The vlan internal order command specifies the range that the switch can allocate as internal VLANs when configuring routed ports and the order of their allocation. By default, the switch allocates VLANs in ascending order from VLAN 1006 to VLAN 4094.

The no vlan internal order and default vlan internal order commands revert the policy to its default.

Command Mode

Global Configuration

Command Syntax

vlan internal order DIRECTION [RANGE_VLAN]

no vlan internal order

default vlan internal order

Parameters

• DIRECTION     VLAN allocation number direction. Options include:
  • ascending     allocates internal VLANs from lower VLAN bound to upper VLAN bound.
  • descending     allocates internal VLAN from upper VLAN bound to lower VLAN bound.
• RANGE_VLAN     allocation range. Options include:
  • <no parameter>     1006 (lower bound) to 4094 (upper bound).
  • range, lower, upper    specifies lower bound (lower) and upper bound (upper).

Examples

• This command configures the switch to allocate internal VLANS from 3000 through 3999.

  switch(config)#vlan internal order ascending range 3000 3999
  switch(config)#

• This command configures the switch to allocate internal VLANS from 4094 through 1006.

  switch(config)#vlan internal order descending
  switch(config)#

• This command configures the switch to allocate internal VLANS from 4094 down through 4000.

  switch(config)#vlan internal order descending range 4000 4094
  switch(config)#

• This command reverts the allocation policy to its default (ascending, between 1006 and 4094).

  switch(config)#no vlan internal order
  switch(config)#

The vlan command places the switch in VLAN configuration mode to configure a set of virtual LANs. The command creates the specified VLANs if they do not exist prior to issuing the command. A VLAN that is in use as an internal VLAN may not be created or configured. The switch rejects any vlan command that specifies an internal VLAN ID.

The default vlan and no vlan commands removes the VLAN statements from running-config for the specified VLANs.

The exit command returns the switch to global configuration mode.

Command Mode

Global Configuration

Command Syntax

vlan vlan_range

no vlan vlan_range

default vlan vlan_range

Parameters

• vlan_range     VLAN list.

Formats include a name, number, number range, or comma-delimited list of numbers and ranges.

commands Available in VLAN configuration mode

• name (VLAN configuration mode)
• state
• trunk group

Guidelines

In mlag configurations, VLANs operate as follows:

• The VLAN must be configured identically on both mlag peer switches.
• The port-specific bridging configuration originates on the switch where the port is physically located. This configuration includes the switchport access VLAN, switchport mode (trunk or access), trunk-allowed VLANs, the trunk native VLAN, and the switchport trunk groups.

Example

This command creates VLAN 49 and enters VLAN configuration mode for the new VLAN:

switch(config)#vlan 49
switch(config-vlan-49)#

When autostate is enabled, the VLAN interface will be up when:

• the corresponding VLAN exists and is in the active state.
• one or more layer 2 ports in the VLAN are up and in spanning-tree forwarding state.
• the VLAN interface exists and is not in a shutdown state.

Autostate is enabled by default. When autostate is disabled, the VLAN interface is forced to be active.

• The no autostate command disables autostate on the configuration mode interface. The no autostate command is stored to running-config.
• The autostate command enables the autostate function on the configuration mode VLAN SVI by removing the corresponding no autostate statement from running-config.

• The default autostate command restores the autostate default state of enabled by removing the corresponding no autostate statement from running-config.

Command Mode

Interface-VLAN Configuration

Command Syntax

autostate

no autostate

default autostate

Guidelines

Autostate should be disabled on SVIs configured as an mlag local interface.

Examples

• These commands disable autostate on VLAN 100.

  switch(config)#interface vlan 100
  switch(config-if-Vl100)#no autostate
  switch(config-if-Vl100)#

• These commands enable autostate on VLAN 100.

  switch(config)#interface vlan 100
  switch(config-if-Vl100)#autostate
  switch(config-if-Vl100)#

In the configuration mode for an Ethernet or port channel interface, the encapsulation dot1q vlan translates packets with a dot1q header to the internal VLAN for a routed port. The VLAN in the incoming packets is mapped to the internal VLAN of the routed port, and packets egressing the routed port are encapsulated with a dot1q header for the specified VLAN. For egress packets, no priority information is added to the dot1q header and the priority from the incoming encapsulation will be retained.

When used in the configuration mode for an Ethernet or port channel subinterface, however, the encapsulation dot1q vlan command assigns a dot1q tag to the subinterface. Traffic ingressing on the parent interface with that dot1q tag will then be sent to the configured subinterface. See Subinterfaces and Subinterface Configuration for details.

The no encapsulation dot1q vlan and default encapsulation dot1q vlan commands restore the default VLAN to the configuration mode interface by removing the corresponding encapsulation dot1q vlan command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-port-channel Configuration

Subinterface-Ethernet Configuration

Subinterface-port-channel Configuration

Command Syntax

encapsulation dot1q vlan vlan_id

no encapsulation dot1q vlan

default encapsulation dot1q vlan

Parameters

vlan_id For VLAN translation, the ID of the external VLAN to be translated; for subinterface configuration, the VLAN of the subinterface. Values range from 1 to 4094.

