, and the system sends BPDUs on only one link of the aggregation group.
Spanning tree FastStart

When enabled on a port with no other bridges, Spanning Tree FastStart starts the port quickly following switch initialization or a spanning tree change. The port goes through the normal blocking and learning states before the forwarding state, but the bridge hello timer (2 seconds by default) determines the hold time for these states instead of the bridge forward delay timer (15 seconds by default). If you enable FastStart on a port that uses the defaults of 2 seconds for Hello time and 15 seconds for Forward Delay time, it goes into the forwarding state in 4 seconds instead of the usual 30 seconds. If the port sees a BPDU, it reverts to regular behavior. Instead of disabling Spanning Tree protocol on a port, Nortel recommends that you enable FastStart on the port as an alternative. FastStart is intended for access ports where only one device connects to the switch (for example, workstations with no other spanning tree devices) and it prevents the 30 to 35 second wait period for spanning tree initialization and bridge learning.
ATTENTION
Use Spanning Tree FastStart with caution. This feature does not adhere to the specifications in the IEEE 802.1D standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when you enable the port through configuration.
STGs and VLANs

A VLAN can include all the ports in a STG, and an STG can include multiple VLANS, but a VLAN never includes more ports than exist in the STG. Nortel recommends that you plan the STGs, and then create the VLANs. In the Ethernet Routing Switch 8300 default configuration, a single STG encompasses all the ports in the switch. For most applications, this configuration is sufficient. The default STG is assigned ID 1 (STG1). If a VLAN spans multiple switches, it must belong to the same STG across all switches.
Spanning Tree Protocol topology change detection

With change detection, you can detect topology changes and send a topology change notification (TCN) to the root on an individual port basis. Change detection is enabled by default. When and a topology change occurs, change detection sends a trap that contains the following information, so you can identify the device:
the MAC address of the STG sending the TCN the port number the STG ID
You can disable change detection on ports connected to a single end station where powering that end station on and off can trigger the TCN. The IEEE STD 802.1D standard references change detection. Topology change detection configuration rules change detection settings When you work with
You can configure change detection on access ports only. This also applies to link aggregation ports. If you disable change detection and change the port from access to tagging-enabled, the switch automatically configures change detection to enabled for the port. This also applies to link aggregation ports. In a link aggregation group with access ports, modifications to change detection for a member port automatically apply to the remaining member ports.
Spanning Tree BPDU Filtering

The Ethernet Routing Switch 8300 supports Bridge Protocol Data Unit (BPDU) Filtering for a Spanning Tree Group (STPG), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP).
35
The Spanning Tree Protocol detects and eliminates logical loops in a bridged or switched network. A bridge that participates in the spanning tree exchanges information with other bridges using BPDUs. Based on the BPDU information exchange, the bridge with the lowest bridge ID becomes the root. This process is called the root selection process. When you add a new bridge to the spanning tree or remove an existing bridge from the spanning tree, the root selection process repeats and a new root is selected. With BPDU Filtering, the network administrator can achieve the following:
Block an unwanted root selection process when an edge device (for example, a laptop running Linux and enabled with STP) is added to the network. This prevents unknown devices from influencing an existing spanning tree topology. Block the flooding of BPDUs from an unknown device.
ATTENTION
The STP BPDU Filtering feature is not supported on Multi-Link Trunk (MLT) ports. If BPDU-Filter feature is enabled on some ports, and then those ports are added to MLT, the following error message appears: Error: MLT add ports fail.
When a port has BPDU Filtering enabled and the port receives an STP BPDU, the following actions take place:
The port is immediately put in the operational disabled state. A trap is generated and the following log message is written to the log: Ethernet <x> is shut down by BPDU Filter The port timer starts. The port stays in the operational disabled state until the port timer expires.
If you disable the timer or reset the switch before the timer expires, the port remains in the disabled state. If you disable BPDU Filtering while the timer is running, the timer stops and the port remains in the disabled state. You must then manually enable the port to return it to the normal mode.
ATTENTION
You can enable the port manually by using the following command in CLI: config ether <port> state enable
You can enable and disable the BPDU Filtering feature on a port to port basis. The BPDU Filtering timer is user configurable for each port and has a valid range of 10 to 65535 seconds. The port timer is disabled if you configure the timer for 0 seconds. For more information about configuring BPDU Filtering, see Configuring STP BPDU Filtering using Device Manager (page 135), Configuring STP BPDU Filtering using the CLI (page 170), or STP BPDU Filtering configuration using the NNCLI (page 204).
RSTP and MSTP

Rapid Spanning Tree Protocol (RSTP) is an Institute of Electrical and Electronics Engineers (IEEE ) 802.1w standard feature that provides faster recovery time than STP after a failure in a LAN with logical loops. The RSTP is an extension of STP and maintains a backward compatibility with the IEEE 802.1d standard implementation of STP. In certain configurations, the recovery time of RSTP can be reduced to less than 1 second. Multiple Spanning Tree Protocol (MSTP) provides the functionality of RSTP with enhanced network control and load balancing. With MSTP, you can configure multiple instances of RSTP on the same switch. Each RSTP instance can include one or more VLANs. The operation of MSTP is similar to the current Nortel proprietary MSTP. The MSTP is an extension of RSTP. By using RSTP and MSTP in addition to the current proprietary STP implementation, the Ethernet Routing Switch 8300 can achieve the following:
reduce convergence time after a topology change (from 30 seconds to less than 1 or 2 seconds) eliminate unnecessary flushing of the MAC database and the flooding of traffic to the network create backward compatibility with classic 802.1d switches create support for 64 instances of spanning tree in MSTP mode
RSTP and MSTP navigation
RSTP interoperability with STP (page 37) Differences in port roles for STP and RSTP (page 37) Port roles: root forwarding role (page 38) Port roles: designated forwarding role (page 38) Port roles: alternate blocking role (page 39)
37
Port roles: backup blocking role (page 39) Edge port (page 39) Path cost values (page 39) RSTP negotiation process (page 40)
RSTP interoperability with STP

RSTP provides backward compatibility with standard STP. You can configure a port in either STP-compatible mode or RSTP mode:
An STP-compatible port transmits and receives only STP BPDUs. Any RSTP BPDU that the port receives in this mode is discarded. An RSTP port transmits and receives only RSTP BPDUs. If an RSTP port receives a STP BPDU, it becomes an STP port. User intervention is required to change this port back to RSTP mode. This process is called Port Protocol Migration.
Differences in port roles for STP and RSTP

RSTP is an enhanced version of STP. These two protocols have almost the same set of parameters. The following table lists the differences in port roles for STP and RSTP. STP supports two port roles, while RSTP supports four port roles
Table 4 STP and RSTP port role differences Port role Root STP Yes RSTP Yes Description This port receives a better BPDU than its own and has the best path to reach the Root. The root port is in Forwarding state. The root port and designated ports can be in the Discarding state before they go to root forwarding. This port has the best BPDU on the segment. The designated port is in the Forwarding state.
Designated
Yes
Yes
Port role Alternate
STP No
RSTP Yes
Description This port receives a better BPDU than its own BPDU, and a Root port exists within the same switch. The alternate port is in the Discarding state. This port receives a better BPDU than its own BPDU, and this BPDU is from another port within the same switch. The backup port is in the Discarding state.
Backup
No
Yes
Port roles: root forwarding role

MSTP and RSTP root forwarding roles are as follows:
The port that receives the best path BPDU on a switch is the root port, and is referred to as a Root Forwarding (RF) port. The root port is the closest to the root bridge in terms of path cost. The spanning tree algorithm elects a single root bridge in a bridged network each spanning tree instance. The root bridge is the only bridge in a network that does not have root ports; all ports on a root bridge are Designated Forwarding (DF). Only be one path towards a root bridge can exist on a segment; otherwise, loops can occur.
Port roles: designated forwarding role

MSTP and RSTP designated forwarding roles are as follows:
All bridges connected on a segment monitor the BPDUs all the BPDUs of the other bridges. The bridge that sends the best BPDU is, by mutual agreement, the root bridge for the segment. The corresponding port on the bridge is referred to as a Designated Forwarding Port.
39
Port roles: alternate blocking role

MSTP and RSTP alternate blocking roles are as follows:
A blocked port is defined as a port not designated by a root port. An alternate blocked port is a port that is blocked because it received better path cost BPDUs from another bridge.
Port roles: backup blocking role

MSTP and RSTP backup blocking roles are as follows:
A blocked port is defined as a port not designated by a root port. A backup blocked port is a port that is blocked because it received better path cost BPDUs from another port within the same switch.
Edge port
RSTP uses a new parameter called the edge port. When a port connects to a nonswitch device, such as a PC or a workstation, it must be configured as an edge port. An active edge port enters the forwarding state without delay. An edge port becomes a nonedge port if it receives a BPDU.
Path cost values

RSTP and MSTP recommend new path cost values that support a wide range of link speeds. The following table lists the recommended path cost values.
Table 5 Recommended path cost values Link Speed Less than or equal to 100 Kb/s 1 Mb/s 10 Mb/s 100 Mb/s 1 Gb/s 10 Gb/s 100 Gb/s 1 Tb/s 10 Tb/s Recommended Value 200 000 000 20 000 000 2 000 000 200 000 20 000 2000 200 20 2
RSTP negotiation process

This section describes the negotiation process between switches that takes place before PCs can exchange data, based on the following figure.
Figure 6 RSTP negotiation process
After turn on, all ports assume the role of designated ports. All ports are in the discarding state except edge ports. Edge ports go directly into the forwarding state without delay. Switch A port 1 and switch B port 1 exchange BPDUs. Switch A knows that it is the root and that switch A port 1 is the designated port. Switch B learns that switch A has higher priority. Switch B port 1 becomes the root port. Both switch A port 1 and switch B port 1 are still in the discarding state. Switch A starts the negotiation process by sending a BPDU with the proposal bit set. Switch B receives the proposal BPDU and sets its nonedge ports to discarding state. This operation occurs during the synchronization process. Switch B sends a BPDU to switch A with the agreement bit set.
41
Switch A sets port 1 to the forwarding state, and switch B sets port 1 to the forwarding state. PC 1 and PC 2 can now communicate. The negotiation process now moves on to switch B port 3 and its partner port. PC 3 cannot exchange data with either PC 1 or PC 2 until the negotiation process between switch B and switch C is complete. The RSTP convergence time depends on how quickly the switch can exchange BPDUs during the negotiation process, and on the number of switches in the network.
43
VLAN conguration using Device Manager

This chapter describes how to configure and manage a virtual local area network (VLAN) on an Ethernet Routing Switch 8300 using the Device Manager. For more information about statistics, see Nortel Ethernet Routing Switch 8300 Performance Management (NN46200-705) .
Navigation
Viewing defined VLANs using Device Manager (page 43) Port-based VLANs configuration using Device Manager (page 45) Viewing IP spoof detection information using Device Manager (page 49) Configuring policy-based VLANs using Device Manager (page 50) Configuring advanced VLAN operations using Device Manager (page 53) Managing VLAN bridging using Device Manager (page 60)
Viewing dened VLANs using Device Manager

View a list of all defined VLANs with their configurations and current status by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager main menu, choose VLAN, VLANs - GRT (vrf 0).
44 VLAN configuration using Device Manager
The VLAN dialog box appears with the Basic tab selected displaying information about all defined VLANs.
--End--
Variable denitions
Use the data in the following table to view a list of all defined VLANs.
Variable Id Name IfIndex Color Identifier Value Identifies the VLAN ID. Values range from 1 to 4000. Identifies the VLAN name. The logical interface index assigned to the VLAN. A proprietary color scheme used to associate a color with the VLAN. Color does not affect how frame forwarding. The type of VLAN:
Type

StgId VrfId VrfName PortMembers ActiveMembers StaticMembers NotAllowToJoin ProtocolId
byPort byIpSubnet byProtocoId
The ID of the STG, to which the VLAN belongs. Specifies the Vrf identifier. Identifies the Vrf name. The slot and port of each possible VLAN member. The slot and port of each activeVLAN member. The slot and port of each static (always) member of a protocol-based VLAN. The slot and port that cannot become a member of the protocol-based VLAN. The network protocol for protocol-based VLANs. This value originates from the Assigned Numbers RFC.
None (port-based VLAN) ip (IP version 4) ipx802dot3 (Novell IPX on Ethernet 802.3 frames) ipx802dot2 (Novell IPX on IEEE 802.2 frames) ipxSnap (Novell IPX on Ethernet SNAP frames) ipxEthernet2 (Novell IPX on Ethernet Type 2 frames)
Port-based VLANs configuration using Device Manager
45
Variable
Value

SubnetAddr SubnetMask
appleTalk (AppleTalk on Ethernet Type 2 and Ethernet SNAP frames) decLat (DEC LAT protocol) decOther (Other DEC protocols) sna802dot2 (IBM SNA on IEEE 802.2 frames) snaEthernet2 (IBM SNA on Ethernet Type 2 frames) netBIOS (NetBIOS protocol) xns (Xerox XNS) vines (Banyan VINES) ipv6 (IP version 6) usrDefined (user-defined protocol) RARP (Reverse Address Resolution Protocol)
The source IP subnet address (IP subnet-based VLANs only). The source IP subnet mask (IP subnet-based VLANs only).
For information about changing VLAN port membership, see Changing VLAN port membership using Device Manager (page 57).
Port-based VLANs conguration using Device Manager

This section describes how to configure port-based VLANs to create and configure ports.
Port-based VLANs conguration using Device Manager navigation
Creating a port-based VLAN using Device Manager (page 45) Configuring an IP address for a VLAN using Device Manager (page 47) Configuring port-based VLANs using Device Manager (page 48)
Creating a port-based VLAN using Device Manager

Create a port-based VLAN to specify ports as exclusive members of the VLAN by performing this procedure.
Prerequisites
When you create a VLAN, follow the rules described in VLAN configuration rules (page 26).
Procedure steps
Step 1 2 3 4 5 6 7 8 9
Action From the Device Manager menu bar, select VLAN, VLANs GRT (vrf 0) . Click Insert. The VLAN, Insert Basic dialog box appears. In the Id box, enter an unused VLAN ID or use the ID provided. In the Name box, type the VLAN name or use the name provided. In the Color Identifier list select a color or use the color provided. In the StgId box, type or select a STG ID for the VLAN. Select the byPort option button in the Type box. Click the ellipsis (...) in the PortMembers box. The VlanPortMembers dialog box appears. Click the ports to add to the VLAN. You cannot add a dimmed port to the VLAN (for example, you cannot select ports that do not belong to the same STG as the new VLAN).
10
ClickOk. The VlanPortMembers dialog box closes, and the port members appear in the VLAN, Insert Basic dialog box.
11
Click Insert. The VLAN, Insert Basic dialog box closes and the VLAN appears in the VLAN - GRT dialog box.
12
Click Close.
--End--
Variable definitions
Use the data in this table to help you create a port-based VLAN.
Port-based VLANs configuration using Device Manager
47
Variable Id
Value A value that uniquely identifies the VLAN associated with this entry. Values range from 1 to 4000. An assigned name for this VLAN. This field is optional. An assigned color code for this VLAN. The value of this object is used by the VLAN Manager graphical user interface (GUI) tool. This field is optional. The STG identifier assigned to this VLAN. The type of VLAN, distinguished according to the policy used to define its port membership. The set of ports that are members of the VLAN.
Name Color Identifier
StgId Type
PortMembers
For information about creating a protocol-based VLAN, see Creating a protocol-based VLAN using Device Manager (page 50). For information about creating user-defined, protocol-based VLANs, see Creating user-defined, protocol-based VLANs using Device Manager (page 51).
Conguring an IP address for a VLAN using Device Manager

Configure an IP address for a VLAN to add the VLAN to a network by performing this procedure. Prerequisites
When you create a VLAN, follow the rules described in VLAN configuration rules (page 26).
Procedure steps
Step 1
Action On the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0) . The VLAN dialog box appears with the Basic tab selected. Select the desired VLAN. Click IP. The IP, VLAN dialog box appears for the VLAN.
2 3
4 5 6
Click Insert. The IP, VLAN, Insert IP Address dialog box appears. Enter an IP address and netmask for routing. Click Insert. The Insert IP Address dialog box closes and the IP address and netmask appear in the IP, VLAN dialog box.
Close all dialog boxes..

--End--
Conguring port-based VLANs using Device Manager

Configure port-based VLANs to enable or disable VLAN features for a port or multiple ports by performing this procedure.
Procedure steps
Step 1 2
Action On the Device Manager main window, select a port or multiple ports. From the Device Manager menu bar, choose Edit, Port. The Port dialog box for a port or multiple ports appears with the Interface tab selected. The tab label varies, depending on the module that you selected.
3 4
Click the VLAN tab. The VLAN dialog box appears. Configure the port-based VLAN or VLANs as required. To configure a port-based VLAN in the multiple port dialog box, double-click an editable box for a port parameter, and choose an option.
Click Apply.
--End--
Use the data in the following table to configure port-based VLANs.
Viewing IP spoof detection information using Device Manager
49
Variable Index PerformTagging
Value Displays an index of selected ports. This field only appears when multiple ports are selected.
Select to enable tagging to tag all frames sent from this port. Clear to disable tagging to not send frames from this port. The switch removes the tag before sending the frame from the port.
When you enable tagging on an untagged port, you lose the previous configuration of VLANs and STGs for the port. The port resets and runs the Spanning Tree Protocol, which breaks connectivity while the protocol goes through the normal blocking and learning states before the forwarding state. VlanNames DiscardUntaggedFrames UntagPortDefaultVlan Identifies the name of the VLAN assigned to this port. Select to discard untagged frames on a port with tagging enabled. Select to designate a default VLAN to associate with untagged frames.
ATTENTION
You must enable tagging on the port before you configure UntagPortDefaultVlan. DefaultVlanId SpoofDetect Enter a VLAN ID to designate a default VLAN to associate with discarded frames. Enables or disables IP spoofing prevention for the port.
Viewing IP spoof detection information using Device Manager

View IP spoof detection information to display information about spoofed IP addresses and MAC addresses associated to ports and VLANs by performing this procedure.
Procedure steps
Step 1 Action From the Device Manager menu bar, choose IP , IP - GRT (vrf 0).
Click the Spoof Detect tab.

--End--
Job aid: Spoof detect dialog box elds

The following table describes the Spoof detect dialog box fields.
Table 6 Job aid: Spoof detect dialog box fields Field Index SpoofedIpAddress SpoofedMacAddress Port Description Displays an index of switch ports. Identifies the spoofed switch VLAN IP address. Identifies the spoofed switch VLAN source and destination MAC address. Identifies the port member number associated with the spoofed switch VLAN. Identifies the spoofed switch VLAN. Values range from 1 to 4000.
VlanId
Conguring policy-based VLANs using Device Manager

A policy-based VLAN consists of ports that the system adds dynamically based on traffic that comes into the port.
Conguring policy-based VLANs navigation
Creating a protocol-based VLAN using Device Manager (page 50) Creating user-defined, protocol-based VLANs using Device Manager (page 51)
Creating a protocol-based VLAN using Device Manager

Create a protocol-based VLAN to segment a network into broadcast domains according to the network protocol in use by performing this procedure.
Procedure steps
Step 1
Action On the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0) . The VLAN dialog box appears with the Basic tab selected.
Configuring policy-based VLANs using Device Manager
51
2 3 4 5
Click Insert. The VLAN, Insert Basic dialog box appears. Type the unique VLAN ID in the Id box, or use the ID provided. (Optional) Type the VLAN name in the Name box, or use the name provided. (Optional) Select a color from the Color Identifier list, or use the color provided. The VLAN Manager uses this color to visually distinguish the VLANs in a network.
Select the byProtocolId option button in the Type section. The dialog box activates the boxes required to set up protocol-based VLANs.
7 8
Click the ellipsis (...) in the PortMembers box. The VlanPortMembers dialog box appears. Select the ports to add to the VLAN. You cannot add a dimmed port to the VLAN (for example, you cannot select ports that do not belong to the same STG as the new VLAN).
Click Ok. The VlanPortMembers dialog box closes, and the port members appear in the VLAN, Insert Basic dialog box. When you create a protocol-based VLAN, all ports in the underlying STG the system automatically adds as members, unless they already belong to an existing protocol-based VLAN of the same type.
10 11 12
Select a protocol ID option button in the ProtocolId section. Click a level option button (0 to 7) in the QosLevel section. Click Insert. The VLAN, Insert Basic dialog box closes, and the protocol-based VLAN appears in the Basic tab of the VLAN dialog box.
--End--
Creating user-dened, protocol-based VLANs using Device Manager

Create user-defined, protocol-based VLANs so the switch can support networks with nonstandard protocols by performing this procedure.
52 VLAN configuration using Device Manager Procedure steps
Step 1
Action On the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears with the Basic tab selected. Click Insert. The VLAN, Insert Basic dialog box appears. Select the byProtocolId option button in the Type section. Click the ellipsis (...)in the PortMembers box. The VlanPortMembers dialog box appears. Select the ports to add to the VLAN. You cannot add a dimmed port to the VLAN (for example, you cannot select ports that do not belong to the same STG as the new VLAN).
2 3 4 5
Click Ok. The VlanPortMembers dialog box closes, and the port members appear in the VLAN, Insert Basic dialog box.
7 8
Select the usrDefined option button in the ProtocolIdsection. The UserDefinedPidList box becomes editable. Enter the protocol ID (PID) for the protocol in a four-digit hexadecimal range or list format in the UserDefinedPidList box. You can specify up to a maximum of eight PIDs for a user-defined VLAN. You can specify the PIDs as a range separated by dashes (-), individual PIDs separated by commas (,), or a combination. For example, you can specify 9001-9004; or 9001, 9002, 9003, 9004; or 9001, 9003-9009.
9 10 11
Select an encapsulation option button in the Encap section. Select a level option button (07) in the QosLevel section. Click Insert. The VLAN, Insert Basic dialog box closes, and the protocol-based VLAN appears in the Basic tab of the VLAN dialog box.
12 13
Click Apply. Click Close.

--End--
Configuring advanced VLAN operations using Device Manager
53
Conguring advanced VLAN operations using Device Manager

This section describes how to configure advanced VLAN operations, such as changing VLAN port membership and autolearning.
ATTENTION
After you create a VLAN, you cannot change the VLAN type. You must delete the VLAN, and then create a new VLAN of a different type.
Conguring advanced VLAN operations using Device Manager navigation
Configuring advanced VLAN features using Device Manager (page 53) Configuring VLAN forwarding filters using Device Manager (page 56) Changing VLAN port membership using Device Manager (page 57) Configuring MAC address autolearning on a VLAN using Device Manager (page 58) Modifying autolearned MAC addresses using Device Manager (page 59)
Conguring advanced VLAN features using Device Manager

Configure advanced VLAN features to assist when troubleshooting VLAN operation problems by performing this procedure.
Procedure steps
Step 1
Action On the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears with the Basic tab selected. Click the Advanced tab. The Advanced tab appears. Configure advanced features by double-clicking the box of the items you want to modify. You cannot modify items in dimmed boxes.
--End--
2 3
Use the data in the following table to configure advanced VLAN features.
Field Id Name IfIndex Type
Description The VLAN ID. Values range from 1 to 4000. The VLAN name. The logical interface index assigned to the VLAN. Type of VLAN:

ProtocolId
byPort byIpSubnet byProtocolId
The network protocol for protocol-based VLANs. This value originates from the Assigned Numbers RFC.

Encap AgingTime
None (port-based VLAN) ip (IP version 4) ipx802dot3 (Novell IPX on Ethernet 802.3 frames) ipx802dot2 (Novell IPX on IEEE 802.2 frames) ipxSnap (Novell IPX on Ethernet SNAP frames) ipxEthernet2 (Novell IPX on Ethernet Type 2 frames) appleTalk (AppleTalk on Ethernet Type 2 and Ethernet SNAP frames) decLat (DEC LAT protocol) decOther (Other DEC protocols) sna802dot2 (IBM SNA on IEEE 802.2 frames) snaEthernet2 (IBM SNA on Ethernet Type 2 frames) netBIOS (NetBIOS protocol) xns (Xerox XNS) vines (Banyan VINES) ipv6 (IP version 6) usrDefined (user-defined protocol) RARP (Reverse Address Resolution Protocol)
This encapsulation type is for user-defined, protocol-based VLANs only. The timeout period in seconds for aging out the dynamic member ports of policy-based VLANs.
55
Field MacAddress
Description The MAC address assigned to the virtual router interface for this VLAN. This box applies only to a VLAN configured for routing. Routed frames and ARP replies use this MAC address as their Source MAC. One of the following VLAN-related actions:
Vlan Operation Action
noneno VLAN updates. flushMacFdbflush MAC forwarding table for VLAN. flushArpflush ARP table for VLAN. flushIpflush IP route table for VLAN. When you execute this command, the switch immediately sends a RIP request to solicit the updated RIP routes. allflush all tables for VLAN. When you execute this command, the switch immediately sends a RIP request to solicit the updated RIP routes. flushSnoopMemflush IGMP Snoop Members. flushSnoopMRtrflush snoop multicast router.

Result UserDefinedPid UserPriority UpdateDynamicMacQosL evel
Result code for action. User-defined protocol ID list if the user selected and defined a protocol type. User-assigned priority level. This field indicates whether to update the QoS level for dynamically learned MAC addresses associated with a subnet-based or protocol-based VLAN. If you enable this field the QoS level for all dynamically learned MAC addresses changes when the VLAN QoS level changes. If you disable this field, when the VLAN learns a MAC address, the QoS level does not update when the VLAN QoS level changes.
Field QosLevel
Description The quality of service level of the destination MAC address for incoming frames on this VLAN.

NlbMode
level0 (lowest priority) level1 (default) level2 level3 level4 level5 level6 level7 (highest priority)
Defines the administrative network load balancing mode: nlbAdminDisable

OperNlbMode
nlbAdminIgmpMcast nlbAdminMulticast nlbAdminUnicast
Identifies the operational network load balancing mode.
Conguring VLAN forwarding lters using Device Manager

Configure VLAN forwarding filters to control the forwarding of VLAN information by performing this procedure.
Procedure steps
Step 1 2 3 4 5 6
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). Click the Forwarding tab. Click Filter. Select a forwarding filter Condition. Select or clear the Ignore case check box. Select a forwarding filter Column formula.
57
Select and configure remaining forwarding filter parameters as required.

