Command Line Reference
Ethernet Switching
VLAN Configuration
20 min
vlan(virtual local area network)the commands for creating, deleting and adding members are shown in the table show vlan summary show vlan summary \[command] show vlan summary \[purpose] display vlan summary information \[view] system view \[use cases] sonic# show vlan summary + + + + + + \| vlan id | ip address | ports | port tagging | dhcp helper address | +===========+================+===========+================+=====================+ \| 1000 | 192 168 0 1/21 | ethernet0 | untagged | 192 0 0 1 | \| | | ethernet1 | untagged | 192 0 0 2 | \| | | ethernet2 | untagged | 192 0 0 3 | \| | | ethernet3 | untagged | 192 0 0 4 | + + + + + + description of the description of the show vlan summary command output item description vlan id vlan id ip address ip address for svi interface ports vlan member interface port tagging vlan member interface properties dhcp helper address if the device has dhcp relay enabled and this vlan is added as a downlink interface to a dhcp instance, then this section displays the dhcp server ip address for that instance show vlan vid show vlan vid \[command] show vlan vid vlan id show vlan all \[purpose] display vlan specific information \[view] system view \[use cases] sonic# show vlan vid 300 vlan id 300 route interface name vlan 300 tagged ports untagged ports ethernet1 mac learning enable show vlan mac trigger show vlan mac trigger \[command] show vlan mac trigger \[ vlan id ] \[purpose] show all vlan mac trigger details \[view] system view \[use cases] sonic# show vlan mac trigger + + + \| vlanid | status | +==========+==========+ \| 10 | enabled | + + + sonic# show vlan mac trigger vlan id 10 + + + \| vlanid | status | +==========+==========+ \| 10 | enabled | + + + vlan vlan \[command] vlan vlan id no vlan vlan id \[purpose] create vlan \[parameter] parameter description vlan id vid(1 4094) \[view] system configuration view \[use cases] sonic# configure terminal sonic(config)# vlan 300 sonic(config vlan 300)# show this ! vlan 300 switchport {trunk|access} vlan switchport {trunk|access} vlan \[command] switchport {trunk|access} vlan vlan id \[purpose] add interface to vlan \[parameter] parameter description trunk add interface to vlan with trunk mode access add interface to vlan with access mode \[view] interface view \[usage scenario] frames sent by user hosts are untagged, and frames received by the interface from the peer device may be tagged therefore, the device should be configured with different modes when adding interfaces to vlans, depending on the actual use case \[notes] access mode an interface can only be added to one vlan in access mode when an interface is added to a vlan in access mode, as an incoming interface, it can receive frames without vlan tags or with vlan ids equal to the access value as an outgoing interface, it compares the vlan tag carried by the frame with the access value if they are equal, it strips the vlan tag from the frame; if they are not equal, it takes no action trunk mode an interface can be added to multiple vlans in trunk mode, indicating that it allows traffic to pass through without modifying the vlan tag on the frame a physical interface can be added to different vlans in both access and trunk modes \[use cases] sonic(config)# interface ethernet 1 sonic(config if 1)# switchport access vlan 10 vlan group vlan group \[command] vlan group vlan id vlan id \[purpose] bulk create vlans and enter vlan configuration view \[parameter] parameter description vlan id vlan id specify the vlan range \[view] system configuration view \[usage scenario] when there is a need to configure a large number of vlans with similar properties, this command allows entering the vlan creation process and vlan configuration view for modifying the configuration of these vlans \[use cases] sonic(config)# vlan group 10 20,30,40 broadcast {flood|drop} broadcast {flood|drop} \[command] broadcast {flood|drop} \[purpose] configure broadcast function handling \[parameter] parameter description flood broadcast packets within a vlan drop drop broadcast packets \[view] vlan view \[usage scenario] broadcast forwarding is a method of sending a data packet to all devices within the same vlan it can be used for sending arp requests, dhcp requests, and similar functions