- Preface
- Cisco ONS Documentation Roadmap for Release 9.2.1
- Chapter 1, CE-Series Ethernet Cards
- Chapter 2, E-Series and G-Series Ethernet Cards
-
- Chapter 3, ML-Series Cards Overview
- Chapter 4, CTC Operations
- Chapter 5, Initial Configuration
- Chapter 6, Configuring Interfaces
- Chapter 7, Configuring CDP
- Chapter 8, Configuring POS
- Chapter 9, Configuring Bridges
- Chapter 10, Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
- Chapter 11, Configuring STP and RSTP
- Chapter 12, Configuring Link Aggregation
- Chapter 13, Configuring Security for the ML-Series Card
- Chapter 14, Configuring RMON
- Chapter 15, Configuring SNMP
- Chapter 16, Configuring VLAN
- Chapter 17, Configuring Networking Protocols
- Chapter 18, Configuring IRB
- Chapter 19, Configuring IEEE 802.17b Resilient Packet Ring
- Chapter 20, Configuring VRF Lite
- Chapter 21, Configuring Quality of Service
- Chapter 22, Configuring Ethernet over MPLS
- Chapter 23, Configuring the Switching Database Manager
- Chapter 24, Configuring Access Control Lists
- Chapter 25, Configuring Cisco Proprietary Resilient Packet Ring
-
- Chapter 26, ML-MR-10 Card Overview
- Chapter 27, IP Host Functionality on the ML-MR-10 Card
- Chapter 29: Configuring Security for the ML-MR-10 Card
- Chapter 30: Configuring IEEE 802.17b Resilient Packet Ring on the ML-MR-10 Card
- Chapter 31, Configuring POS on the ML-MR-10 Card
- Chapter 32, Configuring Card Port Protection on the ML-MR-10 Card
- Chapter 32, Configuring Ethernet Virtual Circuits and QoS on the ML-MR-10 Card
- Chapter 34: Configuring Link Agrregation on ML-MR-10 card
- Chapter 35, Configuring Ethernet OAM (IEEE 802.3ah), CFM (IEEE 802.1ag), and E-LMI on the ML-MR-10 Card
- Appendix A: CPU and Memory Utilization on the ML-MR-10 Card
- Appendix A, POS on ONS Ethernet Cards
- Appendix B, Command Reference
- Appendix C, Unsupported CLI Commands
- Appendix D, Using Technical Support
Configuring VLANs
Note 
This chapter applies only to the ML-Series (ML100T-2, ML100X-8, and ML1000-2) cards.
This chapter describes VLAN configurations for the ML-Series card. It describes how to configure IEEE 802.1Q VLAN encapsulation. For more information about the Cisco IOS commands used in this chapter, refer to the Cisco IOS Command Reference publication.
This chapter contains the following major sections:
•Configuring IEEE 802.1Q VLAN Encapsulation
•IEEE 802.1Q VLAN Configuration
•Monitoring and Verifying VLAN Operation
Note Configuring VLANs is optional. Complete general interface configurations before proceeding with configuring VLANs as an optional step.
Understanding VLANs
VLANs enable network managers to group users logically rather than by physical location. A VLAN is an emulation of a standard LAN that allows secure intra-group data transfer and communication to occur without the traditional restraints placed on the network. It can also be considered a broadcast domain set up within a switch. With VLANs, switches can support more than one subnet (or VLAN) on each switch and give routers and switches the opportunity to support multiple subnets on a single physical link. A group of devices that belong to the same VLAN, but are part of different LAN segments, are configured to communicate as if they were part of the same LAN segment.
VLANs enable efficient traffic separation and provide excellent bandwidth utilization. VLANs also alleviate scaling issues by logically segmenting the physical LAN structure into different subnetworks so that packets are switched only between ports within the same VLAN. This can be very useful for security, broadcast containment, and accounting.
ML-Series software supports port-based VLANs and VLAN trunk ports, which are ports that carry the traffic of multiple VLANs. Each frame transmitted on a trunk link is tagged as belonging to only one VLAN.
ML-Series card software supports VLAN frame encapsulation through the IEEE 802.1Q standard. The Cisco Inter-Switch Link (ISL) VLAN frame encapsulation is not supported. ISL frames are broadcast at Layer 2 or dropped at Layer 3.
