ServerIron ADX Switch and Router Guide
12.0.00
June 10, 2009

Table of Contents Previous Next Print


Configuring Virtual LANs (VLANs) > Routing Between VLANs (Layer 3 Switches Only)
Routing Between VLANs (Layer 3 Switches Only)
Brocade Layer 3 Switches can locally route IP between VLANs defined within a single router. All other routable protocols or protocol VLANs (for example, DecNet) must be routed by another external router capable of routing the protocol.
Virtual Routing Interfaces (Layer 3 Switches Only)
You need to configure virtual routing interfaces if an IP subnet VLAN needs to route IP packets to another port-based VLAN on the same router. A virtual routing interface can be associated with the ports in only a single port-based VLAN. Virtual router interfaces must be defined at the highest level of the VLAN hierarchy.
If you do not need to further partition the port-based VLAN by defining separate Layer 3 VLANs, you can define a single virtual routing interface at the port-based VLAN level and enable IP routing on a single virtual routing interface.
Bridging and Routing the Same Protocol Simultaneously
on the Same Device (Layer 3 Switches Only)
Some configurations may require simultaneous switching and routing of the same single protocol across different sets of ports on the same router. When IP routing is enabled on a Brocade Layer 3 Switch, you can route these protocols on specific interfaces while bridging them on other interfaces. In this scenario, you can create two separate backbones for the same protocol, one bridged and one routed.
To bridge IP at the same time these protocols are being routed, you need to configure an IP subnet VLAN and not assign a virtual routing interface to the VLAN. Packets for these protocols are bridged or switched at Layer 2 across ports on the router that are included in the Layer 3 VLAN. If these VLANs are built within port-based VLANs, they can be tagged across a single set of backbone fibers to create separate Layer 2 switched and Layer 3 routed backbones for the same protocol on a single physical backbone.
Routing Between VLANs Using Virtual Routing Interfaces (Layer 3 Switches Only)
Brocade calls the ability to route between VLANs with virtual routing interfaces Integrated Switch Routing (ISR). There are some important concepts to understand before designing an ISR backbone.
Virtual router interfaces can be defined on port-based, IP subnet VLANs.
To create any type of VLAN on a Brocade Layer 3 Switch, Layer 2 forwarding must be enabled. When Layer 2 forwarding is enabled, the Layer 3 Switch becomes a Switch on all ports for all non-routable protocols.
If the router interfaces for IP are configured on physical ports, then routing occurs independent of the Spanning Tree Protocol (STP). However, if the router interfaces are defined for any type VLAN, they are virtual routing interfaces and are subject to the rules of STP.
If your backbone is consisted of virtual routing interfaces all within the same STP domain, it is a bridged backbone, not a routed one. This means that the set of backbone interfaces that are blocked by STP will be blocked for routed protocols as well. The routed protocols will be able to cross these paths only when the STP state of the link is FORWARDING. This problem is easily avoided by proper network design.
When designing an ISR network, pay attention to your use of virtual routing interfaces and the spanning-tree domain. If Layer 2 switching of your routed protocols (IP) is not required across the backbone, then the use of virtual routing interfaces can be limited to edge switch ports within each router. Full backbone routing can be achieved by configuring routing on each physical interface that connects to the backbone. Routing is independent of STP when configured on a physical interface.
If your ISR design requires that you switch IP at Layer 2 while simultaneously routing the same protocol over a single backbone, then create multiple port-based VLANs and use VLAN tagging on the backbone links to separate your Layer 2 switched and Layer 3 routed networks.
There is a separate STP domain for each port-based VLAN. Routing occurs independently across port-based VLANs or STP domains. You can define each end of each backbone link as a separate tagged port-based VLAN. Routing will occur independently across the port-based VLANs. Because each port-based VLAN’s STP domain is a single point-to-point backbone connection, you are guaranteed to never have an STP loop. STP will never block the virtual router interfaces within the tagged port-based VLAN, and you will have a fully routed backbone.
Dynamic Port Assignment (Layer 2 Switches and Layer 3 Switches)
All switch ports are dynamically assigned to any Layer 3 VLAN on Brocade Layer 2 Switches and any non-routable VLAN on Brocade Layer 3 Switches. To maintain explicit control of the VLAN, you can explicitly exclude ports when configuring any Layer 3 VLAN on a Brocade Layer 2 Switch or any non-routable Layer 3 VLAN on a Brocade Layer 3 Switch.
