0% found this document useful (0 votes)

6 views

01-05 Typical Ethernet Switching Configuration

Uploaded by

Laurindo Carinhas

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

6 views

01-05 Typical Ethernet Switching Configuration

Uploaded by

Laurindo Carinhas

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 103

S600-E Series Switches

Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5 Typical Ethernet Switching

Configuration

5.1 Typical MAC Configuration

5.2 Link Aggregation Configuration
5.3 Typical VLAN Configuration
5.4 Typical QinQ Configuration
5.5 Typical Examples of MSTP/RRPP
5.6 Typical Loopback Detection Configuration

5.1 Typical MAC Configuration

5.1.1 Example for Configuring Static MAC Address Entries

Overview
MAC address entries are automatically generated when the switch learns the
source MAC addresses of packets. Static MAC address entries are manually
configured.

A network administrator manually adds MAC address entries of authorized users

into the MAC address table. The static MAC address entries are often used to
prevent unauthorized users from intercepting data of authorized users.

If a large number of static MAC address entries are manually configured, network
maintenance can be difficult. You can enable port security to dynamically bind
MAC addresses to interfaces.

Configuration Notes
This example applies to all versions of the S600-E.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 159

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Networking Requirements
In Figure 5-1, the server connects to the switch through GE0/0/2. To prevent the
switch from broadcasting packets destined for the server, the static MAC address
entry of the server needs to be configured on the switch. This ensures that the
switch unicasts packets destined for the server through GE0/0/2. The MAC address
of the PC is statically bound to GE0/0/1 to ensure secure communication between
the PC and server.

Figure 5-1 Networking for configuring static MAC address entries

Configuration Roadmap
The configuration roadmap is as follows:

1. Create a VLAN on the switch and add an interface to the VLAN to implement
Layer 2 forwarding.
2. Configure the static MAC address entry of the server on the switch.
3. Configure the static MAC address entry of the PC on the switch.

Procedure
Step 1 Create VLAN 2 on the switch and add GE0/0/1 and GE0/0/2to VLAN 2.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 2 //Create VLAN 2.
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type access //The interface connected to the PC must be the
access interface. The default link type of an interface is not access, so you need to manually configure the
access interface.
[Switch-GigabitEthernet0/0/1] port default vlan 2 //Add GE0/0/1 to VLAN 2.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2 //The configuration of GE1/0/2 is similar to that of GE0/0/1.
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 2
[Switch-GigabitEthernet0/0/2] quit

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 160

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Step 2 Configure the static MAC address entry of the server on the switch.
[Switch] mac-address static xxxx-xxxx-xxx4 gigabitethernet 0/0/2 vlan 2

Step 3 Configure the static MAC address entry of the PC on the switch.
[Switch] mac-address static xxxx-xxxx-xxx2 gigabitethernet 0/0/1 vlan 2

Step 4 Verify the configuration.

# Run the display mac-address static vlan 2 command in any view to check
whether static MAC address entries were successfully added to the MAC address
table.
[Switch] display mac-address static vlan 2
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
xxxx-xxxx-xxx2 2/- GE0/0/1 static
xxxx-xxxx-xxx4 2/- GE0/0/2 static

-------------------------------------------------------------------------------
Total items displayed = 2

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 2
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 2
#
mac-address static xxxx-xxxx-xxx2 GigabitEthernet0/0/1 vlan 2
mac-address static xxxx-xxxx-xxx4 GigabitEthernet0/0/2 vlan 2
#
return

5.1.2 Example for Configuring Blackhole MAC Address Entries

Overview
Blackhole MAC address entries can be used to prevent attacks from unauthorized
users. The switch discards packets from or destined to blackhole MAC addresses.

Configuration Notes
This example applies to all versions of the S600-E.

Networking Requirements
As shown in Figure 5-2, the switch receives a packet from an unauthorized PC
whose MAC address is 0005-0005-0005 and belongs to VLAN 3. This MAC address

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 161

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

can be configured as a blackhole MAC address to filter packets from the

unauthorized user.

Figure 5-2 Networking for configuring blackhole MAC address entries

Configuration Roadmap
The configuration roadmap is as follows:
1. Create a VLAN to implement Layer 2 forwarding.
2. Configure a blackhole MAC address to block packets from this MAC address.

Procedure
Step 1 Configure a blackhole MAC address entry.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan 3 //Create VLAN 3.
[Switch-vlan3] quit
[Switch] mac-address blackhole xxxx-xxxx-xxx5 vlan 3 //Configure MAC address 0005-0005-0005 as the
blackhole MAC address in VLAN 3.

Step 2 Verify the configuration.

# Run the display mac-address blackhole command in any view to check
whether the blackhole MAC address entry was successfully added to the MAC
address table.
[Switch] display mac-address blackhole
-------------------------------------------------------------------------------
MAC Address VLAN/VSI Learned-From Type
-------------------------------------------------------------------------------
xxxx-xxxx-xxx5 3/- - blackhole

-------------------------------------------------------------------------------
Total items displayed = 1

----End

Configuration Files
Switch configuration file

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 162

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
sysname Switch
#
vlan batch 3
#
mac-address blackhole xxxx-xxxx-xxx5 vlan 3
#
return

5.1.3 Example for Configuring MAC Address Limiting in a

VLAN
Overview
The switch limits the number of MAC address entries based on VLANs or
interfaces. In offices where clients seldom change, you can configure MAC address
limiting to control user access. This can protect against certain attacks. For
example, if an attacker forges a large number of packets with different source
MAC addresses and sends the packets to the device, finite MAC address entries in
the MAC address table of the device may be exhausted. When the MAC address
table is full, the device cannot learn source MAC addresses of valid packets. As a
result, the device broadcasts the valid packets, wasting bandwidth resources.
MAC address limiting in a VLAN can limit the number of MAC address entries on
multiple interfaces in a VLAN.

Configuration Notes
● After the port-security enable command is configured on an interface, MAC
address limiting cannot take effect on the interface. Do not configure port
security and MAC address limiting on the same interface simultaneously.
● This example applies to all versions of the S600-E.

Networking Requirements
In Figure 5-3, user network 1 is connected to GE0/0/1 of the switch through
LSW1, user network 2 is connected to GE0/0/2 of the switch through LSW2, and
GE0/0/1 and GE0/0/2 belong to VLAN 2. To control the number of access users,
configure MAC address limiting in VLAN 2.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 163

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-3 Networking of MAC address limiting in a VLAN

Configuration Roadmap
The configuration roadmap is as follows:

1. Create a VLAN and add interfaces to the VLAN to implement Layer 2

forwarding.
2. Configure MAC address limiting in a VLAN to prevent MAC address attacks
and control the number of access users.

Procedure
Step 1 Create VLAN 2 and add GE0/0/1 and GE0/0/2 to VLAN 2.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 2
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk //Configure the link type of the interface as trunk.
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 //Add GE0/0/1 to VLAN 2.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2 //The configuration of GE0/0/2 is similar to the configuration of
GE0/0/1.
[Switch-GigabitEthernet0/0/2] port link-type trunk
[Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 2
[Switch-GigabitEthernet0/0/2] quit

Step 2 Configure the following MAC address limiting rule in VLAN 2: A maximum of 100
MAC addresses can be learned. When the number of learned MAC address entries
reaches the limit, the device forwards the packets with new source MAC address
entries and generates an alarm.
[Switch] vlan 2
[Switch-vlan2] mac-limit maximum 100 // The alarm function is enabled by default, so you do not need
to configure the alarm function manually.
[Switch-vlan2] quit

Step 3 Verify the configuration.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 164

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

# Run the display mac-limit command in any view to check whether the MAC
address limiting rule is successfully configured.
[Switch] display mac-limit
MAC limit is enabled
Total MAC limit rule count : 1

PORT VLAN/VSI SLOT Maximum Rate(ms) Action Alarm

----------------------------------------------------------------------------
- 2 - 100 - forward enable

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 2
#
vlan 2
mac-limit maximum 100
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2
#
return

5.1.4 Example for Configuring MAC Address Limiting on an

Interface

Overview
The switch limits the number of MAC address entries based on VLANs or
interfaces. In offices where clients seldom change, you can configure MAC address
limiting to control user access. This can protect against certain attacks. For
example, if an attacker forges a large number of packets with different source
MAC addresses and sends the packets to the device, finite MAC address entries in
the MAC address table of the device may be exhausted. When the MAC address
table is full, the device cannot learn source MAC addresses of valid packets. As a
result, the device broadcasts the valid packets, wasting bandwidth resources.

MAC address limiting on an interface can be used in scenarios where users

connected to an interface in small and medium-sized enterprises are fixed and
seldom change.

Configuration Notes
● After port-security enable is configured on an interface, MAC address
limiting cannot be configured on the interface.
● This example applies to all versions of the S600-E.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 165

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Networking Requirements
In Figure 5-4, user network 1 and user network 2 connect to the switch through
the LSW, and GE0/0/1 of the switch connects to the LSW. User network 1 and user
network 2 belong to VLAN 10 and VLAN 20 respectively. On the switch, MAC
address limiting can be configured on GE0/0/1 to control the number of access
users.

Figure 5-4 Networking of MAC address limiting on an interface

Configuration Roadmap
The configuration roadmap is as follows:

1. Create VLANs and add interfaces to the VLANs to implement Layer 2

forwarding.
2. Configure MAC address limiting on an interface to control the number of
access users.

Procedure
Step 1 Create VLAN 10 and VLAN 20 and add GE0/0/1 to VLAN 10 and VLAN 20.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10 20 //Create VLAN 10 and VLAN 20.
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk //Configure the link type of the interface as trunk.
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 20 //Add GE0/0/1 to VLAN 10 and VLAN 20.
[Switch-GigabitEthernet0/0/1] quit

Step 2 Configure the switch to learn a maximum of 100 MAC address entries on GE0/0/1.
When the number of learned MAC address entries reaches the limit, the switch

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 166

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

discards the packets with new source MAC address entries and generates an
alarm.
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] mac-limit maximum 100 action discard
[Switch-GigabitEthernet0/0/1] quit

Step 3 Verify the configuration.

PORT VLAN/VSI SLOT Maximum Rate(ms) Action Alarm

----------------------------------------------------------------------------
GE0/0/1 - - 100 - discard enable

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 10 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10 20
mac-limit maximum 100
#
return

5.2 Link Aggregation Configuration

5.2.1 Example for Configuring Link Aggregation in Manual

Mode When Switches Are Directly Connected

Overview
Ethernet link aggregation increases link bandwidth by bundling multiple physical
links to form a logical link. Link aggregation can work in manual mode or Link
Aggregation Control Protocol (LACP) mode.

In manual mode, you must manually create an Eth-Trunk and add member
interfaces to the Eth-Trunk. In this mode, LACP is not required. If a high link
bandwidth between two directly connected devices is required but the remote
device does not support LACP, you can use the manual mode. The manual mode
can increase bandwidth, enhance reliability, and implement load balancing.

In manual mode, all active links forward data and load balance traffic.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 167

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Notes
● Member interfaces of an Eth-Trunk must use the same Ethernet type and rate.
● Both devices of the Eth-Trunk must use the same number of physical
interfaces, interface rate, duplex mode, and flow control mode.
● If an interface of the local device is added to an Eth-Trunk, an interface of the
remote device directly connected to the interface of the local device must also
be added to an Eth-Trunk. Otherwise, the two ends cannot communicate.
● Both devices of an Eth-Trunk must use the same link aggregation mode.
● This example applies to all versions of the S600-E.

Networking Requirements
In Figure 5-5, SwitchA and SwitchB connect to devices in VLAN 10 and VLAN 20
through Ethernet links, and heavy traffic is transmitted between SwitchA and
SwitchB.
SwitchA and SwitchB can provide higher link bandwidth to implement inter-VLAN
communication. Data transmission and link reliability need to be ensured.

Figure 5-5 Networking for configuring link aggregation in manual mode

Configuration Roadmap
The configuration roadmap is as follows:
1. Create an Eth-Trunk and add member interfaces to the Eth-Trunk to increase
link bandwidth.
2. Create VLANs and add interfaces to the VLANs.
3. Set the load balancing mode to ensure that traffic is load balanced between
member interfaces of the Eth-Trunk and enhance reliability.

Procedure
Step 1 Create an Eth-Trunk on SwitchA and SwitchB and add member interfaces to the
Eth-Trunk.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 168

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchA] interface eth-trunk 1 //Create Eth-Trunk 1.

[SwitchA-Eth-Trunk1] trunkport gigabitethernet 0/0/1 to 0/0/3 //Add GE0/0/1, GE0/0/2, and GE0/0/3 to
Eth-Trunk 1.
[SwitchA-Eth-Trunk1] quit
<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] interface eth-trunk 1 //Create Eth-Trunk 1.
[SwitchB-Eth-Trunk1] trunkport gigabitethernet 0/0/1 to 0/0/3 //Add GE0/0/1, GE0/0/2, and GE0/0/3 to
Eth-Trunk 1.
[SwitchB-Eth-Trunk1] quit

Step 2 Create VLANs and add interfaces to the VLANs.

# Create VLAN 10 and VLAN 20 and add interfaces to them. The configuration of
SwitchB is similar to the configuration of SwitchA, and is not mentioned here.
[SwitchA] vlan batch 10 20
[SwitchA] interface gigabitethernet 0/0/4
[SwitchA-GigabitEthernet0/0/4] port link-type trunk //Configure the interface as a trunk interface. The
default link type of an interface is not trunk.
[SwitchA-GigabitEthernet0/0/4] port trunk allow-pass vlan 10
[SwitchA-GigabitEthernet0/0/4] quit
[SwitchA] interface gigabitethernet 0/0/5
[SwitchA-GigabitEthernet0/0/5] port link-type trunk //Configure the interface as a trunk interface. The
default link type of an interface is not trunk.
[SwitchA-GigabitEthernet0/0/5] port trunk allow-pass vlan 20
[SwitchA-GigabitEthernet0/0/5] quit

# Configure Eth-Trunk 1 to allow packets from VLAN 10 and VLAN 20 to pass

through. The configuration of SwitchB is similar to the configuration of SwitchA,
and is not mentioned here.
[SwitchA] interface eth-trunk 1
[SwitchA-Eth-Trunk1] port link-type trunk //Configure the interface as a trunk interface. The default link
type of an interface is not trunk.
[SwitchA-Eth-Trunk1] port trunk allow-pass vlan 10 20
[SwitchA-Eth-Trunk1] quit

Step 3 Set the load balancing mode of Eth-Trunk 1. The configuration of SwitchB is
similar to the configuration of SwitchA, and is not mentioned here.
[SwitchA] interface eth-trunk 1
[SwitchA-Eth-Trunk1] load-balance src-dst-mac //Configure load balancing based on the source and
destination MAC addresses on Eth-Trunk 1.
[SwitchA-Eth-Trunk1] quit

Step 4 Verify the configuration.

Run the display eth-trunk 1 command in any view to check whether the Eth-
Trunk is created and whether member interfaces are added.
[SwitchA] display eth-trunk 1
Eth-Trunk1's state information is:
WorkingMode: NORMAL Hash arithmetic: According to SA-XOR-DA
Least Active-linknumber: 1 Max Bandwidth-affected-linknumber: 8
Operate status: up Number Of Up Port In Trunk: 3
--------------------------------------------------------------------------------
PortName Status Weight
GigabitEthernet0/0/1 Up 1
GigabitEthernet0/0/2 Up 1
GigabitEthernet0/0/3 Up 1

The preceding information shows that Eth-Trunk 1 contains three member

interfaces: GigabitEthernet0/0/1, GigabitEthernet0/0/2, and GigabitEthernet0/0/3.
The member interface status is Up and the value of Operate status of Eth-Trunk 1
is up.

----End

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 169

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 10 20
load-balance src-dst-mac
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 20
#
return

● SwitchB configuration file

#
sysname SwitchB
#
vlan batch 10 20
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 10 20
load-balance src-dst-mac
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 20
#
return

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 170

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5.2.2 Example for Configuring Link Aggregation in LACP Mode

When Switches Are Directly Connected
Overview
Ethernet link aggregation increases link bandwidth by bundling multiple physical
links to form a logical link. Link aggregation can work in manual mode or Link
Aggregation Control Protocol (LACP) mode.
If a high link bandwidth between two directly connected devices is required and
devices support LACP, the LACP mode is recommended. The LACP mode increases
bandwidth, improves reliability, implements load balancing, enhances Eth-Trunk
fault tolerance, and provides backup.
In LACP mode, some links are active links and other links are backup links. All the
active links participate in data forwarding. If an active link becomes faulty, a
backup link is selected to replace the faulty link. That is, the number of links
participating in data forwarding remains unchanged.

Networking Requirements
In Figure 5-6, SwitchA and SwitchB connect to devices in VLAN 10 and VLAN 20
through Ethernet links, and heavy traffic is transmitted between SwitchA and
SwitchB. The link between SwitchA and SwitchB is required to provide high
bandwidth to implement inter-VLAN communication. Link aggregation in LACP
mode is configured on SwitchA and SwitchB to improve the bandwidth and
reliability. The following requirements must be met:
● Two active links implement load balancing.
● One link functions as the backup link. When a fault occurs on an active link,
the backup link replaces the faulty link to maintain reliable data transmission.
● Devices in the same VLAN can communicate.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 171

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-6 Networking diagram for configuring link aggregation in LACP mode

Configuration Roadmap
The configuration roadmap is as follows:
1. Create an Eth-Trunk and configure the Eth-Trunk to work in LACP mode to
implement link aggregation.
2. Add member interfaces to the Eth-Trunk.
3. Set the LACP system priority and determine the Actor so that the Partner
selects active interfaces based on the Actor interface priority.
4. Set the upper threshold for the number of active interfaces to improve
reliability.
5. Set LACP interface priorities and determine active interfaces so that interfaces
with higher priorities are selected as active interfaces.
6. Create VLANs and add interfaces to the VLANs.

Procedure
Step 1 Create Eth-Trunk 1 on SwitchA and configure Eth-Trunk 1 to work in LACP mode.
The configuration of SwitchB is similar to that of SwitchA, and is not mentioned
here.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] interface eth-trunk 1 //Create Eth-Trunk 1.
[SwitchA-Eth-Trunk1] mode lacp //Configure link aggregation in LACP mode.
[SwitchA-Eth-Trunk1] quit

Step 2 Add member interfaces to Eth-Trunk 1 on SwitchA. The configuration of SwitchB is

similar to that of SwitchA, and is not mentioned here.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] eth-trunk 1 //Add GE0/0/1 to Eth-Trunk 1.
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] eth-trunk 1 //Add GE0/0/2 to Eth-Trunk 1.
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] interface gigabitethernet 0/0/3

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 172

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchA-GigabitEthernet0/0/3] eth-trunk 1 //Add GE0/0/3 to Eth-Trunk 1.

[SwitchA-GigabitEthernet0/0/3] quit

Step 3 Set the LACP system priority of SwitchA to 100 so that SwitchA becomes the Actor.
[SwitchA] lacp priority 100 //The default LACP system priority is 32768. Change the LACP priority of
SwitchA to be higher than that of SwitchB so that SwitchA functions as the Actor.

Step 4 On SwitchA, set the upper threshold for the number of active interfaces to 2.
[SwitchA] interface eth-trunk 1
[SwitchA-Eth-Trunk1] max active-linknumber 2 //The default upper threshold for the number of active
interfaces in the LAG is 8. Change the upper threshold for the number of active interfaces to 2.
[SwitchA-Eth-Trunk1] quit

Step 5 Set the LACP system priority and determine active links on SwitchA.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] lacp priority 100 //The default LACP interface priority is 32768. Change
the LACP priority of GE0/0/1 to 100 so that GE0/0/1 serves as the active interface.
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] lacp priority 100 //The default LACP interface priority is 32768. Change
the LACP priority of GE0/0/2 to 100 so that GE0/0/2 serves as the active interface.
[SwitchA-GigabitEthernet0/0/2] quit

Step 6 Create VLANs and add interfaces to the VLANs.

# Configure Eth-Trunk 1 to allow packets from VLAN 10 and VLAN 20 to pass

Step 7 Verify the configuration.

