Configuring Protocol VLAN

CHAPTERS

1. Overview

2. Protocol VLAN Configuration

3. Configuration Example

4. Appendix: Default Parameters

This guide applies to:

T1500G-8T v2 or above, T1500G-10PS v2 or above, T1500G-10MPS v2 or above, T1500-28PCT v3 or above, T1600G-18TS v2 or above, T1600G-28TS v3 or above, T1600G-28PS v3 or above, T1600G-52TS v3 or above, T1600G-52PS v3 or above, T1700X-16TS v3 or above, T1700G-28TQ v3 or above, T2500G-10TS v2 or above, T2600G-18TS v2 or above, T2600G-28TS v3 or above, T2600G-28MPS v3 or above, T2600G-28SQ v1 or above, T2600G-52TS v3 or above.

1Overview

Protocol VLAN is a technology that divides VLANs based on the network layer protocol. With the protocol VLAN rule configured on the basis of the existing 802.1Q VLAN, the switch can analyze specific fields of received packets, encapsulate the packets in specific formats, and forward the packets with different protocols to the corresponding VLANs. Since different applications and services use different protocols, network administrators can use protocol VLAN to manage the network based on specific applications and services.

The figure below shows a common application scenario of protocol VLAN. With protocol VLAN configured, Switch 2 can forward IPv4 and IPv6 packets from different VLANs to the IPv4 and IPv6 networks respectively.

Figure 1-1 Common Application Scenario of Protocol VLAN

2Protocol VLAN Configuration

To complete protocol VLAN configuration, follow these steps:

1)Configure 802.1Q VLAN.

2)Create protocol template.

3)Configure Protocol VLAN.

Configuration Guidelines

You can use the IP, ARP, RARP, and other protocol templates provided by TP-Link switches, or create new protocol templates.

In a protocol VLAN, when a port receives an untagged data packet, the switch will first search for the protocol VLAN matching the protocol type value of the packet. (If MAC VLAN is also configured, the switch will first process MAC VLAN.) If there is a match, the switch will insert the corresponding VLAN tag to the data packet and forward it within the VLAN. Otherwise, the switch will forward the data packet to the default VLAN based on the PVID (Port VLAN ID) of the receiving port. When the port receives a tagged data packet, the switch will directly process the data packet according to the processing rule of the 802.1Q VLAN.

2.1Using the GUI

2.1.1Configuring 802.1Q VLAN

Before configuring protocol VLAN, create an 802.1Q VLAN and set the port type according to network requirements. For details, refer to Configuring 802.1Q VLAN.

2.1.2Creating Protocol Template

Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol Template to load the following page.

Figure 2-1 Check the Protocol Template

Follow these steps to create a protocol template:

1)Check whether your desired template already exists in the Protocol Template Config section. If not, click to create a new template.

Figure 2-2 Creating a Protocol Template

Template Name

Give a protocol name to identify the protocol template.

Frame Type

Select the frame type of the new protocol template.

Ethernet II: A common Ethernet frame format. Select to specify the Frame Type by entering the Ether Type.

SNAP: An Ethernet 802.3 frame format based on IEEE 802.3 and IEEE 802.2 SNAP. Select to specify the Frame Type by entering the Ether Type.

LLC: An Ethernet 802.3 frame format based on IEEE 802.3 and IEEE 802.2 LLC. Select to specify the Frame Type by entering the DSAP and SSAP.

Ether Type

Enter the Ethernet protocol type value for the protocol template. It is available when Ethernet II and SNAP is selected. It is the Ether Type field in the frame and is used to identify the data type of the frame.

DSAP

Enter the DSAP value for the protocol template. It is available when LLC is selected. It is the DSAP field in the frame and is used to identify the data type of the frame.

SSAP

Enter the SSAP value for the protocol template. It is available when LLC is selected. It is the SSAP field in the frame and is used to identify the data type of the frame.

2)Click Create.

Note:

A protocol template that is bound to a VLAN cannot be deleted.

2.1.3 Configuring Protocol VLAN

Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol VLAN Group and click to load the following page.

Figure 2-3 Configure the Protocol VLAN Group

Follow these steps to configure the protocol group:

1)In the Protocol Group Config section, specify the following parameters.

Template Name

Select the previously defined protocol template.

VLAN ID/Name

Enter the ID number or name of the 802.1Q VLAN that will be bound to the Protocol VLAN..