--End--
Use the data in this table to help you configure VLAN forwarding filters.
Variable Address VlanId Port Monitor Value An address for which the filter has forwarding or filtering information. The ID of the VLAN. The port number. Select true or false to copy packets with a MAC address in the source or destination field. Used with port mirroring. User-assigned Quality of Service level. Specifies whether you want to use split multilink trunking. Values include:
QoSLevel SmltRemote Status
selfone of the bridge addresses learneda learned entry that is being used mgmta static entry
Changing VLAN port membership using Device Manager

Change the port membership of a VLAN to modify the ports specified as exclusive members of the VLAN by performing this procedure.
Procedure steps
Step 1
Action On the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0) . The VLAN dialog box appears with the Basic tab selected. Double-click the PortMembers box for the VLAN whose ports you want to change. The PortMembers, VLAN dialog box for the VLAN appears. Click the port members to add or remove.
You cannot add a dimmed port to the VLAN (for example, you cannot select ports that do not belong to the same STG as the VLAN). 4 Click Ok. The PortMembers dialog box closes, and the changes appear in the Basic tab. 5 6 Click Apply. Click Close.
--End--
Conguring MAC address autolearning on a VLAN using Device Manager

Configure MAC address autolearning on a VLAN to define VLAN ports to automatically learn MAC addresses by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, MAC Learning. The VlanMacLearning dialog box appears with the Manual Edit tab selected.
2 3 4
Click Insert. The VlanMacLearning, Insert Manual Edit dialog box appears. Enter the source MAC address in the Address box. Click the ellipsis (...) in the Ports box. The BridgeManualEditPorts dialog box appears showing the available ports.
5 6
Select the port numbers of the ports you want to perform VLAN MAC learning. Click Ok. The BridgeManualEditPorts dialog box closes, and the port numbers appear in the Insert Manual Edit dialog box.
Click Insert. The Insert Manual Edit dialog box closes, and the MAC address and ports appear in the Manual Edit tab of the VlanMacLearning dialog box.
Click Apply.
59
Click Close.
--End--
Use the data in the following table to configure MAC address autolearning on a VLAN.
Variable Address Port Value The source MAC address of an entry. The allowed ports the MAC address of this entry is learned on.
Modifying autolearned MAC addresses using Device Manager

Modify autolearned MAC addresses to switch from an automatically learned MAC address to a MAC address that you can edit manually by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, MAC Learning. The VlanMacLearning dialog box appears with the Manual Edit tab selected.
Click the Auto Learn tab. The Auto Learn tab appears, which displays autolearned MAC addresses.
3 4 5
Double-click the address in the Auto Learn Action box that you want to change. Select convertToManualEdit from the list. Click Apply. The Auto Learn Action changes.
--End--
Use the data in the following table to configure MAC address autolearning on a VLAN.
Variable Address Value The source MAC address of the autolearned entries.
Variable Auto Learn Action
Value The mechanism that allows you to move a MAC address entry from the autolearned table to the Manual Edit table. Settings:

Port
None convertToManualEdit
The port that learned the MAC address.
Managing VLAN bridging using Device Manager

This section describes how to manage VLAN bridging.
Managing VLAN bridging using Device Manager navigation
Configuring the forwarding database timeout using Device Manager (page 60) Viewing the forwarding database using Device Manager (page 61) Clearing learned MAC addresses by VLAN using Device Manager (page 62) Clearing learned MAC addresses for all VLANs by port using Device Manager (page 63) Configuring static forwarding using Device Manager (page 63) Configuring a MAC-layer bridge filter using Device Manager (page 65) Configuring Layer 2 multicast MAC filtering using Device Manager (page 66)
Conguring the forwarding database timeout using Device Manager

Configure the forwarding database timeout to assign the period for aging out dynamically learned forwarding information by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0) . The VLAN dialog box appears with the Basic tab selected. Select a VLAN.
61
Click Bridge. The Bridge, VLAN dialog box appears with the Transparent tab selected displaying learned entry discards.
In the FdbAging box, enter an interval (in seconds), to age out dynamically learned forwarding information, or keep the default (300 seconds). Click Apply. Click Close.
--End--
5 6
Use the data in the following table to configure the forwarding database timeout.
Variable FdbAging Value The timeout period (in seconds) used to age out forwarding database (FDB) entries of this VLAN.
Viewing the forwarding database using Device Manager

View the forwarding database for a VLAN to see bridge forwarding and filtering information used by transparent bridging to determine how to forward a received frame by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears with the Basic tab selected. Select a VLAN. Click Bridge. The Bridge, VLAN dialog box appears with the Transparent tab selected.
2 3
Click the Forwarding tab. The Forwarding dialog box appears.

--End--
Use the data in the following table to view the forwarding database.
Variable Status
Value Values include:

Address VlanId Port
selfone of the bridge addresses learneda learned entry mgmta static entry
A unicast MAC address for which the bridge holds forwarding and filtering information. The VLAN identifier. A value of zero (0) or the port number of the port which can see a frame with the specified MAC address. A value of 0 indicates a self-assigned MAC address. The quality of service level of the destination MAC address for incoming frames on this VLAN.
QosLevel

SmltRemote
Specifies if you want to use Split MultiLink Trunking (SMLT).
Clearing learned MAC addresses by VLAN using Device Manager

Clear learned MAC addresses by VLAN to manually flush the bridge forwarding database of learned MAC addresses for a VLAN by performing this procedure.
Procedure steps
Step 1 2 3 4
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0) . Click the Advanced tab. Double-click the VLAN Operation Action box for a specific VLAN. Select flushMacFdb from the list.
63
Click Apply.
--End--
Clearing learned MAC addresses for all VLANs by port using Device Manager
Clear learned MAC addresses for port-associated VLANs to manually flush the bridge forwarding database of learned MAC addresses for all VLANs associated to a specific port by performing this procedure.
Procedure steps
Step 1 2 3 4 5
Action From the Device Manager main window, select a port. From the Device Manager menu bar, choose Edit, Port. The Port dialog box appears with the Interface tab selected. In the Action section, select the FlushMacFdb option button. Click Apply. Click Close.
--End--
Conguring static forwarding using Device Manager

Configure static forwarding to assign specific ports to forward data frames by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears with the Basic tab selected. Select a VLAN. Click Bridge. The Bridge, VLAN dialog box appears with the Transparent tab selected.
2 3
4 5
Click the Static tab. The Static dialog box appears. Click Insert. The Bridge, VLAN, Insert Static dialog box appears.
6 7 8 9
Enter a forwarding destination MAC address in the MacAddress box. Click the ellipsis (...) in the Port box. The Bridge Static Port dialog box appears. Click the number of the port which receives the frame. Click Ok. The Bridge Static Port dialog box closes, and the selected port appears in the Bridge, VLAN, Insert Static dialog box.
10 11
In the QosLevel box, select a quality of service level (0 to 8) option button or use the default (level 1). Click Insert. The Bridge, VLAN, Insert Static dialog box closes and the static information appears in the Static tab of the Bridge, VLAN dialog box.
12
Click Close.
--End--
Use the data in the following table to configure static forwarding.
Variable MacAddress Value The destination MAC address in a frame, to which the forwarding information of this entry applies. This object can take the value of a unicast address. The port number of the port that receives the frame. The quality of service level of the destination MAC address for incoming frames on this VLAN.
Port QosLevel
65
Conguring a MAC-layer bridge lter using Device Manager

Configure a MAC-layer bridge filter to apply a packet filtering method to a VLAN port by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears with the Basic tab selected. Select a VLAN. Click Bridge. The Bridge, VLAN dialog box appears with the Transparent tab selected
2 3
4 5 6 7 8 9
Click the Filter tab. Click Insert. The Bridge, VLAN, Insert Filter dialog box appears. In the MacAddress box, enter the MAC address used to match the destination address of incoming packets. In the Port box, click the ellipses (...). The BridgeFilterPort dialog box appears. Select the port number for this MAC address. Click Ok. The BridgeFilterPort dialog box closes and the port appears in the Port box in the Bridge, VLAN, Insert Filter dialog box.
10 11 12
In the DropCommand section, select a drop method option button. Choose a QoS level. Click Insert. The Bridge, VLAN, Insert Filter dialog box closes, and the filter appears in the Filter tab.
13
Close all dialog boxes.

--End--
Use the data in the following table to configure a MAC-layer bridge filter.
Variable MacAddress Port DropCommand
Value The MAC address of this entry. Used to match the destination address of incoming packets. The port that holds this MAC address. Specify a drop method:

QosLevel
none: Drops no packets. srcDrop: Drops packets with this source MAC address. dstDrop: Drops packets with this destination MAC address. bothDrop: Drops packets with this source and destination MAC address.
The quality of service level of the destination MAC address for incoming frames.
Conguring Layer 2 multicast MAC ltering using Device Manager

Configure Layer 2 multicast MAC filtering to direct MAC multicast flooding to a specific set of ports by performing this procedure.
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, VLANs GRT (vrf 0). The VLAN dialog box appears displaying the Basic tab. The Basic tab displays all defined VLANs with their configurations and current status.
2 3
Select a VLAN. Click Bridge. The Bridge dialog box appears displaying the FDB Aging tab.
67
4 5 6 7 8 9 10 11 12 13
Click the Multicast tab. The Multicast dialog box appears. Click Insert. The Bridge, VLAN, Insert Multicast MAC dialog box appears. In the Address box, type the MAC address for the multicast flooding domain. Click the ellipsis (...) beside the ForwardingPorts box. Select a port. Click Ok. Click the ellipsis (...) beside the MltIds box. Select an MLT ID. Click Ok. Click Insert.
--End--
Use the data in the following table to configure Layer 2 multicast MAC filtering.
Variable Address Value The MAC address for the multicast flooding domain. This field does not accept MAC addresses that begin with 01:00:5e (01:00:5e:00:00:00 to 01:00:5e:ff:ff:ff inclusive). If you attempt to use this type of address, the following error message appears: Error: Invalid MAV address The ports to include in the multicast flooding domain. The multilink trunks that you must include in the multicast flooding domain.
ForwardingPorts MltIds
69
VLAN conguration using the CLI

This chapter describes how to configure and manage virtual local area network (VLAN) using the command line interface (CLI). For more information about CLI command reference, see Nortel Ethernet Routing Switch 8300 Command Reference - CLI (NN46200-513) .
Navigation
Job aid: Roadmap of VLAN CLI commands (page 69) VLAN configuration and management using the CLI (page 73)
Job aid: Roadmap of VLAN CLI commands

The following table lists the CLI commands and their parameters that you use to complete the procedures in this section.
Table 7 Job aid: Roadmap of VLAN CLI commands Command config ethernet <port> perform-taggi ng <enable|disable> config ethernet [<port>] [spoof-detect <enable|disable>] config vlan <vid> action <none> <flushMacFdb> <flushArp> <flushIp> <triggerRipUpdate> <all> Parameter
70 VLAN configuration using the CLI
Table 7 Job aid: Roadmap of VLAN CLI commands (contd.) Command config vlan <vid> add-mlt config vlan <vid> create byport Parameter <number> <sid> name <value> color <value> info config vlan <vid> create byprotocol <sid> <ip> <ipx802dot3> <ipx802dot2> <ipxSnap> <ipxEthernet2> <appleTalk> <decLat> <decOther> <sna802dot2> <snaEthernet2> <netBios> <xns> <vines> <ipV6> <usrDefined> <rarp> <pid1-pidn, pidm..> name <value>
Job aid: Roadmap of VLAN CLI commands
71
Table 7 Job aid: Roadmap of VLAN CLI commands (contd.) Command Parameter color <value> encap <value> info config vlan <vid> delete config vlan <vid> fdb-entry aging-time <seconds> flush qos-level <mac> status <value> <0...7> sync info config vlan <vid> fdb-filter add <mac> port <value> drop <value> [qos <value>] remove <mac> info config vlan <vid> fdb-static add <mac> port <value> [qos <value>] remove <mac> info config vlan <vid> name config vlan <vid> nlb-mode <disable|igmp-mcast|multicast| unicast> config vlan <vid> ports add <port> member <value> config vlan <vid> ports remove <port> [member <value>] <string>
Table 7 Job aid: Roadmap of VLAN CLI commands (contd.) Command config vlan <vid> qos-level For more information about a procedure using this command, see Nortel Ethernet Routing Switch 8300 Configuration QoS and IP Filtering (NN46200-515) . config vlan <vid> static-mcastmac add mac <value> [port <value>] [mlt <value>] add-mlt <mid> mac <value> add-ports <port> mac <value> delete-mac <value> <none> delete-ports <port> mac <value> info show spoof-detect [ports <portlist>] show spoof-detect [vlan <vid>] show vlan info advance [<vid>] show vlan info arp [<vid>] show vlan info basic [<vid>] show vlan info fdb-entry <vid> show vlan info fdb-filter <vid> show vlan info arp [<vid>] show vlan info autolearn-mac show vlan info igmp [<vid>] show vlan info manual-edit-mac show vlan info nlb-mode [<vid>] show vlan info ports [<vid>] Parameter <number>
VLAN configuration and management using the CLI
73
Table 7 Job aid: Roadmap of VLAN CLI commands (contd.) Command show vlan info static-mcast [<vid>] show vlan info userdefined-advance Parameter
VLAN conguration and management using the CLI

Configure and manage VLANs to create a VLAN, add or remove ports in the VLAN, assign priority, change a VLAN name, or perform other operations.
VLAN conguration and management using the CLI navigation
Creating a port-based VLAN using the CLI (page 74) Creating a protocol-based VLAN using the CLI (page 75) Assigning an IP address to a VLAN using the CLI (page 77) Deleting an IP address from a VLAN using the CLI (page 78) Viewing basic VLAN configuration using the CLI (page 78) Performing a general VLAN action using the CLI (page 79) Viewing general VLAN information using the CLI (page 80) Adding a multilink trunk to a VLAN using the CLI (page 80) Configuring VLAN forwarding database entries using the CLI (page 81) Configuring VLAN forwarding database filters using the CLI (page 82) Adding VLAN static forwarding database members using the CLI (page 83) Adding ports to a VLAN using the CLI (page 85) Viewing VLAN forwarding database information using the CLI (page 84) Viewing forwarding database filters using the CLI (page 84) Removing ports from a VLAN using the CLI (page 86) Configuring NLB using the CLI (page 86) Viewing VLAN port member status using the CLI (page 88) Configuring a VLAN name using the CLI (page 89) Deleting a VLAN using the CLI (page 89) Enabling VLAN tagging on a port using the CLI (page 90)
Assigning untagged frames to the default VLAN using the CLI (page 90) Viewing advanced VLAN information using the CLI (page 91) IP spoof detection configuration using the CLI (page 91) Configuring static multicast MAC entries using the CLI (page 93) Viewing VLAN static MAC information using the CLI (page 95) Viewing VLAN manual edit MAC information using the CLI (page 95) Viewing VLAN autolearn information using the CLI (page 96) Viewing VLAN ARP information using the CLI (page 96) Viewing VLAN IGMP information using the CLI (page 97) Viewing VLAN static multicast information using the CLI (page 97) Viewing the PID range for a user-defined, protocol-based VLAN using the CLI (page 97)
Creating a port-based VLAN using the CLI

Procedure steps
Step 1 Action Create a port-based VLAN by using the following command: config vlan <vid> create byport <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> create byport command.
Variable color <value> Value (Optional) Used by the Optivity NMS VLAN Manager tool to select a color when it draws this VLAN on the screen. Allowable color values range from 0 to 32.
75
Variable info <sid>
Value Displays the following information:
Sub-Context: The names of the directories for the next CLI command level. Current Context: The parameter settings for the created VLAN.
<sid> is the spanning tree ID. Values range from 1 to 64. name <value> (Optional) Defines a name for the VLAN. VLAN names can include up to 20 characters in length. Assigns a VLAN STG ID. Allowable SID range is from 1 to 64.
<sid>
Creating a protocol-based VLAN using the CLI

Create a protocol-based VLAN to segment a network into broadcast domains, according to the network or user-defined protocol by performing this procedure.
Procedure steps
Step 1 Action Create a VLAN based on network protocol by using the following command: config vlan <vid> create byprotocol OR Create a VLAN based on a user-defined protocol by using the following command: config vlan <vid> create byprotocol <sid> usrDefined <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> create byprotocol or config vlan <vid> create byprotocol <sid> usrDefined command.
Variable <appleTalk> color <value> Value Creates a VLAN based on appleTalk protocol. (Optional) Used by the Optivity NMS VLAN Manager tool to select a color when it draws this VLAN on the screen. Allowable color values range from 0 to 32. Creates a VLAN based on decLat protocol. Creates a VLAN based on decOther protocol. (Optional) Specifies frame encapsulation. Allowable values are ethernet-ii, llc, or snap. If you do not specify an encapsulation value, a protocol entry with each encapsulation type is created in the Ethernet Routing Switch 8300 hardware. info Displays the following information:
<decLat> <decOther> encap <value>

<ip> <ipV6> <ipx802dot2> <ipx802dot3> <ipxEthernet2> <ipxSnap> name <value>
Sub-Context: The names of the directories for the next CLI command level. Current Context: The parameter settings for the created VLAN.
Creates a VLAN based on IP protocol. Creates a VLAN based on ipV6 protocol. Creates a VLAN based on ipx802dot3 protocol. Creates a VLAN based on ipx802dot3 protocol. Creates a VLAN based on ipxEthernet2 protocol. Creates a VLAN based on ipxSnap protocol. (Optional) Defines a name for the VLAN. VLAN names can include up to 20 characters in length. Creates a VLAN based on netBios protocol.
<netBios>
77
Variable <pid1-pidn, pidm..>
Value (Optional) Assigns a user-defined protocol ID (PID) in hexadecimal format (0x0001...0xffff) to this VLAN. The PID can consist of a single PID, a range, or a combination. (for example, 0x9001; 0x9001-0x9005; or 0x90061, 0x9007-0x9009). You can specify up to a maximum of 8 PIDs for a user-defined VLAN. Creates a VLAN based on ipx802dot3 protocol. Creates a VLAN based on sna802dot2 protocol. Creates a VLAN based on snaEthernet2 protocol. Creates a VLAN based on a protocol defined by the user. Creates a VLAN based on vines protocol. Creates a VLAN based on xns protocol.
<rarp> <sna802dot2> <snaEthernet2> <usrDefined> <vines> <xns>
Assigning an IP address to a VLAN using the CLI

Assign an IP address to a VLAN to add the VLAN to a network by performing this procedure.
Procedure steps
Step 1 Action Assign an IP address to a VLAN by using the following command: config vlan <vid> ip create <ipaddr/mask> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the config vlan <vid> ip create command.
Variable <ipaddr/mask> Value Assigns an IP address and subnet mask to the VLAN, in the format {a.b.c.d}.
Deleting an IP address from a VLAN using the CLI

Delete an IP address from a VLAN to remove the VLAN from a network by performing this procedure.
Procedure steps
Step 1 Action Delete an IP address from a VLAN by using the following command: config vlan <vid> ip delete<ipaddr> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the config vlan <vid> ip delete<ipaddr> command.
Variable <ipaddr> Value Specifies the IP address to delete from this VLAN.
Viewing basic VLAN conguration using the CLI

View the basic configuration for all VLANs on the switch or a specific VLAN by performing this procedure.
Procedure steps
Step 1 Action View the basic configuration for all VLANs by using the following command: show vlan info basic OR 2 View the basic configuration for a specific VLAN by using the following command: show vlan info basic <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
79
Performing a general VLAN action using the CLI

Perform a general VLAN action to initiate a specific function on a VLAN, such as clearing learned MAC addresses or ARP entries from the forwarding database by performing this procedure.
Procedure steps
Step 1 Action Configure a general VLAN action by using the following command: config vlan <vid> action <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> action command.
Variable <all> Value Removes all entries associated with this VLAN. When you execute this command, the switch immediately sends a RIP request to solicit the updated RIP routes. Removes the ARP entries from the address table for the selected VLAN. Removes the learned IP addresses from the forwarding table for the selected VLAN. When you execute this command, the switch immediately sends a RIP request to solicit the updated RIP routes. Removes the learned Mac addresses from the forwarding database for the selected VLAN. Performs no updates. Triggers a Routing Information Protocol (RIP) update. For more information about RIP, see Configuration- IP Multicast Routing Protocols (NN46200-520) .
<flushArp> <flushIp>
<flushMacFdb> <none> <triggerRipUpdate>
Viewing general VLAN information using the CLI

View all configuration information about a defined VLAN by performing this procedure.
Procedure steps
Step 1 Action View all configuration information about a defined VLAN by using the following command: show vlan info all [<vid>][by <value>] <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the show vlan info all <vid>[by <value>] command.
Variable by <value> Value Groups the information by ID number or by each feature.
Adding a multilink trunk to a VLAN using the CLI

Add a multilink trunk to a VLAN to dedicate the trunk to a specific segment of a LAN by performing this procedure.
Procedure steps
Step 1 Action Add a link aggregation group to a VLAN by using the following command: config vlan <vid> add-mlt<number> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the config vlan <vid> add-mlt<number> command.
81
Variable <number>
Value The multilink trunk ID to add to this VLAN. Allowable MLT IDs range from 1 to 31.
Conguring VLAN forwarding database entries using the CLI

Configure VLAN entries in the forwarding database to determine how the VLAN manages the forwarding of MAC address information by performing this procedure.
Procedure steps
Step 1 Action Configure VLAN entries in the forwarding database by using the following command: config vlan <vid> fdb-entry <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> fdb-entry command.
Variable aging-time <seconds> Value Configures the forwarding database aging timer in seconds (10 to 1 000 000) to assign the time after which the system removes unused entries from the database. Flushes the forwarding database for this VLAN. Displays the following information:
flush info
Sub-Context: The names of the directories for the next CLI command level. Current Context: The fdb-entry parameter settings for this VLAN.
Variable qos-level <mac> <0...7>
Value Configures the quality of service (QoS) level parameters for this VLAN.
MAC: Specify the MAC address, in the format 0x00:0x00:0x00:0x00:0x00:0x00. 0...7: Specify the QoS level for this VLAN. Allowable levels range from 0 to 7, with 7 as the highest priority level.
sync
Synchronizes the forwarding database of the switch with the forwarding database of the other aggregation switch.
Conguring VLAN forwarding database lters using the CLI

Configure VLAN forwarding database filters to apply a packet filtering method to a VLAN port by performing this procedure.
Procedure steps
Step 1 Action Configure VLAN forwarding database filters by using the following command: config vlan <vid> fdb-filter <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> fdb-filter command.
Variable add <mac> port <value> drop <value> [qos <value>] Value Adds a filter member to a VLAN forwarding database.
MAC: Specify the MAC address for the filter, in the format 0x00:0x00:0x00:0x00:0 x00:0x00. Port <value>: List one or more ports to filter in the format {slot/port[-slot/port][,...]}. Drop: Specify one of the following drop options for the filter.
83
Variable
Value none dstOnly: destination only srcOnly: source only Both: both destination and source
info
(Optional) QoS : Assigns a QoS level for this filter. Allowable levels range from 0 to 7, with 7 as the highest priority level.
Displays the following information:

remove <mac>
Sub-Context: The names of the directories for the next CLI command level. Current Context: The fdb-filter parameter settings for this VLAN.
Removes the filter for the specified MAC address from the forwarding database for this VLAN. Specify a MAC address, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
Adding VLAN static forwarding database members using the CLI

Add port information to a VLAN forwarding database by performing this procedure.
Procedure steps
Step 1 Action Configure VLAN static forwarding database members by using the following command: config vlan <vid> fdb-static <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> fdb-static command.
Variable add <mac> port <value> [qos <value>]
Value Adds a static member to a VLAN forwarding database.
MAC: Specify the MAC address to add. Port: Specify the port to add, in the format slot/port. (Optional)QoS : Assigns a QoS level for this VLAN. Allowable levels range from 0 to 7, with 7 as the highest priority level.
info
Displays the following:

remove <mac>
Sub-Context: The names of the directories for the next CLI command level. Current Context: The forwarding database static parameter settings for this VLAN.
Specifies the static MAC address member to remove from a VLAN bridge.
Viewing VLAN forwarding database information using the CLI

View forwarding database information for a specific VLAN by performing this procedure.
Procedure steps
Step 1 Action View forwarding database information for a specific VLAN by using the following command: show vlan info fdb-entry <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing forwarding database lters using the CLI

View forwarding database filter information for a specific VLAN by performing this procedure.
85
Procedure steps
Step 1 Action View the forwarding database filters for a specific VLAN by using the following command: show vlan info fdb-filter <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Adding ports to a VLAN using the CLI

Add ports to a VLAN to increase the number of ports specified as exclusive members of the VLAN by performing this procedure.
Procedure steps
Step 1 Action Add ports to a VLAN by using the following command: config vlan <vid> ports add <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> ports add command.
Variable [member <value>] Value (Optional) Assigns the port member type. Allowable types include:

<port>
Portmember: Use this designation for ports that sometimes belong to this VLAN. Static: Use this designation for ports that always belong to this VLAN. Notallowed: Use this designation for ports that never belong to this VLAN.
Defines the ports to add in the format {slot/port[-slot/port][,...]}.
Removing ports from a VLAN using the CLI

Remove ports from a VLAN to decrease the number of ports specified as exclusive members of the VLAN by performing this procedure.
Procedure steps
Step 1 Action Remove ports from a VLAN by using the following command: config vlan <vid> ports remove <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> ports remove command.
Variable [member <value>] Value Assigns the port member type. Allowable types include:

<port>
Portmember: Use this designation for ports that sometimes belong to this VLAN. Static: Use this designation for ports that always belong to this VLAN. Notallowed: Use this designation for ports that never belong to this VLAN.
Defines the ports to add in the format {slot/port[-slot/port][,...]}.
Conguring NLB using the CLI

