1-8
z Enabling the management packets (including NDP packets, NTDP packets, and handshake
packets) to be transmitted in the management VLAN only, through which the management packets
are isolated from other packets and network security is improved.
z Enabling the management device and the member devices to communicate with each other in the
management VLAN.
Cluster management requires the packets of the management VLAN be permitted on ports connecting
the management device and the member/candidate devices. Therefore:
z If the packets of management VLAN are not permitted on a candidate device port connecting to the
management device, the candidate device cannot be added to the cluster. In this case, you can
enable the packets of the management VLAN to be permitted on the port through the management
VLAN auto-negotiation function.
z Packets of the management VLAN can be exchanged between the management device and a
member device/candidate device without carrying VLAN tags only when the default VLAN ID of
both the two ports connecting the management device and the member/candidate device is the
management VLAN. If the VLAN IDs of the both sides are not that of the management VLAN,
packets of the management VLAN need to be tagged.
z By default, the management VLAN interface is used as the network management interface.
z There is only one network management interface on a management device; any newly configured
network management interface will overwrite the old one.
In practice, you need to implement the following in a cluster sometimes:
z Know whether there is a loop in the cluster
z Locate which port on which switch initiates a network attack
z Determine the port and switch that a MAC address corresponds to
z Locate which switch in the cluster has a fault
z Check whether a link in the cluster and the devices on the link comply with the original plan
In these situations, you can use the tracemac command to trace a device in the cluster by specifying a
destination MAC address or IP address.
The procedures are as follows:
1) Determine whether the destination MAC address or destination IP address is used to trace a
device in the cluster
z If you use the tracemac command to trace the device by its MAC address, the switch will query its
MAC address table according to the MAC address and VLAN ID in the command to find out the port
connected with the downstream switch.
z If you use the tracemac command to trace the device by its IP address, the switch will query the
corresponding ARP entry of the IP address to find out the corresponding MAC address and VLAN
ID, and thus find out the port connected with the downstream switch.
2) After finding out the port connected with the downstream switch, the switch will send a multicast
packet with the VLAN ID and specified hops to the port. Upon receiving the packet, the