< Home

port trunk allow-pass only-vlan

Function

The port trunk allow-pass only-vlan command configures VLANs allowed by the interface that is configured as a trunk interface through LNP negotiation.

The undo port trunk allow-pass only-vlan command restores the default VLANs allowed by the interface that is configured as a trunk interface through LNP negotiation.

By default, if the Layer 2 Ethernet interface is negotiated as a trunk interface, the interface allows all VLANs.

Format

port trunk allow-pass only-vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | none }

undo port trunk allow-pass only-vlan

Parameters

Parameter Description Value
vlan-id1 [ to vlan-id2 ]
Specifies VLANs on a Layer 2 Ethernet interface so that the interface forwards only packets for these VLANs after LNP negotiation.
  • vlan-id1 specifies the first VLAN.
  • to vlan-id2 specifies the last VLAN. vlan-id2 must be greater than or equal to vlan-id1. vlan-id2 and vlan-id1 specify a VLAN range.
  • If to vlan-id2 is not specified, only the VLAN specified by vlan-id1 can be configured for the Layer 2 Ethernet interface.

In one port trunk allow-pass only-vlan command, a maximum of 10 VLAN ranges can be specified using to.

 The value is an integer ranging from 1 to 4094.
none

Specifies that the Layer 2 Ethernet interface cannot forward packets for any VLAN after the LNP negotiation.

 -

Views

Ethernet interface view, GE interface view, XGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, MultiGE interface view, VE interface view, Eth-Trunk interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

Link-type Negotiation Protocol (LNP) dynamically negotiates the link type of an Ethernet interface. The negotiated link type can be access or trunk.

In routine maintenance, if the network administrator wants to update the VLANs on a Layer 2 Ethernet interface so that the interface forwards only packets for these VLANs after LNP negotiation, perform the following operations in the corresponding interface view.

  1. Run the port trunk allow-pass vlan all command to delete all VLANs from the Layer 2 Ethernet interface.
  2. Run the port trunk allow-pass only-vlan { { vlan-id1 [ to vlan-id2 ] } &<1-10> | none } to update VLANs on the Layer 2 Ethernet interface so that the interface forwards only packets for these VLANs after LNP negotiation.

Alternatively, to simplify configurations and reduce the network administrator's maintenance workload, run the port trunk allow-pass only-vlan to update VLANs on the Layer 2 Ethernet interface so that the interface forwards only packets for these VLANs after LNP negotiation.

Prerequisites

The LNP function is supported on the Layer 2 Ethernet interface, and the Layer 2 Ethernet interface is configured to work in auto-negotiation mode using the port link-type negotiation command.

Example

# Configure VLANs 10 to 20 on the interface so that the interface forwards only packets for these VLANs.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet0/0/1
[HUAWEI-GigabitEthernet0/0/1] port trunk allow-pass only-vlan 10 to 20
Parent Topic: VLAN Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >