Configuring VLANS

A VLAN defines how the user traffic is presented through the network interface.

To configure a VLAN:

Select Configure > Policy > VLANS.
Select Add, or select an existing VLAN from the list.

Configure the following parameters:

Table 1. VLAN Configuration Settings
Field	Description
Name	Provide a unique name for the VLAN.
Mode	Bridged@AC — The ExtremeCloud IQ Controller bridges traffic for the station through its interfaces, rather than routing the traffic. For B@AC, topology the station's "point of presence" on the wired network is the data plane port assigned to the topology. Bridged@AP — Assigned to APs, the AP bridges traffic between its wired and wireless interfaces without involving the ExtremeCloud IQ Controller. The station's "point of presence" on the wired network for a bridged at AP topology is the AP's wired port. Fabric Attach — The Fabric Attach topology type allows an AP to attach to a Shortest Path Bridging (Fabric Connect) Network. The client component on the AP communicates directly with the server on an edge switch (or it can communicate with the server through a proxy) to allow the AP to request VLAN to I-SID (backbone Service Identifier [IEEE 802.1 ah] mappings). The Fabric Attach topology type is similar to B@AP with the added I-SID parameter. Fabric Attach can be configured on the ExtremeCloud IQ Controller anywhere a B@AP topology can be configured. VxLAN — VxLAN is a network virtualization technology that leverages existing Layer 3 infrastructures to create tenant overlay networks. VxLAN addresses the requirements of a multi-tenant data center network infrastructure by: Increasing virtual network scalability to 16 million instances. This allows for tenant VLAN (Virtual LAN) isolation whereby multiple tenants can manage their own VLAN/VMAN and MAC address spaces. Adding an encapsulation that effectively hides VM MAC addresses from the physical network that results in physical networking devices to have smaller MAC and IP table sizes. Allowing for Layer 2 adjacency across IP networks by which DC network operators protect their investment in their current infrastructure. Additionally operators can distribute traffic loads across links efficiently using Layer 3 ECMP (Equal-Cost Multi-Path routing).
VLAN ID	Specify the VLAN ID. Note: It is possible to configure a unique VLAN ID when configuring a role. This provides more flexibility in the Contain to VLAN default Action. A unique VLAN ID is also required for a GRE topology. The VLAN ID range is (1 - 4094). 4094 is reserved for Internal VLAN ID.
VNI	For VxLAN. VxLAN Network Identifier. The VNI is a 24-bit identifier. It can be used in more than one VxLAN topology.
Remote VTEP	For VxLAN. The IP address of the tunnel End-Point is referred to as a VxLAN Tunnel Endpoint (or VTEP). The VTEP is the IP address of the network switch. Network switches that act as a VTEP are referred to as VxLAN gateways. There can only be one VTEP per VxLAN topology.
I-SID	For Fabric Attach. A unique VLAN identifier and a unique I-SID (service identifier). The I-SID range is (0-15999999). Use I-SID = 0 to support Fabric Attach Standalone Proxy mode on Extreme Networks Ethernet Routing Switches. Standalone Proxy mode indicates that the network does not include a Fabric Attach Server switch (and therefore does not include a Shortest Path Bridging Fabric Core).
Tagged Traffic	If you have more than one VLAN on a port, enable tagging to identify to which VLAN the traffic belongs. Ensure that the tagged vs. untagged state is consistent with the switch port configuration. Fabric Attach topologies are always tagged.
Port	The port for network traffic bridged at controller (for example, physical ports: Port0, Port1, Port3, Port4). LAG ports are supported on physical appliances only (LAG1, LAG2). When the VLAN uses a Port that is then added to a LAG, use the LAG as the VLAN.
Layer 3	Check this box when configuring parameters for the network layer (B@AC). Note: The Certificates button displays to configure browser certificates for captive portal security.
Layer 3 Parameters
Remote Settings: IP Address	The IP Address of a remote server on which the VLAN resides.
IP Address	IP address of the VLAN. Wireless clients can access ExtremeCloud IQ Controller via this IP address. Note: The following subnets are reserved for internal communications and Docker operations: 172.17.0.0/24 172.31.0.16/28 The ExtremeCloud IQ Controller user interface logic prevents adding addresses in these address ranges for VLAN interface references.
FQDN	Fully-Qualified Domain Name
CIDR	CIDR field is used along with IP address field to find the IP address range.
DHCP	Dynamic Host Configuration Protocol allows network administrators to centrally manage and automate the assignment of IP addresses on the corporate network. DHCP sends a new IP address when a computer is plugged into a different place in the network. The protocol supports static or dynamic IP addresses and can dynamically reconfigure networks in which there are more computers than there are available IP addresses. Valid values are: Local Server. Indicates that the ExtremeCloud IQ Controller is used for managing IP addresses. Use Relay. Indicates that the ExtremeCloud IQ Controller forwards DHCP requests to an external DHCP server on the enterprise network. DHCP relay bypasses the local DHCP server for the ExtremeCloud IQ Controller and allows the enterprise to manage IP address allocation to a site from its existing infrastructure.
Enable Device Registration	Indicates that the wireless AP or switch can use this port for discovery and registration.
Mgmt Traffic	Indicates that this port will be used to manage traffic. Enable Mgmt Traffic to access the ExtremeCloud IQ Controller user interface through this port.
Associated Profiles	Select to display a list of configured Profiles. You can associate a VLAN to a specific set of devices through the assigned configuration Profile for the device group.

To configure advanced parameters, select Advanced.
Select Save.

9038918-00 Rev. AA