The switch can operate in one of the following modes: "isolate" or "transparent".
In "isolate" mode, packet switching is based on the port isolation rules. External ports are isolated from each other and traffic from each of them is redirected to the internal ports according to the port isolation rules, so that any direct traffic between the external ports is impossible. This is the basic mode, used by default, including situations when there are no any VLAN settings or 802.1Q-support is disabled in "transparent" mode.
In "transparent" mode, direct traffic transmission between external ports (without involving the internal ones) is possible, packet switching is performed according to the VLAN-tags and internal “port - VLAN-tag” correspondence table, if it exists.
Default settings
- By default the switch operates in "isolate" mode, i.e. all the ports are isolated from each other, even if they are located in the same VLAN
- All the ports operate in "trunk" mode with "native VLAN 1" for untagged traffic
- radio interface is up and operates within the switch as a regular port
- DHCP-client is enabled on the management interface "mgmt".
"port" command
Use this command for the built-in switch management.
Syntax:
#1> port [arguments]
port [-scheme=SCHEME] [-mgmt=PORT_SET] [-radio=PORT_SET] port -d1q[=[disable|enable]] port -vlan={RANgeLIST} [{-priority=PRIO|-nopriority}] port -vlan={RANgeLIST} [-stp] [-nostp] [{-spriority=STPPRIO|-nospriority}] [-sforward[=enable|disable]] port -vlan={RANgeLIST} -remove={RANgeLIST} port [PORT_SET] [-access=TAG] [-native=TAG] [-mode={access|trunk}] port [PORT_SET] [-allow={RANgeLIST}] [-disallow={RANgeLIST}] port [PORT_SET] [-limit={RATE_LIMIT}] [-nolimit] [-qosmode={wrr|st3|st23|strict}] port [PORT_SET] stat|clear|vtt|stt [VID]|fdb-show|dump RANgeLIST: RANge[,RANge...] RANge: {TAG[-TAG]|all} PRIO: {0..7} - DOT1P frame priority RATE_LIMIT: {0..1000} - port egress rate limit in Mbit/sec STPPRIO: {0..15} | {0,4096,8192...61440} Port set <PORT_SET>: enumeration of {[ge]0..[ge]1,s[fp],m,r}|*, for example 0,ge1,m Adjacency scheme <SCHEME>: {isolate, transparent}
Command arguments description is given in the table below:
Command | Description |
---|---|
port [-scheme=SCHEME] |
|
port [-mgmt=PORT_SET] [-radio=PORT_SET] |
|
port -d1q[=[disable|enable]] |
|
port -vlan={RANgeLIST} |
Example, port -vlan=50,52,60-64 adds VLANs 50, 52, 60, 61, 62, 63, 64 |
port -remove={RANgeLIST} |
|
port -vlan={RANgeLIST} {-priority=PRIO} |
Example, port -vlan=50 -priority 7 sets the priority 7 (Network control) to the VLAN 50 |
port -vlan={RANgeLIST} {-nopriority} |
|
port -vlan={RANgeLIST} [-stp] |
|
port -vlan={RANgeLIST} [-nostp] |
|
port -vlan={RANgeLIST} {-spriority=STPPRIO} |
Example, port -vlan=50 -spriority=4094 sets the bridge priority 4094 for VLAN 50 |
port -vlan={RANgeLIST} {-nospriority} |
|
port -vlan={RANgeLIST} [-sforward[=enable|disable]] |
|
port [PORT_SET] [-mode={access|trunk}] |
|
port [PORT_SET] [-access=TAG] |
Example, port 0 -access=50 -mode=access sets the "access" mode for the port "ge0" and defines VLAN 50 for this port operation |
port [PORT_SET] [-allow={RANgeLIST}] |
Example, port 1 -allow=50-55 -mode=trunk sets the "trunk" mode for the port "ge1" and allows operations with VLAN 50, 51, 52, 53, 54, 55 |
port [PORT_SET] [-native=TAG] |
|
port [PORT_SET] [-disallow={RANgeLIST}] |
|
port [PORT_SET] [-limit={RATE_LIMIT}] |
