Sun Netra CP3240 Switch User’s Guide

This chapter describes how to configure the Netra CP3240 switch with some ports supporting VLANs and some supporting routing. Also, this chapter shows how to configure VLAN with RIP and OSPF.

You can configure the software to allow traffic on a VLAN to be treated as if the VLAN were a router port.

A port can be either a VLAN port or a router port, but not both. However, a VLAN port may be part of a VLAN that is itself a router port.

This chapter contains the following topics:

• Section , Understanding VLAN Routing
• Section , Configuring VLAN Routing via CLI
• Section , Configuring VLAN Routing via Web Interface
• Section , Configuring VLAN Routing With RIP
• Section , Configuring VLAN Routing With OSPF

---

Understanding VLAN Routing

When a port is enabled for bridging (default) rather than routing, all normal bridge processing is performed for an inbound packet, which is then associated with a VLAN. Its MAC Destination Address (MAC DA) and VLAN ID are used to search the MAC address table. If routing is enabled for the VLAN and the MAC DA of an inbound unicast packet is that of the internal bridge-router interface, the packet will be routed. An inbound multicast packet will be forwarded to all ports in the VLAN, plus the internal bridge-router interface if it was received on a routed VLAN.

Since a port can be configured to belong to more than one VLAN, VLAN routing might be enabled for all of the VLANs on the port, or for a subset. VLAN Routing can be used to allow more than one physical port to reside on the same subnet. It could also be used when a VLAN spans multiple physical networks, or when additional segmentation or security is required.

---

Configuring VLAN Routing via CLI

This section provides an example of how to configure the Sun Netra CP3240 switch to support VLAN routing. The configuration of the VLAN router port is similar to that of a physical port. The main difference is that, after the VLAN has been created, you must use the show ip vlan command to determine the VLAN’s interface ID so that you can use it in the router configuration commands.

The diagram in this section shows a Layer 3 switch configured for port routing. It connects two VLANs, with two ports participating in one VLAN, and one port in the other. The script shows the commands you would use to configure Sun Netra CP3240 switch to provide the VLAN routing support shown in the diagram.

FIGURE 17-1 VLAN Routing Example Network Diagram

Example 1: Create Two VLANs

The following code sequence shows an example of creating two VLANs with egress frame tagging enabled.

vlan database
  vlan 10
  vlan 20
exit
 
config
  interface 0/1
    vlan participation include 10
  exit
  interface 0/2
    vlan participation include 10
  exit
  interface 0/3
    vlan participation include 20
  exit
exit
 
config
  vlan port tagging all 10
  vlan port tagging all 20
exit
 
Next specify the VLAN ID assigned to untagged frames received on the ports.
config
  interface 0/1 
    vlan pvid 10
  exit
  interface 0/2 
    vlan pvid 10
  exit
  interface 0/3
    vlan pvid 20
  exit
exit
 

Example 2: Set Up VLAN Routing for the VLANs and the Switch

The following code sequence shows how to enable routing for the VLANs:

vlan database
  vlan routing 10
  vlan routing 20
exit
 
show ip vlan 
This returns the logical interface IDs that will be used instead of slot/port in subsequent routing commands. Assume that VLAN 10 is assigned ID 3/1 and VLAN 20 is assigned ID 3/2.
Enable routing for the switch:
config
  ip routing
exit

The next sequence shows an example of configuring the IP addresses and subnet masks for the virtual router ports.

config
  interface 3/1
    ip address 192.150.3.1 255.255.255.0
  exit
  interface 3/2
    ip address 192.150.4.1 255.255.255.0
  exit
exit

---

Configuring VLAN Routing via Web Interface

Use the following screens to perform the same configuration using the Web Interface:

• Switching --> VLAN--> Configuration. To create the VLANs and specify port participation.
• Switching --> VLAN --> Port Configuration. To specify the handling of untagged frames on receipt, and whether frames will be transmitted tagged or untagged.
• Routing --> VLAN Routing --> Configuration. To enable VLAN routing and configure the ports.
• Routing --> IP --> Interface Configuration. To enable routing for the ports and configure their IP addresses and subnet masks. To enable routing for the switch.

---

Configuring VLAN Routing With RIP

Routing Information Protocol (RIP) is one of the protocols which may be used by routers to exchange network topology information. It is characterized as an “interior” gateway protocol, and is typically used in small to medium-sized networks.

A router running RIP sends the contents of its routing table to each of its adjacent routers every 30 seconds. When a route is removed from the routing table it is flagged as unusable by the receiving routers after 180 seconds, and removed from their tables after an additional 120 seconds.

There are two versions of RIP:

• RIPv1 defined in RFC 1058
• Routes are specified by IP destination network and hop count
• The routing table is broadcast to all stations on the attached network

• RIPv2 defined in RFC 1723
• Route specification is extended to include subnet mask and gateway
• The routing table is sent to a multicast address, reducing network traffic
• An authentication method is used for security

The Netra CP3240 switch supports both versions of RIP. You can configure a given port to:

• receive packets in either or both formats
• transmit packets formatted for RIPv1 or RIPv2 or to send RIPv2 packets to the RIPv1 broadcast address
• prevent any RIP packets from being received
• prevent any RIP packets from being transmitted.

Configuring VLAN With RIP via CLI

The following example adds support for RIPv2 to the configuration created in the base VLAN routing example. A second router, using port routing rather than VLAN routing, has been added to the network.