If you do not want the ports to have dynamic membership, you can add them statically. This eliminates the need to explicitly exclude the ports that you do not want to participate in a particular Layer 3 VLAN.
Assigning a Different VLAN ID to the Default VLAN
When you enable port-based VLANs, all ports in the system are added to the default VLAN. By default, the default VLAN ID is “VLAN 1”. The default VLAN is not configurable. If you want to use the VLAN ID “VLAN 1” as a configurable VLAN, you can assign a different VLAN ID to the default VLAN.
To reassign the default VLAN to a different VLAN ID, enter the following command:
ServerIron(config)# default-vlan-id 4095
Syntax: [no] default-vlan-d <vlan-id>
You must specify a valid VLAN ID that is not already in use. For example, if you have already defined VLAN 10, do not try to use “10” as the new VLAN ID for the default VLAN. Valid VLAN IDs are numbers from 1 – 4096.
NOTE: Changing the default VLAN name does not change the properties of the default VLAN. Changing the name allows you to use the VLAN ID “1” as a configurable VLAN.
NOTE: VLAN ID 4094 is reserved for use by Single STP.
Assigning Trunk Group Ports
When a “lead” trunk group port is assigned to a VLAN, all other members of the trunk group are automatically added to that VLAN. A lead port is the first port of a trunk group port range; for example, “1” in 1 – 4 or “5” in
5 – 8. See “Trunk Group Rules” for more information.
Configuring Port-Based VLANs
Port-based VLANs allow you to provide separate spanning tree protocol (STP) domains or broadcast domains on a port-by-port basis.
This section describes how to perform the following tasks for port-based VLANs using the CLI:
Create a VLAN.
Delete a VLAN.
Modify a VLAN.
Assign a higher priority to the VLAN.
Change a VLAN’s priority.
Enable or disable STP on the VLAN.
EXAMPLE: 
Figure 5.8 shows a simple port-based VLAN configuration using a single Brocade Layer 2 Switch. All ports within each VLAN are untagged. One untagged port within each VLAN is used to connect the Layer 2 Switch to a Layer 3 Switch (in this example, a NetIron) for Layer 3 connectivity between the two port-based VLANs.
Figure 5.8
Port-based VLANs 222 and 333
To create the two port-based VLANs shown in Figure 5.8, use the following method.
ServerIron(config)# vlan 222 by port
ServerIron(config-vlan-222)# untag e 1 to 8
ServerIron(config-vlan-222)# vlan 333 by port
ServerIron(config-vlan-333)# untag e 9 to 16
Syntax: vlan <vlan-id> by port
Syntax: untagged ethernet <portnum> [to <portnum> | ethernet <portnum>]
EXAMPLE: 
Figure 5.9 shows a more complex port-based VLAN configuration using multiple Layer 2 Switches and IEEE 802.1q VLAN tagging. The backbone link connecting the three Layer 2 Switches is tagged. One untagged port within each port-based VLAN on ServerIron-A connects each separate network wide Layer 2 broadcast domain to the router for Layer 3 forwarding between broadcast domains. The STP priority is configured to force ServerIron-A to be the root bridge for VLANs RED and BLUE. The STP priority on ServerIron-B is configured so that ServerIron-B is the root bridge for VLANs GREEN and BROWN.
Figure 5.9
More complex port-based VLAN
To configure the Port-based VLANs on the ServerIron ADX Layer 2 Switches in Figure 5.9, use the following method.