Examples

• These commands translate between VLAN 50 and the internal VLAN for Ethernet interface 5 (a routed port).

  switch(config)#interface ethernet 5
  switch(config-if-Et5)#no switchport
  switch(config-if-Et5)#encapsulation dot1q vlan 50
  switch(config-if-Et5)#

• These commands assign packets ingressing on Ethernet interface 1/1 with VLAN ID 100 to Ethernet subinterface 1/1.1.

  switch(config)#interface ethernet1/1.1
  switch(config-if-Et1/1.1)#no switchport
  switch(config-if-Et1/1.1)#encapsulation dot1q vlan 100
  switch(config-if-Et1/1.1)#

The interface vlan command places the switch in VLAN-interface configuration mode for modifying parameters of the switch virtual interface (SVI). An SVI provides Layer 3 processing for packets from all ports associated with the VLAN. There is no physical interface for the VLAN.

When entering configuration mode to modify existing SVIs, the command can specify multiple interfaces. The command creates an SVI if the specified interface does not exist prior to issuing the command. When creating an SVI, the command can only specify a single interface.

The no interface vlan command deletes the specified SVI interfaces from running-config. The default interface vlan commands remove all configuration statements for the specified SVI interfaces from running-config without deleting the interfaces.

Command Mode

Global Configuration

Command Syntax

interface vlan v_range

no interface vlan v_range

default interface vlan v_range

Parameter

• v_range     VLAN interfaces (number, range, or comma-delimited list of numbers and ranges). VLAN number ranges from 1 to 4094.

Restrictions

Internal VLANs: A VLAN interface cannot be created or configured for internal VLAN IDs. The switch rejects any interface vlan command that specifies an internal VLAN ID.

Example

This example creates an SVI for VLAN 12:

switch#config
switch(config)#interface vlan 12
switch(config-if-Vl12)#

The l2-protocol encapsulation dot1q vlan command enables Layer 2 802.1Q traffic encapsulation on the configuration mode interface for a specified VLAN. The default VLAN for all interfaces is VLAN 1.

The no l2-protocol encapsulation dot1q vlan and default l2-protocol encapsulation dot1q vlan commands disable the specified encapsulation on the configuration mode interface by removing the corresponding l2-protocol encapsulation dot1q vlan command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

l2-protocol encapsulation dot1q vlan vlan_id

no l2-protocol encapsulation dot1q vlan

default l2-protocol encapsulation dot1q vlan

Parameters

• vlan_id     the ID of the native VLAN. Values range from 1 to 4094.

Example

These commands enable 802.1Q encapsulation of traffic on VLAN 200.

switch(config)#interface ethernet 5/2
switch(config-if-Et5/2)#l2-protocol encapsulation dot1q vlan 200
switch(s1)(config-if-Et5/2)#show active
interface Ethernet5/2
 l2-protocol encapsulation dot1q vlan 200
switch(config-if-Et5/2)#

The mac address forwarding command enables a switch to configure a VLAN policy when it receives a packet with an unknown destination MAC address on a VLAN. The command provides three options to configure a VLAN policy:

• Flood the Layer 2 miss packets on the VLAN
• Drop the Layer 2 miss packets
• Log the Layer 2 miss packets to the CPU (while still flooding them on the VLAN)

The default state is to flood the L2 miss packets on all ports of the VLAN.

The show vlan command displays information about the VLAN policy that is being configured.

The no form and the default form of the command removes the previously configured VLAN policy on the VLAN.

Command Mode

VLAN Configuration

Command Syntax

mac address forwarding {unicast | multicast} miss action {drop | flood | log}

no mac address forwarding {unicast | multicast} miss action {drop | flood | log}

default mac address forwarding{unicast | multicast} miss action {drop | flood | log}

Parameters

• unicast     the unicast type of transmission.
• multicast     the multicast type of transmission.
• drop     the selected packets are dropped.
• flood     the selected packets are flooded in the specific VLAN.
• log     the selected packets are sent to the CPU for logging purpose.

Guidelines

VLAN policy configuration is supported on the Arista 7010, 7050 (excluding 7050SX3-48YC12, 7050CX3-32S, 7050QX2-32S, 7050SX2-72Q, 7050SX2-128, 7050TX2-128), 7060, 7250, and the 7300 series platforms.

VLAN policy is not supported in the following cases:

• STP, LLDP, and LACP packets
• VLAN policy configurations on VXLAN-enabled VLAN
• On a VLAN if IGMP snooping is configured with Multicast miss action is set to drop, then all multicast packets received on that VLAN are dropped.

Examples

• These commands create a VLAN 333 and then set the unicast policy to ‘drop’ and the multicast policy to ‘log’ for the specific VLAN 333.

  switch(config)#vlan 333
  switch(config-vlan-333)#mac address forwarding unicast miss action drop
  switch(config-vlan-333)#
  switch(config-vlan-333)#mac address forwarding multicast miss action log

• These commands display the VLAN policy that was defined when VLAN 333 is created.

  switch(config)#show vlan 333 mac address forwarding
  
  VLANUcMissActionMcMissAction
  ----------------------------
   333flood flood

• These commands display the VLAN policy type that was defined when VLAN 333 is configured with the ‘drop’ unicast policy and the ‘log’ multicast policy.

  switch(config)#show vlan 333 mac address forwarding
  
  VLANUcMissActionMcMissAction
  ----------------------------
   333droplog
  
  switch(config)#show vlan mac address forwarding
  
  VLANUcMissActionMcMissAction
  ----------------------------
   1flood flood
   333droplog

The name command configures the VLAN name. The name can have up to 32 characters. The default name for VLAN 1 is default. The default name for all other VLANs is VLANxxxx, where xxxx is the VLAN number. The default name for VLAN 55 is VLAN0055. The show vlan command displays the VLAN name.