in a vlan, whether broadcast packets are forwarded can be configured on the switch \[use cases] sonic# configure terminal sonic(config)# vlan 40 sonic(config vlan 40)# broadcast drop unknown uni {flood|drop} unknown uni {flood|drop} \[command] unknown uni {flood|drop} \[purpose] configure the processing of unknown unicast packets \[parameter] parameter description flood broadcast packets within a vlan drop drop unknown unicast packets \[view] vlan view \[usage scenario] unknown unicast refers to unicast data packets for which the switch cannot determine the vlan in which the destination mac address resides if a vlan needs to receive unknown unicast data, it can be configured in unknown unicast forwarding mode if a vlan does not need to forward unknown unicast data packets within it, it can be configured in discard mode \[use cases] sonic# configure terminal sonic(config)# vlan 40 sonic(config vlan 40)# unknown uni drop unre multi {flood|drop} unre multi {flood|drop} \[command] unre multi {flood|drop} \[purpose] configure the processing of unknown multicast packets \[parameter] parameter description flood broadcast packets within a vlan drop drop unknown multicast packets \[view] vlan view \[usage scenario] multicast is a method of sending packets to a group of devices in the same vlan it is used for multimedia streaming, routing protocols, and more in a vlan, multicast forwarding can be achieved by configuring the switch's igmp snooping feature however, if you want to prevent the forwarding of unknown multicast within that vlan, you can use the "drop" parameter for implementation \[use cases] sonic# configure terminal sonic(config)# vlan 40 sonic(config vlan 40)# unre multi drop mac trigger enable mac trigger enable \[command] mac trigger enable no mac trigger enable \[purpose] enable the vlan mac trigger function \[view] vlan view \[usage scenario] this function is used in the fast migration scenario the first packet sent by a terminal when migrating to a new device may not be an arp/nd packet and cannot trigger the arp/nd learning function after enabling this command, when the mac address of the terminal does not exist in the mac address table on the device, the device can trigger mac trigger to learn the neighbor table entry when it receives an ip packet from the terminal to complete the online operation of the terminal usually used in combination with dhcp snooping and other features to ensure security \[use cases] sonic# configure terminal sonic(config)# vlan 40 sonic(config vlan 40)# mac trigger enable batch vlan group batch vlan group \[command] batch vlan group group id no batch vlan group group id \[purpose] configure the batch vlan feature \[view] system configuration view \[usage scenario] when you need to create multiple vlans and add interfaces in bulk, use the batch vlan group command to enter the batch vlan view, which simplifies the configuration process \[notes] vlans created through batch vlan can only be used for layer 2 functionality if you need to create an interface vlan for layer 3 operations, please still use the vlan command to create the vlan \[use cases] sonic# configure terminal sonic(config)# batch vlan group 1 sonic(config batch vlan group 1)# switchport trunk ethernet switchport trunk ethernet \[command] switchport trunk ethernet interface name no switchport trunk ethernet interface name \[purpose] in the batch vlan view, add interfaces in bulk \[view] batch vlan view \[use cases] sonic# configure terminal sonic(config)# batch vlan group 1 sonic(config batch vlan group 1)# switchport trunk ethernet 8,10 52 vlan ids vlan ids \[command] vlan ids vlan id no vlan ids vlan id \[purpose] in the batch vlan view, add vlan in bulk \[view] batch vlan view \[notes] regular vlans and batch vlans are mutually exclusive to create vlans or interface vlans in the normal way, you need to remove the desired vlans from the batch vlan \[use cases] sonic# configure terminal sonic(config)# batch vlan group 1 sonic(config batch vlan group 1)# switchport trunk ethernet 8,10 52 sonic(config batch vlan group 1)# vlan ids 1 1024 arp trap enable arp trap enable \[command] arp trap enable no arp trap enable \[purpose] configure the arp packets under this vlan to only be sent to the cpu \[view] vlan view \[use cases] sonic(config vlan 1000)# arp trap enable