# Check information about the Eth-Trunk on each Switch and check whether link
negotiation is successful.
[SwitchA] display eth-trunk 1
Eth-Trunk1's state information is:
Local:
LAG ID: 1 WorkingMode: LACP
Preempt Delay: Disabled Hash arithmetic: According to SIP-XOR-DIP
System Priority: 100 System ID: 00e0-fca8-0417
Least Active-linknumber: 1 Max Active-linknumber: 2
Operate status: up Number Of Up Port In Trunk: 2
--------------------------------------------------------------------------------
ActorPortName Status PortType PortPri PortNo PortKey PortState Weight
GigabitEthernet0/0/1 Selected 1GE 100 6145 2865 11111100 1
GigabitEthernet0/0/2 Selected 1GE 100 6146 2865 11111100 1

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 173

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

GigabitEthernet0/0/3 Unselect 1GE 32768 6147 2865 11100000 1

Partner:
--------------------------------------------------------------------------------
ActorPortName SysPri SystemID PortPri PortNo PortKey PortState
GigabitEthernet0/0/1 32768 00e0-fca6-7f85 32768 6145 2609 11111100
GigabitEthernet0/0/2 32768 00e0-fca6-7f85 32768 6146 2609 11111100
GigabitEthernet0/0/3 32768 00e0-fca6-7f85 32768 6147 2609 11110000
[SwitchB] display eth-trunk 1
Eth-Trunk1's state information is:
Local:
LAG ID: 1 WorkingMode: LACP
Preempt Delay: Disabled Hash arithmetic: According to SIP-XOR-DIP
System Priority: 32768 System ID: 00e0-fca6-7f85
Least Active-linknumber: 1 Max Active-linknumber: 8
Operate status: up Number Of Up Port In Trunk: 2
--------------------------------------------------------------------------------
ActorPortName Status PortType PortPri PortNo PortKey PortState Weight
GigabitEthernet0/0/1 Selected 1GE 32768 6145 2609 11111100 1
GigabitEthernet0/0/2 Selected 1GE 32768 6146 2609 11111100 1
GigabitEthernet0/0/3 Unselect 1GE 32768 6147 2609 11110000 1

The preceding information shows that the LACP system priority of SwitchA is 100
and is higher than the LACP system priority of SwitchB. GigabitEthernet0/0/1 and
GigabitEthernet0/0/2 are active interfaces and are in Selected state.
GigabitEthernet0/0/3 is in Unselect state. In addition, load balancing and
redundancy are implemented.

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
vlan batch 10 20
#
lacp priority 100
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 10 20
mode lacp
max active-linknumber 2
#
interface GigabitEthernet0/0/1
eth-trunk 1
lacp priority 100
#
interface GigabitEthernet0/0/2
eth-trunk 1
lacp priority 100
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 174

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 20
#
return

● SwitchB configuration file

#
sysname SwitchB
#
vlan batch 10 20
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 10 20
mode lacp
#
interface GigabitEthernet0/0/1
eth-trunk 1
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 10
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 20
#
return

5.3 Typical VLAN Configuration

5.3.1 Example for Configuring Interface-based VLAN

Assignment
Overview
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols,
and policies (MAC addresses, IP addresses, and interfaces). Table 5-1 compares
different VLAN assignment modes.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 175

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Table 5-1 Comparisons among VLAN assignment modes

VLAN Implementation Advantage Disadvan Usage
Assignme tage Scenario
nt Mode

Interface- VLANs are assigned It is simple to The Applies to

based based on interfaces. define VLAN network networks
VLAN A network members. administr of any
assignmen administrator ator scale and
t preconfigures a PVID needs to with
for each interface on a reconfigur devices at
switch. When an e VLANs fixed
untagged frame arrives when locations.
at an interface, the VLAN
switch adds the PVID of members
the interface to the change.
frame. The frame is
then transmitted in the
VLAN specified by the
PVID.

MAC VLANs are assigned When physical The Applies to

address- based on source MAC locations of network small-
based addresses of frames. users change, administr scale
VLAN A network the network ator must networks
assignmen administrator administrator predefine where
t preconfigures mappings does not need VLANs for user
between MAC to reconfigure all terminals
addresses and VLAN VLANs for the members often
IDs. When receiving an users. This on a change
untagged frame, the improves network. physical
switch adds the VLAN security and locations
tag mapping the MAC access flexibility but their
address of the frame to on a network. NICs
the frame. Then the seldom
frame is transmitted in change,
the specified VLAN. for
example,
mobile
computer
s.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 176

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

IP subnet- VLANs are assigned ● When Users are Applies to

based based on source IP physical evenly scenarios
VLAN addresses and subnet locations of spread where
assignmen masks. users and there are
t A network change, the multiple high
administrator network users are requireme
preconfigures mappings administrato on the nts for
between IP addresses r does not same mobility
and VLAN IDs. When need to network and
receiving an untagged reconfigure segment. simplified
frame, the switch adds VLANs for managem
the VLAN tag mapping the users. ent and
the IP address of the ● This mode low
frame to the frame. reduces requireme
Then the frame is communicati nts for
transmitted in the on traffic security.
specified VLAN. and allows a For
broadcast example,
domain to this mode
span can be
multiple used if a
switches. PC with
multiple
IP
addresses
needs to
access
servers on
different
network
segments
or a PC
needs to
join a
new
VLAN
automatic
ally after
the PC's
IP address
changes.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 177

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

Protocol- VLANs are assigned This mode ● The Applies to

based based on protocol binds service networ networks
VLAN (suite) types and types to VLANs, k using
assignmen encapsulation formats facilitating admini multiple
t of frames. management strator protocols.
A network and must
administrator maintenance. preconf
preconfigures mappings igure
between protocol types mappi
and VLAN IDs. When ngs
receiving an untagged betwee
frame, the switch adds n all
the VLAN tag mapping protoc
the protocol type of the ol
frame to the frame. The types
frame is then and
transmitted in the VLAN
specified VLAN. IDs.
● The
switch
needs
to
analyz
e
protoc
ol
addres
s
format
s and
conver
t the
format
s,
which
consu
mes
excessi
ve
resourc
es.
Theref
ore,
this
mode
slows
down
switch

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 178

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

respon
se
time.

Policy- VLANs are assigned ● This mode Each Applies to

based based on policies such provides policy complex
VLAN as combinations of high security. needs to networks.
assignmen interfaces, MAC MAC be
t (MAC addresses, and IP addresses or manually
addresses, addresses. IP addresses configure
IP A network of users who d.
addresses, administrator have been
and preconfigures policies. bound to
interfaces) When receiving an VLANs
untagged frame that cannot be
matches a configured changed.
policy, the switch adds ● The network
a specified VLAN tag to administrato
the frame. The frame is r can flexibly
then transmitted in the select which
specified VLAN. policies to
use
according to
the
managemen
t mode and
requirements
.

Interface-based VLAN assignment is the simplest and most commonly used

method.

Configuration Notes
This example applies to all versions of all switches.

Networking Requirements
In Figure 5-7, the switch of an enterprise connects to many users, and users
accessing the same service connect to the enterprise network through different
devices. To ensure communication security and prevent broadcast storms, the
enterprise requires that users using the same service communicate with each
other and users accessing different services be isolated. You can configure
interface-based VLAN assignment on the switch so that the switch adds interfaces
connected to users using the same service to the same VLAN. Users in different
VLANs cannot communicate with each other at Layer 2, and users in the same
VLAN can communicate with each other.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 179

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-7 Networking of interface-based VLAN assignment

Configuration Roadmap
The configuration roadmap is as follows:

1. Create VLANs and add interfaces that connect users to VLANs to isolate Layer
2 traffic of different services.
2. Configure link types of interfaces between SwitchA and SwitchB and VLANs
allowed by interfaces so that users accessing the same service can
communicate with each other through SwitchA and SwitchB.

Procedure
Step 1 Create VLAN 2 and VLAN 3 on SwitchA and add interfaces that are connected to
users to VLANs. The configuration of SwitchB is similar to the configuration of
SwitchA, and is not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 2 3 //Create VLAN 2 and VLAN 3 in a batch.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type access //The interface connected to the access device must
be the access interface. The default link type of an interface is not access, so you need to manually
configure the access interface.
[SwitchA-GigabitEthernet0/0/1] port default vlan 2 //Add GE0/0/1 to VLAN 2.
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type access
[SwitchA-GigabitEthernet0/0/2] port default vlan 3 //Add GE0/0/2 to VLAN 3.
[SwitchA-GigabitEthernet0/0/2] quit

Step 2 Configure the link type of the interface on SwitchA that is connected to SwitchB
and VLAN allowed by the interface. The configuration of SwitchB is similar to the
configuration of SwitchA, and is not mentioned here.

[SwitchA] interface gigabitethernet 0/0/3

[SwitchA-GigabitEthernet0/0/3] port link-type trunk //The link type of interfaces connecting switches
must be trunk. The default link type of an interface is not trunk, so you need to manually configure the
trunk interface.
[SwitchA-GigabitEthernet0/0/3] port trunk allow-pass vlan 2 3 //Add GE0/0/3 to VLAN 2 and VLAN 3.

Step 3 Verify the configuration.

User1 and User2 are on the same network segment, for example,
192.168.100.0/24; User3 and User4 are on the same network segment, for
example, 192.168.200.0/24.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 180

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

User1 and User2 can ping each other, but cannot ping User3 or User4. User3 and
User4 can ping each other, but cannot ping User1 or User2.

----End

Configuration Files
SwitchA configuration file
#
sysname SwitchA
#
vlan batch 2 to 3
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 3
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
return

SwitchB configuration file

#
sysname SwitchB
#
vlan batch 2 to 3
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 3
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
return

5.3.2 Example for Configuring Interface-based VLAN

Assignment (Access Device Used as the Gateway)

Overview
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols,
and policies (MAC addresses, IP addresses, and interfaces). Interface-based VLAN
assignment is the simplest and commonly used.

Interface-based VLAN assignment indicates that VLANs are assigned based on

interfaces. A network administrator preconfigures a PVID for each interface on a
switch. When an untagged frame arrives at an interface, the switch adds the PVID
of the interface to the frame. Then the frame is transmitted in a specified VLAN.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 181

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

In typical hierarchical networking, when the access switch is a Layer 3 switch, the
access switch can be used as the gateway of PCs to simplify the configuration of
the aggregation switch.

Configuration Notes
This example applies to all versions of all switches.

Networking Requirements
In Figure 5-8, PC1 and PC2 belong to VLAN 2 and VLAN 3, respectively. PC1 and
PC2 connect to the aggregation switch SW1 through the access switch SW2. PC3
belongs to VLAN 4 and connects to SW1 through SW3. SW2 functions as the
gateway of PC1 and PC2, and SW3 is used as the gateway of PC3. Static routes are
configured on switches so that PCs can communicate with each other and can be
connected to the router.

Figure 5-8 Configuring access devices as gateways

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure interface-based assignment on the access switch to implement

Layer 2 interworking.
2. Configure access switches as gateways of PCs to implement communication
between PCs on different network segments.
3. Configure static routes on the aggregation switch so that PCs can
communicate with the router.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 182

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Procedure
Step 1 Configure SW2.

# Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname SW2 //Change the device name to SW2 for easy identification.
[SW2] vlan batch 2 to 3 //Create VLAN 2 and VLAN 3 in a batch.

# Add interfaces to VLANs.

[SW2] interface gigabitethernet 0/0/23
[SW2-GigabitEthernet0/0/23] port link-type access //Configure the interface connected to the PC as the
access interface.
[SW2-GigabitEthernet0/0/23] port default vlan 2 //Add PC1 to VLAN 2.
[SW2-GigabitEthernet0/0/23] quit
[SW2] interface gigabitethernet 0/0/24
[SW2-GigabitEthernet0/0/24] port link-type access
[SW2-GigabitEthernet0/0/24] port default vlan 3 //Add PC2 to VLAN 3.
[SW2-GigabitEthernet0/0/24] quit

# Configure VLANIF interfaces and configure IP addresses for VLANIF interfaces as

gateway addresses of PCs.
[SW2] interface vlanif 2 //Create VLANIF 2.
[SW2-Vlanif2] ip address 192.168.2.1 24 //Configure an IP address for VLANIF 2. The IP address is the
gateway address of PC1.
[SW2-Vlanif2] quit
[SW2] interface vlanif 3 //Create VLANIF 3.
[SW2-Vlanif3] ip address 192.168.3.1 24 //Configure an IP address for VLANIF 3. The IP address is the
gateway address of PC2.
[SW2-Vlanif3] quit

# Connect SW2 to SW1.

[SW2] vlan batch 5 //Create VLAN 5.
[SW2] interface gigabitethernet 0/0/1
[SW2-GigabitEthernet0/0/1] port link-type access
[SW2-GigabitEthernet0/0/1] port default vlan 5 //Configure SW2 and SW1 to communicate in untagged
mode.
[SW2-GigabitEthernet0/0/1] quit
[SW2] interface vlanif 5 //Create VLANIF 5.
[SW2-Vlanif5] ip address 192.168.5.2 24 //Configure an IP address for VLANIF 5. The IP address is the IP
address of the interconnected interface between SW1 and SW2.
[SW2-Vlanif5] quit
[SW2] ip route-static 0.0.0.0 0.0.0.0 192.168.5.1 //Configure a default route so that the PC can access the
router. The next hop address is the IP address of the interface connected to SW1.

Step 2 Configure SW3.

# Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname SW3 //Change the device name to SW3.
[SW3] vlan batch 4 //Create VLAN 4.

# Add interfaces to VLANs.

[SW3] interface gigabitethernet 0/0/2
[SW3-GigabitEthernet0/0/2] port link-type access //Configure the interface connected to the PC as the
access interface.
[SW3-GigabitEthernet0/0/2] port default vlan 4 //Add PC3 to VLAN 4.
[SW3-GigabitEthernet0/0/2] quit

# Configure VLANIF interfaces and configure IP addresses for VLANIF interfaces as

gateway addresses of PCs.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 183

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SW3] interface vlanif 4 //Create VLANIF 4.

[SW3-Vlanif4] ip address 192.168.4.1 24 //Configure an IP address for VLANIF 4. The IP address is the
gateway address of PC3.
[SW3-Vlanif4] quit

# Connect SW3 to SW1.

[SW3] vlan batch 5 //Create VLAN 5.
[SW3] interface gigabitethernet 0/0/1
[SW3-GigabitEthernet0/0/1] port link-type access
[SW3-GigabitEthernet0/0/1] port default vlan 5 //Configure SW3 and SW1 to communicate in untagged
mode.
[SW3-GigabitEthernet0/0/1] quit
[SW3] interface vlanif 5 //Create VLANIF 5.
[SW3-Vlanif5] ip address 192.168.5.3 24 //Configure an IP address for VLANIF 5. The IP address is the IP
address of interconnected interface between SW3 and SW1.
[SW3-Vlanif5] quit
[SW3] ip route-static 0.0.0.0 0.0.0.0 192.168.5.1 //Configure a default route so that the PC can access the
router. The next hop address is the IP address of the interface connected to SW1.

Step 3 Configure SW1.

# Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname SW1 //Change the device name to SW1.
[SW1] vlan batch 5 //Create VLAN 5.

# Add interfaces connected to PCs to VLANs.

[SW1] interface gigabitethernet 0/0/1
[SW1-GigabitEthernet0/0/1] port link-type access //Configure the interface connected to the router as the
access interface.
[SW1-GigabitEthernet0/0/1] port default vlan 5
[SW1-GigabitEthernet0/0/1] quit
[SW1] interface gigabitethernet 0/0/2
[SW1-GigabitEthernet0/0/2] port link-type access //Configure the interface connected to SW2 as the
access interface.
[SW1-GigabitEthernet0/0/2] port default vlan 5
[SW1-GigabitEthernet0/0/2] quit
[SW1] interface gigabitethernet 0/0/3
[SW1-GigabitEthernet0/0/3] port link-type access //Configure the interface connected to SW3 as the
access interface.
[SW1-GigabitEthernet0/0/3] port default vlan 5
[SW1-GigabitEthernet0/0/3] quit

# Configure VLANIF interfaces so that PCs can connect to the router.

[SW1] interface vlanif 5 //Create VLANIF 5.
[SW1-Vlanif5] ip address 192.168.5.1 24 //Configure an IP address for VLANIF 5. The IP address is the IP
address of the interface connected to the router.
[SW1-Vlanif5] quit

# Configure a static route so that PCs on different network segments can

communicate with each other.
[SW1] ip route-static 192.168.2.0 255.255.255.0 192.168.5.2 //Configure a static route. Packets with the
destination IP address of 192.168.2.0/24 are forwarded to the next hop address of 192.168.5.2. The next hop
address is the IP address of the VLANIF interface connected to SW2.
[SW1] ip route-static 192.168.3.0 255.255.255.0 192.168.5.2 //Configure a static route. Packets with the
destination IP address of 192.168.3.0/24 are forwarded to the next hop address of 192.168.5.2. The next hop
address is the IP address of the VLANIF interface connected to SW2.
[SW1] ip route-static 192.168.4.0 255.255.255.0 192.168.5.3 //Configure a static route. Packets with the
destination IP address of 192.168.4.0/24 are forwarded to the next hop address of 192.168.5.3. The next hop
address is the IP address of the VLANIF interface connected to SW3.

# Configure a default route so that PCs can communicate with the router.
[SW1] ip route-static 0.0.0.0 0.0.0.0 192.168.5.4 //The IP address is the IP address of the interface
connected to SW1.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 184

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Step 4 Verify the configuration.

PC1, PC2, and PC3 can access each other, and they can communicate with the
router.

----End

Configuration Files
SW1 configuration file
#
sysname SW1
#
vlan batch 5
#
interface Vlanif5
ip address 192.168.5.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 5
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 5
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 5
#
ip route-static 0.0.0.0 0.0.0.0 192.168.5.4
ip route-static 192.168.2.0 255.255.255.0 192.168.5.2
ip route-static 192.168.3.0 255.255.255.0 192.168.5.2
ip route-static 192.168.4.0 255.255.255.0 192.168.5.3
#
return

SW2 configuration file

#
sysname SW2
#
vlan batch 2 to 3 5
#
#
interface Vlanif2
ip address 192.168.2.1 255.255.255.0
#
interface Vlanif3
ip address 192.168.3.1 255.255.255.0
#
interface Vlanif5
ip address 192.168.5.2 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 5
#
interface GigabitEthernet0/0/23
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 3
#
ip route-static 0.0.0.0 0.0.0.0 192.168.5.1

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 185

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
return

SW3 configuration file

#
sysname SW3
#
vlan batch 4 to 5
#
interface Vlanif4
ip address 192.168.4.1 255.255.255.0
#
interface Vlanif5
ip address 192.168.5.3 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 5
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 4
#
ip route-static 0.0.0.0 0.0.0.0 192.168.5.1
#
return

5.3.3 Example for Configuring Interface-based VLAN

Assignment (Aggregation Device Used as the Gateway)
Overview
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols,
and policies (MAC addresses, IP addresses, and interfaces). Interface-based VLAN
assignment is the simplest and commonly used.

Interface-based VLAN assignment indicates that VLANs are assigned based on

In typical hierarchical networking, when the access switch is a Layer 2 switch, the
aggregation switch can be used as the gateway of PCs. The configuration of the
access switch is simplified, and PCs access the external network through one
outbound interface, thereby facilitating maintenance and management.

Configuration Notes
This example applies to all versions of all switches.

Networking Requirements
In Figure 5-9, PC1 and PC2 belong to VLAN 2 and VLAN 3, respectively. PC1 and
PC2 connect to the aggregation switch SW1 through the access switch SW2. PC3
belongs to VLAN 4 and connects to SW1 through SW3. No configuration is
performed on SW3, and SW3 functions as the hub and is plug-and-play. SW1
functions as the gateway of PC1, PC2, and PC3 so that PCs can communicate with
each other and can be connected to the router.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 186

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-9 Configuring the aggregation device as the gateway

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure interface-based assignment on the access switch to implement

Layer 2 interworking.
2. Configure the aggregation switch as the gateway of PCs to implement Layer 3
interworking between PCs on different network segments.
3. Configure the interface connecting the aggregation switch and router.