The name command accepts all characters except the space.

The no name and default name commands restore the default name by removing the name command from running-config.

Command Mode

VLAN Configuration

Command Syntax

name label_text

no name

default name

Parameters

• label_text     character string assigned to name attribute. Maximum length is 32 characters. The space character is not permitted in the name string.

Example

These commands assign corporate_100 as the name for VLAN 25, then displays the VLAN name.

switch(config)#vlan 25
switch(config-vlan-25)#name corporate_100
switch(config-vlan-25)#show vlan 25
VLANName StatusPorts
----- -------------------------------- --------- ---------
25corporate_100active

switch(config-vlan-25)#

The pvlan mapping command maps a switch virtual interface (SVI) available in the primary VLAN to the secondary VLAN or VLANs in the VLAN configuration mode. The show pvlan mapping interfaces command displays the list of mapped VLANs.

The no pvlan mapping and default pvlan mapping commands restore the default state of the private VLAN mapping.

Command Mode

VLAN Configuration

Command Syntax

pvlan mapping{add | remove | vlan ID}

no pvlan mapping{add | remove | vlan ID}

default pvlan mapping{add | remove | vlan ID}

Parameters

• add     adding VLANs to the PVLAN mapping of the current VLAN interface.
• remove     removing VLANs from the PVLAN mapping of the current VLAN interface.
• vlan ID     The secondary VLAN IDs of the private VLAN mapping. The IDs range from 1 to 4094.

Related commands

show pvlan mapping interfaces

Example

These commands assign a secondary VLAN ID of 50 to the primary VLAN.

switch(config)#vlan 25
switch(config-vlan-25)#pvlan mapping 50
switch(config-vlan-25)#

The show dot1q-tunnel command displays the ports that are configured in dot1q-tunnel switching mode. The switchport mode command configures the switching mode for the configuration mode interface.

Command Mode

EXEC

Command Syntax

show dot1q-tunnel [INTERFACE]

Parameters

• INTERFACE     Interface type and numbers. Options include:
  • <no parameter>     Display information for all interfaces.
  • ethernet e_range     Ethernet interface range specified by e_range.
  • loopback l_range     Loopback interface specified by l_range.
  • management m_range     Management interface range specified by m_range.
  • port-channel p_range     Port-Channel Interface range specified by p_range.
  • vlan v_range     VLAN interface range specified by v_range.
  • vxlan vx_range     VXLAN interface range specified by vx_range.

Valid range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

This command displays the ports that are configured in dot1q-tunnel switching mode.

switch>show dot1q-tunnel
dot1q-tunnel mode LAN Port (s)
------------------------------
Po4
Po21
Po22
switch>

The show interfaces switchport backup-link command displays interfaces that are configured as switchport backup pairs and the operational status of each interface. For each pair, the command displays the names, roles, status, and VLAN traffic of each interface.

Command Mode

EXEC

Command Syntax

show interfaces [INTERFACE] switchport backup-link

show interfaces switchport backup-link [module{Fabric f_num | Linecard lc_num |Supervisor svr_num| Switchcard |<1-2> | <3-6>}]

Parameters

• INTERFACE     Interface type and numbers. Options include:
  • <no parameter>     Display information for all interfaces.
  • ethernet e_range     Ethernet interface range specified by e_range.
  • loopback l_range     Loopback interface specified by l_range.
  • management m_range     Management interface range specified by m_range.
  • port-channel p_range     Port-Channel Interface range specified by p_range.
  • vlan v_range     VLAN interface range specified by v_range.

Valid e_range, l_range, m_range, p_range, and v_range formats include number, number range, or comma-delimited list of numbers and ranges.

• module     Displays interfaces of the specified module. Options include:
  • Fabric f_num     Displays interfaces of the specified fabric module. Value ranges from 1 to 6.
  • Linecard lc_num     Displays interfaces of the specified linecard module. Value ranges from 3 to 6.
  • Supervisor svr_num     Displays interfaces of the specified supervisor module. Accepted values are 1 and 2.
  • Switchcard     Displays interfaces of switchcard modules.
  • <1-2>     Displays interfaces of the specified supervisor module.
  • <3-6>     Displays interfaces of the specified linecard module.