802.1p Priority

Specify the 802.1p priority for the packets that belong to the protocol VLAN. The switch will determine the forwarding sequence according this value. The packets with larger value of 802.1p priority have the higher priority.

2)Select the desired ports. Click Create.

Note:

The member port of an LAG (Link Aggregation Group) follows the configuration of the LAG and not its own. The configurations of the port can take effect only after it leaves the LAG.

2.2Using the CLI

2.2.1Configuring 802.1Q VLAN

Before configuring protocol VLAN, create an 802.1Q VLAN and set the port type according to network requirements. For details, refer to Configuring 802.1Q VLAN.

2.2.2Creating a Protocol Template

Follow these steps to create a protocol template:

Step 1

configure

Enter global configuration mode.

Step 2

protocol-vlan template name protocol-name frame { ether_2 ether-type type | snap ether-type type | llc dsap dsap_type ssap ssap_type }

Create a protocol template.

protocol-name: Specify the protocol name with 1 to 8 characters.

type: Enter4 hexadecimal numbers as the Ethernet protocol type for the protocol template. It is the Ether Type field in the frame and is used to identify the data type of the frame.

dsap_type: Enter 2 hexadecimal numbers as the DSAP value for the protocol template. It is the DSAP field in the frame and is used to identify the data type of the frame.

ssap_type: Enter 2 hexadecimal numbers as the SSAP value for the protocol template. It is the SSAP field in the frame and is used to identify the data type of the frame.

Step 3

show protocol-vlan template

Verify the protocol templates.

Step 4

end

Return to Privileged EXEC Mode.

Step 5

copy running-config startup-config

Save the settings in the configuration file.

The following example shows how to create an IPv6 protocol template:

Switch#configure

Switch(config)#protocol-vlan template name IPv6 frame ether_2 ether-type 86dd

Switch(config)#show protocol-vlan template

Index Protocol Name Protocol Type

------- ----------------- --------------------------------

1 IP EthernetII ether-type 0800

2 ARP EthernetII ether-type 0806

3 RARP EthernetII ether-type 8035

4 IPX SNAP ether-type 8137

5 AT SNAP ether-type 809B

6 IPv6 EthernetII ether-type 86DD

Switch(config)#end

Switch#copy running-config startup-config

2.2.3Configuring Protocol VLAN

Follow these steps to configure protocol VLAN:

Step 1

configure

Enter global configuration mode.

Step 2

show protocol-vlan template

Check the index of each protocol template.

Step 3

protocol-vlan vlan vid priority priority template index

Bind the protocol template to the VLAN.

vid : Enter the ID number of the 802.1Q VLAN that will be bound to the Protocol VLAN.

priority : Specify the 802.1p priority for the packets that belong to the protocol VLAN. The switch will determine the forwarding sequence according this value. The packets with larger value of 802.1p priority have the higher priority.

index : Specify the protocol template index.

Step 4

show protocol-vlan vlan

Check the protocol VLAN index (entry-id) of each protocol group.

Step 5

interface {fastEthernet port | range fastEthernet port-list | gigabitEthernet port | range gigabitEthernet port-list | ten-gigabitEthernet port | range ten-gigabitEthernet port-list | port-channel port-channel-id | range port-channel port-channel-list}

Enter interface configuration mode.

Step 6

protocol-vlan group entry-id

Add the specified port to the protocol group.

entry-id: Protocol VLAN index.

Step 7

end

Return to Privileged EXEC Mode.

Step 8

copy running-config startup-config

Save the settings in the configuration file.

The following example shows how to bind the IPv6 protocol template to VLAN 10 and add port 1/0/2 to protocol VLAN:

Switch#configure

Switch(config)#show protocol-vlan template

Index Protocol Name Protocol Type

-------- ------------------ --------------------------------

1 IP EthernetII ether-type 0800

2 ARP EthernetII ether-type 0806

3 RARP EthernetII ether-type 8035

4 IPX SNAP ether-type 8137

5 AT SNAP ether-type 809B

6 IPv6 EthernetII ether-type 86DD

Switch(config)#protocol-vlan vlan 10 priority 5 template 6

Switch(config)#show protocol-vlan vlan

Index Protocol-Name VID Priority Member

-------- -------------------- ------ ------ ------

1 IPv6 10 0

Switch(config)#interface gigabitEthernet 1/0/2

Switch(config-if)#protocol-vlan group 1

Switch(config-if)#show protocol-vlan vlan

Index Protocol-Name VID Priority Member

------ ------------------ ------ -------- ------------

1 IPv6 10 5 Gi1/0/2

Switch(config-if)#end

Switch#copy running-config startup-config

3Configuration Example

3.1Network Requirements

A company uses both IPv4 and IPv6 hosts, and these hosts access the IPv4 network and IPv6 network respectively via different routers. It is required that IPv4 packets are forwarded to the IPv4 network, IPv6 packets are forwarded to the IPv6 network, and other packets are dropped.