Configure Microsoft Network Load Balancing (NLB) support to scale the performance of a server-based program. NLB distributes client requests among multiple servers within a cluster of hosts, and increases the scalability and availability of TCP- and IP-based services such as Web, Terminal Services, Virtual Private Network and streaming media servers. To configure NLB on a VRF instance (V-mode enabled), first associate the VLAN with a VRF (by default the VRF will be GRT [0]), then you configure NLB mode on the VLAN. To configure NLB on a non-VRF instance (V-mode disabled), configure NLB mode on the VLAN.
87
Prerequisites
NLB must be in the disable mode, which is the default mode, before you can choose one of the other three modes.
Procedure steps
Step 1 Action Configure NLB support on a specific VLAN by using the following command:
config vlan <vid> nlb-mode <disable|igmp-mcast|multica st|unicast>
Display the NLB mode on the VLANs or on a specific VLAN by using the following command:
show vlan info nlb-mode [<vid>]
<vid> specifies the ID of the VLAN where the NLB servers are located. Values range from 1 to 4000. The default VLAN ID value is 1.
--End--
The following table defines parameters that you enter after the config vlan <vid> nlb-mode command.
Variable <disable|igmp|igmp-mcast|multic ast|unicast> Definition Specifies the mode of the NLB feature. You must choose one mode. NLB must be in the disable mode, which is the default mode, before you can choose one of the other three modes. Specifies the ID of the VLAN where the NLB servers are located. Values range from 1 to 4000. The default VLAN ID value is 1.
[<vid>]
Procedure job aid: show vlan info nlb-mode command

Use the data in the following table to help you use the show vlan info nlb-mode command.
88 VLAN configuration using the CLI Table 8 show vlan info nlb-mode field descriptions Field VLAN_ID NLB_ADMIN_MODE Description Specifies the ID of the VLANs on which NLB is enabled. Specifies the NLB mode that the administrator configured on each VLAN. If NLB is disabled, this field is empty. Specifies the current operating NLB mode of each VLAN on which NLB is enabled. The following conditions result in an empty field (NLB disabled):
NLB_OPER_MODE
NLB_ADMIN_MODE is in unicast or multicast mode, but the specific VLAN is not configured with an IP address. NLB_ADMIN_MODE is in igmp-mcast mode, but the IGMP snoop is not enabled on the specific VLAN
PORT_LIST
Specifies the following for each NLB mode:
Unicast modelists the member ports of each VLAN on which NLB is enabled. Multicast modelists the ports connected to the cluster servers of each VLAN by snooping the cluster servers ARP response messages. IGMP mcast modelists the ports connected to the cluster servers of each VLAN by snooping the IGMP Report messages of the cluster servers.
MLT_GROUPS
Lists the multicast group name of each VLAN on which NLB is enabled.
Viewing VLAN port member status using the CLI

View the status of port members for all VLANs on the switch or for a specific VLAN by performing this procedure.
89
Procedure steps
Step 1 Action View the status of port members for all VLANs on the switch by using the following command: show vlan info ports OR 2 View the status of port members for a specific VLAN by using the following command: show vlan info ports [<vid>] <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Conguring a VLAN name using the CLI

Configure a VLAN name to assign a unique character string to a VLAN on your network by performing this procedure.
Procedure steps
Step 1 Action Configure a VLAN name by using the following command: config vlan <vid> name <vname> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the config vlan <vid> name <vname> command.
Variable <vname> Value Defines a name for the VLAN. VLAN names can include up to 20 characters in length.
Deleting a VLAN using the CLI

Delete a VLAN to remove the VLAN from your network by performing this procedure.
Procedure steps
Step 1 Action Delete a VLAN by using the following command: config vlan <vid> delete <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Enabling VLAN tagging on a port using the CLI

Enable VLAN tagging on a port to define how the port manages tagged and untagged data frames by performing this procedure.
Procedure steps
Step 1 Action Enable VLAN tagging on a port by using the following command: config ethernet <port> perform-tagging <enable|disable> <port> identifies the slot and port (slot/port).
--End--
Assigning untagged frames to the default VLAN using the CLI

Direct untagged frames to the default VLAN by performing this procedure.
ATTENTION
You must enable tagging on the port before you assign untagged frames to the default VLAN.
Procedure steps
Step 1 Action Direct untagged frames to the default VLAN by using the following commands: Conf eth <slot/port> default-vlan-id <vid> where <vid> ranges from 0 to 4000. config ethernet <port> untag-port-default-vlan <enable|disable>
91
<port> identifies the slot and port (slot/port).

--End--
Viewing advanced VLAN information using the CLI

View additional parameters for a specific VLAN or all VLANs on the switch by performing this procedure.
Procedure steps
Step 1 Action View additional parameters for all VLANs on your network by using the following command: show vlan info advance OR View additional parameters for a specific VLAN by using the following command: show vlan info advance <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
If the MAC ADDRESS column for a VLAN displays all zeros, the VLAN has no associated IP address.
IP spoof detection conguration using the CLI

This section describes how to configure IP spoof detection to block the external use of the switch IP address using the CLI.
IP spoof detection configuration using the CLI navigation
Configuring IP spoof detection using the CLI (page 91) Viewing IP spoof detection information using the CLI (page 92)
Configuring IP spoof detection using the CLI

Configure IP spoof detection to enable or disable IP spoofing prevention by performing this procedure. Step 1 Action Configure IP spoof detection by using the following command:
config ethernet [<port>] [spoof-detect <enable|disable>]

--End--
Variable definitions The following table defines optional parameters that you enter with the config ethernet [<port>] [spoof-detect <enable|disable>] command.
Variable <enable|disable> <port> Value Enables or disables spoof detection on a port or group of ports. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
Viewing IP spoof detection information using the CLI

View IP spoof detection information to display information about spoofed IP addresses and MAC addresses associated to ports and VLANs by performing this procedure. Step 1 Action View IP spoof detection information by using one of the following commands: show spoof-detect [ports <portlist>] OR show spoof-detect [vlan <vid>]
--End--
Variable definitions The following table defines optional parameters that you enter with the show spoof-detect [ports <portlist>] or show spoof-detect [vlan <vid>] commands.
Variable <portlist> Value Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}. Identifies the VLAN. Values range from 1 to 4000.
<vid>
93
Job aid The following table describes the command output field descriptions for the show spoof-detect [ports <portlist>] and show spoof-detect [vlan <vid>] commands.
Field PortNum VlanId SpoofedIp SpoofedMac Description Identifies the port number. Identifies the VLAN. Values range from 1 to 4000. Identifies the spoofed switch VLAN IP address. Identifies the spoofed switch VLAN source and destination MAC address.
Conguring static multicast MAC entries using the CLI

Configure static Multicast MAC filtering to direct MAC multicast flooding to a specific set of ports by performing this procedure.
Procedure steps
Step 1 Action Configure static multicast MAC entries for a VLAN by using the following command: config vlan <vid> static-mcastmac <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the config vlan <vid> static-mcastmac command.
Variable add mac <value> [port <value>] [mlt <value>]
Value Adds a static multicast MAC entry for this VLAN.

add-mlt <mid> mac <value>
<value>: Specify the MAC address to add, in the format 0x00:0x00:0x00:0x00:0x00:0 x00. Port <value>: Add ports to the VLAN static multicast MAC entry, in the format {slot/port[-slot/port][,...]}. MLT <value>: Add a static link aggregation group to the VLAN static multicast MAC entry.
Adds a static link aggregation group to the static multicast MAC entries for this VLAN.
MID: Specify the MLT ID to add. Allowable MLT IDs range from 1 to 31. MAC <value>: Specify the MAC address to add, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
add-ports <port> mac <value>
Adds ports to the static multicast MAC entries for this VLAN.
Ports: Specify the ports to add, in the format {slot/port[-slot/port][,...]}. MAC <value>: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
delete mac <value>
Deletes a MAC address from the static multicast MAC entries for this VLAN.
value: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0 x00:0x00.
95
Variable delete-mlt <mid> mac <value>
Value Deletes a static link aggregation group from the static multicast MAC entries for this VLAN.
MID: Specify the MLT ID to remove. Allowable MLT IDs range from 1 to 31. MAC <value>: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
delete-ports <port> mac <value>
Deletes ports from the static multicast MAC entries for this VLAN.
Ports: Specify the ports to remove, in the format {slot/port[-slot/port][,...]}. MAC <value>: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
info
Sub-Context: The names of the directories for the next CLI command level. Current Context: The forwarding database static parameter settings for this VLAN.
Viewing VLAN static MAC information using the CLI

View static MAC information for a specific VLAN by performing this procedure.
Procedure steps
Step 1 Action View static MAC information for a specific VLAN by using the following command: show vlan info fdb-static <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing VLAN manual edit MAC information using the CLI

View MAC address information for all VLANs on the switch by performing this procedure.
Procedure steps
Step 1 Action View VLAN MAC address information by using the following command: show vlan info manual-edit-mac
--End--
Viewing VLAN autolearn information using the CLI

View autolearned MAC address information for all VLANs on the switch by performing this procedure.
Procedure steps
Step 1 Action View autolearned MAC address information for all VLANs by using the following command: show vlan info autolearn-mac
--End--
Viewing VLAN ARP information using the CLI

View the ARP information for a specific VLAN or all VLANs on the switch by performing this procedure.
Procedure steps
Step 1 Action View the ARP information for all VLANs on your network by using the following command: show vlan info arp OR View the ARP information for a specific VLAN by using the following command: show vlan info arp <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
97
Viewing VLAN IGMP information using the CLI

View Internet Group Multicast Protocol (IGMP) information for all VLANs on the switch or for a specific VLAN by performing this procedure.
Procedure steps
Step 1 Action View IGMP information for all VLANs by using the following command: show vlan info igmp OR View IGMP information for a specific VLAN by using the following command: show vlan info igmp <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing VLAN static multicast information using the CLI

View static multicast information for all VLANs on the switch or for a specific VLAN by performing this procedure.
Procedure steps
Step 1 Action View static multicast information for all VLANs on the switch by using the following command: show vlan info static-mcast OR View static multicast information for a specific VLAN by using the following command: show vlan info static-mcast <vid>
--End--
Viewing the PID range for a user-dened, protocol-based VLAN using the CLI
View the PID range for a user-defined VLAN by performing this procedure.
Procedure steps
Step 1 Action View the PID range for a user-defined VLAN by using the following command: show vlan info userdefined-advance
--End--
The following table defines optional parameters that you enter after the show vlan info userdefined-advance command.
Variable <vid> Value Identifies the VLAN ID. Values range from 1 to 4000. The default VLAN ID is 1.
99
VLAN conguration using the NNCLI

This chapter describes how to configure and manage virtual local area network (VLAN) using the Nortel Networks command line interface (NNCLI) For more information about NNCLI command reference, see Nortel Ethernet Routing Switch 8300 Command Reference NNCLI (NN46200-306) . For more information about statistics, see Nortel Ethernet Routing Switch 8300 Performance Management (NN46200-705) .
Navigation
Job aid: Roadmap of VLAN NNCLI commands (page 99) VLAN configuration and management using the NNCLI (page 102)
Job aid: Roadmap of VLAN NNCLI commands

The following table lists the NNCLI commands and their parameters that you use to complete the procedures in this section.
Table 9 Job aid: Roadmap of VLAN NNCLI commands Command Privileged EXEC mode show interface vlan ip [<vid>] show ip igmp interface vlan <vid> show spoof-detect [port <portlist>] show spoof-detect [vlan <vid>] show vlan show vlan autolearn-mac show vlan manual-edit-mac Parameter
100
Table 9 Job aid: Roadmap of VLAN NNCLI commands (contd.) Command show vlan members show vlan nlb-mode show vlan static-mcastmac show vlan userdefined-advance show vlan vid <vid> advance show vlan vid <vid> basic show vlan vid <vid> fdb-entry show vlan vid <vid> fdb-filter show vlan vid <vid> fdb-static Global Configuration mode interface vlan <vid> no vlan fdb-entry <vid> monitor <mac> <fdb-status> no vlan fdb-filter <vid> <mac> no vlan fdb-static <vid> <mac> no vlan members <vid> <portlist> [portmember|static|notallowed] no vlan nlb-mode no vlan static-mcastmac <vid> mac <mac> no vlan update-dynamic-mac-qos-level <vid> vlan action <vid> <action> vlan add-mlt <vid> <mltid> vlan create <vid> [<name>] type protoc ol-Userdef <sid> [pid[-pid][,...]] vlan create <vid> type port <sid> vlan create <vid> [<name>] type <protocol-type> <sid> [color <value>] [encap <value>] [name < value>] vlan delete <vid> [portmember| static| notallowed] <vid> Parameter
Job aid: Roadmap of VLAN NNCLI commands 101
Table 9 Job aid: Roadmap of VLAN NNCLI commands (contd.) Command vlan fdb-entry <vid> aging-time <seconds> flush qos-level <mac> <value> sync vlan fdb-filter <vid> add <mac> <port> drop <option> vlan fdb-static <vid> add <mac> <port> [<qos level>] vlan members add <vid> <port> [<member value>] vlan members remove <vid> <portlist> vlan name <vid> <vname> vlan nlb-mode <vid> <igmp-mcast|multicast|unicast> vlan ports <portlist> tagging <tagAll|untagAll|untagPvidOnly> vlan qos-level <vid> <number> For more information about a procedure using this command, see Nortel Ethernet Routing Switch 8300 Configuration QoS and IP Filtering (NN46200-515) . vlan static-mcastmac <vid> add <mac> [ports <portlist>] add-mlt <mltid> <mac> add-ports <portlist> <mac> remove <mac> remove-mlt <mltid> <mac> remove-ports <portlist> <mac> VLAN Interface Configuration mode ip address <ipaddr> <mask> no ip address <ipaddr> FastEthernet/GigabitEthernet/VLAN Interface Configuration mode no spoof-detect [enable] [qos <value>] Parameter
102
Table 9 Job aid: Roadmap of VLAN NNCLI commands (contd.) Command no spoof-detect [port <portlist>] [enable] spoof-detect [enable] spoof-detect [port <portlist>] [enable] Parameter
VLAN conguration and management using the NNCLI

Configure and manage VLANs to create a VLAN, add or remove ports in the VLAN, assign priority, change a VLAN name, or perform other operations.
VLAN conguration and management using the NNCLI navigation
Creating a port-based VLAN using the NNCLI (page 103) Creating a protocol-based VLAN using the NNCLI (page 104) Creating a user-defined, protocol-based VLAN using the NNCLI (page 106) Assigning an IP address to a VLAN using the NNCLI (page 107) Deleting an IP address from a VLAN using the CLI (page 108) Performing a general VLAN action using the NNCLI (page 108) Adding a multilink trunk to a VLAN using the NNCLI (page 109) Viewing general VLAN information using the NNCLI (page 110) Configuring VLAN forwarding database entries using the NNCLI (page 110) Deleting VLAN forwarding database entries using the NNCLI (page 111) Configuring VLAN forwarding database filters using the NNCLI (page 112) Deleting VLAN forwarding database filters using the NNCLI (page 113) Adding VLAN static forwarding database members using the NNCLI (page 114) Removing VLAN static forwarding database members using the NNCLI (page 114) Viewing VLAN forwarding database information using the NNCLI (page 115)
VLAN configuration and management using the NNCLI
103
Viewing VLAN forwarding database filters using the NNCLI (page 115) Adding ports to a VLAN using the NNCLI (page 116) Removing ports from a VLAN using the NNCLI (page 117) Configuring NLB using the NNCLI (page 118) Viewing VLAN port information using the NNCLI (page 120) Configuring a VLAN name using the NNCLI (page 121) Deleting a VLAN using the NNCLI (page 121) Configuring VLAN tagging using the NNCLI (page 122) Viewing specific VLAN information using the NNCLI (page 122) Viewing advanced VLAN information using the NNCLI (page 123) IP spoof detection configuration using the NNCLI (page 123) Configuring static multicast MAC entries using the NNCLI (page 126) Viewing VLAN static multicast information using the NNCLI (page 128) Removing VLAN static multicast MAC entries using the NNCLI (page 128) Viewing VLAN IP information using the NNCLI (page 129) Viewing VLAN static MAC information using the NNCLI (page 129) Viewing VLAN manual edit MAC information using the NNCLI (page 130) Viewing VLAN IGMP information using the NNCLI (page 130) Viewing VLAN autolearn information using the NNCLI (page 131) Viewing the PID range for a user-defined VLAN using the NNCLI (page 131)
Creating a port-based VLAN using the NNCLI

Prerequisites
Log on to the Global Configuration mode in the NNCLI.
104
Procedure steps
Step 1 Action Create a port-based VLAN by using the following command: vlan create <vid> type port <sid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the vlan create <vid> type port <sid> command.
Variable [color <value>] Value (Optional) Assigns a color attribute from 0 to 32. The VLAN Manager GUI tool uses the color attribute to select a color when it draws this VLAN on the screen. [name <value>] (Optional) Specifies a character string that defines the name of this VLAN. VLAN names can include up to 20 characters in length. Assigns the VLAN type to port-based VLAN. After you create a VLAN, you cannot change its type. You must first delete the VLAN, and then create a new VLAN of a different type.
type port
Creating a protocol-based VLAN using the NNCLI

Create a protocol-based VLAN to segment a network into broadcast domains, according to the network protocol in use.
Prerequisites
Log on to the Global Configuration mode in the NNCLI by performing this procedure.
105
Procedure steps
Step 1 Action Create a protocol-based VLAN by using the following command: vlan create <vid> [<name>] type <protocol-type> <sid> <name> identifies an optional VLAN name character string with a maximum of 20 characters <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the vlan create <vid> [<name>] type <protocol-type> <sid> command.
Variable [color <value>] Value (Optional) Assigns a color attribute from 0 to 32. The VLAN Manager GUI tool uses the color attribute to select a color when it draws this VLAN on the screen. [encap <value>] This encapsulation type is for user-defined, protocol-based VLANs only. The default value is null. Assigns the protocol type for the VLAN. After you create a VLAN , you cannot change its type. You must first delete the VLAN, and then create a new VLAN of a different type. Supported protocol types include:
type <protocol-typ e>
protocol-ipxSnap protocol-Netbios protocol-RarpEther2 protocol-snaEther2 protocol-Userdef
106
Variable
Value
protocol-vinesEther2 protocol-xnsEther2 protocol-ApltkEther2Snap protocol-decEther2 protocol-decOtherEther2 protocol-ipEther2 protocol-ipv6Ether2 protocol-ipx802.2 protocol-ipx802.3 protocol-ipxEther2
Creating a user-dened, protocol-based VLAN using the NNCLI

Create user-defined, protocol-based VLANs to enable the switch to support networks with nonstandard protocols by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Create a user-defined, protocol-based VLAN by using the following command: vlan create <vid> [<name>] type protocol-Userdef <sid> [pid[-pid][,...]] <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines variables in the vlan create <vid> [<name>] type protocol-Userdef <sid> [pid[-pid][,...]] command.
107
Variable [name <value>]
Value (Optional) Specifies a character string that defines the name of this VLAN. VLAN names can include up to 20 characters in length. Assigns a user-defined protocol ID (PID) in hexadecimal format (0x0001...0xffff) to this VLAN. The PID can consist of a single PID, a range, or a combination of the two (for example, 0x9001; 0x9001-0x9005; or 0x90061, 0x9007-0x9009). You can specify up to a maximum of eight PIDs for a user-defined VLAN.
[pid[-pid][,...]
Assigning an IP address to a VLAN using the NNCLI

Assign an IP address to a VLAN to add the VLAN to a network.
Prerequisites
Log on to the VLAN Interface Configuration mode in the NNCLI by performing this procedure.
Procedure steps
Step 1 Action Assign an IP address to a VLAN by using the following command: ip address <ipaddr> <mask>
--End--
The following table defines variables in the ip address <ipaddr> <mask> command.
Variable <ipaddress> <mask> Value Assigns an IP address to the VLAN, in the format {a.b.c.d|a.b.c.d}. Assigns a subnet mask to the VLAN, in the format, {x.x.x.x}.
108
Deleting an IP address from a VLAN using the CLI

Delete an IP address from a VLAN to remove the VLAN from a network by performing this procedure.
Prerequisites
Log on to the VLAN Interface Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Delete an IP address from a VLAN by using the following command: no ip address <ipaddr>
--End--
The following table defines variables in the no ip address <ipaddr> command.
Variable <ipaddress> Value Assigns an IP address to the VLAN, in the format {a.b.c.d|a.b.c.d}.
Performing a general VLAN action using the NNCLI

Perform a general VLAN action to initiate a specific function on a VLAN, such as clearing learned MAC addresses or ARP entries from the forwarding database by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Perform a general VLAN action by using the following command: vlan action <vid> <action>
109
<vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the vlan action <vid> <action> command.
Variable <action> Value Defines the VLAN action to perform:
nonePerforms no updates. flushMacFdbRemoves the learned Mac addresses from the forwarding database for the selected VLAN. flushArpRemoves the ARP entries from the address table for the selected VLAN. flushIPRemoves the learned IP addresses from the forwarding table for the selected VLAN. When you execute this command the switch immediately sends a RIP request to solicit the updated RIP routes. allRemoves entries from all tables. When you execute this command, the switch immediately sends a RIP request to solicit the updated RIP routes.
Adding a multilink trunk to a VLAN using the NNCLI

Add a multilink trunk to a VLAN to dedicate the trunk to a specific segment of a LAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Add a link aggregation group to a VLAN by using the following command: vlan add-mlt<vid><mltid>
110
<vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <mltid> identifies the multilink trunk ID. Values range from 1 to 31.
--End--
Viewing general VLAN information using the NNCLI

View information about all existing VLANs in your network by performing this procedure.
Prerequisites
Log on to the Privileged EXEC mode in the NNCLI.
Procedure steps
Step 1 Action View information about all existing VLANs in your network by using the following command: show vlan
--End--
Conguring VLAN forwarding database entries using the NNCLI

Configure VLAN entries in the forwarding database to define how the VLAN manages the forwarding of MAC address information by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure VLAN entries in the forwarding database by using the following command: vlan fdb-entry <vid>
111
--End--
The following table defines optional parameters that you enter after the vlan fdb-entry <vid> command.
Variable Coaging-time <seconds> Value Configures the forwarding database aging timer in seconds (10 to 1 000 000) to assign the time after which the system removes unused entries from the database. Flushes the forwarding database of learned MAC addresses for this VLAN. Sets the quality of service (QoS) level for this entry.
flush qos-level <mac> <value>

sync
MAC: Specifies the MAC address, in the format 0x00:0x00:0x00:0x00:0x00:0x00. Value: Specify the QoS level for this VLAN. Allowable levels range from 0 to 7, with 7 as the highest priority.
Synchronizes the forwarding database of the switch with the forwarding database of the other switches.
Deleting VLAN forwarding database entries using the NNCLI

Delete a VLAN forwarding database entry to remove the configuration of how the VLAN manages the forwarding of MAC address information by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Delete a VLAN forwarding database entry by using the following command: no vlan fdb-entry <vid> monitor <mac> <fdb-status>
112
--End--
The following table defines variables in the no vlan fdb-entry <vid> monitor <mac> <fdb-status> command.
Variable <fdb-status> Value Specifies the status of the forwarding database entry.