Example

• This command displays the configured switchport primary-backup pairs.

  switch>show interfaces switchport backup-link
  Switch backup interface pair: Ethernet3/17, Ethernet3/8
  Primary Interface: Ethernet3/17 State:Inactive Configuration
  Backup Interface:Ethernet3/8State:Inactive Configuration
  Preemption delay: 0 milliseconds
  Mac move burst size: 0
  Mac move burst interval: 20 milliseconds
  Mac move destination: ff:ff:ff:ff:ff:ff

• This command displays interfaces of the module for linecard 4.

  switch(config)#show int switchport backup-link module Linecard 4
  Switch backup interface pair: Ethernet4/19/1, Ethernet4/19/2
  Primary Interface: Ethernet4/19/1 State:Inactive Configuration
  Backup Interface:Ethernet4/19/2 State:Inactive Configuration
  Preemption delay: 0 milliseconds
  Mac move burst size: 0
  Mac move burst interval: 20 milliseconds
  Mac move destination: ff:ff:ff:ff:ff:ff

The show interfaces switchport vlan mapping command displays mapping information of the configured VLANs in an interface mode.

Command Mode

EXEC

Command Syntax

show interfaces switchport vlan mapping

Examples

• This command displays mapping information of the configured VLAN IDs.

  switch#show interfaces switchport vlan mapping
  --------------
  Ethernet3
   Direction Direction
  Original VlanNew VlanStatusConfiguredActive
  -------------- --------- --------- ----------- -----------
  10 100 ActiveIn/OutIn/Out
  11 200 ActiveInIn
  30012ActiveOut Out

• This command displays dual tag mapping information of the configured VLAN IDs.

  switch(config)#show interfaces switchport vlan mapping
  --------------
  Ethernet3/1
  Direction Direction
  Outer Tag Inner Tag VLAN ID StatusConfiguredActive Dot1qTunnel
  ----------- ----------- --------- --------- ----------- ----------------------
  1000100 200 activeIn/OutIn/Out-
  
  1001101 201 activeInIn-
  
  1002102 202 activeOut Out-

• This command displays dual tag mapping information of the configured VLAN IDs.

  switch(config)#show interfaces switchport vlan mapping
  --------------
  Ethernet1/1
   Direction Direction 
  Outer TagInner Tag VLAN ID StatusConfiguredActive 
  ----------- ----------- --------- --------- ----------- ----------- 
  70- 300 ActiveIn/OutIn/Out 
  1050100 ActiveIn/OutIn/Out
  2060100 ActiveInIn
  3040200 ActiveOut Out

The show interfaces switchport command displays the switching configuration and operational status of the specified ports.

Command Mode

EXEC

Command Syntax

show interfaces [INTERFACE] switchport

Parameters

• INTERFACE     Interface type and numbers. Options include:
  • <no parameter>     Display the switching status for all interfaces.
  • ethernet e_range     Ethernet interface range specified by e_range.
  • loopback l_range     Loopback interface specified by l_range.
  • management m_range     Management interface range specified by m_range.
  • port-channel p_range     Port-Channel Interface range specified by p_range.
  • vlan v_range     VLAN interface range specified by v_range.

Valid e_range, l_range, m_range, p_range, and v_range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

• This command displays the switching status for all interfaces.

  switch(config)#show interface switchport
  Default switchport mode: access
  
  Name: Et5/1
  Switchport: Enabled
  Administrative Mode: static access
  Operational Mode: static access
  MAC Address Learning: enabled
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 1 (default)
  Administrative Native VLAN tagging: disabled
  Trunking VLANs Enabled: ALL
  Static Trunk Groups: 
  Dynamic Trunk Groups: 
  
  Name: Et5/2
  Switchport: Enabled
  Administrative Mode: static access
  Operational Mode: static access
  MAC Address Learning: enabled
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 1 (default)
  Administrative Native VLAN tagging: disabled
  Trunking VLANs Enabled: ALL
  Static Trunk Groups: 
  Dynamic Trunk Groups: 
  
  [...]
  
  switch(config)#

• This command displays the switching status of port channel interfaces 21 and 22.

  switch>show interface port-channel 21-22 switchport
  Name: Po21
  Switchport: Enabled
  Administrative Mode: tunnel
  Operational Mode: tunnel
  Access Mode VLAN: 1 (inactive)
  Trunking Native Mode VLAN: 100 (VLAN0100)
  Administrative Native VLAN tagging: disabled
  Trunking VLANs Enabled: ALL
  Trunk Groups: foo
  
  Name: Po22
  Switchport: Enabled
  Administrative Mode: tunnel
  Operational Mode: tunnel
  Access Mode VLAN: 1 (inactive)
  Trunking Native Mode VLAN: 1 (inactive)
  Administrative Native VLAN tagging: disabled
  Trunking VLANs Enabled: ALL
  Trunk Groups:
  
  switch>

• This command displays the configured status of VLAN scaling for the Ethernet interface 2/1 port.

  switch#show interface Ethernet 2/1 switchport 
  Name: Ethernet 2/1
  Switchport: Enabled
  Administrative Mode: trunk
  Operational Mode: trunk
  MAC Address Learning: enabled
  Dot1q ethertype/TPID: 0x8100 (active)
  Dot1q VLAN Tag: Allowed
  Access Mode VLAN: 1 (default)
  Trunking Native Mode VLAN: 1 (default)
  Administrative Native VLAN tagging: disabled
  Trunking VLANs Enabled: ALL
  Static Trunk Groups: 
  Dynamic Trunk Groups: 
  Source interface filtering: enabled
  VLAN forwarding mode: allConfiguredVlans
  
  switch>

The show interfaces trunk command displays configuration and status information for interfaces configured in switchport trunk mode.