ML-Series switching supports up to 900 VLAN subinterfaces per card (for example, 200 VLANs on four interfaces uses 800 VLAN subinterfaces). A maximum of 255 logical VLANs can be bridged per card (limited by the number of bridge-groups). Each VLAN subinterface can be configured for any VLAN ID in the full 1 to 4095 range. Figure 16-1 shows a network topology in which two VLANs span two ONS 15454s with ML-Series cards.
Figure 16-1 VLANs Spanning Devices in a Network
Configuring IEEE 802.1Q VLAN Encapsulation
You can configure IEEE 802.1Q VLAN encapsulation on either type of ML-Series card interfaces, Ethernet or Packet over SONET/SDH (POS). VLAN encapsulation is not supported on POS interfaces configured with HDLC encapsulation.
The native VLAN is always VLAN ID 1 on ML-Series cards. Frames on the native VLAN are normally transmitted and received untagged. On an trunk port, all frames from VLANs other than the native VLAN are transmitted and received tagged.
To configure VLANs using IEEE 802.1Q VLAN encapsulation, perform the following procedure, beginning in global configuration mode:
Note In a bridge group on the ML-Series card, the VLAN ID does not have to be uniform across interfaces that belong to that bridge group. For example, a bridge-group can connect from a VLAN ID subinterface to a subinterface with a different VLAN ID, and then frames entering with one VLAN ID can be changed to exit with a different VLAN ID. This is know as VLAN translation.
Note IP routing is enabled by default. To enable bridging, enter the no ip routing or bridge IRB command.
Note Native VLAN frames transmitted on the interface are normally untagged. All untagged frames received on the interface are associated with the native VLAN, which is always VLAN 1. Use the command encapsulation dot1q 1 native.
IEEE 802.1Q VLAN Configuration
The VLAN configuration example for the ML100T-12 shown in Figure 16-2 depicts the following VLANs:
•Fast Ethernet subinterface 0.1 is in the IEEE 802.1Q native VLAN 1.
•Fast Ethernet subinterface 0.2 is in the IEEE 802.1Q VLAN 2.
•Fast Ethernet subinterface 0.3 is in the IEEE 802.1Q VLAN 3.
•Fast Ethernet subinterface 0.4 is in the IEEE 802.1Q VLAN 4.
Figure 16-2 Bridging IEEE 802.1Q VLANs
Example 16-1 shows how to configure VLANs for IEEE 802.1Q VLAN encapsulation. Use this configuration for both router A and router B. The example is shown in Figure 16-2:
Example 16-1 Configure VLANs for IEEE 802.1Q VLAN Encapsulation
bridge 1 protocol ieee
bridge 2 protocol ieee
bridge 3 protocol ieee
bridge 4 protocol ieee
!
!
interface FastEthernet0
no ip address
!
interface FastEthernet0.1
encapsulation dot1Q 1 native
bridge-group 1
!
interface FastEthernet0.2
encapsulation dot1Q 2
bridge-group 2
!
interface FastEthernet0.3
encapsulation dot1Q 3
bridge-group 3
!
interface FastEthernet0.4
encapsulation dot1Q 4
bridge-group 4
!
interface POS0
no ip address
crc 32
pos flag c2 1
!
interface POS0.1
encapsulation dot1Q 1 native
bridge-group 1
!
interface POS0.2
encapsulation dot1Q 2
bridge-group 2
!
interface POS0.3
encapsulation dot1Q 3
bridge-group 3
!
interface POS0.4
encapsulation dot1Q 4
bridge-group 4
Monitoring and Verifying VLAN Operation
After the VLANs are configured on the ML-Series card, you can monitor their operation by entering the privileged EXEC command show vlans vlan-id. This command displays information on all configured VLANs or on a specific VLAN (by VLAN ID number).
An example of the show vlans privileged EXEC command commands are shown here:
Example 16-2 show vlans Commands
ML1000-121#show vlans
Virtual LAN ID: 1 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interfaces: POS1
GigabitEthernet0
This is configured as native Vlan for the following interface(s) :
POS1
GigabitEthernet0
Protocols Configured: Address: Received: Transmitted:
Virtual LAN ID: 5 (IEEE 802.1Q Encapsulation)
vLAN Trunk Interfaces: POS1.1
GigabitEthernet0.1
Protocols Configured: Address: Received: Transmitted:
Bridging Bridge Group 2 157 0
Bridging Bridge Group 2 157 0
Feedback