<mac>
Other Invalid Learned Self Mgmt
Specifies the MAC address of the entry,in the format 0x00:0x00:0x00:0x00:0x00:0x00.
Conguring VLAN forwarding database lters using the NNCLI

Configure VLAN forwarding database filters to apply a packet filtering method to a VLAN port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure VLAN forwarding database filters by using the following command: vlan fdb-filter <vid> add <mac> <port> drop <option> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
113
The following table defines variables in the vlan fdb-filter <vid> add <mac> <port> drop <option> command.
Variable add <mac> <port> drop <option> [qos <value>] Value Adds a filter member to the forwarding database.
MAC: Specify the MAC address for the filter, in the format 0x00:0x00:0x00:0x00:0x00:0x00. port: List one or more ports to add to this VLAN, in the format {slot/port[-slot/por t][,...]}. drop: Specify the drop option to use. none scrOnly dstOnly Both
(Optional) QoS: Assigns a quality of service (QoS) level for this filter. Allowable levels range from 0 to 7, with 7 as the highest priority.
Deleting VLAN forwarding database lters using the NNCLI

Delete VLAN forwarding database filters to remove a packet filtering method previously applied to a VLAN port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Delete VLAN forwarding database filters by using the following command: no vlan fdb-filter <vid> <mac> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <mac> identifies the MAC address. Use the format; 0x00:0x00:0x00:0x00:0x00:0x00
--End--
114
Adding VLAN static forwarding database members using the NNCLI

Add port information to a VLAN forwarding database by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Add port information to a VLAN forwarding database by using the following command: vlan fdb-static <vid> add <mac> <port> <qos level> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the vlan fdb-static <vid> add <mac> <port> <qos level> command.
Variable <mac> Value Specifies the MAC address for the static forwarding database entry to add, in the format 0x00:0x00:0x00:0x00:0x00:0x00. Specifies the slot or port number for the static forwarding database entry to add. (Optional) Specifies a QoS level for the static forwarding database member. Allowable levels range from 0 to 7, with 7 as the highest priority level.
<port> [<qos level>]
Removing VLAN static forwarding database members using the NNCLI

Remove port information from a VLAN forwarding database by performing this procedure.
Prerequisites
115
Procedure steps
Step 1 Action Remove port information from a VLAN forwarding database by using the following command: no vlan fdb-static <vid> <mac> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <mac> identifies the MAC address. Use the format; 0x00:0x00:0x00:0x00:0x00:0x00
--End--
Viewing VLAN forwarding database information using the NNCLI

View forwarding database information for a specific VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View forwarding database information for a specific VLAN by using the following command: show vlan vid <vid> fdb-entry <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing VLAN forwarding database lters using the NNCLI

View forwarding database bridging filter information for a specific VLAN by performing this procedure.
Prerequisites
116
Procedure steps
Step 1 Action View forwarding database bridging filter information for a specific VLAN by using the following command: show vlan vid <vid> fdb-filter <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Adding ports to a VLAN using the NNCLI

Add ports to a VLAN to increase the number of ports specified as exclusive members of the VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Add ports to a VLAN by using the following command: vlan members add <vid> <port> [<member value>] <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <port> identifies the slot and port (slot/port).
--End--
The following table defines variables in the vlan members add <vid> <port> [<member value>] command.
117
Variable [<member value>]
Value Defines the port member type for added ports. The allowable port member types are
portmember: Sometimes a member of this VLAN. static: Always a member of this VLAN. notallowed: Never a member of this VLAN.
Removing ports from a VLAN using the NNCLI

Remove ports from a VLAN to decrease the number of ports specified as exclusive members of the VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Remove ports from a VLAN by entering one of the following commands: vlan members remove <vid> <portlist> [portmember| static| notallowed] OR no vlan members <vid> <portlist> [portmember| static| notallowed] <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines variables in the vlan members remove <vid> <portlist> or the no vlan members <vid> <portlist> command.
118
Variable <portlist>
Value Lists one or more ports to remove from this VLAN. This command does not delete the VLAN. Specify the portlist in the format {slot/port[-slot/port][,...]}. (Optional) Specifies the type of port membership as one of the following:
[portmember| static| notallowed]
portmember: Sometimes a member of this VLAN. static: Always a member of this VLAN. notallowed: Never a member of this VLAN
Conguring NLB using the NNCLI

Configure Microsoft Network Load Balancing (NLB) support to scale the performance of a server-based program. NLB distributes client requests among multiple servers within a cluster of hosts, and increases the scalability and availability of TCP- and IP-based services such as Web, Terminal Services, Virtual Private Network and streaming media servers. To configure NLB on a VRF instance (V-mode enabled), first associate the VLAN with a VRF (by default the VRF will be GRT [0]), then you configure NLB mode on the VLAN. To configure NLB on a non-VRF instance (V-mode disabled), configure NLB mode on the VLAN.
Prerequisites
Log on to the Global Configuration mode or VRF router mode in the NNCLI.
Procedure steps
Step 1 Action Configure NLB on a specific VLAN by using the following command:
vlan nlb-mode <vid> <igmp-mcast|multicast|unicast>
<vid> is the VLAN identifier. Values range from 1 to 4000. 2 Configure NLB in disable mode on a specific VLAN by using the following command:
no vlan nlb-mode <vid>
<vid> is the VLAN identifier. Values range from 1 to 4000. 3 Display the NLB configuration by using the following command:
VLAN configuration and management using the NNCLI show vlan nlb-mode
--End--
119
The following table defines parameters that you enter after the vlan nlb-mode <vid> command.
Variable <vid> Value Specifies the ID of the VLAN where the NLB servers are located. Values range from 1 to 4000. Default Value: 1 Specifies the mode of the NLB feature. You must choose one mode. NLB must be in the disable mode, which is the default mode, before you choose one of the other three modes. The default form of this command is no vlan nlb-mode <vid>.
<|igmp-mcast|multicast| unicast>
For more information, see Microsoft Network Load Balancing TCG.
Procedure job aid: show vlan nlb-mode command

The following table shows the field descriptions for this command.
Field VLAN_ID Description Specifies the ID of the VLANs on which NLB is enabled.
NLB_ADMIN_MODE
Specifies the NLB mode that the administrator configures on each VLAN. If NLB is disabled, this field is empty.
120
Field NLB_OPER_MODE
Description Specifies the current operating NLB mode of each VLAN on which NLB is enabled. The following conditions result in an empty field (NLB disabled):
NLB_ADMIN_MODE is in unicast or multicast mode, but the specific VLAN is not configured with an IP address. NLB_ADMIN_MODE is in igmp-mcast mode, but the IGMP snoop is not enabled on the specific VLAN.
PORT_LIST
Specifies the following for each NLB mode:
Unicast modelists the member ports of each VLAN on which NLB is enabled. Multicast modelists the ports connected to the cluster servers of each VLAN by snooping the ARP response messages of the cluster servers. IGMP mcast modelists the ports connected to the cluster servers of each VLAN by snooping the IGMP Report messages of the cluster servers.
MLT_GROUPS
Lists the multicast group name of each VLAN on which NLB is enabled.
Viewing VLAN port information using the NNCLI

View port information for all VLANs by performing this procedure.
Prerequisites
121
Procedure steps
Step 1 Action View port information for all VLANs by using the following command: show vlan members
--End--
Conguring a VLAN name using the NNCLI

Configure a VLAN name to assign a unique character string to a VLAN on your network by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure a VLAN name by using the following command: vlan name <vid> <vname> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <vname> identifies the VLAN name. Values can be a maximum of 20 characters.
--End--
Deleting a VLAN using the NNCLI

Delete a VLAN to remove the VLAN from your network by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Delete a VLAN by using the following command:
122
vlan delete <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Conguring VLAN tagging using the NNCLI

Configure VLAN tagging on a port to define how the port manages tagged and untagged data frames by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure VLAN tagging on a port by using the following command: vlan ports <port> tagging <tagAll|untagAll|untagPvidOnly> <port> identifies the slot and port (slot/port).
--End--
The following table defines variables in the vlan ports <port> tagging <tagAll|untagAll|untagPvidOnly> command.
Variable tagging <tagAll|untagAll|un tagPvidOnly> Value Specifies the type of port tagging as one of the following:
tagAll: Enable tagging on all VLANs of the port. untagAll: Disable tagging on a port. untagPvidOnly: Disable tagging on the Pvid of a tagged port.
Viewing specic VLAN information using the NNCLI

View information about a specific VLAN already configured in your network by performing this procedure.
123
Prerequisites
Procedure steps
Step 1 Action View information about a specific VLAN by using the following command: show vlan vid <vid> basic <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing advanced VLAN information using the NNCLI

View all configuration information about a defined VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View all configuration information about a defined VLAN by using the following command: show vlan vid <vid> advance <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
IP spoof detection conguration using the NNCLI

This section describes how to configure IP spoof detection to block the external use of the switch IP address using the NNCLI.
124
IP spoof detection configuration using the NNCLI navigation
Enabling IP spoof detection using the NNCLI (page 124) Disabling IP spoof detection using the NNCLI (page 124) Viewing IP spoof detection information using the NNCLI (page 125)
Enabling IP spoof detection using the NNCLI

Enable IP spoof detection to prevent IP spoofing by performing this procedure.
ATTENTION
If you are using SMLT, be sure to configure spoof detection on both SMLT aggregation switches to avoid connectivity issues.
Log on to the Interface Configuration mode in the NNCLI.
Step 1
Action Enable IP spoof detection on the accessed port by using the following command: spoof-detect [enable] Enable IP spoof detection on a specific port or group of ports by using the following command: spoof-detect [port <portlist>] [enable]
--End--
Variable definitions The following table defines optional parameters that you enter with the spoof-detect [port <portlist>] [enable] command.
Variable enable <portlist> Value Enables spoof detection on the port. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
Disabling IP spoof detection using the NNCLI

Disable IP spoof detection to discontinue IP spoofing prevention by performing this procedure.
125
ATTENTION
If you are using SMLT, be sure to configure spoof detection on both SMLT aggregation switches to avoid connectivity issues. Restart the switch to enable the spoof detection feature.
Step 1
Action Disable IP spoof detection on the accessed port by using the following command: no spoof-detect [enable] Disable IP spoof detection on a specific port or group of ports by using the following command: no spoof-detect [port <portlist>] [enable]
--End--
Variable definitions The following table defines optional parameters that you enter with the no spoof-detect [port <portlist>] [enable] command.
Variable <portlist> Value Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
Viewing IP spoof detection information using the NNCLI

View IP spoof detection information to display information about spoofed IP addresses and MAC addresses associated to ports and VLANs by performing this procedure.
Step 1
Action View IP spoof detection information by using one of the following commands: show spoof-detect [port <portlist>]
126
OR show spoof-detect [vlan <vid>]

--End--
Variable definitions The following table defines optional parameters that you enter with the show spoof-detect [port <portlist>] or show spoof-detect [vlan <vid>] commands.
Variable <portlist> Value Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}. Identifies the VLAN. Values range from 1 to 4000.
<vid>
Job aid The following table describes the command output field descriptions for the show spoof-detect [port <portlist>] and show spoof-detect [vlan <vid>] commands.
Field PortNum VlanId SpoofedIp SpoofedMac Description Identifies the port number. Identifies the VLAN. Values range from 1 to 4000. Identifies the spoofed switch VLAN IP address. Identifies the spoofed switch VLAN source and destination MAC address.
Conguring static multicast MAC entries using the NNCLI

Configure static Multicast MAC filtering to direct MAC multicast flooding to a specific set of ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure static Multicast MAC filtering by using the following command:
127
vlan static-mcastmac <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
The following table defines optional parameters that you enter after the vlan static-mcastmac <vid> command.
Variable add <mac> [ports <portlist> ] [mlt <mltid>] Value Adds a static multicast MAC entry for this VLAN.
MAC: Specify the MAC address to add, in the format 0x00:0x00:0x00:0x00:0x00:0x00. MLT: Add a static link aggregation group to the VLAN static multicast MAC entry. Ports: Add ports to the VLAN static multicast MAC entry, in the format {slot/port[-slot/port][ ,...]}.
add-mlt <mltid> <mac>
Adds a static link aggregation group to the static multicast MAC entries for this VLAN.
MLTID: Specify the MLT ID to add. Allowable MLT IDs range from 1 to 31. MAC: Specify the MAC address to add, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
add-ports <portlist> <mac>
Adds ports to the static multicast MAC entries for this VLAN.
Portlist: Specify the ports to add, in the format {slot/port[-slot/port][,...]}. MAC: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
remove <mac>
Removes a static multicast MAC entry for this VLAN.
MAC value: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
128
Variable remove-mlt <mltid> <mac>
Value Removes a static link aggregation group from the static multicast MAC entries for this VLAN.
MltID: Specify the MLT ID to remove. Allowable MLT IDs range from 1 to 31. MAC: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
remove-ports <portlist> <mac>
Removes ports from the static multicast MAC entries for this VLAN.
Portlist: Specify the ports to remove, in the format {slot/port[-slot/port][,...]}. MAC: Specify the MAC address for the entry, in the format 0x00:0x00:0x00:0x00:0x00:0x00.
Removing VLAN static multicast MAC entries using the NNCLI

Remove VLAN static multicast MAC entries by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Remove VLAN static multicast MAC entries by using the following command: no vlan static-mcastmac <vid> mac <mac> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1. <mac> identifies the MAC address. Use the format; 0x00:0x00:0x00:0x00:0x00:0x00
--End--
Viewing VLAN static multicast information using the NNCLI

View static multicast information for all VLANs by performing this procedure.
Prerequisites

129
Procedure steps
Step 1 Action View static multicast information for all VLANs by using the following command: show vlan static-mcastmac
--End--
Viewing VLAN IP information using the NNCLI

View IP information for all VLANs or for a specific VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View IP information for all VLANs or for a specific VLAN by using the following command: show interface vlan ip <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing VLAN static MAC information using the NNCLI

View static MAC information for a specific VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View static MAC information for a specific VLAN by using the following command:
130
show vlan vid <vid> fdb-static <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
Viewing VLAN manual edit MAC information using the NNCLI

View MAC address information for all VLANs by performing this procedure.
Prerequisites
Log on to Privileged EXEC the mode in the NNCLI.
Procedure steps
Step 1 Action View MAC address information for all VLANs by using the following command: show vlan manual-edit-mac
--End--
Viewing VLAN IGMP information using the NNCLI

View Internet Group Multicast Protocol (IGMP) information for all VLANs or a specific VLAN by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View IGMP information for all VLANs or a specific VLAN by using the following command: show ip igmp interface vlan <vid> <vid> identifies the VLAN. Values range from 1 to 4000. The default VLAN ID is 1.
--End--
131
Viewing VLAN autolearn information using the NNCLI

View MAC information automatically learned by the switch for all VLANs by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View MAC information automatically learned by the switch for all VLANs by using the following command: show vlan autolearn-mac
--End--
Viewing the PID range for a user-dened VLAN using the NNCLI
View the PID range for user-defined VLANs by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the PID range for user-defined VLANs by using the following command: show vlan userdefined-advance
--End--
132
133
Spanning Tree conguration using Device Manager

This chapter describes how to create, manage, and monitor Spanning Tree Groups (STG) and how to configure Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) using the Device Manager. For more information about statistics, see Nortel Ethernet Routing Switch 8300 Performance Management (NN46200-705) .
ATTENTION
If you disable the Spanning Tree Protocol, it can reduce CPU overhead slightly. However, unless you use the switch in a simple network with little possibility of loops, Nortel recommends that you leave the Spanning Tree Protocol enabled.
Navigation
Configuring the STP mode using Device Manager (page 133) Configuring Spanning Tree Groups using Device Manager (page 136) RSTP Configuration using Device Manager (page 148) MSTP configuration using Device Manager (page 154)
Conguring the STP mode using Device Manager

Configure STP mode to set the spanning tree mode for the switch to Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree Protocol (RSTP), or the default mode by performing this procedure. The default mode is legacy STP.
134
ATTENTION
After you change the switch STP mode, you must save the switch boot configuration file and restart the switch. Procedure steps
Step 1 2 3
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, Globals. In the SpanningTreeAdminMode section, select a spanning tree mode. Click Apply. The system notifies you that the setting takes effect after save and restart.
4 5 6 7 8 9
Click Close. From the Device Manager menu bar, choose Edit, Chassis. In the Action section, click the saveBootConfig button. Click Apply. In the Action section, click the hardReset button. Click Apply.
ATTENTION
You must wait for the switch reboot process to complete before you continue with the next step.
10
From the Device Manager menu bar, choose Device, Rediscover Device. OR From the Device Manager menu bar, choose Device, Open.
11
If you selected Device, Open in step 10, click the Open button in the Open Device dialog box.
--End--
Variable denitions
Use the data in this table to configure the switch spanning tree mode.
Variable nortelStpg Value Specifies the default legacy spanning tree mode.
Configuring STP BPDU Filtering using Device Manager
135
Variable mstp rstp
Value Specifies MSTP, spanning tree mode. Specifies RSTP, spanning tree mode.
Conguring STP BPDU Filtering using Device Manager

Configure STP BPDU Filtering to enable and manage STP BPDU Filtering on a port or group of ports by performing this procedure.
Procedure steps
Step 1 Action From the Device View, select a port. To select multiple ports, hold down the Ctrl key, and then click the required ports. 2 3 4 5 From the Device Manager menu bar, choose Edit, Port. Click the STP BPDU-Filtering tab. In the STP BPDU-Filtering dialog box, configure STP BPDU-Filtering parameters as required. Click Apply.
--End--
Variable denitions
Use the data in this table to help you configure STP BPDU Filtering.
Variable AdminEnabled OperEnabled Value Enables or disables BPDU filtering on the port or ports. Indicates the current operational status of BPDU filtering on the port or ports. Values are true (enabled) or false (disabled). Specifies the time (in 1/100 seconds) duration the port remains disabled after it receives a BPDU. The port timer is disabled if this value is set to 0. The default value is 12000 (120 seconds). Displays the time remaining for the port to stay in the disabled state after receiving a BPDU.
Timeout
TimerCount
136
Conguring Spanning Tree Groups using Device Manager

Configure Spanning Tree Groups to create a collection of ports that belong to the same STP instance.
ATTENTION
To configure STG, you must set the spanning tree mode for the switch to legacy STP. For more information, see Configuring the STP mode using Device Manager (page 133).
Conguring Spanning Tree Groups using Device Manager navigation
Configuring STG global settings using Device Manager (page 136) Creating an STG using Device Manager (page 137) Editing an STG using Device Manager (page 139) Deleting an STG using Device Manager (page 140) Adding ports to an STG using Device Manager (page 141) Viewing STG status using Device Manager (page 141) Enabling or disabling STG on a port using Device Manager (page 143) Viewing STG ports using Device Manager (page 144) Configuring topology change detection using Device Manager (page 147)
Conguring STG global settings using Device Manager

When you create an STG, the switch assigns a default global MAC address that sends bridge protocol data units (BPDUs). Configure STG global settings if you want to replace the default global MAC address and to identify the mask for the MAC address by performing this procedure. Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using Device Manager (page 133).
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG . The STG dialog box appears with the Globals tab selected. In the BpduStartMacAddress box, enter a MAC address.
Configuring Spanning Tree Groups using Device Manager
137
3 4
In the BpduMacAddressMask box, identify the mask for the MAC address. Click Apply.
--End--
Creating an STG using Device Manager

Create an STG to assign ports to an instance of spanning tree by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG . The STG dialog box appears with the Globals tab selected. Click the Configuration tab. The STG configuration dialog box appears. Click Insert. The STG, Insert Configuration dialog box appears. Use the boxes in the STG, Insert Configuration dialog box to configure the STG. In the PortMembers box, click the ellipsis (...). The StgPortMembers dialog box appears. Click the ports you want to add to the STG. Click OK. The StgPortMembers dialog box closes and the ports appear in the PortMembers box in the STG, Insert Configuration dialog box.
2 3 4 5 6 7
Click Insert. The STG, Insert Configuration dialog box closes, and the STG appears in the Configuration dialog box.
138
Click Apply.
--End--
Use the data in the following table to create an STG.
Variable Id Value The ID number for the STG. The STG ID and TaggedBpduVlanId must be unique in the STG table. If you change the STG ID without updating TaggedBpduVlanId, the insertion can fail because of a duplicate TaggedBpduVlanId. Type Priority Specifies the type of STG. Assigns the STP bridge priority, which ranges from 0 (highest priority) to 65535 (lowest priority). The default is 32768. The value (in hundredths of a second) that all bridges use for MaxAge when this bridge acts as the root. The 802.1D-1990 standard specifies that the BridgeMaxAge range relates to the value of dot1dStpBridgeHelloTime. The default is 2000 (20 seconds) BridgeHelloTime The value (in hundredths of a second) that all bridges use for HelloTime when this bridge acts as the root. The IEEE 802.1D-1990 standard specifies the granularity of this timer as to be in increments of 1/100 of a second. The default is 200 (2 seconds). The value (in hundredths of a second) that all bridges use for Forward Delay when this bridge acts as the root. The default is 1500 (15 seconds). Enables (check box selected) or disables (check box cleared) the spanning tree protocol (STP) algorithm for the STG. Enables SNMP traps to be sent to the trace receiver each time an STP topology occurs (check box selected).
BridgeMaxAge
BridgeForwardDelay
EnableSTP
StpTrapEnable
139
Variable TaggedBpduAddress
Value Represents a MAC address used specifically for tagged BPDUs. Assigned by the system. Represents the VLAN tag associated with the STG. The system uses this ID to tag BPDUs through a non-IEEE tagging bridge to another Ethernet Routing Switch 8000 Series. By default, the TaggedBpduVlanId is an address calculated by Device Manager based on the STG ID. Accepting the default value calculated by Device Manager allows for easier coordination among STGs across multiple switches. If you enter a custom value for this field, you must manually coordinate it across all switches. The STG ID and TaggedBpduVlanId must be unique in the STG table. If you change the STG ID without updating TaggedBpduVlanId, the insertion can fail because of a duplicate TaggedBpduVlanId.
TaggedBpduVlanId
PortMembers
The ports you want to become members of the new STG. You cannot select ports if configured as members of another STG.
NtStgEnable
Defines whether this STG is operating in Nortel mode or in Cisco mode: trueNortel mode
falseCisco mode
For information about editing an STG, see Editing an STG using Device Manager (page 139). For information about deleting an STG, see Deleting an STG using Device Manager (page 140). For information about adding ports to an STG, see Adding ports to an STG using Device Manager (page 141).
Editing an STG using Device Manager

Edit an STG to change the current configuration of the STG by performing this procedure.
140
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG . The STG dialog box appears with the Globals tab selected. Click the Configuration tab. The STG configuration dialog box appears. Double-click the box that you want to edit. The box becomes editable. Enter a new value in the box, or select a new setting from the list. Click Apply.
--End--
2 3 4 5
Deleting an STG using Device Manager

Delete an STG to remove the STG from your network by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG. The STG dialog box appears with the Globals tab selected. Click the Configuration tab. The Configuration tab appears. Select the STG that you want to delete.
2 3
141
You must delete all VLANs from an STG before you can remove it. 4 Click Delete. You cannot delete STG 1, the default STG.
--End--
Adding ports to an STG using Device Manager

Add ports to an existing STG by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG. The STG dialog box appears with the Globals tab selected. Click the Configuration tab. The STG configuration dialog box appears. Double-click the PortMembers box for the STG to which you want to add ports. The STGPortMembers dialog box appears indicating the port members assigned to this STG.
2 3
4 5
Click the ports you want to add to the STG. Click OK. The StgPortMembers dialog box closes, and the ports appear in the PortMembers box in the STG configuration dialog box.
Click Apply.
--End--
Viewing STG status using Device Manager

View the spanning tree state for each STG associated with the network by performing this procedure.
142
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG . The STG dialog box appears with the Globals tab selected. Click the Status tab. The Status tab appears, which displays the spanning tree state for each STG associated with the network.
--End--
Use the data in the following table to view the spanning tree state for each STG.
Variable Id Value The ID number for the STG. The STG ID and TaggedBpduVlanId must be unique in the STG table. If you change the STG ID without updating TaggedBpduVlanId, the insertion can fail because of a duplicate TaggedBpduVlanId. BridgeAddress NumPorts ProtocolSpecification TimeSinceTopologyC hange TopChanges The MAC address used by this bridge when it must be referred to in a unique fashion. The number of ports controlled by this bridging entity. Indicates the version of the STP in use. The IEEE 802.1d implementations return ieee8021d. Indicates the time (in hundredths of a second) since the last topology change was detected by the bridge entity or STG. A bridge sends a topology change trap when either of its configured ports transitions from the Learning state to the Forwarding state, or from the Forwarding state to the Blocking state. The bridge does not send a trap if a new root trap is sent for the same transition. Implementation of this trap is optional.
143
Variable DesignatedRoot
Value The bridge identifier of the root of the spanning tree as determined by the STP. This value is used as the Root Identifier parameter in all configuration BPDUs originated by this node. The cost of the path to the root as seen from this bridge. The port number that offers the lowest cost path from this bridge to the root bridge. The maximum age of STP information learned from the network on a port before the system discards it (in units of hundredths of a second). The actual value that this bridge currently uses. The amount of time (in hundredths of a second) between transmission of configuration BPDUs by this node on a port when it is the root of the spanning tree. The default value is 200 (2 seconds). The time interval (in hundredths of a second), during which no more than two configuration BPDUs are transmitted by this node. The default value is 100 (1 second). The time interval (in hundredths of a second) that controls how fast a port changes its spanning state (when moving toward the Forwarding state). The value determines how long the port stays in each of the Listening and Learning states, which precede the Forwarding state. This value is also used when a topology change occurs, to age all dynamic entries in the forwarding database. The bridge uses this value, unless it becomes the root and; therefore, uses rcStgBridgeForwardDelay. The default value is 1500 (15 seconds).
RootCost RootPort MaxAge
HelloTime
HoldTime
ForwardDelay
Enabling or disabling STG on a port using Device Manager

Enable or disable STP on a specific port by performing this procedure.
144
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG. The STG dialog box appears with the Globals tab selected. Click the Ports tab. The STG Ports dialog box appears. In the Port box, locate the port you want to enable or disable. Double-click the EnableStp box for the port you want to enable or disable. To enable STP on the port, select true in the list. OR To disable STP on the port, select false in the list.
2 3 4 5
Click Apply.
--End--
For information about viewing STG ports, see Viewing STG ports using Device Manager (page 144). For information about configuring topology change detection, see Configuring topology change detection using Device Manager (page 147).
Viewing STG ports using Device Manager

View the status of ports for each STG in the network by performing this procedure.
145
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG . The STG dialog box appears with the Globals tab selected. Click the Ports tab. The STG ports dialog box appears, which displays the status of ports for each STG in the network.
--End--
Use the data in the following table to view the status of ports for each STG in the network.
Variable ChangeDetection Value The change detection setting (true or false) for this port. You can configure this value on access ports only. If you enable change detection on an MLT with access ports, the setting automatically applies to all ports in the MLT. The Bridge Identifier of Designated Bridge for this segment, according to the port. The path cost of the Designated Port of the segment connected to this port. This value compares to the Root Path Cost field in received BPDUs. The Port Identifier Designated Bridge port for this segment. The unique Bridge Identifier of the bridge recorded as the root in the configuration BPDUs. The Designated Bridge transmits the configuration BPDUs for the segment attached to the port.
DesignatedBridge DesignatedCost
DesignatedPort DesignatedRoot
146
Variable EnableStp
Value The STP state of the port.