Command Mode

EXEC

Command Syntax

show interfaces [INTERFACE] trunk

Parameters

• INTERFACE     Interface type and numbers. Options include:

  • <no parameter>     Display information for all interfaces.
  • ethernet e_range     Ethernet interface range specified by e_range.
  • management m_range     Management interface range specified by m_range.
  • port-channel p_range     Port-Channel Interface range specified by p_range.

Valid e_range, m_range, and p_range formats include number, number range, or comma-delimited list of numbers and ranges.

Example

This command displays the trunk status for all interfaces configured in switchport trunk mode.

switch>show interfaces trunk
PortModeStatusNative vlan
Po1 trunk trunking1
Po2 trunk trunking1

PortVlans allowed
Po1 1-15
Po2 16-30

PortVlans allowed and active in management domain
Po1 1-10
Po2 21-30


PortVlans in spanning tree forwarding state
Po1 1-10
Po2 21-30

switch>

The show interfaces vlans command displays a table that lists the VLANs that are carried by the specified interfaces. Interfaces that do not carry VLANs are not listed in the table. The table lists the untagged (native or access) and tagged VLANs for each interface.

Command Mode

EXEC

Command Syntax

show interfaces [INT_NAME] vlans

Parameters

• INT_NAME     Interface type and number. Values include

  • ethernet e_num     Ethernet interface specified by e_num.
  • management m_num     Management interface specified by m_num.
  • port-channel p_num     Port-Channel Interface specified by p_num.

Example

This command displays the VLANs carried by all L2 ports.

switch>show interfaces vlans
Port Untagged Tagged
Et93910 -
Et11 3912 -
Et16 500-
Et17 3908 -
Et18 3908 -
Po11101-102,500,721,3000,
Po2101-
Po43902 -
Po53903 -
Po63992 -
Po7661-
Po83911 -

The show pvlan mapping interfaces command displays information about the private VLAN mapping interfaces.

Command Mode

EXEC

Command Syntax

show pvlan mapping interfaces

Example

• This command displays information about the private VLAN mapping interfaces.

  switch(config)#int vlan 50
  switch(config-if-Vl50)#pvlan mapping 70
  switch(config-if-Vl50)#show pvlan mapping interfaces 
  InterfaceSecondary Vlans
  ------------------------
  Vlan50 70 

The show vlan brief count command displays the number of VLANs that are configured on the switch.

Command Mode

EXEC

Command Syntax

show vlan brief count

Example

This command displays the number of VLANs on the switch.

switch>show vlan brief count
Number of existing VLANs : 18

switch>

The show vlan dynamic command displays the source and quantity of dynamic VLANs on the switch. Dynamic VLANs support VM Tracer monitoring sessions.

Command Mode

EXEC

Command Syntax

show vlan dynamic

Example

This command displays the source and quantity of dynamic VLANs on the switch.

switch>show vlan dynamic
Dynamic VLAN source VLANS
vmtracer-poc88
switch>

The show vlan internal allocation policy command displays the method the switch uses to allocate VLANs to routed ports. The vlan internal order command configures the allocation method.

The allocation method consists of two configurable components:

• range: the list of VLANs that are allocated to routed ports.
• direction: the direction by which VLANs are allocated (ascending or descending).

Command Mode

EXEC

Command Syntax

show vlan internal allocation policy

Example

This command displays the internal allocation policy.

switch>show vlan internal allocation policy
Internal VLAN Allocation Policy: ascending
Internal VLAN Allocation Range: 1006-4094
switch>

The show vlan internal usage command shows the VLANs that are allocated as internal VLANs for routed ports.

A routed port is an Ethernet or port channel interface that is configured as a layer 3 interface. Routed ports do not bridge frames and are not members of any VLANs. Routed ports can have IP addresses assigned to them and packets are routed directly to and from the port.

When an interface is configured as a routed port, the switch allocates an SVI with a previously unused VLAN ID. The switch prohibits the configuration of VLANs with numbers corresponding to internal VLAN interfaces allocated to a routed port. VLAN interfaces corresponding to SVIs allocated to a routed port cannot be configured by VLAN interface configuration mode commands.

Command Mode

EXEC

Command Syntax

show vlan internal usage

Example

This command displays the VLANs that are allocated to routed ports.

switch>show vlan internal usage
1006Ethernet3
1007Ethernet4
switch>

The show vlan trunk group command displays the trunk group membership of the specified VLANs.

Command Mode

EXEC

Command Syntax

show vlan [VLAN_LIST] trunk group

Parameters

• VLAN_LIST      VLAN list. Options include:
  • <no parameter>      all VLANs.
  • v_range     VLANs specified by v_range.
  • id v_range     VLANs specified by v_range.
  • name v_name     VLANs specified by the VLAN name v_name.

Example

This command displays the trunk group membership of all configured VLANs.

switch>show vlan trunk group
VLAN Trunk Groups
---- -------------------------------------
5
10 first_group
12
40 second_group
100third_group
101middle_group
102
200

switch>

The show vlan command displays the VLAN ID, name, status, and member ports of all configured VLANs. The command only displays active ports by default; by specifying configured-ports, the command displays all ports that are members of a configured VLAN regardless of their activity status, including Ethernet ports that are members of a port channel.

