switchport

interface-config-ge-instance

Sets switching mode characteristics for the selected interface

Supported in the following platforms:

  • Access Points — AP505i, AP510i/e, AP560i/h
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

switchport [access|mode|trunk]
switchport access vlan [<1-4094>|<VLAN-ALIAS-NAME>]
switchport mode [access|trunk]
switchport trunk [allowed|fabric-attach|native]
switchport trunk allowed vlan [<VLAN-ID>|add <VLAN-ID>|none|remove <VLAN-ID>]
swithcport trunk fabric-attach vlan [<1-4094>|<VLAN-ALIAS-NAME>] isid <1-16777214>
switchport trunk native [tagged|vlan [<1-4094>|<VLAN-ALIAS-NAME>]]

Parameters

switchport access vlan [<1-4094>|<VLAN-ALIAS-NAME>]
access vlan [<1-4094>| <VLAN-ALIAS-NAME>] Sets the VLAN when interface is in the access mode. You can either directly specify the native VLAN ID or use a VLAN alias to identify the native VLAN.
  • <1-4094> – Specify the SVI VLAN ID from 1 - 4094.
  • <VLAN-ALIAS-NAME> – Specify the VLAN alias name (should be existing and configured).

An Ethernet port in the access mode accepts packets only from the native VLAN. Frames are forwarded out the port untagged with no 802.1Q header. All frames received on the port are expected as untagged and are mapped to the native VLAN.

switchport mode [access|trunk]
mode [access|trunk] Sets the interface‘s switching mode to access or trunk (can only be used on physical - layer 2 - interfaces)
  • access – If access mode is selected, the access VLAN is automatically set to VLAN1. In this mode, only untagged packets in the access VLAN (vlan1) are accepted on this port. All tagged packets are discarded.
  • trunk – If trunk mode is selected, tagged VLAN packets are accepted. The native VLAN is automatically set to VLAN1. Untagged packets are placed in the native VLAN by the wireless controller or service platform. Outgoing packets in the native VLAN are sent untagged. The default mode for both ports is trunk.
switchport trunk allowed vlan [<VLAN-ID>|add <VLAN-ID>|none|remove <VLAN-ID>]
trunk allowed Sets trunking mode, allowed VLANs characteristics of the port. Use this option to add VLANs that exclusively send packets over the listed port.
vlan [<VLAN-ID>| add <VLAN-ID>| none| remove <VLAN-ID> Sets allowed VLAN options. The options are:
  • <VLAN-ID> – Allows a group of VLAN IDs. Specify the VLAN IDs, can be either a range (55-60) or a comma-separated list (35, 41, etc.)
  • none – Allows no VLANs to transmit or receive through the layer 2 interface
  • add <VLAN-ID> – Adds VLANs to the current list
    • <VLAN-ID> – Specify the VLAN IDs. Can be either a range of VLAN (55-60) or a list of comma separated IDs (35, 41, etc.)
  • remove <VLAN-ID> – Removes VLANs from the current list
    • <VLAN-ID> – Specify the VLAN IDs. Can be either a range of VLAN (55-60) or a list of comma separated IDs (35, 41, etc.)

Allowed VLANs are configured only when the switching mode is set to “trunk”.

switchport trunk fabric-attach vlan [<1-4094>|<VLAN-ALIAS-NAME>] isid <1-16777214>
trunk Sets trunking mode characteristics of this Ethernet port
fabric-attach Enables FA (Fabric Attach) client operation on this Ethernet port. Use this option to enable non-SPB WiNG devices (access points and controllers) as FA Clients.

The Fabric Attach topology type allows an AP to attach to a SPB (Shortest Path Bridging) (Fabric Connect) Network. The client component on the AP communicates directly with the server on an edge switch (or it can communicate with the server through a proxy) to allow the AP to request VLAN to I-SID (backbone Service Identifier [IEEE 802.1 ah] mappings).

FA enabled switches, in the FC network, send out LLDP messages with TLV extensions of Organization-specific TLV with OUI, to discover FA clients and advertise capabilities.

Note: When Fabric Attach is configured, LLDP (Link Layer Discovery Protocol) is automatically enabled on all APs associated with the topology. The setting cannot be disabled by users.

The switch requires that the VLAN/I-SID mapping is unique per port per switch, therefore only one AP per switch port is allowed.

WiNG devices connected to an FA-enabled edge switch auto-learn interface configuration from the edge switch. The WiNG device auto-configures the VLAN on that interface supplied from the edge switch. The edge switch may mark/unmark the VLAN for tagging and this reflects in the interface configuration of the WiNG device.

The auto-configuration is local to the AP/controller and does not persist across reboots. It is recommended that you enable “no auto-learn staging-config” on the controller adopting the AP. We also recommend that the controller has the AP‘s interface configuration pre-configured on the AP's profile, to avoid the controller overriding the AP‘s configuration, resulting in the AP losing connectivity with the controller.