FastStart
EnabledBPDUs processed in accordance with STP. DisabledThe port stays in a forwarding state it drops and does not process received BPDUs.
When you configure this flag, the enabled port moves to the forwarding (5) state.
true (enables FastStart for the port) false (default, disables FastStart for the port)
This setting does not adhere to the specifications in the IEEE 802.1D standard for STP, in which a port enters the blocking state following the initialization of the bridging device or from the disabled state when you enable the port through configuration. ForwardTransitions The number of times this port transitioned from the Learning state to the Forwarding state. The contribution of this port to the path cost of paths toward the spanning tree root that includes this port. The 802.1D-1990 protocol recommends that the default value of this parameter be in inverse proportion to the speed of the attached LAN. The port number for which this entry contains STP management information. The value of the priority field in the first octet of the Port ID. The value of rcStgPort defines the second octet of the Port ID (the Port ID includes only two octets). Although port priority values range from 0255, the Ethernet Routing Switch 8300 uses only the following values: 0, 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, and 240. The default value is 128.
PathCost
Port Priority
147
Variable State
Value The current state of the port as defined by the application of the STP:
disabled (1) blocking (2) listening (3) learning (4) forwarding (5) broken (6)
This state controls what action a port takes on reception of the frame. For example, if the bridge detects a malfunctioning port, it places that port into the broken (6) state. StgId The STG identifier assigned to this port.
Conguring topology change detection using Device Manager

Configure STP topology change detection to enable (default) or disable the topology change detection feature by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, STG. The STG dialog box appears with the Globals tab selected. Click the Ports tab. The STG Ports dialog box appears. Double-click the ChangeDetection box for the desired port. To enable change detection on the port, select true in the list. OR To disable change detection on the port, select false in the list.
2 3 4
148
Click Apply.
--End--
RSTP Conguration using Device Manager

Configure Rapid Spanning Tree Protocol (RSTP) to reduce the recovery time after a network breakdown.
ATTENTION
Before you configure RSTP, the spanning tree mode for the switch must be set to RSTP. For more information, see Configuring the STP mode using Device Manager (page 133).
RSTP conguration using Device Manager navigation
Configuring global RSTP using Device Manager (page 148) Configuring port RSTP parameters using Device Manager (page 150) Viewing port RSTP status using Device Manager (page 153)
Conguring global RSTP using Device Manager

Configure global RSTP parameters to set RSTP feature parameter values for the switch by performing this procedure. Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using Device Manager (page 133).
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, RSTP. The RSTP, Globals dialog box appears. Configure RSTP parameters as required. Click Apply.
--End--
2 3
Use the data in this table to help you configure global RSTP.
RSTP Configuration using Device Manager
149
Variable PathCostDefault TxHoldCount
Value Assigns the RSTP default pathcost type. The default is 32 bits. Assigns the RSTP Transmit Hold Count from 1 to 10. The default value is 3. Assigns the port in the RSTP- or STP-compatible mode; that is, whether the port transmits RSTP BPDUs or Config/TCN BPDUs. Enables spanning tree protocol in this STG. Assigns the RSTP bridge priority in a range of 0 to 61440 in steps of 4096. Assigns the RSTP maximum age time for the bridge from 600 to 4000 one hundredths of a second. Assigns the RSTP hello time delay for the bridge from 100 to 1000 one hundredths of a second. Assigns the RSTP forward delay for the bridge from 400 to 3000 one hundredths of a second. Indicates the unique bridge identifier of the bridge recorded as the root in the configuration BPDUs transmitted by the designated bridge for the segment to which the port is attached. Indicates the cost of the path to the root from this bridge. Indicates the port number of the port which offers the lowest cost path from this bridge to the root bridge. Indicates the maximum age of Spanning Tree Protocol information, in one hundredths of a second, learned from the network on a port before the port is discarded. Indicates the amount of time, in one hundredths of a second, between the transmission of configuration bridge PDUs by this node on a port when it is the root of the spanning tree (or trying to become the root).
Version
EnableStp Priority BridgeMaxAge
BridgeHelloTime
BridgeForwardDelay
DesignatedRoot
RootCost RootPort
MaxAge
HelloTime
150
Variable ForwardDelay
Value Indicates this time value, measured in ihundredths of a second, controls how fast a port changes its spanning state when moving towards the forwarding state. The value determines how long the port stays in each of the listening and learning states, which precede the forwarding state. This value is also used when a topology change is detected, and is underway, to age all dynamic entries in the forwarding database. Indicates the number of times the RSTP module is enabled. A trap is generated on the occurrence of this event. Indicates the number of times the RSTP module is disabled. A trap is generated on the occurrence of this event. Indicates the number of times this bridge detects a root identifier change. A trap is generated on the occurrence of this event. Indicates the time, in one hundredths of a second, since the TcWhile Timer for a port in this bridge was nonzero for Common Spanning Tree. Indicates the number of times that there was at least one nonzero TcWhile Timer on this bridge for Common Spanning Tree.
RstpUpCount
RstpDownCount
NewRootIdCount
TimeSinceTopologyChange
TopChanges
Conguring port RSTP parameters using Device Manager

Configure port RSTP parameters to set RSTP feature parameter values for a specific port by performing this procedure.
151
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, RSTP. The RSTP, Globals dialog box appears. Click the RSTP Ports tab. The RSTP Ports dialog box appears with RSTP information for all switch interfaces displayed.
3 4
Double-click a box in an active field to configure port RSTP. Click Apply.

--End--
Use the data in this table to help you configure port RSTP parameters.
Variable Port Priority Value Indicates the interface slot and port number. Assigns the Ethernet RSTP priority parameter for the port. The priority ranges in the range of 0 to 240 in steps of 16 (0, 16, 32, ... , 240). Assigns the RSTP path cost parameter for the port in the range of 1 to 200000000. When operating in RSTP mode, writing true to this object forces this port to transmit RSTP BPDUs. Any other operation on this object has no effect, and RSTP mode returns false when read. Assigns the administrative value of the Edge Port parameter. A value of true indicates that this port is an edge-port, and a value of false indicates that this port is a nonedge-port.
PathCost
ProtocolMigration
AdminEdgePort
152
Variable OperEdgePort
Value Indicates the operational value of the Edge Port parameter. The object is initialized to the value of AdminEdgePort and is set to false on reception of a BPDU. Assigns the administrative point-to-point status of the LAN segment attached to this port. A value of forceTrue indicates that this port is treated as if it is connected to a point-to-point link. A value of forceFalse indicates that this port is treated as having a shared media connection. A value of auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full-duplex operation, either through autonegotiation or by management means. Indicates the operational point-to-point status of the LAN segment attached to this port. It indicates whether a port is considered to have a point-to-point connection or not. The value is determined by management or by autodetection as described in the AdminPointToPoint object. Enables or disables STP in this STG. trueenables STP
AdminPointToPoint
OperPointToPoint
EnableStp
DesignatedRoot
falsedisables STP
Indicates the unique bridge identifier of the bridge recorded as the root in the configuration BPDUs transmitted by the designated bridge for the segment to which the port is attached. Indicates the path cost of the designated port of the segment connected to this port. This value is compared to the Root Path Cost field in received bridge PDUs. Indicates the unique bridge identifier of the bridge which this port considers to be the Designated Bridge for the port segment.
DesignatedCost
DesignatedBridge
153
Variable DesignatedPort
Value Indicates the port identifier of the port on the designated bridge for this port segment. Indicates the number of times this port transitions to the forwarding state for this specific instance.
ForwardTransitions
Viewing port RSTP status using Device Manager

View RSTP port status to determine the status of port RSTP parameters by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, RSTP. The RSTP, Globals dialog box appears. Click the RSTP Status tab. The RSTP Status dialog box appears displaying the RSTP port status.
--End--
Use the data in this table to help you view RSTP port status.
Variable Port State Value Indicates the interface slot and port number. Indicates the current state of the port as defined by application of the Spanning Tree Protocol. This state controls what action a port takes on reception of a frame. Indicates the current port role assumed by this port.
Role
154
Variable OperVersion
Value Indicates whether the port is operationally in the RSTP- or STP-compatible mode; that is, whether the port transmits RSTP BPDUs or Config/TCN BPDUs. Indicates the effective operational state of the port: truethe specified port state is enabled
EffectivePortState
MSTP conguration using Device Manager
falsethe specified port state is disabled
This section describes how to configure Multiple Spanning Tree Protocol (MSTP) and multiple instances of MSTP on the same switch.
ATTENTION
Before you configure MSTP, the spanning tree mode for the switch must be set to MSTP. For more information, see Configuring the STP mode using Device Manager (page 133).
Multiple spanning tree protocol conguration navigation
Configuring global MSTP parameters using Device Manager (page 154) Configuring port CIST for MSTP using Device Manager (page 158) Configuring MSTI bridges for MSTP using Device Manager (page 161) Configuring MSTI ports for MSTP using Device Manager (page 162)
Conguring global MSTP parameters using Device Manager

Configure global MSTP to set MSTP parameters for the switch by performing this procedure.
ATTENTION
Interface level configuration overrides global configuration.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using Device Manager (page 133).
MSTP configuration using Device Manager Procedure steps
155
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, MSTP. The MSTP, Globals dialog box appears.
2 3
Configure MSTP as required. Click Apply.

--End--
Use the data in this table to help you configure global MSTP parameters.
Variable PathCostDefaultType TxHoldCount Value Assigns the MSTP default pathcost type. The default is 32 bits. Assigns the MSTP Transmit Hold Count from 1 to 10. The default value is 3. Indicates the maximum hop count. The range is 100 to 4000 one hundredths of a second in steps of 100 one hundredths. Indicates the maximum number of spanning tree instances supported. Indicates the number of times the MSTP module is enabled. Indicates the number of times the MSTP module is disabled. Specifies the version of Spanning Tree Protocol that the bridge currently runs. stpCompatibleSpanning Tree Protocol
MaxHopCount
NoOfInstancesSupported MstpUpCount MstpDownCount ForceProtocolVersion
rstpRapid Spanning Tree Protocol as specified mstpMultiple Spanning Tree Protocol
156
Variable BrgAddress
Value Indicates the MAC address the bridge uses to be referred to in a unique fashion.
ATTENTION
Nortel recommends that this is the numerically smallest MAC address of all ports that belong to this bridge. Root Indicates the root bridge identifier determined by the STP. This value is used as the CIST root identifier parameter in all configuration bridge PDUs originated by this node. Indicates the root bridge identifier of the multiple spanning tree region determined by the STP. This value is the common and internal spanning tree (CIST) regional root identifier parameter in all configuration bridge PDUs originated by this node. Indicates the cost of the path to the CIST root from this bridge. Indicates the cost of the path to the CIST regional root from this bridge. Indicates the port number of the port which offers the lowest path cost from this bridge to the CIST root bridge. Specifies the value of the writable portion of the bridge identifier comprising the first two octets. You must type a value in the range of 0 to 61440, in steps of 4096. Specifies the value that all bridges use for MaxAge when this bridge acts as the root. The range is 600 to 4000 one hundredths of a second in steps of 100 one hundredths. The default is 2000. Specifies the value that all bridges use for forward delay when this bridge acts as the root. The range is 400 to 3000 one hundredths of a second in steps of 100 one hundredths of a second. This parameter is related to the value of BridgeMaxAge. The default is 1500.
RegionalRoot
RootCost RegionalRootCost RootPort
BridgePriority
BridgeMaxAge
BridgeForwardDelay
MSTP configuration using Device Manager
157
Variable HoldTime
Value Indicates the interval, in one hundredths of a second, during which no more than two configuration bridge PDUs can be transmitted by this node. Indicates the maximum age of Spanning Tree Protocol information, in one hundredths of a second, learned from the network on a port before the port is discarded. Indicates the length of time, in one hundredths of a second, a port stays in a particular state before moving to the next state. Indicates the time, in one hundredths of a second, since a topology change has occurred. Indicates the number of topology changes that have occurred. Indicates the number of times this bridge detects a root bridge change for Common Spanning Tree. A trap is generated on the occurrence of this event. Specifies the name for the region configuration. By default, the region name is equal to the bridge MAC Address. Specifies the version of the MST region. The range is 0 to 65535. Specifies the configuration identifier format selector used by the bridge. This has a fixed value of 0 to indicate RegionName. RegionVersions are specified as in the standard. Indicates the configured MD5 digest value for this region, which must be 16 octets long. Indicates the number of times a region configuration identifier change is detected. A trap is generated on the occurrence of this event.
MaxAge
ForwardDelay
TopChanges NewRootBridgeCount
RegionName
RegionVersion ConfigIdSel
ConfigDigest
RegionConfigChange Count
158
Conguring port CIST for MSTP using Device Manager

Configure Common and Internal Spanning Tree (CIST) ports to configure ports for MSTP by performing this procedure. Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, MSTP. The MSTP, Globals dialog box appears. Click the CIST Port tab. The MSTP, CIST Port dialog box appears.
ATTENTION
The MSTP, CIST Port dialog box displays information for each port that is common to all bridge and spanning tree instances.
3 4
Double-click a box in an active field to configure the MSTP CIST port. Click Apply.
--End--
Use the data in this table to help you configure port CIST for MSTP.
Variable Port PathCost Value Indicates the interface slot and port number. Specifies the CIST path cost parameter for the port in the range of 1 to 200000000. Specifies the CIST priority parameter for the port. The priority ranges in the range of 0 to 240 in steps of 16 (0, 16, 32, ... , 240).
Priority
159
Variable DesignatedRoot
Value Indicates the unique bridge identifier of the bridge recorded as the CIST root in the configuration BPDUs transmitted. Indicates the path cost of the designated port of the segment connected to this port. Indicates the unique bridge identifier of the bridge which this port considers to be the designated bridge for the port segment. Indicates the port identifier of the port on the designated bridge for this port segment. Indicates the unique bridge identifier for the bridge recorded as the CIST regional root identifier in the configuration BPDUs transmitted. Indicates the contribution of this port to the path cost of paths towards the CIST regional root, that include this port. Specifies the protocol migration state of this port. When operating in RSTP or MSTP mode, writing true to this object forces this port to transmit MSTP BPDUs without instance information. Any other operation on this object has no effect, and it returns false when read. Specifies the administrative value of the Edge Port parameter. A value of true indicates that this port is an edge-port, and a value of false indicates that this port is a nonedge-port. Indicates the operational value of the Edge Port parameter. OperEdgeStatus is initialized to the value of AdminEdgeStatus and is set to false when a BPDU is received.
DesignatedCost
DesignatedBridge
DesignatedPort
RegionalRoot
RegionalPathCost
ProtocolMigration
AdminEdgeStatus
OperEdgeStatus
160
Variable AdminP2P
Value Specifies the administrative point-to-point status of the LAN segment attached to this port. forceFalse indicates that this port is treated as having a shared media connection
forceTrue indicates that this port is treated as if it connects to a point-to-point link auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full-duplex operation (either through autonegotation or by management)
OperP2P
Indicates the operational point-to-point status of the LAN segment attached to this port. OperP2P indicates if a port has a point-to-point connection. The value is determined by management or by auto detection. Specifies the amount of time, in one hundredths of a second, between the transmission of configuration bridge PDUs by this node on this port. Indicates whether the port is operationally MSTP, RSTP, or the STP-compatible mode; that is, whether the port transmits MST BPDUs, RST BPDUs, or Config/TCN BPDUs. Indicates the effective operational state of the port for CIST. EffectivePortState is true only when the port is operationally UP at the interface and protocol levels for CIST. This EffectivePortState is set to false for all other conditions. Indicates the current state of the port as defined by the common spanning tree protocol. The state is disabled, discarding, learning, or forwarding.
HelloTime
OperVersion
EffectivePortState
State
161
Variable ForcePortState
Value Specifies the current state of the port. You can change the port to either disabled or enabled for the base spanning tree instance. Indicates the selected port role of the port for this spanning tree instance. Indicates the current port role of the port for this spanning tree instance.
SelectedPortRole CurrentPortRole
Conguring MSTI bridges for MSTP using Device Manager

Configure Multiple Spanning Tree Instance (MSTI) bridges for MSTP bridge to determine the MSTP actions that occur for the bridge by performing this procedure.
ATTENTION
The switch generates the MSTI bridge instances after the system creates a VLAN in MSTP mode.
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, MSTP. The MSTP, Globals dialog box appears. Click the MSTI Bridges tab. The MSTP, MSTI Bridges dialog box appears Double-click a box in an active field to configure the MSTP bridge. Click Apply.
--End--
2 3 4
Use the data in this table to help you configure MSTI bridges for MSTP.
162
Variable Instance RegionalRoot
Value Indicates the Multiple Spanning Tree Instance (MSTI) number. Indicates the MSTI regional root identifier value for the MSTP instance. This value is the MSTI regional root identifier parameter in all configuration bridge PDUs originated by this node. Specifies the MSTI priority parameter for the bridge. The values that you set for bridge priority must be in steps of 4096. The range is 0 to 61440. Indicates the cost of the path to the MSTI regional root bridge as seen by this bridge. Indicates the port number of the port that offers the lowest path cost from this bridge to the MSTI regional root bridge. Indicates the time, in one hundredths of a second, since the bridge last detected a topology change. Indicates the total number of topology changes detected by the bridge since the bridge was last reset or initialized. Indicates the number of times the bridge detects a root bridge change for this spanning tree instance. Indicates the number of times a new spanning tree instance is created. Indicates the number of times a spanning tree instance is deleted.
Priority
RootCost
RootPort
TopChanges
NewRootCount
InstanceUpcount InstanceDownCount
Conguring MSTI ports for MSTP using Device Manager

Configure MSTI ports to determine the MSTP actions that occur for the port by performing this procedure.
163
Prerequisites
Procedure steps
Step 1
Action From the Device Manager menu bar, choose VLAN, Spanning Tree, MSTP. The MSTP dialog box appears. Click the MSTI Port tab. The MSTI Port dialog box appears.
ATTENTION
Port members selected on the VLAN, Basic tab appear in the MSTI Port dialog box.
3 4
Double-click a box in an active field to configure a port for MSTP. Click Apply.
--End--
Use the data in this table to help you configure MSTI ports for MSTP.
Variable Port BridgeInstance PathCost Value Indicates the interface slot and port number. Indicates the MSTI bridge instance associated with a specific port. Specifies the contribution of this port to the path cost of paths towards the MSTI root that includes this port. The range is 1 to 200000000. Specifies the MSTI priority parameter for the port. The values set for port priority must be in steps of 16. The range is 0 to 240. Indicates the unique bridge identifier of the bridge recorded as the MSTI regional root in the configuration BPDUs transmitted.
Priority
DesignatedRoot
164
Variable DesignatedBridge
Value Indicates the unique bridge identifier of the bridge which this port considers to be the designated bridge for the port segment. Indicates the port identifier of the port on the designated bridge for this port segment. Indicates the current state of the port as defined by the MSTP. A port which is in forwarding state in one instance can be in discarding (blocking) state in another instance. Assigns the state of the port to disabled or enabled for the specific spanning tree instance. Indicates the path cost of the designated port of the segment connected to this port. Indicates the current role of the port for this spanning tree instance. Indicates the effective operational state of the port for a specific instance. The value is set to true when the port is operationally up at the interface and protocol levels for the specific instance. The value is set to false at all other times.
DesignatedPort
State
ForcePortState
DesignatedCost
CurrentPortRole EffectivePortState
165
Spanning Tree conguration using the CLI

This chapter describes how to create, manage, and monitor Spanning Tree Groups (STG) and how to configure Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) using the CLI. For more information about statistics, see Nortel Ethernet Routing Switch 8300 Performance Management (NN46200-705) .
ATTENTION
If you disable the Spanning Tree Protocol (STP), it can reduce CPU overhead slightly. However, unless you use the switch in a simple network with little possibility of loops, Nortel recommends that you leave the Spanning Tree Protocol enabled.
Navigation Job aid

The following table lists the CLI commands and their parameters that you use to complete the procedures in this section. Job aid (page 165) Configuring the STP mode using the CLI (page 169) STG configuration using the CLI (page 171) RSTP configuration using the CLI (page 184) MSTP configuration using the CLI (page 189)
166
Table 10 Roadmap of STG CLI commands Command config bootconfig flags spanning-tre e-mode Parameter default mstp rstp config ethernet <port> [bpdu-filter <enable|disable>] [<seconds>] config ethernet <portlist> mstp cist edge-port<true|false> forceportstate <enable|disable> hello-time <timeval> info p2p <forcetrue|forcefalse|auto> protocol-migration <true|false> priority <timeval> pathcost <intval> config ethernet <portlist> mstp msti <instid> forceportstate <enable|disable> info priority <intval> pathcost <intval> config ethernet <port> stg info faststart <enable|disable> change-detection <enable|disable>cha nge-detection <enable|disable> pathcost <intval> priority <intval> stp <enable|disable> config ethernet <port> stg <sid> change-detection <enable|disable> config mstp hopcount <number> info pathcost-type <16-bit|32-bit> tx-holdcount <number>
Job aid
167
Table 10 Roadmap of STG CLI commands (contd.) Command config mstp cist Parameter force-version <stp-compatible|rstp|m stp> forward-delay <number> info max-age <number> priority <number> config mstp msti <instid> info priority<number> config mstp region config-id-sel <number> info name <string> revision <number> config rstp force-version <stp-compatible|rstp> forward-delay <number> group-stp<enable|disable> hello-time<number> info max-age <number> pathcost-type <16-bit|32-bit> priority <number> tx-hold count <number> config ethernet <port> rstp edge-port<true|false> info p2p<forcetrue|forcefalse|auto> pathcost <intval> priority <intval> protocol-migration <true|false> stp <enable|disable>
168
Table 10 Roadmap of STG CLI commands (contd.) Command config stg <sid> Parameter add ports <value> create [<port>] [vlan <value>] [mac <value>] [ntstg <value>] delete forward-delay <timeval> group-stp <enable|disable> info hello-interval <timeval> max-age <timeval> priority <number> remove ports <value> trap-stp <enable|disable> show bpdu-filter <port> show mstp config show mstp instance <instid> show mstp status show ports info mstp cistinfo <port> cistrole <port> mstiinfo <port> mstirole <port> show ports info rstp config <port> role <port> status <port> show rstp config show rstp status show stg info config <sid> show stg info status <sid>
Configuring the STP mode using the CLI
169
Table 10 Roadmap of STG CLI commands (contd.) Command show ports info stg main <port> show ports info stg extended <port> Parameter
Conguring the STP mode using the CLI

Configure the STP mode to set the spanning tree mode for the switch to Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree Protocol (RSTP), or the default mode by performing this procedure. The default mode is legacy STP.
ATTENTION
When you change the switch STP mode, you must save the switch boot configuration and restart the switch.
Procedure steps
Step 1 2 3 Action Configure STP mode by using the following command: config bootconfig flags spanning-tree-mode Save the switch configuration file by using the following command: save bootconfig Restart the switch by using the following command: boot -y
ATTENTION
It can take several minutes for the switch restart process to complete.
--End--
Variable denitions
The following table defines optional parameters that you enter after the config bootconfig flags spanning-tree-mode command.
Variable default mstp rstp Value Specifies default spanning tree mode. Specifies MSTP, spanning tree mode. Specifies RSTP, spanning tree mode.
170
STP BPDU Filtering conguration using the CLI

This section describes how to configure Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) Filtering for a Spanning Tree Group (STG), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), using the command line interface (CLI).
STP BPDU Filtering conguration using the CLI navigation
Configuring STP BPDU Filtering using the CLI (page 170) Viewing STP BPDU Filtering status using the CLI (page 171)
Conguring STP BPDU Filtering using the CLI

Configure STP BPDU Filtering to enable and manage STP BPDU Filtering on a port or group of ports by performing this procedure.
Procedure steps
Step 1 Action Configure STP BPDU Filtering by using the following command: config [ethernet <port>] [bpdu-filter <enable|dis able>] [<seconds>]
--End--
The following table defines optional parameters that you enter with the config [ethernet <port>] [bpdu-filter <enable|disable>] [<seconds>] command.
Variable <enable|disable> <port> Value Enables or disables BPDU filtering on a port or group of ports. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}. Specifies the STP BPDU Filtering port timer timeout duration in seconds. Values can be 0 or range from 10 to 65535. With timeout value of 0 configured, the STP BPDU Filtering port timer timeout duration is infinite.
<seconds>
STG configuration using the CLI
171
Variable
Value The default STP BPDU Filtering port timer timeout value is 120 seconds.
Viewing STP BPDU Filtering status using the CLI

View port STP BPDU Filtering status to display STP BPDU Filtering status information for all ports, a specific port, or a group of ports by performing this procedure.
Procedure steps
Step 1 Action View STP BPDU Filtering status for all interface ports by using the following command: show bpdu-filter 2 View STP BPDU Filtering status for a specific port or a group of ports by using the following command: show bpdu-filter <port>
--End--
The following table defines optional parameters that you enter with the show bpdu-filter <port> commands.
Variable <port> Value Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
STG conguration using the CLI

Configure STGs to create a collection of ports that belong to the same STP instance.
ATTENTION
To configure STG, you must set the spanning tree mode for the switch to legacy STP. For more information, see Configuring the STP mode using the CLI (page 169).
172
STG conguration using the CLI navigation
Configuring STG global settings using the CLI (page 172) Creating an STG using the CLI (page 173) Configuring STG parameters using the CLI (page 174) Viewing STG configuration using the CLI (page 177) Viewing STG status using the CLI (page 177) Configuring STG port parameters using the CLI (page 179) Viewing general port STG information using the CLI (page 181) Viewing extended port STG information using the CLI (page 183) Configuring topology change detection using the CLI (page 184)
Conguring STG global settings using the CLI

When you create an STG, the switch assigns a default global MAC address that sends Bridge Protocol Data Units (BPDU). Configure STG global settings if you want to replace the default global MAC address and to identify the mask for the MAC address by performing this procedure.
Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using the CLI (page 169).
Procedure steps
Step 1 Action Change the default STG global MAC address and identify the mask by using the following command: config sys set bpdu-mac-address-range <starting-m ac-address> <Mask>
--End--
The following table defines variables in the config sys set bpdu-mac-address-range <starting-mac-address> <Mask> command.
173
Variable <Mask> <starting-mac-address>
Value Indicates the mask (148) for the MAC address, which sends BPDUs. Indicates the MAC (multicast) address, which sends BPDUs. The system assigns a default MAC address to an STG that you create to send BPDUs. To change the default MAC address, enter the MAC address of your choice as the <starting-mac-address> value.
Creating an STG using the CLI

Create an STG to assign ports to an instance of spanning tree by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Create a STG by using the following command: config stg <sid> create [<port>] [vlan <value>] [mac <value>] [ntstg <value>] <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines variables in the config stg <sid> create [<port>] [vlan <value>] [mac <value>] [ntstg <value>] command.
Variable [mac <value>] Value Specifies the tagged BPDU MAC address.
174
Variable [<port>]
Value Defines the ports to add to this STG, int the format: {slot/port[-slot/port][,...]}. You cannot add ports that belong to another STG or ports configured as tagging-disabled to the STG.
[vlan <value>]
Specifies the tagged BPDU VLAN ID. If a VLAN spans multiple switches, it must belong to the same STG across all switches. Defines whether this STG is operating in Nortel mode or in Cisco mode: enableNortel mode
[ntstg <value>]
disableCisco mode
Conguring STG parameters using the CLI