Command Mode

EXEC

Command Syntax

show vlan [VLAN_LIST][PORT_ACTIVITY]

Parameters

• VLAN_LIST      List of VLANs displayed by command. Options include:
  • <no parameter>      all VLANs.
  • v_range     VLANs specified by v_range.
  • id v_range     VLANs specified by v_range.
  • name v_name     VLANs specified by the VLAN name v_name.

v_range formats include number, number range, or comma-delimited list of numbers and ranges.

• PORT_ACTIVITY      Ports listed in table. Options include:
  • <no parameter>      table displays only active ports (same as active-configuration option).
  • active-configuration      table displays only active ports.
  • configured-ports      table displays all configured ports.

Examples

• This command displays status and ports of VLANs 1-1000.

  switch> show vlan 1-1000
  VLANName StatusPorts
  ----- ------------------------ --------- --------------
  1 defaultactivePo1
  184   fet.arka                 activeCpu, Po1, Po2
  262 mgq.net                  activePPo2, Po1
  512   sant.testactiveCpu, Et16, Po1
  821 ipv6.net activeCpu, Po1, Po7
  
  switch>

• This command displays the list of all the member interfaces under each SVI.

  switch#show vlan
  VLANName StatusPorts
  ----- ------------------------ --------- -------------------------------
  1 defaultactive
  2148VLAN2148 activeCpu, Et1, Et26
  2700VLAN2700 activeCpu, Et18

The state command configures the VLAN transmission state of the configuration mode VLAN.

• Active state: Ports forward VLAN traffic.
• Suspendstate: Ports block VLAN traffic.

The default transmission status is active.

The no state command restores the default VLAN transmission state to the configuration mode VLAN by removing the corresponding state command from running-config.

Command Mode

VLAN Configuration

Command Syntax

state OPERATION_STATE

no state

default state

Parameters

• OPERATION_STATE      VLAN transmission state. Options include:
  • active     VLAN traffic is forwarded
  • suspend      LAN traffic is blocked.

Example

These commands suspend VLAN traffic on VLANs 100-102.

switch(config)#vlan 100-102
switch(config-vlan-100-102)#state suspend
switch(config-vlan-100-102)#

The switchport access vlan command specifies the access VLAN of the configuration mode interface. Ethernet or port channel interfaces that are in access mode are members of only the access VLAN. Untagged frames that the interface receives are associated with the access VLAN. Frames tagged with the access VLAN are also associated with the access VLAN. The interface drops all other tagged frames that it receives. By default, VLAN 1 is the access VLAN of all Ethernet and port channel interfaces.

An interface's access mode is effective only when the interface is in access mode or dot1q-tunnel mode, as specified by the switchport mode command. Interfaces in dot1q-tunnel mode handle inbound traffic as untagged traffic and associate all traffic with the access VLAN. Interfaces configured to switchport trunk mode maintain and ignore existing switchport access commands.

The no switchport access vlan and default switchport access vlan commands restore VLAN 1 as the access VLAN of the configuration mode interface by removing the corresponding switchport access vlan statement from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport access vlan v_num

no switchport access vlan

default switchport access vlan

Parameters

• v_num     number of access VLAN. Value ranges from 1 to 4094. Default is 1.

Example

These commands assign VLAN 100 as the access VLAN to Ethernet interface 5.

switch(config)#interface ethernet 5
switch(config-if-Et5)#switchport access vlan 100
switch(config-if-Et5)#

The switchport dot1q ethertype command configures the tag protocol identifier (TPID, also known as a dot1q ethertype), of the configuration mode interface. By default, all switch ports use the standard TPID of 0x8100.

The no switchport dot1q ethertype and default switchport dot1q ethertype commands restore the TPID to 0x8100 by removing the corresponding switchport dot1q ethertype statement from running-config.

Command Mode

Interface-Ethernet Configuration

Command Syntax

switchport dot1q ethertype ethertype

no switchport dot1q ethertype

default switchport dot1q ethertype

Parameters

• ethertype     ethertype number (TPID). Value ranges from 0x600 (1536) through 0xFFFF (65535), and can be entered in decimal or hexadecimal notation. Value is stored and displayed in hexadecimal form; the default value is 0x8100.

Example

These commands configure 0x9100 as the TPID of Ethernet interface 5.

switch(config)#interface ethernet 5
switch(config-if-Et5)#switchport dot1q ethertype 0x9100
switch(config-if-Et5)#

The switchport mode command specifies the switching mode of the configuration mode interface. The switch supports five switching modes: access, trunk, dot1q-tunnel, tap, and tool.

• Access switching mode: The interface is a member of one VLAN, called the access VLAN, as specified by the switchport access vlan command. Tagged frames received on the interface are dropped unless they are tagged with the access VLAN. Frames transmitted from the interface are always untagged.
• Trunk switching mode: The interface may be a member of multiple VLANs, as configured by the switchport trunk allowed vlan command. Untagged traffic is associated with the interface's native VLAN, as configured with the switchport trunk native vlan command.
• Dot1q-tunnel switching mode: The interface treats all inbound packets as untagged traffic and handles them as traffic of its access VLAN, as specified by the switchport access vlan command.
• Tap mode: The interface operates as a tap port. Tap ports receive traffic for replication on one or more tool ports.The interface may be a member of multiple VLANs, as configured by the switchport tap allowed vlan command. Untagged traffic is associated with the interface's native VLAN, as configured with the switchport tap native vlan command.

