Protocol and Feature Interactions

This feature leverages existing untagged and CEP VMAN port infrastructure, therefore any protocol that works with a regular untagged and CEP VMAN port will also work when the optional Port CVID is additionally configured.

Protocols that locally originate control packets, such as STP and ELRP which are used for loop prevention, will transmit packets as natively untagged on the wire when the port is an untagged VMAN member. These untagged packets will also be able to be received and processed by ExtremeXOS. This makes STP edge safeguard + BPDU guard or ELRP effective ways to detect and react to network loops on the device. However, since control packets are transmitted as untagged upstream devices may need additional configuration support to properly detect remote loops not directly attached to the device.

Other effective loop prevention mechanisms work without any interaction with untagged VMAN ports. For example, turning physical port auto-polarity off will prevent an accidental looped cable from becoming active. Likewise, storm-control rate limiting of broadcast and flood traffic can be applied in this environment to minimize the effects of a network loop. In addition to detecting, preventing, and minimizing the effects of a network loop, user ACLs can be applied to gain visibility and control of L2, L3, and L4 match criteria even with double tagged packets. All applicable ACL action modifiers are available in this environment. IP multicast pruning within a VMAN can be accomplished via normal IGMP snooping. ExtremeXOS supports full IGMP snooping and IP multicast pruning of single tagged and double tagged packets. However, when an IP address is configured on the VMAN, the IGMP protocol engine will transmit single tagged packets on tagged VMAN ports or untagged packets on untagged VMAN ports so upstream switch configuration and support may be necessary to properly propagate group memberships across the network.