Configure parameters for a specified STG by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure an STG by using the following command: config stg <sid> <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the config stg <sid> command.
175
Variable add ports <value>
Value Adds ports to an STG.
Ports: Define the ports to add to this STG, in the format {slot/port[-slot/port][,...]}. You cannot add ports that belong to another STG or ports configured as tagging-disabled to the STG.
create [<port>] [vlan <value>] [mac <value>] [ntstg <value>]
Creates a new STG.
port: Define the ports to add to this STG, in the format {slot/port[-slot/port][,...]}. You cannot add ports that belong to another STG or ports configured as tagging-disabled to the STG. vlan: Specify the tagged BPDU VLAN ID. If a VLAN spans multiple switches, it must belong to the same STG across all switches. mac: Specify the tagged BPDU MAC address. ntstg: Specify whether this STG is operating in Nortel mode or in Cisco mode: enableNortel mode disableCisco mode
delete forward-delay <timeval>
Deletes the specified STG. Configures the bridge forward delay time, or the value in hundredths of a second that all bridges use for Forward Delay when this bridge acts as the root.
Timeval: Specify a value between 400 and 3000. The default is 1500 (15 seconds).
group-stp <enable|disabl e>
Enables or disables the STP on all ports in the specified STG.
176
Variable hello-interval <timeval>
Value Configures the bridge hello time in increments of 1/100 of a second. All bridges use this value for HelloTime when this bridge acts as the root. The IEEE 802.1D-1990 standard specifies the granularity of this timer.
info

max-age <timeval>
Sub-Context: The names of the directories for the next CLI command level. Current Context: The parameter settings for the configured STG.
Configures the bridge maximum age time, or the value in hundredths of a second that all bridges use for MaxAge when this bridge acts as the root. The 802.1D-1990 standard specifies that the BridgeMaxAge range relates to the value of dot1dStpBridgeHelloTime.
priority <number>
Assigns the STP bridge priority, in decimal.
Number: Specify a value between 0 (highest priority) and 65535 (lowest priority). The default is 32768.
remove ports <value>
Removes the specified ports from an STG.
Value: Define the ports to add to this STG, in the format {slot/port[-slot/port][,...]}.
177
Variable <sid> trap-stp <enable|disable >
Value Specifies an STG ID from 1 to 64. Enables or disables the sending of traps to a trace receiver. When enabled, the system sends SNMP traps to a trace receiver every time an STP topology occurs for the specified STG.
Viewing STG conguration using the CLI

View configuration information for a specific STG or all STGs in your network by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View STG configuration by using the following command: show stg info config
--End--
The following table defines optional parameters that you enter after the show stg info config command.
Variable <sid> Value Identifies the VLAN STG ID. Values range from 1 to 64.
Viewing STG status using the CLI

View the status of a specific STG or all STGs in your network by performing this procedure.
Prerequisites
178
Procedure steps
Step 1 Action View STG status by using the following command: show stg info status[<sid>] <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
Job aid
Use the data in the following table to understand field descriptions displayed with the show stg info status <sid> command.
Table 11 Job aid Field Bridge Address Designated Root Description The MAC address used by this bridge when it must be referred to in a unique fashion. The bridge identifier of the root of the spanning tree as determined by the STP as executed by this node. This value is used as the Root Identifier parameter in all Configuration Bridge PDUs originated by this node. The time interval in hundredths of a second that controls how fast a port changes its spanning state when it moves toward the Forwarding state. The value determines how long the port stays in each of the Listening and Learning states, which precede the Forwarding state. This value is also used when a topology change occurs, to age all dynamic entries in the forwarding database. The bridge uses this value, unless it becomes the root and; therefore, uses rcStgBridgeForwardDelay. The default value is 1500 (15 seconds). The amount of time in hundredths of a second between transmission of configuration BPDUs by this node on a port when it is the root of the spanning tree. The default value is 200 (2 seconds).
Forward Delay
Hello Time
179
Table 11 Job aid (contd.) Field Hold Time Description The time interval in hundredths of a second, during which no more than two Configuration bridge PDUs shall be transmitted by this node. The default value is 100 (1 second). The maximum age of Spanning Tree Protocol information learned from the network on a port before the system discards it. Max Age is in units of hundredths of a second and is the actual value that this bridge currently uses. The number of ports controlled by this bridging entity. An indication of what version of the Spanning Tree Protocol is running. The IEEE 802.1d implementations returns ieee8021d. The cost of the path to the root as seen from this bridge. The port number of the port that offers the lowest cost path from this bridge to the root bridge. A bridge sends a topology change trap when either of its configured ports transitions from the Learning state to the Forwarding state, or from the Forwarding state to the Blocking state. The bridge does not send a trap if a new root trap is sent for the same transition. Implementation of this trap is optional.
Max Age
Num Ports Protocol Specification
Root Cost Root Port
Top Changes
Conguring STG port parameters using the CLI

Configure STG parameters on an individual port or group of ports by performing this procedure.
ATTENTION
Ports must have tagging enabled to belong to multiple spanning tree groups. Nortel recommends that you enable FastStart as an alternative to disabling Spanning Tree Protocol on an individual port.
Prerequisites
180
Procedure steps
Step 1 Action Configure STG for a port by using the following command: config ethernet <port> stg <sid> <port> identifies the slot and port (slot/port). <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the config ethernet <port> stg <sid> command.
Variable change-detection <enable|disable> ethernet <port> faststart <enable|disable> Value Enables or disables topology change detection for the specified spanning tree. The default is enable. Defines the slot and port you want to configure for an STG. Enables or disables FastStart. After you enable FastStart, the port goes through the normal listening and learning states before forwarding, but the bridge hello timer (2 seconds by default) determines the hold time for these states instead of the bridge forward delay timer (15 seconds by default). Displays current settings for the port STG. Assigns the contribution of this port to the path cost. <intval> is the cost (1 to 65535). priority <intval> Assigns the priority of this port. <intval> is the priority (0 to 255). stp <enable|disable> Enables or disables the STP.
info pathcost <intval>
181
Viewing general port STG information using the CLI

View basic STG information for specific ports or all ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View basic port STG information by using the following command: show ports info stg main<port> <port> identifies the slot and port (slot/port).
--End--
Job aid
Use the data in the following table to understand field descriptions displayed with the show ports info stg main <port> command.
Table 12 Job aid Field CHANGE DETECTION Description The change detection setting (true or false) for this port. Can be configured only on Access ports. If you enable change detection on an MLT with access ports, the setting is automatically applied to all ports in the MLT. The STP state of the port.
ENABLE STP
EnabledBPDUs are processed in accordance with STP. DisabledThe port stays in a forwarding state, received BPDUs are dropped and not processed, and no BPDU is generated.
182
Table 12 Job aid (contd.) Field FASTSTART Description When this flag is set, the enabled port is moved straight to the Forwarding (5) state.
This setting does not adhere to the specifications in the IEEE 802.1D standard for Spanning Tree Protocol (STP), in which a port enters the blocking state following the initialization of the bridging device or from the disabled state, when you enable the port through configuration. FORWARD TRANSITIONS PATHCOST The number of times this port transitions from the Learning state to the Forwarding state. The contribution of this port to the path cost of paths toward the spanning tree root that includes this port. The 802.1D-1990 protocol recommends that the default value of this parameter be in inverse proportion to the speed of the attached LAN. The port number of the port for which this entry contains STP management information. The value of the priority field, which is included in the first octet of the (2 octet long) Port ID. The value of rcStgPort gives the other octet of the Port ID. The current state of port as defined by the application of the STP.
PORT_NUM PRIO
STATE
This state controls what action a port takes on reception of the frame. If the bridge detects a malfunctioning port, it places that port into the Broken (6) state. SID The STG identifier assigned to this port.
183
Viewing extended port STG information using the CLI

View additional STG information for a specific port or all ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View additional port STG information by using the following command: show ports info stg extended<port> <port> identifies the slot and port (slot/port).
--End--
Job aid
Use the data in the following table to understand field descriptions displayed with the show ports info stg extended <port> command.
Table 13 Job aid Field BRIDGE COST Description The Bridge Identifier of the bridge that this port uses as the Designated Bridge for this segment of this port. The path cost of the Designated Port of the segment connected to this port. This value compares to the Root Path Cost field in received bridge PDUs. The Port Identifier of the port on the Designated Bridge for the segment of this port. The port number of the port for which this entry contains Spanning Tree Protocol management information. The unique Bridge Identifier of the Bridge recorded as the root in the configuration BPDUs transmitted by the Designated Bridge for the segment, to which the port attaches. The STG identifier assigned to this port.
PORT PORT_NUM ROOT
SID
184
Conguring topology change detection using the CLI

Configure topology change detection to enable (default) or disable the topology change detection feature by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure topology change detection by using the following command: config ethernet <port> stg <sid> change-detection <enable|disable> <port> identifies the slot and port (slot/port). <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
ATTENTION
If you enable change detection on an MLT with access ports, the setting automatically applies to all ports in the MLT.
The following table defines variables in the config ethernet <port> stg <sid> change-detection <enable|disable> command.
Variable change-detection <enable|disable> Value Specifies whether to enable or disable topology change detection for the specified STG. The default is enabled.
RSTP conguration using the CLI

RSTP conguration using the CLI navigation
Configuring RSTP using the CLI (page 185) Viewing global RSTP configuration using the CLI (page 186) Viewing global RSTP status using the CLI (page 186)
RSTP configuration using the CLI
185
Configuring Ethernet RSTP parameters using the CLI (page 187) Viewing port RSTP configuration using the CLI (page 188) Viewing port RSTP status using the CLI (page 188) Viewing port RSTP role using the CLI (page 189)
Conguring RSTP using the CLI

Configure RSTP parameters to reduce recovery time after a network failure by performing this procedure.
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the CLI (page 169).
Procedure steps
Step 1 Action Configure the RSTP parameters by using the following command: config rstp
--End--
The following table defines optional parameters that you enter after theconfig rstp command.
Variable force-version <stp-compatible |rstp> Value Assigns the port in the RSTP- or STP-compatible mode; that is, whether the port transmits RSTP BPDUs or Config/TCN BPDUs. Assigns the RSTP forward delay for the bridge from 400 to 3000 one hundredths of a second. Enables or disables RSTP for a specific STG. Assigns the RSTP hello time delay for the bridge from 100 to 1000 one hundredths of a second.
forward-delay <number>
group-stp<enable|disable> hello-time<number>
186
Variable info max-age <number>
Value Shows current level parameter settings and next level directories. Assigns the RSTP maximum age time for the bridge from 600 to 4000 one hundredths of a second. Assigns the RSTP default pathcost version; The default is 32 bits. Assigns the RSTP bridge priority in a range of 0 to 61440 in steps of 4096. Assigns the RSTP Transmit Hold Count from 1 to 10. The default value is 3.
pathcost-type <16-bit|32-bit> priority <number> tx-holdcount <number>
Viewing global RSTP conguration using the CLI

View the global RSTP configuration information to display the RSTP configuration details for the switch by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the global RSTP configuration information by using the following command: show rstp config
--End--
Viewing global RSTP status using the CLI

View global RSTP status to display RSTP status information for the switch by performing this procedure.
Prerequisites
RSTP configuration using the CLI
187
Procedure steps
Step 1 Action View the RSTP status by using the following command: show rstp status
--End--
Conguring Ethernet RSTP parameters using the CLI

Configure Ethernet RSTP parameters to set RSTP parameters for the port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure Ethernet RSTP parameters by using the following command: config ethernet<port>rstp <port> identifies the slot and port (slot/port).
--End--
The following table defines optional parameters that you enter after the config ethernet<port>rstp command, where <port> specifies a port or list of ports. Use the {slot/port[-slot/port][,...]} format.
Variable edge-port <true|false> info p2p <forcetrue|forcefalse|au to> Value Assigns the RSTP edge-port parameter for the port. Shows current level parameter settings and next level directories. Assigns the Ethernet RSTP point-to-point parameter for the port.
188
Variable pathcost <intval>
Value Assigns the RSTP path cost parameter for the port in the range of 1 to 200000000. Assigns the Ethernet RSTP priority parameter for the port. The priority ranges in the range of 0 to 240 in steps of 16 (0, 16, 32, ... , 240). Assigns the Ethernet RSTP protocol-migration parameter for the port. Enables or disables STP on the port.
priority <intval>
protocol-migration <true|false> stp <enable|disable>
Viewing port RSTP conguration using the CLI

View the RSTP configuration information to display the RSTP configuration details for a single port or list of ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the RSTP configuration information by using the following command: show ports info rstp config <port> <port> identifies the slot and port (slot/port).
--End--
Viewing port RSTP status using the CLI

View the RSTP status for a port to display the RSTP related status information for a selected port by performing this procedure.
Prerequisites
MSTP configuration using the CLI
189
Procedure steps
Step 1 Action View the RSTP status for a port by using the following command: show ports info rstp status <ports> identifies the slot and port (slot/port).
--End--
Viewing port RSTP role using the CLI

View port RSTP role to display the RSTP role by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the RSTP role by using the following command: show ports info rstp role <port> <ports> identifies the slot and port (slot/port).
--End--
MSTP conguration using the CLI

This section describes how to configure Multiple Spanning Tree Protocol (MSTP) using the CLI.
ATTENTION
Before you configure MSTP, the spanning tree mode for the switch must be set to MSTP. For more information, see Configuring the STP mode using the CLI (page 169).
MSTP conguration using the CLI navigation
Configuring global MSTP parameters using the CLI (page 190) Configuring an MSTP region using the CLI (page 191) Viewing MSTP configuration using the CLI (page 191)
190
Configuring MSTP CIST using the CLI (page 192) Configuring MSTP MSTI using the CLI (page 193) Viewing MSTP instance information using the CLI (page 193) Configuring Ethernet MSTP CIST using the CLI (page 194) Configuring Ethernet MSTP MSTI using the CLI (page 195) Viewing MSTP port information using the CLI (page 196) Viewing MSTP status using the CLI (page 197)
Conguring global MSTP parameters using the CLI

Configure global MSTP to set MSTP parameters for the switch by performing this procedure.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using the CLI (page 169).
Procedure steps
Step 1 Action Configure MSTP by using the following command: config mstp
--End--
The following table defines optional parameters that you enter after the config mstp command.
Variable hop-count <number> Value Assigns the MSTP hop count. The range is 100 to 4000 one hundredths of a second. The default is 2000 one hundredths. Shows current switch MSTP parameter settings. Assigns the MSTP default path cost version. The default is 32 bits. Assigns the MSTP Transmit Hold Count. The range is 1 to 10. The default is 3.
info pathcost-type <16-bit|32-bit> tx-holdcount <number>
191
Conguring an MSTP region using the CLI

Configure an MSTP region to set the MSTP region parameters by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure an MSTP region by using the following command: config mstp region
--End--
The following table defines optional parameters that you enter after the config mstp region command.
Variable config-id-sel <number> Value Assigns the MSTP region configuration ID number: The range is 0 to 255. info name <string> Shows current region parameter settings. Assigns the MSTP region name. The character string can be a range of 1 to 32 characters. Assigns the MSTP region revision number. The revision number can be a range of 0 and 65535.
revision <number>
Viewing MSTP conguration using the CLI

View MSTP configuration to display the MSTP information for the switch by performing this procedure.
Prerequisites
192
Procedure steps
Step 1 Action View MSTP configurations by using the following command: show mstp config
--End--
Conguring MSTP CIST using the CLI

Configure MSTP Common and Internal Spanning Tree (CIST) to configure the MSTP CIST parameters by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure MSTP CIST by using the following command: config mstp cist
--End--
The following table defines optional parameters that you enter after the config mstp cist command.
Variable force-version <stp-compatib le|rstp|mstp> forward-delay <number> Value Assigns the CIST version. Assigns the CIST forward delay from 400 to 3000 one hundredths of a second. The default is 1500. Displays current CIST parameter settings.
info
193
Variable max-age <number>
Value Assigns the CIST maximum age time from 600 to 4000 one hundredths of a second for the bridge. The default is 2000. The step size is in one hundredths of a second. Assigns the CIST bridge priority number in a range of 0 to 61 440. The number must be a multiple of 4096. The default is 32768.
priority <number>
Conguring MSTP MSTI using the CLI

Configure MSTP multiple spanning tree instance (MSTI) to view or set the MSTP bridge priority number for the MSTI by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure MSTP MSTI by using the following command: config mstp msti <instid> <instid> identifies the instance ID. Values range from 1 to 63.
--End--
The following table defines optional parameters that you enter after the config mstp msti <instid> command.
Variable info priority<number> Value Displays current MSTI parameter settings. Assigns the MSTI bridge priority number in a range of 0 to 65 535. The number must be a multiple of 4096.
Viewing MSTP instance information using the CLI

View MSTP instance information to display MSTP instance status information by performing this procedure.
194
Prerequisites
Procedure steps
Step 1 Action View MSTP instance information by using the following command: show mstp instance <instid> <instid> identifies the instance ID. Values range from 1 to 63.
--End--
ATTENTION
If you attempt to use the show mstp instance <instid> command for a nonexistent mstp instance, the following error message appears: "printMstpCliInfoInst : nnMstBridgeTblGet FAILED"
Conguring Ethernet MSTP CIST using the CLI

Configure Ethernet MSTP CIST to set the MSTP CIST parameters for a port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure Ethernet MSTP CIST by using the following command: config ethernet <port> mstp cist <port> identifies the slot and port (slot/port).
--End--
The following table defines optional parameters that you enter after the config ethernet <port> mstp cist command.
195
Variable edge-port<true|false> forceportstate <enable|disab le> hello-time <timeval>
Value Assigns the MSTP edge-port parameter for the port. Assigns the state of the port STP to false (disabled) or true (enabled) for the CIST. Assigns the hello time for a port from 100 to 1000 one hundredths of a second. Shows current CIST parameter settings. Assigns the following Ethernet MSTP CIST point-to-point parameter for the port: forceFalse indicates that this port is treated as having a shared media connection
info p2p <forcetrue|forcefalse|au to>
forceTrue indicates that this port is treated as if it connects to a point-to-point link auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full-duplex operation (either through autonegotation or by management)
protocol-migration <true|false> priority <intval>
Assigns the Ethernet MSTP CIST protocol-migration parameter to true or false for the port. Assigns the CIST priority value for the port. The value must be a multiple of 16. The range is 0 to 240. Assigns the CIST path cost parameter for the port in the range of 1 to 200000000.
pathcost <intval>
Conguring Ethernet MSTP MSTI using the CLI

Configure Ethernet MSTP MSTI to configure the Ethernet MSTP MSTI parameters on a port by performing this procedure.
196
Prerequisites
Procedure steps
Step 1 Action Configure Ethernet MSTP MSTI by using the following command: config ethernet <port> mstp msti <instid> <port> identifies the slot and port (slot/port). <instid> identifies the instance ID. Values range from 1 to 63.
--End--
The following table defines optional parameters that you enter after the config ethernet <port> mstp msti <instid> command.
Variable forceportstate <enable|disab le> info priority <intval> Value Assigns the state of the port to disabled or enabled for the specific MSTP MSTI instance. Shows current Ethernet MSTP MSTI parameter settings. Assigns the Ethernet MSTP MSTI priority value for the port. The value must be a multiple of 16. The range is 0 to 240. Assigns the MSTP MSTI path cost value for the port in the range of 1 to 200000000.
pathcost <intval>
Viewing MSTP port information using the CLI

View MSTP port information to display MSTP, CIST, and MSTI information for a single port or a list of ports by performing this procedure.
Prerequisites
197
Procedure steps
Step 1 Action View MSTP port information by using the following command: show ports info mstp
--End--
The following table defines optional parameters that you enter after the show ports info mstp command.
Variable cistinfo <port> Value Displays the CIST information for a port, range of ports, or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]} cistrole <port> Displays the CIST role and states for a port, range of ports, or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]} mstiinfo <port> Displays MSTI information for a port, range of ports, or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]} mstirole <port> Displays the MSTI role and states for a port, range of ports, or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]}
Viewing MSTP status using the CLI

View MSTP status to display MSTP status information for the bridge by performing this procedure.
Prerequisites
198
Procedure steps
Step 1 Action View MSTP status by using the following command: show mstp status
--End--
199
Spanning Tree conguration using the NNCLI

This chapter describes how to create, manage, and monitor Spanning Tree Groups (STGs) and how to configure Spanning Tree Protocol (STP), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP) using the Nortel Networks command line interface (NNCLI). For more information about statistics, see Nortel Ethernet Routing Switch 8300 Performance Management (NN46200-705) .
ATTENTION
If you disable the Spanning Tree Protocol (STP), it can reduce CPU overhead slightly. However, unless you use the switch in a simple network with little possibility of loops, Nortel recommends that you leave the Spanning Tree Protocol enabled.
Navigation Job aid

The following table lists the commands and their parameters that you use to complete the procedures in this section.
Command Privileged EXEC mode
Job aid (page 199) Configuring the STP mode using the NNCLI (page 202) Disabling STP mode using the NNCLI (page 203) STP BPDU Filtering configuration using the NNCLI (page 204) STG configuration using the NNCLI (page 208) RSTP configuration using the NNCLI (page 218) MSTP configuration using the NNCLI (page 224)
Parameter
200
Command show spanning-tree bpdu-filtering [<interface-type>] show spanning-tree bpdu-filtering [<interface-type>] [<portlist>] show spanning-tree config [<sid>] show spanning-tree port [<portlist>] show spanning-tree mstp
Parameter
config msti port status
show spanning-tree rstp
config port status
Global Configuration mode bpdu-mac-address-range <starting-mac-address> <mask> no spanning-tree rstp group-stp enable spanning-tree mstp forward-time <number> max-age<number> max-hop <number> msti<number> pathcost-type<16-bit|32-bit> priority <number> region<config-id-sel|region-name|re gion-version> tx-holdcount<number> version<mstp|rstp|stp-compatible> spanning-tree mstp msti <instid> priority<number>
Job aid
201
Command spanning-tree rstp
Parameter forward-time <number> group-stp<enable> hello-time<number> max-age <number> pathcost-type <16-bit|32-bit> priority <number> tx-holdcount <number> version <rstp|stp-compatible>
spanning-tree stp <sid> <sid> add-ports <portlist create [<portlist>][vlan <vid>] [tagged-bpdu-mac <mac address>] [forward-delay <timeval>] [group-stp <enable|disable>] [hello-interval <timeval>] [max-age <timeval>] [priority <number>] remove-ports <portlist> [trap-stp <enable|disable>] FastEthernet/GigabitEthernet Interface Configuration mode no spanning-tree bpdu-filtering [enable] no spanning-tree bpdu-filtering [port <portlist>] [enable] no spanning-tree rstp port<port> stp default spanning-tree bpdu-filtering [enable] [port <portlist>] [timeout] spanning-tree bpdu-filtering [enable] spanning-tree bpdu-filtering [port <portlist>] [enable] spanning-tree bpdu-filtering [timeout <10-65535|0>]
202
Command spanning-tree [port <portlist>] stp <sid>
Parameter change-detection cost <value> faststart priority <value>
spanning-tree mstp msti <instid>
cost force-port-state <enable> port<portlist> priority <number>
spanning-tree rstp
cost <value> edge-port<true|false> p2p<force-true|force-false|auto> port<port> priority <value> protocol-migration <true|false> stp <enable>
Conguring the STP mode using the NNCLI

Configure the STP mode to set the spanning tree mode for the switch to Multiple Spanning Tree Protocol (MSTP), Rapid Spanning Tree Protocol (RSTP), or the default mode by performing this procedure. The default mode is regular STP.
ATTENTION
When you change the switch STP mode, you must save the switch boot configuration and restart the switch.
Prerequisites
Procedure steps
Step 1 Action Configure the STP mode to RSTP or MSTP by using one of the following commands: boot config flags spanning-tree-mode
Disabling STP mode using the NNCLI
203
OR Configure the STP mode to default by using the following command: default boot config flags spanning-tree-mode 2 3 Save the switch configuration file by using the following command: save bootconfig Restart the switch by using the following command: boot -y
ATTENTION
It can take several minutes for the switch restart process to complete.
--End--
Variable denitions
The following table defines optional parameters that you enter after the boot config flags spanning-tree-mode command.
Variable mstp rstp Value Specifies MSTP, spanning tree mode. Specifies RSTP, spanning tree mode.
Disabling STP mode using the NNCLI

Disable STP mode to discontinue using spanning tree mode on the switch by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Disable STP mode by using the following command: no boot config flags spanning-tree-mode
--End--
204
STP BPDU Filtering conguration using the NNCLI

This section describes how to configure Spanning Tree Protocol (STP) Bridge Protocol Data Unit (BPDU) Filtering for a Spanning Tree Group (STG), Rapid Spanning Tree Protocol (RSTP), and Multiple Spanning Tree Protocol (MSTP), using the Nortel Networks command line interface (NNCLI).
STP BPDU Filtering conguration using the NNCLI navigation
Enabling STP BPDU Filtering using the NNCLI (page 204) Disabling STP BPDU Filtering using the NNCLI (page 205) Configuring the STP BPDU Filtering port timer using the NNCLI (page 205) Configuring STP BPDU Filtering default values using the NNCLI (page 206) Viewing STP BPDU Filtering status using the NNCLI (page 207)
Enabling STP BPDU Filtering using the NNCLI

Enable STP BPDU Filtering to manage STP BPDU Filtering on a port or group of ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Enable STP BPDU Filtering on the accessed port by using the following command: spanning-tree bpdu-filtering [enable] 2 Enable STP BPDU Filtering on an additional port or group of ports by using the following command: spanning-tree bpdu-filtering [port <portlist>] [enable]
--End--
The following table defines optional parameters that you enter with the spanning-tree bpdu-filtering command.
STP BPDU Filtering configuration using the NNCLI
205
Variable enable <portlist>
Value Enables STP BPDU Filtering on a port or group of ports. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
Disabling STP BPDU Filtering using the NNCLI

Disable STP BPDU Filtering to discontinue managing STP BPDU Filtering on a port or group of ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Disable STP BPDU Filtering on the accessed port by using the following command: no spanning-tree bpdu-filtering [enable] 2 Disable STP BPDU Filtering on an additional port or group of ports by using the following command: no spanning-tree bpdu-filtering [port <portlist>] [enable]
--End--
The following table defines optional parameters that you enter with the no spanning-tree bpdu-filtering[port <portlist>] [enable] command.
Variable <portlist> Value Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
Conguring the STP BPDU Filtering port timer using the NNCLI
Configure the STP BPDU Filtering port timer to specify the duration a port remains in the operational state by performing this procedure.
206
Prerequisites
Procedure steps
Step 1 Action Configure the STP BPDU Filtering port timer by using the following command: spanning-tree bpdu-filtering [timeout <10-65535|0>]
--End--
The following table defines optional parameters that you enter with the spanning-tree bpdu-filtering[timeout <10-65535|0>] command.
Variable <10-65535|0> Value Specifies the STP BPDU Filtering port timer timeout duration in seconds. Values can be 0 or range from 10 to 65535. With timeout value of 0 configured, the STP BPDU Filtering port timer timeout duration is infinite.
Conguring STP BPDU Filtering default values using the NNCLI