Tap ports are in STP forwarding state and prohibit egress traffic. MAC learning, control plane interaction and traps for inbound traffic are disabled.

• Tool mode: The interface operates as a tool port. Tool ports replicate traffic received by tap ports. The interface may be a member of multiple VLANs, as configured by the switchport tool allowed vlan command. MAC learning, control plane interaction and traps for inbound traffic are disabled.

Tool ports are in STP forwarding state and prohibit ingress traffic that uses port settings.

The status of switchport configured ports depends on the switch’s tap aggregation mode (which can be viewed by using the mode (tap-agg configuration mode) command):

• tap aggregation mode enabled: tap and tool ports are enabled. Switching ports are errdisabled.
• tap aggregation mode disabled: tap and tool ports are errdisabled. Switching ports are enabled.

The no switchport mode and default switchport mode commands return the configuration mode interface to its default setting as an access port by deleting the corresponding switchport mode command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport mode MODE_TYPE

no switchport mode

default switchport mode

Parameters

• MODE_TYPE     switching mode of the configuration mode interfaces. Options include:
  • access access switching mode.
  • dot1q-tunnel dot1q-tunnel switching mode.
  • tap tap switching mode.
  • tool tool switching mode.
  • trunk trunk switching mode.

Restrictions

Dot1q-tunnel switching mode is not available on Petra platform switches.

Tap aggregation (tap and tool modes) is available on FM6000 and Arad platform switches.

Example

These commands configure Ethernet 4 interface as a trunk port.

switch(config)#interface ethernet 4
switch(config-if-Et4)#switchport mode trunk
switch(config-if-Et4)#

The switchport trunk allowed vlan command creates or modifies the list of VLANs for which the configuration mode interface, in trunk mode, handles tagged traffic. By default, interfaces handle tagged traffic for all VLANs. Command settings persist in running-config without taking effect when the switch is in tap aggregation mode or the interface is not in trunk mode.

The no switchport trunk allowed vlan and default switchport trunk allowed vlan commands restore the trunk mode default allowed VLAN setting of all by removing the corresponding switchport trunk allowed vlan statement from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport trunk allowed vlan EDIT_ACTION

no switchport trunk allowed vlan

default switchport trunk allowed vlan

Parameters

• EDIT_ACTION     modifications to the VLAN list.
  • v_range     Creates VLAN list from v_range.
  • add v_range     Adds specified VLANs to current list.
  • all     VLAN list contains all VLANs.
  • except v_range     VLAN list contains all VLANs except those specified.
  • none     VLAN list is empty (no VLANs).
  • remove v_range     Removes specified VLANs from current list.

Valid v_range formats include number, range, or comma-delimited list of numbers and ranges.

Example

These commands create the trunk mode allowed VLAN list of 6-10 for Ethernet interface 14, then verifies the VLAN list.

switch(config)#interface ethernet 14
switch(config-if-Et14)#switchport trunk allowed vlan 6-10
switch(config-if-Et14)#show interfaces ethernet 14 switchport
Name: Et14
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk
Access Mode VLAN: 1 (inactive)
Trunking Native Mode VLAN: 1 (inactive)
Administrative Native VLAN tagging: disabled
Trunking VLANs Enabled: 6-10
Trunk Groups:

switch(config-if-Et14)#

The switchport trunk group command assigns the configuration mode interface to the specified trunk group. Trunk group ports handle traffic of the VLANs assigned to the group.

The no switchport trunk group and default switchport trunk group commands remove the configuration mode interface from the specified trunk group by deleting the corresponding statement from running-config. If the command does not specify a trunk group, the interface is removed from all trunk groups to which it is assigned.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport trunk group [group_name]

no switchport trunk group [group_name]

default switchport trunk group [group_name]

Parameters

• group_name     trunk group name.

Example

switch(config)#interface port-channel 4
switch(config-if-Po4)#switchport trunk group fe-1
switch(config-if-Po4)#

The switchport trunk native vlan command specifies the trunk mode native VLAN for the configuration mode interface. Interfaces in trunk mode associate untagged frames with the native VLAN. Trunk mode interfaces can also be configured to drop untagged frames. The default native VLAN for all interfaces is VLAN 1.

The no switchport trunk native vlan and default switchport trunk native vlan commands restore VLAN 1 as the trunk mode native VLAN to the configuration mode interface by removing the corresponding switchport trunk native vlan command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport trunk native vlan VLAN_ID

no switchport trunk native vlan

default switchport trunk native vlan

Parameters

• VLAN_IDthe ID of the native VLAN. Options include
  • v_num VLAN number. Value ranges from 1 to 4094
  • tag interface drops all untagged frames.