Configuring ServerIron ADX-A
Enter the following commands to configure ServerIron ADX-A:
ServerIron> enable
ServerIron# configure terminal
ServerIron(config)# hostname ServerIron-A
ServerIron-A(config)# vlan 2 name BROWN
ServerIron-A(config-vlan-2)# untag ethernet 1 to 4 ethernet 17
ServerIron-A(config-vlan-2)# tag ethernet 25 to 26
ServerIron-A(config-vlan-2)# spanning-tree
ServerIron-A(config-vlan-2)# vlan 3 name GREEN
ServerIron-A(config-vlan-3)# untag ethernet 5 to 8 ethernet 18
ServerIron-A(config-vlan-3)# tag ethernet 25 to 26
ServerIron-A(config-vlan-3)# spanning-tree
ServerIron-A(config-vlan-3)# vlan 4 name BLUE
ServerIron-A(config-vlan-4)# untag ethernet 9 to 12 ethernet 19
ServerIron-A(config-vlan-4)# tag ethernet 25 to 26
ServerIron-A(config-vlan-4)# spanning-tree
ServerIron-A(config-vlan-4)# spanning-tree priority 500
ServerIron-A(config-vlan-4)# vlan 5 name RED
ServerIron-A(config-vlan-5)# untag ethernet 13 to 16 ethernet 20
ServerIron-A(config-vlan-5)# tag ethernet 25 to 26
ServerIron-A(config-vlan-5)# spanning-tree
ServerIron-A(config-vlan-5)# spanning-tree priority 500
ServerIron-A(config-vlan-5)# end
ServerIron-A# write memory
Configuring ServerIron ADX-B
Enter the following commands to configure ServerIron-B:
ServerIron> enable
ServerIron# configure terminal
ServerIron(config)# hostname ServerIron-B
ServerIron-B(config)# vlan 2 name BROWN
ServerIron-B(config-vlan-2)# untag ethernet 1 to 4
ServerIron-B(config-vlan-2)# tag ethernet 25 to 26
ServerIron-B(config-vlan-2)# spanning-tree
ServerIron-B(config-vlan-2)# spanning-tree priority 500
ServerIron-B(config-vlan-2)# vlan 3 name GREEN
ServerIron-B(config-vlan-3)# untag ethernet 5 to 8
ServerIron-B(config-vlan-3)# tag ethernet 25 to 26
ServerIron-B(config-vlan-3)# spanning-tree
ServerIron-B(config-vlan-3)# spanning-tree priority 500
ServerIron-B(config-vlan-3)# vlan 4 name BLUE
ServerIron-B(config-vlan-4)# untag ethernet 9 to 12
ServerIron-B(config-vlan-4)# tag ethernet 25 to 26
ServerIron-B(config-vlan-4)# vlan 5 name RED
ServerIron-B(config-vlan-5)# untag ethernet 13 to 16
ServerIron-B(config-vlan-5)# tag ethernet 25 to 26
ServerIron-B(config-vlan-5)# end
ServerIron-B# write memory
Configuring ServerIron ADX-C
Enter the following commands to configure ServerIron-C:
ServerIron> en
ServerIron# configure terminal
ServerIron(config)# hostname ServerIron-C
ServerIron-C(config)# vlan 2 name BROWN
ServerIron-C(config-vlan-2)# untag ethernet 1 to 4
ServerIron-C(config-vlan-2)# tag ethernet 25 to 26
ServerIron-C(config-vlan-2)# vlan 3 name GREEN
ServerIron-C(config-vlan-3)# untag ethernet 5 to 8
ServerIron-C(config-vlan-3)# tag ethernet 25 to 26
ServerIron-C(config-vlan-3)# vlan 4 name BLUE
ServerIron-C(config-vlan-4)# untag ethernet 9 to 12
ServerIron-C(config-vlan-4)# tag ethernet 25 to 26
ServerIron-C(config-vlan-4)# vlan 5 name RED
ServerIron-C(config-vlan-5)# untag ethernet 13 to 16
ServerIron-C(config-vlan-5)# tag ethernet 25 to 26
ServerIron-C(config-vlan-5)# end
ServerIron-C# write memory
Syntax: vlan <vlan-id> by port
Syntax: untagged ethernet | pos <portnum> [to <portnum> | ethernet <portnum>]
Syntax: tagged ethernet | pos <portnum> [to <portnum> | ethernet <portnum>]
Syntax: [no] spanning-tree
Syntax: spanning-tree [ethernet <portnum> path-cost <value> priority <value>] forward-delay <value>
hello-time <value> maximum-age <time> priority <value>
Modifying a Port-Based VLAN
You can make the following modifications to a port-based VLAN:
Add or delete a VLAN port.
Change its priority.
Enable or disable STP.
Removing a Port-Based VLAN
Suppose you want to remove VLAN 5 from the example in Figure 5.9. To do so, use the following procedure.
1.
Access the global CONFIG level of the CLI on by entering the following commands:
ServerIron-A> enable
No password has been assigned yet...
ServerIron-A# configure terminal
ServerIron-A(config)#
2.
Enter the following command:
ServerIron-A(config)# no vlan 5
ServerIron-A(config)#
3.
Enter the following commands to exit the CONFIG level and save the configuration to the system-config file on flash memory:
ServerIron-A(config)#
ServerIron-A(config)# end
ServerIron-A# write memory
FastIron-A#
4.