Configure STP BPDU Filtering default values to manage the port STP BPDU Filtering default values on the switch by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure STP BPDU Filtering default values by using the following command:
STP BPDU Filtering configuration using the NNCLI
207
default spanning-tree bpdu-filtering [enable] [port <portlist>] [timeout]

--End--
The following table defines optional parameters that you enter with the default spanning-tree bpdu-filtering [enable] [port <portlist>] [timeout <10-65535|0>] command.
Variable enable <portlist> Value Enables STP BPDU Filtering on a port or group of ports. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}. Specifies the STP BPDU Filtering port timer timeout duration in seconds. Values can be 0 or range from 10 to 65535. With timeout value of 0 configured, the STP BPDU Filtering port timer timeout duration is infinite. The default STP BPDU Filtering port timer timeout value is 120 seconds.
<10-65535|0>
Viewing STP BPDU Filtering status using the NNCLI

View port STP BPDU Filtering status to display STP BPDU Filtering status information for all interface ports, a specific interface port, or a group of interface ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View STP BPDU Filtering status for all interface ports by using the following command: show spanning-tree bpdu-filtering [<interface-t ype>]
208
View STP BPDU Filtering status for a specific interface port or a group of interface ports by using the following command: show spanning-tree bpdu-filtering [<interface-t ype>] [<portlist>]
--End--
The following table defines optional parameters that you enter with the show spanning-tree bpdu-filtering [<interface-type>] or show spanning-tree bpdu-filtering [<interface-type>] [<portlist>] commands.
Variable <interface-type> Value Identifies the type of interface for which to display port BPDU filtering status. Values are FastEthernet and GigabitEthernet. Specifies a single port or group of ports, entered as {slot/port[-slot/ port][,...]}.
<portlist>
STG conguration using the NNCLI

Configure STGs to create a collection of ports that belong to the same STP instance.
ATTENTION
To configure STG, you must set the spanning tree mode for the switch to legacy STP. For more information, see Configuring the STP mode using the NNCLI (page 202).
STG conguration using the NNCLI navigation
Configuring STG global settings using the NNCLI (page 209) Configuring STP using the NNCLI (page 209) Deleting an STG using the NNCLI (page 212) Viewing STG configuration using the NNCLI (page 212) Configuring STG port parameters using the NNCLI (page 214) Viewing port STG information using the NNCLI (page 216)
STG configuration using the NNCLI
209
Conguring STG global settings using the NNCLI

When you create an STG, the switch assigns a default global MAC address, which sends BPDUs. Configure STG global settings if you want to replace the default global MAC address and to identify the mask for the MAC address by performing this procedure.
Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Global Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Change the default STG global MAC address by using the following command: bpdu-mac-address-range <starting-mac-address> <Mask>
--End--
The following table defines variables in the bpdu-mac-address-range <starting-mac-address> <Mask> command.
Variable <Mask> <starting-mac-address> Value Indicates the mask (148) for the MAC address, which sends BPDUs. Indicates the MAC (multicast) address, which sends BPDUs. The system assigns a default MAC address to an STG that you create to send BPDUs. To change the default MAC address, enter the MAC address of your choice as the <starting-mac-address> value.
Conguring STP using the NNCLI

Configure STP to create and configure a new STG or modify parameters for an existing STG by performing this procedure.
210
Prerequisites
Procedure steps
Step 1 Action Configure an STG by using the following command: spanning-tree stp <sid> <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the spanning-tree stp <sid> command.
Variable add-ports <portlist> Value Adds ports to an STG.
portlist: Define the list of ports to add to this STG, in the format {slot/port[-slot/port][,. ..]}.
create [<portlist>][vlan <vid>] [tagged-bpdu-mac <mac address>]
Create an STG.
Portlist: Define the list of ports to add to this STG, in the format {slot/port[-slot/port][,. ..]}. You cannot add ports that belong to another STG or ports configured as tagging-disabled to the STG. VID: Specify the tagged BPDU VLAN ID. If a VLAN spans multiple switches, it must belong to the same STG across all switches. MAC address: Specify the tagged BPDU MAC address.
211
Variable [forward-delay <timeval>]
Value Configures the bridge forward delay time, or the value in hundredths of a second that all bridges use for Forward Delay when this bridge acts as the root.
[group-stp <enable|disable>]
timeval: Specify a value between 400 and 3000. The default is 1500 (15 seconds).
Enable or disable the Spanning Tree Protocol on all ports in the specified STG. Set the bridge hello time increments of 1/100 of a second. This value is used by all bridges for HelloTime when this bridge acts as the root. The granularity of this timer is specified by the IEEE 802.1D-1990 standard.
[hello-interval <timeval>]
[max-age <timeval>]
Set the bridge maximum age time, or the value in hundredths of a second that all bridges use for MaxAge when this bridge acts as the root. The 802.1D-1990 standard specifies that the BridgeMaxAge range relates to the value of dot1dStpBridgeHelloTime. The default is 2000 (20 seconds).
[priority <number>]
Set the STP bridge priority, in decimal. The range is 0 (highest priority) to 65535 (lowest priority). The default is 32768.
number: Specify a value between 0 and 65535.
212
Variable remove-ports <portlist>
Value Removes the specified ports from an STG.
portlist: Defines the list of ports to add to this STG, in the format {slot/port[-slot/port][,. ..]}.
[trap-stp <enable|disable>]
Enables or disables the sending of traps to a trace receiver. When enabled, SNMP traps are sent to a trace receiver every time an STP topology occurs for the specified STG.
Deleting an STG using the NNCLI

Delete an STG to remove the STG from your network by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Delete an STG by using the following command: no spanning-tree <sid> <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
Viewing STG conguration using the NNCLI

View configuration information for a specific STG or all STGs in your network by performing this procedure.
213
Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Privileged EXEC mode in the NNCLI.
Procedure steps
Step 1 Action View STG configuration by using the following command: show spanning-tree config<sid> <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
Job aid
Use the data in the following table to understand field descriptions displayed with the show spanning-tree config<sid> command.
Table 14 Job aid Field BRIDGE ADDRESS DESIGNATED ROOT Description The MAC address used by this bridge when it must be referred to in a unique fashion. The bridge identifier of the root of the spanning tree as determined by the Spanning Tree Protocol as executed by this node. This value is used as the Root Identifier parameter in all Configuration Bridge PDUs originated by this node. The time interval in hundredths of a second that controls how fast a port changes its spanning state when moving toward the Forwarding state. The value determines how long the port stays in each of the Listening and Learning states, which precede the Forwarding state. This value is also used when a topology change is detected and is under way, to age all dynamic entries in the Forwarding Database. (This value is the one this bridge is currently using, in contrast to rcStgBridgeForwardDelay, which is the value that this bridge and all others can start using if/when this bridge were to become the root.) The default value is 1500 (15 seconds).
FORWARD DELAY
214
Table 14 Job aid (contd.) Field HELLO TIME Description The amount of time in hundredths of a second between transmission of configuration BPDUs by this node on a port when it is the root of the spanning tree. The default value is 200 (2 seconds). The time interval in hundredths of a second, during which no more than two Configuration bridge PDUs shall be transmitted by this node. The default value is 100 (1 second). The maximum age of Spanning Tree Protocol information learned from the network on a port before it is discarded, in units of hundredths of a second. The actual value that this bridge is currently using. The number of ports controlled by this bridging entity. An indication of what version of the Spanning Tree Protocol is running. The IEEE 802.1d implementations displays ieee8021d. The cost of the path to the root as seen from this bridge. The port number of the port that offers the lowest cost path from this bridge to the root bridge. Specify an STG ID from 1 to 64. A topology change trap is sent by a bridge when either of its configured ports transitions from the Learning state to the Forwarding state, or from the Forwarding state to the Blocking state. The trap is not sent if a new root trap is sent for the same transition. Implementation of this trap is optional.
HOLD TIME
MAX AGE
NUM PORTS PROTOCOL SPECIFICATION ROOT COST ROOT PORT [<sid>] Top Changes
Conguring STG port parameters using the NNCLI

Configure STG for a single port or a range of ports to modify STG parameters, such as topology change detection, port to path cost, FastStart, and priority by performing this procedure.
ATTENTION
Ports must have tagging enabled to belong to multiple spanning tree groups. Nortel recommends that you enable FastStart as an alternative to disabling Spanning Tree Protocol on an individual port.
215
Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Interface Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure STG port parameters by using the following command: spanning-tree port <port> stp <sid> <port> identifies the slot and port (slot/port). <sid> identifies the VLAN STG ID. Values range from 1 to 64.
--End--
The following table defines optional parameters that you enter after the spanning-tree port <port> stp <sid> commands.
Variable change-detection cost <value> Value Enables or disables the topology change detection for the specified spanning tree. Configures the contribution of this port to the path cost. The IEEE 802.1D standard recommends that the default value of this parameter be in inverse proportion to the speed of the attached LAN.
faststart
value: Specify a value from 1 to 65535.
When enabled on a port with no other bridges, Spanning Tree FastStart starts the port quickly following switch initialization or a spanning tree change. The port goes through the normal listening and learning states before the forwarding state, but the bridge hello timer (2 seconds by default) determines the hold time for these states instead of the bridge forward delay timer (15 seconds by default).
216
Variable
Value Nortel recommends that you enable FastStart as an alternative to disabling Spanning Tree Protocol on an individual port.
priority <value>
Configures the priority of this port.
value: Specify a value from 0 to 65535.
Viewing port STG information using the NNCLI

View all available STG information for a single port, all ports, or a specific group of ports by performing this procedure.
Prerequisites
Set the switch spanning tree mode to legacy STP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Privileged EXEC mode in the NNCLI.
Procedure steps
Step 1 Action View port STG information by using the following command: show spanning-tree port<port> <port> identifies the slot and port (slot/port).
--End--
Job aid
Use the data in the following table to understand field descriptions displayed with the show spanning-tree port<port> command.
Table 15 Job aid Variable BRIDGE CHANGE DETECTION Value The Bridge Identifier of the bridge that this port uses as the Designated Bridge for the segment of this port. The change detection setting (true or false) for this port. You can configure this value only on access ports. If you enable change detection on an MLT with access ports, the setting automatically applies to all ports in the MLT.
217
Table 15 Job aid (contd.) Variable COST Value The path cost of the Designated Port of the segment connected to this port. This value compares to the Root Path Cost field in received bridge PDUs. The STP state of the port.
ENABLE STP

FASTSTART
EnabledBPDUs processed in accordance with STP. DisabledThe port stays in a forwarding state it drops and does not process received BPDUs.
When enabled on a port with no other bridges, Spanning Tree FastStart starts the port quickly following switch initialization or a spanning tree change. The port goes through the normal listening and learning states before the forwarding state, but the bridge hello timer (2 seconds by default) determines the hold time for these states instead of the bridge forward delay timer (15 seconds by default).
This setting does not adhere to the specifications in the IEEE 802.1D standard for Spanning Tree Protocol (STP), in which a port enters the listening state following the initialization of the bridging device or from the disabled state when you enable the port through configuration. FORWARD TRANSITION PATHCOST The number of times this port transitioned from the Learning state to the Forwarding state. The contribution of this port to the path cost of paths toward the spanning tree root that includes this port. The 802.1D-1990 protocol recommends that the default value of this parameter be in inverse proportion to the speed of the attached LAN. The identifier of the port on the Designated Bridge for the segment of this port. The port number of the port for which this entry contains Spanning Tree Protocol management information. The value of the priority field, in the first octet of the (2 octet long) Port ID. The value of rcStgPort defines the other octet of the Port ID. The unique Bridge Identifier of the Bridge recorded as the root in the configuration BPDUs transmitted by the Designated Bridge for the segment, to which the port attaches.
PORT PORT_NUM PRIO
ROOT
218
Table 15 Job aid (contd.) Variable SID STATE Value The STG identifier assigned to this port. The current state of the port as defined by the application of the STP.
This state controls what action a port takes on reception of the frame. If the bridge detects a malfunctioning port, it places that port into the broken (6) state.
RSTP conguration using the NNCLI

ATTENTION
Before you configure RSTP, the spanning tree mode for the switch must be set to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202).
RSTP conguration using the NNCLI navigation
Configuring global RSTP using the NNCLI (page 218) Disabling group STP using the NNCLI (page 220) Viewing global RSTP configuration using the NNCLI (page 220) Viewing global RSTP status using the NNCLI (page 220) Configuring port RSTP parameters using the NNCLI (page 221) Disabling port RSTP using the NNCLI (page 222) Viewing port RSTP information using the NNCLI (page 223)
Conguring global RSTP using the NNCLI

Configure RSTP parameters to reduce recovery time after a network failure by performing this procedure.
RSTP configuration using the NNCLI
219
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Global Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure RSTP by using the following command: spanning-tree rstp
--End--
The following table defines optional parameters that you enter after the spanning-tree rstp command.
Variable forward-time <number> Value Assigns the RSTP forward delay for the bridge from 400 to 3000 one hundredths of a second. Enables RSTP for a specific STG. Assigns the RSTP hello time delay for the bridge from 100 to 1000 one hundredths of a second. Assigns the RSTP maximum age time for the bridge from 600 to 4000 one hundredths of a second. Assigns the RSTP default pathcost type to either 16 bits or 32 bits. The default is 32 bits. Assigns the RSTP bridge priority in a range of 0 to 61440 in steps of 4096. Assigns the RSTP transmit hold count. The range is 1 to 10. The default is 3. Assigns the port in the RSTP- or STP-compatible mode; that is, whether the port transmits RSTP BPDUs or Config/TCN BPDUs.
group-stp<enable> hello-time<number>
max-age <number>
pathcost-type <16-bit|32-bit>
priority <number> tx-holdcount<number> version <rstp|stp-compatible>
220
Disabling group STP using the NNCLI

Disable group STP to disable RSTP for a specific STG by performing this procedure.
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Global Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Disable group STP by using the following command: no spanning-tree rstp group-stp enable
--End--
Viewing global RSTP conguration using the NNCLI

View global RSTP configuration to display RSTP configuration details for the switch by performing this procedure.
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Privileged EXEC mode in the NNCLI.
Procedure steps
Step 1 Action View global RSTP configuration information by using the following command: show spanning-tree rstp config
--End--
Viewing global RSTP status using the NNCLI

View global RSTP status to display RSTP status information for the switch by performing this procedure.
221
Prerequisites
Procedure steps
Step 1 Action View global RSTP status by using the following command: show spanning-tree rstp status
--End--
Conguring port RSTP parameters using the NNCLI

Configure port RSTP parameters to set RSTP feature parameter values for a specific port by performing this procedure.
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Interface Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure Ethernet RSTP parameters by using the following command: spanning-tree rstp
--End--
The following table defines optional parameters that you enter after the spanning-tree rstp command.
Variable cost <value> Value Assigns the RSTP path cost parameter for the port in the range of 1 to 200000000.
222
Variable edge-port<true|false> p2p<force-true|force-false|a uto> port<slot/port> priority <value>
Value Assigns the RSTP edge port parameter for the port. Assigns the Ethernet RSTP point-to-point parameter for the port. Defines the port on which to configure RSTP, in the format {slot/port}. Assigns the Ethernet RSTP priority parameter for the port. The priority ranges in the range of 0 to 240 in steps of 16 (0, 16, 32, ... , 240). Assigns the Ethernet RSTP protocol-migration parameter for the port. Enables STP on the port.
protocol-migration <true|false> stp <enable>
Disabling port RSTP using the NNCLI

Disable port RSTP to discontinue using the RSTP feature on a specific port or disable STP on the port by performing this procedure.
Prerequisites
Set the switch spanning tree mode to RSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Interface Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Disable port RSTP by using the following command: no spanning-tree rstp
--End--
The following table defines optional parameters that you enter after the no spanning-tree rstp command.
223
Variable port<slot/port> stp
Value Defines an Ethernet port on which to disable RSTP, in the format {slot/port}. Disables STP on the port.
Viewing port RSTP information using the NNCLI

View port RSTP information to display RSTP parameter details for a specific port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the RSTP configuration information by using the following command: show spanning-tree rstp port
--End--
The following table defines optional parameters that you enter after the show spanning-tree rstp port command.
Variable config<portlist> Value Displays the RSTP configuration for a port or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]} Displays the RSTP role for a port or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]} Displays the RSTP status for a port or list of ports. Specify the portlist as: {slot/port[ -slot/port][,...]}
role <portlist>
status<portlist>
224
MSTP conguration using the NNCLI

This section describes how to configure Multiple Spanning Tree Protocol (MSTP) using the NNCLI.
MSTP conguration using the NNCLI navigation
Configuring MSTP using the NNCLI (page 224) Viewing MSTP configuration using the NNCLI (page 225) Configuring MSTP MSTI using the NNCLI (page 226) Viewing MSPT MSTI configuration information using the NNCLI (page 226) Configuring Ethernet MSTP CIST using the NNCLI (page 227) Disabling Ethernet MSTP CIST force-port-state using the NNCLI (page 228) Configuring Ethernet MSTP MSTI using the NNCLI (page 229) Viewing MSTP port information using the NNCLI (page 230) Viewing MSTP status using the NNCLI (page 231)
Conguring MSTP using the NNCLI

Configure Multiple Spanning Tree Protocol to set the MSTP configuration version by performing this procedure.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Global Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure MSTP by using the following command: spanning-tree mstp
--End--
The following table defines optional parameters that you enter after the spanning-tree mstp command.
MSTP configuration using the NNCLI
225
Variable forward-time <number>
Value Assigns the MSTP forward delay for the bridge from 400 to 3000 one hundredths of a second. Assigns the MSTP maximum age time for the bridge from 600 to 4000 one hundredths of a second. Assigns the MSTP bridge maximum hop count. The range is 100 to 4000 one hundredths of a second in steps of 100 one hundredths. Assigns the MSTP MSTI instance parameter. Assigns the MSTP default pathcost type to either 16 bits or 32 bits. The default is 32 bits. Assigns the MSTP bridge priority in a range of 0 to 61440 in steps of 4096. Assigns the MSTP region commands: config-id-selAssigns the MSTP region configuration ID number: The range is 0 to 255.
max-age<number>
max-hop <number>
msti<number> pathcost-type<16-bit|32-bit>
priority <number> region<config-id-sel|regionname|region-version>
region-nameAssigns the MSTP region name. The character string can be a range of 1 to 32 characters. region-versionAssigns the MSTP region version. The range is 0 to 65535.
tx-holdcount<number> version<mstp|rstp|stp-compat ible>
Assigns the MSTP transmit hold count. The range is 1 to 10. The default is 3. Assigns the MSTP bridge version.
Viewing MSTP conguration using the NNCLI

View the MSTP configurations to display the MSTP-related bridge and region information by performing this procedure.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Privileged EXEC mode in the NNCLI.
226
Procedure steps
Step 1 Action View the MSTP configurations by using the following command: show spanning-tree mstp config
--End--
Conguring MSTP MSTI using the NNCLI

Configure multi-service transport platform (MSTP) multiple spanning tree instance (MSTI) to set the configuration version by performing this procedure.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Global Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure MSTP MSTI by using the following command: spanning-tree mstp msti <instid> <instid> identifies the instance ID.
--End--
The following table defines optional parameters that you enter after the spanning-tree mstp msti <instid> command.
Variable priority<number> Value Assigns the MSTP bridge priority. The range is 0 to 65535, in steps of 4096.
Viewing MSPT MSTI conguration information using the NNCLI

View MSPT MSTI configuration information to review the MSTP instance status by performing this procedure.
227
Prerequisites
Procedure steps
Step 1 Action View MSPT MSTI configuration information by using the following command: show spanning-tree mstp msti config <instid> <instid> identifies the instance ID.
--End--
ATTENTION
If you attempt to use the show mstp instance <instid> command for a nonexistent MSTP instance, the following error message appears: "printMstpCliInfoInst : nnMstBridgeTblGet FAILED"
Conguring Ethernet MSTP CIST using the NNCLI

Configure Ethernet MSTP CIST to set the MSTP CIST parameters for a port by performing this procedure.
Prerequisites
Set the switch spanning tree mode to MSTP. For more information, see Configuring the STP mode using the NNCLI (page 202). Log on to the Interface Configuration mode in the NNCLI.
Procedure steps
Step 1 Action Configure Ethernet MSTP CIST by using the following command: spanning-tree mstp
--End--
The following table defines optional parameters that you enter after the spanning-tree mstp command.
228
Variable cost <intval>
Value Assigns the CIST path cost parameter for the port in the range of 1 to 200000000. Assigns the MSTP edge-port parameter for the port. Assigns the state of the port to true (enabled) for the CIST. Assigns the hello time for a port from 100 to 1000 one hundredths of a second. Assigns the following Ethernet MSTP CIST point-to-point parameter for the port: force-false indicates that this port is treated as having a shared media connection
edge-port<true|false> force-port-state <enable> hello-time <timeval>
p2p <force-true|force-false| auto>
force-true indicates that this port is treated as if it connects to a point-to-point link auto indicates that this port is considered to have a point-to-point link if it is an aggregator and all of its members are aggregatable, or if the MAC entity is configured for full-duplex operation (either through autonegotation or by management)
port<slot/port> priority <intval>
Identifies the slot and port (slot/port). Assigns the CIST priority value for the port. The value must be a multiple of 16. The range is 0 to 240. Assigns the Ethernet MSTP CIST protocol-migration parameter to true or false for the port.
protocol-migration <true|false>
Disabling Ethernet MSTP CIST force-port-state using the NNCLI

Disable Ethernet MSTP CIST force-port-state to disable STP on a port by performing this procedure.
229
Prerequisites
Procedure steps
Step 1 Action Disable Ethernet MSTP CIST force-port-state by using the following command: no spanning-tree mstp force-port-state enable
--End--
Conguring Ethernet MSTP MSTI using the NNCLI

Configure Ethernet MSTP MSTI to configure the Ethernet MSTP MSTI parameters on a port by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action Configure Ethernet MSTP MSTI by using the following command: spanning-tree mstp msti <instid> <instid> identifies the instance ID.
--End--
The following table defines optional parameters that you enter after the spanning-tree mstp msti <instid> command.
230
Variable cost
Value Assigns the MSTP MSTI path cost value for the port in the range of 1 to 200000000. Enables MSTI learning for a port. Identifies the slot and port (slot/port). Assigns the Ethernet MSTP priority parameter for the port. The priority ranges in the range of 0 to 240 in steps of 16 (0, 16, 32, ... , 240).
force-port-state <enable> port<slot/port> priority <number>
Viewing MSTP port information using the NNCLI

View the MSTP port role information to display the MSTP, CIST port roles and states information for a single port or a list of ports by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the MSTP port information by using the following command: show spanning-tree mstp port
--End--
The following table defines optional parameters that you enter after the show spanning-tree mstp port command.
Variable config <portlist> role <portlist> Value Displays MSTP CIST port information, in the format slot/port. Displays MSTP CIST port role and state information, in the format slot/port.
231
Viewing MSTP status using the NNCLI

View the MSTP status to display bridge MSTP status information by performing this procedure.
Prerequisites
Procedure steps
Step 1 Action View the MSTP status by using the following command: show spanning-tree mstp status
--End--
232
233
RSTP and MSTP CLI Conguration examples

This section provides configuration examples for the Rapid Spanning Tree Protocol (RSTP) and Multiple Spanning Tree Protocol (MSTP), including the CLI commands you use to create the sample configurations. For more information about VLAN and Spanning Tree configuration, see the PP8300 Technical Configuration Guide for VLAN, Spanning Tree, and Link Aggregation using PPCLI or the PP8300 Technical Configuration Guide for VLAN, Spanning Tree, and Link Aggregation using NNCLI . You can find these Technical Configuration Guides at www.nortel.com/documentation. Choose Routers and Routing Switches, and then Ethernet Routing Switch 8300.
Navigation
Configuring RSTP using the CLI (page 233) Configuring MSTP using the CLI (page 239)
Conguring RSTP using the CLI

This section shows an example of configuring RSTP based on the network topology illustrated in the following figure. This configuration results in traffic flow as shown with the dashed lines because B1 becomes the RSTP root bridge. If B1 fails, then B2 becomes the root bridge based on priority settings.
ATTENTION
Set the bridge port priory on B1 such that the Gigabit Ethernet (GbE) interface 2/1 is used.
234
RSTP and MSTP CLI Configuration examples Figure 7 RSTP topology
Example of conguring RSTP using the CLI: Conguring ERS8300 B1

Configure ERS8300 B1 using the CLI by performing this procedure.
Procedure steps
Step 1
Action To set the switch to use RSTP mode enter the following commands: ERS8300-B1:5# config bootconfig flags spanning-tre e-mode rstp
Configuring RSTP using the CLI
235
ERS8300-B1:5# save bootconfig ERS8300-B1:5# boot -y 2 To add VLAN 3, enter the following commands: ERS8300-B1:5# config vlan 3 create byport-mstprstp 0 ERS8300-B1:5# config vlan 3 ports add 2/1,2/2,2/4,2 /5,1/15 3 To change the RSTP bridge priority, enter the following command: ERS8300-B1:5# config rstp priority 4096 4 To configure port 1/15 as an RSTP edge port, enter the following command:
ATTENTION
When you configure a port as an RSTP edge port, you must reset the port.
ERS8300-B1:5# config ethernet 1/15 rstp edge-port true 5 To configure port 2/1 with an RSTP port priority of 16 so that it is used as the RSTP root path by entering the following command: ERS8300-B1:5# config ethernet 2/1 rstp priority 16
--End--
Example of conguring RSTP using the CLI: Conguring ERS8300 B2