Example, port 0,1 -limit=120 sets the limit of 120 Mbps on the ports "ge0" and "ge1" |
port [PORT_SET] [-nolimit] |
|
port [PORT_SET] [-qosmode={wrr|st3|st23|strict}] |
|
port [PORT_SET] stat |
|
port [PORT_SET] clear |
|
port vtt |
|
port stt [VID] |
Example, #1> port stt 30 STP state of VID 30: ID: 100000043507A2A5 Priority: 4096 ID ext:-1 ROOT: 100000043507A2A5 Priority: 4096 ID ext: 0 Ports: Name Prio Cost PVer Role State ====== ==== ========== ==== ========== ========== ge1 128 55 RSTP DISABLED DISCARDING sfp 128 55 RSTP DISABLED DISCARDING |
port [PORT_SET] fdb-show |
Example, #1> port 0 fdb-show FDB total entries: 10 VID Destination Port Status T-left ===== ============ ========= ======= ====== v30 0016c8822d60 0 dynamic 330 v30 001b21c5a964 0 dynamic 330 v30 00043507a434 0 dynamic 282 v30 00045f94b74a 0 dynamic 188 v30 002170f485a5 0 dynamic 94 v30 382c4ab2d932 0 dynamic 94 |
port [PORT_SET] dump |
Example, #1> port dump Port R-limit QOS Mode Link Speed ==== ======= ======== ==== ========= 0 ------- wrr UP 1000 Mbps 1 ------- wrr UP 1000 Mbps s ------- wrr UP 1000 Mbps r 420 strict UP 21 Mbps m ------- strict ---- --------- |
Configuration examples
Configure the switch for operation in "isolate" mode. It is the default mode. If you need to switch from "transparent" mode, use the command:
- port -scheme= isolate
Configure the port isolation rules for traffic redirection from external physical interfaces "ge0", "ge1" and/or "sfp" to the interfaces "radio" or "mgmt":
Assign access to the management interface through the "ge0" port:
- port -mgmt=0
Assign the port "ge1" for data transfer to the port "radio":
- port -radio=1
Configure the switch for operation in "transparent" mode.
See VLAN-based switching matrix with default settings below:
port vtt VID 0 1 2 r m STP Prio ==== = = = = = === ==== 1 N N N N N - ----
In order to switch to "transparent" mode, execute the command:
- port -scheme=transparent
Configuring of the switch starts with adding VLANs, which are necessary for data transfer and device management:
port -vlan=30,100 port vtt VID 0 1 2 r m STP Prio ==== = = = = = === ==== 1 N N N N N - ---- 30 t t t t t - ---- 100 t t t t t - ----
Set the parameters of processing of tagged or/and untagged traffic for each port.
Set access of untagged packets to VLAN 30 on the management interface "mgmt":
port m -access=30 -mode=access port vtt VID 0 1 2 r m STP Prio ==== = = = = = === ==== 1 N N N N - - ---- 30 t t t t A - ---- 100 t t t t - - ----
Set access of untagged packets only to VLAN 30 on the port "ge0":
port 0 -access=30 -mode=access port vtt VID 0 1 s r m STP Prio ==== = = = = = === ==== 1 - N N N - - ---- 30 A t t t A - ---- 100 - t t t - - ----
Set the "ge1" port for processing of tagged packets of the VLAN 30 only ("trunk" mode):
port 1 -allow=30 -mode=trunk port vtt VID 0 1 s r m STP Prio ==== = = = = = === ==== 1 - - N N - - ---- 30 A t t t A - ---- 100 - - t t - - ----
Set the port "sfp" for processing of tagged packets of the VLAN 100 only ("trunk" mode):
port s -allow=100 -mode=trunk port vtt VID 0 1 s r m STP Prio ==== = = = = = === ==== 1 - - - N - - ---- 30 A t - t A - ---- 100 - - t t - - ----
Set the port "radio" for processing of tagged packets of the VLAN 30 and VLAN 100 ("trunk" mode):
portr -allow=30,100 -mode=trunk port vtt VID 0 1 s r m STP Prio ==== = = = = = === ==== 30 A t - t A - ---- 100 - - t t - - ----