VLAN Configuration
VLAN(Virtual Local Area Network)The commands for creating, deleting and adding members are shown in the table.
show vlan summary
Section titled “show vlan summary”[Command] show vlan summary
[Purpose] Display VLAN summary information
[View] System view
[Use Cases]
sonic# show vlan summary+-----------+----------------+-----------+----------------+---------------------+| VLAN ID | IP Address | Ports | Port Tagging | DHCP Helper Address |+===========+================+===========+================+=====================+| 1000 | 192.168.0.1/21 | Ethernet0 | untagged | 192.0.0.1 || | | Ethernet1 | untagged | 192.0.0.2 || | | Ethernet2 | untagged | 192.0.0.3 || | | Ethernet3 | untagged | 192.0.0.4 |+-----------+----------------+-----------+----------------+---------------------+| 1200 | | | | |Description of the show vlan summary command output
| Parameter | Description |
|---|---|
| VLAN ID | VLAN ID |
| IP address | IP address for SVI interface |
| Ports | VLAN member interface |
| Port Tagging | VLAN member interface properties |
| DHCP Helper Address | If the device has DHCP relay enabled and this VLAN is added as a downlink interface to a DHCP instance, then this section displays the DHCP Server IP address for that instance. |
show vlan vid
Section titled “show vlan vid”[Command] show vlan vidvlan-id show vlan all
[Purpose] Display VLAN specific information
[View] System view
[Use Cases]
sonic# show vlan vid 300VLAN ID: 300Route interface:Name: VLAN 300Tagged ports:Untagged ports:Ethernet1MAC-learning: enableshow vlan mac-trigger [vlan-id
Section titled “show vlan mac-trigger [vlan-id”[Command] show vlan mac-trigger [vlan-idvlan-id**]**
[Purpose] Show all VLAN mac-trigger details
[View] System view
[Use Cases]
sonic# show vlan mac-trigger+----------+----------+| VLANID | STATUS |+==========+==========+| 10 | enabled |+----------+----------+sonic# show vlan mac-trigger vlan-id 10+----------+----------+| VLANID | STATUS |+==========+==========+| 10 | enabled |+----------+----------+[Command] vlanvlan-id no vlanvlan-id
[Purpose] Create VLAN
[Parameter]
| Parameter | Description |
|---|---|
| vlan-id | vid(1-4094) |
[View] System configuration view
[Use Cases]
sonic# configure terminalsonic(config)# vlan 300sonic(config-vlan-300)# show this!vlan 300switchport {trunk|access} vlan
Section titled “switchport {trunk|access} vlan”[Command] switchport {trunk|access} vlanvlan-id
[Purpose] Add interface to VLAN
[Parameter]
| Parameter | Description |
|---|---|
| trunk | Add interface to VLAN with trunk mode |
| access | Add interface to VLAN with access mode |
[View] Interface view
[Usage Scenario] Frames sent by user hosts are untagged, and frames received by the interface from the peer device may be tagged. Therefore, the device should be configured with different modes when adding interfaces to VLANs, depending on the actual use case.
[Notes] Access Mode: An interface can only be added to one VLAN in access mode. When an interface is added to a VLAN in access mode, as an incoming interface, it can receive frames without VLAN tags or with VLAN IDs equal to the access value. As an outgoing interface, it compares the VLAN tag carried by the frame with the access value. If they are equal, it strips the VLAN tag from the frame; if they are not equal, it takes no action.
Trunk Mode: An interface can be added to multiple VLANs in trunk mode, indicating that it allows traffic to pass through without modifying the VLAN tag on the frame.
A physical interface can be added to different VLANs in both access and trunk modes.
[Use Cases]
sonic(config)# interface ethernet 1sonic(config-if-1)# switchport access vlan 10vlan-group
Section titled “vlan-group”[Command] vlan-groupvlan-id**-**vlan-id
[Purpose] Bulk create VLANs and enter VLAN configuration view
[Parameter]
| Parameter | Description |
|---|---|
| vlan-id-vlan-id | Specify the VLAN range |
[View] System configuration view
[Usage Scenario] When there is a need to configure a large number of VLANs with similar properties, this command allows entering the VLAN creation process and VLAN configuration view for modifying the configuration of these VLANs.
[Use Cases]
sonic(config)# vlan-group 10-20,30,40broadcast {flood|drop}
Section titled “broadcast {flood|drop}”[Command] broadcast {flood|drop}
[Purpose] Configure broadcast function handling
[Parameter]
| Parameter | Description |
|---|---|
| flood | Broadcast packets within a VLAN |
| drop | Drop broadcast packets |
[View] VLAN view
[Usage Scenario] Broadcast forwarding is a method of sending a data packet to all devices within the same VLAN. It can be used for sending ARP requests, DHCP requests, and similar functions. In a VLAN, whether broadcast packets are forwarded can be configured on the switch.
[Use Cases]
sonic# configure terminalsonic(config)# vlan 40sonic(config-vlan-40)# broadcast dropunknown-uni {flood|drop}
Section titled “unknown-uni {flood|drop}”[Command] unknown-uni {flood|drop}
[Purpose] Configure the processing of unknown unicast packets
[Parameter]
| Parameter | Description |
|---|---|
| flood | Broadcast packets within a VLAN |
| drop | Drop unknown unicast packets |
[View] VLAN view
[Usage Scenario] Unknown unicast refers to unicast data packets for which the switch cannot determine the VLAN in which the destination MAC address resides. If a VLAN needs to receive unknown unicast data, it can be configured in unknown unicast forwarding mode. If a VLAN does not need to forward unknown unicast data packets within it, it can be configured in discard mode.
[Use Cases]
sonic# configure terminalsonic(config)# vlan 40sonic(config-vlan-40)# unknown-uni dropmac-trigger enable
Section titled “mac-trigger enable”[Command] mac-trigger enable no mac-trigger enable
[Purpose] Enable the vlan mac-trigger function
[View] VLAN view
[Usage Scenario] This function is used in the fast migration scenario. The first packet sent by a terminal when migrating to a new device may not be an ARP/ND packet and cannot trigger the ARP/ND learning function. After enabling this command, when the MAC address of the terminal does not exist in the MAC address table on the device, the device can trigger mac-trigger to learn the neighbor table entry when it receives an IP packet from the terminal to complete the online operation of the terminal. Usually used in combination with DHCP Snooping and other features to ensure security.
[Use Cases]
sonic# configure terminalsonic(config)# vlan 40sonic(config-vlan-40)# mac-trigger enable