Procedure
Step 1 Configure SW2.

# Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname SW2 //Change the device name to SW2 for easy identification.
[SW2] vlan batch 2 3 //Create VLAN 2 and VLAN 3 in a batch.

# Add interfaces to VLANs.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 187

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SW2-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 3 //Add the interface to VLAN 2 and VLAN 3.
[SW2-GigabitEthernet0/0/1] quit

Step 2 Configure SW1.

# Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname SW1 //Change the device name to SW1.
[SW1] vlan batch 2 to 5 //Create VLANs 2 to 5.

# Add interfaces connected to PCs to VLANs.

[SW1] interface gigabitethernet 0/0/2
[SW1-GigabitEthernet0/0/2] port link-type trunk //Configure the interface connected to SW1 as the trunk
interface.
[SW1-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 3 //Add the interface to VLAN 2 and VLAN 3.
[SW1-GigabitEthernet0/0/2] quit
[SW1] interface gigabitethernet 0/0/3
[SW1-GigabitEthernet0/0/3] port link-type access //Configure the interface connected to PC3 as the
access interface.
[SW1-GigabitEthernet0/0/3] port default vlan 4 //Add PC3 to VLAN 4.
[SW1-GigabitEthernet0/0/3] quit

# Configure VLANIF interfaces and configure IP addresses for VLANIF interfaces as

gateway addresses of PCs.
[SW1] interface vlanif 2 //Create VLANIF 2.
[SW1-Vlanif2] ip address 192.168.2.1 24 //Configure an IP address for VLANIF 2. The IP address is the
gateway address of PC1.
[SW1-Vlanif2] quit
[SW1] interface vlanif 3 //Create VLANIF 3.
[SW1-Vlanif3] ip address 192.168.3.1 24 //Configure an IP address for VLANIF 3. The IP address is the
gateway address of PC2.
[SW1-Vlanif3] quit
[SW1] interface vlanif 4 //Create VLANIF 4.
[SW1-Vlanif4] ip address 192.168.4.1 24 //Configure an IP address for VLANIF 4. The IP address is the
gateway address of PC3.
[SW1-Vlanif4] quit

# Add interfaces connected to routers to VLANs.

[SW1] interface gigabitethernet 0/0/1
[SW1-GigabitEthernet0/0/1] port link-type access //Configure the interface connected to the router as the
access interface. The interface communicates with the router in untagged mode.
[SW1-GigabitEthernet0/0/1] port default vlan 5 //Add the router to VLAN 5.
[SW1-GigabitEthernet0/0/1] quit

# Configure VLANIF interfaces so that PCs can connect to the router.

[SW1] interface vlanif 5 //Create VLANIF 5.
[SW1-Vlanif5] ip address 192.168.5.1 24 //Configure an IP address for VLANIF 5. The IP address is used for
interoperation with the router.
[SW1-Vlanif5] quit

Step 3 Verify the configuration.

PC1, PC2, and PC3 can access each other, and they can communicate with the
router.

----End

Configuration Files
SW1 configuration file
#
sysname SW1

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 188

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
vlan batch 2 to 5
#
interface Vlanif2
ip address 192.168.2.1 255.255.255.0
#
interface Vlanif3
ip address 192.168.3.1 255.255.255.0
#
interface Vlanif4
ip address 192.168.4.1 255.255.255.0
#
interface Vlanif5
ip address 192.168.5.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 5
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
interface GigabitEthernet0/0/3
port link-type access
port default vlan 4
#
return

SW2 configuration file

#
sysname SW2
#
vlan batch 2 to 3
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
interface GigabitEthernet0/0/23
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/24
port link-type access
port default vlan 3
#
return

5.3.4 Example for Configuring MAC Address-based VLAN

Assignment
Overview
MAC address-based VLAN assignment applies to small-scale networks where user
terminals often change physical locations but their NICs seldom change, for
example, mobile computers.
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols,
and policies (MAC addresses, IP addresses, and interfaces). Table 5-2 compares
different VLAN assignment modes.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 189

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Table 5-2 Comparisons among VLAN assignment modes

VLAN Implementation Advantage Disadvan Usage
Assignme tage Scenario
nt Mode

Interface- VLANs are assigned It is simple to The Applies to

MAC VLANs are assigned When physical The Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 190

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

IP subnet- VLANs are assigned ● When Users are Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 191

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

Protocol- VLANs are assigned This mode ● The Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 192

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

respon
se
time.

Policy- VLANs are assigned ● This mode Each Applies to

Configuration Notes
This example applies to all versions of all switches.

Networking Requirements
In Figure 5-10, GE0/0/1 interfaces on SwitchA and SwitchB connect to two
conference rooms, respectively. Laptop1 and Laptop2 are portal computers used in
the two conferences rooms. Laptop1 and Laptop2 belong to two departments,
which belong to VLAN 100 and VLAN 200, respectively. Regardless of which
conference room in which Laptop1 and Laptop2 are used, Laptop1 and Laptop2
are required to access the servers of their respective departments (Server1 and
Server2, respectively). The MAC addresses of Laptop1 and Laptop2 are 00e0-
fcef-00c0 and 00e0-fcef-00c1.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 193

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-10 Networking of MAC address-based VLAN assignment

Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLANs on SwitchA and SwitchB and add interfaces to VLANs to
implement Layer 2 connectivity.
2. Configure MAC address-based VLAN assignment on SwitchA and SwitchB.
3. Configure transparent transmission of VLAN tagged-packets on the switch so
that Laptop1 and Laptop2 can access Server1 and Server2 of their respective
departments.

Procedure
Step 1 Configure SwitchA. The configuration of SwitchB is similar to the configuration of
SwitchA, and is not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 100 200 //Create VLAN 100 and VLAN 200.
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk //The link type of interfaces connecting switches
must be trunk. The default link type of an interface is not trunk, so you need to manually configure the
trunk interface.
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 200 //Add GE0/0/2 to VLAN 100 and
VLAN 200.
[SwitchA-GigabitEthernet0/0/2] quit
[SwitchA] vlan 100
[SwitchA-vlan100] mac-vlan mac-address 00e0-fcef-00c0 //Packets with the MAC address of 00e0-
fcef-00c0 are transmitted in VLAN 100.
[SwitchA-vlan100] quit
[SwitchA] vlan 200
[SwitchA-vlan200] mac-vlan mac-address 00e0-fcef-00c1 //Packets with the MAC address of 00e0-
fcef-00c1 are transmitted in VLAN 200.
[SwitchA-vlan200] quit

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 194

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchA] interface gigabitethernet 0/0/1

[SwitchA-GigabitEthernet0/0/1] port link-type hybrid //MAC address-based VLAN assignment can only
be enabled on hybrid interfaces. The default link type of an interface is not hybrid, so you need to manually
configure the hybrid interface.
[SwitchA-GigabitEthernet0/0/1] port hybrid untagged vlan 100 200 //Add the interface to VLAN 100 and
VLAN 200 in untagged mode.
[SwitchA-GigabitEthernet0/0/1] mac-vlan enable //Enable MAC address-based VLAN assignment on the
interface.
[SwitchA-GigabitEthernet0/0/1] quit

Step 2 Configure the switch. The configurations of GE0/0/2, GE0/0/3, and GE0/0/4 are
similar to the configuration of GE0/0/1, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 100 200
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type trunk
[Switch-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 200 //Add GE0/0/1 to VLAN 100 and VLAN
200.
[Switch-GigabitEthernet0/0/1] quit

Step 3 Verify the configuration.

# Run the display mac-vlan mac-address all command in any view to check the
configuration of MAC address-based VLAN assignment.
[SwitchA] display mac-vlan mac-address all
---------------------------------------------------
MAC Address MASK VLAN Priority
---------------------------------------------------
00e0-fcef-00c0 ffff-ffff-ffff 100 0
00e0-fcef-00c1 ffff-ffff-ffff 200 0

Total MAC VLAN address count: 2

----End

Configuration Files
SwitchA configuration file
#
sysname SwitchA
#
vlan batch 100 200
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid untagged vlan 100 200
mac-vlan enable
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
vlan 100
mac-vlan mac-address 00e0-fcef-00c0 priority 0
vlan 200
mac-vlan mac-address 00e0-fcef-00c1 priority 0
#
return

SwitchB configuration file

#
sysname SwitchB
#

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 195

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

vlan batch 100 200

#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid untagged vlan 100 200
mac-vlan enable
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
vlan 100
mac-vlan mac-address 00e0-fcef-00c0 priority 0
vlan 200
mac-vlan mac-address 00e0-fcef-00c1 priority 0
#
return

Switch configuration file

#
sysname Switch
#
vlan batch 100 200
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 100 200
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 100 200
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 100 200
#
return

5.3.5 Example for Configuring IP Subnet-based VLAN

Assignment
Overview of IP Subnet-based VLAN Assignment
IP subnet-based VLAN assignment applies to scenarios where there are high
requirements for mobility and simplified management and low requirements for
security. For example, this mode can be used if a PC with multiple IP addresses
needs to access servers on different network segments or a PC needs to join a new
VLAN automatically after the PC's IP address changes.
VLANs can be assigned based on interfaces, MAC addresses, IP subnets, protocols,
and policies (MAC addresses, IP addresses, and interfaces). Table 5-3 compares
different VLAN assignment modes.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 196

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Table 5-3 Comparisons among VLAN assignment modes

VLAN Implementation Advantage Disadvan Usage
Assignme tage Scenario
nt Mode

Interface- VLANs are assigned It is simple to The Applies to

MAC VLANs are assigned When physical The Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 197

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

IP subnet- VLANs are assigned ● When Users are Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 198

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

Protocol- VLANs are assigned This mode ● The Applies to

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 199

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

VLAN Implementation Advantage Disadvan Usage

Assignme tage Scenario
nt Mode

respon
se
time.

Policy- VLANs are assigned ● This mode Each Applies to

Configuration Notes
This example applies to all versions of all switches.

Networking Requirements
In Figure 5-11, an enterprise has multiple services, including IPTV, VoIP, and
Internet access. Each service uses a different IP subnet. To facilitate management,
the company requires that packets of the same service be transmitted in the same
VLAN and packets of different services in different VLANs. The switch receives
packets of multiple services such as data, IPTV, and voice services, and user devices
of these services use IP addresses on different IP subnets. The switch needs to
assign VLANs to packets of different services so that the router can transmit
packets with different VLAN IDs to different servers.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 200

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-11 Networking of IP subnet-based VLAN assignment

Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLANs and add interfaces to VLANs so that the interfaces allow the IP
subnet-based VLANs.
2. Enable IP subnet-based VLAN assignment and associate IP subnets with
VLANs so that the switch determines VLANs based on source IP addresses or
network segments of packets.

Procedure
Step 1 Create VLANs.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 100 200 300 //Create VLAN100, VLAN 200, and VLAN 300 in a batch.

Step 2 Configure interfaces.

[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type hybrid //IP subnet-based VLAN assignment can only be
enabled on hybrid interfaces. The default link type of an interface is not hybrid, so you need to manually
configure the hybrid interface.
[Switch-GigabitEthernet0/0/1] port hybrid untagged vlan 100 200 300 //Add the interface to VLANs
100, 200, and 300 in untagged mode.
[Switch-GigabitEthernet0/0/1] ip-subnet-vlan enable //Enable IP subnet-based VLAN assignment.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type trunk //Configure the link type of the interface as trunk.
[Switch-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 200 300
[Switch-GigabitEthernet0/0/2] quit

Step 3 Configure IP subnet-based VLAN assignment.

[Switch] vlan 100
[Switch-vlan100] ip-subnet-vlan 1 ip 192.168.1.2 24 priority 2 //Configure the device to forward packets
with the IP address of 192.168.1.2/24 and priority of 2 in VLAN 100.
[Switch-vlan100] quit
[Switch] vlan 200

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 201

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[Switch-vlan200] ip-subnet-vlan 1 ip 192.168.2.2 24 priority 3 //Configure the device to forward packets

with the IP address of 192.168.2.2/24 and priority of 3 in VLAN 200.
[Switch-vlan200] quit
[Switch] vlan 300
[Switch-vlan300] ip-subnet-vlan 1 ip 192.168.3.2 24 priority 4 //Configure the device to forward packets
with the IP address of 192.168.3.2/24 and priority of 4 in VLAN 300.
[Switch-vlan300] quit

Step 4 Verify the configuration.

# Run the display ip-subnet-vlan vlan all command on the switch. The following
information is displayed:
[Switch] display ip-subnet-vlan vlan all
----------------------------------------------------------------
Vlan Index IpAddress SubnetMask Priority
----------------------------------------------------------------
100 1 192.168.1.2 255.255.255.0 2
200 1 192.168.2.2 255.255.255.0 3
300 1 192.168.3.2 255.255.255.0 4
----------------------------------------------------------------
ip-subnet-vlan count: 3 total count: 3

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 100 200 300
#
vlan 100
ip-subnet-vlan 1 ip 192.168.1.2 255.255.255.0 priority 2
vlan 200
ip-subnet-vlan 1 ip 192.168.2.2 255.255.255.0 priority 3
vlan 300
ip-subnet-vlan 1 ip 192.168.3.2 255.255.255.0 priority 4
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid untagged vlan 100 200 300
ip-subnet-vlan enable
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 100 200 300
#
return

5.3.6 Example for Directly Connecting a Terminal to a Layer 3

Gateway to Implement Inter-VLAN Communication
Inter-VLAN Communication Overview
After VLANs are assigned, broadcast packets are only forwarded within the same
VLAN. That is, hosts in different VLANs cannot communicate at Layer 2 because
VLAN technology isolates broadcast domains. In real-world applications, hosts in
different VLANs often need to communicate, so inter-VLAN communication needs
to be implemented to resolve this. Layer 3 routing or VLAN technology is required
to implement inter-VLAN communication. Huawei provides a VLANIF interface to
implement inter-VLAN communication.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 202

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

A VLANIF interface is a Layer 3 logical interface. You can configure an IP address

for a VLANIF interface to implement inter-VLAN Layer 3 communication.

Configuration Notes
● The default gateway address of hosts in a VLAN must be the IP address of the
VLANIF interface that corresponds to the VLAN.
● This example applies to all versions of all switches.

Networking Requirements
Different user hosts of an enterprise transmit the same service, and are located on
different network segments. User hosts transmitting the same service belong to
different VLANs and need to communicate.
In Figure 5-12, User1 and User2 access the same service but belong to different
VLANs and are located on different network segments. User1 and User2 need to
communicate.

Figure 5-12 Networking for configuring inter-VLAN communication using VLANIF

interfaces

Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLANs and determine the VLANs to which users belong.
2. Add interfaces to VLANs and configure the interfaces to allow the VLANs.
3. Create VLANIF interfaces and configure IP addresses for the VLANIF interfaces
to implement Layer 3 connectivity.

Procedure
Step 1 Configure the switch.
# Create VLANs, and configure interfaces on the switch connected to user hosts as
access interfaces and add them to VLANs.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] vlan batch 10 20
[Switch] interface gigabitethernet 0/0/1

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 203

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[Switch-GigabitEthernet0/0/1] port link-type access //Configure the link type of the interface as access.
[Switch-GigabitEthernet0/0/1] port default vlan 10 //Add the interface to VLAN 10.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type access
[Switch-GigabitEthernet0/0/2] port default vlan 20
[Switch-GigabitEthernet0/0/2] quit

# Assign IP addresses to VLANIF interfaces.

[Switch] interface vlanif 10
[Switch-Vlanif10] ip address 10.10.10.2 24 //Set the IP address of VLANIF 10 to 10.10.10.2/24.
[Switch-Vlanif10] quit
[Switch] interface vlanif 20
[Switch-Vlanif20] ip address 10.10.20.2 24 //Set the IP address of VLANIF 20 to 10.10.20.2/24.
[Switch-Vlanif20] quit

Step 2 Verify the configuration.

Configure the IP address of 10.10.10.3/24 and default gateway address as
10.10.10.2/24 (VLANIF 10's IP address) for User1 in VLAN 10.
Configure the IP address of 10.10.20.3/24 and default gateway address as
10.10.20.2/24 (VLANIF 20's IP address) for User2 in VLAN 20.
After the configuration is complete, User1 in VLAN 10 and User2 in VLAN 20 can
communicate.

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 10 20
#
interface Vlanif10
ip address 10.10.10.2 255.255.255.0
#
interface Vlanif20
ip address 10.10.20.2 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 10
#
interface GigabitEthernet0/0/2
port link-type access
port default vlan 20
#
return

5.3.7 Example for Configuring MUX VLAN to Isolate Users in

the Same VLAN
MUX VLAN Overview
Multiplex VLAN (MUX VLAN) provides a mechanism to control network resources
using VLANs. It can implement inter-VLAN communication and intra-VLAN
isolation. The MUX VLAN is often used in enterprises and in hotels and residential

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 204

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

buildings requiring broadband access. An enterprise, hotel, or residential building

shares the same VLAN, but each department, room, or household is isolated.

Configuration Notes
● It is not recommended that the VLAN ID assigned to a principal VLAN be used
to configure VLAN mapping and VLAN stacking.
● The VLAN ID assigned to a group or separate VLAN cannot be used to
configure a VLANIF interface. Additionally, it is not recommended that this
VLAN ID be used to configure VLAN mapping and VLAN stacking.
● Disabling MAC address learning or limiting the number of learned MAC
addresses on an interface affects the MUX VLAN function on the interface.
● MUX VLAN and port security cannot be configured on the same interface
simultaneously.
● MUX VLAN and MAC address authentication cannot be configured on the
same interface simultaneously.
● MUX VLAN and 802.1x authentication cannot be configured on the same
interface simultaneously.
● If the MUX VLAN function is enabled on an interface, VLAN mapping and
VLAN stacking cannot be configured on the interface.
● This example applies to all versions of all switches.

Networking Requirements
All employees of an enterprise can access servers on the enterprise network. The
enterprise allows some employees to communicate but isolates other employees.
In Figure 5-13, Switch1 is deployed at the aggregation layer and used as the
gateway for downstream hosts. Switch2, Switch3, Switch4, Switch5, and Switch6
are access switches. Their GE0/0/1 interfaces connect to downstream hosts, and
their GE0/0/2 interfaces connect to Switch1. You can configure MUX VLAN on
Switch1. This reduces the number of VLAN IDs on the enterprise network and
facilitates network management.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 205

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-13 Networking of MUX VLAN

Configuration Roadmap
The configuration roadmap is as follows:

1. Configure the principal VLAN and a VLANIF interface. The IP address of the
VLANIF interface is used as the gateway IP address for downstream hosts and
servers.
2. Configure the group VLAN.
3. Configure the separate VLAN.
4. Add interfaces to VLANs and enable the MUX VLAN function on the
interfaces.
5. Add interfaces of access switches to VLANs.

Procedure
Step 1 Enable the MUX VLAN function on Switch1.

