VLAN

You can use this interface type for management of Layer 2 switches or for Zero-Touch onboarding of newly deployed devices.

For more information on Zero-Touch onboarding, see Zero Touch Capabilities.

You can configure a Management Instance VLAN on a DvR Leaf node by specifying the I-SID. For more information, see Management I-SID Assignment to DvR Leaf.

The following list defines the abilities of this interface type:

Coexistence Restrictions

IPv4 and IPv6 address coexistence for both a NOS routing VLAN and VLAN Management Instance is supported, however you must manually match both IP address configurations between the VLANs.

If you configure the VLAN Management Instance with a manual IPv4 address and a DHCP IPv4 address first, you cannot add a IPv4 address to a NOS routing VLAN.

If you configure the VLAN Management Instance with an IPv6 address first, you can only add one IPv6 global address to a NOS routing VLAN.

The following restrictions apply when a VLAN Management Instance coexists with a port-based VLAN or with a brouter port:

For the 5320-24P-8XE, 5320-24T-8XE, 5320-16P-4XE, and 5320-16P-4XE-DC switches, the management VLAN must be part of the active VRF. For more information about VRF support on these models, see VRF Lite.

Configuration Example - Coexistence with Port-Based VLAN

The following example shows how the VLAN Management Instance can be configured to share the same IP address as a routing port-based VLAN.

You can configure the NOS VLAN first, and then configure the VLAN Management Instance, or in reverse order. You can remove or add the coexistence at any time.

Note

Note

With the coexistence between NOS routing stack and the VLAN Management Instance, packets sent to the VLAN Management Instance IP address must ingress the switch from a VLAN port (or contain the VLAN ID) associated with the VLAN Management Instance. The system does not route packets between the NOS routing VLAN and the VLAN Management Instance.

Example

IPv4

vlan create 10 type port-mstprstp 0
vlan members add 10 1/1
interface vlan 10
ip address 192.0.2.0/24
exit
mgmt vlan 10
ip address 192.0.2.0/24
ip route 0.0.0.0/0 next-hop 192.0.2.1
enable

IPv6

vlan create 10 type port-mstprstp 0
vlan members add 10 1/1
interface vlan 10
ipv6 interface address 2001:DB8::/32 
ipv6 interface enable
exit
mgmt vlan 10
ipv6 address 2001:DB8::/32 
ipv6 route 0::0/0 next-hop 2001::1
enable

Configuration Example - Coexistence with Brouter Port

The following example shows how the VLAN Management Instance can be configured to share the same IP address as a brouter interface.

You must configure the brouter interface before you enable the VLAN Management Instance. When the VLAN Management Instance is enabled, you must disable the VLAN Management Instance before you disable the brouter port.

Example

IPv4

interface GigabitEthernet 1/1
no shutdown
brouter port 1/1 vlan 10 subnet 192.0.2.0/24
mgmt vlan 10
ip address 192.0.2.0/24
enable 

IPv6

interface GigabitEthernet 1/1
no shutdown
ipv6 interface vlan 10
ipv6 interface address 2001:DB8::/32
ipv6 interface enable
mgmt vlan 10
ipv6 address 2001:DB8::/32
enable