FIGURE 17-2 RIP for VLAN Routing Example Network Diagram

Example 1: Configuring VLAN Routing with RIP Support

The following sequence creates the VLANs and enables VLAN routing.

vlan database
  vlan 10
  vlan 20
exit
 
config
  interface 0/2
    vlan participation include 10
  exit
  interface 0/3
    vlan participation include 20
  exit
exit
 
config
  vlan port tagging all 10
  vlan port tagging all 20
exit
 
config
  interface 0/2 
    vlan pvid 10
  exit
  interface 0/3
    vlan pvid 20
  exit
exit
 
vlan database
  vlan routing 10
  vlan routing 20
exit
 
show ip vlan 
 
config
  ip routing
exit
 
config
  interface 3/1
    ip address 192.150.3.1 255.255.255.0
  exit
  interface 3/2
    ip address 192.150.4.1 255.255.255.0
  exit
exit

Example 2: Enable RIP for the Switch

This step enables RIP for the switch. The route preference will default to 15.

config
  router rip
    enable
  exit
exit

The next sequence configures the IP address and subnet mask for a non-virtual router port.

config
  interface 0/5
    ip address 192.150.5.1 255.255.255.0
  exit
exit

This last step enables RIP for the VLAN router ports. Authentication will default to none, and no default route entry will be created.

config
  interface 3/1
    ip rip
  exit
  interface 3/2
    ip rip
  exit
exit

Configuring VLAN Routing with RIP via Web Interface

Use the following screens to perform the same configuration using the Graphical User Interface:

• Switching --> VLAN--> Configuration. To create the VLANs and specify port participation.
• Switching --> VLAN --> Port Configuration. To specify the handling of untagged frames on receipt, and whether frames will be transmitted tagged or untagged.
• Routing --> VLAN Routing --> Configuration. To enable VLAN routing and configure the ports.
• Routing --> IP --> Interface Configuration. To enable routing for the ports and configure their IP addresses and subnet masks. To enable routing for the switch and specify the router ID.
• Routing --> RIP --> Configuration. To enable RIP for the switch.
• Routing --> RIP --> Interface Configuration. To enable RIP for the ports and specify the RIP versions.

---

Configuring VLAN Routing With OSPF

For larger networks Open Shortest Path First (OSPF) is often used instead of RIP. OSPF offers several benefits to the administrator of a large and/or complex network:

• Less network traffic:
• Routing table updates are sent only when a change has occurred.
• Only the part of the table which has changed is sent.
• Updates are sent to a multicast, not a broadcast, address

• Hierarchical management: allows the network to be subdivided.

The top level of the hierarchy of an OSPF network is known as an autonomous system (AS) or routing domain, and is a collection of networks with a common administration and routing strategy. The AS is divided into areas: intra-area routing is used when a source and destination address are in the same area, and inter-area routing across an OSPF backbone is used when they are not. An inter-area router communicates with border routers in each of the areas to which it provides connectivity.

The Sun Netra CP3240 switch operating as a router and running OSPF determines the best route using the assigned cost and the type of the OSPF route. The order for choosing a route if more than one type of route exists is as follows:

• Intra-area
• Inter-area
• External Type 1
• External Type 2

Configuring VLAN Routing With OSPF via CLI

The following example adds support for OSPF to the configuration created in the base VLAN routing example. The script shows the commands you would use to configure the Sun Netra CP3240 switch as an inter-area router. Refer to VLAN Routing Example Network Diagram.

Example 1: OSPF on FASTPATH as an Inter-area Router

Create the VLANs and enable VLAN routing.

vlan database
  vlan 10
  vlan 20
exit
 
config
  interface 0/2
    vlan participation include 10
  exit
  interface 0/3
    vlan participation include 20
  exit
exit
 
config
  vlan port tagging all 10
  vlan port tagging all 20
exit
 
config
  interface 0/2 
    vlan pvid 10
  exit
  interface 0/3
    vlan pvid 20
  exit
exit
 
vlan database
  vlan routing 10
  vlan routing 20
exit
 
show ip vlan 
 
config
  ip routing
exit
 
config
  interface 3/1
    ip address 192.150.3.1 255.255.255.0
  exit
  interface 3/2
    ip address 192.150.4.1 255.255.255.0
  exit
exit

Example 2: Specify the Router ID and Enable OSPF for the Switch

Specify the router ID.

config
  router ospf
    router-id 192.150.9.9
    enable
  exit
exit

Enable OSPF for the VLAN and physical router ports.

config
  interface 3/1
    ip ospf areaid 0.0.0.2
    ip ospf
  exit
  interface 3/2
    ip ospf areaid 0.0.0.3
    ip ospf
  exit
exit

Set the OSPF priority and cost for the VLAN and physical router ports.

config
  interface 3/1
    ip ospf priority 128
    ip ospf cost 32
  exit
  interface 3/2
  ip ospf priority 255
    ip ospf cost 64
  exit
exit

Configuring VLAN Routing via Web Interface

Use the following screens to perform the configuration described in the previous CLI sections, using the Web interface instead.

• Switching --> VLAN--> Configuration. To create the VLANs and specify port participation.
• Switching --> VLAN --> Port Configuration. To specify the handling of untagged frames on receipt, and whether frames will be transmitted tagged or untagged.
• Routing --> VLAN Routing --> Configuration. To enable VLAN routing and configure the ports.
• Routing --> IP --> Interface Configuration. To enable routing for the ports and configure their IP addresses and subnet masks. To enable routing for the switch and specify the router ID.
• Routing --> OSPF --> OSPF Info. To enable OSPF for the switch.
• Routing --> OSPF--> Interface Configuration. To enable OSPF for the ports and specify the priority and cost parameters.

Sun Netra CP3240 Switch User’s Guide

820-3252-11

© 2007 Diversified Technology, Inc. All Rights Reserved. © 2009 Sun Microsystems, Inc. All rights reserved.