Procedure steps
Step 1
Action To set the switch to use the RSTP mode, enter the following commands: ERS8300-B2:5# config bootconfig flags spanning-tre e-mode rstp ERS8300-B2:5# save bootconfig ERS8300-B2:5# boot -y
To add VLAN 3, enter the following commands: ERS8300-B2:5# config vlan 3 create byport-mstprstp 0 ERS8300-B2:5# config vlan 3 ports add 4/1,4/2,4/4,4 /5,3/15
236
To change the RSTP bridge priority, enter the following command: ERS8300-B2:5# config rstp priority 8192 To configure port 3/15 as an RSTP edge port, enter the following command:
ATTENTION
When you configure a port as an RSTP edge port, you must reset the port.
ERS8300-B2:5# config ethernet 3/15 rstp edge-port true

--End--
Example of conguring RSTP using the CLI: conguring ERS1600 B3

Procedure steps
Step 1
Action To set the switch to use the RSTP mode, enter the following command: ERS1624G-B3:4# config stp version rstp To change the RSTP bridge priority, enter the following command: ERS1624G-B3:4# config stp priority 12288 To add VLAN 3, enter the following command: ERS1624G-B3:4# create vlan 3 vid 3 type port ERS1624G-B3:4# config vlan 3 add untagged 1,3,5,7,10
To configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces, enter the following command: ERS1624G-B3:4# config ports 1,3 speed 1000_full
--End--
Example of conguring RSTP using the CLI: conguring ERS1600 B4

Configuring RSTP using the CLI Procedure steps
237
Step 1
Action To set the switch to use the RSTP mode, enter the following command: ERS1612G-B4:4# config stp version rstp To change the RSTP bridge priority, enter the following command: ERS1612G-B4:4# config stp priority 16384 To add VLAN 3, enter the following command: ERS1612G-B4:4# create vlan 3 vid 3 type port ERS1612G-B4:4# config vlan 3 add untagged 1,3,5,7,10
To configure ports 1 and 3 for 1 Gbps full-duplex to be compatible with the ES GbE interfaces, enter the following command: ERS1612G-B4:4# config ports 1,3 speed 1000_full
--End--
Example of conguring RSTP using the CLI: conguring ES 470 B5

Configure ES 470 B5 using the CLI by performing this procedure.
Procedure steps
Step 1
Action To change the spanning tree operating mode to the RSTP mode and restart the switch, enter the following command: ES470_48(config)# spanning-tree op-mode rstp ES470_48(config)# boot Reboot the unit(s) (y/n) ? y
To add VLAN 3, enter the following command: ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
To remove VLAN port members from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 15,47,48
238
ATTENTION
If you remove the port, you can enable RSTP by using the following commands: interface fastEthernet <port> spanning-tree rstp learning enable and spanning-tree rstp learning enable
To change the RSTP bridge priority, enter the following command: ES470_48(config)# spanning-tree rstp priority 5000 To configure port 15 as an RSTP edge port, enter the following command: ES470_48(config)# interface fastEthernet 15 ES470_48(config-if)# spanning-tree rstp edge-port true
--End--
Example of conguring RSTP using the CLI: conguring ES470 B6

Configure ES470 B6 using the CLI by performing this procedure.
Procedure steps
Step 1
Action To change spanning tree operating mode to the RSTP mode and restart the switch, enter the following command: ES470_48(config)# spanning-tree op-mode rstp ES470_48(config)# boot Reboot the unit(s) (y/n) ? y
To add VLAN 3, enter the following command: ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
To remove VLAN port members from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 15,47,48 To change the RSTP bridge priority, enter the following command: ES470_48(config)# spanning-tree rstp priority 6000 To configure port 15 as an RSTP edge port, enter the following command:
Configuring MSTP using the CLI
239
ES470_48(config)# interface fastEthernet 15 ES470_48(config-if)# spanning-tree rstp edge-port true

--End--
Conguring MSTP using the CLI

This section shows an example of configuring MSTP based on the network topology illustrated in the following figure.
Figure 8 MSTP topology
The network topology in the preceding figure includes the following parameters:
Switches B1 and B2 are in multiple spanning tree region 2. B1 is configured so that it becomes the CIST root; it has the lowest CIST priority of 4096. B2 is configured so that it becomes the CIST backup; it has the next highest CIST priority of 8192. Two instances of MSTI: MSTI 1 for VLAN 3 and MSTI 2 for VLAN 4.
240
B1 GbE interface 2/2 is configured with a MSTI 2 priority of 16, while B2 GbE interface 4/1 is configured with a MSTI 1 priority of 16. This results in VLAN load balancing. Switches B3, B4, B5, and B6 are in multiple spanning tree region 1. B3 is configured so that it becomes the CIST regional root; it has a CIST priority of 12288. B4 becomes the backup CIST regional root; it has a priority of 16384. Two MSTI instances are present; MSTI 1 for VLAN 3, and MSTI 2 for VLAN 4. B4 is configured so that it is the MSTI root for VLAN 3 and the backup MSTI root for VLAN 4. The MSTI priority for MSTI 1 is configured to 4096, and the MSTI priority for MSTI 2 is configured to 8192. B3 is configured so that it is the MSTI root for VLAN 4 and the backup MSTI root for VLAN 3. The MSTI priority for MSTI 1 is configured to 8192, and the MSTI priority for MSTI 2 is configured to 4096.
Example of Conguring MSTP: conguring ERS8300 B1

Configure ERS 8300 B1 by performing this procedure.
Procedure steps
Step 1
Action To set the switch to use the MSTP mode, enter the following commands: ERS8300-B1:5# config bootconfig flags spanning-tre e-mode mstp ERS8300-B1:5# save bootconfig ERS8300-B1:5# boot -y
To configure the MSTP region, enter the following commands: ERS8300-B1:5# config mstp region config-id-sel 2 ERS8300-B1:5# config mstp region name region2 ERS8300-B1:5# config mstp region revision 1
To configure GbE ports 2/1, 2/2, 2/4, and 2/4 as tagged ports, enter the following commands: ERS8300-B1:5# config ethernet 2/1,2/2,2/4,2/5 perform-tagging enable
241
To change the MSTP CIST bridge priority, enter the following command: ERS8300-B1:5# config mstp cist priority 4096 To configure the MSTI 2 port, enter the following command: ERS8300-B1:5# config ethernet 2/2 mstp msti 2 priority 16
To configure ports 1/15 and 1/16 as MSTP edge ports, enter the following command: ERS8300-B1:5# config ethernet 1/15,1/16 mstp cist edge-port true
--End--

Configure ERS8300 B2 by performing this procedure.
Procedure steps
Step 1
Action To set the switch to use the MSTP mode, enter the following commands: ERS8300-B2:5# config bootconfig flags spanning-tre e-mode mstp ERS8300-B2:5# save bootconfig ERS8300-B2:5# boot -y
to configure the MSTP region, enter the following commands: ERS8300-B2:5# config mstp region config-id-sel 2 ERS8300-B2:5# config mstp region name region2 ERS8300-B2:5# config mstp region revision 1
To configure GbE ports 4/1, 4/2, 4/4, and 4/5 as tagged ports, enter the following command: ERS8300-B2:5# config ethernet 4/1,4/2,4/4,4/5 perform-tagging enable
To add VLAN 3, enter the following commands: ERS8300-B2:5# config vlan 3 create byport-mstprstp 1
242
ERS8300-B2:5# config vlan 3 ports add 4/1,4/2,4/4,4 /5,3/15 5 To add VLAN 4, enter the following commands: ERS8300-B2:5# config vlan 4 create byport-mstprstp 2 ERS8300-B2:5# config vlan 4 ports add 4/1,4/2,4/4,4 /5,3/16 6 To change the MSTP CIST bridge priority, enter the following command: ERS8300-B2:5# config mstp cist priority 8192 7 To configure the MSTI 1 port, enter the following command: ERS8300-B2:5# config ethernet 4/1 mstp msti 1 priority 16 8 To configure ports as MSTP edge ports, enter the following command: ERS8300-B2:5# config ethernet 3/15,3/16 mstp cist edge-port true
--End--

Procedure steps
Step 1 2
Action To enable the MSTP mode, enter the following command: ERS1624G-B3:4# config stp version mstp To change MSTP bridge priority, enter the following command: ERS1624G-B3:4# config stp instance_id 0 priority 12288
To add VLAN 3, enter the following commands: ERS1624G-B3:4# create vlan 3 vid 3 type port ERS1624G-B3:4# config vlan 3 add untagged 10 ERS1624G-B3:4# config vlan 3 add tagged 1,3,5,7
243
To configure ports 1 and 3 for 1 Gbps full-duplex to be compatible with the ES GbE interfaces, enter the following command: ERS1624G-B3:4# config ports 1,3 speed 1000_full To configure the MSTP region and revision, enter the following commands: ERS1624G-B3:4# config stp region name region1 ERS1624G-B3:4# config stp region mstconfigidsel 1 ERS1624G-B3:4# config stp region revision 1
To add MSTI 1, change the MSTI priority, and add VLAN 3, enter the following commands: ERS1624G-B3:4# create stp instance_id 1 ERS1624G-B3:4# config stp instance_id 2 priority 8192 ERS1624G-B3:4# config stp_vlan instance_id 1 add 3
To add MSTI 2, change the MSTI priority, and add VLAN 4, enter the following commands: ERS1624G-B3:4# create stp instance_id 2 ERS1624G-B3:4# config stp instance_id 2 priority 4096 ERS1624G-B3:4# config stp_vlan instance_id 2 add 4
--End--

Procedure steps
Step 1 2
Action To enable MSTP mode, enter the following command: ERS1624G-B4:4# config stp version mstp To change MSTP bridge priority, enter the following command: ERS1624G-B4:4# config stp instance_id 0 priority 12288
To add VLAN 4, enter the following commands:
244
ERS1624G-B4:4# create vlan 4 vid 4 type port ERS1624G-B4:4# config vlan 4 add untagged 11 ERS1624G-B4:4# config vlan 4 add tagged 1,3,5,7 5 To configure ports 1 and 3 for 1 Gbps full duplex to be compatible with the ES GbE interfaces, enter the following commands: ERS1624G-B4:4# config ports 1,3 speed 1000_full 6 To configure the MSTP region and version, enter the following commands: ERS1624G-B4:4# config stp region name region1 ERS1624G-B4:4# config stp region mstconfigidsel 1 ERS1624G-B4:4# config stp region revision 1 7 To add MSTI 1, change the MSTI priority, and add VLAN 3, enter the following commands: ERS1624G-B4:4# create stp instance_id 1 ERS1612G-B4:4# config stp instance_id 1 priority 4096 ERS1624G-B4:4# config stp_vlan instance_id 1 add 3 8 To add MSTI 2, change the MSTI priority, and add VLAN 4 enter the following commands: ERS1624G-B4:4# create stp instance_id 2 ERS1624G-B4:4# config stp instance_id 2 priority 8192 ERS1624G-B4:4# config stp_vlan instance_id 2 add 4
--End--
Example of Conguring MSTP: conguring ES 470 B5

Configure ES 470 B5 by performing this procedure.
Procedure steps
Step 1
Action To change the spanning tree operation mode to MSTP and restart the switch, enter the following commands: ES470_48(config)# spanning-tree op-mode mstp ES470_48(config)# boot Reboot the unit(s) (y/n) ? y
2 3
To add tagging, enter the following commands: ES470_48(config)# vlan ports 47,48 tagging tagall Add VLAN 3 and members:
245
ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48 4 To remove VLAN port member from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 15,47,48 5 To add VLAN 4 and port members, enter the following command: ES470_48(config)# vlan create 4 type port ES470_48(config)# vlan members add 4 16,47,48 6 To remove VLAN port members from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 16 7 To configure the MSTP region and version, enter the following command: ES470_48(config)# spanning-tree mstp region config-id-sel 1 region-name region1 region-version 1 8 To add MSTP MSTI 1 and add VLAN 3, enter the following commands: ES470_48(config)# spanning-tree mstp msti 1 ES470_48(config)# spanning-tree mstp msti 1 add-vlan 3 9 To add MSTP MSTI 2 and add VLAN 4, enter the following commands: ES470_48(config)# spanning-tree mstp msti 2 ES470_48(config)# spanning-tree mstp msti 2 add-vlan 4
ATTENTION
If an error message appears stating that you cannot modify settings and nontagged ports cannot span multiple STPGs, then you must ensure that all appropriate ports have tagging enabled. In this example, this applies to ports 47 and 48.
10
To configure ports 6 and 7 as MSTP edge ports, enter the following commands: ES470_48(config)# interface fastEthernet 15,16 ES470_48(config-if)# spanning-tree mstp edge-port true
--End--
246
Example of Conguring MSTP: conguring ES 470 B6

Configure ES 470 B6 by performing this procedure.
Procedure steps
Step 1
Action To change the spanning tree operation mode to MSTP and restart the switch, enter the following commands: ES470_48(config)# spanning-tree op-mode mstp ES470_48(config)# boot Reboot the unit(s) (y/n) ? y
2 3
To add tagging, enter the following command: ES470_48(config)# vlan ports 47,48 tagging tagall To add VLAN 3 and port members, enter the following commands: ES470_48(config)# vlan create 3 type port ES470_48(config)# vlan members add 3 15,47,48
To remove VLAN port members from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 15,47,48 To add VLAN 4 and port members, enter the following commands: ES470_48(config)# vlan create 4 type port ES470_48(config)# vlan members add 4 16,47,48
To remove VLAN port members from the default VLAN, enter the following command: ES470_48(config)# vlan members remove 1 16 To configure the MSTP region and version, enter the following command: ES470_48(config)# spanning-tree mstp region config-id-sel 1 region-name region1 region-version 1
To add MSTP MSTI 1 and add VLAN 3, enter the following commands: ES470_48(config)# spanning-tree mstp msti 1 ES470_48(config)# spanning-tree mstp msti 1 add-vlan 3
To add MSTP MSTI 2 and add VLAN 4, enter the following commands: ES470_48(config)# spanning-tree mstp msti 2 ES470_48(config)# spanning-tree mstp msti 2 add-vlan 4
247
10
To configure ports 6 and 7 as MSTP edge ports, enter the following commands: ES470_48(config)# interface fastEthernet 15,16 ES470_48(config-if)# spanning-tree mstp edge-port true
--End--
248
249
Customer service
Visit the Nortel Web site to access the complete range of services and support that Nortel provides. Go to www.nortel.com or go to one of the pages listed in the following sections.
Navigation
Updated versions of documentation (page 249) How to get help (page 249) Express Routing Codes (page 249) Additional information (page 250)
Updated versions of documentation

You can download and print the latest versions of Nortel Ethernet Routing Switch 8300 technical documentation and Release Notes directly from the Internet at http://nortel.com/documentation.
How to get help

If you purchased a service contract for your Nortel product from a distributor or authorized reseller, contact the technical support staff for that distributor or reseller for assistance. If you purchased a Nortel service program, you can get help by contacting one of the Nortel Technical Solutions Centers found at http://www.nortel.com/callus; or visit our Technical Support site at http://www.nortel.com/support.
Express Routing Codes

An Express Routing Code (ERC) is available for many Nortel products and services. When you use an ERC, your call is routed to a technical support person who specializes in supporting that particular product or service. To locate an ERC for any product or service, go to http://www.nortel.com/erc.
250
Customer service
Additional information
Use the information in the following table to access other areas of the Nortel Web site.
For information about Contact Us Documentation feedback Products (marketing) Partner Information Center (PIC) Register Search Services Training Contact http://www.nortel.com/contactus http://www.nortel.com/documentfeedback http://www.nortel.com/product http://www.nortel.com/pic http://www.nortel.com/register http://nortel.com/search http://nortel.com/services http://nortel.com/trainings
251
Index
A
ActiveMembers eld 44 Adding ports to an STG 141 advanced VLAN device manager 53 AgingTime eld 61 ip 7778 conguration advanced VLAN features 53 protocol-based VLAN 50 spanning tree group 137 Conguring a spanning tree group 209 Conguring aging, VLAN forwarding database 60 Conguring static forwarding 63 Conguring STG global settings Device Manager 136 Conguring STG global settings using the CLI 172 Conguring STG parameters using the CLI 174 Conguring the STP mode Device Manager 133
B
baby giant frames 23 Bridge Address 178, 213 BridgeAddress eld 142 BridgeForwardDelay eld 138 BridgeHelloTime eld 138 BridgeMaxAge eld 138 bridging conguring lters 65 MAC-layer 29
C
change detection about 34 congure 147 congure (CLI) 184 rules 34 Clearing learned MAC addresses 63 Color eld 44 cong ethernet commands stg 179, 215 cong policy-based VLANs device manager 50 cong port-based VLANs device manager 45 cong stg commands options 173, 210 cong vlan commands create 104
D
Deleting an STG 140 Designated Root 178, 213 DesignatedBridge eld 145, 183, 216 DesignatedCost eld 145, 183, 217 DesignatedPort eld 145, 183, 217 DesignatedRoot eld 143, 145, 183, 217 Displaying dened VLANs 43
E
EnableStp box 138 EnableStp eld 146, 181, 217 Enabling STP on a port 143
F
FastStart congure (NNCLI) 214 FastStart eld 146, 182, 217
252
FastStart, enabling 180 Forward Delay 178, 213 ForwardDelay eld 143 forwarding database, ushing 62 forwarding database, viewing 61 ForwardTransitions eld 146, 182, 217 frame protocol-based VLAN 25
MSTP, conguring globally 154 Multilink trunk adding to a VLAN with the CLI 80 adding to a VLAN with the NNCLI 109
N
Name eld 44, 54 nontagged ports 24 NotAllowToJoin eld 44 NumPorts eld 142, 179, 214
G
general VLAN action performing with the CLI 79 General VLAN action performing with the NNCLI 108 General VLAN information viewing with the NNCLI 110
P
PathCost eld 146, 182, 217 PID DSAP value 22 Ethernet SNAP 22 Ethernet type 2 22 invalid for user-dened protocol VLAN 22 VLAN conguration elds 45, 54 policy-based VLAN creating protocol-based 50 policy-based VLAN, about 19 Port eld 64, 66, 146, 182183, 217 Port Members eld 139 port-based VLAN about 18, 103 cli 74 create 45 PortMembers eld 44 Priority congure (NNCLI) 214 Priority eld 138, 146, 182, 217 Protocol Identier. See PID 22 Protocol Specication 179, 214 protocol-based VLAN about 20 cli 75 create 50 Protocol-based VLAN creating with the NNCLI 104 ProtocolId box 45, 54 ProtocolSpecication eld 142
H
Hello Time 178, 214 HelloTime eld 143 Hold Time 179, 214 HoldTime eld 143
I
IEEE 802.1Q 23 IfIndex eld 44, 54 IP address assigning to a VLAN with the NNCLI 107 deleting from a VLAN with the CLI 108 IP spoof detection conguring with the CLI 91
M
MAC address autolearning 58 MAC ltering Device Manager commands Address 67 ForwardingPorts 67 MltIds 67 MAC lters 30 MAC-layer bridging 29 MacAddress eld 55, 62, 64, 66 MACAddress, auto-learned 59 managing VLAN bridging device manager 60 Max Age 179, 214 MaxAge eld 143
Q
QosLevel eld 56, 62, 64, 66
253
R
Result eld 55 Root Cost 179, 214 Root Port 179, 214 RootCost eld 143 RootPort eld 143 RSTP MSTP 36 RSTP convergence time 41 RSTP Edge port 39 RSTP port status, viewing 153 RSTP Ports, conguring 150 RSTP, conguring global parameters
148
S
show ports commands info stg extended 183 stg main 181 show stg commands info cong 177 info status 177 show-all 212 show vlan info commands advance 91 all 80 arp 96 basic 78 fdb-entry 84 fdb-lter 84 ports 88, 97 userdened-advance 97 spanning tree groups changing 139 creating 137 deleting 139 editing 139 limitations 34 viewing status 141 with VLANs 34 Spanning Tree Protocol conguring topology change detection 184 State eld 147, 182, 218 Static multicast MAC entries conguring with the CLI 93 StaticMembers eld 44 Status eld 62 STG commands congure ports 179, 215
show-all 212 StgId box 44 StgId eld 147, 182183, 218 STGs. See spanning tree groups 141 STP bridge forward delay timer 33, 138 bridge hello timer 33, 138 bridge priority 138 bridge protocol data units (BPDU) 32 disabling 32 enable/disable 138 enabling 32 enabling SNMP traps 138 multiple spanning tree groups 31 port group membership 139 Spanning Tree FastStart 33 spanning tree groups 31 tagged BPDUs 32 topology change detection about 34 congure 147 congure (CLI) 184 rules 34 StpTrapEnable eld 138 SubnetAddr eld 45 SubnetMask eld 45
T
tagged frame 24 tagged or untagged frames 48 tagged port 24 TaggedBpduAddress eld 139 TaggedBpduVlanID eld 139 TimeSinceTopologyChange eld TOP CHANGES 214 TopChanges eld 142 topology change detection about 34 congure 147 congure (CLI) 184 congure (NNCLI) 214 rules 34 Topology Changes 179 Type box 44
142
U
untagged frames 24 Untagged frames
254
assigning to the default VLAN with the CLI 90 user-dened protocol-based VLAN about 22 User-dened, protocol-based VLAN creating with the NNCLI 106 UserDenedPidList eld 55
V
Viewing port STG information using the NNCLI 216 Viewing STG ports 144 VLAN adding ports with the CLI 85 conguring advanced VLAN features 53 coordinated across multiple switches 23 deleting with the CLI 89 device manager 43 enabling tagging 26 ID eld 44, 54, 62 ID, in source frame tag 23 in spanning tree groups 34 IPX protocol 21 multiplex trafc 24 policy-based, about 19 port-based 103 port-based, about 18 protocol-based 50 protocol-based, about 20 removing ports with the CLI 86 spanning multiple switches 17 tagged port 26 tagging, about 23 untagged port 26 user-dened about 22 invalid PIDs for 22 VLAN autolearn information viewing with the CLI 96 VLAN commands congure IP 7778 VLAN forwarding database entries Conguring VLAN forwarding database entries using the CLI 81 conguring with the NNCLI 110 deleting with the NNCLI 111 VLAN forwarding database lters conguring with the CLI 82 conguring with the NNCLI 112
deleting with the NNCLI 113 viewing with the NNCLI 115 VLAN forwarding database information viewing with the NNCLI 115 VLAN IGMP information viewing with the CLI 97 VLAN manual edit MAC information viewing with the CLI 95 VLAN name conguring with the CLI 89 VLAN Operation Action eld 55 VLAN port membership 57 VLAN static forwarding database members adding with the CLI 83 adding with the NNCLI 114 removing with the NNCLI 114 VLAN static MAC information viewing with the CLI 95 VLAN tagging on a port enabling with the CLI 90 VLANs creating 104
Nortel Ethernet Routing Switch 8300
Configuration VLANs and Spanning Tree

Copyright 2009 Nortel Networks All Rights Reserved.
Release: 4.2 Publication: NN46200-516 Document revision: 02.01 Document release date: 30 March 2009 To provide feedback or to report a problem in this document, go to www.nortel.com/documentfeedback. www.nortel.com LEGAL NOTICE While the information in this document is believed to be accurate and reliable, except as otherwise expressly agreed to in writing NORTEL PROVIDES THIS DOCUMENT "AS IS" WITHOUT WARRANTY OR CONDITION OF ANY KIND, EITHER EXPRESS OR IMPLIED. The information and/or products described in this document are subject to change without notice. THE SOFTWARE DESCRIBED IN THIS DOCUMENT IS FURNISHED UNDER A LICENSE AGREEMENT AND MAY BE USED ONLY IN ACCORDANCE WITH THE TERMS OF THAT LICENSE. Nortel, the Nortel logo, and the Globemark are trademarks of Nortel Networks. All other trademarks are the property of their respective owners.

Config Vlan Ans Spanning Tree in 8300

Uploaded by

Document Information

Original Description:

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Config Vlan Ans Spanning Tree in 8300

Uploaded by

Copyright:

Available Formats

Nortel Ethernet Routing Switch 8300

Conguration VLANs and Spanning Tree

Introduction VLAN and spanning tree fundamentals

VLAN configuration using Device Manager

VLAN configuration using the CLI

VLAN configuration using the NNCLI

Spanning Tree configuration using Device Manager

Spanning Tree configuration using the CLI

Spanning Tree configuration using the NNCLI

RSTP and MSTP CLI Configuration examples

Nortel Networks Inc. software license agreement

1. If Customer is the United States Government, the following paragraph

Nortel Networks Inc. software license agreement

2. Customer may terminate the license at any time. Nortel Networks

3. Customer is responsible for payment of any taxes, including personal

6. This License Agreement is governed by the laws of the country in

New in this release

Features (page 13) Other changes (page 14)

See the following sections for information about feature changes:

STP BPDU ltering

14 New in this release

Customer service (page 14)

VLAN and spanning tree fundamentals

Navigation VLAN overview

18 VLAN and spanning tree fundamentals

VLAN overview navigation

Policy-based VLANs navigation

20 VLAN and spanning tree fundamentals

Port membership types

Ports of this type are cannot join the VLAN.

Copyright 2009 Nortel Networks

22 VLAN and spanning tree fundamentals

User-defined, protocol-based VLANs

Independent VLAN Learning

VLAN tagging and port types

VLAN tagging and port types navigation

802.1Q tagged ports

24 VLAN and spanning tree fundamentals

Treatment of tagged and untagged frames

VLAN virtual router interfaces

VLAN implementation on the Ethernet Routing Switch 8300

VLAN implementation on the Ethernet Routing Switch 8300 navigation

Default VLAN (page 25) Unassigned VLAN (page 25)

26 VLAN and spanning tree fundamentals

VLAN conguration rules

VLAN feature support and scaling

Protocol-based Source MAC-based

Supported Not supported Supported Supported Not supported Supported

Default VLAN Unassigned VLAN Brouter ports

Supported Supported Not supported

Network Load Balancing Support

28 VLAN and spanning tree fundamentals Figure 4 Two-host cluster

Network Load Balancing Support modes of operation

VLAN MAC-layer bridging and ltering

30 VLAN and spanning tree fundamentals

IP spoong prevention within a VLAN

Spanning tree overview

Spanning Tree Protocol

Spanning tree overview

Spanning Tree Protocol navigation

Spanning Tree Groups

32 VLAN and spanning tree fundamentals Figure 5 Multiple STGs

Spanning Tree Protocol controls