The figure below shows the network topology. The IPv4 host belongs to VLAN 10, the IPv6 host belongs to VLAN 20, and these hosts access the network via Switch 1. Switch 2 is connected to two routers to access the IPv4 network and IPv6 network respectively. The routers belong to VLAN 10 and VLAN 20 respectively.

Figure 3-1 Network Topology

3.2Configuration Scheme

You can configure protocol VLAN on port 1/0/1 of Switch 2 to meet this requirement. When this port receives packets, Switch 2 will forward them to the corresponding VLANs according to their protocol types. The overview of the configuration on Switch 2 is as follows:

1)Create VLAN 10 and VLAN 20 and add each port to the corresponding VLAN.

2)Use the IPv4 protocol template provided by the switch, and create the IPv6 protocol template.

3)Bind the protocol templates to the corresponding VLANs to form protocol groups, and add port 1/0/1 to the groups.

For Switch 1, configure 802.1Q VLAN according to the network topology.

Demonstrated with T2600G-28TS, this chapter provides configuration procedures in two ways: using the GUI and using the CLI.

3.3Using the GUI

Configurations for Switch 1

1)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > VLAN Config and click to load the following page. Create VLAN 10, and add untagged port 1/0/1 and untagged port 1/0/3 to VLAN 10. Click Create.

Figure 3-2 Create VLAN 10

2)Click to load the following page. Create VLAN 20, and add untagged ports 1/0/2-3 to VLAN 20. Click Create.

Figure 3-3 Create VLAN 20

3)Click to save the settings.

Configurations for Switch 2

1)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > VLAN Config and click to load the following page. Create VLAN 10, and add tagged port 1/0/1 and untagged port 1/0/2 to VLAN 10. Click Create.

Figure 3-4 Create VLAN 10

2)Click to load the following page. Create VLAN 20, and add tagged port 1/0/1 and untagged port 1/0/3 to VLAN 20. Click Create.

Figure 3-5 Create VLAN 20

3)Choose the menu L2 FEATURES > VLAN > 802.1Q VLAN > Port Config to load the following page. Set the PVID of port 1/0/2 and port 1/0/3 as 10 and 20 respectively . Click Apply.

Figure 3-6 Port Configuration

4)Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol Template and click to load the following page. Enter IPv6 in the protocol name, select the Ethernet II frame type, enter 86DD in the Ether Type field, and click Create to create the IPv6 protocol template.

Note:

The IPv4 protocol template is already provided by the switch. You only need to create the IPv6 protocol template.

Figure 3-7 Create the IPv6 Protocol Template

5)Choose the menu L2 FEATURES > VLAN > Protocol VLAN > Protocol VLAN Group and click to load the following page. Select the IP protocol name (that is the IPv4 protocol template), enter VLAN ID 10, select port 1, and click Create. Select the IPv6 protocol name, enter VLAN ID 20, select port 1, and click Create.

Figure 3-8 Configure the IPv4 Protocol Group

Figure 3-9 Configure the IPv6 Protocol Group

6)Click to save the settings.

3.4Using the CLI

Configurations for Switch 1

1)Create VLAN 10 and VLAN 20.

Switch_1#configure

Switch_1(config)#vlan 10

Switch_1(config-vlan)#name IPv4

Switch_1(config-vlan)#exit

Switch_1(config)#vlan 20

Switch_1(config-vlan)#name IPv6

Switch_1(config-vlan)#exit

2)Add untagged port 1/0/1 to VLAN 10. Add untagged port 1/0/2 to VLAN 20. Add untagged port 1/0/3 to both VLAN10 and VLAN 20.