# On Switch1, create VLAN 2, VLAN 3, and VLAN 4, and a VLANIF interface for
VLAN 2. The IP address of the VLANIF interface is used as the gateway IP address
for downstream hosts and servers.
<HUAWEI> system-view
[HUAWEI] sysname Switch1
[Switch1] vlan batch 2 3 4
[Switch1] interface vlanif 2
[Switch1-Vlanif2] ip address 192.168.100.100 24
[Switch1-Vlanif2] quit

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 206

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

# Configure the group VLAN and separate VLAN of the MUX VLAN on Switch1.
[Switch1] vlan 2
[Switch1-vlan2] mux-vlan
[Switch1-vlan2] subordinate group 3 //Configure VLAN 3 as the group VLAN.
[Switch1-vlan2] subordinate separate 4 //Configure VLAN 4 as the separate VLAN.
[Switch1-vlan2] quit

# Add interfaces to the VLANs on Switch1 and enable the MUX VLAN function on
interfaces.
[Switch1] interface gigabitethernet 0/0/2
[Switch1-GigabitEthernet0/0/2] port link-type trunk
[Switch1-GigabitEthernet0/0/2] port trunk allow-pass vlan 2
[Switch1-GigabitEthernet0/0/2] port mux-vlan enable vlan 2
[Switch1-GigabitEthernet0/0/2] quit
[Switch1] interface gigabitethernet 0/0/3
[Switch1-GigabitEthernet0/0/3] port link-type trunk
[Switch1-GigabitEthernet0/0/3] port trunk allow-pass vlan 3
[Switch1-GigabitEthernet0/0/3] port mux-vlan enable vlan 3
[Switch1-GigabitEthernet0/0/3] quit
[Switch1] interface gigabitethernet 0/0/4
[Switch1-GigabitEthernet0/0/4] port link-type trunk
[Switch1-GigabitEthernet0/0/4] port trunk allow-pass vlan 3
[Switch1-GigabitEthernet0/0/4] port mux-vlan enable vlan 3
[Switch1-GigabitEthernet0/0/4] quit
[Switch1] interface gigabitethernet 0/0/5
[Switch1-GigabitEthernet0/0/5] port link-type trunk
[Switch1-GigabitEthernet0/0/5] port trunk allow-pass vlan 4
[Switch1-GigabitEthernet0/0/5] port mux-vlan enable vlan 4
[Switch1-GigabitEthernet0/0/5] quit
[Switch1] interface gigabitethernet 0/0/6
[Switch1-GigabitEthernet0/0/6] port link-type trunk
[Switch1-GigabitEthernet0/0/6] port trunk allow-pass vlan 4
[Switch1-GigabitEthernet0/0/6] port mux-vlan enable vlan 4
[Switch1-GigabitEthernet0/0/6] quit

Step 2 Configure interfaces of access switches and add them to VLANs. The
configurations of Switch3, Switch4, Switch5, and Switch6 are similar to the
configuration of Switch2, and are not mentioned here.
<HUAWEI> system-view
[HUAWEI] sysname Switch2
[Switch2] vlan batch 2
[Switch2] interface gigabitethernet 0/0/1
[Switch2-GigabitEthernet0/0/1] port link-type access //Configure the link type of the interface as access.
[Switch2-GigabitEthernet0/0/1] port default vlan 2
[Switch2-GigabitEthernet0/0/1] quit
[Switch2] interface gigabitethernet 0/0/2
[Switch2-GigabitEthernet0/0/2] port link-type trunk
[Switch2-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 //Configure the link type of the interface as
trunk.
[Switch2-GigabitEthernet0/0/2] quit

Step 3 Verify the configuration.

The server can communicate with HostB, HostC, HostD, and HostE.

HostB can communicate with HostC.

HostD cannot communicate with HostE.

HostB and HostC cannot communicate with either HostD or HostE.

----End

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 207

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Files
Switch1 configuration file

#
sysname Switch1
#
vlan batch 2 to 4
#
vlan 2
mux-vlan
subordinate separate 4
subordinate group 3
#
interface Vlanif2
ip address 192.168.100.100 255.255.255.0
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2
port mux-vlan enable vlan 2
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 3
port mux-vlan enable vlan 3
#
interface GigabitEthernet0/0/4
port link-type trunk
port trunk allow-pass vlan 3
port mux-vlan enable vlan 3
#
interface GigabitEthernet0/0/5
port link-type trunk
port trunk allow-pass vlan 4
port mux-vlan enable vlan 4
#
interface GigabitEthernet0/0/6
port link-type trunk
port trunk allow-pass vlan 4
port mux-vlan enable vlan 4
#
return

Switch2 configuration file

#
sysname Switch2
#
vlan batch 2
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2
#
return

Switch3 configuration file

#
sysname Switch3
#

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 208

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

vlan batch 3
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 3
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 3
#
return

Switch4 configuration file

#
sysname Switch4
#
vlan batch 3
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 3
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 3
#
return

Switch5 configuration file

#
sysname Switch5
#
vlan batch 4
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 4
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 4
#
return

Switch6 configuration file

#
sysname Switch6
#
vlan batch 4
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 4
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 4
#
return

5.4 Typical QinQ Configuration

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 209

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5.4.1 Example for Configuring Basic QinQ

QinQ Overview
802.1Q-in-802.1Q (QinQ) expands VLAN space by adding an additional 802.1Q
tag to 802.1Q tagged packets. It allows services in a private VLAN to be
transparently transmitted over a public network.
Basic QinQ, also called QinQ tunneling, is performed on interfaces. When an
interface enabled with basic QinQ receives a packet, the device adds the default
VLAN tag of its interface to the packet. If the received packet is tagged, it has
double VLAN tags. If the received packet is untagged, it has the default VLAN tag
of the interface.
When too many VLANs are required, you can configure basic QinQ. Basic QinQ, by
adding an outer tag, expands VLAN space and solves the VLAN shortage problem.

Configuration Notes
This example applies to all versions of the S600-E.

Networking Requirements
As shown in Figure 5-14, a network has two enterprises: enterprise 1 and
enterprise 2. Both enterprises have two branches. Enterprise 1 and enterprise 2
networks connect to SwitchA and SwitchB, respectively, of the ISP network. In
addition, there are non-Huawei devices on the public network and the TPID in the
outer VLAN tag is 0x9100.
The requirements are as follows:
● VLANs need to be independently assigned to enterprise 1 and enterprise 2.
● Traffic between the two branches of each enterprise is transparently
transmitted through the public network. Users accessing the same service in
different branches of each enterprise are allowed to communicate, and users
accessing different services must be isolated.
QinQ can be used to meet the preceding requirements. Configure VLAN 100 and
VLAN 200 to implement connectivity of enterprise 1 and enterprise 2 respectively
and to isolate enterprise 1 and enterprise 2; configure the TPID in the outer VLAN
tag on switch interfaces connected to non-Huawei devices so that Huawei
switches can communicate with the non-Huawei devices.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 210

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-14 Networking of basic QinQ

Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLAN 100 and VLAN 200 on SwitchA and SwitchB, configure
connected interfaces as QinQ interfaces, and add the interfaces to VLANs so
that different VLAN tags are added to packets of different services.
2. Add interfaces of SwitchA and SwitchB that are connected to the public
network to VLANs so that packets from VLAN 100 and VLAN 200 are allowed
to pass through.
3. Configure the TPID in the outer VLAN tag on interfaces of SwitchA and
SwitchB that are connected to the public network so that SwitchA and
SwitchB can communicate with non-Huawei devices.

Procedure
Step 1 Create VLANs.
# Create VLAN 100 and VLAN 200 on SwitchA.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 100 200

# Create VLAN 100 and VLAN 200 on SwitchB.

<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] vlan batch 100 200

Step 2 Set the link type of interfaces to QinQ.

# Configure GE0/0/1 and GE0/0/2 of SwitchA as QinQ interfaces, and set the
default VLAN of GE0/0/1 to VLAN 100 and the default VLAN of GE0/0/2 to VLAN

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 211

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

200. VLAN 100 and VLAN 200 are added to outer tags. The configuration of
SwitchB is similar to the configuration of SwitchA, and is not mentioned here.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type dot1q-tunnel //Configure the link type of the interface as
QinQ.
[SwitchA-GigabitEthernet0/0/1] port default vlan 100
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type dot1q-tunnel //Configure the link type of the interface as
QinQ.
[SwitchA-GigabitEthernet0/0/2] port default vlan 200
[SwitchA-GigabitEthernet0/0/2] quit

Step 3 Configure switch interfaces connected to the public network.

# Add GE0/0/3 on Switch A to VLAN 100 and VLAN 200. The configuration of
SwitchB is similar to the configuration of SwitchA, and is not mentioned here.
[SwitchA] interface gigabitethernet 0/0/3
[SwitchA-GigabitEthernet0/0/3] port link-type trunk
[SwitchA-GigabitEthernet0/0/3] port trunk allow-pass vlan 100 200
[SwitchA-GigabitEthernet0/0/3] quit

Step 4 Configure the TPID in the outer VLAN tag.

# Set the TPID in the outer VLAN tag to 0x9100 on SwitchA.
[SwitchA] interface gigabitethernet 0/0/3
[SwitchA-GigabitEthernet0/0/3] qinq protocol 9100 //Set the TPID in the outer VLAN tag to 0x9100.

# Set the TPID in the outer VLAN tag to 0x9100 on SwitchB.

[SwitchB] interface gigabitethernet 0/0/3
[SwitchB-GigabitEthernet0/0/3] qinq protocol 9100 //Set the TPID in the outer VLAN tag to 0x9100.

Step 5 Verify the configuration.

On a PC in a VLAN of a branch in enterprise 1, ping a PC in the same VLAN of the
other branch in enterprise 1. The ping operation succeeds, indicating that branches
of enterprise 1 can communicate with each other.
On a PC in a VLAN of a branch in enterprise 2, ping a PC in the same VLAN of the
other branch in enterprise 2. The ping operation succeeds, indicating that branches
of enterprise 2 can communicate with each other.
On a PC in a VLAN of a branch in enterprise 1, ping a PC in the same VLAN of a
branch in enterprise 2. The ping operation fails, indicating that enterprise 1 and
enterprise 2 are isolated.

----End

Configuration Files
● Configuration file of SwitchA
#
sysname SwitchA
#
vlan batch 100 200
#
interface GigabitEthernet0/0/1
port link-type dot1q-tunnel
port default vlan 100
#
interface GigabitEthernet0/0/2

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 212

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

● Configuration file of SwitchB

#
sysname SwitchB
#
vlan batch 100 200
#
interface GigabitEthernet0/0/1
port link-type dot1q-tunnel
port default vlan 100
#
interface GigabitEthernet0/0/2
port link-type dot1q-tunnel
port default vlan 200
#
interface GigabitEthernet0/0/3
qinq protocol 9100
port link-type trunk
port trunk allow-pass vlan 100 200
#
return

5.4.2 Example for Configuring VLAN ID

Selective QinQ, also called VLAN stacking or QinQ stacking, is an extension of

QinQ. Selective QinQ is performed based on interfaces and VLAN IDs. In addition
to functions of basic QinQ, selective QinQ takes different actions for packets
received by the same interface based on VLANs.

Configuration Notes
When configuring selective QinQ on the switch, pay attention to the following
points:

● Before configuring selective QinQ, you must run the qinq vlan-translation
enable command to enable VLAN translation.
● You are advised to configure selective QinQ on a hybrid interface. Selective
QinQ can take effect on the interface only in the inbound direction.
● The outer VLAN must be created before Selective QinQ is performed.
● When an interface configured with VLAN stacking needs to remove the outer
tag from outgoing frames, the interface must join the VLAN specified by
stack-vlan in untagged mode. If the outer VLAN does not need to be
removed, the interface must join the VLAN specified by stack-vlan in tagged
mode.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 213

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

● The device configured with selective QinQ can add only one outer VLAN tag
to a frame with an inner VLAN tag on an interface.
● If only single-tagged packets from a VLAN need to be transparently
transmitted, do not specify the VLAN as the inner VLAN of selective QinQ.
● This example applies to all versions of the S600-E.

Networking Requirements
As shown in Figure 5-15, Internet access users (using PCs) and VoIP users (using
VoIP phones) connect to the ISP network through SwitchA and SwitchB and
communicate with each other through the ISP network.
In the enterprise, VLAN 100 is allocated to PCs and VLAN 300 is allocated to VoIP
phones.
It is required that packets of PCs and VoIP phones are tagged VLAN 2 and VLAN 3
respectively when the packets are transmitted through the ISP network.

Figure 5-15 Networking of VLAN ID-based selective QinQ

Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLANs on SwitchA and SwitchB.
2. Configure link types of interfaces and add interfaces to VLANs on SwitchA
and SwitchB.
3. Configure selective QinQ on interfaces of SwitchA and SwitchB.

Procedure
Step 1 Create VLANs.
# On SwitchA, create VLAN 2 and VLAN 3, that is, VLAN IDs of the outer VLAN
tag to be added.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 214

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] vlan batch 2 3

# On SwitchB, create VLAN 2 and VLAN 3, that is, VLAN IDs of the outer VLAN tag
to be added.
<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] vlan batch 2 3

Step 2 Configure selective QinQ on interfaces.

# Configure GE0/0/1 on SwitchA.

[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type hybrid
[SwitchA-GigabitEthernet0/0/1] qinq vlan-translation enable
[SwitchA-GigabitEthernet0/0/1] port hybrid untagged vlan 2 3 //Add the hybrid interface to VLANs in
untagged mode.
[SwitchA-GigabitEthernet0/0/1] port vlan-stacking vlan 100 stack-vlan 2 //Configure the inner VLAN tag
as VLAN 100 and add VLAN 2 in the outer VLAN tag.
[SwitchA-GigabitEthernet0/0/1] port vlan-stacking vlan 300 stack-vlan 3 //Configure the inner VLAN tag
as VLAN 300 and add VLAN 3 in the outer VLAN tag.
[SwitchA-GigabitEthernet0/0/1] quit

# Configure GE0/0/1 on SwitchB.

[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] port link-type hybrid
[SwitchA-GigabitEthernet0/0/1] qinq vlan-translation enable
[SwitchB-GigabitEthernet0/0/1] port hybrid untagged vlan 2 3 //Add the hybrid interface to VLANs in
untagged mode.
[SwitchB-GigabitEthernet0/0/1] port vlan-stacking vlan 100 stack-vlan 2 //Configure the inner VLAN tag
as VLAN 100 and add VLAN 2 in the outer VLAN tag.
[SwitchB-GigabitEthernet0/0/1] port vlan-stacking vlan 300 stack-vlan 3 //Configure the inner VLAN tag
as VLAN 300 and add VLAN 3 in the outer VLAN tag.
[SwitchB-GigabitEthernet0/0/1] quit

Step 3 Configure other interfaces.

# Add GE0/0/2 on SwitchA to VLAN 2 and VLAN 3.

[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 3
[SwitchA-GigabitEthernet0/0/2] quit

# Add GE0/0/2 on SwitchB to VLAN 2 and VLAN 3.

[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] port link-type trunk
[SwitchB-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 3
[SwitchB-GigabitEthernet0/0/2] quit

Step 4 Verify the configuration.

If the configurations on SwitchA and SwitchB are correct, you can obtain the
following information:

● PCs can communicate with each other through the ISP network.
● VoIP phones can communicate with each other through the ISP network.

----End

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 215

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Files
● Configuration file of SwitchA
#
sysname SwitchA
#
vlan batch 2 to 3
#
interface GigabitEthernet0/0/1
port link-type hybrid
qinq vlan-translation enable
port hybrid untagged vlan 2 to 3
port vlan-stacking vlan 100 stack-vlan 2
port vlan-stacking vlan 300 stack-vlan 3
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
return
● Configuration file of SwitchB
#
sysname SwitchB
#
vlan batch 2 to 3
#
interface GigabitEthernet0/0/1
port link-type hybrid
qinq vlan-translation enable
port hybrid untagged vlan 2 to 3
port vlan-stacking vlan 100 stack-vlan 2
port vlan-stacking vlan 300 stack-vlan 3
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 3
#
return

5.5 Typical Examples of MSTP/RRPP

5.5.1 Example for Configuring STP
Overview
Generally, redundant links are used on an Ethernet switching network to provide
link backup and enhance network reliability. The use of redundant links, however,
may produce loops, causing broadcast storms and rendering the MAC address
table unstable. As a result, the communication quality deteriorates, and
communication services may be interrupted. The Spanning Tree Protocol (STP) is
used to solve these problems. STP prevents loops. Devices running STP discover
loops on the network by exchanging information with each other, and block some
ports to eliminate loops.
STP refers to STP defined in IEEE 802.1D, the Rapid Spanning Tree Protocol (RSTP)
defined in IEEE 802.1w, and the Multiple Spanning Tree Protocol (MSTP) defined
in IEEE 802.1s.
MSTP is compatible with RSTP and STP, and RSTP is compatible with STP. Table
5-4 compares STP, RSTP, and MSTP.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 216

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Table 5-4 Comparisons among STP, RSTP, and MSTP

Spannin Characteristics Application Scenario
g Tree
Protocol

STP ● Forms a loop-free tree to User or service traffic does not

prevent broadcast storms and need to be differentiated, and all
implement redundancy. VLANs share a spanning tree.
● Provides slow convergence.

RSTP ● Forms a loop-free tree to

prevent broadcast storms and
implement redundancy.
● Provides fast convergence.

MSTP ● Forms multiple loop-free User or service traffic needs to be

trees to prevent broadcast differentiated and load balanced.
storms and implement Traffic from different VLANs is
redundancy. forwarded through different
● Provides fast convergence. spanning trees that are
independent of each other.
● Implements load balancing
among VLANs and forwards
traffic in different VLANs
along different paths.

Configuration Notes
● This example applies to all versions of the S600-E.
● The ports connected to terminals do not participate in STP calculation.
Therefore, configure the ports as edge ports or disable STP on the ports.

Networking Requirements
To implement redundancy on a complex network, network designers tend to
deploy multiple physical links between two devices, one of which is the primary
link and the others are backup links. Loops may occur, causing broadcast storms
or rendering the MAC address table unstable.
After a network designer deploys a network, STP can be deployed on the network
to prevent loops. When loops exist on a network, STP blocks a port to eliminate
the loops. In Figure 5-16, SwitchA, SwitchB, SwitchC, and SwitchD running STP
exchange STP BPDUs to discover loops on the network and block ports to prune
the network into a loop-free tree network. STP prevents infinite looping of packets
to ensure packet processing capabilities of switches.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 217

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-16 STP networking

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the switching devices on the ring network to work in STP mode.
2. Configure the root bridge and secondary root bridge.
3. Configure the path cost of a port so that the port can be blocked.
4. Enable STP to eliminate loops.

Procedure
Step 1 Configure basic STP functions.
1. Configure the switching devices on the ring network to work in STP mode.
# Configure SwitchA to work in STP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] stp mode stp
# Configure SwitchB to work in STP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] stp mode stp
# Configure SwitchC to work in STP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchC
[SwitchC] stp mode stp

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 218

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

# Configure SwitchD to work in STP mode.

<HUAWEI> system-view
[HUAWEI] sysname SwitchD
[SwitchD] stp mode stp

2. Configure the root bridge and secondary root bridge.

# Configure SwitchA as the root bridge.
[SwitchA] stp root primary

# Configure SwitchD as the secondary root bridge.

[SwitchD] stp root secondary

3. Configure the path cost of a port so that the port can be blocked.
NOTE

# Configure SwitchB to use Huawei's proprietary algorithm to calculate the

path cost.
[SwitchB] stp pathcost-standard legacy

# Configure SwitchC to use Huawei's proprietary algorithm to calculate the

path cost.
[SwitchC] stp pathcost-standard legacy

# Set the path cost of GigabitEthernet0/0/1 on SwitchC to 20000.

[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] stp cost 20000
[SwitchC-GigabitEthernet0/0/1] quit

# Configure SwitchD to use Huawei's proprietary algorithm to calculate the

path cost.
[SwitchD] stp pathcost-standard legacy

4. Enable STP to eliminate loops.

– Configure the ports connected to PCs as edge ports.
# Configure GigabitEthernet0/0/2 of SwitchB as an edge port.
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] stp edged-port enable
[SwitchB-GigabitEthernet0/0/2] quit

(Optional) Configure BPDU protection on SwitchB.

[SwitchB] stp bpdu-protection

# Configure GigabitEthernet0/0/2 of SwitchC as an edge port.

[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] stp edged-port enable
[SwitchC-GigabitEthernet0/0/2] quit

(Optional) Configure BPDU protection on SwitchC.

[SwitchC] stp bpdu-protection

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 219

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

NOTE
If edge ports are connected to network devices that have STP enabled and BPDU
protection is enabled, the edge ports will be shut down and their attributes
remain unchanged after they receive BPDUs.
– Enable STP globally on devices.
# Enable STP globally on SwitchA.
[SwitchA] stp enable

# Enable STP globally on SwitchB.

[SwitchB] stp enable

# Enable STP globally on SwitchC.

[SwitchC] stp enable

# Enable STP globally on SwitchD.

[SwitchD] stp enable

Step 2 Verify the configuration.

