9-2
Cisco ME 3400 EthernetAccess Switch SoftwareConfiguration Guide
78-17058-01
Chapter9 Configuring Interface Characteristics
Understanding Interface Types
Port-Based VLANs
A VLAN is a switched network that is logically segmented by function, team, or application, without
regard to the physical location of the users. For more information about VLANs, see Chapter11,
“Configuring VLANs.” Packets received on a port are forwarded only to ports that belong to the same
VLAN as the re ceiving port. Network devices in different VLANs cannot communicate with one another
without a Layer 3 device to route traffic between the VLANs.
VLAN partitions provide hard firewalls for traffic in the VLAN, and each VLAN has its own MAC
address table. A VLAN comes into existence when a local port is configured to be associated with the
VLAN or when a user creates a VLAN.
To isolate VLANs of different customers in a service-provider network, the Cisco ME switch uses UNI
VLANs. UNI VLANs isolate user network interfaces (UNIs) on t he sw it ch f rom UN Is tha t be long to
other customer VLANs:
UNI isolated VLAN—This is the default VLAN state for all VLANs created on the switch. Local
switching does not occur among UNIs on the switch that belong to the same UNI isolated VLAN.
UNI community VLAN—Local switching is allowed among UNIs on the switch that belong to the
same UNI community VLAN. If UNIs belong to the same customer, and you want to switch packets
between the ports, you can configure the common VLAN as a UNI community VLAN.
For more information about UNI VLANs, see the “UNI VLANs” section on page 11-5.
To configure VLANs, use the vlan vlan-id global configuration command to enter VLAN configuration
mode. The VLAN configurations for VLAN IDs 1 to 1005 are saved in the VLAN database.
Extended-range VLANs (VLAN IDs 1006 to 4094) are not ad de d to t he V L AN data base . VLA N
configuration is saved in the switch running configuration, and you can save it in the swit ch st art up
configuration file by entering the copy running-config startup-config privileged EXEC command.
Add ports to a VLAN by using the switchport interface configuration commands:
Identify the interface.
For a trunk port, set trunk characteristics, and if desired, define the VLANs to which it can belong.
For an access port, set and define the VLAN to which it belongs.
For a tunnel port, set and define the VLAN ID for the customer-specif ic VLAN ta g. See Chapter13,
“Configuring IEEE 802.1Q and Layer 2 Protocol Tunneling.”
Switch Ports
Switch ports are Layer 2 only interfaces associated with a physical port. Switch ports belong to one or
more VLANs. A switch port can be an access port, a trunk port, a private-VLAN port, or a tunnel port.
You can configure a port as an access port or trunk port. You configure a private VLAN port as a host or
promiscuous port that belongs to a private-VLAN primary or secondary VLAN. (Only NNIs can be
configured as promiscuous ports.) You must manually configure tunnel ports as part of an asymmetric
link connected to an IEEE 802.1Q trunk port. Switch ports are used for man aging the physical interface
and associated Layer 2 protocols and do not handle routin g or brid gi ng.
Configure switch ports by using the switchport interface configuration commands. Use the switchport
command with no keywords to put an interface that is in Layer 3 mode into Layer 2 mode.