Switch_1(config)#interface gigabitEthernet 1/0/1

Switch_1(config-if)#switchport general allowed vlan 10 untagged

Switch_1(config-if)#exit

Switch_1(config)#interface gigabitEthernet 1/0/2

Switch_1(config-if)#switchport general allowed vlan 20 untagged

Switch_1(config-if)#exit

Switch_1(config)#interface gigabitEthernet 1/0/3

Switch_1(config-if)#switchport general allowed vlan 10,20 untagged

Switch_1(config-if)#end

Switch_1#copy running-config startup-config

Configurations for Switch 2

1)Create VLAN 10 and VLAN 20.

Switch_2#configure

Switch_2(config)#vlan 10

Switch_2(config-vlan)#name IPv4

Switch_2(config-vlan)#exit

Switch_2(config)#vlan 20

Switch_2(config-vlan)#name IPv6

Switch_2(config-vlan)#exit

2)Add tagged port 1/0/1 to both VLAN 10 and VLAN 20. Specify the PVID of untagged port 1/0/2 as 10 and add it to VLAN 10. Specify the PVID of untagged port 1/0/3 as 20 and add it to VLAN 20.

Switch_2(config)#interface gigabitEthernet 1/0/1

Switch_2(config-if)#switchport general allowed vlan 10,20 tagged

Switch_2(config-if)#exit

Switch_2(config)#interface gigabitEthernet 1/0/2

Switch_2(config-if)#switchport pvid 10

Switch_2(config-if)#switchport general allowed vlan 10 untagged

Switch_2(config-if)#exit

Switch_2(config)#interface gigabitEthernet 1/0/3

Switch_2(config-if)#switchport mode general

Switch_2(config-if)#switchport pvid 20

Switch_2(config-if)#switchport general allowed vlan 20 untagged

Switch_2(config-if)#exit

3)Create the IPv6 protocol template.

Switch_2(config)#protocol-vlan template name IPv6 frame ether_2 ether-type 86dd

Switch_2(config)#show protocol-vlan template

Index Protocol Name Protocol Type

---- --------- ------------------------------------

1 IP EthernetII ether-type 0800

2 ARP EthernetII ether-type 0806

3 RARP EthernetII ether-type 8035

4 IPX SNAP ether-type 8137

5 AT SNAP ether-type 809b

6 IPv6 Ethernet II ether-type 86dd

4)Configure the protocol groups.

Switch_2(config)#protocol-vlan vlan 10 priority 0 template 1

Switch_2(config)#protocol-vlan vlan 20 priority 0 template 6

5)Add port 1/0/1 to the protocol groups.

Switch_2(config)#show protocol-vlan vlan

Index Protocol-Name VID Member

---- --------------- ---------- -------------

1 IP 10

2 IPv6 20

Switch_2(config)#interface gigabitEthernet 1/0/1

Switch_2(config-if)#protocol-vlan group 1

Switch_2(config-if)#protocol-vlan group 2

Switch_2(config-if)#exit

Switch_2(config)#end

Switch_2#copy running-config startup-config

Verify the Configurations

Switch 1

Verify 802.1Q VLAN configuration:

Switch_1#show vlan

VLAN Name Status Ports

-------- ------------- --------- --------------------------------------------

1 System-VLAN active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4

......

Gi1/0/25, Gi1/0/26, Gi1/0/27, Gi1/0/28

10 IPv4 active Gi1/0/1, Gi1/0/3

20 IPv6 active Gi1/0/2, Gi1/0/3

Switch 2

Verify 802.1Q VLAN configuration:

Switch_2#show vlan

VLAN Name Status Ports

------- ------------- ---------- --------------------------------------------

1 System-VLAN active Gi1/0/1, Gi1/0/2, Gi1/0/3, Gi1/0/4

......

Gi1/0/25, Gi1/0/26, Gi1/0/27, Gi1/0/28

10 IPv4 active Gi1/0/1, Gi1/0/2

20 IPv6 active Gi1/0/1, Gi1/0/3

Verify protocol group configuration:

Switch_2#show protocol-vlan vlan

Index Protocol-Name VID Priority Member

-------- --------------------- ------ ------ -----------

1 IP 10 0 Gi1/0/1

2 IPv6 20 0 Gi1/0/1

4Appendix: Default Parameters

Default settings of Protocol VLAN are listed in the following table.

Table 4-1Default Settings of Protocol VLAN

Parameter

Default Setting

Protocol Template Table

1 IP Ethernet II ether-type 0800

2 ARP Ethernet II ether-type 0806

3 RARP Ethernet II ether-type 8035

4 IPX SNAP ether-type 8137

5 AT SNAP ether-type 809B