After the configuration is complete and the network topology becomes stable,
perform the following operations to verify the configuration.
# Run the display stp brief command on SwitchA to view the port status and
protection type. The displayed information is as follows:
[SwitchA] display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE
0 GigabitEthernet0/0/2 DESI FORWARDING NONE

After SwitchA is configured as the root bridge, GigabitEthernet0/0/2 and

GigabitEthernet0/0/1 connected to SwitchB and SwitchD are selected as designed
ports.
# Run the display stp interface gigabitethernet 0/0/1 brief command on
SwitchB to check the status of GigabitEthernet0/0/1. The following information is
displayed:
[SwitchB] display stp interface gigabitethernet 0/0/1 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE

GigabitEthernet0/0/1 becomes the designated port and is in FORWARDING state.

# Run the display stp brief command on SwitchC to check the port status.
[SwitchC] display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ALTE DISCARDING NONE
0 GigabitEthernet0/0/3 ROOT FORWARDING NONE

GigabitEthernet0/0/3 becomes the root port and is in FORWARDING state.

GigabitEthernet0/0/1 becomes the alternate port and is in DISCARDING state.

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 220

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
stp mode stp
stp instance 0 root primary
stp pathcost-standard legacy
#
return
● SwitchB configuration file
#
sysname SwitchB
#
stp mode stp
stp bpdu-protection
stp pathcost-standard legacy
#
interface GigabitEthernet0/0/2
stp edged-port enable
#
return
● SwitchC configuration file
#
sysname SwitchC
#
stp mode stp
stp bpdu-protection
stp pathcost-standard legacy
#
interface GigabitEthernet0/0/1
stp instance 0 cost 20000
#
interface GigabitEthernet0/0/2
stp edged-port enable
#
return
● SwitchD configuration file
#
sysname SwitchD
#
stp mode stp
stp instance 0 root secondary
stp pathcost-standard legacy
#
return

5.5.2 Example for Configuring RSTP

Overview
Generally, redundant links are used on an Ethernet switching network to provide
link backup and enhance network reliability. The use of redundant links, however,
may produce loops, causing broadcast storms and rendering the MAC address
table unstable. As a result, the communication quality deteriorates, and
communication services may be interrupted. The Spanning Tree Protocol (STP) is
used to solve these problems. STP prevents loops. Devices running STP discover
loops on the network by exchanging information with each other, and block some
ports to eliminate loops.
STP refers to STP defined in IEEE 802.1D, the Rapid Spanning Tree Protocol (RSTP)
defined in IEEE 802.1w, and the Multiple Spanning Tree Protocol (MSTP) defined
in IEEE 802.1s.
MSTP is compatible with RSTP and STP, and RSTP is compatible with STP. Table
5-5 compares STP, RSTP, and MSTP.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 221

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Table 5-5 Comparisons among STP, RSTP, and MSTP

Spannin Characteristics Application Scenario
g Tree
Protocol

STP ● Forms a loop-free tree to User or service traffic does not

prevent broadcast storms and need to be differentiated, and all
implement redundancy. VLANs share a spanning tree.
● Provides slow convergence.

RSTP ● Forms a loop-free tree to

prevent broadcast storms and
implement redundancy.
● Provides fast convergence.

MSTP ● Forms multiple loop-free User or service traffic needs to be

Configuration Notes
● This example applies to all versions of the S600-E.
● The ports connected to terminals do not participate in RSTP calculation.
Therefore, configure the ports as edge ports or disable STP on the ports.

Networking Requirements
To implement redundancy on a complex network, network designers tend to
deploy multiple physical links between two devices, one of which is the primary
link and the others are backup links. Loops may occur, causing broadcast storms
or rendering the MAC address table unstable.
After a network designer deploys a network, RSTP can be deployed on the
network to prevent loops. When loops exist on a network, RSTP blocks a port to
eliminate the loops. In Figure 5-17, SwitchA, SwitchB, SwitchC, and SwitchD
running RSTP exchange RSTP BPDUs to discover loops on the network and block
ports to prune the network into a loop-free tree network. RSTP prevents infinite
looping of packets to ensure packet processing capabilities of switches.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 222

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-17 RSTP networking

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure basic RSTP functions on switching devices of the ring network.
a. Configure the switching devices on the ring network to work in RSTP
mode.
b. Configure the root bridge and secondary root bridge.
c. Configure the path cost of a port so that the port can be blocked.
d. Enable RSTP to eliminate loops.
2. Enable protection functions to protect devices or links. For example, enable
root protection on the designed port of the root bridge.

Procedure
Step 1 Configure basic RSTP functions.
1. Configure the switching devices on the ring network to work in RSTP mode.
# Configure SwitchA to work in RSTP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] stp mode rstp

# Configure SwitchB to work in RSTP mode.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 223

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] stp mode rstp
# Configure SwitchC to work in RSTP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchC
[SwitchC] stp mode rstp
# Configure SwitchD to work in RSTP mode.
<HUAWEI> system-view
[HUAWEI] sysname SwitchD
[SwitchD] stp mode rstp
2. Configure the root bridge and secondary root bridge.
# Configure SwitchA as the root bridge.
[SwitchA] stp root primary
# Configure SwitchD as the secondary root bridge.
[SwitchD] stp root secondary
3. Configure the path cost of a port so that the port can be blocked.
NOTE

– The path cost range depends on the algorithm. Huawei's proprietary algorithm is
used as an example. Set the path costs of the ports to be blocked to 20000.
– Switching devices on the same network must use the same algorithm to calculate
the path cost of ports.
# Configure SwitchA to use Huawei's proprietary algorithm to calculate the
path cost.
[SwitchA] stp pathcost-standard legacy
# Configure SwitchB to use Huawei's proprietary algorithm to calculate the
path cost.
[SwitchB] stp pathcost-standard legacy
# Configure SwitchC to use Huawei's proprietary algorithm to calculate the
path cost.
[SwitchC] stp pathcost-standard legacy
# Set the path cost of GigabitEthernet0/0/1 on SwitchC to 20000.
[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] stp cost 20000
[SwitchC-GigabitEthernet0/0/1] quit
# Configure SwitchD to use Huawei's proprietary algorithm to calculate the
path cost.
[SwitchD] stp pathcost-standard legacy
4. Enable RSTP to eliminate loops.
– Configure the ports connected to PCs as edge ports.
# Configure GigabitEthernet0/0/2 on SwitchB as an edge port.
[SwitchB] interface gigabitethernet 0/0/2
[SwitchB-GigabitEthernet0/0/2] stp edged-port enable
[SwitchB-GigabitEthernet0/0/2] quit
(Optional) Configure BPDU protection on SwitchB.
[SwitchB] stp bpdu-protection
# Configure GigabitEthernet0/0/2 on SwitchC as an edge port.
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] stp edged-port enable
[SwitchC-GigabitEthernet0/0/2] quit

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 224

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

(Optional) Configure BPDU protection on SwitchC.

[SwitchC] stp bpdu-protection

NOTE
If edge ports are connected to network devices that have STP enabled and BPDU
protection is enabled, the edge ports will be shut down and their attributes
remain unchanged after they receive BPDUs.
– Enable RSTP globally on devices.
# Enable RSTP on SwitchA.
[SwitchA] stp enable

# Enable RSTP globally on SwitchB.

[SwitchB] stp enable

# Enable RSTP globally on SwitchC.

[SwitchC] stp enable

# Enable RSTP globally on SwitchD.

[SwitchD] stp enable

Step 2 Enable protection functions. The following uses root protection on the designated
port of the root bridge as an example.
# Configure root protection on GigabitEthernet0/0/1 of SwitchA.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] stp root-protection
[SwitchA-GigabitEthernet0/0/1] quit

# Configure root protection on GigabitEthernet0/0/2 of SwitchA.

[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] stp root-protection
[SwitchA-GigabitEthernet0/0/2] quit

Step 3 Verify the configuration.

After the configuration is complete and the network topology becomes stable,
perform the following operations to verify the configuration.
# Run the display stp brief command on SwitchA to view the status and
protection type on the ports. The displayed information is as follows:
[SwitchA] display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING ROOT
0 GigabitEthernet0/0/2 DESI FORWARDING ROOT

After SwitchA is configured as the root bridge, GigabitEthernet0/0/2 and

GigabitEthernet0/0/1 connected to SwitchB and SwitchD become designed ports
and configured with root protection.
# Run the display stp interface gigabitethernet 0/0/1 brief command on
SwitchB to check the status of GigabitEthernet0/0/1. The following information is
displayed:
[SwitchB] display stp interface gigabitethernet 0/0/1 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING NONE

GigabitEthernet0/0/1 becomes the designated port and is in FORWARDING state.

# Run the display stp brief command on SwitchC to check the port status.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 225

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchC] display stp brief

MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 ALTE DISCARDING NONE
0 GigabitEthernet0/0/2 DESI FORWARDING NONE
0 GigabitEthernet0/0/3 ROOT FORWARDING NONE

GE0/0/1 becomes the alternate port and is in DISCARDING state.

GE0/0/3 becomes the root port and is in FORWARDING state.

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
stp mode rstp
stp instance 0 root primary
stp pathcost-standard legacy
#
interface GigabitEthernet0/0/1
stp root-protection
#
interface GigabitEthernet0/0/2
stp root-protection
#
return
● SwitchB configuration file
#
sysname SwitchB
#
stp mode rstp
stp bpdu-protection
stp pathcost-standard legacy
#
interface GigabitEthernet0/0/2
stp edged-port enable
#
return
● SwitchC configuration file
#
sysname SwitchC
#
stp mode rstp
stp bpdu-protection
stp pathcost-standard legacy
#
interface GigabitEthernet0/0/1
stp instance 0 cost 20000
#
interface GigabitEthernet0/0/2
stp edged-port enable
#
return
● SwitchD configuration file
#
sysname SwitchD
#
stp mode rstp
stp instance 0 root secondary
stp pathcost-standard legacy
#
return

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 226

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5.5.3 Example for Configuring MSTP

Table 5-6 Comparisons among STP, RSTP, and MSTP

Spannin Characteristics Application Scenario

g Tree
Protocol

STP ● Forms a loop-free tree to User or service traffic does not

prevent broadcast storms and need to be differentiated, and all
implement redundancy. VLANs share a spanning tree.
● Provides slow convergence.

RSTP ● Forms a loop-free tree to

prevent broadcast storms and
implement redundancy.
● Provides fast convergence.

MSTP ● Forms multiple loop-free User or service traffic needs to be

Configuration Notes
● This example applies to all versions of the S600-E.
● The ports connected to terminals do not participate in MSTP calculation.
Therefore, configure the ports as edge ports or disable STP on the ports.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 227

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Networking Requirements
To implement redundancy on a complex network, network designers tend to
deploy multiple physical links between two devices, one of which is the primary
link and the others are backup links. Loops may occur, causing broadcast storms
or rendering the MAC address table unstable. MSTP can be used to prevent loops.
MSTP blocks redundant links and prunes a network into a tree topology free from
loops.
In Figure 5-18, SwitchA, SwitchB, SwitchC, and SwitchD run MSTP. MSTP uses
multiple instances to implement load balancing of traffic in VLANs 2 to 10 and
VLANs 11 to 20. The VLAN mapping table that defines the mapping between
VLANs and MSTIs can be used.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 228

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-18 MSTP networking

Configuration Roadmap
The configuration roadmap is as follows:
1. Configure basic MSTP functions on switching devices of the ring network.
2. Enable protection functions to protect devices or links. For example, enable
root protection on the designed port of the root bridge in each MSTI.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 229

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

NOTE

When the link between the root bridge and secondary root bridge goes Down, the port
enabled with root protection becomes Discarding because root protection takes effect.
To improve reliability, you are advised to bind the link between the root bridge and
secondary root bridge to an Eth-Trunk.
3. Configure Layer 2 forwarding on devices.

Procedure
Step 1 Configure basic MSTP functions.
1. Configure SwitchA, SwitchB, SwitchC, and SwitchD (access switches) in the
MST region RG1 and create MSTI 1 and MSTI 2.
NOTE

Two switches belong to the same MST region when they have the same:
– Name of the MST region
– Mapping between VLANs and MSTIs
– Revision level of the MST region
# Configure an MST region of root bridge SwitchA in MSTI 1.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] stp region-configuration
[SwitchA-mst-region] region-name RG1 //Configure the region name as RG1.
[SwitchA-mst-region] instance 1 vlan 2 to 10 //Map VLANs 2 to 10 to MSTI 1.
[SwitchA-mst-region] instance 2 vlan 11 to 20 //Map VLANs 11 to 20 to MSTI 2.
[SwitchA-mst-region] active region-configuration //Activate the MST region configuration.
[SwitchA-mst-region] quit
# Configure an MST region of root bridge SwitchB in MSTI 1.
<HUAWEI> system-view
[HUAWEI] sysname SwitchB
[SwitchB] stp region-configuration
[SwitchB-mst-region] region-name RG1 //Configure the region name as RG1.
[SwitchB-mst-region] instance 1 vlan 2 to 10 //Map VLANs 2 to 10 to MSTI 1.
[SwitchB-mst-region] instance 2 vlan 11 to 20 //Map VLANs 11 to 20 to MSTI 2.
[SwitchB-mst-region] active region-configuration //Activate the MST region configuration.
[SwitchB-mst-region] quit
# Configure an MST region of SwitchC.
<HUAWEI> system-view
[HUAWEI] sysname SwitchC
[SwitchC] stp region-configuration
[SwitchC-mst-region] region-name RG1 //Configure the region name as RG1.
[SwitchC-mst-region] instance 1 vlan 2 to 10 //Map VLANs 2 to 10 to MSTI 1.
[SwitchC-mst-region] instance 2 vlan 11 to 20 //Map VLANs 11 to 20 to MSTI 2.
[SwitchC-mst-region] active region-configuration //Activate the MST region configuration.
[SwitchC-mst-region] quit
# Configure an MST region of SwitchD.
<HUAWEI> system-view
[HUAWEI] sysname SwitchD
[SwitchD] stp region-configuration
[SwitchD-mst-region] region-name RG1 //Configure the region name as RG1.
[SwitchD-mst-region] instance 1 vlan 2 to 10 //Map VLANs 2 to 10 to MSTI 1.
[SwitchD-mst-region] instance 2 vlan 11 to 20 //Map VLANs 11 to 20 to MSTI 2.
[SwitchD-mst-region] active region-configuration //Activate the MST region configuration.
[SwitchD-mst-region] quit
2. Configure root bridges and secondary root bridges of MSTI 1 and MSTI 2 in
the MST region RG1.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 230

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

– Configure the root bridge and secondary root bridge in MSTI 1.

# Configure SwitchA as the root bridge in MSTI 1.
[SwitchA] stp instance 1 root primary

# Configure SwitchB as the secondary root bridge in MSTI 1.

[SwitchB] stp instance 1 root secondary

– Configure the root bridge and secondary root bridge in MSTI 2.

# Configure SwitchB as the root bridge in MSTI 2.
[SwitchB] stp instance 2 root primary

# Configure SwitchA as the secondary root bridge in MSTI 2.

[SwitchA] stp instance 2 root secondary

3. Set the path costs of the ports to be blocked in MSTI 1 and MSTI 2 to be
larger than the default values.
NOTE

– The path cost range depends on the algorithm. Huawei's proprietary algorithm is
used as an example. Set the path costs of the ports to be blocked in MSTI 1 and
MSTI 2 to 20000.
– Switching devices on the same network must use the same algorithm to calculate
the path cost of ports.
Configure SwitchA to use Huawei's proprietary algorithm to calculate the
path cost.
[SwitchA] stp pathcost-standard legacy

# Configure SwitchB to use Huawei's proprietary algorithm to calculate the

path cost.
[SwitchB] stp pathcost-standard legacy

# Configure SwitchC to use Huawei's proprietary algorithm to calculate the

path cost and set the path cost of GE0/0/2 to 20000 in MSTI 2.
[SwitchC] stp pathcost-standard legacy
[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] stp instance 2 cost 20000
[SwitchC-GigabitEthernet0/0/2] quit

# Configure SwitchD to use Huawei's proprietary algorithm to calculate the

path cost and set the path cost of GE0/0/2 to 20000 in MSTI 1.
[SwitchD] stp pathcost-standard legacy
[SwitchD] interface gigabitethernet 0/0/2
[SwitchD-GigabitEthernet0/0/2] stp instance 1 cost 20000
[SwitchD-GigabitEthernet0/0/2] quit

4. Enable MSTP to eliminate loops.

– Enable MSTP globally on devices.
[SwitchA] stp enable

# Enable MSTP on SwitchB.

[SwitchB] stp enable

# Enable MSTP on SwitchC.

[SwitchC] stp enable

# Enable MSTP on SwitchD.

[SwitchD] stp enable

– Configure the ports connected to the terminal as edge ports.

# Configure GE0/0/1 of SwitchC as an edge port.

Issue 35 (2023-04-11) Copyright © Huawei Technologies Co., Ltd. 231

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchC] interface gigabitethernet 0/0/1

[SwitchC-GigabitEthernet0/0/1] stp edged-port enable
[SwitchC-GigabitEthernet0/0/1] quit

(Optional) Configure BPDU protection on SwitchC.

[SwitchC] stp bpdu-protection

# Configure GE0/0/1 of SwitchC as an edge port.

[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] stp edged-port enable
[SwitchD-GigabitEthernet0/0/1] quit

(Optional) Configure BPDU protection on SwitchD.

[SwitchD] stp bpdu-protection

Step 2 Enable protection functions. For example, enable root protection on the designed
port of the root bridge in each MSTI.
# Enable root protection on GE0/0/1 of SwitchA.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] stp root-protection
[SwitchA-GigabitEthernet0/0/1] quit

# Enable root protection on GE0/0/1 of SwitchB.

[SwitchB] interface gigabitethernet 0/0/1
[SwitchB-GigabitEthernet0/0/1] stp root-protection
[SwitchB-GigabitEthernet0/0/1] quit

Step 3 Configure Layer 2 forwarding on switches of the ring network.

● Create VLANs 2 to 20 on SwitchA, SwitchB, SwitchC, and SwitchD.
# Create VLANs 2 to 20 on SwitchA.
[SwitchA] vlan batch 2 to 20

# Create VLANs 2 to 20 on SwitchB.

[SwitchB] vlan batch 2 to 20

# Create VLANs 2 to 20 on SwitchC.

[SwitchC] vlan batch 2 to 20

# Create VLANs 2 to 20 on SwitchD.

[SwitchD] vlan batch 2 to 20

● Add ports connected to the ring to VLANs.