Example

These commands configure VLAN 100 as the native VLAN for port channel 21.

switch(config)#interface port-channel 21
switch(config-if-Po21)#switchport trunk native vlan 100
switch(config-if-Po21)#

The switchport vlan forwarding command forwards packets between the ports belonging to VLAN in the interface configuration mode. The scaling configuration is applicable on a per-port basis. In the 7160 platform, the hardware uses a Port-VLAN table for storing the configuration on a per port/VLAN combination and supports a maximum of 128 ports.

Command Mode

Interface-Ethernet Configuration

Command Syntax

switchport vlan forwarding accept | all

Parameters

• accept     accepts packets for VLAN
• all      all VLANs

Example

This command forwards and accepts all the packets of VLAN of ethernet interface 2.

switch(config)#interface ethernet 2
switch(config-if-Et2)#switchport vlan forwarding accept all
switch(config-if-Et2)#

The switchport vlan mapping command allows you to map an arbitrary incoming VLAN tag to a particular bridging VLAN on the switch. The mapping is applied on a trunk port and multiple mappings can exist under each trunk port.

The no switchport vlan mapping and default switchport vlan mapping commands remove VLAN mapping by removing the corresponding switchport vlan mapping command from the running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport vlan mapping [in | out] incoming_vlanid destination_vlanid

no switchport vlan mapping [in | out]incoming_vlanid destination_vlanid

default switchport vlan mapping [in | out] incoming_vlanid destination_vlanid

Parameters

• in     maps the specified VLAN ID for received traffic only.
• out     maps the specified VLAN ID for transmitted traffic only.
• incoming_vlanid     specifies the VLAN ID to be mapped. Value ranges from 1 to 4094.
• destination_vlanid     specifies the destination VLAN ID. Value ranges from 1 to 4094.

Examples

• These commands map ingress packets of VLAN tag 11 with VLAN 200 on an Ethernet interface 3.

  switch(config)#interface Ethernet 3
  switch(config-if-Et3)#switchport mode trunk
  switch(config-if-Et3)#switchport vlan mapping in 11 200

• These commands map egress packets of VLAN 300 with VLAN tag 12 on an Ethernet interface 5.

  switch(config)#interface Ethernet 5
  switch(config-if-Et5)#switchport mode trunk
  switch(config-if-Et5)#switchport vlan mapping out 300 12

• These commands map inner and outer VLAN IDs on an Ethernet interface 1.

  switch(config)#interface Ethernet 1
  switch(config-if-Et1)#switchport vlan mapping 10 inner 50 100
  switch(config-if-Et1)#switchport vlan mapping in 20 inner 60 100
  switch(config-if-Et1)#switchport vlan mapping out 200 30 inner 40
  switch(config-if-Et1)#switchport vlan mapping 70 300

The switchport vlan translation command allows you to map packets from one VLAN to another using VLAN translation. This is carried out on packets having a dot1q header (tagged frames) only. The translation rewrites the VLAN ID (VID) field in dot1q headers on packets passing through a switched port without changing any other fields.

By default, the translation is bidirectional. The packets ingressing an interface through VLAN A are internally mapped to VLAN B; VLAN B packets egressing the same interface are mapped to VLAN A.

To use VLAN translation on a switched port, the port must be configured as a trunk port using the switchport mode command.

VLAN translation on routed ports is accomplished through the encapsulation dot1q vlan command.

The no switchport vlan translation and default switchport vlan translation commands remove VLAN mapping by removing the switchport vlan translation command from running-config.

Command Mode

Interface-Ethernet Configuration

Interface-Port-channel Configuration

Command Syntax

switchport vlan translation [DIRECTION]incoming_vlanid new_vlanid

no switchport vlan translation incoming_vlanid new_vlanid

no switchport vlan translation DIRECTION incoming_vlanid

default switchport vlan translation incoming_vlanid new_vlanid

default switchport vlan translation DIRECTION incoming_vlanid

Parameters

• DIRECTION     direction of traffic to be translated.
  • <no parameter>     translates the specified VLAN IDs for transmitted and received traffic.
  • in     translates the specified VLAN IDs for received traffic only.
  • out     translates the specified VLAN IDs for transmitted traffic only.
• incoming_vlanid     Enter the VLAN ID to be translated. Value ranges from 1 to 4094.
• new_vlanid     The new VLAN ID or bridging VLAN ID that will be used internally. Value ranges from 1 to 4094.

The trunk group command assigns the configuration mode VLAN to a specified trunk group.

A trunk group is the set of physical interfaces that comprise the trunk and the collection of VLANs whose traffic is carried on the trunk. The traffic of a VLAN that belongs to one or more trunk groups is carried only on ports that are members of trunk groups to which the VLAN belongs. Switchport commands specify the physical interfaces that carry trunk group traffic.

The no trunk group and default trunk group commands remove the configuration mode VLAN from the specified trunk group by removing the corresponding trunk group statement from running-config. If a trunk group is not specified, the commands remove the configuration mode VLAN from all trunk groups.

Command Mode

VLAN Configuration

Command Syntax

trunk group [name]

no trunk group [name]

default trunk group [name]

Parameters

• name     a name representing the trunk group.

Example

switch(config)#vlan 49
switch(config-vlan-49)#trunk group mlagpeer
switch(config-vlan-49)#