Repeat steps 1 – 3 on ServerIron-B.
Syntax: no vlan <vlan-id> by port
Removing a Port from a VLAN
Suppose you want to remove port 11 from VLAN 4 on ServerIron-A shown in Figure 5.9. To do so, use the following procedure.
1.
Access the global CONFIG level of the CLI on ServerIron-A by entering the following command:
ServerIron-A> enable
No password has been assigned yet...
ServerIron-A# configure terminal
ServerIron-A(config)#
2.
Access the level of the CLI for configuring port-based VLAN 4 by entering the following command:
ServerIron-A(config)#
ServerIron-A(config)# vlan 4
ServerIron-A(config-vlan-4)#
3.
Enter the following commands:
ServerIron-A(config-vlan-4)#
ServerIron-A(config-vlan-4)# no untag ethernet 11
deleted port ethe 11 from port-vlan 4.
ServerIron-A(config-vlan-4)#
4.
Enter the following commands to exit the VLAN CONFIG mode and save the configuration to the system-config file on flash memory:
ServerIron-A(config-vlan-4)#
ServerIron-A(config-vlan-4)# end
ServerIron-A# write memory
ServerIron-A#
Enable Spanning Tree on a VLAN
The spanning tree bridge and port parameters are configurable using one CLI command set at the Global Configuration Level of each Port-based VLAN. Suppose you want to enable the IEEE 802.1d STP across VLAN 3. To do so, use the following method.
NOTE: When port-based VLANs are not operating on the system, STP is set on a system-wide level at the global CONFIG level of the CLI.
1.
Access the global CONFIG level of the CLI on ServerIron-A by entering the following commands:
ServerIron-A> enable
No password has been assigned yet...
ServerIron-A# configure terminal
ServerIron-A(config)#
2.
Access the level of the CLI for configuring port-based VLAN 3 by entering the following command:
ServerIron-A(config)#
ServerIron-A(config)# vlan 3
ServerIron-A(config-vlan-3)#
3.
From VLAN 3’s configuration level of the CLI, enter the following command to enable STP on all tagged and untagged ports associated with VLAN 3.
ServerIron-B(config-vlan-3)#
ServerIron-B(config-vlan-3)# spanning-tree
ServerIron-B(config-vlan-3)#
4.
Enter the following commands to exit the VLAN CONFIG mode and save the configuration to the system-config file on flash memory:
ServerIron-B(config-vlan-3)#
ServerIron-B(config-vlan-3)# end
ServerIron-B# write memory
ServerIron-B#
5.
Repeat steps 1 – 4.
NOTE: You do not need to configure values for the STP parameters. All parameters have default values as noted below. Additionally, all values will be globally applied to all ports on the system or on the port-based VLAN for which they are defined.
To configure a specific path-cost or priority value for a given port, enter those values using the key words in the brackets [ ] shown in the syntax summary below. If you do not want to specify values for any given port, this portion of the command is not required.
Syntax: vlan <vlan-id> by port
Syntax: [no] spanning-tree
Syntax: spanning-tree [ethernet <portnum> path-cost <value> priority <value>] forward-delay <value>
hello-time <value> maximum-age <time> priority <value>
Bridge STP Parameters (applied to all ports within a VLAN)
Forward Delay – the period of time a bridge will wait (the listen and learn period) before forwarding data packets. Possible values: 4 – 30 seconds. Default is 15.
Maximum Age – the interval a bridge will wait for receipt of a hello packet before initiating a topology change. Possible values: 6 – 40 seconds. Default is 20.
Hello Time – the interval of time between each configuration BPDU sent by the root bridge. Possible values:
1 – 10 seconds. Default is 2.
Priority – a parameter used to identify the root bridge in a network. The bridge with the lowest value has the highest priority and is the root. Possible values: 1 – 65,535. Default is 32,678.
Port Parameters (applied to a specified port within a VLAN)
Path Cost – a parameter used to assign a higher or lower path cost to a port. Possible values: 1 – 65535. Default is (1000/Port Speed) for Half-Duplex ports and is (1000/Port Speed)/2 for Full-Duplex ports.
Priority – value determines when a port will be rerouted in relation to other ports. Possible values: 0 – 255. Default is 128.
Configuring Virtual LANs (VLANs) > Routing Between VLANs (Layer 3 Switches Only)

Table of Contents Previous Next Print
Copyright © 2009 Brocade Communications Systems, Inc.