# Add GE0/0/1 on SwitchA to VLANs.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 to 20
[SwitchA-GigabitEthernet0/0/1] quit

# Add Eth-Trunk1 on SwitchA to VLANs.

[SwitchA] interface Eth-Trunk 1
[SwitchA-Eth-Trunk1] trunkport gigabitethernet 0/0/2
[SwitchA-Eth-Trunk1] trunkport gigabitethernet 0/0/3
[SwitchA-Eth-Trunk1] port link-type trunk
[SwitchA-Eth-Trunk1] port trunk allow-pass vlan 2 to 20
[SwitchA-Eth-Trunk1] quit

# Add GE0/0/1 on SwitchB to VLANs.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchB] interface gigabitethernet 0/0/1

[SwitchB-GigabitEthernet0/0/1] port link-type trunk
[SwitchB-GigabitEthernet0/0/1] port trunk allow-pass vlan 2 to 20
[SwitchB-GigabitEthernet0/0/1] quit

# Add Eth-Trunk1 on SwitchB to VLANs.

[SwitchB] interface Eth-Trunk 1
[SwitchB-Eth-Trunk1] trunkport gigabitethernet 0/0/2
[SwitchB-Eth-Trunk1] trunkport gigabitethernet 0/0/3
[SwitchB-Eth-Trunk1] port link-type trunk
[SwitchB-Eth-Trunk1] port trunk allow-pass vlan 2 to 20
[SwitchB-Eth-Trunk1] quit

# Add GE0/0/1 on SwitchC to VLANs.

[SwitchC] interface gigabitethernet 0/0/1
[SwitchC-GigabitEthernet0/0/1] port link-type access
[SwitchC-GigabitEthernet0/0/1] port default vlan 2
[SwitchC-GigabitEthernet0/0/1] quit

# Add GE0/0/2 on SwitchC to VLANs.

[SwitchC] interface gigabitethernet 0/0/2
[SwitchC-GigabitEthernet0/0/2] port link-type trunk
[SwitchC-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 to 20
[SwitchC-GigabitEthernet0/0/2] quit

# Add GE0/0/3 on SwitchC to VLANs.

[SwitchC] interface gigabitethernet 0/0/3
[SwitchC-GigabitEthernet0/0/3] port link-type trunk
[SwitchC-GigabitEthernet0/0/3] port trunk allow-pass vlan 2 to 20
[SwitchC-GigabitEthernet0/0/3] quit

# Add GE0/0/1 on SwitchD to VLANs.

[SwitchD] interface gigabitethernet 0/0/1
[SwitchD-GigabitEthernet0/0/1] port link-type access
[SwitchD-GigabitEthernet0/0/1] port default vlan 11
[SwitchD-GigabitEthernet0/0/1] quit

# Add GE0/0/2 on SwitchD to VLANs.

[SwitchD] interface gigabitethernet 0/0/2
[SwitchD-GigabitEthernet0/0/2] port link-type trunk
[SwitchD-GigabitEthernet0/0/2] port trunk allow-pass vlan 2 to 20
[SwitchD-GigabitEthernet0/0/2] quit

# Add GE0/0/3 on SwitchD to VLANs.

[SwitchD] interface gigabitethernet 0/0/3
[SwitchD-GigabitEthernet0/0/3] port link-type trunk
[SwitchD-GigabitEthernet0/0/3] port trunk allow-pass vlan 2 to 20
[SwitchD-GigabitEthernet0/0/3] quit

Step 4 Verify the configuration.

After the configuration is complete and the network topology becomes stable,
perform the following operations to verify the configuration.

NOTE

MSTI 1 and MSTI 2 are used as examples, so you do not need to check the port status in
MSTI 0.

# Run the display stp brief command on SwitchA to view the port status and
protection type. The displayed information is as follows:
[SwitchA] display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING ROOT
0 Eth-Trunk1 DESI FORWARDING NONE
1 GigabitEthernet0/0/1 DESI FORWARDING ROOT

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

1 Eth-Trunk1 DESI FORWARDING NONE

2 GigabitEthernet0/0/1 DESI FORWARDING ROOT
2 Eth-Trunk1 ROOT FORWARDING NONE

In MSTI 1, Eth-Trunk1 and GE0/0/1 on SwitchA are designed ports because

SwitchA is the root bridge. In MSTI 2, GE0/0/1 on SwitchA is the designed port and
Eth-Trunk1 is the root port.
# Run the display stp brief command on SwitchB. The following information is
displayed:
[SwitchB] display stp brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/1 DESI FORWARDING ROOT
0 Eth-Trunk1 ROOT FORWARDING NONE
1 GigabitEthernet0/0/1 DESI FORWARDING ROOT
1 Eth-Trunk1 ROOT FORWARDING NONE
2 GigabitEthernet0/0/1 DESI FORWARDING ROOT
2 Eth-Trunk1 DESI FORWARDING NONE

In MSTI 2, GE0/0/1 and Eth-Trunk1 on SwitchB are designed ports because

SwitchB is the root bridge. In MSTI 1, GE0/0/1 on SwitchB is the designed port and
Eth-Trunk1 is the root port.
# Run the display stp interface brief command on SwitchC. The following
information is displayed:
[SwitchC] display stp interface gigabitethernet 0/0/3 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/3 ROOT FORWARDING NONE
1 GigabitEthernet0/0/3 ROOT FORWARDING NONE
2 GigabitEthernet0/0/3 ROOT FORWARDING NONE
[SwitchC] display stp interface gigabitethernet 0/0/2 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 DESI FORWARDING NONE
1 GigabitEthernet0/0/2 DESI FORWARDING NONE
2 GigabitEthernet0/0/2 ALTE DISCARDING NONE

GE0/0/3 on SwitchC is the root port in MSTI 1 and MSTI 2. GE0/0/2 on SwitchC is
blocked in MSTI 2 and is the designated port in MSTI 1.
# Run the display stp interface brief command on SwitchD. The following
information is displayed:
[SwitchD] display stp interface gigabitethernet 0/0/3 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/3 ROOT FORWARDING NONE
1 GigabitEthernet0/0/3 ROOT FORWARDING NONE
2 GigabitEthernet0/0/3 ROOT FORWARDING NONE
[SwitchD] display stp interface gigabitethernet 0/0/2 brief
MSTID Port Role STP State Protection
0 GigabitEthernet0/0/2 ALTE DISCARDING NONE
1 GigabitEthernet0/0/2 ALTE DISCARDING NONE
2 GigabitEthernet0/0/2 DESI FORWARDING NONE

GE0/0/3 on SwitchD is the root port in MSTI 1 and MSTI 2. GE0/0/2 on SwitchD is
blocked in MSTI 1 and is the designated port in MSTI 2.

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
vlan batch 2 to 20
#
stp instance 1 root primary
stp instance 2 root secondary
stp pathcost-standard legacy
#
stp region-configuration
region-name RG1
instance 1 vlan 2 to 10
instance 2 vlan 11 to 20
active region-configuration
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 20
stp root-protection
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
return
● SwitchB configuration file
#
sysname SwitchB
#
vlan batch 2 to 20
#
stp instance 1 root secondary
stp instance 2 root primary
stp pathcost-standard legacy
#
stp region-configuration
region-name RG1
instance 1 vlan 2 to 10
instance 2 vlan 11 to 20
active region-configuration
#
interface Eth-Trunk1
port link-type trunk
port trunk allow-pass vlan 2 to 20
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 2 to 20
stp root-protection
#
interface GigabitEthernet0/0/2
eth-trunk 1
#
interface GigabitEthernet0/0/3
eth-trunk 1
#
return
● SwitchC configuration file
#
sysname SwitchC
#
vlan batch 2 to 20
#
stp bpdu-protection

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

stp pathcost-standard legacy

#
stp region-configuration
region-name RG1
instance 1 vlan 2 to 10
instance 2 vlan 11 to 20
active region-configuration
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 2
stp edged-port enable
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 20
stp instance 2 cost 20000
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 20
#
return

● SwitchD configuration file

#
sysname SwitchD
#
vlan batch 2 to 20
#
stp bpdu-protection
stp pathcost-standard legacy
#
stp region-configuration
region-name RG1
instance 1 vlan 2 to 10
instance 2 vlan 11 to 20
active region-configuration
#
interface GigabitEthernet0/0/1
port link-type access
port default vlan 11
stp edged-port enable
#
interface GigabitEthernet0/0/2
port link-type trunk
port trunk allow-pass vlan 2 to 20
stp instance 1 cost 20000
#
interface GigabitEthernet0/0/3
port link-type trunk
port trunk allow-pass vlan 2 to 20
#
return

5.5.4 Example for Configuring a Single RRPP Ring with a

Single Instance

Overview
In most situations, the ring network topology is applied to MANs and enterprise
networks to improve network reliability. When a fault occurs on a node or on a
link between nodes, data services are switched to the standby link to ensure
service continuity. However, broadcast storms may occur on a ring network.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Many protocols can prevent broadcast storms on ring networks. However, if a fault
occurs on a ring network, it takes time for the devices to switch data services to
the standby link. If the convergence time is too long, services are interrupted.

To shorten the convergence time and eliminate the impact of network scale on
convergence time, Huawei developed the Rapid Ring Protection Protocol (RRPP).
Compared with other Ethernet ring technologies, RRPP has the following
advantages:

● RRPP is suitable for networks composed of many network nodes because the
number of nodes does not affect convergence time.
● RRPP prevents broadcast storms caused by data loops when an Ethernet ring
is complete.
● When a link on an Ethernet ring network fails, the standby link can rapidly
restore the communication among the Ethernet ring network nodes.

Configuration Notes
● STP and Smart Link must be disabled on the interface added to an RRPP
domain.
● DHCP and MAC address limiting rules cannot be configured in an RRPP
control VLAN.
● When the mapping between the protected instance and MUX VLAN needs to
be configured, you are advised to configure the principal VLAN, subordinate
group VLAN, and subordinate separate VLAN in the MUX VLAN in the
protected instance. Otherwise, loops may occur.
● This example applies to all versions of the S600-E.

Networking Requirements
In Figure 5-19, SwitchA, SwitchB, and SwitchC constitute a ring network. The
network is required to prevent loops when the ring is complete and to implement
fast convergence to rapidly restore communication between nodes in the ring
when the ring fails. You can enable RRPP on SwitchA, SwitchB, and SwitchC to
meet this requirement.

Figure 5-19 Networking of a single RRPP ring

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Roadmap
The configuration roadmap is as follows:
1. Create an RRPP domain and its control VLAN.
2. Map VLANs from which data needs to pass through in the RRPP ring to
instance 1, including data VLANs 100 to 300 and control VLANs 20 and 21
(VLAN 21 is the sub-control VLAN generated by the device).
3. Configure interfaces to be added to the RRPP domain on the devices so that
data can pass through the interfaces. Disable protocols that conflict with
RRPP, such as STP.
4. In the RRPP domain, configure a protected VLAN, create an RRPP ring and
configure SwitchA, SwitchB, and SwitchC as nodes in ring 1 in domain 1.
Configure SwitchA as the master node in ring 1 and configure SwitchB and
SwitchC as transit nodes in ring 1.
5. Enable the RRPP ring and RRPP on devices.

Procedure
Step 1 Create an RRPP domain and its control VLAN.
# Configure SwitchA. The configurations of SwitchB and SwitchC are similar to the
configuration of SwitchA, and are not mentioned here. For details, see the
configuration files.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] rrpp domain 1
[SwitchA-rrpp-domain-region1] control-vlan 20 //Each RRPP domain has a major control VLAN and a
sub-control VLAN. You only need to specify the major control VLAN. The system uses the VLAN whose ID is
one greater than the ID of the major control VLAN as the sub-control VLAN.
[SwitchA-rrpp-domain-region1] quit

Step 2 Map instance 1 to control VLANs 20 and 21 and data VLANs 100 to 300.
# Configure SwitchA. The configurations of SwitchB and SwitchC are similar to the
configuration of SwitchA, and are not mentioned here. For details, see the
configuration files.
[SwitchA] vlan batch 100 to 300
[SwitchA] stp region-configuration
[SwitchA-mst-region] instance 1 vlan 20 21 100 to 300 //Add the major control VLAN, sub-control VLAN,
and data VLANs to instance 1.
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit

Step 3 Configure the interfaces to be added to the RRPP ring as trunk interfaces,
configure the interfaces to allow VLANs 100 to 300 to pass through, and disable
STP on the interfaces.
# Configure SwitchA. The configurations of SwitchB and SwitchC are similar to the
configuration of SwitchA, and are not mentioned here. For details, see the
configuration files.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] undo port trunk allow-pass vlan 1
[SwitchA-GigabitEthernet0/0/1] port trunk allow-pass vlan 100 to 300
[SwitchA-GigabitEthernet0/0/1] stp disable
[SwitchA-GigabitEthernet0/0/1] quit

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[SwitchA] interface gigabitethernet 0/0/2

[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] undo port trunk allow-pass vlan 1
[SwitchA-GigabitEthernet0/0/2] port trunk allow-pass vlan 100 to 300
[SwitchA-GigabitEthernet0/0/2] stp disable
[SwitchA-GigabitEthernet0/0/2] quit

Step 4 Specify a protected VLAN, and create and enable an RRPP ring.
# Configure SwitchA.
[SwitchA] rrpp domain 1
[SwitchA-rrpp-domain-region1] protected-vlan reference-instance 1 //Configure instance 1 as the
protected instance of the RRPP domain.
[SwitchA-rrpp-domain-region1] ring 1 node-mode master primary-port gigabitethernet 0/0/1
secondary-port gigabitethernet 0/0/2 level 0
[SwitchA-rrpp-domain-region1] ring 1 enable
[SwitchA-rrpp-domain-region1] quit

# Configure SwitchB.
[SwitchB] rrpp domain 1
[SwitchB-rrpp-domain-region1] protected-vlan reference-instance 1
[SwitchB-rrpp-domain-region1] ring 1 node-mode transit primary-port gigabitethernet 0/0/1 secondary-
port gigabitethernet 0/0/2 level 0
[SwitchB-rrpp-domain-region1] ring 1 enable
[SwitchB-rrpp-domain-region1] quit

# Configure SwitchC.
[SwitchC] rrpp domain 1
[SwitchC-rrpp-domain-region1] protected-vlan reference-instance 1
[SwitchC-rrpp-domain-region1] ring 1 node-mode transit primary-port gigabitethernet 0/0/1 secondary-
port gigabitethernet 0/0/2 level 0
[SwitchC-rrpp-domain-region1] ring 1 enable
[SwitchC-rrpp-domain-region1] quit

Step 5 Enable RRPP.

# Configure SwitchA. The configurations of SwitchB and SwitchC are similar to the
configuration of SwitchA, and are not mentioned here. For details, see the
configuration files.
[SwitchA] rrpp enable

Step 6 Verify the configuration.

After the configuration is complete and the network topology becomes stable,
perform the following operations to verify the configuration. The display on
SwitchA is used as an example.
# Run the display rrpp brief command on SwitchA. The following information is
displayed:
[SwitchA] display rrpp brief
Abbreviations for Switch Node Mode :
M - Master , T - Transit , E - Edge , A - Assistant-Edge

RRPP Protocol Status: Enable

RRPP Working Mode: HW
RRPP Linkup Delay Timer: 0 sec (0 sec default)
Number of RRPP Domains: 1

Domain Index : 1
Control VLAN : major 20 sub 21
Protected VLAN : Reference Instance 1
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Ring Ring Node Primary/Common Secondary/Edge Is

ID Level Mode Port Port Enabled
----------------------------------------------------------------------------
1 0 M GigabitEthernet0/0/1 GigabitEthernet0/0/2 Yes

According to the preceding information, RRPP is enabled on SwitchA. The major

control VLAN of RRPP domain 1 is VLAN 20 and the sub-control VLAN is VLAN 21.
SwitchA is the master node in ring 1. The primary interface is
GigabitEthernet0/0/1 and the secondary interface is GigabitEthernet0/0/2.
# Run the display rrpp verbose domain command on SwitchA. The following
information is displayed:
[SwitchA] display rrpp verbose domain 1
Domain Index : 1
Control VLAN : major 20 sub 21
Protected VLAN : Reference Instance 1
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)

RRPP Ring :1
Ring Level :0
Node Mode : Master
Ring State : Complete
Is Enabled : Enable Is Active: Yes
Primary port : GigabitEthernet0/0/1 Port status: UP
Secondary port : GigabitEthernet0/0/2 Port status: BLOCKED

The command output shows that the RRPP ring is complete.

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
vlan batch 20 to 21 100 to 300
#
rrpp enable
#
stp region-configuration
instance 1 vlan 20 to 21 100 to 300
active region-configuration
#
rrpp domain 1
control-vlan 20
protected-vlan reference-instance 1
ring 1 node-mode master primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 1 enable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
return

● SwitchB configuration file

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
sysname SwitchB
#
vlan batch 20 to 21 100 to 300
#
rrpp enable
#
stp region-configuration
instance 1 vlan 20 to 21 100 to 300
active region-configuration
#
rrpp domain 1
control-vlan 20
protected-vlan reference-instance 1
ring 1 node-mode transit primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 1 enable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
return

● SwitchC configuration file

#
sysname SwitchC
#
vlan batch 20 to 21 100 to 300
#
rrpp enable
#
stp region-configuration
instance 1 vlan 20 to 21 100 to 300
active region-configuration
#
rrpp domain 1
control-vlan 20
protected-vlan reference-instance 1
ring 1 node-mode transit primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 1 enable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21 100 to 300
stp disable
#
return

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5.5.5 Example for Configuring Tangent RRPP Rings

Overview
Generally, a metro Ethernet network uses two-layer rings:
● One layer is the aggregation layer between aggregation devices PE-AGGs, for
example, RRPP domain 1 in Figure 5-20.
● The other layer is the access layer between PE-AGGs and UPEs, for example,
RRPP domain 2 and RRPP domain 3 in Figure 5-20.
In Figure 5-20, intersecting RRPP rings can be used. RRPP rings are configured at
aggregation and access layers, and the two layers are connected through tangent
RRPP rings.

Figure 5-20 Tangent RRPP rings

Two tangent rings cannot belong to the same RRPP domain. The tangent point of
the two tangent rings belongs to two RRPP domains, and the major node can be
located in the tangent point.
When there are multiple tangent RRPP rings, a fault on a ring does not affect
other domains and the convergence process of RRPP rings in a domain is the same
as that of a single ring.

Configuration Notes
● STP and Smart Link must be disabled on the interface added to an RRPP
domain.
● DHCP and MAC address limiting rules cannot be configured in an RRPP
control VLAN.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

● When the mapping between the protected instance and MUX VLAN needs to
be configured, you are advised to configure the principal VLAN, subordinate
group VLAN, and subordinate separate VLAN in the MUX VLAN in the
protected instance. Otherwise, loops may occur.
● This example applies to all versions of the S600-E.

Networking Requirements
In Figure 5-20, the network is required to prevent loops when the ring is complete
and to implement fast convergence to rapidly restore communication between
nodes in the ring when the ring fails. RRPP can meet this requirement. RRPP
supports multiple rings. You can configure RRPP rings at the aggregation and
access layers. The two rings are tangent, simplifying the network configuration.

SwitchA, SwitchB, SwitchC, SwitchD, and SwitchE in Figure 5-21 correspond to

UPE1, UPE2, PE-AGG3, PE-AGG2, and PE-AGG1 in Figure 5-20, respectively. Figure
5-21 is used as an example to describe how to configure tangent RRPP rings with
a single instance.

Figure 5-21 Networking of tangent RRPP rings

Configuration Roadmap
The configuration roadmap is as follows:

1. Map the VLANs that need to pass through ring 1 to instance 1, including data
VLANs and control VLANs, which are used for configuring protected VLANs.
Map the VLANs that need to pass through ring 2 to instance 2, including data
VLANs and control VLANs, which are used for configuring protected VLANs.
2. Create RRPP domains, control VLANs and configure protected VLANs for
configuring RRPP rings.
3. Configure interfaces to be added to the RRPP domain on the devices so that
data can pass through the interfaces. Disable protocols that conflict with
RRPP, such as STP.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

4. Create RRPP rings in RRPP domains.

a. Configure SwitchA, SwitchB, and SwitchC to be in ring 2 of RRPP domain
2.
b. Configure SwitchC, SwitchD, and SwitchE to be in ring 1 of RRPP domain
1.
c. Configure SwitchA as the master node in ring 2, and configure SwitchB
and SwitchC as transit nodes in ring 2.
d. Configure SwitchE as the master node in ring 1, and configure SwitchC
and SwitchD as transit nodes in ring 1.
5. Enable the RRPP ring and RRPP on devices.