Use this command to configure the I-SID (Individual Service Identifier) to VLAN mapping that the FA Client uses to negotiate with the FAS.

Note: You can configure FA Client capability on a device‘s profile as well as device contexts.
Note: This option is enabled only when the switching mode is set to trunk.
vlan [<1-4094>|<VLAN-ALIAS-NAME>] Configures the VLAN through which traffic from this device is routed to the FA switch
  • <1-4094> – Specify the VLAN from 1 - 4094.
  • <VLAN-ALIAS-NAME> – Use a VLAN alias to specify the VLAN. If using a VLAN alias, ensure that the alias is existing and configured.

The FA Client requests acceptance of the I-SID to VLAN mapping from the FAS within the FC (Fabric Connect) network. Once acceptance is achieved, the FC edge switch applies the I-SID to the VLAN traffic from the device (AP or controller), and uses this I-SID inside the Fabric.

Note: Both the FA Client and FA switch (at the edge of the FC network) use LLDP Element and Assignment Type-Length-Values (TLVs) to advertise their identity and FA capabilities.
isid <1-16777214> Configures the I-SID to be associated with the VLAN interface specified above.
  • isid <1-16777214> – Specify the I-SID from 1 - 16777214. The IEEE Auto-Attach standard requires that the I-SID and VLAN ID be unique per port per switch, so that the device does not enforce duplicate I-SID and VLAN ID for each mapping.
Note: A maximum of 94 pairs of I-SID to VLAN mappings can be configured per Ethernet port.
switchport trunk native [tagged|vlan [<1-4094>|<VLAN-ALIAS-NAME>]]
trunk Sets trunking mode characteristics of the switchport
native [tagged|vlan [<1-4094>| <VLAN-ALIAS-NAME>]] Configures the native VLAN ID for the trunk-mode port

The native VLAN allows an Ethernet device to associate untagged frames to a VLAN when no 802.1Q frame is included in the frame. Additionally, the native VLAN is the VLAN untagged traffic is directed over when using a port in trunk mode.

  • tagged – Tags the native VLAN. When a frame is tagged, the 12 bit frame VLAN ID is added to the 802.1Q header enabling upstream Ethernet devices to know which VLAN ID the frame belongs to. The device reads the 12 bit VLAN ID and forwards the frame to the appropriate VLAN. When a frame is received with no 802.1Q header, the upstream device classifies the frame using the default or native VLAN assigned to the Trunk port. A native VLAN allows an Ethernet device to associate untagged frames to a VLAN when no 802.1Q frame is included in the frame.
  • vlan [<1-4094>|<VLAN-ALIAS-NAME>] – Sets the native VLAN for classifying untagged traffic when the interface is in trunking mode.
    • <1-4094> – Specify a value from 1 - 4094.
    • <VLAN-ALIAS-NAME> – Specify the VLAN alias name used to identify the VLANs. The VLAN alias should be existing and configured.

Usage Guidelines

Interfaces ge1 - ge4 can be configured as trunk or in access mode. An interface configured as “trunk” allows packets (from the given list of VLANs) to be added to the trunk. An interface configured as “access” allows packets only from native VLANs.

Use the [no] switchport (access|mode|trunk) to undo switchport configurations.

Example

nx9500-6C8809(config-profile-default-rfs4000-if-ge1)#switchport trunk native 
tagged

nx9500-6C8809(config-profile-default-rfs4000-if-ge1)#switchport access vlan 1

nx9500-6C8809(config-profile-default-rfs4000-if-ge1)#show context
 interface ge1
  description "This is GigabitEthernet interface for Royal King"
  speed 10
  duplex full
  switchport mode access
  switchport access vlan 1
  spanning-tree bpduguard enable
  spanning-tree bpdufilter disable
  --More--
nx9500-6C8809(config-profile-default-rfs4000-if-ge1)#

The following is the basic configuration required to enable a device as a FA Client, with tagged native VLAN traffic:

ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport mode trunk
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport trunk 
fabric-attach vlan 1 isid 1
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport trunk 
fabric-attach vlan 2 isid 200
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport trunk 
fabric-attach vlan 100 isid 1000
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport trunk 
allowed vlan 1-2,100
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#switchport trunk 
native tagged
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#show context
 interface ge1
  switchport mode trunk
  switchport trunk fabric-attach vlan 1 isid 1
  switchport trunk fabric-attach vlan 2 isid 200
  switchport trunk fabric-attach vlan 100 isid 1000
  switchport trunk native vlan 1
  no switchport trunk native tagged
  switchport trunk allowed vlan 1-2,100
ap8432-070235(config-device-74-67-F7-07-02-35-if-ge1)#

Related Commands

no Disables or reverts interface settings to their default