Procedure
Step 1 Configure instance 2 and map it to the data VLANs and control VLANs allowed by
the RRPP interface.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, and
SwitchE are similar to the configuration of SwitchA, and are not mentioned here.
For details, see the configuration files.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] stp region-configuration
[SwitchA-mst-region] instance 2 vlan 20 to 21 ///Add the major control VLAN and sub-control VLAN to
instance 1.
[SwitchA-mst-region] active region-configuration
[SwitchA-mst-region] quit

Step 2 Create RRPP domains and configure control VLANs and protected VLANs of the
RRPP domains.
# Configure SwitchE. The configurations of SwitchA, SwitchB, SwitchC, and
SwitchD are similar to the configuration of SwitchE, and are not mentioned here.
For details, see the configuration files.
[SwitchE] rrpp domain 1
[SwitchE-rrpp-domain-region1] control-vlan 10 //Each RRPP domain has a major control VLAN and a sub-
control VLAN. You only need to specify the major control VLAN. The system uses the VLAN whose ID is one
greater than the ID of the major control VLAN as the sub-control VLAN.
[SwitchE-rrpp-domain-region1] protected-vlan reference-instance 1 //Configure instance 1 as the
protected instance of the RRPP domain.
[SwitchE-rrpp-domain-region1] quit

Step 3 Configure the interfaces to be added to RRPP rings as trunk interfaces and disable
STP on the interfaces.
# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, and
SwitchE are similar to the configuration of SwitchA, and are not mentioned here.
For details, see the configuration files.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] port link-type trunk
[SwitchA-GigabitEthernet0/0/1] undo port trunk allow-pass vlan 1
[SwitchA-GigabitEthernet0/0/1] stp disable
[SwitchA-GigabitEthernet0/0/1] quit
[SwitchA] interface gigabitethernet 0/0/2
[SwitchA-GigabitEthernet0/0/2] port link-type trunk
[SwitchA-GigabitEthernet0/0/2] undo port trunk allow-pass vlan 1
[SwitchA-GigabitEthernet0/0/2] stp disable
[SwitchA-GigabitEthernet0/0/2] quit

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Step 4 Create and enable the RRPP ring.

● Configure nodes in ring 2.
# Configure SwitchA as the master node in ring 2 and specify the primary and
secondary interfaces.
[SwitchA] rrpp domain 2
[SwitchA-rrpp-domain-region2] ring 2 node-mode master primary-port gigabitethernet 0/0/1
secondary-port gigabitethernet 0/0/2 level 0
[SwitchA-rrpp-domain-region2] ring 2 enable
[SwitchA-rrpp-domain-region2] quit
# Configure SwitchB as a transit node in ring 2 (major ring) and specify the
primary and secondary interfaces.
[SwitchB] rrpp domain 2
[SwitchB-rrpp-domain-region2] ring 2 node-mode transit primary-port gigabitethernet 0/0/1
secondary-port gigabitethernet 0/0/2 level 0
[SwitchB-rrpp-domain-region2] ring 2 enable
[SwitchB-rrpp-domain-region2] quit
# Configure SwitchC as a transit node in ring 2 and specify the primary and
secondary interfaces.
[SwitchC] rrpp domain 2
[SwitchC-rrpp-domain-region2] ring 2 node-mode transit primary-port gigabitethernet 0/0/1
secondary-port gigabitethernet 0/0/2 level 0
[SwitchC-rrpp-domain-region2] ring 2 enable
[SwitchC-rrpp-domain-region2] quit
● Configure nodes in ring 1.
# Configure SwitchE as the master node in ring 1 (major ring) and specify the
primary and secondary interfaces.
[SwitchE] rrpp domain 1
[SwitchE-rrpp-domain-region1] ring 1 node-mode master primary-port gigabitethernet 0/0/3
secondary-port gigabitethernet 0/0/4 level 0
[SwitchE-rrpp-domain-region1] ring 1 enable
[SwitchE-rrpp-domain-region1] quit
# Configure SwitchC as a transit node in ring 1 and specify the primary and
secondary interfaces.
[SwitchC] rrpp domain 1
[SwitchC-rrpp-domain-region1] ring 1 node-mode transit primary-port gigabitethernet 0/0/3
secondary-port gigabitethernet 0/0/4 level 0
[SwitchC-rrpp-domain-region1] ring 1 enable
[SwitchC-rrpp-domain-region1] quit
# Configure SwitchD as a transit node in ring 1 and specify the primary and
secondary interfaces.
[SwitchD] rrpp domain 1
[SwitchD-rrpp-domain-region1] ring 1 node-mode transit primary-port gigabitethernet 0/0/3
secondary-port gigabitethernet 0/0/4 level 0
[SwitchD-rrpp-domain-region1] ring 1 enable
[SwitchD-rrpp-domain-region1] quit

Step 5 Enable RRPP.

# Configure SwitchA. The configurations of SwitchB, SwitchC, SwitchD, and
SwitchE are similar to the configuration of SwitchA, and are not mentioned here.
For details, see the configuration files.
[SwitchA] rrpp enable

Step 6 Verify the configuration.

After the configuration is complete and the network topology becomes stable,
perform the following operations to verify the configuration. The tangent point
SwitchC is used as an example.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

# Run the display rrpp brief command on SwitchC. The following information is
displayed:
[SwitchC] display rrpp brief
Abbreviations for Switch Node Mode :
M - Master , T - Transit , E - Edge , A - Assistant-Edge

RRPP Protocol Status: Enable

RRPP Working Mode: HW
RRPP Linkup Delay Timer: 0 sec (0 sec default)
Number of RRPP Domains: 2

Domain Index : 1
Control VLAN : major 10 sub 11
Protected VLAN : Reference Instance 1
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)
Ring Ring Node Primary/Common Secondary/Edge Is
ID Level Mode Port Port Enabled
----------------------------------------------------------------------------
1 0 T GigabitEthernet0/0/3 GigabitEthernet0/0/4 Yes

Domain Index : 2
Control VLAN : major 20 sub 21
Protected VLAN : Reference Instance 2
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)
Ring Ring Node Primary/Common Secondary/Edge Is
ID Level Mode Port Port Enabled
----------------------------------------------------------------------------
2 0 T GigabitEthernet0/0/1 GigabitEthernet0/0/2 Yes

According to the preceding information, RRPP is enabled on SwitchC. The major

control VLAN of RRPP domain 1 is VLAN 10 and the sub-control VLAN is VLAN 11.
SwitchC is a transit node in ring 1. The primary interface is GigabitEthernet0/0/3
and the secondary interface is GigabitEthernet0/0/4.
The major control VLAN of SwitchC in RRPP domain 2 is VLAN 20 and the sub-
control VLAN is VLAN 21. SwitchC is a transit node in ring 2. The primary interface
is GigabitEthernet0/0/1 and the secondary interface is GigabitEthernet0/0/2.
On SwitchC, run the display rrpp verbose domain command. The following
information is displayed.
# Check detailed information about RRPP domain 1 on SwitchC.
[SwitchC] display rrpp verbose domain 1
Domain Index : 1
Control VLAN : major 10 sub 11
Protected VLAN : Reference Instance 1
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)

RRPP Ring :1
Ring Level :0
Node Mode : Transit
Ring State : LinkUp
Is Enabled : Enable Is Active: Yes
Primary port : GigabitEthernet0/0/3 Port status: UP
Secondary port : GigabitEthernet0/0/4 Port status: UP

# Check detailed information about RRPP domain 2 on SwitchC.

[SwitchC] display rrpp verbose domain 2
Domain Index : 2
Control VLAN : major 20 sub 21
Protected VLAN : Reference Instance 2
Hello Timer : 1 sec(default is 1 sec) Fail Timer : 6 sec(default is 6 sec)

RRPP Ring :2

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Ring Level :0
Node Mode : Transit
Ring State : LinkUp
Is Enabled : Enable Is Active: Yes
Primary port : GigabitEthernet0/0/1 Port status: UP
Secondary port : GigabitEthernet0/0/2 Port status: UP

----End

Configuration Files
● SwitchA configuration file
#
sysname SwitchA
#
vlan batch 20 to 21
#
rrpp enable
#
stp region-configuration
instance 2 vlan 20 to 21
active region-configuration
#
rrpp domain 2
control-vlan 20
protected-vlan reference-instance 2
ring 2 node-mode master primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 2 enable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable
#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable
#
return

● SwitchB configuration file

#
sysname SwitchB
#
vlan batch 20 to 21
#
rrpp enable
#
stp region-configuration
instance 2 vlan 20 to 21
active region-configuration
#
rrpp domain 2
control-vlan 20
protected-vlan reference-instance 2
ring 2 node-mode transit primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 2 enable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable
#
return
● SwitchC configuration file
#
sysname SwitchC
#
vlan batch 10 to 11 20 to 21
#
rrpp enable
#
stp region-configuration
instance 1 vlan 10 to 11
instance 2 vlan 20 to 21
active region-configuration
#
rrpp domain 1
control-vlan 10
protected-vlan reference-instance 1
ring 1 node-mode transit primary-port GigabitEthernet0/0/3 secondary-port GigabitEthernet0/0/4
level 0
ring 1 enable
rrpp domain 2
control-vlan 20
protected-vlan reference-instance 2
ring 2 node-mode transit primary-port GigabitEthernet0/0/1 secondary-port GigabitEthernet0/0/2
level 0
ring 2 enable
#
interface GigabitEthernet0/0/3
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
interface GigabitEthernet0/0/4
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
interface GigabitEthernet0/0/1
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable
#
interface GigabitEthernet0/0/2
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 20 to 21
stp disable
#
return
● SwitchD configuration file
#
sysname SwitchD
#
vlan batch 10 to 11
#
rrpp enable
#
stp region-configuration

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

instance 1 vlan 10 to 11
active region-configuration
#
rrpp domain 1
control-vlan 10
protected-vlan reference-instance 1
ring 1 node-mode transit primary-port GigabitEthernet0/0/3 secondary-port GigabitEthernet0/0/4
level 0
ring 1 enable
#
interface GigabitEthernet0/0/3
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
interface GigabitEthernet0/0/4
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
return

● SwitchE configuration file

#
sysname SwitchE
#
vlan batch 10 to 11
#
rrpp enable
#
stp region-configuration
instance 1 vlan 10 to 11
active region-configuration
#
rrpp domain 1
control-vlan 10
protected-vlan reference-instance 1
ring 1 node-mode master primary-port GigabitEthernet0/0/3 secondary-port GigabitEthernet0/0/4
level 0
ring 1 enable
#
interface GigabitEthernet0/0/3
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
interface GigabitEthernet0/0/4
port link-type trunk
undo port trunk allow-pass vlan 1
port trunk allow-pass vlan 10 to 11
stp disable
#
return

5.6 Typical Loopback Detection Configuration

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

5.6.1 Example for Configuring LBDT to Detect Loopbacks on

an Interface
Overview
When a loop occurs on a network, broadcast, multicast, and unknown unicast
packets are repeatedly transmitted on the network. This wastes network resources
and may even cause a network breakdown. To minimize the impact of loops on a
Layer 2 network, a detection technology that quickly notifies users of loops is
required. When a loop occurs, users are requested to check network connections
and configurations, and control the problematic interface.
Loopback detection (LBDT) periodically sends LBDT packets on an interface to
check whether the packets return to the local device (receive and transmit
interfaces can be different), and determines whether loops occur on the interface,
local network, or downstream network.
● If LBDT packets are received and sent by the same interface, a loopback
occurs on the interface or a loop occurs on the network connected to the
interface.
● If LBDT packets are received by another interface on the same device, a loop
occurs on the network connected to the interface or device.
After loops are detected, the device can send alarms to the NMS and record logs,
and can control the interface status (the interface is shut down by default)
according to the device configuration so that the impact of loops on the device
and network is minimized. The device provides the following actions after LBDT
detects a loop:
● Trap: The device reports a trap to the NMS and records a log, but does not
take any action on the interface.
● Block: The device blocks this interface, and can forward only BPDUs.
● No learning: The interface is disabled from learning MAC addresses.
● Shutdown: The device shuts down the interface.
● Quitvlan: The interface is removed from the VLAN where a loop occurs.
The problematic interface continues to send LBDT packets. After the configured
recovery time expires, the system attempts to restore the problematic interface. If
the device receives no LBDT packets from the problematic interface within the
next recovery time, it considers that the loop is eliminated on the interface and
restores the interface.
LBDT can only detect loops on a single node, but cannot eliminate loops on the
entire network in the same manner as ring network technologies of ERPS, RRPP,
SEP, Smart Link, and STP/RSTP/MSTP/VBST.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

● LBDT needs to send a large number of LBDT packets to detect loops,

occupying system resources. Therefore, disable LBDT if loops do not need to
be detected.
● In versions earlier than V200R019C00, LBDT cannot be configured on an Eth-
Trunk or its member interfaces. In V200R019C00 and later versions, LBDT can
be configured on an Eth-Trunk but cannot be configured on its member
interfaces.
● Manual LBDT can be configured on a maximum of 32 Eth-Trunks.
● An interface can send LBDT packets with the specified VLAN tag only when
the specified VLAN has been created.
● LBDT can detect loops in a maximum of 32 VLANs.
● When the PVID of the interface in the loop is the detected VLAN ID or the
interface joins the detected VLAN in untagged mode, VLAN tags of LBDT
packets are removed. As a result, the packet priority changes and the system
may fail to detect loops.
● When the Quitvlan action is used, the configuration file remains unchanged.
● The LBDT action and MAC address flapping action affect each other, and
cannot be configured simultaneously.
● The Quitvlan action of LBDT conflicts with dynamic removal from VLANs (for
example, GVRP), and cannot be configured simultaneously.
● The blocked ports of LBDT cannot block GVRP packets. To ensure that GVRP
runs normally and prevent GVRP loops, do not enable GVRP on the blocked
port of LBDT.

Networking Requirements
In Figure 5-22, aggregation switch SwitchA on an enterprise network connects to
access switch SwitchB. To prevent loopbacks on a TX-RX interface (GE0/0/1)
because optical fibers are connected incorrectly or the interface is damaged by
high voltage, SwitchA is required to detect loopbacks on GE0/0/1. Furthermore, it
is required that the interface be blocked to reduce the impact of the loopback on
the network when a loopback is detected, and the interface be restored after the
loopback is removed.

Figure 5-22 Networking for configuring LBDT to detect loopbacks on an interface

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Configuration Roadmap
To detect loopbacks on downlink interface GE0/0/1 of SwitchA, configure LBDT on
GE0/0/1 of SwitchA. The configuration roadmap is as follows:

1. Enable LBDT on GE0/0/1 of SwitchA to detect loopbacks.

2. Configure an action to be taken after a loopback is detected and set the
recovery time. After a loopback is detected, the Switch blocks the interface to
reduce the impact of the loopback on the network. After a loop is eliminated,
the interface can be restored.

Procedure
Step 1 Enable LBDT on an interface.
<HUAWEI> system-view
[HUAWEI] sysname SwitchA
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] loopback-detect enable //Enable LBDT on the interface.
[SwitchA-GigabitEthernet0/0/1] quit

Step 2 Configure an action to be taken after a loop is detected and set the recovery time.
[SwitchA] interface gigabitethernet 0/0/1
[SwitchA-GigabitEthernet0/0/1] loopback-detect action block //Configure the Block action to be taken
after a loop is detected.
[SwitchA-GigabitEthernet0/0/1] loopback-detect recovery-time 30 //Set the recovery delay to 30s.
[SwitchA-GigabitEthernet0/0/1] quit

Step 3 Verify the configuration.

1. Run the display loopback-detect command to check the LBDT configuration.
[SwitchA] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 block
NORMAL
----------------------------------------------------------------------------------

The preceding command output shows that the LBDT configuration is

successful.
2. After about 5s, run the display loopback-detect command to check whether
GE0/0/1 is blocked.
[SwitchA] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 block BLOCK(Loopback

detected)
----------------------------------------------------------------------------------

The preceding command output shows that GE0/0/1 is blocked, indicating

that a loopback occurs on GE0/0/1.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

3. Manually remove the loopback. Run the display loopback-detect command

to check whether GE0/0/1 is restored.
[SwitchA] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 block
NORMAL
----------------------------------------------------------------------------------

The preceding command output shows that GE0/0/1 is restored.

----End

Configuration Files
SwitchA configuration file
#
sysname SwitchA
#
interface GigabitEthernet0/0/1
loopback-detect recovery-time 30
loopback-detect enable
loopback-detect action block
#
return

5.6.2 Example for Configuring LBDT to Detect Loops on the

Downstream Network
Overview
When a loop occurs on a network, broadcast, multicast, and unknown unicast
packets are repeatedly transmitted on the network. This wastes network resources
and may even cause a network breakdown. To minimize the impact of loops on a
Layer 2 network, a detection technology that quickly notifies users of loops is
required. When a loop occurs, users are requested to check network connections
and configurations, and control the problematic interface.

Loopback detection (LBDT) periodically sends LBDT packets on an interface to

check whether the packets return to the local device (receive and transmit
interfaces can be different), and determines whether loops occur on the interface,
local network, or downstream network.
● If LBDT packets are received and sent by the same interface, a loopback
occurs on the interface or a loop occurs on the network connected to the
interface.
● If LBDT packets are received by another interface on the same device, a loop
occurs on the network connected to the interface or device.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

and network is minimized. The device provides the following actions after LBDT
detects a loop:
● Trap: The device reports a trap to the NMS and records a log, but does not
take any action on the interface.
● Block: The device blocks this interface, and can forward only BPDUs.
● No learning: The interface is disabled from learning MAC addresses.
● Shutdown: The device shuts down the interface.
● Quitvlan: The interface is removed from the VLAN where a loop occurs.
The problematic interface continues to send LBDT packets. After the configured
recovery time expires, the system attempts to restore the problematic interface. If
the device receives no LBDT packets from the problematic interface within the
next recovery time, it considers that the loop is eliminated on the interface and
restores the interface.
LBDT can only detect loops on a single node, but cannot eliminate loops on the
entire network in the same manner as ring network technologies of ERPS, RRPP,
SEP, Smart Link, and STP/RSTP/MSTP/VBST.

Configuration Notes
● This example applies to all versions of the S600-E.
● In V200R008C00 and earlier versions, LBDT does not take effect in dynamic
VLANs. In V200R008C00 and later versions, the LBDT-enabled switch can
detect loops in dynamic VLANs, but the Quitvlan action is invalid for dynamic
VLANs.
● LBDT needs to send a large number of LBDT packets to detect loops,
occupying system resources. Therefore, disable LBDT if loops do not need to
be detected.
● In versions earlier than V200R019C00, LBDT cannot be configured on an Eth-
Trunk or its member interfaces. In V200R019C00 and later versions, LBDT can
be configured on an Eth-Trunk but cannot be configured on its member
interfaces.
● Manual LBDT can be configured on a maximum of 32 Eth-Trunks.
● An interface can send LBDT packets with the specified VLAN tag only when
the specified VLAN has been created.
● LBDT can detect loops in a maximum of 32 VLANs.
● When the PVID of the interface in the loop is the detected VLAN ID or the
interface joins the detected VLAN in untagged mode, VLAN tags of LBDT
packets are removed. As a result, the packet priority changes and the system
may fail to detect loops.
● When the Quitvlan action is used, the configuration file remains unchanged.
● The LBDT action and MAC address flapping action affect each other, and
cannot be configured simultaneously.
● The Quitvlan action of LBDT conflicts with dynamic removal from VLANs (for
example, GVRP), and cannot be configured simultaneously.
● The blocked ports of LBDT cannot block GVRP packets. To ensure that GVRP
runs normally and prevent GVRP loops, do not enable GVRP on the blocked
port of LBDT.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Networking Requirements
In Figure 5-23, a new department of an enterprise connects to the aggregation
switch Switch. This department belongs to VLAN 100. Loops occur due to incorrect
connections or configurations. As a result, communication on the Switch and
uplink network is affected.

It is required that the Switch should detect loops on the new network to prevent
the impact of loops on the Switch and connected network.

Figure 5-23 Networking for configuring LBDT to detect loops on the downstream
network

Configuration Roadmap
The configuration roadmap is as follows:

1. Enable LBDT on GE0/0/1 of the Switch to detect loops in a specified VLAN so

that loops on the downstream network can be detected.
2. Set LBDT parameters so that the Switch can immediately shut down GE0/0/1
after a loop is detected. This prevents the impact of the loop on the Switch
and connected network.

NOTE

Configure interfaces on other switching devices as trunk or hybrid interfaces and configure
these interfaces to allow packets from corresponding VLANs to pass through. This ensures
Layer 2 connectivity on the new network and between the new network and the Switch.

Procedure
Step 1 Enable LBDT on the interface.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] loopback-detect enable //Enable LBDT on the interface.
[Switch-GigabitEthernet0/0/1] quit

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Step 2 Specify the VLAN ID of LBDT packets.

[Switch] vlan 100
[Switch-vlan100] quit
[Switch] interface gigabitEthernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type hybrid // default link type of a switch interface is not hybrid.
You can choose run the port link-type hybrid command to configure the link type of the interface as
hybrid.
[Switch-GigabitEthernet0/0/1] port hybrid tagged vlan 100
[Switch-GigabitEthernet0/0/1] loopback-detect packet vlan 100 //Enable LBDT to detect loops in VLAN
100.
[Switch-GigabitEthernet0/0/1] quit

Step 3 Configure LBDT parameters.

# Set the interval for sending LBDT packets.

[Switch] loopback-detect packet-interval 10

# Configure an action to be taken after a loop is detected.

[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] loopback-detect action shutdown //Configure the Shutdown action to be
taken after a loop is detected.
[Switch-GigabitEthernet0/0/1] quit

Step 4 Verify the configuration.

1. Run the display loopback-detect command to check the LBDT configuration.
[Switch] display loopback-detect
Loopback-detect sending-packet interval:
10

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 shutdown
NORMAL
----------------------------------------------------------------------------------

The preceding command output shows that the LBDT configuration is

successful.
2. Construct loops on the downstream network and run the display loopback-
detect command to check whether GE0/0/1 is shut down.
[Switch] display loopback-detect
Loopback-detect sending-packet interval:
10

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 shutdown SHUTDOWN(Loopback

detected)
----------------------------------------------------------------------------------

The preceding command output shows that GE0/0/1 is shut down.

----End

Configuration Files
Switch configuration file

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

#
sysname Switch
#
vlan batch 100
#
loopback-detect packet-interval 10
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid tagged vlan 100
loopback-detect packet vlan 100
loopback-detect enable
#
return

5.6.3 Example for Configuring LBDT to Detect Loops on the

Local Network

Overview
When a loop occurs on a network, broadcast, multicast, and unknown unicast
packets are repeatedly transmitted on the network. This wastes network resources
and may even cause a network breakdown. To minimize the impact of loops on a
Layer 2 network, a detection technology that quickly notifies users of loops is
required. When a loop occurs, users are requested to check network connections
and configurations, and control the problematic interface.

Loopback detection (LBDT) periodically sends LBDT packets on an interface to

After loops are detected, the device can send alarms to the NMS and record logs,
and can control the interface status (the interface is shut down by default)
according to the device configuration so that the impact of loops on the device
and network is minimized. The device provides the following actions after LBDT
detects a loop:
● Trap: The device reports a trap to the NMS and records a log, but does not
take any action on the interface.
● Block: The device blocks this interface, and can forward only BPDUs.
● No learning: The interface is disabled from learning MAC addresses.
● Shutdown: The device shuts down the interface.
● Quitvlan: The interface is removed from the VLAN where a loop occurs.

The problematic interface continues to send LBDT packets. After the configured
recovery time expires, the system attempts to restore the problematic interface. If
the device receives no LBDT packets from the problematic interface within the
next recovery time, it considers that the loop is eliminated on the interface and
restores the interface.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

LBDT can only detect loops on a single node, but cannot eliminate loops on the
entire network in the same manner as ring network technologies of ERPS, RRPP,
SEP, Smart Link, and STP/RSTP/MSTP/VBST.

Networking Requirements
In Figure 5-24, a small-scale enterprise uses Layer 2 networking and belongs to
VLAN 100. Because employees often move, the network topology changes
frequently. Loops occur due to incorrect connections or configurations during the
change. As a result, broadcast storms occur and affect communication of the
Switch and entire network.

The requirements are as follows:

● The Switch detects loops.
● When a loop exists, the interface is blocked to reduce the impact of the loop
on the Switch and network.
● When the loop is eliminated, the interface can be restored.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

Figure 5-24 Networking for configuring LBDT to detect loops on the local network

Configuration Roadmap
To detect loops on the network where the Switch is deployed, configure LBDT on
GE0/0/1 and GE0/0/2 of the Switch. In this example, untagged LBDT packets sent
by the Switch will be discarded by other switches on the network. As a result, the
packets cannot be sent back to the Switch, and LBDT fails. Therefore, LBDT is
configured in a specified VLAN. The configuration roadmap is as follows:
1. Enable LBDT on interfaces and configure the Switch to detect loops in VLAN
100 to implement LBDT on the network where the Switch is located.
2. Configure an action to be taken after a loop is detected and set the recovery
time. After a loop is detected, the Switch blocks the interface to reduce the
impact of the loop on the network. After a loop is eliminated, the interface
can be restored.

NOTE

Configure interfaces on other switching devices as trunk or hybrid interfaces and configure
these interfaces to allow packets from corresponding VLANs to pass through to ensure
Layer 2 connectivity.

Procedure
Step 1 Enable LBDT on interfaces.
<HUAWEI> system-view
[HUAWEI] sysname Switch
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] loopback-detect enable //Enable LBDT on the interface.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] loopback-detect enable //Enable LBDT on the interface.
[Switch-GigabitEthernet0/0/2] quit

Step 2 Specify the VLAN ID of LBDT packets.

[Switch] vlan 100
[Switch-vlan100] quit
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] port link-type hybrid // default link type of a switch interface is not hybrid.
You can choose run the port link-type hybrid command to configure the link type of the interface as
hybrid.
[Switch-GigabitEthernet0/0/1] port hybrid tagged vlan 100
[Switch-GigabitEthernet0/0/1] loopback-detect packet vlan 100 //Enable LBDT to detect loops in VLAN
100.

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] port link-type hybrid
[Switch-GigabitEthernet0/0/2] port hybrid tagged vlan 100
[Switch-GigabitEthernet0/0/2] loopback-detect packet vlan 100 //Enable LBDT to detect loops in VLAN
100.
[Switch-GigabitEthernet0/0/2] quit

Step 3 Configure an action to be taken after a loop is detected and set the recovery time.
[Switch] interface gigabitethernet 0/0/1
[Switch-GigabitEthernet0/0/1] loopback-detect action block //Configure the Block action to be taken
after a loop is detected.
[Switch-GigabitEthernet0/0/1] loopback-detect recovery-time 30 //Set the recovery time to 30s.
[Switch-GigabitEthernet0/0/1] quit
[Switch] interface gigabitethernet 0/0/2
[Switch-GigabitEthernet0/0/2] loopback-detect action block //Configure the Block action to be taken
after a loop is detected.
[Switch-GigabitEthernet0/0/2] loopback-detect recovery-time 30 //Set the recovery time to 30s.
[Switch-GigabitEthernet0/0/2] quit

Step 4 Verify the configuration.

1. Run the display loopback-detect command to check the LBDT configuration.
[Switch] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 block
NORMAL
GigabitEthernet0/0/2 30 block NORMAL
----------------------------------------------------------------------------------

The preceding command output shows that the LBDT configuration is

successful.
2. After about 5s, run the display loopback-detect command to check whether
GE0/0/1 or GE0/0/2 is blocked.
[Switch] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

GigabitEthernet0/0/1 30 block
NORMAL
GigabitEthernet0/0/2 30 block BLOCK(Loopback detected)
----------------------------------------------------------------------------------

The preceding command output shows that GE0/0/2 is blocked.

3. Shut down GE0/0/1. After 30s, run the display loopback-detect command to
check whether GE0/0/2 is restored.
[Switch] display loopback-detect
Loopback-detect sending-packet interval:
5

----------------------------------------------------------------------------------

Interface RecoverTime Action Status

----------------------------------------------------------------------------------

S600-E Series Switches
Typical Configuration Examples 5 Typical Ethernet Switching Configuration

GigabitEthernet0/0/1 30 block
NORMAL
GigabitEthernet0/0/2 30 block NORMAL
----------------------------------------------------------------------------------

The preceding command output shows that GE0/0/2 is restored.

----End

Configuration Files
Switch configuration file
#
sysname Switch
#
vlan batch 100
#
interface GigabitEthernet0/0/1
port link-type hybrid
port hybrid tagged vlan 100
loopback-detect recovery-time 30
loopback-detect packet vlan 100
loopback-detect enable
loopback-detect action block
#
interface GigabitEthernet0/0/2
port link-type hybrid
port hybrid tagged vlan 100
loopback-detect recovery-time 30
loopback-detect packet vlan 100
loopback-detect enable
loopback-detect action block
#
return

2.9.2 Lab - Basic Switch and End Device Configuration - ILM
No ratings yet
2.9.2 Lab - Basic Switch and End Device Configuration - ILM
12 pages
1.1.7 Lab - Basic Switch Configuration
No ratings yet
1.1.7 Lab - Basic Switch Configuration
11 pages
01-02 Comprehensive Configuration Examples PDF
No ratings yet
01-02 Comprehensive Configuration Examples PDF
330 pages
Packet Tracer - Basic Switch Configuration - Physical Mode: Topology
No ratings yet
Packet Tracer - Basic Switch Configuration - Physical Mode: Topology
8 pages
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
4.5/5 (2)
Creating Distributed Switches With LAG
No ratings yet
Creating Distributed Switches With LAG
10 pages
01-06 Typical Ethernet Switching Configuration
No ratings yet
01-06 Typical Ethernet Switching Configuration
222 pages
01-02 MAC Address Table Configuration
No ratings yet
01-02 MAC Address Table Configuration
78 pages
01-06 Common MAC Address Operations
No ratings yet
01-06 Common MAC Address Operations
5 pages
01-03 MAC Address Table Configuration
No ratings yet
01-03 MAC Address Table Configuration
71 pages
0105 Ethernet Switching Configuration Commands PDF
No ratings yet
0105 Ethernet Switching Configuration Commands PDF
694 pages
5.1.2.8 Lab - Viewing Network Device MAC Addresses
No ratings yet
5.1.2.8 Lab - Viewing Network Device MAC Addresses
5 pages
Lab 1 Grade80
No ratings yet
Lab 1 Grade80
7 pages
01-03 MAC Address Table Configuration
No ratings yet
01-03 MAC Address Table Configuration
71 pages
2 Basic Switch Configuration
No ratings yet
2 Basic Switch Configuration
9 pages
01-05 Ethernet Switching Configuration Commands
No ratings yet
01-05 Ethernet Switching Configuration Commands
736 pages
COM04L Act 3
No ratings yet
COM04L Act 3
10 pages
Assignment 1.1 Basic Switch Configuration
No ratings yet
Assignment 1.1 Basic Switch Configuration
18 pages
01-08 Typical Routing Configuration
No ratings yet
01-08 Typical Routing Configuration
45 pages
Minilinktnethernetconfig 220828073619 30505bb5 2
No ratings yet
Minilinktnethernetconfig 220828073619 30505bb5 2
150 pages
2 9 2 Lab - Basic Switch and End Device Configuration Answer
No ratings yet
2 9 2 Lab - Basic Switch and End Device Configuration Answer
12 pages
Week 3 Lab 2 Assignment-1
No ratings yet
Week 3 Lab 2 Assignment-1
10 pages
01 - Basic Switch Configurations-2
No ratings yet
01 - Basic Switch Configurations-2
12 pages
Lab Basic Switch Configuration
No ratings yet
Lab Basic Switch Configuration
13 pages
_Lab 1 (Networking).docx
No ratings yet
_Lab 1 (Networking).docx
13 pages
CCIE Enterprise Infrastructure
No ratings yet
CCIE Enterprise Infrastructure
338 pages
Ccnav7-Student Lab Final
No ratings yet
Ccnav7-Student Lab Final
79 pages
Lab - Basic Switch Configuration
No ratings yet
Lab - Basic Switch Configuration
11 pages
Lab - View Network Device MAC Addresses: Topology
No ratings yet
Lab - View Network Device MAC Addresses: Topology
6 pages
Exercise 06 - View The Switch MAC Address Table
No ratings yet
Exercise 06 - View The Switch MAC Address Table
4 pages
1.1.7 Lab - Basic Switch Configuration (Finished)
No ratings yet
1.1.7 Lab - Basic Switch Configuration (Finished)
14 pages
1.1.7 Lab - Basic Switch Configuration
No ratings yet
1.1.7 Lab - Basic Switch Configuration
24 pages
1.1.7 Lab - Basic Switch Configuration
No ratings yet
1.1.7 Lab - Basic Switch Configuration
19 pages
Lab 1.1 - 1.1.7 Lab - Basic Switch Configuration
No ratings yet
Lab 1.1 - 1.1.7 Lab - Basic Switch Configuration
13 pages
7.2.7 Computer Netwoks
No ratings yet
7.2.7 Computer Netwoks
5 pages
1.1.7 Packet Tracer - Basic Switch Configuration - Physical Mode
No ratings yet
1.1.7 Packet Tracer - Basic Switch Configuration - Physical Mode
8 pages
7.2.7 Lab - View Network Device MAC Addresses
No ratings yet
7.2.7 Lab - View Network Device MAC Addresses
5 pages
05.switching Basics - L2 Switching Principles
No ratings yet
05.switching Basics - L2 Switching Principles
49 pages
2.2.3.2 Video - Saving Configurations
No ratings yet
2.2.3.2 Video - Saving Configurations
1 page
Experiment No. 4: Verify and Test Network Connectivity O
No ratings yet
Experiment No. 4: Verify and Test Network Connectivity O
9 pages
Practica 1 Port Security
No ratings yet
Practica 1 Port Security
7 pages
7.2.7 Lab - View Network Device Mac Addresses
No ratings yet
7.2.7 Lab - View Network Device Mac Addresses
8 pages
Vicente Alfonso Aguilar Vidal Lab - Basic Switch Configuration
No ratings yet
Vicente Alfonso Aguilar Vidal Lab - Basic Switch Configuration
11 pages
HPE FlexFabric 5700 Layer 2 - LAN_1
No ratings yet
HPE FlexFabric 5700 Layer 2 - LAN_1
150 pages
Lab 6.2.6 Add, Move, and Change MAC Addresses: Objective
No ratings yet
Lab 6.2.6 Add, Move, and Change MAC Addresses: Objective
8 pages
1.1.7 Packet Tracer - Basic Switch Configuration - Physical Mode
No ratings yet
1.1.7 Packet Tracer - Basic Switch Configuration - Physical Mode
9 pages
Challenge_Lab_03 report GROUP 1
No ratings yet
Challenge_Lab_03 report GROUP 1
25 pages
Week10-Lab-build A Network With Switch and Observe MAC Addresses and ARP
No ratings yet
Week10-Lab-build A Network With Switch and Observe MAC Addresses and ARP
9 pages
Procedure - Lab Discovery 2
No ratings yet
Procedure - Lab Discovery 2
3 pages
Lab 0 Basic Switch Configuration-1
No ratings yet
Lab 0 Basic Switch Configuration-1
7 pages
Configuring a Huawei Switch
No ratings yet
Configuring a Huawei Switch
12 pages
Lab 6.2.6 Add, Move, and Change MAC Addresses: Objective
No ratings yet
Lab 6.2.6 Add, Move, and Change MAC Addresses: Objective
8 pages
Task 1: Prepare The Network: System and Network Admin Lab 2
No ratings yet
Task 1: Prepare The Network: System and Network Admin Lab 2
8 pages
7.3.7 Lab - View The Switch MAC Address Table - ILM
No ratings yet
7.3.7 Lab - View The Switch MAC Address Table - ILM
11 pages
Lab1: Learning About Switches: 1 Objectives
No ratings yet
Lab1: Learning About Switches: 1 Objectives
4 pages
Sesión Práctica 04 - Observar La MAC de Un Dispositivo en Red
No ratings yet
Sesión Práctica 04 - Observar La MAC de Un Dispositivo en Red
6 pages
08 VLAN Principles and Configuration
No ratings yet
08 VLAN Principles and Configuration
46 pages
5.3.1.10 Lab - Using IOS CLI With Switch MAC Address Tables
No ratings yet
5.3.1.10 Lab - Using IOS CLI With Switch MAC Address Tables
5 pages
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
From Everand
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
Mamta Devi
No ratings yet
CCNA Exam Excellence: Study Guide & Practice Tests
From Everand
CCNA Exam Excellence: Study Guide & Practice Tests
SUJAN
No ratings yet
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
From Everand
Network with Practical Labs Configuration: Step by Step configuration of Router and Switch configuration
Mulayam Singh
No ratings yet
MasteringDIALuxforLightingDesignandCalculation
No ratings yet
MasteringDIALuxforLightingDesignandCalculation
64 pages
06 OSPF Basics
No ratings yet
06 OSPF Basics
49 pages
Do The Vacuuming
No ratings yet
Do The Vacuuming
1 page
Capa MPLS
No ratings yet
Capa MPLS
2 pages
Descritivotecnico s5600
No ratings yet
Descritivotecnico s5600
39 pages
SN2700 Open Ethernet Switch: Highlights
No ratings yet
SN2700 Open Ethernet Switch: Highlights
3 pages
HCIA-Routing & Switching Intermediate Lab Guide V2.5
No ratings yet
HCIA-Routing & Switching Intermediate Lab Guide V2.5
151 pages
DES-3226L Ds
No ratings yet
DES-3226L Ds
3 pages
Huawei: Question & Answers
0% (1)
Huawei: Question & Answers
11 pages
cp6924-1-user-guide-v1.2
No ratings yet
cp6924-1-user-guide-v1.2
77 pages
AT-8000S/48POE: Layer 2 Stackable Fast Ethernet Switch
No ratings yet
AT-8000S/48POE: Layer 2 Stackable Fast Ethernet Switch
3 pages
CCTV DBR
No ratings yet
CCTV DBR
40 pages
VPC - Best Practices and Design Guidelines
100% (1)
VPC - Best Practices and Design Guidelines
58 pages
DS-A10 Networks Thunder 5430S
No ratings yet
DS-A10 Networks Thunder 5430S
2 pages
Skip To Contentskip To Footer Products Support More
No ratings yet
Skip To Contentskip To Footer Products Support More
78 pages
h18241.8 Dell Powerstore Best Practices Guide
No ratings yet
h18241.8 Dell Powerstore Best Practices Guide
18 pages
Unit 15 Transport Network Design
100% (1)
Unit 15 Transport Network Design
6 pages
ORing 2011 Catalog
No ratings yet
ORing 2011 Catalog
384 pages
Website: Vce To PDF Converter: Facebook: Twitter:: Hpe0-V14.Vceplus - Premium.Exam.60Q
No ratings yet
Website: Vce To PDF Converter: Facebook: Twitter:: Hpe0-V14.Vceplus - Premium.Exam.60Q
28 pages
SLX Lab Guide
No ratings yet
SLX Lab Guide
267 pages
Nce 145 MC Lag Ex Core Campus
No ratings yet
Nce 145 MC Lag Ex Core Campus
48 pages
System Manual: NWA-033621-001 ISSUE 2.0
No ratings yet
System Manual: NWA-033621-001 ISSUE 2.0
234 pages
2510G PDF
No ratings yet
2510G PDF
15 pages
M Show Commands
No ratings yet
M Show Commands
60 pages
Network and Traffic Management v11!10!1
0% (1)
Network and Traffic Management v11!10!1
202 pages
ASA Clustering Within VMDC Architecture: Document Goal
No ratings yet
ASA Clustering Within VMDC Architecture: Document Goal
22 pages
ECS - ECS Upgrade Procedures-ECS 2.0.x.x To 2.1.x.x Operating System Online Update
No ratings yet
ECS - ECS Upgrade Procedures-ECS 2.0.x.x To 2.1.x.x Operating System Online Update
22 pages
CISCO CCNA Certifications - CCNA 3 - Module 1 PDF
No ratings yet
CISCO CCNA Certifications - CCNA 3 - Module 1 PDF
5 pages
Broadcom StandardReport_480013128
No ratings yet
Broadcom StandardReport_480013128
29 pages
E2013040990EN OS6450-10 EN Datasheet
No ratings yet
E2013040990EN OS6450-10 EN Datasheet
6 pages
ZXMP M721 Product Description - 20220331 - EN
100% (1)
ZXMP M721 Product Description - 20220331 - EN
196 pages
h15093 Dell Emc Unity Best Practices Guide
No ratings yet
h15093 Dell Emc Unity Best Practices Guide
18 pages
BRKSPG 2473
No ratings yet
BRKSPG 2473
94 pages